Re: [Qemu-devel] Windows 8 fails to boot

[Andreas Färber]

Hi,

Am 01.03.2012 05:24, schrieb Jun Koi:
> anybody tested Qemu with the Windows 8 Consumer Preview?
> 
> i tried the 32-bit ISO file with 1.0.1, with and without -enable-kvm,
> and Qemu reboots immediately after the first screen. that is no more
> than 10 seconds into the boot.

Alex has posted patches that supposedly make AHCI boot work.

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH] Userspace ARM BE8 support

[Andreas Färber]

Am 29.02.2012 16:40, schrieb Paul Brook:
> Add support for ARM BE8 userspace binaries.
> i.e. big-endian data and little-endian code.
> In principle LE8 mode is also possible, but AFAIK has never actually
> been implemented/used.
> 
> System emulation doesn't have any useable big-endian board models,
> but should in principle work once you fix that.
> Dynamic iendianness switching requires messing with data accesses,
> preferably with TCG cooperation, and is orthogonal to BE8 support.
> 
> Signed-off-by: Paul Brook 

Patch looks good in general. There's some braces missing though for ifs:
It's considered mandatory for new code, and we usually fix up old code
that we touch.

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] QOM: why "klass" used instead of "class" ?

[Andreas Färber]

Am 29.02.2012 10:05, schrieb 陳韋任:
> On Wed, Feb 29, 2012 at 10:59:54AM +0400, Michael Tokarev wrote:
>> On 29.02.2012 09:52, Evgeny Voevodin wrote:
>>> include/qemu/object.h:
>> []
>>>  * void my_device_class_init(ObjectClass *klass, void *class_data)
>>>  * {
>>>  * DeviceClass *dc = DEVICE_CLASS(klass);
>>>  * dc->reset = my_device_reset;
>>>  * }
>>>  *
>>>
>>> Why to use "klass", not "class"?
>>
>> Because in C++, "class" is a reserved word.  It is quite typical idiom
>> to replace class with klass in (public) headers.
> 
>   I thought QEMU is written in C, right? Is there anything related to C++?

A while back there was a patch that added a C++ audio backend, for
instance. I didn't get around to cleaning the patch up yet though.

Objective-C is used for the Cocoa frontend.

At least our headers should work with such C-derived languages.

clazz is another common alternative if you don't like klass. ;)

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] QOM: why "klass" used instead of "class" ?

[malc]

On Thu, 1 Mar 2012, Andreas F?rber wrote:

> Am 29.02.2012 10:05, schrieb ???:
> > On Wed, Feb 29, 2012 at 10:59:54AM +0400, Michael Tokarev wrote:
> >> On 29.02.2012 09:52, Evgeny Voevodin wrote:
> >>> include/qemu/object.h:
> >> []
> >>>  * void my_device_class_init(ObjectClass *klass, void *class_data)
> >>>  * {
> >>>  * DeviceClass *dc = DEVICE_CLASS(klass);
> >>>  * dc->reset = my_device_reset;
> >>>  * }
> >>>  *
> >>>
> >>> Why to use "klass", not "class"?
> >>
> >> Because in C++, "class" is a reserved word.  It is quite typical idiom
> >> to replace class with klass in (public) headers.
> > 
> >   I thought QEMU is written in C, right? Is there anything related to C++?
> 
> A while back there was a patch that added a C++ audio backend, for
> instance. I didn't get around to cleaning the patch up yet though.
> 

The real reason, ofcourse, is that germans are taking over the world,
nothing new here.

> Objective-C is used for the Cocoa frontend.
> 
> At least our headers should work with such C-derived languages.
> 
> clazz is another common alternative if you don't like klass. ;)
> 

-- 
mailto:av1...@comtv.ru

Re: [Qemu-devel] [PATCH v2] TCG: Convert global variables to be TLS.

[Andreas Färber]

Am 28.02.2012 04:13, schrieb Evgeny Voevodin:
> On 27.02.2012 16:35, Peter Maydell wrote:
>> A true multithreaded TCG is a large project, and unless we're
>> going to commit to doing that I don't see much value in making
>> some variables per-thread when we might instead need to do
>> larger refactorings (properly encapsulating the codegen
>> caches as qom objects, maybe?).
> 
> [...] qomification of translation caches is an interesting suggestion I
> think.

While I have come to like QOM and am using it for the CPUState, I don't
see the benefit in using it for these secondary structures. There are
already dedicated monitor commands to inspect them, no?

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH v2] TCG: Convert global variables to be TLS.

[Peter Maydell]

On 1 March 2012 08:22, Andreas Färber  wrote:
> Am 28.02.2012 04:13, schrieb Evgeny Voevodin:
>> On 27.02.2012 16:35, Peter Maydell wrote:
>>> A true multithreaded TCG is a large project, and unless we're
>>> going to commit to doing that I don't see much value in making
>>> some variables per-thread when we might instead need to do
>>> larger refactorings (properly encapsulating the codegen
>>> caches as qom objects, maybe?).
>>
>> [...] qomification of translation caches is an interesting suggestion I
>> think.
>
> While I have come to like QOM and am using it for the CPUState, I don't
> see the benefit in using it for these secondary structures. There are
> already dedicated monitor commands to inspect them, no?

Mostly I was thinking about the encapsulation of knowing which data
structures are associated with a translation cache and letting you
have more than one of them. You could do that with a plain struct
but since we have this OO infrastructure now why not use it?

-- PMM

Re: [Qemu-devel] QOM: why "klass" used instead of "class" ?

[Andreas Färber]

Am 01.03.2012 09:17, schrieb malc:
> On Thu, 1 Mar 2012, Andreas F?rber wrote:
> 
>> Am 29.02.2012 10:05, schrieb ???:
>>> On Wed, Feb 29, 2012 at 10:59:54AM +0400, Michael Tokarev wrote:
 On 29.02.2012 09:52, Evgeny Voevodin wrote:
> include/qemu/object.h:
 []
>  * void my_device_class_init(ObjectClass *klass, void *class_data)
>  * {
>  * DeviceClass *dc = DEVICE_CLASS(klass);
>  * dc->reset = my_device_reset;
>  * }
>  *
>
> Why to use "klass", not "class"?

 Because in C++, "class" is a reserved word.  It is quite typical idiom
 to replace class with klass in (public) headers.
>>>
>>>   I thought QEMU is written in C, right? Is there anything related to C++?
>>
>> A while back there was a patch that added a C++ audio backend, for
>> instance. I didn't get around to cleaning the patch up yet though.
>>
> 
> The real reason, ofcourse, is that germans are taking over the world,
> nothing new here.

Actually the Haiku patch was by a Swiss and Anthony is American I guess.

In German it would be Klasse. ;)

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] QOM: why "klass" used instead of "class" ?

[malc]

On Thu, 1 Mar 2012, Andreas F?rber wrote:

> Am 01.03.2012 09:17, schrieb malc:
> > On Thu, 1 Mar 2012, Andreas F?rber wrote:
> > 
> >> Am 29.02.2012 10:05, schrieb ???:
> >>> On Wed, Feb 29, 2012 at 10:59:54AM +0400, Michael Tokarev wrote:
>  On 29.02.2012 09:52, Evgeny Voevodin wrote:
> > include/qemu/object.h:
>  []
> >  * void my_device_class_init(ObjectClass *klass, void *class_data)
> >  * {
> >  * DeviceClass *dc = DEVICE_CLASS(klass);
> >  * dc->reset = my_device_reset;
> >  * }
> >  *
> >
> > Why to use "klass", not "class"?
> 
>  Because in C++, "class" is a reserved word.  It is quite typical idiom
>  to replace class with klass in (public) headers.
> >>>
> >>>   I thought QEMU is written in C, right? Is there anything related to C++?
> >>
> >> A while back there was a patch that added a C++ audio backend, for
> >> instance. I didn't get around to cleaning the patch up yet though.
> >>
> > 
> > The real reason, ofcourse, is that germans are taking over the world,
> > nothing new here.
> 
> Actually the Haiku patch was by a Swiss and Anthony is American I guess.
> 
> In German it would be Klasse. ;)

Ich weiss das >B)

-- 
mailto:av1...@comtv.ru

Re: [Qemu-devel] [RFC][PATCH 01/14 v7] Add API to create memory mapping list

[HATAYAMA Daisuke]

From: Wen Congyang 
Subject: [RFC][PATCH 01/14 v7] Add API to create memory mapping list
Date: Thu, 01 Mar 2012 10:39:35 +0800

> +static void memory_mapping_list_add_mapping_sorted(MemoryMappingList *list,
> +   MemoryMapping *mapping)

> +void memory_mapping_list_add_sorted(MemoryMappingList *list,

These functions not only sort but also merge elements of mapping
list. Is there another name that represents what these are doing more
properly?

> +target_phys_addr_t phys_addr,
> +target_phys_addr_t virt_addr,
> +ram_addr_t length)
> +{
> +MemoryMapping *memory_mapping, *last_mapping;
> +
> +if (QTAILQ_EMPTY(&list->head)) {
> +create_new_memory_mapping(list, phys_addr, virt_addr, length);
> +return;
> +}
> +
> +last_mapping = list->last_mapping;
> +if (last_mapping) {
> +if ((phys_addr == (last_mapping->phys_addr + last_mapping->length)) 
> &&
> +(virt_addr == (last_mapping->virt_addr + last_mapping->length))) 
> {
> +last_mapping->length += length;
> +return;
> +}
> +}
> +
> +QTAILQ_FOREACH(memory_mapping, &list->head, next) {
> +last_mapping = memory_mapping;
> +if ((phys_addr == (last_mapping->phys_addr + last_mapping->length)) 
> &&
> +(virt_addr == (last_mapping->virt_addr + last_mapping->length))) 
> {
> +last_mapping->length += length;
> +list->last_mapping = last_mapping;
> +return;
> +}

Please don't use a single variable in multiple meanings in the same
function. It appears to me that the variable last_mapping is used as
n-th entry connected to the list->head within this for loop. So
this_mapping, for example, is reasonable rather than last_mapping. All
use of last_mapping within the for loop can be replaced with
memory_mapping, right?

> +
> +if (phys_addr + length < last_mapping->phys_addr) {
> +/* create a new region before last_mapping */
> +break;
> +}
> +
> +if (phys_addr >= (last_mapping->phys_addr + last_mapping->length)) {
> +/* last_mapping does not contain this region */
> +continue;
> +}
> +
> +if ((virt_addr - last_mapping->virt_addr) !=
> +(phys_addr - last_mapping->phys_addr)) {
> +/*
> + * last_mapping contains this region, but we cannot merge this
> + * region into last_mapping. Try the next memory mapping.
> + */
> +continue;
> +}

Does this condition means the current mapping and the last mapping are
contiguous both phisically and viurtually? If so, it's better to write
the condition so readers can understand that more easily.

> +
> +/* merge this region into last_mapping */
> +if (virt_addr < last_mapping->virt_addr) {
> +last_mapping->length += last_mapping->virt_addr - virt_addr;
> +last_mapping->virt_addr = virt_addr;
> +}
> +
> +if ((virt_addr + length) >
> +(last_mapping->virt_addr + last_mapping->length)) {
> +last_mapping->length = virt_addr + length - 
> last_mapping->virt_addr;
> +}
> +
> +list->last_mapping = last_mapping;
> +return;
> +}
> +
> +/* this region can not be merged into any existed memory mapping. */
> +create_new_memory_mapping(list, phys_addr, virt_addr, length);
> +}

How about adding helper functions for expressing each conditionals?
Just like below. Then I think the code gets more readable.

  bool mapping_proper_succeor(MemoryMapping *map,
  target_phys_addr_t phys_addr,
  target_virt_addr_t virt_addr);
  bool mapping_physically_contains(MemoryMapping *map,
target_phys_addr_t phys_addr);
  bool mapping_physically_virtually_contiguous(MemoryMapping *map,
   target_phys_addr_t phys_addr,
   target_virt_addr_t virt_addr);
  void mapping_merge(MemoryMapping *map, target_phys_addr_t phys_addr,
 target_virt_addr_t virt_addr);

I'm not confident of the naming, these are example, and assuming
define all as static inline functions.

Thanks.
HATAYAMA, Daisuke

Re: [Qemu-devel] [RFC][PATCH 01/14 v7] Add API to create memory mapping list

[Wen Congyang]

At 03/01/2012 04:33 PM, HATAYAMA Daisuke Wrote:
> From: Wen Congyang 
> Subject: [RFC][PATCH 01/14 v7] Add API to create memory mapping list
> Date: Thu, 01 Mar 2012 10:39:35 +0800
> 
>> +static void memory_mapping_list_add_mapping_sorted(MemoryMappingList *list,
>> +   MemoryMapping *mapping)
> 
>> +void memory_mapping_list_add_sorted(MemoryMappingList *list,
> 
> These functions not only sort but also merge elements of mapping
> list. Is there another name that represents what these are doing more
> properly?
> 
>> +target_phys_addr_t phys_addr,
>> +target_phys_addr_t virt_addr,
>> +ram_addr_t length)
>> +{
>> +MemoryMapping *memory_mapping, *last_mapping;
>> +
>> +if (QTAILQ_EMPTY(&list->head)) {
>> +create_new_memory_mapping(list, phys_addr, virt_addr, length);
>> +return;
>> +}
>> +
>> +last_mapping = list->last_mapping;
>> +if (last_mapping) {
>> +if ((phys_addr == (last_mapping->phys_addr + last_mapping->length)) 
>> &&
>> +(virt_addr == (last_mapping->virt_addr + 
>> last_mapping->length))) {
>> +last_mapping->length += length;
>> +return;
>> +}
>> +}
>> +
>> +QTAILQ_FOREACH(memory_mapping, &list->head, next) {
>> +last_mapping = memory_mapping;
>> +if ((phys_addr == (last_mapping->phys_addr + last_mapping->length)) 
>> &&
>> +(virt_addr == (last_mapping->virt_addr + 
>> last_mapping->length))) {
>> +last_mapping->length += length;
>> +list->last_mapping = last_mapping;
>> +return;
>> +}
> 
> Please don't use a single variable in multiple meanings in the same
> function. It appears to me that the variable last_mapping is used as
> n-th entry connected to the list->head within this for loop. So
> this_mapping, for example, is reasonable rather than last_mapping. All
> use of last_mapping within the for loop can be replaced with
> memory_mapping, right?

OK

> 
>> +
>> +if (phys_addr + length < last_mapping->phys_addr) {
>> +/* create a new region before last_mapping */
>> +break;
>> +}
>> +
>> +if (phys_addr >= (last_mapping->phys_addr + last_mapping->length)) {
>> +/* last_mapping does not contain this region */
>> +continue;
>> +}
>> +
>> +if ((virt_addr - last_mapping->virt_addr) !=
>> +(phys_addr - last_mapping->phys_addr)) {
>> +/*
>> + * last_mapping contains this region, but we cannot merge this
>> + * region into last_mapping. Try the next memory mapping.
>> + */
>> +continue;
>> +}
> 
> Does this condition means the current mapping and the last mapping are
> contiguous both phisically and viurtually? If so, it's better to write
> the condition so readers can understand that more easily.

current mapping and last mapping are always contiguous both phisically and
virtually.

> 
>> +
>> +/* merge this region into last_mapping */
>> +if (virt_addr < last_mapping->virt_addr) {
>> +last_mapping->length += last_mapping->virt_addr - virt_addr;
>> +last_mapping->virt_addr = virt_addr;
>> +}
>> +
>> +if ((virt_addr + length) >
>> +(last_mapping->virt_addr + last_mapping->length)) {
>> +last_mapping->length = virt_addr + length - 
>> last_mapping->virt_addr;
>> +}
>> +
>> +list->last_mapping = last_mapping;
>> +return;
>> +}
>> +
>> +/* this region can not be merged into any existed memory mapping. */
>> +create_new_memory_mapping(list, phys_addr, virt_addr, length);
>> +}
> 
> How about adding helper functions for expressing each conditionals?
> Just like below. Then I think the code gets more readable.
> 
>   bool mapping_proper_succeor(MemoryMapping *map,
>   target_phys_addr_t phys_addr,
>   target_virt_addr_t virt_addr);
>   bool mapping_physically_contains(MemoryMapping *map,
> target_phys_addr_t phys_addr);
>   bool mapping_physically_virtually_contiguous(MemoryMapping *map,
>target_phys_addr_t phys_addr,
>target_virt_addr_t virt_addr);
>   void mapping_merge(MemoryMapping *map, target_phys_addr_t phys_addr,
>  target_virt_addr_t virt_addr);
> 
> I'm not confident of the naming, these are example, and assuming
> define all as static inline functions.

Hmm, I think this inline functions make the code more readable. So I will
modify my code.

Thanks
Wen Congyang

> 
> Thanks.
> HATAYAMA, Daisuke
> 
> 

Re: [Qemu-devel] [PATCH] qemu-iotests: Filter out DOS line endings

[Kevin Wolf]

Am 29.02.2012 18:32, schrieb Eric Blake:
> On 02/29/2012 06:59 AM, Kevin Wolf wrote:
>> This one makes it possible to run qemu-iotests on a Windows build using Wine
>> and get somewhat meaningful results.
>>
>> Signed-off-by: Kevin Wolf 
>> ---
>>  tests/qemu-iotests/common.filter |8 +++-
>>  1 files changed, 7 insertions(+), 1 deletions(-)
>>
>> diff --git a/tests/qemu-iotests/common.filter 
>> b/tests/qemu-iotests/common.filter
>> index da77ede..fa26b62 100644
>> --- a/tests/qemu-iotests/common.filter
>> +++ b/tests/qemu-iotests/common.filter
>> @@ -140,10 +140,16 @@ _filter_imgfmt()
>>  sed -e "s#$IMGFMT#IMGFMT#g"
>>  }
>>  
>> +# Removes \r from messages
>> +_filter_win32()
>> +{
>> +sed -e 's/\r//g'
> 
> POSIX does not require sed to recognize \r as a synonym for carriage
> return.  You are better off using tr(1) (tr -d '\r') if all you want to
> do is strip carriage returns in a POSIX-compliant manner.  Also be aware
> that on Solaris, you have to make sure you are using a PATH that first
> finds a POSIX-compliant tr.

But who will run qemu-iotests on Wine on Solaris? Running it on Wine on
Linux is already crazy enough. IIUC the sed call won't break anything,
it may just not work and won't strip out the carriage returns. Well, bad
luck, try a sane setup instead.

(I would see it different if this was ./configure, but it is a test case
output filter)

Kevin

Re: [Qemu-devel] [SeaBIOS] [Seabios] [PATCH 0/6] 64bit PCI BARs allocations (take 2)

[Gerd Hoffmann]

  Hi,

> a) Provide 64bit bar support for PCI BARs and bridges with 64bit memory
> window.

Bridge support seems to be completely untested.  /me has a test setup
using mst's bridge patches which looks like this:

[root@fedora ~]# lspci -tv
-[:00]-+-00.0  Intel Corporation 440FX - 82441FX PMC [Natoma]
   +-01.0  Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
   +-01.1  Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
   +-01.2  Intel Corporation 82371SB PIIX3 USB [Natoma/Triton II]
   +-01.3  Intel Corporation 82371AB/EB/MB PIIX4 ACPI
   +-02.0  Red Hat, Inc. Device 0100
   +-03.0  Red Hat, Inc Virtio network device
   +-05.0  Red Hat, Inc Virtio console
   +-06.0  Intel Corporation 82801AA AC'97 Audio Controller
   +-0a.0  Red Hat, Inc Device 1009
   +-0b.0  Red Hat, Inc Device 1009
   +-10.0-[01]01.0  Red Hat, Inc Device 1110
   +-10.1-[02]01.0  Red Hat, Inc Virtio memory balloon
   +-10.2-[03]--
   +-10.3-[04]--
   +-11.0-[05-07]--+-01.0-[06]--+-01.0  Red Hat, Inc Device 1110
   |   |\-02.0  Red Hat, Inc Device 1110
   |   \-02.0-[07]--+-01.0  Red Hat, Inc Device 1110
   |\-02.0  Red Hat, Inc Device 1110
   +-1d.0  Intel Corporation 82801I (ICH9 Family) USB UHCI
Controller #1
   +-1d.1  Intel Corporation 82801I (ICH9 Family) USB UHCI
Controller #2
   +-1d.2  Intel Corporation 82801I (ICH9 Family) USB UHCI
Controller #3
   +-1d.7  Intel Corporation 82801I (ICH9 Family) USB2 EHCI
Controller #1
   \-1f.0  Intel Corporation 82801IR/IO/IH (ICH9R/DO/DH) 6 port
SATA AHCI Controller

The linux kernel completely redoes the bridge resource assignment.  The
seabios log looks sane for the root bus devices but not for devices
behind bridges:

=== PCI new allocation pass #2 ===
PCI region entry: bdf=00:06.0 BAR 0 base=0xc000
size=0x0400 [io, 32bits]
PCI region entry: bdf=00:06.0 BAR 1 base=0xc400
size=0x0100 [io, 32bits]
PCI region entry: bdf=00:0b.0 BAR 0 base=0xc500
size=0x0040 [io, 32bits]
PCI region entry: bdf=00:0a.0 BAR 0 base=0xc540
size=0x0040 [io, 32bits]
PCI region entry: bdf=00:1f.0 BAR 4 base=0xc580
size=0x0020 [io, 32bits]
PCI region entry: bdf=00:1d.2 BAR 4 base=0xc5a0
size=0x0020 [io, 32bits]
PCI region entry: bdf=00:1d.1 BAR 4 base=0xc5c0
size=0x0020 [io, 32bits]
PCI region entry: bdf=00:1d.0 BAR 4 base=0xc5e0
size=0x0020 [io, 32bits]
PCI region entry: bdf=00:05.0 BAR 0 base=0xc600
size=0x0020 [io, 32bits]
PCI region entry: bdf=00:03.0 BAR 0 base=0xc620
size=0x0020 [io, 32bits]
PCI region entry: bdf=00:02.0 BAR 3 base=0xc640
size=0x0020 [io, 32bits]
PCI region entry: bdf=00:01.2 BAR 4 base=0xc660
size=0x0020 [io, 32bits]
PCI region entry: bdf=00:01.1 BAR 4 base=0xc680
size=0x0010 [io, 32bits]
PCI region entry: bdf=00:02.0 BAR 0 base=0xf800
size=0x0400 [mem, 32bits]
PCI region entry: bdf=00:02.0 BAR 1 base=0xfc00
size=0x0100 [mem, 32bits]
PCI region entry: bdf=00:03.0 BAR 6 base=0xfd00
size=0x0001 [mem, 32bits]
PCI region entry: bdf=00:02.0 BAR 6 base=0xfd01
size=0x0001 [mem, 32bits]
PCI region entry: bdf=00:02.0 BAR 2 base=0xfd02
size=0x2000 [mem, 32bits]
PCI region entry: bdf=00:1f.0 BAR 5 base=0xfd022000
size=0x1000 [mem, 32bits]
PCI region entry: bdf=00:1d.7 BAR 0 base=0xfd023000
size=0x1000 [mem, 32bits]
PCI region entry: bdf=00:0b.0 BAR 1 base=0xfd024000
size=0x1000 [mem, 32bits]
PCI region entry: bdf=00:0a.0 BAR 1 base=0xfd025000
size=0x1000 [mem, 32bits]
PCI region entry: bdf=00:05.0 BAR 1 base=0xfd026000
size=0x1000 [mem, 32bits]
PCI region entry: bdf=00:03.0 BAR 1 base=0xfd027000
size=0x1000 [mem, 32bits]
PCI region entry: bdf=00:02.0 BAR 4 base=0xe000
size=0x1000 [prefmem, 64bits]
PCI region entry: bdf=01:01.0 BAR 0 base=0x
size=0x1000 [mem, 32bits]
PCI region entry: bdf=01:01.0 BAR 2 base=0x
size=0x4000 [prefmem, 64bits]
PCI region entry: bdf=02:01.0 BAR 0 base=0x
size=0x0020 [io, 32bits]
PCI region entry: bdf=06:02.0 BAR 0 base=0x
size=0x1000 [mem, 32bits]
PCI region entry: bdf=06:01.0 BAR 0 base=0x1000
size=0x1000 [mem, 32bits]
PCI region entry: bdf=06:02.0 BAR 2 base=0x
size=0x0200 [prefmem, 64

Re: [Qemu-devel] [PATCH v2] TCG: Convert global variables to be TLS.

[陳韋任]

> If you're serious about multithreading TCG then I think the first
> steps are:
>  * fix existing race conditions
>  * think very hard
>  * come up with an overall design for what you're proposing

  As COREMU [1] point out, current QEMU atomic instruction emulation approach is
problematic. For example, guest application might use x86 xchg instruction to
implement spin lock/unlock (addr is a shared memory space).


  spin_unlock:   spin_lock:
 
 try:
   r10 = 1;
   xchg addr, r10;
   if (r10 == 0)
 goto success;
  *addr = 0; fail:
   pause;
   if (*addr != 0)
 goto fail;

   goto try;

 success:

 
After QEMU translation, guest xchg instruction becomes

  spin_unlock:   spin_lock:

 helper_lock;

  *addr = 0; T0 = r10;
 T1 = *addr;
 *addr = T0;
 r10 = T1;

 helper_unlock;

  You can the see the atomicity on which spin lock/unlock rely is broken.
"*addr = 0" can happened in the between of helper_lock/helper_unlock.
COREMU solve this by using a lightway software transaction memory to emulate
atomic instructions. I think this issue is quite important if we want to make
TCG multithreaded, right? Is there a better way to solve this?

Regards,
chenwj

[1]
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.187.6011&rep=rep1&type=pdf

-- 
Wei-Ren Chen (陳韋任)
Computer Systems Lab, Institute of Information Science,
Academia Sinica, Taiwan (R.O.C.)
Tel:886-2-2788-3799 #1667
Homepage: http://people.cs.nctu.edu.tw/~chenwj

Re: [Qemu-devel] [SeaBIOS] [PATCH 4/6] Mapping of BARs and Bridge regions

[Gerd Hoffmann]

On 03/01/12 07:57, Alexey Korolev wrote:
> In pci_bios_map_regions() we try to reserve memory for 
> all entries of root bus regions.
> If pci_bios_init_root_regions() fails - e.g no enough space, we create two 
> new pci_regions:
> r64pref, r64mem and migrate all entries which are 64bit capable to them. 
> Migration process
> is very simple: delete the entry from one list add to another.

It isn't that simple.  There are a bunch of constrains.  First the
bridge must be 64bit capable.  All bridges up to the root bus in case of
nested bridges.  Second all other prefmem bars of devices behind the
bridge must be 64bit capable too.  Again, in case of nested bridges this
applies to all devices behind the toplevel bridge.

cheers,
  Gerd

Re: [Qemu-devel] [PATCH] We should check virtio_load return code

[Amit Shah]

On (Tue) 28 Feb 2012 [15:31:07], Orit Wasserman wrote:
> Otherwise we crash on error.

A description on how to reproduce the crash would be nice.

> Signed-off-by: Orit Wasserman 
> Signed-off-by: Ulrich Obergfell 

Acked-by: Amit Shah 

Amit

[Qemu-devel] [PATCH] usb: Fix signature of stub usb_host_device_open

[Jan Kiszka]

This was a breakage of 3741715cf2.

Signed-off-by: Jan Kiszka 
---
 usb-stub.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/usb-stub.c b/usb-stub.c
index 9c3fcea..b4e10c1 100644
--- a/usb-stub.c
+++ b/usb-stub.c
@@ -41,7 +41,7 @@ void usb_host_info(Monitor *mon)
 }
 
 /* XXX: modify configure to compile the right host driver */
-USBDevice *usb_host_device_open(const char *devname)
+USBDevice *usb_host_device_open(USBBus *bus, const char *devname)
 {
 return NULL;
 }
-- 
1.7.3.4

Re: [Qemu-devel] Windows 8 fails to boot

[Alexander Graf]

On 01.03.2012, at 09:00, Andreas Färber wrote:

> Hi,
> 
> Am 01.03.2012 05:24, schrieb Jun Koi:
>> anybody tested Qemu with the Windows 8 Consumer Preview?
>> 
>> i tried the 32-bit ISO file with 1.0.1, with and without -enable-kvm,
>> and Qemu reboots immediately after the first screen. that is no more
>> than 10 seconds into the boot.
> 
> Alex has posted patches that supposedly make AHCI boot work.

Yes, but TCG mode also failed on me. I only tried the x64 version though.


Alex

Re: [Qemu-devel] Windows 8 fails to boot

[Jan Kiszka]

On 2012-03-01 10:46, Alexander Graf wrote:
> 
> On 01.03.2012, at 09:00, Andreas Färber wrote:
> 
>> Hi,
>>
>> Am 01.03.2012 05:24, schrieb Jun Koi:
>>> anybody tested Qemu with the Windows 8 Consumer Preview?
>>>
>>> i tried the 32-bit ISO file with 1.0.1, with and without -enable-kvm,
>>> and Qemu reboots immediately after the first screen. that is no more
>>> than 10 seconds into the boot.
>>
>> Alex has posted patches that supposedly make AHCI boot work.
> 
> Yes, but TCG mode also failed on me. I only tried the x64 version though.

Have you tried some real CPU model like -cpu Nehalem? At least qemu64 is
broken for any recent Windows.

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] Windows 8 fails to boot

[Gleb Natapov]

On Thu, Mar 01, 2012 at 10:46:37AM +0100, Alexander Graf wrote:
> 
> On 01.03.2012, at 09:00, Andreas Färber wrote:
> 
> > Hi,
> > 
> > Am 01.03.2012 05:24, schrieb Jun Koi:
> >> anybody tested Qemu with the Windows 8 Consumer Preview?
> >> 
> >> i tried the 32-bit ISO file with 1.0.1, with and without -enable-kvm,
> >> and Qemu reboots immediately after the first screen. that is no more
> >> than 10 seconds into the boot.
> > 
> > Alex has posted patches that supposedly make AHCI boot work.
> 
> Yes, but TCG mode also failed on me. I only tried the x64 version though.
> 
> 
Why AHCI is needed? I was able to install it on ide (qemu-kvm -cpu
host).

--
Gleb.

Re: [Qemu-devel] [PATCH] We should check virtio_load return code

[Markus Armbruster]

Amit Shah  writes:

> On (Tue) 28 Feb 2012 [15:31:07], Orit Wasserman wrote:
>> Otherwise we crash on error.
>
> A description on how to reproduce the crash would be nice.

Seconded.  No bug fix is complete without instructions to reproduce.

[...]

