[Qemu-devel] [PATCH 18/18] acpi: drop debug port

[Gerd Hoffmann]

I'm pretty sure this isn't needed any more.  I think this predates the
switch to seabios, and the seabios DSDT table has a DBUG() aml macro
which writes stuff to the seabios debug port (0x402).

Signed-off-by: Gerd Hoffmann 
---
 hw/acpi_piix4.c |9 -
 1 files changed, 0 insertions(+), 9 deletions(-)

diff --git a/hw/acpi_piix4.c b/hw/acpi_piix4.c
index 263338a..b03454e 100644
--- a/hw/acpi_piix4.c
+++ b/hw/acpi_piix4.c
@@ -38,8 +38,6 @@
 # define PIIX4_DPRINTF(format, ...) do { } while (0)
 #endif
 
-#define ACPI_DBG_IO_ADDR  0xb044
-
 #define GPE_BASE 0xafe0
 #define GPE_LEN 4
 
@@ -129,11 +127,6 @@ static void apm_ctrl_changed(uint32_t val, void *arg)
 }
 }
 
-static void acpi_dbg_writel(void *opaque, uint32_t addr, uint32_t val)
-{
-PIIX4_DPRINTF("ACPI: DBG: 0x%08x\n", val);
-}
-
 static void pm_io_space_update(PIIX4PMState *s)
 {
 uint32_t pm_io_base;
@@ -400,8 +393,6 @@ static int piix4_pm_initfn(PCIDevice *dev)
 /* APM */
 apm_init(&s->apm, apm_ctrl_changed, s);
 
-register_ioport_write(ACPI_DBG_IO_ADDR, 4, 4, acpi_dbg_writel, s);
-
 if (s->kvm_enabled) {
 /* Mark SMM as already inited to prevent SMM from running.  KVM does 
not
  * support SMM mode. */
-- 
1.7.1

[Qemu-devel] [PATCH 02/18] apci: switch ich9 to memory api

[Gerd Hoffmann]

Signed-off-by: Gerd Hoffmann 
---
 hw/acpi_ich9.c |   44 +++-
 hw/acpi_ich9.h |1 +
 2 files changed, 28 insertions(+), 17 deletions(-)

diff --git a/hw/acpi_ich9.c b/hw/acpi_ich9.c
index 61034d3..bf361ec 100644
--- a/hw/acpi_ich9.c
+++ b/hw/acpi_ich9.c
@@ -29,6 +29,7 @@
 #include "sysemu.h"
 #include "acpi.h"
 #include "kvm.h"
+#include "exec-memory.h"
 
 #include "ich9.h"
 
@@ -217,30 +218,34 @@ static uint32_t pm_ioport_read_fallback(void *opaque, 
uint32_t addr, int len)
 return val;
 }
 
+static const MemoryRegionOps pm_io_ops = {
+.old_portio = (MemoryRegionPortio[]) {
+{ .offset = 0, .len = ICH9_PMIO_SIZE, .size = 1,
+  .read = pm_ioport_readb, .write = pm_ioport_writeb },
+{ .offset = 0, .len = ICH9_PMIO_SIZE, .size = 2,
+  .read = pm_ioport_readw, .write = pm_ioport_writew },
+{ .offset = 0, .len = ICH9_PMIO_SIZE, .size = 4,
+  .read = pm_ioport_readl, .write = pm_ioport_writel },
+PORTIO_END_OF_LIST(),
+},
+.valid.min_access_size = 1,
+.valid.max_access_size = 4,
+.impl.min_access_size = 1,
+.impl.max_access_size = 4,
+.endianness = DEVICE_LITTLE_ENDIAN,
+};
+
 void ich9_pm_iospace_update(ICH9LPCPMRegs *pm, uint32_t pm_io_base)
 {
 ICH9_DEBUG("to 0x%x\n", pm_io_base);
 
 assert((pm_io_base & ICH9_PMIO_MASK) == 0);
 
-if (pm->pm_io_base != 0) {
-isa_unassign_ioport(pm->pm_io_base, ICH9_PMIO_SIZE);
-}
-
-/* don't map at 0 */
-if (pm_io_base == 0) {
-return;
-}
-
-register_ioport_write(pm_io_base, ICH9_PMIO_SIZE, 1, pm_ioport_writeb, pm);
-register_ioport_read(pm_io_base, ICH9_PMIO_SIZE, 1, pm_ioport_readb, pm);
-register_ioport_write(pm_io_base, ICH9_PMIO_SIZE, 2, pm_ioport_writew, pm);
-register_ioport_read(pm_io_base, ICH9_PMIO_SIZE, 2, pm_ioport_readw, pm);
-register_ioport_write(pm_io_base, ICH9_PMIO_SIZE, 4, pm_ioport_writel, pm);
-register_ioport_read(pm_io_base, ICH9_PMIO_SIZE, 4, pm_ioport_readl, pm);
-
 pm->pm_io_base = pm_io_base;
-acpi_gpe_blk(&pm->acpi_regs, pm_io_base + ICH9_PMIO_GPE0_STS);
+memory_region_transaction_begin();
+memory_region_set_enabled(&pm->io, pm->pm_io_base != 0);
+memory_region_set_address(&pm->io, pm->pm_io_base);
+memory_region_transaction_commit();
 }
 
 static int ich9_pm_post_load(void *opaque, int version_id)
@@ -311,9 +316,14 @@ static void pm_powerdown_req(Notifier *n, void *opaque)
 