Re: [Qemu-devel] Fail to share Samba directory with guest

[Jan Kiszka]

On 2012-03-01 05:21, Jun Koi wrote:
> On Tue, Feb 28, 2012 at 9:43 AM, Jun Koi  wrote:
>> On Tue, Feb 28, 2012 at 12:08 AM, Shu Ming  
>> wrote:
>>> On 2012-2-27 17:21, Jun Koi wrote:

 hi,

 on qemu 1.0.1, i am trying to share a host directory with the Windows
 guest like below:

 qemu-system-i386 -enable-kvm -m 1000 -net nic,model=rtl8139 -net
 user,smb=/tmp img.winxp

 but in the guest, \\10.0.2.4 doesnt show me any shared directory.

 i already run Samba on the host (default configuration).

 did i miss something, or is it a bug??
>>>
>>>
>>> So 10.0.2.4 is your host IP with samba server?   And what's the network the
>>> guest belongs to?
>>>
>>
>> according to some network schemes used by Qemu, 10.0.2.4 is the IP of
>> the Samba server (DHCP: 10.0.2.2, DNS: 10.0.2.3, Samba: 10.0.2.4)
>>
>> http://en.wikibooks.org/wiki/QEMU/Networking
>>
>> i tried \\10.0.2.2, but dont see any share folder, either.
> 
> i tested again, and again, but Samba sharing folder never work for me.
> meanwhile, my guest can see the folder shared configured in 
> /etc/samba/smb.conf
> 
> so this is definitely a bug. perhaps the Samba setting in net/slirp.c is 
> wrong?
> the current configuration is like below. i am not experienced with
> Samba, so cannot figure out what is wrong.
> 
> btw, it seems the Qemu unittest ignore this sharing folder testing?
> 
> thanks,
> Ju
> 
> 
> // from net/slirp.c, function slirp_smb()
>fprintf(f,
> "[global]\n"
> "private dir=%s\n"
> "smb ports=0\n"
> "socket address=127.0.0.1\n"
> "pid directory=%s\n"
> "lock directory=%s\n"
> "log file=%s/log.smbd\n"
> "smb passwd file=%s/smbpasswd\n"
> "security = share\n"
> "[qemu]\n"
> "path=%s\n"
> "read only=no\n"
> "guest ok=yes\n",
> s->smb_dir,
> s->smb_dir,
> s->smb_dir,
> s->smb_dir,
> s->smb_dir,
> exported_dir
> );
> 
> 

Works fine here with samba 3.5.7 (from OpenSuse 11.4) and a Linux guest.
What's your samba version? What's your guest?

Also, you said you are running another samba on the host. What changes
if you stop it temporally?

Jan



signature.asc
Description: OpenPGP digital signature

Re: [Qemu-devel] Windows 8 fails to boot

[Alexander Graf]

On 01.03.2012, at 10:54, Gleb Natapov wrote:

> On Thu, Mar 01, 2012 at 10:46:37AM +0100, Alexander Graf wrote:
>> 
>> On 01.03.2012, at 09:00, Andreas Färber wrote:
>> 
>>> Hi,
>>> 
>>> Am 01.03.2012 05:24, schrieb Jun Koi:
 anybody tested Qemu with the Windows 8 Consumer Preview?
 
 i tried the 32-bit ISO file with 1.0.1, with and without -enable-kvm,
 and Qemu reboots immediately after the first screen. that is no more
 than 10 seconds into the boot.
>>> 
>>> Alex has posted patches that supposedly make AHCI boot work.
>> 
>> Yes, but TCG mode also failed on me. I only tried the x64 version though.
>> 
>> 
> Why AHCI is needed? I was able to install it on ide (qemu-kvm -cpu
> host).

It's not needed, it's just faster. Andreas was trying to say that I did run 
Windows 8, because I had it working with AHCI. :)


Alex

Re: [Qemu-devel] Windows 8 fails to boot

[Gleb Natapov]

On Thu, Mar 01, 2012 at 11:08:17AM +0100, Alexander Graf wrote:
> 
> On 01.03.2012, at 10:54, Gleb Natapov wrote:
> 
> > On Thu, Mar 01, 2012 at 10:46:37AM +0100, Alexander Graf wrote:
> >> 
> >> On 01.03.2012, at 09:00, Andreas Färber wrote:
> >> 
> >>> Hi,
> >>> 
> >>> Am 01.03.2012 05:24, schrieb Jun Koi:
>  anybody tested Qemu with the Windows 8 Consumer Preview?
>  
>  i tried the 32-bit ISO file with 1.0.1, with and without -enable-kvm,
>  and Qemu reboots immediately after the first screen. that is no more
>  than 10 seconds into the boot.
> >>> 
> >>> Alex has posted patches that supposedly make AHCI boot work.
> >> 
> >> Yes, but TCG mode also failed on me. I only tried the x64 version though.
> >> 
> >> 
> > Why AHCI is needed? I was able to install it on ide (qemu-kvm -cpu
> > host).
> 
> It's not needed, it's just faster. Andreas was trying to say that I did run 
> Windows 8, because I had it working with AHCI. :)
> 
> 
Ah, got it. Well, I confirm that it runs, but installing it was the least
pleasant computer experience I ever had, so why bother? :)

--
Gleb.

Re: [Qemu-devel] Fail to share Samba directory with guest

[Jun Koi]

On Thu, Mar 1, 2012 at 5:59 PM, Jan Kiszka  wrote:
> On 2012-03-01 05:21, Jun Koi wrote:
>> On Tue, Feb 28, 2012 at 9:43 AM, Jun Koi  wrote:
>>> On Tue, Feb 28, 2012 at 12:08 AM, Shu Ming  
>>> wrote:
 On 2012-2-27 17:21, Jun Koi wrote:
>
> hi,
>
> on qemu 1.0.1, i am trying to share a host directory with the Windows
> guest like below:
>
> qemu-system-i386 -enable-kvm -m 1000 -net nic,model=rtl8139 -net
> user,smb=/tmp img.winxp
>
> but in the guest, \\10.0.2.4 doesnt show me any shared directory.
>
> i already run Samba on the host (default configuration).
>
> did i miss something, or is it a bug??


 So 10.0.2.4 is your host IP with samba server?   And what's the network the
 guest belongs to?

>>>
>>> according to some network schemes used by Qemu, 10.0.2.4 is the IP of
>>> the Samba server (DHCP: 10.0.2.2, DNS: 10.0.2.3, Samba: 10.0.2.4)
>>>
>>> http://en.wikibooks.org/wiki/QEMU/Networking
>>>
>>> i tried \\10.0.2.2, but dont see any share folder, either.
>>
>> i tested again, and again, but Samba sharing folder never work for me.
>> meanwhile, my guest can see the folder shared configured in 
>> /etc/samba/smb.conf
>>
>> so this is definitely a bug. perhaps the Samba setting in net/slirp.c is 
>> wrong?
>> the current configuration is like below. i am not experienced with
>> Samba, so cannot figure out what is wrong.
>>
>> btw, it seems the Qemu unittest ignore this sharing folder testing?
>>
>> thanks,
>> Ju
>>
>>
>> // from net/slirp.c, function slirp_smb()
>>        fprintf(f,
>>             "[global]\n"
>>             "private dir=%s\n"
>>             "smb ports=0\n"
>>             "socket address=127.0.0.1\n"
>>             "pid directory=%s\n"
>>             "lock directory=%s\n"
>>             "log file=%s/log.smbd\n"
>>             "smb passwd file=%s/smbpasswd\n"
>>             "security = share\n"
>>             "[qemu]\n"
>>             "path=%s\n"
>>             "read only=no\n"
>>             "guest ok=yes\n",
>>             s->smb_dir,
>>             s->smb_dir,
>>             s->smb_dir,
>>             s->smb_dir,
>>             s->smb_dir,
>>             exported_dir
>>             );
>>
>>
>
> Works fine here with samba 3.5.7 (from OpenSuse 11.4) and a Linux guest.
> What's your samba version? What's your guest?

this is samba 3.4.7, on Ubuntu 10.4. and the guest is Windows XP, latest update.

>
> Also, you said you are running another samba on the host. What changes
> if you stop it temporally?

another samba? i dont understand. i mean i am running smbd on the
host, and that is the only samba i run.
if i stop that, how can the guest still see the samba folder?

or do you mean that there is internal samba built-in inside Qemu, and
Samba on the host must be off?
that doesnt seem so, because ./configure always looks for the smbd at
compilation process.

thanks,
Jun

Re: [Qemu-devel] Windows 8 fails to boot

[Jun Koi]

On Thu, Mar 1, 2012 at 6:11 PM, Gleb Natapov  wrote:
> On Thu, Mar 01, 2012 at 11:08:17AM +0100, Alexander Graf wrote:
>>
>> On 01.03.2012, at 10:54, Gleb Natapov wrote:
>>
>> > On Thu, Mar 01, 2012 at 10:46:37AM +0100, Alexander Graf wrote:
>> >>
>> >> On 01.03.2012, at 09:00, Andreas Färber wrote:
>> >>
>> >>> Hi,
>> >>>
>> >>> Am 01.03.2012 05:24, schrieb Jun Koi:
>>  anybody tested Qemu with the Windows 8 Consumer Preview?
>> 
>>  i tried the 32-bit ISO file with 1.0.1, with and without -enable-kvm,
>>  and Qemu reboots immediately after the first screen. that is no more
>>  than 10 seconds into the boot.
>> >>>
>> >>> Alex has posted patches that supposedly make AHCI boot work.
>> >>
>> >> Yes, but TCG mode also failed on me. I only tried the x64 version though.
>> >>
>> >>
>> > Why AHCI is needed? I was able to install it on ide (qemu-kvm -cpu
>> > host).
>>
>> It's not needed, it's just faster. Andreas was trying to say that I did run 
>> Windows 8, because I had it working with AHCI. :)
>>
>>
> Ah, got it. Well, I confirm that it runs, but installing it was the least
> pleasant computer experience I ever had, so why bother? :)
>

ok, i can confirm that -cpu host work for me.

so still we must fix the bug with default cpu option, right?

thanks,
Jun

Re: [Qemu-devel] [PATCH 3/6] rename blockdev-group-snapshot-sync

[Paolo Bonzini]

Il 29/02/2012 19:41, Eric Blake ha scritto:
> Drop the "op":"snapshot".  It's a leftover from before your conversion
> to a union type.
> 
> Question - when reading/writing these examples, are 'type' and "type"
> interchangeable (like in XML)?

IIRC, in JSON only "type" is allowed, but QEMU allows 'type' too because
then it's so less painful to include JSON in C.  So as far as QEMU is
concerned they are interchangeable.

Paolo

Re: [Qemu-devel] [PATCH 4/6] add reuse field

[Kevin Wolf]

Am 29.02.2012 19:50, schrieb Eric Blake:
> On 02/29/2012 06:37 AM, Paolo Bonzini wrote:
>> In some cases it can be useful to use an existing file as the new image
>> in a snapshot.  Add this capability to blockdev-transaction.
>>
>> Signed-off-by: Paolo Bonzini 
>> ---
>>  blockdev.c   |   18 +++---
>>  qapi-schema.json |3 ++-
>>  qmp-commands.hx  |7 +++
>>  3 files changed, 20 insertions(+), 8 deletions(-)
>> @@ -805,13 +807,15 @@ void qmp_blockdev_transaction(BlockdevActionList 
>> *dev_list,
>>  }
>>  
>>  /* create new image w/backing file */
>> -ret = bdrv_img_create(new_image_file, format,
>> -  states->old_bs->filename,
>> -  states->old_bs->drv->format_name,
>> -  NULL, -1, flags);
>> -if (ret) {
>> -error_set(errp, QERR_OPEN_FILE_FAILED, new_image_file);
>> -goto delete_and_fail;
>> +if (do_snapshot) {
>> +ret = bdrv_img_create(new_image_file, format,
>> +  states->old_bs->filename,
>> +  states->old_bs->drv->format_name,
>> +  NULL, -1, flags);
>> +if (ret) {
>> +error_set(errp, QERR_OPEN_FILE_FAILED, new_image_file);
>> +goto delete_and_fail;
>> +}
> 
> Is there any sanity checking that we should be doing if the 'reuse' flag
> was provided, or is this a case of 'the user better be giving us the
> right information, and it's their fault if things break'?

The latter, qemu can't really perform meaningful checks here, especially
once we allow using file descriptors instead of file names.

(Would this command actually provide a hackish way for using FDs with
backing files even without -blockdev? Hm... Better forget it right now,
I never told anyone about this! :-))

>> +++ b/qapi-schema.json
>> @@ -1127,7 +1127,8 @@
>>  # @format: #optional the format of the snapshot image, default is 'qcow2'.
>>  ##
>>  { 'type': 'BlockdevSnapshot',
>> -  'data': { 'device': 'str', 'snapshot-file': 'str', '*format': 'str' } }
>> +  'data': { 'device': 'str', 'snapshot-file': 'str', '*format': 'str',
>> +'*reuse': 'bool' } }
>>  
>>  ##
>>  # @BlockdevAction
>> diff --git a/qmp-commands.hx b/qmp-commands.hx
>> index ee05ec2..6728495 100644
>> --- a/qmp-commands.hx
>> +++ b/qmp-commands.hx
>> @@ -704,6 +704,10 @@ the original disks pre-snapshot attempt are used.
>>  A list of dictionaries is accepted, that contains the actions to be 
>> performed.
>>  For snapshots this is the device, the file to use for the new snapshot,
>>  and the format.  The default format, if not specified, is qcow2.
>> +Image files can be created by QEMU, or it can be created externally.
> 
> 'files' is plural, 'it' is singular.  Perhaps this wording is better?
> 
> Each new snapshot defaults to being created by QEMU (wiping any contents
> if the file already exists), but it is also possible to reuse an
> externally-created file.

And let's add a warning that you're on your own if you override qemu's
snapshot creation.

Kevin

Re: [Qemu-devel] Fail to share Samba directory with guest

[Jan Kiszka]

Jun Koi  schrieb:

>On Thu, Mar 1, 2012 at 5:59 PM, Jan Kiszka  wrote:
>> On 2012-03-01 05:21, Jun Koi wrote:
>>> On Tue, Feb 28, 2012 at 9:43 AM, Jun Koi 
>wrote:
 On Tue, Feb 28, 2012 at 12:08 AM, Shu Ming
> wrote:
> On 2012-2-27 17:21, Jun Koi wrote:
>>
>> hi,
>>
>> on qemu 1.0.1, i am trying to share a host directory with the
>Windows
>> guest like below:
>>
>> qemu-system-i386 -enable-kvm -m 1000 -net nic,model=rtl8139 -net
>> user,smb=/tmp img.winxp
>>
>> but in the guest, \\10.0.2.4 doesnt show me any shared directory.
>>
>> i already run Samba on the host (default configuration).
>>
>> did i miss something, or is it a bug??
>
>
> So 10.0.2.4 is your host IP with samba server?   And what's the
>network the
> guest belongs to?
>

 according to some network schemes used by Qemu, 10.0.2.4 is the IP
>of
 the Samba server (DHCP: 10.0.2.2, DNS: 10.0.2.3, Samba: 10.0.2.4)

 http://en.wikibooks.org/wiki/QEMU/Networking

 i tried \\10.0.2.2, but dont see any share folder, either.
>>>
>>> i tested again, and again, but Samba sharing folder never work for
>me.
>>> meanwhile, my guest can see the folder shared configured in
>/etc/samba/smb.conf
>>>
>>> so this is definitely a bug. perhaps the Samba setting in
>net/slirp.c is wrong?
>>> the current configuration is like below. i am not experienced with
>>> Samba, so cannot figure out what is wrong.
>>>
>>> btw, it seems the Qemu unittest ignore this sharing folder testing?
>>>
>>> thanks,
>>> Ju
>>>
>>>
>>> // from net/slirp.c, function slirp_smb()
>>>        fprintf(f,
>>>             "[global]\n"
>>>             "private dir=%s\n"
>>>             "smb ports=0\n"
>>>             "socket address=127.0.0.1\n"
>>>             "pid directory=%s\n"
>>>             "lock directory=%s\n"
>>>             "log file=%s/log.smbd\n"
>>>             "smb passwd file=%s/smbpasswd\n"
>>>             "security = share\n"
>>>             "[qemu]\n"
>>>             "path=%s\n"
>>>             "read only=no\n"
>>>             "guest ok=yes\n",
>>>             s->smb_dir,
>>>             s->smb_dir,
>>>             s->smb_dir,
>>>             s->smb_dir,
>>>             s->smb_dir,
>>>             exported_dir
>>>             );
>>>
>>>
>>
>> Works fine here with samba 3.5.7 (from OpenSuse 11.4) and a Linux
>guest.
>> What's your samba version? What's your guest?
>
>this is samba 3.4.7, on Ubuntu 10.4. and the guest is Windows XP,
>latest update.
>
>>
>> Also, you said you are running another samba on the host. What
>changes
>> if you stop it temporally?
>
>another samba? i dont understand. i mean i am running smbd on the
>host, and that is the only samba i run.
>if i stop that, how can the guest still see the samba folder?
>
>or do you mean that there is internal samba built-in inside Qemu, and
>Samba on the host must be off?
>that doesnt seem so, because ./configure always looks for the smbd at
>compilation process.

Qemu forks off a dedicated smbd, you don't need to worry about it. In theory, 
there should be no conflict with a smbd run "normally" on the host as well, I 
just like to exclude this possibility.

Jan


--
Sent from an Android - sorry just in case...

Re: [Qemu-devel] [PATCH] MSI / MSIX injection for Xen HVM

[Wei Liu]

On Wed, 2012-02-29 at 17:47 +, Jan Kiszka wrote:
> On 2012-02-29 18:21, Wei Liu wrote:
> > Hi all
> > 
> > This patch adds MSI / MSIX injection for Xen HVM guest. This is not new,
> > six months ago we had a discussion in
> > http://marc.info/?l=qemu-devel&m=130639451725966&w=2
> 
> There are some coding style issues, please use checkpatch.pl.
> 

Ah, looks like my Emacs messed it up...

> Back then I voted against "if (xen_enabled())" as I was planning for a
> msi injection hook that also Xen could use. That may change again, the
> final MSI layer design is not settled yet. Therefore, no concerns from
> that POV, this work takes longer. We can refactor the Xen hooks during
> that run again.
> 

Right, Xen hook is relatively simple.

> However, you know that you miss those (uncommon) messages that are
> injected via DMA? They end up directly in apic_deliver_msi (where KVM
> will once pick them up as well).
> 

Thanks for pointing this out. However I cannot find apic_deliver_msi in
qemu-kvm or upstream qemu tree. I can only find apic_send_msi and
apic_deliver_irq, none of which seems to be KVM-specific. Can you please
give me some pointer on this?


Wei.

Re: [Qemu-devel] Windows 8 fails to boot

[Gleb Natapov]

On Thu, Mar 01, 2012 at 06:15:54PM +0800, Jun Koi wrote:
> On Thu, Mar 1, 2012 at 6:11 PM, Gleb Natapov  wrote:
> > On Thu, Mar 01, 2012 at 11:08:17AM +0100, Alexander Graf wrote:
> >>
> >> On 01.03.2012, at 10:54, Gleb Natapov wrote:
> >>
> >> > On Thu, Mar 01, 2012 at 10:46:37AM +0100, Alexander Graf wrote:
> >> >>
> >> >> On 01.03.2012, at 09:00, Andreas Färber wrote:
> >> >>
> >> >>> Hi,
> >> >>>
> >> >>> Am 01.03.2012 05:24, schrieb Jun Koi:
> >>  anybody tested Qemu with the Windows 8 Consumer Preview?
> >> 
> >>  i tried the 32-bit ISO file with 1.0.1, with and without -enable-kvm,
> >>  and Qemu reboots immediately after the first screen. that is no more
> >>  than 10 seconds into the boot.
> >> >>>
> >> >>> Alex has posted patches that supposedly make AHCI boot work.
> >> >>
> >> >> Yes, but TCG mode also failed on me. I only tried the x64 version 
> >> >> though.
> >> >>
> >> >>
> >> > Why AHCI is needed? I was able to install it on ide (qemu-kvm -cpu
> >> > host).
> >>
> >> It's not needed, it's just faster. Andreas was trying to say that I did 
> >> run Windows 8, because I had it working with AHCI. :)
> >>
> >>
> > Ah, got it. Well, I confirm that it runs, but installing it was the least
> > pleasant computer experience I ever had, so why bother? :)
> >
> 
> ok, i can confirm that -cpu host work for me.
> 
> so still we must fix the bug with default cpu option, right?
> 
It would be nice to understand what's wrong with it, yes. I am used to the
fact that qemu defaults are unusable.

--
Gleb.

Re: [Qemu-devel] Fail to share Samba directory with guest

[Jun Koi]

On Thu, Mar 1, 2012 at 6:21 PM, Jan Kiszka  wrote:
>
>
> Jun Koi  schrieb:
>
>>On Thu, Mar 1, 2012 at 5:59 PM, Jan Kiszka  wrote:
>>> On 2012-03-01 05:21, Jun Koi wrote:
 On Tue, Feb 28, 2012 at 9:43 AM, Jun Koi 
>>wrote:
> On Tue, Feb 28, 2012 at 12:08 AM, Shu Ming
>> wrote:
>> On 2012-2-27 17:21, Jun Koi wrote:
>>>
>>> hi,
>>>
>>> on qemu 1.0.1, i am trying to share a host directory with the
>>Windows
>>> guest like below:
>>>
>>> qemu-system-i386 -enable-kvm -m 1000 -net nic,model=rtl8139 -net
>>> user,smb=/tmp img.winxp
>>>
>>> but in the guest, \\10.0.2.4 doesnt show me any shared directory.
>>>
>>> i already run Samba on the host (default configuration).
>>>
>>> did i miss something, or is it a bug??
>>
>>
>> So 10.0.2.4 is your host IP with samba server?   And what's the
>>network the
>> guest belongs to?
>>
>
> according to some network schemes used by Qemu, 10.0.2.4 is the IP
>>of
> the Samba server (DHCP: 10.0.2.2, DNS: 10.0.2.3, Samba: 10.0.2.4)
>
> http://en.wikibooks.org/wiki/QEMU/Networking
>
> i tried \\10.0.2.2, but dont see any share folder, either.

 i tested again, and again, but Samba sharing folder never work for
>>me.
 meanwhile, my guest can see the folder shared configured in
>>/etc/samba/smb.conf

 so this is definitely a bug. perhaps the Samba setting in
>>net/slirp.c is wrong?
 the current configuration is like below. i am not experienced with
 Samba, so cannot figure out what is wrong.

 btw, it seems the Qemu unittest ignore this sharing folder testing?

 thanks,
 Ju


 // from net/slirp.c, function slirp_smb()
        fprintf(f,
             "[global]\n"
             "private dir=%s\n"
             "smb ports=0\n"
             "socket address=127.0.0.1\n"
             "pid directory=%s\n"
             "lock directory=%s\n"
             "log file=%s/log.smbd\n"
             "smb passwd file=%s/smbpasswd\n"
             "security = share\n"
             "[qemu]\n"
             "path=%s\n"
             "read only=no\n"
             "guest ok=yes\n",
             s->smb_dir,
             s->smb_dir,
             s->smb_dir,
             s->smb_dir,
             s->smb_dir,
             exported_dir
             );


>>>
>>> Works fine here with samba 3.5.7 (from OpenSuse 11.4) and a Linux
>>guest.
>>> What's your samba version? What's your guest?
>>
>>this is samba 3.4.7, on Ubuntu 10.4. and the guest is Windows XP,
>>latest update.
>>
>>>
>>> Also, you said you are running another samba on the host. What
>>changes
>>> if you stop it temporally?
>>
>>another samba? i dont understand. i mean i am running smbd on the
>>host, and that is the only samba i run.
>>if i stop that, how can the guest still see the samba folder?
>>
>>or do you mean that there is internal samba built-in inside Qemu, and
>>Samba on the host must be off?
>>that doesnt seem so, because ./configure always looks for the smbd at
>>compilation process.
>
> Qemu forks off a dedicated smbd, you don't need to worry about it. In theory, 
> there should be no conflict with a smbd run "normally" on the host as well, I 
> just like to exclude this possibility.

ok, i stopped smbd, but that doesnt help.

do we need to have root privilege for this -smb option? because it
seems smbd need to access to secrets.tdb file, which is for root only.

thanks,
Jun

Re: [Qemu-devel] Fail to share Samba directory with guest

[Jan Kiszka]

Jun Koi  schrieb:

>On Thu, Mar 1, 2012 at 6:21 PM, Jan Kiszka  wrote:
>>
>>
>> Jun Koi  schrieb:
>>
>>>On Thu, Mar 1, 2012 at 5:59 PM, Jan Kiszka  wrote:
 On 2012-03-01 05:21, Jun Koi wrote:
> On Tue, Feb 28, 2012 at 9:43 AM, Jun Koi 
>>>wrote:
>> On Tue, Feb 28, 2012 at 12:08 AM, Shu Ming
>>> wrote:
>>> On 2012-2-27 17:21, Jun Koi wrote:

 hi,

 on qemu 1.0.1, i am trying to share a host directory with the
>>>Windows
 guest like below:

 qemu-system-i386 -enable-kvm -m 1000 -net nic,model=rtl8139
>-net
 user,smb=/tmp img.winxp

 but in the guest, \\10.0.2.4 doesnt show me any shared
>directory.

 i already run Samba on the host (default configuration).

 did i miss something, or is it a bug??
>>>
>>>
>>> So 10.0.2.4 is your host IP with samba server?   And what's the
>>>network the
>>> guest belongs to?
>>>
>>
>> according to some network schemes used by Qemu, 10.0.2.4 is the
>IP
>>>of
>> the Samba server (DHCP: 10.0.2.2, DNS: 10.0.2.3, Samba: 10.0.2.4)
>>
>> http://en.wikibooks.org/wiki/QEMU/Networking
>>
>> i tried \\10.0.2.2, but dont see any share folder, either.
>
> i tested again, and again, but Samba sharing folder never work for
>>>me.
> meanwhile, my guest can see the folder shared configured in
>>>/etc/samba/smb.conf
>
> so this is definitely a bug. perhaps the Samba setting in
>>>net/slirp.c is wrong?
> the current configuration is like below. i am not experienced with
> Samba, so cannot figure out what is wrong.
>
> btw, it seems the Qemu unittest ignore this sharing folder
>testing?
>
> thanks,
> Ju
>
>
> // from net/slirp.c, function slirp_smb()
>        fprintf(f,
>             "[global]\n"
>             "private dir=%s\n"
>             "smb ports=0\n"
>             "socket address=127.0.0.1\n"
>             "pid directory=%s\n"
>             "lock directory=%s\n"
>             "log file=%s/log.smbd\n"
>             "smb passwd file=%s/smbpasswd\n"
>             "security = share\n"
>             "[qemu]\n"
>             "path=%s\n"
>             "read only=no\n"
>             "guest ok=yes\n",
>             s->smb_dir,
>             s->smb_dir,
>             s->smb_dir,
>             s->smb_dir,
>             s->smb_dir,
>             exported_dir
>             );
>
>

 Works fine here with samba 3.5.7 (from OpenSuse 11.4) and a Linux
>>>guest.
 What's your samba version? What's your guest?
>>>
>>>this is samba 3.4.7, on Ubuntu 10.4. and the guest is Windows XP,
>>>latest update.
>>>

 Also, you said you are running another samba on the host. What
>>>changes
 if you stop it temporally?
>>>
>>>another samba? i dont understand. i mean i am running smbd on the
>>>host, and that is the only samba i run.
>>>if i stop that, how can the guest still see the samba folder?
>>>
>>>or do you mean that there is internal samba built-in inside Qemu, and
>>>Samba on the host must be off?
>>>that doesnt seem so, because ./configure always looks for the smbd at
>>>compilation process.
>>
>> Qemu forks off a dedicated smbd, you don't need to worry about it. In
>theory, there should be no conflict with a smbd run "normally" on the
>host as well, I just like to exclude this possibility.
>
>ok, i stopped smbd, but that doesnt help.
>
>do we need to have root privilege for this -smb option? because it
>seems smbd need to access to secrets.tdb file, which is for root only.

Maybe this is now required for newer samba versions. The one I use definitely 
has no such requirement.

Jan


--
Sent from an Android - sorry just in case...

Re: [Qemu-devel] [PATCH] fix screendump

[Alon Levy]

On Thu, Mar 01, 2012 at 08:34:40AM +0100, Gerd Hoffmann wrote:
> Commit 45efb16124efef51de5157afc31984b5a47700f9 optimized a bit too
> much.  We can skip the vga_invalidate_display() in case no console
> switch happened because we don't need a full redraw then.  We can *not*
> skip vga_hw_update() though, because the screen content will be stale
> then in case nobody else calls vga_hw_update().
> 
> Trigger: vga textmode with vnc display and no client connected.
> 

Reviewed-by: Alon Levy 

> Reported-by: Avi Kivity 
> Signed-off-by: Gerd Hoffmann 
> ---
>  hw/blizzard.c  |4 +---
>  hw/omap_lcdc.c |5 ++---
>  hw/vga.c   |2 +-
>  3 files changed, 4 insertions(+), 7 deletions(-)
> 
> diff --git a/hw/blizzard.c b/hw/blizzard.c
> index c7d844d..29074c4 100644
> --- a/hw/blizzard.c
> +++ b/hw/blizzard.c
> @@ -937,9 +937,7 @@ static void blizzard_screen_dump(void *opaque, const char 
> *filename,
>  {
>  BlizzardState *s = (BlizzardState *) opaque;
>  
> -if (cswitch) {
> -blizzard_update_display(opaque);
> -}
> +blizzard_update_display(opaque);
>  if (s && ds_get_data(s->state))
>  ppm_save(filename, s->state->surface);
>  }
> diff --git a/hw/omap_lcdc.c b/hw/omap_lcdc.c
> index f172093..4a08e9d 100644
> --- a/hw/omap_lcdc.c
> +++ b/hw/omap_lcdc.c
> @@ -267,9 +267,8 @@ static int ppm_save(const char *filename, uint8_t *data,
>  static void omap_screen_dump(void *opaque, const char *filename, bool 
> cswitch)
>  {
>  struct omap_lcd_panel_s *omap_lcd = opaque;
> -if (cswitch) {
> -omap_update_display(opaque);
> -}
> +
> +omap_update_display(opaque);
>  if (omap_lcd && ds_get_data(omap_lcd->state))
>  ppm_save(filename, ds_get_data(omap_lcd->state),
>  omap_lcd->width, omap_lcd->height,
> diff --git a/hw/vga.c b/hw/vga.c
> index 5994f43..16546ef 100644
> --- a/hw/vga.c
> +++ b/hw/vga.c
> @@ -2413,7 +2413,7 @@ static void vga_screen_dump(void *opaque, const char 
> *filename, bool cswitch)
>  
>  if (cswitch) {
>  vga_invalidate_display(s);
> -vga_hw_update();
>  }
> +vga_hw_update();
>  ppm_save(filename, s->ds->surface);
>  }
> -- 
> 1.7.1
> 
> 

Re: [Qemu-devel] [PATCH] usb: Fix signature of stub usb_host_device_open

[Gerd Hoffmann]

On 03/01/12 10:43, Jan Kiszka wrote:
> -USBDevice *usb_host_device_open(const char *devname)
> +USBDevice *usb_host_device_open(USBBus *bus, const char *devname)

Acked-by: Gerd Hoffmann 

cheers,
  Gerd

Re: [Qemu-devel] [PATCH v2] TCG: Convert global variables to be TLS.

[Evgeny Voevodin]

On 01.03.2012 12:27, Peter Maydell wrote:

On 1 March 2012 08:22, Andreas Färber  wrote:

Am 28.02.2012 04:13, schrieb Evgeny Voevodin:

On 27.02.2012 16:35, Peter Maydell wrote:

A true multithreaded TCG is a large project, and unless we're
going to commit to doing that I don't see much value in making
some variables per-thread when we might instead need to do
larger refactorings (properly encapsulating the codegen
caches as qom objects, maybe?).

[...] qomification of translation caches is an interesting suggestion I
think.

While I have come to like QOM and am using it for the CPUState, I don't
see the benefit in using it for these secondary structures. There are
already dedicated monitor commands to inspect them, no?

Mostly I was thinking about the encapsulation of knowing which data
structures are associated with a translation cache and letting you
have more than one of them. You could do that with a plain struct
but since we have this OO infrastructure now why not use it?

-- PMM



Actually, I didn't dive deep enough in QOM and can't see any benefits or 
disadvantages in
such encapsulation. As stands to me now, QOM is mostly an interface, but 
internal things
are still structs :) And if we implement appropriate model for 
multithreading TCG, I believe,

that it could be easily wrapped with QOM, if needed.
Also, there are at least two approaches for cache - unified for all 
VCPUs and exclusive for each VCPU.
First is better when a lot of different threads run in the target, since 
each cache holds

unique code and thread communication is small.
Second is better when a lot of identical threads running since no 
excessive translation of identical code
is made by each VCPU thread, but communication between threads on 
accessing the cache is high.
So, what I'm talking about is if we use unified cache, we may not need 
to have more than one cache instance.


--
Kind regards,
Evgeny Voevodin,
Leading Software Engineer,
ASWG, Moscow R&D center, Samsung Electronics
e-mail: e.voevo...@samsung.com

Re: [Qemu-devel] [PATCH] We should check virtio_load return code

[Orit Wasserman]

On 03/01/2012 11:29 AM, Amit Shah wrote:
> On (Tue) 28 Feb 2012 [15:31:07], Orit Wasserman wrote:
>> Otherwise we crash on error.
> 
> A description on how to reproduce the crash would be nice.

We changed the default of the command -device virtio-blk-pci,drive=...
from scsi=on to scsi=off for security reasons (disable SG_IO).
If you try to migrate from an older version (which had the default scsi=on) to 
a newer version
(that has default scsi=off) we get the crash.

Orit
> 
>> Signed-off-by: Orit Wasserman 
>> Signed-off-by: Ulrich Obergfell 
> 
> Acked-by: Amit Shah 
> 
>   Amit

Re: [Qemu-devel] [PATCH] qed: do not evict in-use L2 table cache entries

[Stefan Hajnoczi]

On Mon, Feb 27, 2012 at 1:16 PM, Stefan Hajnoczi
 wrote:
> The L2 table cache reduces QED metadata reads that would be required
> when translating LBAs to offsets into the image file.  Since requests
> execute in parallel it is possible to share an L2 table between multiple
> requests.
>
> There is a potential data corruption issue when an in-use L2 table is
> evicted from the cache because the following situation occurs:
>
>  1. An allocating write performs an update to L2 table "A".
>
>  2. Another request needs L2 table "B" and causes table "A" to be
>     evicted.
>
>  3. A new read request needs L2 table "A" but it is not cached.
>
> As a result the L2 update from #1 can overlap with the L2 fetch from #3.
> We must avoid doing overlapping I/O requests here since the worst case
> outcome is that the L2 fetch completes before the L2 update and yields
> stale data.  In that case we would effectively discard the L2 update and
> lose data clusters!
>
> Thanks to Benoît Canet  for extensive testing
> and debugging which lead to discovery of this bug.
>
> Reported-by: Benoît Canet 
> Signed-off-by: Stefan Hajnoczi 
> ---
> Please include this in -stable once it has been merged into qemu.git/master.
>
>  block/qed-l2-cache.c |   22 ++
>  1 files changed, 18 insertions(+), 4 deletions(-)

Thanks for testing this fix and confirming it works, Benoît.  Feel
free to reply with your Tested-by: line.

Stefan

Re: [Qemu-devel] [PATCH] fix screendump

[Avi Kivity]

On 03/01/2012 09:34 AM, Gerd Hoffmann wrote:
> Commit 45efb16124efef51de5157afc31984b5a47700f9 optimized a bit too
> much.  We can skip the vga_invalidate_display() in case no console
> switch happened because we don't need a full redraw then.  We can *not*
> skip vga_hw_update() though, because the screen content will be stale
> then in case nobody else calls vga_hw_update().
>
> Trigger: vga textmode with vnc display and no client connected.
>
> Reported-by: Avi Kivity 

-and-Tested.  Thanks.

> Signed-off-by: Gerd Hoffmann 
>

-- 
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH] We should check virtio_load return code

[Paolo Bonzini]

Il 01/03/2012 12:00, Orit Wasserman ha scritto:
>> > A description on how to reproduce the crash would be nice.
> We changed the default of the command -device virtio-blk-pci,drive=...
> from scsi=on to scsi=off for security reasons (disable SG_IO).
> If you try to migrate from an older version (which had the default scsi=on) 
> to a newer version
> (that has default scsi=off) we get the crash.

Actually the default didn't change in QEMU.  It's libvirt that changed
the command-line with which it invokes QEMU.

This patch fixes the crash, I'll post one to fix migration later.

Paolo

[Qemu-devel] [PATCH v2 1/6] fix format name for backing file

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 blockdev.c |3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/blockdev.c b/blockdev.c
index d78aa51..96a893b 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -800,7 +800,8 @@ void qmp_blockdev_group_snapshot_sync(SnapshotDevList 
*dev_list,
 /* create new image w/backing file */
 ret = bdrv_img_create(snapshot_file, format,
   states->old_bs->filename,
-  drv->format_name, NULL, -1, flags);
+  states->old_bs->drv->format_name,
+  NULL, -1, flags);
 if (ret) {
 error_set(errp, QERR_OPEN_FILE_FAILED, snapshot_file);
 goto delete_and_fail;
-- 
1.7.7.6

[Qemu-devel] [PATCH v2 0/6] Mirrored writes using blockdev-transaction

[Paolo Bonzini]

This implements all ingredients to establish mirrored writes.
The drive-reopen command that is used to terminate mirrored writes
is not included in this series.

Tested with the following scenarios:

a) mirror only

1) create base.qcow2 and start QEMU with it

2) Execute the following QMP command

{ "execute": "qmp_capabilities" }
{ "execute": "blockdev-transaction", "arguments":
  {'actions': [
{ 'type': 'mirror', 'data' :
  { 'device': 'ide0-hd0', 'target': '/home/pbonzini/mirror.qcow2' } } ] } }
{ "execute": "cont" }

3) hibernate the guest (this requires an IDE disk and -cpu kvm64,-kvmclock)

4) restart the guest with mirror.qcow2


b) atomic snapshot+mirror

1) start QEMU with an existing image test.img

2) Execute the following QMP command

{ "execute": "qmp_capabilities" }
{ "execute": "blockdev-transaction", "arguments":
  {'actions': [
{ 'type': 'snapshot', 'data' :
  { 'device': 'ide0-hd0', 'snapshot-file': '/home/pbonzini/base.qcow2' } },
{ 'type': 'mirror', 'data' :
  { 'device': 'ide0-hd0', 'target': '/home/pbonzini/mirror.qcow2' } } ] } }
{ "execute": "cont" }

3) hibernate the guest (this requires an IDE disk and -cpu kvm64,-kvmclock)

4) check that mirror.qcow2 has test.img as the base

5) restart the guest with base.qcow2

6) restart the guest with mirror.qcow2

v1->v2:
Removed wrong assertions in patches 3 and 6
Move new_image_file and other variables inside the while loop (Federico)
Rename new_source_file to new_source (Federico)
Fix image name in error message (Federico)
Fixed documentation in qapi-schema.json (Federico)
Fixed documentation and example in qmp-commands.hx (Eric)
Added back AIO (Stefan), with fixes to cancellation


Marcelo Tosatti (1):
  Add blkmirror block driver

Paolo Bonzini (5):
  fix format name for backing file
  qapi: complete implementation of unions
  rename blockdev-group-snapshot-sync
  add reuse field
  add mirroring to blockdev-transaction

 Makefile.objs |2 +-
 block/blkmirror.c |  239 +
 blockdev.c|  114 ++
 qapi-schema-test.json |   10 ++
 qapi-schema.json  |   51 --
 qmp-commands.hx   |   68 +
 scripts/qapi-types.py |5 +
 scripts/qapi-visit.py |   31 ++-
 test-qmp-input-visitor.c  |   18 
 test-qmp-output-visitor.c |   34 +++
 10 files changed, 496 insertions(+), 76 deletions(-)
 create mode 100644 block/blkmirror.c

-- 
1.7.7.6

[Qemu-devel] [PATCH v2 5/6] Add blkmirror block driver

[Paolo Bonzini]

From: Marcelo Tosatti 

Mirrored writes are used by live block copy.

Signed-off-by: Marcelo Tosatti 
Signed-off-by: Federico Simoncelli 
Signed-off-by: Paolo Bonzini 
---
 Makefile.objs |2 +-
 block/blkmirror.c |  239 +
 2 files changed, 240 insertions(+), 1 deletions(-)
 create mode 100644 block/blkmirror.c

diff --git a/Makefile.objs b/Makefile.objs
index 808de6a..982f44b 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -74,7 +74,7 @@ fsdev-obj-$(CONFIG_VIRTFS) += $(addprefix fsdev/, 
$(fsdev-nested-y))
 # suppress *all* target specific code in case of system emulation, i.e. a
 # single QEMU executable should support all CPUs and machines.
 
-common-obj-y = $(block-obj-y) blockdev.o
+common-obj-y = $(block-obj-y) blockdev.o block/blkmirror.o
 common-obj-y += $(net-obj-y)
 common-obj-y += $(qobject-obj-y)
 common-obj-$(CONFIG_LINUX) += $(fsdev-obj-$(CONFIG_LINUX))
diff --git a/block/blkmirror.c b/block/blkmirror.c
new file mode 100644
index 000..0ee2ca6
--- /dev/null
+++ b/block/blkmirror.c
@@ -0,0 +1,239 @@
+/*
+ * Block driver for mirrored writes.
+ *
+ * Copyright (C) 2011-2012 Red Hat, Inc.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include 
+#include "block_int.h"
+
+typedef struct DupAIOCB DupAIOCB;
+
+typedef struct SingleAIOCB {
+BlockDriverAIOCB *aiocb;
+DupAIOCB *parent;
+} SingleAIOCB;
+
+struct DupAIOCB {
+BlockDriverAIOCB common;
+int count;
+int canceled;
+
+BlockDriverCompletionFunc *cb;
+SingleAIOCB aios[2];
+int ret;
+};
+
+/* Valid blkmirror filenames look like blkmirror:format:path/to/target.
+ *
+ * The driver is not intended for general usage.  It expects bdrv_append
+ * to tack it onto an existing image, which is used as the primary
+ * source and hardcoded to be the backing file for the target.
+ */
+static int blkmirror_open(BlockDriverState *bs, const char *filename, int 
flags)
+{
+int ret, n;
+const char *filename2;
+char *format;
+BlockDriver *drv;
+
+/* Parse the blkmirror: prefix */
+if (strncmp(filename, "blkmirror:", strlen("blkmirror:"))) {
+return -EINVAL;
+}
+filename += strlen("blkmirror:");
+
+/* The source image filename is added by bdrv_append.  We only need
+ * to parse and open the destination image and format.  */
+n = strcspn(filename, ":");
+if (filename[n] == 0) {
+format = NULL;
+filename2 = filename;
+} else {
+format = g_strdup(filename);
+format[n] = 0;
+filename2 = format + n + 1;
+}
+
+drv = bdrv_find_whitelisted_format(format);
+if (!drv) {
+ret = -ENOENT;
+goto out;
+}
+
+bs->file = bdrv_new("");
+if (bs->file == NULL) {
+ret = -ENOMEM;
+goto out;
+}
+
+/* If we crash, we cannot assume that the destination is a
+ * valid mirror and we have to start over.  So speed up things
+ * by effectively operating on the destination in cache=unsafe
+ * mode.
+ */
+ret = bdrv_open(bs->file, filename2,
+flags | BDRV_O_NO_BACKING | BDRV_O_NO_FLUSH | 
BDRV_O_CACHE_WB,
+drv);
+if (ret < 0) {
+goto out;
+}
+
+out:
+g_free(format);
+return ret;
+}
+
+static void blkmirror_close(BlockDriverState *bs)
+{
+bs->file->backing_hd = NULL;
+
+/* backing_hd and file closed by the caller.  */
+}
+
+static coroutine_fn int blkmirror_co_flush(BlockDriverState *bs)
+{
+return bdrv_co_flush(bs->backing_hd);
+}
+
+static int64_t blkmirror_getlength(BlockDriverState *bs)
+{
+return bdrv_getlength(bs->file);
+}
+
+static int coroutine_fn blkmirror_co_is_allocated(BlockDriverState *bs,
+  int64_t sector_num,
+  int nb_sectors, int *pnum)
+{
+return bdrv_is_allocated(bs->file, sector_num, nb_sectors, pnum);
+}
+
+static BlockDriverAIOCB *blkmirror_aio_readv(BlockDriverState *bs,
+ int64_t sector_num,
+ QEMUIOVector *qiov, int 
nb_sectors,
+ BlockDriverCompletionFunc *cb,
+ void *opaque)
+{
+return bdrv_aio_readv(bs->backing_hd, sector_num, qiov, nb_sectors,
+  cb, opaque);
+}
+
+static void dup_aio_cancel(BlockDriverAIOCB *acb)
+{
+DupAIOCB *dcb = container_of(acb, DupAIOCB, common);
+int i;
+
+dcb->canceled = true;
+for (i = 0 ; i < 2; i++) {
+if (dcb->aios[i].aiocb) {
+bdrv_aio_cancel(dcb->aios[i].aiocb);
+}
+}
+qemu_aio_release(dcb);
+}
+
+static AIOPool dup_aio_pool = {
+.aiocb_size = sizeof(DupAIOCB),
+.cancel = dup_aio_cancel,
+};
+
+static void blkmirro

[Qemu-devel] [PATCH v2 3/6] rename blockdev-group-snapshot-sync

[Paolo Bonzini]

We will add other kinds of operation.  Prepare for this by adjusting
the schema.

Signed-off-by: Paolo Bonzini 
---
 blockdev.c   |   79 -
 qapi-schema.json |   33 +++---
 qmp-commands.hx  |   50 ++---
 3 files changed, 91 insertions(+), 71 deletions(-)

diff --git a/blockdev.c b/blockdev.c
index 96a893b..1aa544a 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -716,31 +716,25 @@ void qmp_blockdev_snapshot_sync(const char *device, const 
char *snapshot_file,
 
 
 /* New and old BlockDriverState structs for group snapshots */
-typedef struct BlkGroupSnapshotStates {
+typedef struct BlkTransactionStates {
 BlockDriverState *old_bs;
 BlockDriverState *new_bs;
-QSIMPLEQ_ENTRY(BlkGroupSnapshotStates) entry;
-} BlkGroupSnapshotStates;
+QSIMPLEQ_ENTRY(BlkTransactionStates) entry;
+} BlkTransactionStates;
 
 /*
  * 'Atomic' group snapshots.  The snapshots are taken as a set, and if any fail
  *  then we do not pivot any of the devices in the group, and abandon the
  *  snapshots
  */
-void qmp_blockdev_group_snapshot_sync(SnapshotDevList *dev_list,
-  Error **errp)
+void qmp_blockdev_transaction(BlockdevActionList *dev_list,
+  Error **errp)
 {
 int ret = 0;
-SnapshotDevList *dev_entry = dev_list;
-SnapshotDev *dev_info = NULL;
-BlkGroupSnapshotStates *states;
-BlockDriver *proto_drv;
-BlockDriver *drv;
-int flags;
-const char *format;
-const char *snapshot_file;
+BlockdevActionList *dev_entry = dev_list;
+BlkTransactionStates *states;
 
-QSIMPLEQ_HEAD(snap_bdrv_states, BlkGroupSnapshotStates) snap_bdrv_states;
+QSIMPLEQ_HEAD(snap_bdrv_states, BlkTransactionStates) snap_bdrv_states;
 QSIMPLEQ_INIT(&snap_bdrv_states);
 
 /* drain all i/o before any snapshots */
@@ -748,21 +742,46 @@ void qmp_blockdev_group_snapshot_sync(SnapshotDevList 
*dev_list,
 
 /* We don't do anything in this loop that commits us to the snapshot */
 while (NULL != dev_entry) {
+BlockdevAction *dev_info = NULL;
+BlockDriver *proto_drv;
+BlockDriver *drv;
+int flags;
+const char *device;
+const char *format = "qcow2";
+const char *new_image_file = NULL;
+
 dev_info = dev_entry->value;
 dev_entry = dev_entry->next;
 
-states = g_malloc0(sizeof(BlkGroupSnapshotStates));
+states = g_malloc0(sizeof(BlkTransactionStates));
 QSIMPLEQ_INSERT_TAIL(&snap_bdrv_states, states, entry);
 
-states->old_bs = bdrv_find(dev_info->device);
+switch (dev_info->kind) {
+case BLOCKDEV_ACTION_KIND_SNAPSHOT:
+device = dev_info->snapshot->device;
+if (dev_info->snapshot->has_format) {
+format = dev_info->snapshot->format;
+}
+new_image_file = dev_info->snapshot->snapshot_file;
+break;
+default:
+abort();
+}
+
+drv = bdrv_find_format(format);
+if (!drv) {
+error_set(errp, QERR_INVALID_BLOCK_FORMAT, format);
+goto delete_and_fail;
+}
 
+states->old_bs = bdrv_find(device);
 if (!states->old_bs) {
-error_set(errp, QERR_DEVICE_NOT_FOUND, dev_info->device);
+error_set(errp, QERR_DEVICE_NOT_FOUND, device);
 goto delete_and_fail;
 }
 
 if (bdrv_in_use(states->old_bs)) {
-error_set(errp, QERR_DEVICE_IN_USE, dev_info->device);
+error_set(errp, QERR_DEVICE_IN_USE, device);
 goto delete_and_fail;
 }
 
@@ -775,44 +794,30 @@ void qmp_blockdev_group_snapshot_sync(SnapshotDevList 
*dev_list,
 }
 }
 
-snapshot_file = dev_info->snapshot_file;
-
 flags = states->old_bs->open_flags;
 
-if (!dev_info->has_format) {
-format = "qcow2";
-} else {
-format = dev_info->format;
-}
-
-drv = bdrv_find_format(format);
-if (!drv) {
-error_set(errp, QERR_INVALID_BLOCK_FORMAT, format);
-goto delete_and_fail;
-}
-
-proto_drv = bdrv_find_protocol(snapshot_file);
+proto_drv = bdrv_find_protocol(new_image_file);
 if (!proto_drv) {
 error_set(errp, QERR_INVALID_BLOCK_FORMAT, format);
 goto delete_and_fail;
 }
 
 /* create new image w/backing file */
-ret = bdrv_img_create(snapshot_file, format,
+ret = bdrv_img_create(new_image_file, format,
   states->old_bs->filename,
   states->old_bs->drv->format_name,
   NULL, -1, flags);
 if (ret) {
-error_set(errp, QERR_OPEN_FILE_FAILED, snapshot_file);
+error_set(errp, QERR_OPEN_FILE_FAILED, new_image_file);
 goto dele

Re: [Qemu-devel] [PATCH] MSI / MSIX injection for Xen HVM

[Jan Kiszka]

On 2012-03-01 11:20, Wei Liu wrote:
>> However, you know that you miss those (uncommon) messages that are
>> injected via DMA? They end up directly in apic_deliver_msi (where KVM
>> will once pick them up as well).
>>
> 
> Thanks for pointing this out. However I cannot find apic_deliver_msi in
> qemu-kvm or upstream qemu tree. I can only find apic_send_msi and
> apic_deliver_irq, none of which seems to be KVM-specific. Can you please
> give me some pointer on this?

Yes, apic_send_msi. I was accidentally looking at my msi refactoring tree.

Jan

-- 
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux

[Qemu-devel] [PATCH v2 4/6] add reuse field

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 blockdev.c   |   18 +++---
 qapi-schema.json |3 ++-
 qmp-commands.hx  |   10 ++
 3 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/blockdev.c b/blockdev.c
index 1aa544a..8fcdf0e 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -749,6 +749,7 @@ void qmp_blockdev_transaction(BlockdevActionList *dev_list,
 const char *device;
 const char *format = "qcow2";
 const char *new_image_file = NULL;
+bool do_snapshot;
 
 dev_info = dev_entry->value;
 dev_entry = dev_entry->next;
@@ -760,6 +761,7 @@ void qmp_blockdev_transaction(BlockdevActionList *dev_list,
 switch (dev_info->kind) {
 case BLOCKDEV_ACTION_KIND_SNAPSHOT:
 device = dev_info->snapshot->device;
+do_snapshot = !dev_info->snapshot->has_reuse || 
!dev_info->snapshot->reuse;
 if (dev_info->snapshot->has_format) {
 format = dev_info->snapshot->format;
 }
@@ -803,13 +805,15 @@ void qmp_blockdev_transaction(BlockdevActionList 
*dev_list,
 }
 
 /* create new image w/backing file */
-ret = bdrv_img_create(new_image_file, format,
-  states->old_bs->filename,
-  states->old_bs->drv->format_name,
-  NULL, -1, flags);
-if (ret) {
-error_set(errp, QERR_OPEN_FILE_FAILED, new_image_file);
-goto delete_and_fail;
+if (do_snapshot) {
+ret = bdrv_img_create(new_image_file, format,
+  states->old_bs->filename,
+  states->old_bs->drv->format_name,
+  NULL, -1, flags);
+if (ret) {
+error_set(errp, QERR_OPEN_FILE_FAILED, new_image_file);
+goto delete_and_fail;
+}
 }
 
 /* We will manually add the backing_hd field to the bs later */
diff --git a/qapi-schema.json b/qapi-schema.json
index d2fbee3..78df122 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -1127,7 +1127,8 @@
 # @format: #optional the format of the snapshot image, default is 'qcow2'.
 ##
 { 'type': 'BlockdevSnapshot',
-  'data': { 'device': 'str', 'snapshot-file': 'str', '*format': 'str' } }
+  'data': { 'device': 'str', 'snapshot-file': 'str', '*format': 'str',
+'*reuse': 'bool' } }
 
 ##
 # @BlockdevAction
diff --git a/qmp-commands.hx b/qmp-commands.hx
index 71d4825..817b689 100644
--- a/qmp-commands.hx
+++ b/qmp-commands.hx
@@ -705,6 +705,13 @@ A list of dictionaries is accepted, that contains the 
actions to be performed.
 For snapshots this is the device, the file to use for the new snapshot,
 and the format.  The default format, if not specified, is qcow2.
 
+Each new snapshot defaults to being created by QEMU (wiping any
+contents if the file already exists), but it is also possible to reuse
+an externally-created file.  In the latter case, you should ensure that
+the new image file has the same contents as the current one; QEMU cannot
+perform any meaningful check.  Typically this is achieved by using the
+current image file as the backing file for the new image.
+
 Arguments:
 
 actions array:
@@ -715,6 +722,8 @@ actions array:
   - "device": device name to snapshot (json-string)
   - "snapshot-file": name of new image file (json-string)
   - "format": format of new image (json-string, optional)
+  - "reuse": whether QEMU should look for an existing image file
+(json-bool, optional, default false)
 
 Example:
 
@@ -725,6 +734,7 @@ Example:
  "format": "qcow2" } },
  { 'type': 'snapshot, 'data' : { "device": "ide-hd1",
  "snapshot-file": 
"/some/place/my-image2",
+ "reuse": true,
  "format": "qcow2" } } ] } }
 <- { "return": {} }
 
-- 
1.7.7.6

[Qemu-devel] [PATCH v2] We should check the virtio_load return code

[Orit Wasserman]

Otherwise we crash on error.
Instruction to reporduce the crash with migration:
1) run a guest with -device virtio-blk-pci,drive=drive_name,scsi=on
2) run destination with
   -device virtio-blk-pci,drive=drive_name,scsi=off ... -incoming ...
3) migrate from 1 to 2.

Signed-off-by: Ulrich Obergfell 
Signed-off-by: Orit Wasserman 
---
 hw/virtio-balloon.c|6 +-
 hw/virtio-blk.c|7 ++-
 hw/virtio-net.c|6 +-
 hw/virtio-scsi.c   |7 ++-
 hw/virtio-serial-bus.c |6 +-
 5 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/hw/virtio-balloon.c b/hw/virtio-balloon.c
index ce9d2c9..075ed87 100644
--- a/hw/virtio-balloon.c
+++ b/hw/virtio-balloon.c
@@ -211,11 +211,15 @@ static void virtio_balloon_save(QEMUFile *f, void *opaque)
 static int virtio_balloon_load(QEMUFile *f, void *opaque, int version_id)
 {
 VirtIOBalloon *s = opaque;
+int ret;
 
 if (version_id != 1)
 return -EINVAL;
 
-virtio_load(&s->vdev, f);
+ret = virtio_load(&s->vdev, f);
+if (ret) {
+return ret;
+}
 
 s->num_pages = qemu_get_be32(f);
 s->actual = qemu_get_be32(f);
diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
index 49990f8..d4bb400 100644
--- a/hw/virtio-blk.c
+++ b/hw/virtio-blk.c
@@ -537,11 +537,16 @@ static void virtio_blk_save(QEMUFile *f, void *opaque)
 static int virtio_blk_load(QEMUFile *f, void *opaque, int version_id)
 {
 VirtIOBlock *s = opaque;
+int ret;
 
 if (version_id != 2)
 return -EINVAL;
 
-virtio_load(&s->vdev, f);
+ret = virtio_load(&s->vdev, f);
+if (ret) {
+return ret;
+}
+
 while (qemu_get_sbyte(f)) {
 VirtIOBlockReq *req = virtio_blk_alloc_request(s);
 qemu_get_buffer(f, (unsigned char*)&req->elem, sizeof(req->elem));
diff --git a/hw/virtio-net.c b/hw/virtio-net.c
index bc5e3a8..3f190d4 100644
--- a/hw/virtio-net.c
+++ b/hw/virtio-net.c
@@ -891,11 +891,15 @@ static int virtio_net_load(QEMUFile *f, void *opaque, int 
version_id)
 {
 VirtIONet *n = opaque;
 int i;
+int ret;
 
 if (version_id < 2 || version_id > VIRTIO_NET_VM_VERSION)
 return -EINVAL;
 
-virtio_load(&n->vdev, f);
+ret = virtio_load(&n->vdev, f);
+if (ret) {
+return ret;
+}
 
 qemu_get_buffer(f, n->mac, ETH_ALEN);
 n->tx_waiting = qemu_get_be32(f);
diff --git a/hw/virtio-scsi.c b/hw/virtio-scsi.c
index e607edc..9797847 100644
--- a/hw/virtio-scsi.c
+++ b/hw/virtio-scsi.c
@@ -558,7 +558,12 @@ static void virtio_scsi_save(QEMUFile *f, void *opaque)
 static int virtio_scsi_load(QEMUFile *f, void *opaque, int version_id)
 {
 VirtIOSCSI *s = opaque;
-virtio_load(&s->vdev, f);
+int ret;
+
+ret = virtio_load(&s->vdev, f);
+if (ret) {
+return ret;
+}
 return 0;
 }
 
diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
index e22940e..4a33872 100644
--- a/hw/virtio-serial-bus.c
+++ b/hw/virtio-serial-bus.c
@@ -590,13 +590,17 @@ static int virtio_serial_load(QEMUFile *f, void *opaque, 
int version_id)
 VirtIOSerialPort *port;
 uint32_t max_nr_ports, nr_active_ports, ports_map;
 unsigned int i;
+int ret;
 
 if (version_id > 3) {
 return -EINVAL;
 }
 
 /* The virtio device */
-virtio_load(&s->vdev, f);
+ret = virtio_load(&s->vdev, f);
+if (ret) {
+return ret;
+}
 
 if (version_id < 2) {
 return 0;
-- 
1.7.6.5

Re: [Qemu-devel] [PATCH v2] We should check the virtio_load return code

[Amit Shah]

On (Thu) 01 Mar 2012 [13:28:08], Orit Wasserman wrote:
> Otherwise we crash on error.
> Instruction to reporduce the crash with migration:
> 1) run a guest with -device virtio-blk-pci,drive=drive_name,scsi=on
> 2) run destination with
>-device virtio-blk-pci,drive=drive_name,scsi=off ... -incoming ...
> 3) migrate from 1 to 2.

Thanks.

Acked-by: Amit Shah 



Amit

Re: [Qemu-devel] [PATCH v2] VMXNET3 paravirtual NIC device implementation

[Michael Tokarev]

On 29.02.2012 16:49, Dmitry Fleytman wrote:

> Implementation of VMWare VMXNET3 paravirtual NIC device.
> Supports of all the device features including offload capabilties,
> VLANs and etc.
[..]

Not a review or anything (I don't know qemu networking
internals much), just a question: does it support PXE
booting?

There appears to be an etherboot/iPXE boot rom for it, maybe
it is  a good idea to enable pxe in this "anti-driver" too?

Thanks,

/mjt

[Qemu-devel] [PATCH v2 6/6] add mirroring to blockdev-transaction

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 blockdev.c   |   42 --
 qapi-schema.json |   19 ++-
 qmp-commands.hx  |   12 +++-
 3 files changed, 61 insertions(+), 12 deletions(-)

diff --git a/blockdev.c b/blockdev.c
index 8fcdf0e..f181c6f 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -733,6 +733,7 @@ void qmp_blockdev_transaction(BlockdevActionList *dev_list,
 int ret = 0;
 BlockdevActionList *dev_entry = dev_list;
 BlkTransactionStates *states;
+char *new_source = NULL;
 
 QSIMPLEQ_HEAD(snap_bdrv_states, BlkTransactionStates) snap_bdrv_states;
 QSIMPLEQ_INIT(&snap_bdrv_states);
@@ -744,12 +745,12 @@ void qmp_blockdev_transaction(BlockdevActionList 
*dev_list,
 while (NULL != dev_entry) {
 BlockdevAction *dev_info = NULL;
 BlockDriver *proto_drv;
-BlockDriver *drv;
+BlockDriver *target_drv;
+BlockDriver *drv = NULL;
 int flags;
 const char *device;
 const char *format = "qcow2";
 const char *new_image_file = NULL;
-bool do_snapshot;
 
 dev_info = dev_entry->value;
 dev_entry = dev_entry->next;
@@ -760,21 +761,40 @@ void qmp_blockdev_transaction(BlockdevActionList 
*dev_list,
 switch (dev_info->kind) {
 case BLOCKDEV_ACTION_KIND_SNAPSHOT:
 device = dev_info->snapshot->device;
-do_snapshot = !dev_info->snapshot->has_reuse || 
!dev_info->snapshot->reuse;
+if (!dev_info->snapshot->has_reuse || !dev_info->snapshot->reuse) {
+new_image_file = dev_info->snapshot->snapshot_file;
+}
 if (dev_info->snapshot->has_format) {
 format = dev_info->snapshot->format;
 }
-new_image_file = dev_info->snapshot->snapshot_file;
+new_source = g_strdup(dev_info->snapshot->snapshot_file);
 break;
+
+case BLOCKDEV_ACTION_KIND_MIRROR:
+device = dev_info->mirror->device;
+drv = bdrv_find_format("blkmirror");
+if (!dev_info->mirror->has_reuse || !dev_info->mirror->reuse) {
+new_image_file = dev_info->mirror->target;
+}
+if (dev_info->mirror->has_format) {
+format = dev_info->mirror->format;
+}
+new_source = g_strdup_printf("blkmirror:%s:%s", format,
+ dev_info->mirror->target);
+break;
+
 default:
 abort();
 }
 
-drv = bdrv_find_format(format);
-if (!drv) {
+target_drv = bdrv_find_format(format);
+if (!target_drv) {
 error_set(errp, QERR_INVALID_BLOCK_FORMAT, format);
 goto delete_and_fail;
 }
+if (!drv) {
+drv = target_drv;
+}
 
 states->old_bs = bdrv_find(device);
 if (!states->old_bs) {
@@ -798,14 +817,14 @@ void qmp_blockdev_transaction(BlockdevActionList 
*dev_list,
 
 flags = states->old_bs->open_flags;
 
-proto_drv = bdrv_find_protocol(new_image_file);
+proto_drv = bdrv_find_protocol(new_source);
 if (!proto_drv) {
 error_set(errp, QERR_INVALID_BLOCK_FORMAT, format);
 goto delete_and_fail;
 }
 
 /* create new image w/backing file */
-if (do_snapshot) {
+if (new_image_file) {
 ret = bdrv_img_create(new_image_file, format,
   states->old_bs->filename,
   states->old_bs->drv->format_name,
@@ -818,12 +837,14 @@ void qmp_blockdev_transaction(BlockdevActionList 
*dev_list,
 
 /* We will manually add the backing_hd field to the bs later */
 states->new_bs = bdrv_new("");
-ret = bdrv_open(states->new_bs, new_image_file,
+ret = bdrv_open(states->new_bs, new_source,
 flags | BDRV_O_NO_BACKING, drv);
 if (ret != 0) {
-error_set(errp, QERR_OPEN_FILE_FAILED, new_image_file);
+error_set(errp, QERR_OPEN_FILE_FAILED, new_source);
 goto delete_and_fail;
 }
+g_free(new_source);
+new_source = NULL;
 }
 
 
@@ -851,6 +872,7 @@ exit:
 QSIMPLEQ_FOREACH(states, &snap_bdrv_states, entry) {
 g_free(states);
 }
+g_free(new_source);
 return;
 }
 
diff --git a/qapi-schema.json b/qapi-schema.json
index 78df122..fd5973d 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -1131,6 +1131,22 @@
 '*reuse': 'bool' } }
 
 ##
+# @BlockdevMirror
+#
+# @device:  the name of the device to start mirroring.
+#
+# @target: the image that will start receiving writes for @device. A new
+#  file will be created if @reuse is absent or false.
+#
+# @format: #optional the format of the target image, default is 'qcow2'.
+#
+# @reuse: #optional whether QEMU should create a new image.
+##
+{ 'type': 'BlockdevMirr

Re: [Qemu-devel] [PATCH] MSI / MSIX injection for Xen HVM

[Wei Liu]

On Thu, 2012-03-01 at 11:22 +, Jan Kiszka wrote:
> On 2012-03-01 11:20, Wei Liu wrote:
> >> However, you know that you miss those (uncommon) messages that are
> >> injected via DMA? They end up directly in apic_deliver_msi (where KVM
> >> will once pick them up as well).
> >>
> > 
> > Thanks for pointing this out. However I cannot find apic_deliver_msi in
> > qemu-kvm or upstream qemu tree. I can only find apic_send_msi and
> > apic_deliver_irq, none of which seems to be KVM-specific. Can you please
> > give me some pointer on this?
> 
> Yes, apic_send_msi. I was accidentally looking at my msi refactoring tree.
> 
> Jan
> 

New version of this patch.

--8<--
>From d20edc78c71827da9f8be3308c0d473fec03b705 Mon Sep 17 00:00:00 2001
From: Wei Liu 
Date: Wed, 29 Feb 2012 16:46:41 +
Subject: [PATCH] MSI / MSIX injection for Xen.

This is supposed to be used in conjunction with Xen's
hypercall interface for emualted MSI / MSIX injection.

Signed-off-by: Wei Liu 
---
 hw/apic.c  |   10 --
 hw/msi.c   |7 ++-
 hw/msix.c  |8 +++-
 hw/xen.h   |1 +
 xen-all.c  |5 +
 xen-stub.c |4 
 6 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/hw/apic.c b/hw/apic.c
index ff9d24e..9fc0b17 100644
--- a/hw/apic.c
+++ b/hw/apic.c
@@ -22,6 +22,7 @@
 #include "host-utils.h"
 #include "trace.h"
 #include "pc.h"
+#include "xen.h"
 
 #define MAX_APIC_WORDS 8
 
@@ -641,8 +642,13 @@ static void apic_send_msi(target_phys_addr_t addr, 
uint32_t data)
 uint8_t dest_mode = (addr >> MSI_ADDR_DEST_MODE_SHIFT) & 0x1;
 uint8_t trigger_mode = (data >> MSI_DATA_TRIGGER_SHIFT) & 0x1;
 uint8_t delivery = (data >> MSI_DATA_DELIVERY_MODE_SHIFT) & 0x7;
-/* XXX: Ignore redirection hint. */
-apic_deliver_irq(dest, dest_mode, delivery, vector, trigger_mode);
+
+if (xen_enabled()) {
+xen_hvm_inject_msi(addr, data);
+} else {
+/* XXX: Ignore redirection hint. */
+apic_deliver_irq(dest, dest_mode, delivery, vector, trigger_mode);
+}
 }
 
 static void apic_mem_writel(void *opaque, target_phys_addr_t addr, uint32_t 
val)
diff --git a/hw/msi.c b/hw/msi.c
index 5d6ceb6..b11eeac 100644
--- a/hw/msi.c
+++ b/hw/msi.c
@@ -20,6 +20,7 @@
 
 #include "msi.h"
 #include "range.h"
+#include "xen.h"
 
 /* Eventually those constants should go to Linux pci_regs.h */
 #define PCI_MSI_PENDING_32  0x10
@@ -257,7 +258,11 @@ void msi_notify(PCIDevice *dev, unsigned int vector)
"notify vector 0x%x"
" address: 0x%"PRIx64" data: 0x%"PRIx32"\n",
vector, address, data);
-stl_le_phys(address, data);
+if (xen_enabled()) {
+xen_hvm_inject_msi(address, data);
+} else {
+stl_le_phys(address, data);
+}
 }
 
 /* call this function after updating configs by pci_default_write_config(). */
diff --git a/hw/msix.c b/hw/msix.c
index 3835eaa..cba302e 100644
--- a/hw/msix.c
+++ b/hw/msix.c
@@ -19,6 +19,7 @@
 #include "msix.h"
 #include "pci.h"
 #include "range.h"
+#include "xen.h"
 
 #define MSIX_CAP_LENGTH 12
 
@@ -365,7 +366,12 @@ void msix_notify(PCIDevice *dev, unsigned vector)
 
 address = pci_get_quad(table_entry + PCI_MSIX_ENTRY_LOWER_ADDR);
 data = pci_get_long(table_entry + PCI_MSIX_ENTRY_DATA);
-stl_le_phys(address, data);
+
+if (xen_enabled()) {
+xen_hvm_inject_msi(address, data);
+} else {
+stl_le_phys(address, data);
+}
 }
 
 void msix_reset(PCIDevice *dev)
diff --git a/hw/xen.h b/hw/xen.h
index b46879c..e5926b7 100644
--- a/hw/xen.h
+++ b/hw/xen.h
@@ -34,6 +34,7 @@ static inline int xen_enabled(void)
 int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num);
 void xen_piix3_set_irq(void *opaque, int irq_num, int level);
 void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int len);
+void xen_hvm_inject_msi(uint64_t addr, uint32_t data);
 void xen_cmos_set_s3_resume(void *opaque, int irq, int level);
 
 qemu_irq *xen_interrupt_controller_init(void);
diff --git a/xen-all.c b/xen-all.c
index b0ed1ed..78c6df3 100644
--- a/xen-all.c
+++ b/xen-all.c
@@ -122,6 +122,11 @@ void xen_piix_pci_write_config_client(uint32_t address, 
uint32_t val, int len)
 }
 }
 
+void xen_hvm_inject_msi(uint64_t addr, uint32_t data)
+{
+xc_hvm_inject_msi(xen_xc, xen_domid, addr, data);
+}
+
 static void xen_suspend_notifier(Notifier *notifier, void *data)
 {
 xc_set_hvm_param(xen_xc, xen_domid, HVM_PARAM_ACPI_S_STATE, 3);
diff --git a/xen-stub.c b/xen-stub.c
index 9ea02d4..8ff2b79 100644
--- a/xen-stub.c
+++ b/xen-stub.c
@@ -29,6 +29,10 @@ void xen_piix_pci_write_config_client(uint32_t address, 
uint32_t val, int len)
 {
 }
 
+void xen_hvm_inject_msi(uint64_t addr, uint32_t data)
+{
+}
+
 void xen_cmos_set_s3_resume(void *opaque, int irq, int level)
 {
 }
-- 
1.7.2.5

[Qemu-devel] [PATCH v2 2/6] qapi: complete implementation of unions

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qapi-schema-test.json |   10 ++
 scripts/qapi-types.py |5 +
 scripts/qapi-visit.py |   31 ++-
 test-qmp-input-visitor.c  |   18 ++
 test-qmp-output-visitor.c |   34 ++
 5 files changed, 97 insertions(+), 1 deletions(-)

diff --git a/qapi-schema-test.json b/qapi-schema-test.json
index 2b38919..8c7f9f7 100644
--- a/qapi-schema-test.json
+++ b/qapi-schema-test.json
@@ -22,6 +22,16 @@
'dict2': { 'userdef1': 'UserDefOne', 'string2': 'str' },
'*dict3': { 'userdef2': 'UserDefOne', 'string3': 'str' 
} } } }
 
+# for testing unions
+{ 'type': 'UserDefA',
+  'data': { 'boolean': 'bool' } }
+
+{ 'type': 'UserDefB',
+  'data': { 'integer': 'int' } }
+
+{ 'union': 'UserDefUnion',
+  'data': { 'a' : 'UserDefA', 'b' : 'UserDefB' } }
+
 # testing commands
 { 'command': 'user_def_cmd', 'data': {} }
 { 'command': 'user_def_cmd1', 'data': {'ud1a': 'UserDefOne'} }
diff --git a/scripts/qapi-types.py b/scripts/qapi-types.py
index b56225b..6968e7f 100644
--- a/scripts/qapi-types.py
+++ b/scripts/qapi-types.py
@@ -269,6 +269,7 @@ for expr in exprs:
 elif expr.has_key('union'):
 ret += generate_fwd_struct(expr['union'], expr['data']) + "\n"
 ret += generate_enum('%sKind' % expr['union'], expr['data'].keys())
+fdef.write(generate_enum_lookup('%sKind' % expr['union'], 
expr['data'].keys()))
 else:
 continue
 fdecl.write(ret)
@@ -283,6 +284,10 @@ for expr in exprs:
 fdef.write(generate_type_cleanup(expr['type']) + "\n")
 elif expr.has_key('union'):
 ret += generate_union(expr['union'], expr['data'])
+ret += generate_type_cleanup_decl(expr['union'] + "List")
+fdef.write(generate_type_cleanup(expr['union'] + "List") + "\n")
+ret += generate_type_cleanup_decl(expr['union'])
+fdef.write(generate_type_cleanup(expr['union']) + "\n")
 else:
 continue
 fdecl.write(ret)
diff --git a/scripts/qapi-visit.py b/scripts/qapi-visit.py
index 5160d83..54117d4 100644
--- a/scripts/qapi-visit.py
+++ b/scripts/qapi-visit.py
@@ -110,10 +110,38 @@ def generate_visit_union(name, members):
 
 void visit_type_%(name)s(Visitor *m, %(name)s ** obj, const char *name, Error 
**errp)
 {
-}
+Error *err = NULL;
+
+visit_start_struct(m, (void **)obj, "%(name)s", name, sizeof(%(name)s), 
&err);
+visit_type_%(name)sKind(m, &(*obj)->kind, "type", &err);
+if (err) {
+error_propagate(errp, err);
+goto end;
+}
+switch ((*obj)->kind) {
 ''',
  name=name)
 
+for key in members:
+ret += mcgen('''
+case %(abbrev)s_KIND_%(enum)s:
+visit_type_%(c_type)s(m, &(*obj)->%(c_name)s, "data", errp);
+break;
+''',
+abbrev = de_camel_case(name).upper(),
+enum = de_camel_case(key).upper(),
+c_type=members[key],
+c_name=c_var(key))
+
+ret += mcgen('''
+default:
+abort();
+}
+end:
+visit_end_struct(m, errp);
+}
+''')
+
 return ret
 
 def generate_declaration(name, members, genlist=True):
@@ -242,6 +270,7 @@ for expr in exprs:
 fdecl.write(ret)
 elif expr.has_key('union'):
 ret = generate_visit_union(expr['union'], expr['data'])
+ret += generate_visit_list(expr['union'], expr['data'])
 fdef.write(ret)
 
 ret = generate_decl_enum('%sKind' % expr['union'], expr['data'].keys())
diff --git a/test-qmp-input-visitor.c b/test-qmp-input-visitor.c
index 926db5c..1996e49 100644
--- a/test-qmp-input-visitor.c
+++ b/test-qmp-input-visitor.c
@@ -234,6 +234,22 @@ static void test_visitor_in_list(TestInputVisitorData 
*data,
 qapi_free_UserDefOneList(head);
 }
 
+static void test_visitor_in_union(TestInputVisitorData *data,
+  const void *unused)
+{
+Visitor *v;
+Error *err = NULL;
+UserDefUnion *tmp;
+
+v = visitor_input_test_init(data, "{ 'type': 'b', 'data' : { 'integer': 42 
} }");
+
+visit_type_UserDefUnion(v, &tmp, NULL, &err);
+g_assert(err == NULL);
+g_assert_cmpint(tmp->kind, ==, USER_DEF_UNION_KIND_B);
+g_assert_cmpint(tmp->b->integer, ==, 42);
+qapi_free_UserDefUnion(tmp);
+}
+
 static void input_visitor_test_add(const char *testpath,
TestInputVisitorData *data,
void (*test_func)(TestInputVisitorData 
*data, const void *user_data))
@@ -264,6 +280,8 @@ int main(int argc, char **argv)
 &in_visitor_data, test_visitor_in_struct_nested);
 input_visitor_test_add("/visitor/input/list",
 &in_visitor_data, test_visitor_in_list);
+input_visitor_test_add("/visitor/input/union",
+&in_visitor_data, test_visitor_in_union);
 
 g_test_run();
 
diff --git a/test-qm

Re: [Qemu-devel] [PATCH v2] We should check the virtio_load return code

[Michael S. Tsirkin]

On Thu, Mar 01, 2012 at 01:28:08PM +0200, Orit Wasserman wrote:
> Otherwise we crash on error.
> Instruction to reporduce the crash with migration:
> 1) run a guest with -device virtio-blk-pci,drive=drive_name,scsi=on
> 2) run destination with
>-device virtio-blk-pci,drive=drive_name,scsi=off ... -incoming ...
> 3) migrate from 1 to 2.
> 
> Signed-off-by: Ulrich Obergfell 
> Signed-off-by: Orit Wasserman 


Acked-by: Michael S. Tsirkin 

> ---
>  hw/virtio-balloon.c|6 +-
>  hw/virtio-blk.c|7 ++-
>  hw/virtio-net.c|6 +-
>  hw/virtio-scsi.c   |7 ++-
>  hw/virtio-serial-bus.c |6 +-
>  5 files changed, 27 insertions(+), 5 deletions(-)
> 
> diff --git a/hw/virtio-balloon.c b/hw/virtio-balloon.c
> index ce9d2c9..075ed87 100644
> --- a/hw/virtio-balloon.c
> +++ b/hw/virtio-balloon.c
> @@ -211,11 +211,15 @@ static void virtio_balloon_save(QEMUFile *f, void 
> *opaque)
>  static int virtio_balloon_load(QEMUFile *f, void *opaque, int version_id)
>  {
>  VirtIOBalloon *s = opaque;
> +int ret;
>  
>  if (version_id != 1)
>  return -EINVAL;
>  
> -virtio_load(&s->vdev, f);
> +ret = virtio_load(&s->vdev, f);
> +if (ret) {
> +return ret;
> +}
>  
>  s->num_pages = qemu_get_be32(f);
>  s->actual = qemu_get_be32(f);
> diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
> index 49990f8..d4bb400 100644
> --- a/hw/virtio-blk.c
> +++ b/hw/virtio-blk.c
> @@ -537,11 +537,16 @@ static void virtio_blk_save(QEMUFile *f, void *opaque)
>  static int virtio_blk_load(QEMUFile *f, void *opaque, int version_id)
>  {
>  VirtIOBlock *s = opaque;
> +int ret;
>  
>  if (version_id != 2)
>  return -EINVAL;
>  
> -virtio_load(&s->vdev, f);
> +ret = virtio_load(&s->vdev, f);
> +if (ret) {
> +return ret;
> +}
> +
>  while (qemu_get_sbyte(f)) {
>  VirtIOBlockReq *req = virtio_blk_alloc_request(s);
>  qemu_get_buffer(f, (unsigned char*)&req->elem, sizeof(req->elem));
> diff --git a/hw/virtio-net.c b/hw/virtio-net.c
> index bc5e3a8..3f190d4 100644
> --- a/hw/virtio-net.c
> +++ b/hw/virtio-net.c
> @@ -891,11 +891,15 @@ static int virtio_net_load(QEMUFile *f, void *opaque, 
> int version_id)
>  {
>  VirtIONet *n = opaque;
>  int i;
> +int ret;
>  
>  if (version_id < 2 || version_id > VIRTIO_NET_VM_VERSION)
>  return -EINVAL;
>  
> -virtio_load(&n->vdev, f);
> +ret = virtio_load(&n->vdev, f);
> +if (ret) {
> +return ret;
> +}
>  
>  qemu_get_buffer(f, n->mac, ETH_ALEN);
>  n->tx_waiting = qemu_get_be32(f);
> diff --git a/hw/virtio-scsi.c b/hw/virtio-scsi.c
> index e607edc..9797847 100644
> --- a/hw/virtio-scsi.c
> +++ b/hw/virtio-scsi.c
> @@ -558,7 +558,12 @@ static void virtio_scsi_save(QEMUFile *f, void *opaque)
>  static int virtio_scsi_load(QEMUFile *f, void *opaque, int version_id)
>  {
>  VirtIOSCSI *s = opaque;
> -virtio_load(&s->vdev, f);
> +int ret;
> +
> +ret = virtio_load(&s->vdev, f);
> +if (ret) {
> +return ret;
> +}
>  return 0;
>  }
>  
> diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
> index e22940e..4a33872 100644
> --- a/hw/virtio-serial-bus.c
> +++ b/hw/virtio-serial-bus.c
> @@ -590,13 +590,17 @@ static int virtio_serial_load(QEMUFile *f, void 
> *opaque, int version_id)
>  VirtIOSerialPort *port;
>  uint32_t max_nr_ports, nr_active_ports, ports_map;
>  unsigned int i;
> +int ret;
>  
>  if (version_id > 3) {
>  return -EINVAL;
>  }
>  
>  /* The virtio device */
> -virtio_load(&s->vdev, f);
> +ret = virtio_load(&s->vdev, f);
> +if (ret) {
> +return ret;
> +}
>  
>  if (version_id < 2) {
>  return 0;
> -- 
> 1.7.6.5

[Qemu-devel] [PULL] kvm updates

[Avi Kivity]

This batch of updates is mostly Jan's rework of qemu-kvm's TPR
optimization for 32-bit Windows, making Windows XP much faster with kvm
enabled on older Intel and any AMD hardware.  Any similarities to the
original hack are purely coincidental.

Please pull from:

  git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git uq/master


Avi Kivity (1):
  pc-bios: update kvmvapic.bin

Gleb Natapov (1):
  kvm: Synchronize cpu state in kvm_arch_stop_on_emulation_error()

Jan Kiszka (10):
  kvm: Set cpu_single_env only once
  Remove useless casts from cpu iterators
  Process pending work while waiting for initial kick-off in TCG mode
  Allow to use pause_all_vcpus from VCPU context
  target-i386: Add infrastructure for reporting TPR MMIO accesses
  kvmvapic: Add option ROM
  kvmvapic: Introduce TPR access optimization for Windows guests
  kvmvapic: Simplify mp/up_set_tpr
  optionsrom: Reserve space for checksum
  kvmvapic: Use optionrom helpers

 .gitignore|1 +
 Makefile  |2 +-
 Makefile.target   |3 +-
 cpu-all.h |3 +-
 cpus.c|   26 ++-
 hw/apic.c |  126 ++-
 hw/apic.h |2 +
 hw/apic_common.c  |   69 -
 hw/apic_internal.h|   27 ++
 hw/kvm/apic.c |   32 ++
 hw/kvmvapic.c |  805
+
 hw/mc146818rtc.c  |5 +-
 kvm-all.c |5 -
 pc-bios/kvmvapic.bin  |  Bin 0 -> 9216 bytes
 pc-bios/optionrom/Makefile|2 +-
 pc-bios/optionrom/kvmvapic.S  |  335 +
 pc-bios/optionrom/optionrom.h |3 +-
 target-i386/cpu.h |   10 +
 target-i386/helper.c  |   16 +
 target-i386/kvm.c |   26 ++-
 20 files changed, 1468 insertions(+), 30 deletions(-)
 create mode 100644 hw/kvmvapic.c
 create mode 100755 pc-bios/kvmvapic.bin
 create mode 100644 pc-bios/optionrom/kvmvapic.S

-- 
error compiling committee.c: too many arguments to function

[Qemu-devel] [PULL v2] Memory core space reduction

[Avi Kivity]

This is the current memory queue (posted as two separate series before
my vacation).  When applied, the overhead of 16 bytes/page is reduced to
basically nil.

Please pull from:

  git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git memory/core

v2: fix memory corruption in first patch


Avi Kivity (30):
  ioport: change portio_list not to use memory_region_set_offset()
  memory: remove memory_region_set_offset()
  memory: add shorthand for invoking a callback on all listeners
  memory: switch memory listeners to a QTAILQ
  memory: code motion: move MEMORY_LISTENER_CALL()
  memory: move ioeventfd ops to MemoryListener
  memory: add a readonly attribute to MemoryRegionSection
  memory: don't pass ->readable attribute to
cpu_register_physical_memory_log
  memory: use a MemoryListener for core memory map updates too
  memory: drop AddressSpaceOps
  memory: allow MemoryListeners to observe a specific address space
  xen: ignore I/O memory regions
  memory: split memory listener for the two address spaces
  memory: support stateless memory listeners
  memory: change memory registration to rebuild the memory map on
each change
  memory: remove first level of l1_phys_map
  memory: unify phys_map last level with intermediate levels
  memory: store MemoryRegionSection pointers in phys_map
  memory: compress phys_map node pointers to 16 bits
  memory: fix RAM subpages in newly initialized pages
  memory: unify the two branches of cpu_register_physical_memory_log()
  memory: move tlb flush to MemoryListener commit callback
  memory: make phys_page_find() return a MemoryRegionSection
  memory: give phys_page_find() its own tree search loop
  memory: simplify multipage/subpage registration
  memory: replace phys_page_find_alloc() with phys_page_set()
  memory: switch phys_page_set() to a recursive implementation
  memory: change phys_page_set() to set multiple pages
  memory: unify PhysPageEntry::node and ::leaf
  memory: allow phys_map tree paths to terminate early

 exec-obsolete.h |5 +-
 exec.c  |  875
---
 hw/vhost.c  |   33 ++-
 ioport.c|   28 ++-
 ioport.h|1 +
 kvm-all.c   |   97 ++-
 memory.c|  328 +-
 memory.h|   26 +-
 xen-all.c   |   33 ++-
 9 files changed, 912 insertions(+), 514 deletions(-)

-- 
error compiling committee.c: too many arguments to function

Re: [Qemu-devel] [PATCH] MSI / MSIX injection for Xen HVM

[Paolo Bonzini]

Il 01/03/2012 12:51, Wei Liu ha scritto:
> On Thu, 2012-03-01 at 11:22 +, Jan Kiszka wrote:
>> On 2012-03-01 11:20, Wei Liu wrote:
 However, you know that you miss those (uncommon) messages that are
 injected via DMA? They end up directly in apic_deliver_msi (where KVM
 will once pick them up as well).

>>>
>>> Thanks for pointing this out. However I cannot find apic_deliver_msi in
>>> qemu-kvm or upstream qemu tree. I can only find apic_send_msi and
>>> apic_deliver_irq, none of which seems to be KVM-specific. Can you please
>>> give me some pointer on this?
>>
>> Yes, apic_send_msi. I was accidentally looking at my msi refactoring tree.
>>
>> Jan
>>
> 
> New version of this patch.
> 
> --8<--
> From d20edc78c71827da9f8be3308c0d473fec03b705 Mon Sep 17 00:00:00 2001
> From: Wei Liu 
> Date: Wed, 29 Feb 2012 16:46:41 +
> Subject: [PATCH] MSI / MSIX injection for Xen.
> 
> This is supposed to be used in conjunction with Xen's
> hypercall interface for emualted MSI / MSIX injection.
> 
> Signed-off-by: Wei Liu 
> ---
>  hw/apic.c  |   10 --
>  hw/msi.c   |7 ++-
>  hw/msix.c  |8 +++-
>  hw/xen.h   |1 +
>  xen-all.c  |5 +
>  xen-stub.c |4 
>  6 files changed, 31 insertions(+), 4 deletions(-)
> 
> diff --git a/hw/apic.c b/hw/apic.c
> index ff9d24e..9fc0b17 100644
> --- a/hw/apic.c
> +++ b/hw/apic.c
> @@ -22,6 +22,7 @@
>  #include "host-utils.h"
>  #include "trace.h"
>  #include "pc.h"
> +#include "xen.h"
>  
>  #define MAX_APIC_WORDS 8
>  
> @@ -641,8 +642,13 @@ static void apic_send_msi(target_phys_addr_t addr, 
> uint32_t data)
>  uint8_t dest_mode = (addr >> MSI_ADDR_DEST_MODE_SHIFT) & 0x1;
>  uint8_t trigger_mode = (data >> MSI_DATA_TRIGGER_SHIFT) & 0x1;
>  uint8_t delivery = (data >> MSI_DATA_DELIVERY_MODE_SHIFT) & 0x7;
> -/* XXX: Ignore redirection hint. */
> -apic_deliver_irq(dest, dest_mode, delivery, vector, trigger_mode);
> +
> +if (xen_enabled()) {
> +xen_hvm_inject_msi(addr, data);
> +} else {
> +/* XXX: Ignore redirection hint. */
> +apic_deliver_irq(dest, dest_mode, delivery, vector, trigger_mode);
> +}
>  }
>  
>  static void apic_mem_writel(void *opaque, target_phys_addr_t addr, uint32_t 
> val)
> diff --git a/hw/msi.c b/hw/msi.c
> index 5d6ceb6..b11eeac 100644
> --- a/hw/msi.c
> +++ b/hw/msi.c
> @@ -20,6 +20,7 @@
>  
>  #include "msi.h"
>  #include "range.h"
> +#include "xen.h"
>  
>  /* Eventually those constants should go to Linux pci_regs.h */
>  #define PCI_MSI_PENDING_32  0x10
> @@ -257,7 +258,11 @@ void msi_notify(PCIDevice *dev, unsigned int vector)
> "notify vector 0x%x"
> " address: 0x%"PRIx64" data: 0x%"PRIx32"\n",
> vector, address, data);
> -stl_le_phys(address, data);
> +if (xen_enabled()) {
> +xen_hvm_inject_msi(address, data);
> +} else {
> +stl_le_phys(address, data);
> +}
>  }
>  
>  /* call this function after updating configs by pci_default_write_config(). 
> */
> diff --git a/hw/msix.c b/hw/msix.c
> index 3835eaa..cba302e 100644
> --- a/hw/msix.c
> +++ b/hw/msix.c
> @@ -19,6 +19,7 @@
>  #include "msix.h"
>  #include "pci.h"
>  #include "range.h"
> +#include "xen.h"
>  
>  #define MSIX_CAP_LENGTH 12
>  
> @@ -365,7 +366,12 @@ void msix_notify(PCIDevice *dev, unsigned vector)
>  
>  address = pci_get_quad(table_entry + PCI_MSIX_ENTRY_LOWER_ADDR);
>  data = pci_get_long(table_entry + PCI_MSIX_ENTRY_DATA);
> -stl_le_phys(address, data);
> +
> +if (xen_enabled()) {
> +xen_hvm_inject_msi(address, data);
> +} else {
> +stl_le_phys(address, data);
> +}
>  }
>  
>  void msix_reset(PCIDevice *dev)
> diff --git a/hw/xen.h b/hw/xen.h
> index b46879c..e5926b7 100644
> --- a/hw/xen.h
> +++ b/hw/xen.h
> @@ -34,6 +34,7 @@ static inline int xen_enabled(void)
>  int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num);
>  void xen_piix3_set_irq(void *opaque, int irq_num, int level);
>  void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int 
> len);
> +void xen_hvm_inject_msi(uint64_t addr, uint32_t data);
>  void xen_cmos_set_s3_resume(void *opaque, int irq, int level);
>  
>  qemu_irq *xen_interrupt_controller_init(void);
> diff --git a/xen-all.c b/xen-all.c
> index b0ed1ed..78c6df3 100644
> --- a/xen-all.c
> +++ b/xen-all.c
> @@ -122,6 +122,11 @@ void xen_piix_pci_write_config_client(uint32_t address, 
> uint32_t val, int len)
>  }
>  }
>  
> +void xen_hvm_inject_msi(uint64_t addr, uint32_t data)
> +{
> +xc_hvm_inject_msi(xen_xc, xen_domid, addr, data);
> +}
> +
>  static void xen_suspend_notifier(Notifier *notifier, void *data)
>  {
>  xc_set_hvm_param(xen_xc, xen_domid, HVM_PARAM_ACPI_S_STATE, 3);
> diff --git a/xen-stub.c b/xen-stub.c
> index 9ea02d4..8ff2b79 100644
> --- a/xen-stub.c
> +++ b/xen-stub.c
> @@ -29,6 +29,10 @@ void xen_piix_pci_write_config_client(uint32_t address, 
> uint32_t va

Re: [Qemu-devel] [PATCH] qed: do not evict in-use L2 table cache entries

[Benoît Canet]

Tested-by: Benoît Canet 

On Mon, Feb 27, 2012 at 2:16 PM, Stefan Hajnoczi <
stefa...@linux.vnet.ibm.com> wrote:

> The L2 table cache reduces QED metadata reads that would be required
> when translating LBAs to offsets into the image file.  Since requests
> execute in parallel it is possible to share an L2 table between multiple
> requests.
>
> There is a potential data corruption issue when an in-use L2 table is
> evicted from the cache because the following situation occurs:
>
>  1. An allocating write performs an update to L2 table "A".
>
>  2. Another request needs L2 table "B" and causes table "A" to be
> evicted.
>
>  3. A new read request needs L2 table "A" but it is not cached.
>
> As a result the L2 update from #1 can overlap with the L2 fetch from #3.
> We must avoid doing overlapping I/O requests here since the worst case
> outcome is that the L2 fetch completes before the L2 update and yields
> stale data.  In that case we would effectively discard the L2 update and
> lose data clusters!
>
> Thanks to Benoît Canet  for extensive testing
> and debugging which lead to discovery of this bug.
>
> Reported-by: Benoît Canet 
> Signed-off-by: Stefan Hajnoczi 
> ---
> Please include this in -stable once it has been merged into
> qemu.git/master.
>
>  block/qed-l2-cache.c |   22 ++
>  1 files changed, 18 insertions(+), 4 deletions(-)
>
> diff --git a/block/qed-l2-cache.c b/block/qed-l2-cache.c
> index 02b81a2..e9b2aae 100644
> --- a/block/qed-l2-cache.c
> +++ b/block/qed-l2-cache.c
> @@ -161,11 +161,25 @@ void qed_commit_l2_cache_entry(L2TableCache
> *l2_cache, CachedL2Table *l2_table)
> return;
> }
>
> +/* Evict an unused cache entry so we have space.  If all entries are
> in use
> + * we can grow the cache temporarily and we try to shrink back down
> later.
> + */
> if (l2_cache->n_entries >= MAX_L2_CACHE_SIZE) {
> -entry = QTAILQ_FIRST(&l2_cache->entries);
> -QTAILQ_REMOVE(&l2_cache->entries, entry, node);
> -l2_cache->n_entries--;
> -qed_unref_l2_cache_entry(entry);
> +CachedL2Table *next;
> +QTAILQ_FOREACH_SAFE(entry, &l2_cache->entries, node, next) {
> +if (entry->ref > 1) {
> +continue;
> +}
> +
> +QTAILQ_REMOVE(&l2_cache->entries, entry, node);
> +l2_cache->n_entries--;
> +qed_unref_l2_cache_entry(entry);
> +
> +/* Stop evicting when we've shrunk back to max size */
> +if (l2_cache->n_entries < MAX_L2_CACHE_SIZE) {
> +break;
> +}
> +}
> }
>
> l2_cache->n_entries++;
> --
> 1.7.9
>
>
>

[Qemu-devel] [RFC PATCH v5 06/14] trace: [tracetool] Process the "disable" event property

[Harsh Prateek Bora]

From: Lluís Vilanova 

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 scripts/tracetool.py |   20 +++-
 1 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 3502524..1cf5c8f 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -304,6 +304,9 @@ def dtrace_d(events):
 print
 print '};'
 
+def dtrace_nop_d(events):
+pass
+
 def dtrace_stp(events):
 for event in events:
 # Define prototype for probe arguments
@@ -325,6 +328,9 @@ probe %(probeprefix)s.%(name)s = 
process("%(binary)s").mark("%(name)s")
 print '}'
 print
 
+def dtrace_nop_stp(events):
+pass
+
 def trace_stap_begin():
 print '/* This file is autogenerated by tracetool, do not edit. */'
 
@@ -348,6 +354,8 @@ converters = {
 'nop': {
 'h': nop_h,
 'c': nop_c,
+'d': dtrace_nop_d,
+'stap': dtrace_nop_stp,
 },
 
 'stderr': {
@@ -498,17 +506,11 @@ def main():
 if probeprefix == "":
 probeprefix = 'qemu.' + targettype + '.' + targetarch
 
-disabled_events, enabled_events = [], []
-for e in read_events(sys.stdin):
-if 'disable' in e.properties:
-disabled_events.append(e)
-else:
-enabled_events.append(e)
+events = read_events(sys.stdin)
 
 trace_gen[output]['begin']()
-if output == 'h': # disabled events
-converters['nop'][output](disabled_events)
-converters[backend][output](enabled_events)
+converters[backend][output]([ e for e in events if 'disable' not in 
e.properties ])
+converters['nop'][output]([ e for e in events if 'disable' in e.properties 
])
 trace_gen[output]['end']()
 
 if __name__ == "__main__":
-- 
1.7.1.1

[Qemu-devel] [RFC PATCH v5 12/14] monitor: remove unused do_info_trace

[Harsh Prateek Bora]

Going forward with simpletrace v2 variable size trace records, we cannot
have a generic function to print trace event info and therefore this
interface becomes invalid.

As per Stefan Hajnoczi:

"This command is only available from the human monitor.  It's not very
useful because it historically hasn't been able to pretty-print events
or show them in the right order (we use a ringbuffer but it prints
them out from index 0).

Therefore, I don't think we're under any obligation to keep this
command around.  No one has complained about it's limitations - I
think this is a sign that no one has used it.  I'd be okay with a
patch that removes it."

Ref: http://lists.gnu.org/archive/html/qemu-devel/2012-01/msg01268.html

Signed-off-by: Harsh Prateek Bora 
---
 monitor.c |   16 
 1 files changed, 0 insertions(+), 16 deletions(-)

diff --git a/monitor.c b/monitor.c
index ffda0fe..365ce47 100644
--- a/monitor.c
+++ b/monitor.c
@@ -942,13 +942,6 @@ static void do_info_cpu_stats(Monitor *mon)
 }
 #endif
 
-#if defined(CONFIG_TRACE_SIMPLE)
-static void do_info_trace(Monitor *mon)
-{
-st_print_trace((FILE *)mon, &monitor_fprintf);
-}
-#endif
-
 static void do_trace_print_events(Monitor *mon)
 {
 trace_print_events((FILE *)mon, &monitor_fprintf);
@@ -3033,15 +3026,6 @@ static const mon_cmd_t info_cmds[] = {
 .help   = "show roms",
 .mhandler.info = do_info_roms,
 },
-#if defined(CONFIG_TRACE_SIMPLE)
-{
-.name   = "trace",
-.args_type  = "",
-.params = "",
-.help   = "show current contents of trace buffer",
-.mhandler.info = do_info_trace,
-},
-#endif
 {
 .name   = "trace-events",
 .args_type  = "",
-- 
1.7.1.1

[Qemu-devel] [RFC PATCH v5 14/14] scripts/simpltrace.py changes: Support simplettrace v2

[Harsh Prateek Bora]

Added support for Simpletrace v2 log format

Signed-off-by: Harsh Prateek Bora 
---
 scripts/simpletrace.py |  137 +---
 1 files changed, 94 insertions(+), 43 deletions(-)

diff --git a/scripts/simpletrace.py b/scripts/simpletrace.py
index f55e5e6..05a7c4f 100755
--- a/scripts/simpletrace.py
+++ b/scripts/simpletrace.py
@@ -12,53 +12,78 @@
 import struct
 import re
 import inspect
+from tracetool import *
 
 header_event_id = 0x
 header_magic= 0xf2b177cb0aa429b4
-header_version  = 0
+log_version = 0
 dropped_event_id = 0xfffe
 
-trace_fmt = '='
-trace_len = struct.calcsize(trace_fmt)
-event_re  = re.compile(r'(disable\s+)?([a-zA-Z0-9_]+)\(([^)]*)\).*')
+log_header_fmt = '=QQQ'
+rec_header_fmt = '=QQII'
+trace_v1_fmt = '='
+trace_v1_len = struct.calcsize(trace_v1_fmt)
 
-def parse_events(fobj):
-"""Parse a trace-events file into {event_num: (name, arg1, ...)}."""
-
-def get_argnames(args):
-"""Extract argument names from a parameter list."""
-return tuple(arg.split()[-1].lstrip('*') for arg in args.split(','))
-
-events = {dropped_event_id: ('dropped', 'count')}
-event_num = 0
-for line in fobj:
-m = event_re.match(line.strip())
-if m is None:
-continue
-
-disable, name, args = m.groups()
-events[event_num] = (name,) + get_argnames(args)
-event_num += 1
-return events
-
-def read_record(fobj):
-"""Deserialize a trace record from a file into a tuple (event_num, 
timestamp, arg1, ..., arg6)."""
-s = fobj.read(trace_len)
-if len(s) != trace_len:
+def read_header(fobj, hfmt):
+'''Read a trace record header'''
+hlen = struct.calcsize(hfmt)
+hdr = fobj.read(hlen)
+if len(hdr) != hlen:
 return None
-return struct.unpack(trace_fmt, s)
+return struct.unpack(hfmt, hdr)
 
-def read_trace_file(fobj):
+def get_record(edict, rechdr, fobj):
+"""Deserialize a simpletrace v2 record from a file into a tuple 
(event_num, timestamp, arg1, ..., arg6)."""
+if rechdr is None:
+return None
+rec = (rechdr[0], rechdr[1])
+if rechdr[0] != dropped_event_id:
+event_id = rechdr[0]
+event = edict[event_id]
+for type, name in event.args:
+if type_is_string(type):
+l = fobj.read(4)
+(len,) = struct.unpack('=L', l)
+s = fobj.read(len)
+rec = rec + (s,)
+else:
+(value,) = struct.unpack('=Q', fobj.read(8))
+rec = rec + (value,)
+else:
+(value,) = struct.unpack('=Q', fobj.read(8))
+rec = rec + (value,)
+return rec
+
+
+def read_record(edict, fobj):
+"""Deserialize a trace record from a file into a tuple (event_num, 
timestamp, arg1, ..., arg6)."""
+if log_version == 0:
+s = fobj.read(trace_v1_len)
+if len(s) != trace_v1_len:
+return None
+return struct.unpack(trace_v1_fmt, s)
+if log_version == 2:
+rechdr = read_header(fobj, rec_header_fmt)
+return get_record(edict, rechdr, fobj) # return tuple of record 
elements
+
+def read_trace_file(edict, fobj):
 """Deserialize trace records from a file, yielding record tuples 
(event_num, timestamp, arg1, ..., arg6)."""
-header = read_record(fobj)
+global log_version
+header = read_header(fobj, log_header_fmt)
 if header is None or \
header[0] != header_event_id or \
-   header[1] != header_magic or \
-   header[2] != header_version:
-raise ValueError('not a trace file or incompatible version')
+   header[1] != header_magic:
+raise ValueError('not a valid trace file')
+if header[2] != 0 and \
+   header[2] != 2:
+raise ValueError('trace file version not supported')
+
+log_version = header[2]
+if log_version == 0:
+temp = fobj.read(40) # read unused header bytes
 
 while True:
-rec = read_record(fobj)
+rec = read_record(edict, fobj)
 if rec is None:
 break
 
@@ -89,16 +114,28 @@ class Analyzer(object):
 def process(events, log, analyzer):
 """Invoke an analyzer on each event in a log."""
 if isinstance(events, str):
-events = parse_events(open(events, 'r'))
+events = read_events(open(events, 'r'))
 if isinstance(log, str):
 log = open(log, 'rb')
 
+enabled_events = []
+edict = {dropped_event_id: 'dropped_count'}
+
+for e in events:
+if 'disable' not in e.properties:
+enabled_events.append(e)
+for num, event in enumerate(enabled_events):
+edict[num] = event
+
 def build_fn(analyzer, event):
-fn = getattr(analyzer, event[0], None)
+if isinstance(event, str):
+return analyzer.catchall
+
+fn = getattr(analyzer, event.name, None)
 if fn is None:
 return analyzer.catchall
 

[Qemu-devel] [RFC PATCH v5 00/14] Tracing Improvements, Simpletrace v2

[Harsh Prateek Bora]

This patchset introduces 2 major updates:

1) Tracetool Improvements (Conversion from shell script to python)
2) Simpletrace v2 log format (Support for variable args, strings)

Existing simple trace can log upto 6 args per trace event and does not
support strings in trace record format. Introducing new trace format as
discussed earlier on list to support variable number/size of arguments.
Basic testing of new tracelog format is successful. Stress testing not yet
done.

Apply patches, then run:

make distclean
./configure with --enable-trace-backend=simple
make
sudo make install

Sample tracelog showing strings support:
[harsh@harshbora v9fs]$ scripts/simpletrace.py trace-events trace-23261
v9fs_version 0.000 tag=65535 id=100 msize=8192 version=9P2000.L
v9fs_version_return 17.530 tag=65535 id=100 msize=8192 version=9P2000.L
v9fs_attach 180.121 tag=1 id=104 fid=0 afid=18446744073709551615
uname=nobody aname=

Note: Other backends are only compile tested.

Version History:
v5:
- trace/simple.c: Introduced new struct TraceRecordHeader for log header
  consistency
- Addressed Stefan's review comments for scripts/simpletrace.py

v4:
- Addressed Stefan's review comments for tracetool, trace/simple.*
- Adressed Fast producer, Slow consumer problem
- Isolated tracetool python conversion patch from simpletrace v2 changes.
- Included improvements and fixes from Lluis Vilanova
TODO: Update simpletrace.py for simpletrace v2 log format.

v3:
- Added support for LTTng ust trace backend in tracetool.py

v2:
- Updated tracetool.py to support nop, stderr, dtrace backend

v1:
- Working protoype with tracetool.py converted only for simpletrace backend

Harsh Prateek Bora (4):
  Converting tracetool.sh to tracetool.py
  monitor: remove unused do_info_trace
  Simpletrace v2: Handle var num of args, strings.
  scripts/simpltrace.py changes

Lluís Vilanova (10):
  trace: [tracetool] Do not rebuild event list in backend code
  trace: [tracetool] Simplify event line parsing
  trace: [tracetool] Do not precompute the event number
  trace: [tracetool] Add support for event properties
  trace: [tracetool] Process the "disable" event property
  trace: [tracetool] Rewrite event argument parsing
  trace: [tracetool] Make format-specific code optional with access to
events
  trace: [tracetool] Automatically establish available backends and
formats
  trace: Provide a per-event status define for conditional compilation
  trace: [tracetool] Add error-reporting functions

 Makefile.objs  |6 +-
 Makefile.target|   13 +-
 configure  |7 +-
 docs/tracing.txt   |   50 -
 monitor.c  |   16 --
 scripts/simpletrace.py |  139 
 scripts/tracetool  |  643 
 scripts/tracetool.py   |  635 +++
 trace/simple.c |  238 ++
 trace/simple.h |   38 +++-
 10 files changed, 954 insertions(+), 831 deletions(-)
 delete mode 100755 scripts/tracetool
 create mode 100755 scripts/tracetool.py

[Qemu-devel] [RFC PATCH v5 01/14] Converting tracetool.sh to tracetool.py

[Harsh Prateek Bora]

Signed-off-by: Harsh Prateek Bora 
---
 Makefile.objs|6 +-
 Makefile.target  |   10 +-
 configure|7 +-
 scripts/tracetool|  643 --
 scripts/tracetool.py |  534 +
 5 files changed, 546 insertions(+), 654 deletions(-)
 delete mode 100755 scripts/tracetool
 create mode 100755 scripts/tracetool.py

diff --git a/Makefile.objs b/Makefile.objs
index 804bc3c..984034a 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -344,12 +344,12 @@ else
 trace.h: trace.h-timestamp
 endif
 trace.h-timestamp: $(SRC_PATH)/trace-events $(BUILD_DIR)/config-host.mak
-   $(call quiet-command,sh $(SRC_PATH)/scripts/tracetool 
--$(TRACE_BACKEND) -h < $< > $@,"  GEN   trace.h")
+   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py 
--backend=$(TRACE_BACKEND) -h < $< > $@,"  GEN   trace.h")
@cmp -s $@ trace.h || cp $@ trace.h
 
 trace.c: trace.c-timestamp
 trace.c-timestamp: $(SRC_PATH)/trace-events $(BUILD_DIR)/config-host.mak
-   $(call quiet-command,sh $(SRC_PATH)/scripts/tracetool 
--$(TRACE_BACKEND) -c < $< > $@,"  GEN   trace.c")
+   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py 
--backend=$(TRACE_BACKEND) -c < $< > $@,"  GEN   trace.c")
@cmp -s $@ trace.c || cp $@ trace.c
 
 trace.o: trace.c $(GENERATED_HEADERS)
@@ -362,7 +362,7 @@ trace-dtrace.h: trace-dtrace.dtrace
 # rule file. So we use '.dtrace' instead
 trace-dtrace.dtrace: trace-dtrace.dtrace-timestamp
 trace-dtrace.dtrace-timestamp: $(SRC_PATH)/trace-events 
$(BUILD_DIR)/config-host.mak
-   $(call quiet-command,sh $(SRC_PATH)/scripts/tracetool 
--$(TRACE_BACKEND) -d < $< > $@,"  GEN   trace-dtrace.dtrace")
+   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py 
--backend=$(TRACE_BACKEND) -d < $< > $@,"  GEN   trace-dtrace.dtrace")
@cmp -s $@ trace-dtrace.dtrace || cp $@ trace-dtrace.dtrace
 
 trace-dtrace.o: trace-dtrace.dtrace $(GENERATED_HEADERS)
diff --git a/Makefile.target b/Makefile.target
index 1e90df7..07b21d1 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -50,11 +50,11 @@ TARGET_TYPE=system
 endif
 
 $(QEMU_PROG).stp:
-   $(call quiet-command,sh $(SRC_PATH)/scripts/tracetool \
-   --$(TRACE_BACKEND) \
-   --binary $(bindir)/$(QEMU_PROG) \
-   --target-arch $(TARGET_ARCH) \
-   --target-type $(TARGET_TYPE) \
+   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py \
+   --backend=$(TRACE_BACKEND) \
+   --binary=$(bindir)/$(QEMU_PROG) \
+   --target-arch=$(TARGET_ARCH) \
+   --target-type=$(TARGET_TYPE) \
--stap < $(SRC_PATH)/trace-events > $(QEMU_PROG).stp,"  GEN   
$(QEMU_PROG).stp")
 else
 stap:
diff --git a/configure b/configure
index 19e8394..40a18d8 100755
--- a/configure
+++ b/configure
@@ -1040,7 +1040,7 @@ echo "  --disable-docs   disable documentation 
build"
 echo "  --disable-vhost-net  disable vhost-net acceleration support"
 echo "  --enable-vhost-net   enable vhost-net acceleration support"
 echo "  --enable-trace-backend=B Set trace backend"
-echo "   Available backends:" 
$("$source_path"/scripts/tracetool --list-backends)
+echo "   Available backends:" 
$("$source_path"/scripts/tracetool.py --list-backends)
 echo "  --with-trace-file=NAME   Full PATH,NAME of file to store traces"
 echo "   Default:trace-"
 echo "  --disable-spice  disable spice"
@@ -2477,7 +2477,7 @@ fi
 ##
 # check if trace backend exists
 
-sh "$source_path/scripts/tracetool" "--$trace_backend" --check-backend > 
/dev/null 2> /dev/null
+$python "$source_path/scripts/tracetool.py" "--backend=$trace_backend" 
--check-backend  > /dev/null 2> /dev/null
 if test "$?" -ne 0 ; then
   echo
   echo "Error: invalid trace backend"
@@ -2495,7 +2495,8 @@ if test "$trace_backend" = "ust"; then
 int main(void) { return 0; }
 EOF
   if compile_prog "" "" ; then
-LIBS="-lust $LIBS"
+LIBS="-lust -lurcu-bp $LIBS"
+libs_qga+="-lust -lurcu-bp"
   else
 echo
 echo "Error: Trace backend 'ust' missing libust header files"
diff --git a/scripts/tracetool b/scripts/tracetool
deleted file mode 100755
index 4c9951d..000
--- a/scripts/tracetool
+++ /dev/null
@@ -1,643 +0,0 @@
-#!/bin/sh
-#
-# Code generator for trace events
-#
-# Copyright IBM, Corp. 2010
-#
-# This work is licensed under the terms of the GNU GPL, version 2.  See
-# the COPYING file in the top-level directory.
-
-# Disable pathname expansion, makes processing text with '*' characters simpler
-set -f
-
-usage()
-{
-cat >&2 < return 0 if property is present, or 1 otherwise
-has_property()
-{
-local props prop
-props=${1%%\(*}
-props=${props% *}
-for prop in $props; do
-if [ "$prop" = "$2" ]; then
-ret

Re: [Qemu-devel] [PATCH 3/6] rename blockdev-group-snapshot-sync

[Luiz Capitulino]

On Wed, 29 Feb 2012 16:23:20 +0100
Paolo Bonzini  wrote:

> Il 29/02/2012 16:08, Luiz Capitulino ha scritto:
> >> > 
> >> > but it can just be omitted, I wasn't sure of how QAPI handled optionals.
> > Do you now?
> 
> Perhaps not. :)
> 
> > All optionals will be accompanied of a 'bool has_OPTIONAL_NAME', this bool
> > will be true if the optional has been passed by the caller/client or false
> > otherwise (in which case you shouldn't trust it).
> 
> My understanding was that in this case I can trust the value to be
> all-zeros (zero, false, 0.0, NULL), at least in the context of QAPI.
> The QmpInputVisitor uses g_malloc0.

Yes, as a side effect :) I mean, I don't think the reason for using g_malloc0()
was to have optionals zeroed. If we're going to count on this, then it's
better to make it explicit and/or document it.

Re: [Qemu-devel] [PATCH v2] VMXNET3 paravirtual NIC device implementation

[Dmitry Fleytman]

On Thu, Mar 1, 2012 at 1:48 PM, Michael Tokarev  wrote:
>
> On 29.02.2012 16:49, Dmitry Fleytman wrote:
>
> > Implementation of VMWare VMXNET3 paravirtual NIC device.
> > Supports of all the device features including offload capabilties,
> > VLANs and etc.
> [..]
>
> Not a review or anything (I don't know qemu networking
> internals much), just a question: does it support PXE
> booting?
>
> There appears to be an etherboot/iPXE boot rom for it, maybe
> it is  a good idea to enable pxe in this "anti-driver" too?

Hello, Michael
Thanks for your suggestion.

Boot from this device is not supported in this version.
Indeed this could be useful, we'll consider adding this feature in the future.

>
> Thanks,
>
> /mjt

Re: [Qemu-devel] [RFC PATCH v4 00/14] Tracing Improvements, Simpletrace v2

[Harsh Bora]

On 03/01/2012 11:33 AM, Harsh Bora wrote:

On 02/29/2012 01:53 AM, Lluís Vilanova wrote:

Harsh Prateek Bora writes:


This patchset introduces 2 major updates:
1) Tracetool Improvements (Conversion from shell script to python)
2) Simpletrace v2 log format (Support for variable args, strings)


ping



Hi Lluis,


Okay, I just gave it a shot now and sent the updated patch series (RFC 
PATCH v5) with updated log reader script as well. Thanks for the 
patience though !


Stefan, Would you like to consider reviewing/merging "RFC v5 PATCH" 
series now ?


regards,
Harsh


regards,
Harsh



Lluis

Re: [Qemu-devel] [PATCH 3/6] rename blockdev-group-snapshot-sync

[Paolo Bonzini]

Il 01/03/2012 14:30, Luiz Capitulino ha scritto:
>> > My understanding was that in this case I can trust the value to be
>> > all-zeros (zero, false, 0.0, NULL), at least in the context of QAPI.
>> > The QmpInputVisitor uses g_malloc0.
> Yes, as a side effect :) I mean, I don't think the reason for using 
> g_malloc0()
> was to have optionals zeroed. If we're going to count on this, then it's
> better to make it explicit and/or document it.

I removed the assumption from v2 anyway.

Paolo

[Qemu-devel] [PULL] Urgent memory fix for kvm with unaligned memory slots

[Avi Kivity]

The memory core may generate RAM memory regions that are not page
aligned, but the kvm code is not prepared to handle them well and will
abort under certain conditions.  This patch fixes the problem.

Please pull from:

  git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git memory/urgent


Avi Kivity (1):
  kvm: fix unaligned slots

 kvm-all.c |   15 ---
 1 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/kvm-all.c b/kvm-all.c
index c4babda..4b7a4ae 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -541,17 +541,26 @@ static void kvm_set_phys_mem(MemoryRegionSection
*section, bool add)
 target_phys_addr_t start_addr = section->offset_within_address_space;
 ram_addr_t size = section->size;
 void *ram = NULL;
+unsigned delta;
 
 /* kvm works in page size chunks, but the function may be called
with sub-page size and unaligned start address. */
-size = TARGET_PAGE_ALIGN(size);
-start_addr = TARGET_PAGE_ALIGN(start_addr);
+delta = TARGET_PAGE_ALIGN(size) - size;
+if (delta > size) {
+return;
+}
+start_addr += delta;
+size -= delta;
+size &= TARGET_PAGE_MASK;
+if (!size || (start_addr & ~TARGET_PAGE_MASK)) {
+return;
+}
 
 if (!memory_region_is_ram(mr)) {
 return;
 }
 
-ram = memory_region_get_ram_ptr(mr) + section->offset_within_region;
+ram = memory_region_get_ram_ptr(mr) + section->offset_within_region
+ delta;
 
 while (1) {
 mem = kvm_lookup_overlapping_slot(s, start_addr, start_addr +
size);

-- 
error compiling committee.c: too many arguments to function

[Qemu-devel] [RFC PATCH v5 08/14] trace: [tracetool] Make format-specific code optional with access to events

[Harsh Prateek Bora]

From: Lluís Vilanova 

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 scripts/tracetool.py |   32 ++--
 1 files changed, 10 insertions(+), 22 deletions(-)

diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 986dc4d..2d6f9ee 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -39,7 +39,7 @@ Options:
 '''
 sys.exit(1)
 
-def trace_h_begin():
+def trace_h_begin(events):
 print '''#ifndef TRACE_H
 #define TRACE_H
 
@@ -47,17 +47,12 @@ def trace_h_begin():
 
 #include "qemu-common.h"'''
 
-
-def trace_h_end():
+def trace_h_end(events):
 print '#endif /* TRACE_H */'
 
-
-def trace_c_begin():
+def trace_c_begin(events):
 print '/* This file is autogenerated by tracetool, do not edit. */'
 
-def trace_c_end():
-pass # nop, required for trace_gen
-
 def nop_h(events):
 print
 for event in events:
@@ -284,18 +279,12 @@ probe %(probeprefix)s.%(name)s = 
process("%(binary)s").mark("%(name)s")
 def dtrace_nop_stp(events):
 pass
 
-def trace_stap_begin():
+def trace_stap_begin(events):
 print '/* This file is autogenerated by tracetool, do not edit. */'
 
-def trace_stap_end():
-pass #nop, reqd for trace_gen
-
-def trace_d_begin():
+def trace_d_begin(events):
 print '/* This file is autogenerated by tracetool, do not edit. */'
 
-def trace_d_end():
-pass #nop, reqd for trace_gen
-
 
 # Registry of backends and their converter functions
 converters = {
@@ -331,22 +320,19 @@ converters = {
 }
 
 # Trace file header and footer code generators
-trace_gen = {
+formats = {
 'h': {
 'begin': trace_h_begin,
 'end': trace_h_end,
 },
 'c': {
 'begin': trace_c_begin,
-'end': trace_c_end,
 },
 'd': {
 'begin': trace_d_begin,
-'end': trace_d_end,
 },
 'stap': {
 'begin': trace_stap_begin,
-'end': trace_stap_end,
 },
 }
 
@@ -496,10 +482,12 @@ def main():
 
 events = read_events(sys.stdin)
 
-trace_gen[output]['begin']()
+if 'begin' in formats[output]:
+formats[output]['begin'](events)
 converters[backend][output]([ e for e in events if 'disable' not in 
e.properties ])
 converters['nop'][output]([ e for e in events if 'disable' in e.properties 
])
-trace_gen[output]['end']()
+if 'end' in formats[output]:
+formats[output]['end'](events)
 
 if __name__ == "__main__":
 main()
-- 
1.7.1.1

Re: [Qemu-devel] [PATCH v2 2/6] qapi: complete implementation of unions

[Kevin Wolf]

Am 01.03.2012 12:21, schrieb Paolo Bonzini:
> Signed-off-by: Paolo Bonzini 
> ---
>  qapi-schema-test.json |   10 ++
>  scripts/qapi-types.py |5 +
>  scripts/qapi-visit.py |   31 ++-
>  test-qmp-input-visitor.c  |   18 ++
>  test-qmp-output-visitor.c |   34 ++
>  5 files changed, 97 insertions(+), 1 deletions(-)

Makes sense to me, but before applying this patch I'd like to get an
Acked-by from Luiz.

Kevin

[Qemu-devel] [RFC PATCH v5 02/14] trace: [tracetool] Do not rebuild event list in backend code

[Harsh Prateek Bora]

From: Lluís Vilanova 

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 scripts/tracetool.py |9 +
 1 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 079ec7a..274fa70 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -257,8 +257,7 @@ def ust_c(events):
 #undef inline
 #undef wmb
 #include "trace.h"'''
-eventlist = list(events)
-for event in eventlist:
+for event in events:
 argnames = event.argnames
 if event.argc > 0:
 argnames = ', ' + event.argnames
@@ -290,7 +289,7 @@ static void ust_%(name)s_probe(%(args)s)
 print '''
 static void __attribute__((constructor)) trace_init(void)
 {'''
-for event in eventlist:
+for event in events:
 print 'register_trace_ust_%(name)s(ust_%(name)s_probe);' % {
 'name': event.name
 }
@@ -435,13 +434,15 @@ class Event(object):
 # Generator that yields Event objects given a trace-events file object
 def read_events(fobj):
 event_num = 0
+res = []
 for line in fobj:
 if not line.strip():
 continue
 if line.lstrip().startswith('#'):
continue
-yield Event(event_num, line)
+res.append(Event(event_num, line))
 event_num += 1
+return res
 
 binary = ""
 probeprefix = ""
-- 
1.7.1.1

[Qemu-devel] [PATCH] Add -netdev to man page

[Miroslav Rezanina]

There's missing -netdev description in the man page for qemu. As this is
recommended way to create network backend, lack of documentation can discourage
its usage.

-net option is preserved but marked as obsolete way.

Signed-off-by: Miroslav Rezanina 

Patch:
-
diff --git a/qemu-options.hx b/qemu-options.hx
index b129996..a1d61b6 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1292,6 +1292,268 @@ DEF("netdev", HAS_ARG, QEMU_OPTION_netdev,
 #endif
 "socket],id=str[,option][,option][,...]\n", QEMU_ARCH_ALL)
 STEXI
+@item -netdev user|tap|vde|socket,id=@var{str}[,option][,option][,...]
+
+Create a new network backend to the guest. The backend's @option{id} can be 
used with
+the @option{-device} option to connect a backend with a device, 
+e.g.
+
+@example
+-netdev user,id=mynet -device e1000,netdev=mynet
+@end example
+
+You can use following types of backend:
+
+@table @option
+
+@item -netdev user
+
+User networking is default network backend. This backend does not require root 
+priviledges, does not allow ICMP trafic and host is not directly accessible 
+from the host or the external network.
+
+Valid options are:
+
+@table @option
+
+@item restrict=y|yes|n|no
+If this options is enabled, the guest will be isolated, i.e. it will not be
+able to contact the host and no guest IP packets will be routed over the host
+to the outside. This option does not affect explicitly set forwarding rules.
+
+@item net=@var{addr}[/@var{mask}]
+Set the IP network address the guest will see. Optionally specify the netmask,
+either in the form a.b.c.d or as number of valid top-most bits. Default is
+10.0.2.0/8.
+
+@item host=@var{addr}
+Specify the guest-visible address of the host. Default is the 2nd IP in the
+guest network, i.e. x.x.x.2.
+
+@item hostname=@var{name}
+Specifies the client hostname reported by the builtin DHCP server.
+
+@item dhcpstart=@var{addr}
+Specify the first of the 16 IPs the built-in DHCP server can assign. Default
+is the 16th to 31st IP in the guest network, i.e. x.x.x.16 to x.x.x.31.
+
+@item dns=@var{addr}
+Specify the guest-visible address of the virtual nameserver. The address must
+be different from the host address. Default is the 3rd IP in the guest network,
+i.e. x.x.x.3.
+
+@item tftp=@var{dir}
+When using the user mode network stack, activate a built-in TFTP
+server. The files in @var{dir} will be exposed as the root of a TFTP server.
+The TFTP client on the guest must be configured in binary mode (use the command
+@code{bin} of the Unix TFTP client).
+
+@item bootfile=@var{file}
+When using the user mode network stack, broadcast @var{file} as the BOOTP
+filename. In conjunction with @option{tftp}, this can be used to network boot
+a guest from a local directory.
+
+Example (using pxelinux):
+@example
+qemu -hda linux.img -boot n -netdev 
user,id=netid,tftp=/path/to/tftp/files,bootfile=/pxelinux.0
+@end example
+
+@item smb=@var{dir}[,smbserver=@var{addr}]
+When using the user mode network stack, activate a built-in SMB
+server so that Windows OSes can access to the host files in @file{@var{dir}}
+transparently. The IP address of the SMB server can be set to @var{addr}. By
+default the 4th IP in the guest network is used, i.e. x.x.x.4.
+
+In the guest Windows OS, the line:
+@example
+10.0.2.4 smbserver
+@end example
+must be added in the file @file{C:\WINDOWS\LMHOSTS} (for windows 9x/Me)
+or @file{C:\WINNT\SYSTEM32\DRIVERS\ETC\LMHOSTS} (Windows NT/2000).
+
+Then @file{@var{dir}} can be accessed in @file{\\smbserver\qemu}.
+
+Note that a SAMBA server must be installed on the host OS in
+@file{/usr/sbin/smbd}. QEMU was tested successfully with smbd versions from
+Red Hat 9, Fedora Core 3 and OpenSUSE 11.x.
+
+@item 
hostfwd=[tcp|udp]:[@var{hostaddr}]:@var{hostport}-[@var{guestaddr}]:@var{guestport}
+Redirect incoming TCP or UDP connections to the host port @var{hostport} to
+the guest IP address @var{guestaddr} on guest port @var{guestport}. If
+@var{guestaddr} is not specified, its value is x.x.x.15 (default first address
+given by the built-in DHCP server). By specifying @var{hostaddr}, the rule can
+be bound to a specific host interface. If no connection type is set, TCP is
+used. This option can be given multiple times.
+
+For example, to redirect host X11 connection from screen 1 to guest
+screen 0, use the following:
+
+@example
+# on the host
+qemu -netdev user,id=netid,hostfwd=tcp:127.0.0.1:6001-:6000 [...]
+# this host xterm should open in the guest X11 server
+xterm -display :1
+@end example
+
+To redirect telnet connections from host port  to telnet port on
+the guest, use the following:
+
+@example
+# on the host
+qemu -netdev user,id=netid,hostfwd=tcp:::23 [...]
+telnet localhost 
+@end example
+
+Then when you use on the host @code{telnet localhost }, you
+connect to the guest telnet server.
+
+@item guestfwd=[tcp]:@var{server}:@var{port}-@var{dev}
+Forward guest TCP connections to the IP address @var{server} on port @var{port}
+to the charac

Re: [Qemu-devel] [PATCH] MSI / MSIX injection for Xen HVM

[Stefano Stabellini]

On Thu, 1 Mar 2012, Paolo Bonzini wrote:
> Il 01/03/2012 12:51, Wei Liu ha scritto:
> > On Thu, 2012-03-01 at 11:22 +, Jan Kiszka wrote:
> >> On 2012-03-01 11:20, Wei Liu wrote:
>  However, you know that you miss those (uncommon) messages that are
>  injected via DMA? They end up directly in apic_deliver_msi (where KVM
>  will once pick them up as well).
> 
> >>>
> >>> Thanks for pointing this out. However I cannot find apic_deliver_msi in
> >>> qemu-kvm or upstream qemu tree. I can only find apic_send_msi and
> >>> apic_deliver_irq, none of which seems to be KVM-specific. Can you please
> >>> give me some pointer on this?
> >>
> >> Yes, apic_send_msi. I was accidentally looking at my msi refactoring tree.
> >>
> >> Jan
> >>
> > 
> > New version of this patch.
> > 
> > --8<--
> > From d20edc78c71827da9f8be3308c0d473fec03b705 Mon Sep 17 00:00:00 2001
> > From: Wei Liu 
> > Date: Wed, 29 Feb 2012 16:46:41 +
> > Subject: [PATCH] MSI / MSIX injection for Xen.
> > 
> > This is supposed to be used in conjunction with Xen's
> > hypercall interface for emualted MSI / MSIX injection.
> > 
> > Signed-off-by: Wei Liu 
> > ---
> >  hw/apic.c  |   10 --
> >  hw/msi.c   |7 ++-
> >  hw/msix.c  |8 +++-
> >  hw/xen.h   |1 +
> >  xen-all.c  |5 +
> >  xen-stub.c |4 
> >  6 files changed, 31 insertions(+), 4 deletions(-)
> > 
> > diff --git a/hw/apic.c b/hw/apic.c
> > index ff9d24e..9fc0b17 100644
> > --- a/hw/apic.c
> > +++ b/hw/apic.c
> > @@ -22,6 +22,7 @@
> >  #include "host-utils.h"
> >  #include "trace.h"
> >  #include "pc.h"
> > +#include "xen.h"
> >  
> >  #define MAX_APIC_WORDS 8
> >  
> > @@ -641,8 +642,13 @@ static void apic_send_msi(target_phys_addr_t addr, 
> > uint32_t data)
> >  uint8_t dest_mode = (addr >> MSI_ADDR_DEST_MODE_SHIFT) & 0x1;
> >  uint8_t trigger_mode = (data >> MSI_DATA_TRIGGER_SHIFT) & 0x1;
> >  uint8_t delivery = (data >> MSI_DATA_DELIVERY_MODE_SHIFT) & 0x7;
> > -/* XXX: Ignore redirection hint. */
> > -apic_deliver_irq(dest, dest_mode, delivery, vector, trigger_mode);
> > +
> > +if (xen_enabled()) {
> > +xen_hvm_inject_msi(addr, data);
> > +} else {
> > +/* XXX: Ignore redirection hint. */
> > +apic_deliver_irq(dest, dest_mode, delivery, vector, trigger_mode);
> > +}
> >  }
> >  
> >  static void apic_mem_writel(void *opaque, target_phys_addr_t addr, 
> > uint32_t val)
> > diff --git a/hw/msi.c b/hw/msi.c
> > index 5d6ceb6..b11eeac 100644
> > --- a/hw/msi.c
> > +++ b/hw/msi.c
> > @@ -20,6 +20,7 @@
> >  
> >  #include "msi.h"
> >  #include "range.h"
> > +#include "xen.h"
> >  
> >  /* Eventually those constants should go to Linux pci_regs.h */
> >  #define PCI_MSI_PENDING_32  0x10
> > @@ -257,7 +258,11 @@ void msi_notify(PCIDevice *dev, unsigned int vector)
> > "notify vector 0x%x"
> > " address: 0x%"PRIx64" data: 0x%"PRIx32"\n",
> > vector, address, data);
> > -stl_le_phys(address, data);
> > +if (xen_enabled()) {
> > +xen_hvm_inject_msi(address, data);
> > +} else {
> > +stl_le_phys(address, data);
> > +}
> >  }
> >  
> >  /* call this function after updating configs by 
> > pci_default_write_config(). */
> > diff --git a/hw/msix.c b/hw/msix.c
> > index 3835eaa..cba302e 100644
> > --- a/hw/msix.c
> > +++ b/hw/msix.c
> > @@ -19,6 +19,7 @@
> >  #include "msix.h"
> >  #include "pci.h"
> >  #include "range.h"
> > +#include "xen.h"
> >  
> >  #define MSIX_CAP_LENGTH 12
> >  
> > @@ -365,7 +366,12 @@ void msix_notify(PCIDevice *dev, unsigned vector)
> >  
> >  address = pci_get_quad(table_entry + PCI_MSIX_ENTRY_LOWER_ADDR);
> >  data = pci_get_long(table_entry + PCI_MSIX_ENTRY_DATA);
> > -stl_le_phys(address, data);
> > +
> > +if (xen_enabled()) {
> > +xen_hvm_inject_msi(address, data);
> > +} else {
> > +stl_le_phys(address, data);
> > +}
> >  }
> >  
> >  void msix_reset(PCIDevice *dev)
> > diff --git a/hw/xen.h b/hw/xen.h
> > index b46879c..e5926b7 100644
> > --- a/hw/xen.h
> > +++ b/hw/xen.h
> > @@ -34,6 +34,7 @@ static inline int xen_enabled(void)
> >  int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num);
> >  void xen_piix3_set_irq(void *opaque, int irq_num, int level);
> >  void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int 
> > len);
> > +void xen_hvm_inject_msi(uint64_t addr, uint32_t data);
> >  void xen_cmos_set_s3_resume(void *opaque, int irq, int level);
> >  
> >  qemu_irq *xen_interrupt_controller_init(void);
> > diff --git a/xen-all.c b/xen-all.c
> > index b0ed1ed..78c6df3 100644
> > --- a/xen-all.c
> > +++ b/xen-all.c
> > @@ -122,6 +122,11 @@ void xen_piix_pci_write_config_client(uint32_t 
> > address, uint32_t val, int len)
> >  }
> >  }
> >  
> > +void xen_hvm_inject_msi(uint64_t addr, uint32_t data)
> > +{
> > +xc_hvm_inject_msi(xen_xc, xen_domid, addr, data);
> > +}
> > +
> >  st

Re: [Qemu-devel] [PATCH] MSI / MSIX injection for Xen HVM

[Paolo Bonzini]

Il 01/03/2012 15:06, Stefano Stabellini ha scritto:
>> > This is not a NACK, but I can't help asking.  Perhaps the fake Xen
>> > interrupt controller is a bit too simplistic?  You can add a memory
>> > region corresponding to the APICs and trap writes in that region.
>> > Writes coming from QEMU are MSIs and can be injected to the hypervisor,
>> > writes coming from the VM will be trapped by Xen before going out to QEMU.
>  
> That is a good point actually: we already have lapic emulation in Xen,
> it makes sense to have apic-msi in Xen too.
> We would still need the changes to msi_notify and msix_notify though.

Why?  The stores would just go to the Xen interrupt controller MMIO area
which then does the xc_hvm_inject_msi.

Paolo

[Qemu-devel] [RFC PATCH v5 11/14] trace: [tracetool] Add error-reporting functions

[Harsh Prateek Bora]

From: Lluís Vilanova 

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 scripts/tracetool.py |   27 +++
 1 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index dc93a1a..6cbbdd7 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -63,6 +63,13 @@ def get_format_descr(format_):
 return ""
 
 
+def error_write(*lines):
+sys.stderr.writelines(lines)
+
+def error(*lines):
+error_write(*lines)
+sys.exit(1)
+
 
 ##
 # backend auto-registration and format compatibility
@@ -521,8 +528,9 @@ def main():
 try:
 opts, args = getopt.getopt(sys.argv[1:], "", long_options)
 except getopt.GetoptError, err:
-# print help information and exit:
-print str(err) # will print something like "option -a not recognized"
+# print help information and exit
+# will print something like "option -a not recognized"
+error_write(str(err)+"\n")
 usage()
 sys.exit(2)
 for opt, arg in opts:
@@ -551,24 +559,19 @@ def main():
 usage()
 
 if format_ not in _formats:
-print "Unknown format: %s" % format_
-print
+error_write("Unknown format: %s\n\n" % format_)
 usage()
 if backend not in _backends:
-print "Unknown backend: %s" % backend
-print
+error_write("Unknown backend: %s\n\n" % backend)
 usage()
 
 if format_ == 'stap':
 if binary == "":
-print '--binary is required for SystemTAP tapset generator'
-sys.exit(1)
+error("--binary is required for SystemTAP tapset generator\n")
 if not probeprefix and  not targettype:
-print '--target-type is required for SystemTAP tapset generator'
-sys.exit(1)
+error("--target-type is required for SystemTAP tapset generator\n")
 if not probeprefix and  not targetarch:
-print '--target-arch is required for SystemTAP tapset generator'
-sys.exit(1)
+error("--target-arch is required for SystemTAP tapset generator\n")
 if probeprefix == "":
 probeprefix = 'qemu.' + targettype + '.' + targetarch
 
-- 
1.7.1.1

Re: [Qemu-devel] [PATCH v8 1/4] cadence_uart: initial version of device model

[Peter Maydell]

On 28 February 2012 07:40, Peter A. G. Crosthwaite
 wrote:
> Implemented cadence UART serial controller
>
> Signed-off-by: Peter A. G. Crosthwaite 
> Signed-off-by: John Linn 
> Acked-by: Edgar E. Iglesias 
> ---
> changed from v7:
> removed fflush() from DBPRINTF
> changed from v6:
> removed automatic interrupt clearing
> removed mask_and_right_justify
> removed redundant stop_break logic
> made tx and rx function interfaces consistent
> renamed qemu_debug() -> DB_PRINT (all)
> changed from v4:
> fixed FSF addess
> changed device_init -> type_init
> changes from v1:
> converted register file to array
> added vmsd state save/load support
> removed read side effects from CISR register
>
>  Makefile.target   |    1 +
>  hw/cadence_uart.c |  535 
> +
>  2 files changed, 536 insertions(+), 0 deletions(-)
>  create mode 100644 hw/cadence_uart.c
>
> diff --git a/Makefile.target b/Makefile.target
> index 68a5641..2021926 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -344,6 +344,7 @@ endif
>  obj-arm-y = integratorcp.o versatilepb.o arm_pic.o arm_timer.o
>  obj-arm-y += arm_boot.o pl011.o pl031.o pl050.o pl080.o pl110.o pl181.o 
> pl190.o
>  obj-arm-y += versatile_pci.o
> +obj-arm-y += cadence_uart.o
>  obj-arm-y += realview_gic.o realview.o arm_sysctl.o arm11mpcore.o a9mpcore.o
>  obj-arm-y += exynos4210_gic.o exynos4210_combiner.o exynos4210.o
>  obj-arm-y += exynos4_boards.o exynos4210_uart.o exynos4210_pwm.o
> diff --git a/hw/cadence_uart.c b/hw/cadence_uart.c
> new file mode 100644
> index 000..646f0e6
> --- /dev/null
> +++ b/hw/cadence_uart.c
> @@ -0,0 +1,535 @@
> +/*
> + * Device model for Cadence UART
> + *
> + * Copyright (c) 2010 Xilinx Inc.
> + * Copyright (c) 2012 Peter A.G. Crosthwaite 
> (peter.crosthwa...@petalogix.com)
> + * Copyright (c) 2012 PetaLogix Pty Ltd.
> + * Written by Haibing Ma
> + *            M.Habib
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * as published by the Free Software Foundation; either version
> + * 2 of the License, or (at your option) any later version.
> + *
> + * You should have received a copy of the GNU General Public License along
> + * with this program; if not, see .
> + */
> +
> +#include "sysbus.h"
> +#include "qemu-char.h"
> +#include "qemu-timer.h"
> +
> +#ifdef CADENCE_UART_ERR_DEBUG
> +#define DB_PRINT(...) do { \
> +    fprintf(stderr,  ": %s: ", __func__); \
> +    fprintf(stderr, ## __VA_ARGS__); \
> +    } while (0);
> +#else
> +    #define DB_PRINT(...)
> +#endif
> +
> +#define UART_INTR_RTRIG     0x0001
> +#define UART_INTR_REMPTY    0x0002
> +#define UART_INTR_RFUL      0x0004
> +#define UART_INTR_TEMPTY    0x0008
> +#define UART_INTR_TFUL      0x0010
> +#define UART_INTR_ROVR      0x0020
> +#define UART_INTR_FRAME     0x0040
> +#define UART_INTR_PARE      0x0080
> +#define UART_INTR_TIMEOUT   0x0100
> +#define UART_INTR_DMSI      0x0200
> +#define UART_INTR_TTRIG     0x0400
> +#define UART_INTR_TNFUL     0x0800
> +#define UART_INTR_TOVR      0x1000
> +
> +#define UART_CSR_RTRIG      0x0001
> +#define UART_CSR_REMPTY     0x0002
> +#define UART_CSR_RFUL       0x0004
> +#define UART_CSR_TEMPTY     0x0008
> +#define UART_CSR_TFUL       0x0010
> +#define UART_CSR_ROVR       0x0020
> +#define UART_CSR_FRAME      0x0040
> +#define UART_CSR_PARE       0x0080
> +#define UART_CSR_TIMEOUT    0x0100
> +#define UART_CSR_DMSI       0x0200
> +#define UART_CSR_RACTIVE    0x0400
> +#define UART_CSR_TACTIVE    0x0800
> +#define UART_CSR_FDELT      0x1000
> +#define UART_CSR_TTRIG      0x2000
> +#define UART_CSR_TNFUL      0x4000
> +
> +#define UART_CR_RXRST       0x0001
> +#define UART_CR_TXRST       0x0002
> +#define UART_CR_RX_EN       0x0004
> +#define UART_CR_RX_DIS      0x0008
> +#define UART_CR_TX_EN       0x0010
> +#define UART_CR_TX_DIS      0x0020
> +#define UART_CR_RST_TO      0x0040
> +#define UART_CR_STARTBRK    0x0080
> +#define UART_CR_STOPBRK     0x0100
> +
> +#define UART_MR_CLKS            0x0001
> +#define UART_MR_CHRL            0x0006
> +#define UART_MR_CHRL_SH         1
> +#define UART_MR_PAR             0x0038
> +#define UART_MR_PAR_SH          3
> +#define UART_MR_NBSTOP          0x00C0
> +#define UART_MR_NBSTOP_SH       6
> +#define UART_MR_CHMODE          0x0300
> +#define UART_MR_CHMODE_SH       8
> +#define UART_MR_UCLKEN          0x0400
> +#define UART_MR_IRMODE          0x0800
> +
> +#define UART_DATA_BITS_6       (0x3 << UART_MR_CHRL_SH)
> +#define UART_DATA_BITS_7       (0x2 << UART_MR_CHRL_SH)
> +#define UART_PARITY_ODD        (0x1 << UART_MR_PAR_SH)
> +#define UART_PARITY_EVEN       (0x0 << UART_MR_PAR_SH)
> +#define UART_STOP_BITS_1       (0x3 << UART_MR_NBSTOP_SH)

[Qemu-devel] [RFC PATCH v5 04/14] trace: [tracetool] Do not precompute the event number

[Harsh Prateek Bora]

From: Lluís Vilanova 

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 scripts/tracetool.py |   21 +
 1 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 84003f5..1085fc4 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -120,14 +120,14 @@ def simple_h(events):
 print '#include "trace/simple.h"'
 print
 
-for event in events:
+for num, event in enumerate(events):
 if event.argc:
 argstr = event.argnames.split()
 arg_prefix = '(uint64_t)(uintptr_t)'
 cast_args = arg_prefix + arg_prefix.join(argstr)
-simple_args = (str(event.num) + ', ' + cast_args)
+simple_args = (str(num) + ', ' + cast_args)
 else:
-simple_args = str(event.num)
+simple_args = str(num)
 
 print '''static inline void trace_%(name)s(%(args)s)
 {
@@ -139,7 +139,7 @@ def simple_h(events):
 'trace_args': simple_args
 }
 print
-print '#define NR_TRACE_EVENTS %d' % (event.num + 1)
+print '#define NR_TRACE_EVENTS %d' % len(events)
 print 'extern TraceEvent trace_list[NR_TRACE_EVENTS];'
 
 
@@ -168,7 +168,7 @@ def stderr_h(events):
 #include "trace/stderr.h"
 
 extern TraceEvent trace_list[];'''
-for event in events:
+for num, event in enumerate(events):
 argnames = event.argnames
 if event.argc > 0:
 argnames = ', ' + event.argnames
@@ -183,12 +183,12 @@ static inline void trace_%(name)s(%(args)s)
 }''' % {
 'name': event.name,
 'args': event.args,
-'event_num': event.num,
+'event_num': num,
 'fmt': event.fmt,
 'argnames': argnames
 }
 print
-print '#define NR_TRACE_EVENTS %d' % (event.num + 1)
+print '#define NR_TRACE_EVENTS %d' % len(events)
 
 def stderr_c(events):
 print '''#include "trace.h"
@@ -398,8 +398,7 @@ trace_gen = {
 cre = re.compile("(?P[^(\s]+)\((?P[^)]*)\)\s*(?P\".*)?")
 
 class Event(object):
-def __init__(self, num, line):
-self.num = num
+def __init__(self, line):
 m = cre.match(line)
 assert m is not None
 groups = m.groupdict('')
@@ -417,15 +416,13 @@ class Event(object):
 
 # Generator that yields Event objects given a trace-events file object
 def read_events(fobj):
-event_num = 0
 res = []
 for line in fobj:
 if not line.strip():
 continue
 if line.lstrip().startswith('#'):
continue
-res.append(Event(event_num, line))
-event_num += 1
+res.append(Event(line))
 return res
 
 binary = ""
-- 
1.7.1.1

[Qemu-devel] [RFC PATCH v5 13/14] Simpletrace v2: Handle var num of args, strings.

[Harsh Prateek Bora]

Advantages over existing simpletrace backend:
- More than 6 elements (vitually unlimited) arguments can be traced.
- This allows to trace strings (variable size element) as well.

Signed-off-by: Harsh Prateek Bora 
---
 scripts/tracetool.py |   82 +-
 trace/simple.c   |  238 -
 trace/simple.h   |   38 ++--
 3 files changed, 227 insertions(+), 131 deletions(-)

diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 6cbbdd7..1073818 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -178,43 +178,83 @@ def nop_c(events):
 def simple_h(events):
 print '#include "trace/simple.h"'
 print
-
-for num, event in enumerate(events):
-if len(event.args):
-argstr = event.args.names()
-arg_prefix = ', (uint64_t)(uintptr_t)'
-cast_args = arg_prefix + arg_prefix.join(argstr)
-simple_args = (str(num) + cast_args)
-else:
-simple_args = str(num)
-
-print '''static inline void trace_%(name)s(%(args)s)
-{
-trace%(argc)d(%(trace_args)s);
-}''' % {
+for event in events:
+print 'void trace_%(name)s(%(args)s);' % {
 'name': event.name,
-'args': event.args,
-'argc': len(event.args),
-'trace_args': simple_args
+'args': event.args
 }
-print
+print
 print '#define NR_TRACE_EVENTS %d' % len(events)
 print 'extern TraceEvent trace_list[NR_TRACE_EVENTS];'
 
-
 @for_backend("simple", "c")
 def simple_c(events):
 print '#include "trace.h"'
+print '#include "trace/simple.h"'
 print
 print 'TraceEvent trace_list[] = {'
 print
-
 for event in events:
 print '{.tp_name = "%(name)s", .state=0},' % {
-'name': event.name,
+'name': event.name
 }
 print
 print '};'
+print
+
+for num, event in enumerate(events):
+sizes = []
+for type_, name in event.args:
+if type_is_string(type_):
+sizes.append("4 + strlen(%s)" % name)
+else:
+sizes.append("8")
+sizestr = " + ".join(sizes)
+if len(event.args) == 0:
+sizestr = '0'
+
+print '''void trace_%(name)s(%(args)s)
+{
+TraceBufferRecord rec;
+
+if (!trace_list[%(event_id)s].state) {
+return;
+}
+
+if (trace_record_start(&rec, %(event_id)s, %(sizestr)s)) {
+return; /* Trace Buffer Full, Event Dropped ! */
+}
+''' % {
+'name': event.name,
+'args': event.args,
+'event_id': num,
+'sizestr': sizestr,
+}
+if len(event.args) > 0:
+for type_, name in event.args:
+# string
+if type_is_string(type_):
+print '''
+trace_record_write_str(&rec, %(name)s);''' % {
+'name': name
+}
+# pointer var (not string)
+elif type_.endswith('*'):
+print '''
+trace_record_write_u64(&rec, (uint64_t)(uint64_t *)%(name)s);''' % {
+'name': name
+}
+# primitive data type
+else:
+print '''
+trace_record_write_u64(&rec, (uint64_t)%(name)s);''' % {
+'name': name
+}
+
+print '''
+trace_record_finish(&rec);
+}
+'''
 
 ##
 # backend: stderr
diff --git a/trace/simple.c b/trace/simple.c
index b639dda..c3bbe72 100644
--- a/trace/simple.c
+++ b/trace/simple.c
@@ -27,7 +27,7 @@
 #define HEADER_MAGIC 0xf2b177cb0aa429b4ULL
 
 /** Trace file version number, bump if format changes */
-#define HEADER_VERSION 0
+#define HEADER_VERSION 2
 
 /** Records were dropped event ID */
 #define DROPPED_EVENT_ID (~(uint64_t)0 - 1)
@@ -35,23 +35,6 @@
 /** Trace record is valid */
 #define TRACE_RECORD_VALID ((uint64_t)1 << 63)
 
-/** Trace buffer entry */
-typedef struct {
-uint64_t event;
-uint64_t timestamp_ns;
-uint64_t x1;
-uint64_t x2;
-uint64_t x3;
-uint64_t x4;
-uint64_t x5;
-uint64_t x6;
-} TraceRecord;
-
-enum {
-TRACE_BUF_LEN = 4096,
-TRACE_BUF_FLUSH_THRESHOLD = TRACE_BUF_LEN / 4,
-};
-
 /*
  * Trace records are written out by a dedicated thread.  The thread waits for
  * records to become available, writes them out, and then waits again.
@@ -62,11 +45,41 @@ static GCond *trace_empty_cond;
 static bool trace_available;
 static bool trace_writeout_enabled;
 
-static TraceRecord trace_buf[TRACE_BUF_LEN];
+enum {
+TRACE_BUF_LEN = 4096 * 64,
+TRACE_BUF_FLUSH_THRESHOLD = TRACE_BUF_LEN / 4,
+};
+
+uint8_t trace_buf[TRACE_BUF_LEN];
 static unsigned int trace_idx;
+static unsigned int writeout_idx;
+static uint64_t dropped_events;
 static FILE *trace_fp;
 static char *trace_file_name = NULL;
 
+/* * Trace buffer entry */
+typedef struct {
+uint64_t event; /*   TraceEventID */
+uint64_t timestamp_ns;
+uint32_t length;   /*in bytes */
+uint32_t reserved; /*unused */
+uint8_t argumen

[Qemu-devel] [RFC PATCH v5 07/14] trace: [tracetool] Rewrite event argument parsing

[Harsh Prateek Bora]

From: Lluís Vilanova 

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 scripts/tracetool.py |  136 +++---
 1 files changed, 62 insertions(+), 74 deletions(-)

diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 1cf5c8f..986dc4d 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -39,44 +39,6 @@ Options:
 '''
 sys.exit(1)
 
-def get_argnames(args):
-nfields = 0
-str = []
-for field in args.split():
-  nfields = nfields + 1
-  # Drop pointer star
-  type, ptr, tail = field.partition('*')
-  if type != field:
-field = tail
-
-  name, sep, tail = field.partition(',')
-
-  if name == field:
-continue
-  str.append(name)
-  str.append(", ")
-
-if nfields > 1:
-  str.append(name)
-  return ''.join(str)
-else:
-  return ''
-
-def calc_sizeofargs(args, argc):
-str = []
-newstr = ""
-if argc > 0:
-  str = args.split(',')
-  for elem in str:
-if is_string(elem): #string
-  type, sep, var = elem.rpartition('*')
-  newstr = newstr+"4 + strlen("+var.lstrip()+") + "
-else:
-  newstr = newstr + '8 + '
-newstr = newstr + '0' # takes care of last +
-return newstr
-
-
 def trace_h_begin():
 print '''#ifndef TRACE_H
 #define TRACE_H
@@ -116,11 +78,11 @@ def simple_h(events):
 print
 
 for num, event in enumerate(events):
-if event.argc:
-argstr = event.argnames.split()
-arg_prefix = '(uint64_t)(uintptr_t)'
+if len(event.args):
+argstr = event.args.names()
+arg_prefix = ', (uint64_t)(uintptr_t)'
 cast_args = arg_prefix + arg_prefix.join(argstr)
-simple_args = (str(num) + ', ' + cast_args)
+simple_args = (str(num) + cast_args)
 else:
 simple_args = str(num)
 
@@ -130,7 +92,7 @@ def simple_h(events):
 }''' % {
 'name': event.name,
 'args': event.args,
-'argc': event.argc,
+'argc': len(event.args),
 'trace_args': simple_args
 }
 print
@@ -138,13 +100,6 @@ def simple_h(events):
 print 'extern TraceEvent trace_list[NR_TRACE_EVENTS];'
 
 
-def is_string(arg):
-strtype = ('const char*', 'char*', 'const char *', 'char *')
-if arg.lstrip().startswith(strtype):
-return True
-else:
-return False
-
 def simple_c(events):
 print '#include "trace.h"'
 print
@@ -164,11 +119,9 @@ def stderr_h(events):
 
 extern TraceEvent trace_list[];'''
 for num, event in enumerate(events):
-argnames = event.argnames
-if event.argc > 0:
-argnames = ', ' + event.argnames
-else:
-argnames = ''
+argnames = ", ".join(event.args.names())
+if len(event.args) > 0:
+argnames = ", " + argnames
 print '''
 static inline void trace_%(name)s(%(args)s)
 {
@@ -205,13 +158,13 @@ def ust_h(events):
 #undef wmb'''
 
 for event in events:
-if event.argc > 0:
+if len(event.args) > 0:
 print '''
 DECLARE_TRACE(ust_%(name)s, TP_PROTO(%(args)s), TP_ARGS(%(argnames)s));
 #define trace_%(name)s trace_ust_%(name)s''' % {
 'name': event.name,
 'args': event.args,
-'argnames': event.argnames
+'argnames': ", ".join(event.args.names())
 }
 else:
 print '''
@@ -229,9 +182,9 @@ def ust_c(events):
 #undef wmb
 #include "trace.h"'''
 for event in events:
-argnames = event.argnames
-if event.argc > 0:
-argnames = ', ' + event.argnames
+argnames = ", ".join(event.args.names())
+if len(event.args) > 0:
+argnames = ', ' + argnames
 print '''
 DEFINE_TRACE(ust_%(name)s);
 
@@ -279,7 +232,7 @@ def dtrace_h(events):
 'name': event.name,
 'args': event.args,
 'uppername': event.name.upper(),
-'argnames': event.argnames,
+'argnames': ", ".join(event.args.names()),
 }
 
 def dtrace_c(events):
@@ -318,12 +271,12 @@ probe %(probeprefix)s.%(name)s = 
process("%(binary)s").mark("%(name)s")
 'binary': binary
 }
 i = 1
-if event.argc > 0:
-for arg in event.argnames.split(','):
+if len(event.args) > 0:
+for name in event.args.names():
 # 'limit' is a reserved keyword
-if arg == 'limit':
-arg = '_limit'
-print '  %s = $arg%d;' % (arg.lstrip(), i)
+if name == 'limit':
+name = '_limit'
+print '  %s = $arg%d;' % (name.lstrip(), i)
 i += 1
 print '}'
 print
@@ -397,6 +350,47 @@ trace_gen = {
 },
 }
 
+# Event arguments
+def type_is_string(type_):
+strtype = ('const char*', 'char*', 'const char *', 'char *')
+return type_.lstrip().startswith(strtype)
+
+class Arguments:
+def __init__ (self, arg_str):
+self._args = [

[Qemu-devel] [PATCH 00/11] apply volume on client side

[Marc-André Lureau]

Hi,

This patch series was sent back in September, and reviewed by 
Gerd Hoffmann, who pointed out a few nitpicks in the build
warnings.

cheers

Marc-André Lureau (11):
  audio: add VOICE_VOLUME ctl
  audio: don't apply volume effect if backend has VOICE_VOLUME_CAP
  audio: use a nominal volume of 1^32-1
  hw/ac97: remove USE_MIXER code
  hw/ac97: the volume mask was not always 0x1f
  hw/ac97: new support for volume control
  audio/spice: add support for volume control
  Do not use pa_simple PulseAudio API
  configure: pa_simple is not needed anymore
  Allow controlling volume with PulseAudio backend
  Make mixemu mandatory

 audio/audio.c  |   25 +++-
 audio/audio_int.h  |6 +
 audio/audio_template.h |2 +
 audio/mixeng.c |6 -
 audio/paaudio.c|  452 +++-
 audio/spiceaudio.c |   41 +
 configure  |   14 +--
 hw/ac97.c  |  141 ++--
 hw/hda-audio.c |4 -
 9 files changed, 531 insertions(+), 160 deletions(-)

-- 
1.7.7.6

[Qemu-devel] [PATCH 02/11] audio: don't apply volume effect if backend has VOICE_VOLUME_CAP

[Marc-André Lureau]

---
 audio/audio.c  |9 +++--
 audio/audio_int.h  |5 +
 audio/audio_template.h |2 ++
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/audio/audio.c b/audio/audio.c
index d76c342..bd9237e 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -957,7 +957,9 @@ int audio_pcm_sw_read (SWVoiceIn *sw, void *buf, int size)
 total += isamp;
 }
 
-mixeng_volume (sw->buf, ret, &sw->vol);
+if (!(hw->ctl_caps & VOICE_VOLUME_CAP)) {
+mixeng_volume (sw->buf, ret, &sw->vol);
+}
 
 sw->clip (buf, sw->buf, ret);
 sw->total_hw_samples_acquired += total;
@@ -1041,7 +1043,10 @@ int audio_pcm_sw_write (SWVoiceOut *sw, void *buf, int 
size)
 swlim = audio_MIN (swlim, samples);
 if (swlim) {
 sw->conv (sw->buf, buf, swlim);
-mixeng_volume (sw->buf, swlim, &sw->vol);
+
+if (!(sw->hw->ctl_caps & VOICE_VOLUME_CAP)) {
+mixeng_volume (sw->buf, swlim, &sw->vol);
+}
 }
 
 while (swlim) {
diff --git a/audio/audio_int.h b/audio/audio_int.h
index 117f95e..b9b0676 100644
--- a/audio/audio_int.h
+++ b/audio/audio_int.h
@@ -82,6 +82,7 @@ typedef struct HWVoiceOut {
 int samples;
 QLIST_HEAD (sw_out_listhead, SWVoiceOut) sw_head;
 QLIST_HEAD (sw_cap_listhead, SWVoiceCap) cap_head;
+int ctl_caps;
 struct audio_pcm_ops *pcm_ops;
 QLIST_ENTRY (HWVoiceOut) entries;
 } HWVoiceOut;
@@ -101,6 +102,7 @@ typedef struct HWVoiceIn {
 
 int samples;
 QLIST_HEAD (sw_in_listhead, SWVoiceIn) sw_head;
+int ctl_caps;
 struct audio_pcm_ops *pcm_ops;
 QLIST_ENTRY (HWVoiceIn) entries;
 } HWVoiceIn;
@@ -150,6 +152,7 @@ struct audio_driver {
 int max_voices_in;
 int voice_size_out;
 int voice_size_in;
+int ctl_caps;
 };
 
 struct audio_pcm_ops {
@@ -233,6 +236,8 @@ void audio_run (const char *msg);
 #define VOICE_DISABLE 2
 #define VOICE_VOLUME 3
 
+#define VOICE_VOLUME_CAP (1 << VOICE_VOLUME)
+
 static inline int audio_ring_dist (int dst, int src, int len)
 {
 return (dst >= src) ? (dst - src) : (len - src + dst);
diff --git a/audio/audio_template.h b/audio/audio_template.h
index e62a713..519432a 100644
--- a/audio/audio_template.h
+++ b/audio/audio_template.h
@@ -263,6 +263,8 @@ static HW *glue (audio_pcm_hw_add_new_, TYPE) (struct 
audsettings *as)
 }
 
 hw->pcm_ops = drv->pcm_ops;
+hw->ctl_caps = drv->ctl_caps;
+
 QLIST_INIT (&hw->sw_head);
 #ifdef DAC
 QLIST_INIT (&hw->cap_head);
-- 
1.7.7.6

[Qemu-devel] [PATCH 05/11] hw/ac97: the volume mask was not always 0x1f

[Marc-André Lureau]

It's a case by case, which will be added appropriately.
---
 hw/ac97.c |1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/hw/ac97.c b/hw/ac97.c
index f2804e6..f7866ed 100644
--- a/hw/ac97.c
+++ b/hw/ac97.c
@@ -118,7 +118,6 @@ enum {
 #define EACS_VRA 1
 #define EACS_VRM 8
 
-#define VOL_MASK 0x1f
 #define MUTE_SHIFT 15
 
 #define REC_MASK 7
-- 
1.7.7.6

[Qemu-devel] [PATCH 04/11] hw/ac97: remove USE_MIXER code

[Marc-André Lureau]

It doesn't compile. The interesting bits for volume control are going
to be rewritten.
---
 hw/ac97.c |  121 -
 1 files changed, 0 insertions(+), 121 deletions(-)

diff --git a/hw/ac97.c b/hw/ac97.c
index c0fd019..f2804e6 100644
--- a/hw/ac97.c
+++ b/hw/ac97.c
@@ -437,99 +437,6 @@ static void reset_voices (AC97LinkState *s, uint8_t 
active[LAST_INDEX])
 AUD_set_active_in (s->voice_mc, active[MC_INDEX]);
 }
 
-#ifdef USE_MIXER
-static void set_volume (AC97LinkState *s, int index,
-audmixerctl_t mt, uint32_t val)
-{
-int mute = (val >> MUTE_SHIFT) & 1;
-uint8_t rvol = VOL_MASK - (val & VOL_MASK);
-uint8_t lvol = VOL_MASK - ((val >> 8) & VOL_MASK);
-rvol = 255 * rvol / VOL_MASK;
-lvol = 255 * lvol / VOL_MASK;
-
-#ifdef SOFT_VOLUME
-if (index == AC97_Master_Volume_Mute) {
-AUD_set_volume_out (s->voice_po, mute, lvol, rvol);
-}
-else {
-AUD_set_volume (mt, &mute, &lvol, &rvol);
-}
-#else
-AUD_set_volume (mt, &mute, &lvol, &rvol);
-#endif
-
-rvol = VOL_MASK - ((VOL_MASK * rvol) / 255);
-lvol = VOL_MASK - ((VOL_MASK * lvol) / 255);
-mixer_store (s, index, val);
-}
-
-static audrecsource_t ac97_to_aud_record_source (uint8_t i)
-{
-switch (i) {
-case REC_MIC:
-return AUD_REC_MIC;
-
-case REC_CD:
-return AUD_REC_CD;
-
-case REC_VIDEO:
-return AUD_REC_VIDEO;
-
-case REC_AUX:
-return AUD_REC_AUX;
-
-case REC_LINE_IN:
-return AUD_REC_LINE_IN;
-
-case REC_PHONE:
-return AUD_REC_PHONE;
-
-default:
-dolog ("Unknown record source %d, using MIC\n", i);
-return AUD_REC_MIC;
-}
-}
-
-static uint8_t aud_to_ac97_record_source (audrecsource_t rs)
-{
-switch (rs) {
-case AUD_REC_MIC:
-return REC_MIC;
-
-case AUD_REC_CD:
-return REC_CD;
-
-case AUD_REC_VIDEO:
-return REC_VIDEO;
-
-case AUD_REC_AUX:
-return REC_AUX;
-
-case AUD_REC_LINE_IN:
-return REC_LINE_IN;
-
-case AUD_REC_PHONE:
-return REC_PHONE;
-
-default:
-dolog ("Unknown audio recording source %d using MIC\n", rs);
-return REC_MIC;
-}
-}
-
-static void record_select (AC97LinkState *s, uint32_t val)
-{
-uint8_t rs = val & REC_MASK;
-uint8_t ls = (val >> 8) & REC_MASK;
-audrecsource_t ars = ac97_to_aud_record_source (rs);
-audrecsource_t als = ac97_to_aud_record_source (ls);
-AUD_set_record_source (&als, &ars);
-rs = aud_to_ac97_record_source (ars);
-ls = aud_to_ac97_record_source (als);
-mixer_store (s, AC97_Record_Select, rs | (ls << 8));
-}
-#endif
-
 static void mixer_reset (AC97LinkState *s)
 {
 uint8_t active[LAST_INDEX];
@@ -564,12 +471,6 @@ static void mixer_reset (AC97LinkState *s)
 mixer_store (s, AC97_PCM_LR_ADC_Rate , 0xbb80);
 mixer_store (s, AC97_MIC_ADC_Rate, 0xbb80);
 
-#ifdef USE_MIXER
-record_select (s, 0);
-set_volume (s, AC97_Master_Volume_Mute, AUD_MIXER_VOLUME  , 0x8000);
-set_volume (s, AC97_PCM_Out_Volume_Mute, AUD_MIXER_PCM, 0x8808);
-set_volume (s, AC97_Line_In_Volume_Mute, AUD_MIXER_LINE_IN, 0x8808);
-#endif
 reset_voices (s, active);
 }
 
@@ -628,20 +529,6 @@ static void nam_writew (void *opaque, uint32_t addr, 
uint32_t val)
 val |= mixer_load (s, index) & 0xf;
 mixer_store (s, index, val);
 break;
-#ifdef USE_MIXER
-case AC97_Master_Volume_Mute:
-set_volume (s, index, AUD_MIXER_VOLUME, val);
-break;
-case AC97_PCM_Out_Volume_Mute:
-set_volume (s, index, AUD_MIXER_PCM, val);
-break;
-case AC97_Line_In_Volume_Mute:
-set_volume (s, index, AUD_MIXER_LINE_IN, val);
-break;
-case AC97_Record_Select:
-record_select (s, val);
-break;
-#endif
 case AC97_Vendor_ID1:
 case AC97_Vendor_ID2:
 dolog ("Attempt to write vendor ID to %#x\n", val);
@@ -1194,14 +1081,6 @@ static int ac97_post_load (void *opaque, int version_id)
 uint8_t active[LAST_INDEX];
 AC97LinkState *s = opaque;
 
-#ifdef USE_MIXER
-record_select (s, mixer_load (s, AC97_Record_Select));
-#define V_(a, b) set_volume (s, a, b, mixer_load (s, a))
-V_ (AC97_Master_Volume_Mute, AUD_MIXER_VOLUME);
-V_ (AC97_PCM_Out_Volume_Mute, AUD_MIXER_PCM);
-V_ (AC97_Line_In_Volume_Mute, AUD_MIXER_LINE_IN);
-#undef V_
-#endif
 active[PI_INDEX] = !!(s->bm_regs[PI_INDEX].cr & CR_RPBM);
 active[PO_INDEX] = !!(s->bm_regs[PO_INDEX].cr & CR_RPBM);
 active[MC_INDEX] = !!(s->bm_regs[MC_INDEX].cr & CR_RPBM);
-- 
1.7.7.6

[Qemu-devel] [PATCH 10/11] Allow controlling volume with PulseAudio backend

[Marc-André Lureau]

---
 audio/paaudio.c |   96 ---
 1 files changed, 91 insertions(+), 5 deletions(-)

diff --git a/audio/paaudio.c b/audio/paaudio.c
index beed434..7ddc16d 100644
--- a/audio/paaudio.c
+++ b/audio/paaudio.c
@@ -664,15 +664,100 @@ static void qpa_fini_in (HWVoiceIn *hw)
 
 static int qpa_ctl_out (HWVoiceOut *hw, int cmd, ...)
 {
-(void) hw;
-(void) cmd;
+PAVoiceOut *pa = (PAVoiceOut *) hw;
+pa_operation *op;
+pa_cvolume v;
+paaudio *g = &glob_paaudio;
+
+pa_cvolume_init (&v);
+
+switch (cmd) {
+case VOICE_VOLUME:
+{
+SWVoiceOut *sw;
+va_list ap;
+
+va_start (ap, cmd);
+sw = va_arg (ap, SWVoiceOut *);
+va_end (ap);
+
+v.channels = 2;
+v.values[0] = ((PA_VOLUME_NORM - PA_VOLUME_MUTED) * sw->vol.l) / 
UINT32_MAX;
+v.values[1] = ((PA_VOLUME_NORM - PA_VOLUME_MUTED) * sw->vol.r) / 
UINT32_MAX;
+
+pa_threaded_mainloop_lock (g->mainloop);
+
+op = pa_context_set_sink_input_volume (g->context,
+pa_stream_get_index (pa->stream),
+&v, NULL, NULL);
+if (!op)
+qpa_logerr (pa_context_errno (g->context),
+"set_sink_input_volume() failed\n");
+else
+pa_operation_unref (op);
+
+op = pa_context_set_sink_input_mute (g->context,
+pa_stream_get_index (pa->stream),
+   sw->vol.mute, NULL, NULL);
+if (!op)
+qpa_logerr (pa_context_errno (g->context),
+"set_sink_input_mute() failed\n");
+else
+pa_operation_unref (op);
+
+pa_threaded_mainloop_unlock (g->mainloop);
+}
+}
 return 0;
 }
 
 static int qpa_ctl_in (HWVoiceIn *hw, int cmd, ...)
 {
-(void) hw;
-(void) cmd;
+PAVoiceIn *pa = (PAVoiceIn *) hw;
+pa_operation *op;
+pa_cvolume v;
+paaudio *g = &glob_paaudio;
+
+pa_cvolume_init (&v);
+
+switch (cmd) {
+case VOICE_VOLUME:
+{
+SWVoiceIn *sw;
+va_list ap;
+
+va_start (ap, cmd);
+sw = va_arg (ap, SWVoiceIn *);
+va_end (ap);
+
+v.channels = 2;
+v.values[0] = ((PA_VOLUME_NORM - PA_VOLUME_MUTED) * sw->vol.l) / 
UINT32_MAX;
+v.values[1] = ((PA_VOLUME_NORM - PA_VOLUME_MUTED) * sw->vol.r) / 
UINT32_MAX;
+
+pa_threaded_mainloop_lock (g->mainloop);
+
+/* FIXME: use the upcoming "set_source_output_{volume,mute}" */
+op = pa_context_set_source_volume_by_index (g->context,
+pa_stream_get_device_index (pa->stream),
+&v, NULL, NULL);
+if (!op)
+qpa_logerr (pa_context_errno (g->context),
+"set_source_volume() failed\n");
+else
+pa_operation_unref(op);
+
+op = pa_context_set_source_mute_by_index (g->context,
+pa_stream_get_index (pa->stream),
+sw->vol.mute, NULL, NULL);
+if (!op)
+qpa_logerr (pa_context_errno (g->context),
+"set_source_mute() failed\n");
+else
+pa_operation_unref (op);
+
+pa_threaded_mainloop_unlock (g->mainloop);
+}
+}
 return 0;
 }
 
@@ -801,5 +886,6 @@ struct audio_driver pa_audio_driver = {
 .max_voices_out = INT_MAX,
 .max_voices_in  = INT_MAX,
 .voice_size_out = sizeof (PAVoiceOut),
-.voice_size_in  = sizeof (PAVoiceIn)
+.voice_size_in  = sizeof (PAVoiceIn),
+.ctl_caps   = VOICE_VOLUME_CAP
 };
-- 
1.7.7.6

[Qemu-devel] [PATCH 09/11] configure: pa_simple is not needed anymore

[Marc-André Lureau]

---
 configure |6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure b/configure
index d9dde96..938c2d2 100755
--- a/configure
+++ b/configure
@@ -1845,9 +1845,9 @@ for drv in $audio_drv_list; do
 ;;
 
 pa)
-audio_drv_probe $drv pulse/simple.h "-lpulse-simple -lpulse" \
-"pa_simple *s = 0; pa_simple_free(s); return 0;"
-libs_softmmu="-lpulse -lpulse-simple $libs_softmmu"
+audio_drv_probe $drv pulse/mainloop.h "-lpulse" \
+"pa_mainloop *m = 0; pa_mainloop_free (m); return 0;"
+libs_softmmu="-lpulse $libs_softmmu"
 audio_pt_int="yes"
 ;;
 
-- 
1.7.7.6

[Qemu-devel] live migration between amd fam15h-fam10h

[Vasilis Liaskovitis]

Hi,

I am getting a frozen guest when migrating from an Opteron 6274 host (amd 
fam15h) to
an Opteron 6174 host (amd fam10h). The live migration completes succesfully, but
the guest is frozen: vcn screen is still there, but no input is possible and
no kernel output is seen. Trying "c" on the qemu-monitor does not help.
I am using "-cpu Opteron_G3" which I assumed would be ok for both host cpus.

In the opposite direction (migrating from an amd fam10h host to an amdfam15h
host) the guest continues to run on the destination. However, on most of these
successfull live migrations, I notice a "clocksource unstable" message on the
guest kernel (using the default kvm-clock clocksource) e.g.
Clocksource tsc unstable (delta = -1500533439 ns)
Same situation (guest runs on destination with clocksource unstable message)
happens when migrating between fam15h hosts (I have not tried between fam10h
hosts)

Changing the clocksource (tsc, acpi_pm, hpet) does not solve the issue.
Also tried with "-cpu kvm64" with same result.

qemu-kvm version: 0.15.1, 1.0 or qemu-kvm/master
Host kernel: 3.0.15 (on both hosts)
Guest kernel: 3.0.6 or 3.2

this is the qemu-kvm command line used on the source host: 

"
kvm -enable-kvm -m 1024 -smp 1 -cpu Opteron_G3,check -drive \
file=/opt/test.img,if=none,id=drive-virtio-disk1,format=raw,cache=writethrough,boot=on
-device 
virtio-blk-pci,bus=pci.0,addr=0x5,drive=drive-virtio-disk1,id=virtio-disk1
-monitor stdio -vnc 0.0.0.0:6 -vga std -chardev pty,id=charserial0 -device
isa-serial,chardev=charserial0,id=serial0 -usb -device usb-tablet,id=input0
"

The destination host has the same command line with an added "-incoming
tcp:". I have mainly tested this with non-shared storage (but also shared
storage has the same result). Migration is triggered with "migrate -b 
tcp:destip:"

Do the TSC microarchitecture changes in amdfam15h (see AMD SW optimiization
guide for fam15h, 47414 Rev 3.02 Appendix E) affect pvclock stability on
migration in same family or across families?

cpuid information follows in case it's helpful.

6274 host:

 eax ineax  ebx  ecx  edx
 000d 68747541 444d4163 69746e65
0001 00600f12 02100800 1e98220b 178bfbff
0002    
0003    
0004    
0005 0040 0040 0003 
0006   0001 
0007    
0008    
0009    
000a    
000b    
000c    
000d    
8000 801e 68747541 444d4163 69746e65
8001 00600f12 3000 01c9bfff 2fd3fbff
8002 20444d41 6574704f 286e6f72 20294d54
8003 636f7250 6f737365 32362072 20203437
8004 20202020 20202020 20202020 00202020
8005 ff20ff18 ff20ff30 10040140 40020140
8006 6400 64004200 08008140 0060e140
8007    03d9
8008 3030  500f 
8009    
800a 0001 0001  14ff
800b    
800c    
800d    
800e    
800f    
8010    
8011    
8012    
8013    
8014    
8015    
8016    
8017    
8018    
8019 f020f018 6400  
801a 0003   
801b 00ff   
801c  80032013 00010200 800f
801d    
801e 0022 0101 0100 

Vendor ID: "AuthenticAMD"; CPUID level 13

AMD-specific functions
Version 00600f12:
Family: 15 Model: 1 []

Standard feature flags 178bfbff:
Floating Point Unit
Virtual Mode Extensions
Debugging Extensions
Page Size Extensions
Time Stamp Counter (with RDTSC and CR4 disable bit)
Model Specific Registers with RDMSR & WRMSR
PAE - Page Address Extensions
Machine Check Exception
COMPXCHG8B Instruction
APIC
SYSCALL/SYSRET or SYSENTER/SYSEXIT instructions
MTRR - Memory Type Range Registers
Global paging extension
Machine Check Architecture
Conditional Move Instruction
PAT - Page Attribute Table
PSE-36 - Page Size Extensions
19 - reserved
MMX instructions
FXSAVE/FXRSTOR
25 - reserved
26 - reserved
28 - reserved
Generation: 15 Model: 1
Extended feature flags 2fd3fbff:
Floating Point Unit
Virtual Mode Extensions
Debugging Extensions
Page Size Ext

[Qemu-devel] [RFC PATCH v5 05/14] trace: [tracetool] Add support for event properties

[Harsh Prateek Bora]

From: Lluís Vilanova 

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 scripts/tracetool.py |   14 +++---
 1 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 1085fc4..3502524 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -39,11 +39,6 @@ Options:
 '''
 sys.exit(1)
 
-def get_properties(line, sep='('):
-head, sep, tail = line.partition(sep)
-property, sep, name = head.rpartition(' ')
-return property.split()
-
 def get_argnames(args):
 nfields = 0
 str = []
@@ -395,7 +390,9 @@ trace_gen = {
 }
 
 # A trace event
-cre = re.compile("(?P[^(\s]+)\((?P[^)]*)\)\s*(?P\".*)?")
+cre = 
re.compile("((?P.*)\s+)?(?P[^(\s]+)\((?P[^)]*)\)\s*(?P\".*)?")
+
+VALID_PROPS = set(["disable"])
 
 class Event(object):
 def __init__(self, line):
@@ -412,7 +409,10 @@ class Event(object):
 self.argnames = get_argnames(self.args)
 self.sizestr = calc_sizeofargs(self.args, self.argc)
 self.fmt = groups["fmt"]
-self.properties = get_properties(line)
+self.properties = groups["props"].split()
+unknown_props = set(self.properties) - VALID_PROPS
+if len(unknown_props) > 0:
+raise ValueError("Unknown properties: %s" % ", 
".join(unknown_props))
 
 # Generator that yields Event objects given a trace-events file object
 def read_events(fobj):
-- 
1.7.1.1

[Qemu-devel] [PATCH 06/11] hw/ac97: new support for volume control

[Marc-André Lureau]

---
 hw/ac97.c |   79 +
 1 files changed, 79 insertions(+), 0 deletions(-)

diff --git a/hw/ac97.c b/hw/ac97.c
index f7866ed..227233c 100644
--- a/hw/ac97.c
+++ b/hw/ac97.c
@@ -436,6 +436,63 @@ static void reset_voices (AC97LinkState *s, uint8_t 
active[LAST_INDEX])
 AUD_set_active_in (s->voice_mc, active[MC_INDEX]);
 }
 
+static void get_volume (uint16_t vol, uint16_t mask, int inverse,
+int *mute, uint8_t *lvol, uint8_t *rvol)
+{
+  *mute = (vol >> MUTE_SHIFT) & 1;
+  *rvol = (255 * (vol & mask)) / mask;
+  *lvol = (255 * ((vol >> 8) & mask)) / mask;
+  if (inverse) {
+*rvol = 255 - *rvol;
+*lvol = 255 - *lvol;
+  }
+}
+
+static void update_combined_volume_out (AC97LinkState *s)
+{
+uint8_t lvol, rvol, plvol, prvol;
+int mute, pmute;
+
+get_volume (mixer_load (s, AC97_Master_Volume_Mute), 0x3f, 1,
+&mute, &lvol, &rvol);
+/* FIXME: should be 1f according to spec */
+get_volume (mixer_load (s, AC97_PCM_Out_Volume_Mute), 0x3f, 1,
+&pmute, &plvol, &prvol);
+
+mute = mute | pmute;
+lvol = (lvol * plvol) / 255;
+rvol = (rvol * prvol) / 255;
+
+AUD_set_volume_out (s->voice_po, mute, lvol, rvol);
+}
+
+static void update_volume_in(AC97LinkState *s)
+{
+uint8_t lvol, rvol;
+int mute;
+
+get_volume (mixer_load (s, AC97_Record_Gain_Mute), 0x0f, 0,
+&mute, &lvol, &rvol);
+
+AUD_set_volume_in (s->voice_pi, mute, lvol, rvol);
+}
+
+static void set_volume (AC97LinkState *s, int index, uint32_t val)
+{
+mixer_store (s, index, val);
+if (index == AC97_Master_Volume_Mute || index == AC97_PCM_Out_Volume_Mute)
+  update_combined_volume_out (s);
+else if (index == AC97_Record_Gain_Mute)
+  update_volume_in (s);
+}
+
+static void record_select (AC97LinkState *s, uint32_t val)
+{
+uint8_t rs = val & REC_MASK;
+uint8_t ls = (val >> 8) & REC_MASK;
+mixer_store (s, AC97_Record_Select, rs | (ls << 8));
+}
+
 static void mixer_reset (AC97LinkState *s)
 {
 uint8_t active[LAST_INDEX];
@@ -470,6 +527,11 @@ static void mixer_reset (AC97LinkState *s)
 mixer_store (s, AC97_PCM_LR_ADC_Rate , 0xbb80);
 mixer_store (s, AC97_MIC_ADC_Rate, 0xbb80);
 
+record_select (s, 0);
+set_volume (s, AC97_Master_Volume_Mute, 0x8000);
+set_volume (s, AC97_PCM_Out_Volume_Mute, 0x8808);
+set_volume (s, AC97_Line_In_Volume_Mute, 0x8808);
+
 reset_voices (s, active);
 }
 
@@ -528,6 +590,15 @@ static void nam_writew (void *opaque, uint32_t addr, 
uint32_t val)
 val |= mixer_load (s, index) & 0xf;
 mixer_store (s, index, val);
 break;
+case AC97_PCM_Out_Volume_Mute:
+case AC97_Master_Volume_Mute:
+case AC97_Record_Gain_Mute:
+case AC97_Line_In_Volume_Mute:
+set_volume (s, index, val);
+break;
+case AC97_Record_Select:
+record_select (s, val);
+break;
 case AC97_Vendor_ID1:
 case AC97_Vendor_ID2:
 dolog ("Attempt to write vendor ID to %#x\n", val);
@@ -1080,6 +1151,14 @@ static int ac97_post_load (void *opaque, int version_id)
 uint8_t active[LAST_INDEX];
 AC97LinkState *s = opaque;
 
+record_select (s, mixer_load (s, AC97_Record_Select));
+set_volume (s, AC97_Master_Volume_Mute,
+mixer_load (s, AC97_Master_Volume_Mute));
+set_volume (s, AC97_PCM_Out_Volume_Mute,
+mixer_load (s, AC97_PCM_Out_Volume_Mute));
+set_volume (s, AC97_Line_In_Volume_Mute,
+mixer_load (s, AC97_Line_In_Volume_Mute));
+
 active[PI_INDEX] = !!(s->bm_regs[PI_INDEX].cr & CR_RPBM);
 active[PO_INDEX] = !!(s->bm_regs[PO_INDEX].cr & CR_RPBM);
 active[MC_INDEX] = !!(s->bm_regs[MC_INDEX].cr & CR_RPBM);
-- 
1.7.7.6

[Qemu-devel] [RFC PATCH v5 09/14] trace: [tracetool] Automatically establish available backends and formats

[Harsh Prateek Bora]

From: Lluís Vilanova 

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 Makefile.objs|6 +-
 Makefile.target  |3 +-
 scripts/tracetool.py |  321 --
 3 files changed, 211 insertions(+), 119 deletions(-)

diff --git a/Makefile.objs b/Makefile.objs
index 984034a..acb51b6 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -344,12 +344,12 @@ else
 trace.h: trace.h-timestamp
 endif
 trace.h-timestamp: $(SRC_PATH)/trace-events $(BUILD_DIR)/config-host.mak
-   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py 
--backend=$(TRACE_BACKEND) -h < $< > $@,"  GEN   trace.h")
+   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py 
--format=h --backend=$(TRACE_BACKEND) < $< > $@,"  GEN   trace.h")
@cmp -s $@ trace.h || cp $@ trace.h
 
 trace.c: trace.c-timestamp
 trace.c-timestamp: $(SRC_PATH)/trace-events $(BUILD_DIR)/config-host.mak
-   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py 
--backend=$(TRACE_BACKEND) -c < $< > $@,"  GEN   trace.c")
+   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py 
--format=c --backend=$(TRACE_BACKEND) < $< > $@,"  GEN   trace.c")
@cmp -s $@ trace.c || cp $@ trace.c
 
 trace.o: trace.c $(GENERATED_HEADERS)
@@ -362,7 +362,7 @@ trace-dtrace.h: trace-dtrace.dtrace
 # rule file. So we use '.dtrace' instead
 trace-dtrace.dtrace: trace-dtrace.dtrace-timestamp
 trace-dtrace.dtrace-timestamp: $(SRC_PATH)/trace-events 
$(BUILD_DIR)/config-host.mak
-   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py 
--backend=$(TRACE_BACKEND) -d < $< > $@,"  GEN   trace-dtrace.dtrace")
+   $(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py 
--format=d --backend=$(TRACE_BACKEND) < $< > $@,"  GEN   trace-dtrace.dtrace")
@cmp -s $@ trace-dtrace.dtrace || cp $@ trace-dtrace.dtrace
 
 trace-dtrace.o: trace-dtrace.dtrace $(GENERATED_HEADERS)
diff --git a/Makefile.target b/Makefile.target
index 07b21d1..6706767 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -51,11 +51,12 @@ endif
 
 $(QEMU_PROG).stp:
$(call quiet-command,$(PYTHON) $(SRC_PATH)/scripts/tracetool.py \
+   --format=stap \
--backend=$(TRACE_BACKEND) \
--binary=$(bindir)/$(QEMU_PROG) \
--target-arch=$(TARGET_ARCH) \
--target-type=$(TARGET_TYPE) \
-   --stap < $(SRC_PATH)/trace-events > $(QEMU_PROG).stp,"  GEN   
$(QEMU_PROG).stp")
+   < $(SRC_PATH)/trace-events > $(QEMU_PROG).stp,"  GEN   
$(QEMU_PROG).stp")
 else
 stap:
 endif
diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 2d6f9ee..947b808 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -12,33 +12,107 @@ import sys
 import getopt
 import re
 
-def usage():
-print "Tracetool: Generate tracing code for trace events file on stdin"
-print "Usage:"
-print sys.argv[0], "--backend=[nop|simple|stderr|dtrace|ust] 
[-h|-c|-d|--stap]"
-print '''
-Backends:
-  --nop Tracing disabled
-  --simple  Simple built-in backend
-  --stderr  Stderr built-in backend
-  --dtrace  DTrace/SystemTAP backend
-  --ust LTTng User Space Tracing backend
-
-Output formats:
-  -h Generate .h file
-  -c Generate .c file
-  -d Generate .d file (DTrace only)
-  --stap Generate .stp file (DTrace with SystemTAP only)
+##
+# format auto-registration
+
+class _Tag:
+pass
+
+_formats = {}
+
+BEGIN = _Tag()
+END = _Tag()
+_DESCR = _Tag()
+
+def for_format(format_, when, descr = None):
+"""Decorator for format generator functions."""
+
+if when is not BEGIN and when is not END:
+raise ValueError("Invalid 'when' tag")
+if format_ in _formats and when in _formats[format_]:
+raise ValueError("Format '%s' already set for given 'when' tag" % 
format_)
+
+if format_ not in _formats:
+_formats[format_] = {}
+if descr is not None:
+if _DESCR in _formats[format_]:
+raise ValueError("Description already set")
+_formats[format_][_DESCR] = descr
+
+def func(f):
+_formats[format_][when] = f
+return f
+return func
+
+def get_format(format_, when):
+"""Get a format generator function."""
+
+def nop(*args, **kwargs):
+pass
+if format_ in _formats and when in _formats[format_]:
+return _formats[format_][when]
+else:
+return nop
+
+def get_format_descr(format_):
+"""Get the description of a format generator."""
+
+if format_ in _formats and _DESCR in _formats[format_]:
+return _formats[format_][_DESCR]
+else:
+return ""
 
-Options:
-  --binary   [path]Full path to QEMU binary
-  --target-arch  [arch]QEMU emulator target arch
-  --target-type  [type]QEMU emulator target type ('system' or 'user')
-  --probe-prefix [prefix]  Pref

Re: [Qemu-devel] [PATCH] MSI / MSIX injection for Xen HVM

[Stefano Stabellini]

On Thu, 1 Mar 2012, Paolo Bonzini wrote:
> Il 01/03/2012 15:06, Stefano Stabellini ha scritto:
> >> > This is not a NACK, but I can't help asking.  Perhaps the fake Xen
> >> > interrupt controller is a bit too simplistic?  You can add a memory
> >> > region corresponding to the APICs and trap writes in that region.
> >> > Writes coming from QEMU are MSIs and can be injected to the hypervisor,
> >> > writes coming from the VM will be trapped by Xen before going out to 
> >> > QEMU.
> >  
> > That is a good point actually: we already have lapic emulation in Xen,
> > it makes sense to have apic-msi in Xen too.
> > We would still need the changes to msi_notify and msix_notify though.
> 
> Why?  The stores would just go to the Xen interrupt controller MMIO area
> which then does the xc_hvm_inject_msi.
 
Because msi(x)_notify is called by QEMU's emulated devices: it is not
possible from QEMU to cause an emulation trap in Xen on behalf of the
guest.

[Qemu-devel] [RFC PATCH v5 03/14] trace: [tracetool] Simplify event line parsing

[Harsh Prateek Bora]

From: Lluís Vilanova 

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 scripts/tracetool.py |   50 +-
 1 files changed, 17 insertions(+), 33 deletions(-)

diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 274fa70..84003f5 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -10,6 +10,7 @@
 
 import sys
 import getopt
+import re
 
 def usage():
 print "Tracetool: Generate tracing code for trace events file on stdin"
@@ -38,25 +39,14 @@ Options:
 '''
 sys.exit(1)
 
-def get_name(line, sep='('):
-head, sep, tail = line.partition(sep)
-property, sep, name = head.rpartition(' ')
-return name
-
 def get_properties(line, sep='('):
 head, sep, tail = line.partition(sep)
 property, sep, name = head.rpartition(' ')
 return property.split()
 
-def get_args(line, sep1='(', sep2=')'):
-head, sep1, tail = line.partition(sep1)
-args, sep2, fmt_str = tail.partition(sep2)
-return args
-
-def get_argnames(line, sep=','):
+def get_argnames(args):
 nfields = 0
 str = []
-args = get_args(line)
 for field in args.split():
   nfields = nfields + 1
   # Drop pointer star
@@ -77,21 +67,7 @@ def get_argnames(line, sep=','):
 else:
   return ''
 
-def get_argc(line):
-argc = 0
-argnames = get_argnames(line)
-if argnames:
-  for name in argnames.split(','):
-argc = argc + 1
-return argc
-
-def get_fmt(line, sep=')'):
-event, sep, fmt = line.partition(sep)
-return fmt.rstrip('\n')
-
-def calc_sizeofargs(line):
-args = get_args(line)
-argc = get_argc(line)
+def calc_sizeofargs(args, argc):
 str = []
 newstr = ""
 if argc > 0:
@@ -419,16 +395,24 @@ trace_gen = {
 }
 
 # A trace event
+cre = re.compile("(?P[^(\s]+)\((?P[^)]*)\)\s*(?P\".*)?")
+
 class Event(object):
 def __init__(self, num, line):
 self.num = num
-self.args = get_args(line)
+m = cre.match(line)
+assert m is not None
+groups = m.groupdict('')
+self.args = groups["args"]
 self.arglist = self.args.split(',')
-self.name = get_name(line)
-self.argc = get_argc(line)
-self.argnames = get_argnames(line)
-self.sizestr = calc_sizeofargs(line)
-self.fmt = get_fmt(line)
+self.name = groups["name"]
+if len(self.arglist) == 1 and self.arglist[0] == "void":
+self.argc = 0
+else:
+self.argc = len(self.arglist)
+self.argnames = get_argnames(self.args)
+self.sizestr = calc_sizeofargs(self.args, self.argc)
+self.fmt = groups["fmt"]
 self.properties = get_properties(line)
 
 # Generator that yields Event objects given a trace-events file object
-- 
1.7.1.1

[Qemu-devel] [PATCH 01/11] audio: add VOICE_VOLUME ctl

[Marc-André Lureau]

---
 audio/audio.c |   12 
 audio/audio_int.h |1 +
 2 files changed, 13 insertions(+), 0 deletions(-)

diff --git a/audio/audio.c b/audio/audio.c
index 398763f..d76c342 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -2053,17 +2053,29 @@ void AUD_del_capture (CaptureVoiceOut *cap, void 
*cb_opaque)
 void AUD_set_volume_out (SWVoiceOut *sw, int mute, uint8_t lvol, uint8_t rvol)
 {
 if (sw) {
+HWVoiceOut *hw = sw->hw;
+
 sw->vol.mute = mute;
 sw->vol.l = nominal_volume.l * lvol / 255;
 sw->vol.r = nominal_volume.r * rvol / 255;
+
+if (hw->pcm_ops->ctl_out) {
+hw->pcm_ops->ctl_out (hw, VOICE_VOLUME, sw);
+}
 }
 }
 
 void AUD_set_volume_in (SWVoiceIn *sw, int mute, uint8_t lvol, uint8_t rvol)
 {
 if (sw) {
+HWVoiceIn *hw = sw->hw;
+
 sw->vol.mute = mute;
 sw->vol.l = nominal_volume.l * lvol / 255;
 sw->vol.r = nominal_volume.r * rvol / 255;
+
+if (hw->pcm_ops->ctl_in) {
+hw->pcm_ops->ctl_in (hw, VOICE_VOLUME, sw);
+}
 }
 }
diff --git a/audio/audio_int.h b/audio/audio_int.h
index 2003f8b..117f95e 100644
--- a/audio/audio_int.h
+++ b/audio/audio_int.h
@@ -231,6 +231,7 @@ void audio_run (const char *msg);
 
 #define VOICE_ENABLE 1
 #define VOICE_DISABLE 2
+#define VOICE_VOLUME 3
 
 static inline int audio_ring_dist (int dst, int src, int len)
 {
-- 
1.7.7.6

[Qemu-devel] [PATCH 03/11] audio: use a nominal volume of 1^32-1

[Marc-André Lureau]

So we can easily fit it into smaller int.

We can just >>16 to fit it into a 16bits volume range for example.
---
 audio/audio.c |4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/audio/audio.c b/audio/audio.c
index bd9237e..9ea5b39 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -110,8 +110,8 @@ const struct mixeng_volume nominal_volume = {
 .r = 1.0,
 .l = 1.0,
 #else
-.r = 1ULL << 32,
-.l = 1ULL << 32,
+.r = (1ULL << 32) - 1,
+.l = (1ULL << 32) - 1,
 #endif
 };
 
-- 
1.7.7.6

[Qemu-devel] [PATCH 11/11] Make mixemu mandatory

[Marc-André Lureau]

Without MIXEMU, volume control on the guest doesn't work (except when
volume is applied by guest "emulation", in Win7 for example)
---
 audio/mixeng.c |6 --
 configure  |8 
 hw/hda-audio.c |4 
 3 files changed, 0 insertions(+), 18 deletions(-)

diff --git a/audio/mixeng.c b/audio/mixeng.c
index 5446be6..0b060e3 100644
--- a/audio/mixeng.c
+++ b/audio/mixeng.c
@@ -336,7 +336,6 @@ void mixeng_clear (struct st_sample *buf, int len)
 
 void mixeng_volume (struct st_sample *buf, int len, struct mixeng_volume *vol)
 {
-#ifdef CONFIG_MIXEMU
 if (vol->mute) {
 mixeng_clear (buf, len);
 return;
@@ -352,9 +351,4 @@ void mixeng_volume (struct st_sample *buf, int len, struct 
mixeng_volume *vol)
 #endif
 buf += 1;
 }
-#else
-(void) buf;
-(void) len;
-(void) vol;
-#endif
 }
diff --git a/configure b/configure
index 938c2d2..7bc13d9 100755
--- a/configure
+++ b/configure
@@ -175,7 +175,6 @@ darwin_user="no"
 bsd_user="no"
 guest_base=""
 uname_release=""
-mixemu="no"
 aix="no"
 blobs="yes"
 pkgversion=""
@@ -762,8 +761,6 @@ for opt do
   ;;
   --enable-nptl) nptl="yes"
   ;;
-  --enable-mixemu) mixemu="yes"
-  ;;
   --disable-linux-aio) linux_aio="no"
   ;;
   --enable-linux-aio) linux_aio="yes"
@@ -1020,7 +1017,6 @@ echo "  --audio-card-list=LIST   set list of emulated 
audio cards [$audio_card_l
 echo "   Available cards: $audio_possible_cards"
 echo "  --block-drv-whitelist=L  set block driver whitelist"
 echo "   (affects only QEMU, not qemu-img)"
-echo "  --enable-mixemu  enable mixer emulation"
 echo "  --disable-xendisable xen backend driver support"
 echo "  --enable-xen enable xen backend driver support"
 echo "  --disable-brlapi disable BrlAPI"
@@ -2899,7 +2895,6 @@ echo "mingw32 support   $mingw32"
 echo "Audio drivers $audio_drv_list"
 echo "Extra audio cards $audio_card_list"
 echo "Block whitelist   $block_drv_whitelist"
-echo "Mixer emulation   $mixemu"
 echo "VirtFS support$virtfs"
 echo "VNC support   $vnc"
 if test "$vnc" = "yes" ; then
@@ -3062,9 +3057,6 @@ if test "$audio_win_int" = "yes" ; then
   echo "CONFIG_AUDIO_WIN_INT=y" >> $config_host_mak
 fi
 echo "CONFIG_BDRV_WHITELIST=$block_drv_whitelist" >> $config_host_mak
-if test "$mixemu" = "yes" ; then
-  echo "CONFIG_MIXEMU=y" >> $config_host_mak
-fi
 if test "$vnc" = "yes" ; then
   echo "CONFIG_VNC=y" >> $config_host_mak
 fi
diff --git a/hw/hda-audio.c b/hw/hda-audio.c
index 8995519..75f1402 100644
--- a/hw/hda-audio.c
+++ b/hw/hda-audio.c
@@ -121,15 +121,11 @@ static void hda_codec_parse_fmt(uint32_t format, struct 
audsettings *as)
 #define QEMU_HDA_AMP_NONE(0)
 #define QEMU_HDA_AMP_STEPS   0x4a
 
-#ifdef CONFIG_MIXEMU
 #define QEMU_HDA_AMP_CAPS   \
 (AC_AMPCAP_MUTE |   \
  (QEMU_HDA_AMP_STEPS << AC_AMPCAP_OFFSET_SHIFT)|\
  (QEMU_HDA_AMP_STEPS << AC_AMPCAP_NUM_STEPS_SHIFT) |\
  (3  << AC_AMPCAP_STEP_SIZE_SHIFT))
-#else
-#define QEMU_HDA_AMP_CAPSQEMU_HDA_AMP_NONE
-#endif
 
 /* common: audio output widget */
 static const desc_param common_params_audio_dac[] = {
-- 
1.7.7.6

[Qemu-devel] [PATCH 07/11] audio/spice: add support for volume control

[Marc-André Lureau]

---
 audio/spiceaudio.c |   41 +
 1 files changed, 41 insertions(+), 0 deletions(-)

diff --git a/audio/spiceaudio.c b/audio/spiceaudio.c
index f972110..92964ae 100644
--- a/audio/spiceaudio.c
+++ b/audio/spiceaudio.c
@@ -202,7 +202,26 @@ static int line_out_ctl (HWVoiceOut *hw, int cmd, ...)
 }
 spice_server_playback_stop (&out->sin);
 break;
+case VOICE_VOLUME:
+{
+#if ((SPICE_INTERFACE_PLAYBACK_MAJOR >= 1) && (SPICE_INTERFACE_PLAYBACK_MINOR 
>= 2))
+SWVoiceOut *sw;
+va_list ap;
+uint16_t vol[2];
+
+va_start (ap, cmd);
+sw = va_arg (ap, SWVoiceOut *);
+va_end (ap);
+
+vol[0] = sw->vol.l >> 16;
+vol[1] = sw->vol.r >> 16;
+spice_server_playback_set_volume (&out->sin, 2, vol);
+spice_server_playback_set_mute (&out->sin, sw->vol.mute);
+#endif
+break;
+}
 }
+
 return 0;
 }
 
@@ -304,7 +323,26 @@ static int line_in_ctl (HWVoiceIn *hw, int cmd, ...)
 in->active = 0;
 spice_server_record_stop (&in->sin);
 break;
+case VOICE_VOLUME:
+{
+#if ((SPICE_INTERFACE_RECORD_MAJOR >= 2) && (SPICE_INTERFACE_RECORD_MINOR >= 
2))
+SWVoiceIn *sw;
+va_list ap;
+uint16_t vol[2];
+
+va_start (ap, cmd);
+sw = va_arg (ap, SWVoiceIn *);
+va_end (ap);
+
+vol[0] = sw->vol.l >> 16;
+vol[1] = sw->vol.r >> 16;
+spice_server_record_set_volume (&in->sin, 2, vol);
+spice_server_record_set_mute (&in->sin, sw->vol.mute);
+#endif
+break;
+}
 }
+
 return 0;
 }
 
@@ -337,6 +375,9 @@ struct audio_driver spice_audio_driver = {
 .max_voices_in  = 1,
 .voice_size_out = sizeof (SpiceVoiceOut),
 .voice_size_in  = sizeof (SpiceVoiceIn),
+#if ((SPICE_INTERFACE_PLAYBACK_MAJOR >= 1) && (SPICE_INTERFACE_PLAYBACK_MINOR 
>= 2))
+.ctl_caps   = VOICE_VOLUME_CAP
+#endif
 };
 
 void qemu_spice_audio_init (void)
-- 
1.7.7.6

Re: [Qemu-devel] [PATCH v8 2/4] cadence_ttc: initial version of device model

[Peter Maydell]

On 28 February 2012 07:40, Peter A. G. Crosthwaite
 wrote:
> Implemented cadence Triple Timer Counter (TCC)
>
> Signed-off-by: Peter A. G. Crosthwaite 
> Signed-off-by: John Linn 
> Acked-by: Edgar E. Iglesias 
> ---
> changed from v7:
> removed fflush() from DBPRINTF
> changed from v6:
> renamed cadence_ttc_state -> CadenceTTCState
> renamed qemu_debug() -> DB_PRINT (all)
> added reset function
> changed from v4:
> fixed FSF addess
> changed device_init -> type_init
> changed from v3:
> Fixed race condition where timer could miss match events on wrap around
> changed from v2:
> changed ptimer to QEMUTimer (Fixed skew/drift issue in timer delays)
> changes from v1:
> refactored event driven code
> marked vmsd as unmigratable
>  Makefile.target  |    1 +
>  hw/cadence_ttc.c |  448 
> ++
>  2 files changed, 449 insertions(+), 0 deletions(-)
>  create mode 100644 hw/cadence_ttc.c
>
> diff --git a/Makefile.target b/Makefile.target
> index 2021926..c09deda 100644
> --- a/Makefile.target
> +++ b/Makefile.target
> @@ -345,6 +345,7 @@ obj-arm-y = integratorcp.o versatilepb.o arm_pic.o 
> arm_timer.o
>  obj-arm-y += arm_boot.o pl011.o pl031.o pl050.o pl080.o pl110.o pl181.o 
> pl190.o
>  obj-arm-y += versatile_pci.o
>  obj-arm-y += cadence_uart.o
> +obj-arm-y += cadence_ttc.o
>  obj-arm-y += realview_gic.o realview.o arm_sysctl.o arm11mpcore.o a9mpcore.o
>  obj-arm-y += exynos4210_gic.o exynos4210_combiner.o exynos4210.o
>  obj-arm-y += exynos4_boards.o exynos4210_uart.o exynos4210_pwm.o
> diff --git a/hw/cadence_ttc.c b/hw/cadence_ttc.c
> new file mode 100644
> index 000..08b6c9c
> --- /dev/null
> +++ b/hw/cadence_ttc.c
> @@ -0,0 +1,448 @@
> +/*
> + * Xilinx Zynq cadence TTC model
> + *
> + * Copyright (c) 2011 Xilinx Inc.
> + * Copyright (c) 2012 Peter A.G. Crosthwaite 
> (peter.crosthwa...@petalogix.com)
> + * Copyright (c) 2012 PetaLogix Pty Ltd.
> + * Written By Haibing Ma
> + *            M. Habib
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * as published by the Free Software Foundation; either version
> + * 2 of the License, or (at your option) any later version.
> + *
> + * You should have received a copy of the GNU General Public License along
> + * with this program; if not, see .
> + */
> +
> +#include "sysbus.h"
> +#include "qemu-timer.h"
> +
> +#ifdef CADENCE_TTC_ERR_DEBUG
> +#define DB_PRINT(...) do { \
> +    fprintf(stderr,  ": %s: ", __func__); \
> +    fprintf(stderr, ## __VA_ARGS__); \
> +    } while (0);
> +#else
> +    #define DB_PRINT(...)
> +#endif
> +
> +#define COUNTER_INTR_IV     0x0001
> +#define COUNTER_INTR_M1     0x0002
> +#define COUNTER_INTR_M2     0x0004
> +#define COUNTER_INTR_M3     0x0008
> +#define COUNTER_INTR_OV     0x0010
> +#define COUNTER_INTR_EV     0x0020
> +
> +#define COUNTER_CTRL_DIS    0x0001
> +#define COUNTER_CTRL_INT    0x0002
> +#define COUNTER_CTRL_DEC    0x0004
> +#define COUNTER_CTRL_MATCH  0x0008
> +#define COUNTER_CTRL_RST    0x0010
> +
> +#define CLOCK_CTRL_PS_EN    0x0001
> +#define CLOCK_CTRL_PS_V     0x001e
> +
> +typedef struct {
> +    QEMUTimer *timer;
> +    int freq;
> +
> +    uint32_t reg_clock;
> +    uint32_t reg_count;
> +    uint32_t reg_value;
> +    uint16_t reg_interval;
> +    uint16_t reg_match[3];
> +    uint32_t reg_intr;
> +    uint32_t reg_intr_en;
> +    uint32_t reg_event_ctrl;
> +    uint32_t reg_event;
> +
> +    uint64_t cpu_time;
> +    unsigned int cpu_time_valid;
> +
> +    qemu_irq irq;
> +} CadenceTimerState;
> +
> +typedef struct {
> +    SysBusDevice busdev;
> +    MemoryRegion iomem;
> +    CadenceTimerState * timer[3];
> +} CadenceTTCState;
> +
> +static void cadence_timer_update(CadenceTimerState *s)
> +{
> +    qemu_set_irq(s->irq, !!(s->reg_intr & s->reg_intr_en));
> +}
> +
> +static CadenceTimerState *cadence_timer_from_addr(void *opaque,
> +                                        target_phys_addr_t offset)
> +{
> +    unsigned int index;
> +    CadenceTTCState *s = (CadenceTTCState *)opaque;
> +
> +    index = (offset >> 2) % 3;
> +
> +    return s->timer[index];
> +}
> +
> +static uint64_t cadence_timer_get_ns(CadenceTimerState *s, uint64_t 
> timer_steps)
> +{
> +    /* timer_steps has max value of 0x1. double check it
> +     * (or overflow can happen below) */
> +    assert(timer_steps <= 1ULL << 32);
> +
> +    uint64_t r = timer_steps * 10ULL;
> +    if (s->reg_clock & CLOCK_CTRL_PS_EN) {
> +        r >>= 16 - (((s->reg_clock & CLOCK_CTRL_PS_V) >> 1) + 1);
> +    } else {
> +        r >>= 16;
> +    }
> +    r /= (uint64_t)s->freq;
> +    return r;
> +}
> +
> +static uint64_t cadence_timer_get_steps(CadenceTimerState *s, uint64_t ns)
> +{
> +    uint64_t to_divide = 10ULL;
> +
> +    uint64_t r = ns;
> +     /* for very large intervals (> 8s) do some div

[Qemu-devel] [PATCH 08/11] Do not use pa_simple PulseAudio API

[Marc-André Lureau]

Unfortunately, pa_simple is a limited API which doesn't let us
retrieve the associated pa_stream. It is needed to control the volume
of the stream.
---
 audio/paaudio.c |  356 +--
 1 files changed, 318 insertions(+), 38 deletions(-)

diff --git a/audio/paaudio.c b/audio/paaudio.c
index d1f3912..beed434 100644
--- a/audio/paaudio.c
+++ b/audio/paaudio.c
@@ -2,8 +2,7 @@
 #include "qemu-common.h"
 #include "audio.h"
 
-#include 
-#include 
+#include 
 
 #define AUDIO_CAP "pulseaudio"
 #include "audio_int.h"
@@ -15,7 +14,7 @@ typedef struct {
 int live;
 int decr;
 int rpos;
-pa_simple *s;
+pa_stream *stream;
 void *pcm_buf;
 struct audio_pt pt;
 } PAVoiceOut;
@@ -26,17 +25,23 @@ typedef struct {
 int dead;
 int incr;
 int wpos;
-pa_simple *s;
+pa_stream *stream;
 void *pcm_buf;
 struct audio_pt pt;
+const void *read_data;
+size_t read_index, read_length;
 } PAVoiceIn;
 
-static struct {
+typedef struct {
 int samples;
 char *server;
 char *sink;
 char *source;
-} conf = {
+pa_threaded_mainloop *mainloop;
+pa_context *context;
+} paaudio;
+
+static paaudio glob_paaudio = {
 .samples = 4096,
 };
 
@@ -51,6 +56,120 @@ static void GCC_FMT_ATTR (2, 3) qpa_logerr (int err, const 
char *fmt, ...)
 AUD_log (AUDIO_CAP, "Reason: %s\n", pa_strerror (err));
 }
 
+#define CHECK_SUCCESS_GOTO(c, rerror, expression, label)\
+do {\
+if (!(expression)) {\
+if (rerror) \
+*(rerror) = pa_context_errno((c)->context); \
+goto label; \
+}   \
+} while(0);
+
+#define CHECK_DEAD_GOTO(c, stream, rerror, label)   \
+do {\
+if (!(c)->context || 
!PA_CONTEXT_IS_GOOD(pa_context_get_state((c)->context)) || \
+!(stream) || !PA_STREAM_IS_GOOD(pa_stream_get_state((stream { \
+if (((c)->context && pa_context_get_state((c)->context) == 
PA_CONTEXT_FAILED) || \
+((stream) && pa_stream_get_state((stream)) == 
PA_STREAM_FAILED)) { \
+if (rerror) \
+*(rerror) = pa_context_errno((c)->context); \
+} else  \
+if (rerror) \
+*(rerror) = PA_ERR_BADSTATE;\
+goto label; \
+}   \
+} while(0);
+
+static int qpa_simple_read (PAVoiceIn *p, void *data, size_t length, int 
*rerror)
+{
+paaudio *g = &glob_paaudio;
+
+pa_threaded_mainloop_lock (g->mainloop);
+
+CHECK_DEAD_GOTO (g, p->stream, rerror, unlock_and_fail);
+
+while (length > 0) {
+size_t l;
+
+while (!p->read_data) {
+int r;
+
+r = pa_stream_peek (p->stream, &p->read_data, &p->read_length);
+CHECK_SUCCESS_GOTO (g, rerror, r == 0, unlock_and_fail);
+
+if (!p->read_data) {
+pa_threaded_mainloop_wait (g->mainloop);
+CHECK_DEAD_GOTO (g, p->stream, rerror, unlock_and_fail);
+} else
+p->read_index = 0;
+}
+
+l = p->read_length < length ? p->read_length : length;
+memcpy (data, (const uint8_t*) p->read_data+p->read_index, l);
+
+data = (uint8_t*) data + l;
+length -= l;
+
+p->read_index += l;
+p->read_length -= l;
+
+if (!p->read_length) {
+int r;
+
+r = pa_stream_drop (p->stream);
+p->read_data = NULL;
+p->read_length = 0;
+p->read_index = 0;
+
+CHECK_SUCCESS_GOTO (g, rerror, r == 0, unlock_and_fail);
+}
+}
+
+pa_threaded_mainloop_unlock (g->mainloop);
+return 0;
+
+unlock_and_fail:
+pa_threaded_mainloop_unlock (g->mainloop);
+return -1;
+}
+
+static int qpa_simple_write (PAVoiceOut *p, const void *data, size_t length, 
int *rerror)
+{
+paaudio *g = &glob_paaudio;
+
+pa_threaded_mainloop_lock(g->mainloop);
+
+CHECK_DEAD_GOTO (g, p->stream, rerror, unlock_and_fail);
+
+while (length > 0) {
+size_t l;
+int r;
+
+while (!(l = pa_stream_writable_size (p->stream))) {
+pa_threaded_mainloop_wait (g->mainloop);
+CHECK_DEAD_GOTO (g, p->stream, rerror, unlock_and_fail);
+}
+
+CHECK_SUCCESS_GOTO (g, rerror, l != (size_t) -1, unlock_and_fail);
+
+if (l > length)
+l =

Re: [Qemu-devel] Add support for new image type

[Kevin Wolf]

Am 29.02.2012 22:52, schrieb Kai Meyer:
> Is it possible to extend qemu to support a new image type? I have an 
> image type that is ready for consumption and I'm looking for the 
> integration point between qemu and the new image format.

Which image format do you want to get integrated?

Have a look at block/qcow2.c to get an idea of what a qemu block driver
looks like. At the bottom of the file there is a struct that contains
function pointers to all exported functions, so this is usually a good
place to start exploring a driver.

Kevin

Re: [Qemu-devel] [PATCH v8 3/4] cadence_gem: initial version of device model

[Peter Maydell]

On 28 February 2012 07:40, Peter A. G. Crosthwaite
 wrote:
> +static const VMStateDescription vmstate_cadence_gem = {
> +    .name = "cadence_gem",
> +    .unmigratable = 1,
> +};

Needs implementing properly. Otherwise looks OK.

-- PMM

[Qemu-devel] [RFC PATCH v5 10/14] trace: Provide a per-event status define for conditional compilation

[Harsh Prateek Bora]

From: Lluís Vilanova 

NOTE: This is a port of a patch in Stefanha's tracing tree to the new
pythonic tracetool version.

Adds a 'TRACE_${NAME}_ENABLED' preprocessor define for each tracing event
in "trace.h".

This lets the user conditionally compile code with a relatively high
execution cost that is only necessary when producing the tracing
information for an event that is enabled.

Note that events using this define will probably have the "disable"
property by default, in order to avoid such costs on regular builds.

Signed-off-by: Lluís Vilanova 
Signed-off-by: Harsh Prateek Bora 
---
 docs/tracing.txt |   50 ++
 scripts/tracetool.py |7 +++
 2 files changed, 49 insertions(+), 8 deletions(-)

diff --git a/docs/tracing.txt b/docs/tracing.txt
index 95ca16c..ab9048c 100644
--- a/docs/tracing.txt
+++ b/docs/tracing.txt
@@ -39,12 +39,12 @@ generate code for the trace events.  Trace events are 
invoked directly from
 source code like this:
 
 #include "trace.h"  /* needed for trace event prototype */
-
+
 void *qemu_vmalloc(size_t size)
 {
 void *ptr;
 size_t align = QEMU_VMALLOC_ALIGN;
- 
+
 if (size < align) {
 align = getpagesize();
 }
@@ -98,12 +98,6 @@ respectively.  This ensures portability between 32- and 
64-bit platforms.
 4. Name trace events after their function.  If there are multiple trace events
in one function, append a unique distinguisher at the end of the name.
 
-5. If specific trace events are going to be called a huge number of times, this
-   might have a noticeable performance impact even when the trace events are
-   programmatically disabled. In this case you should declare the trace event
-   with the "disable" property, which will effectively disable it at compile
-   time (using the "nop" backend).
-
 == Generic interface and monitor commands ==
 
 You can programmatically query and control the dynamic state of trace events
@@ -227,3 +221,43 @@ probes:
   --target-type system \
   --target-arch x86_64 \
   qemu.stp
+
+== Trace event properties ==
+
+Each event in the "trace-events" file can be prefixed with a space-separated
+list of zero or more of the following event properties.
+
+=== "disable" ===
+
+If a specific trace event is going to be invoked a huge number of times, this
+might have a noticeable performance impact even when the event is
+programmatically disabled.
+
+In this case you should declare such event with the "disable" property. This
+will effectively disable the event at compile time (by using the "nop" 
backend),
+thus having no performance impact at all on regular builds (i.e., unless you
+edit the "trace-events" file).
+
+In addition, there might be cases where relatively complex computations must be
+performed to generate values that are only used as arguments for a trace
+function. In these cases you can use the macro 'TRACE_${EVENT_NAME}_ENABLED' to
+guard such computations and avoid its compilation when the event is disabled:
+
+#include "trace.h"  /* needed for trace event prototype */
+
+void *qemu_vmalloc(size_t size)
+{
+void *ptr;
+size_t align = QEMU_VMALLOC_ALIGN;
+
+if (size < align) {
+align = getpagesize();
+}
+ptr = qemu_memalign(align, size);
+if (TRACE_QEMU_VMALLOC_ENABLED) { /* preprocessor macro */
+void *complex;
+/* some complex computations to produce the 'complex' value */
+trace_qemu_vmalloc(size, ptr, complex);
+}
+return ptr;
+}
diff --git a/scripts/tracetool.py b/scripts/tracetool.py
index 947b808..dc93a1a 100755
--- a/scripts/tracetool.py
+++ b/scripts/tracetool.py
@@ -123,6 +123,13 @@ def trace_h_begin(events):
 
 @for_format("h", END)
 def trace_h_end(events):
+for e in events:
+if 'disable' in e.properties:
+enabled = 0
+else:
+enabled = 1
+print "#define TRACE_%s_ENABLED %d" % (e.name.upper(), enabled)
+print
 print '#endif /* TRACE_H */'
 
 
-- 
1.7.1.1

Re: [Qemu-devel] [PATCH v8 4/4] xilinx_zynq: machine model initial version

[Peter Maydell]

On 28 February 2012 07:40, Peter A. G. Crosthwaite
 wrote:
> +static const VMStateDescription vmstate_zynq_slcr = {
> +    .name = "zynq_slcr",
> +    .unmigratable = 1,
> +};

No reason to make this unmigratable rather than just putting in
the vmstate fields. Otherwise looks OK.

-- PMM

[Qemu-devel] [Bug 657006] Re: arm v7M - svc insn doesn't trigger PendSV handler

[Oleksiy Bondarenko]

I had the same problem then was trying to run project based on uC OS2.
So there is no problem in freeRtos or in uCOS and it is better to do
change in helper.c in function:

 static void do_v7m_exception_exit(CPUARMState *env)

replace line

 env->regs[15] = v7m_pop(env);

with

env->regs[15] = v7m_pop(env) & 0xfffe;

and everything will be fine.

also you can pay attention to 
https://bugs.launchpad.net/qemu/+bug/942659

and if you already implemented  byte accessed priority  registers in NVIC
you will be able to run even nested interrupts.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/657006

Title:
  arm v7M - svc insn doesn't trigger PendSV handler

Status in QEMU:
  New

Bug description:
  The svc instruction doesn't work as expected.

  -> qemu 0.13.0 rc1 (git)

  Test : demo with freeRTOS (for example
  FreeRTOS-6.0.5/Demo/CORTEX_LM3S811_GCC) with the card lm3s811evb.

  If we start the scheduler, it will call that function (__attribute__
  (( naked ))) :

  void vPortStartFirstTask( void )

  {

  __asm volatile(

  " ldr r0, =0xE000ED08   \n" /*
  Use the NVIC offset register to locate the stack. */

  " ldr r0, [r0]
  \n"

  " ldr r0, [r0]
  \n"

  " msr msp, r0
  \n" /* Set the msp back to the start of the stack. */

  " svc 0
  \n" /* System call to start first task. */

  );

  }

  The 4 first lines in asm work fine. The scv 0 call will rise the right 
interrupt in qemu (line 151, in arm_gic.c, best_irq = 15). However, it will 
never call the PendSV Handler (xPortPendSVHandler here). This function is 
recorded in the nvic vector.
  Next, (after the svc), the processor will execute the line after in code 
(this is a naked function) so the next function written after 
vPortStartFirstTask in the code.

  
  command line :
  console 1 : qemu-system-arm -M lm3s6965evb -kernel gcc/RTOSDemo.axf -s -S
  console 2 : arm-none-eabi-gdb -ex "target remote localhost:1234" 
gcc/RTOSDemo.axf

  arm-none-eabi from 
http://www.codesourcery.com/sgpp/lite/arm/portal/release1294
  Same error with another project with arm-elf

  processor : arm cortex m3

  host : gentoo (2.6.35-r9) (without kqemu)

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/657006/+subscriptions