 void ich9_pm_init(ICH9LPCPMRegs *pm, qemu_irq sci_irq, qemu_irq cmos_s3)
 {
+memory_region_init_io(&pm->io, &pm_io_ops, pm, "ich9-pm", ICH9_PMIO_SIZE);
+memory_region_set_enabled(&pm->io, false);
+memory_region_add_subregion(get_system_io(), 0, &pm->io);
+
 acpi_pm_tmr_init(&pm->acpi_regs, ich9_pm_update_sci_fn);
 acpi_pm1_cnt_init(&pm->acpi_regs);
 acpi_gpe_init(&pm->acpi_regs, ICH9_PMIO_GPE0_LEN);
+acpi_gpe_blk(&pm->acpi_regs, ICH9_PMIO_GPE0_STS);
 
 pm->irq = sci_irq;
 qemu_register_reset(pm_reset, pm);
diff --git a/hw/acpi_ich9.h b/hw/acpi_ich9.h
index 180c406..0a2ee6c 100644
--- a/hw/acpi_ich9.h
+++ b/hw/acpi_ich9.h
@@ -30,6 +30,7 @@ typedef struct ICH9LPCPMRegs {
  * PM1a_CNT_BLK = 2 in FADT so it is defined as uint16_t.
  */
 ACPIREGS acpi_regs;
+MemoryRegion io;
 uint32_t smi_en;
 uint32_t smi_sts;
 
-- 
1.7.1

[Qemu-devel] [PATCH 15/18] acpi: remove acpi_gpe_blk

[Gerd Hoffmann]

With gpe being switched to memory api this is no longer needed.

Signed-off-by: Gerd Hoffmann 
---
 hw/acpi.c   |7 ---
 hw/acpi.h   |2 --
 hw/acpi_ich9.c  |1 -
 hw/acpi_piix4.c |1 -
 4 files changed, 0 insertions(+), 11 deletions(-)

diff --git a/hw/acpi.c b/hw/acpi.c
index e58e45f..ae29a59 100644
--- a/hw/acpi.c
+++ b/hw/acpi.c
@@ -493,11 +493,6 @@ void acpi_gpe_init(ACPIREGS *ar, uint8_t len)
 ar->gpe.en = g_malloc0(len / 2);
 }
 
-void acpi_gpe_blk(ACPIREGS *ar, uint32_t blk)
-{
-ar->gpe.blk = blk;
-}
-
 void acpi_gpe_reset(ACPIREGS *ar)
 {
 memset(ar->gpe.sts, 0, ar->gpe.len / 2);
@@ -523,7 +518,6 @@ void acpi_gpe_ioport_writeb(ACPIREGS *ar, uint32_t addr, 
uint32_t val)
 {
 uint8_t *cur;
 
-addr -= ar->gpe.blk;
 cur = acpi_gpe_ioport_get_ptr(ar, addr);
 if (addr < ar->gpe.len / 2) {
 /* GPE_STS */
@@ -541,7 +535,6 @@ uint32_t acpi_gpe_ioport_readb(ACPIREGS *ar, uint32_t addr)
 uint8_t *cur;
 uint32_t val;
 
-addr -= ar->gpe.blk;
 cur = acpi_gpe_ioport_get_ptr(ar, addr);
 val = 0;
 if (cur != NULL) {
diff --git a/hw/acpi.h b/hw/acpi.h
index 918d7f5..afda153 100644
--- a/hw/acpi.h
+++ b/hw/acpi.h
@@ -104,7 +104,6 @@ struct ACPIPM1CNT {
 };
 
 struct ACPIGPE {
-uint32_t blk;
 uint8_t len;
 
 uint8_t *sts;
@@ -150,7 +149,6 @@ void acpi_pm1_cnt_reset(ACPIREGS *ar);
 
 /* GPE0 */
 void acpi_gpe_init(ACPIREGS *ar, uint8_t len);
-void acpi_gpe_blk(ACPIREGS *ar, uint32_t blk);
 void acpi_gpe_reset(ACPIREGS *ar);
 
 void acpi_gpe_ioport_writeb(ACPIREGS *ar, uint32_t addr, uint32_t val);
diff --git a/hw/acpi_ich9.c b/hw/acpi_ich9.c
index db0d7a5..c5978d3 100644
--- a/hw/acpi_ich9.c
+++ b/hw/acpi_ich9.c
@@ -212,7 +212,6 @@ void ich9_pm_init(ICH9LPCPMRegs *pm, qemu_irq sci_irq, 
qemu_irq cmos_s3)
 acpi_pm1_cnt_init(&pm->acpi_regs, &pm->io);
 
 acpi_gpe_init(&pm->acpi_regs, ICH9_PMIO_GPE0_LEN);
-acpi_gpe_blk(&pm->acpi_regs, 0);
 memory_region_init_io(&pm->io_gpe, &ich9_gpe_ops, pm, "apci-gpe0",
   ICH9_PMIO_GPE0_LEN);
 memory_region_add_subregion(&pm->io, ICH9_PMIO_GPE0_STS, &pm->io_gpe);
diff --git a/hw/acpi_piix4.c b/hw/acpi_piix4.c
index c1a58d3..d2ba56e 100644
--- a/hw/acpi_piix4.c
+++ b/hw/acpi_piix4.c
@@ -582,7 +582,6 @@ static void piix4_acpi_system_hot_add_init(PCIBus *bus, 
PIIX4PMState *s)
 memory_region_init_io(&s->io_gpe, &piix4_gpe_ops, s, "apci-gpe0",
   GPE_LEN);
 memory_region_add_subregion(get_system_io(), GPE_BASE, &s->io_gpe);
-acpi_gpe_blk(&s->ar, 0);
 
 register_ioport_read(PCI_UP_BASE, 4, 4, pci_up_read, s);
 register_ioport_read(PCI_DOWN_BASE, 4, 4, pci_down_read, s);
-- 
1.7.1

[Qemu-devel] [PATCH 09/18] apci: switch ich9 gpe to memory api

[Gerd Hoffmann]

Signed-off-by: Gerd Hoffmann 
---
 hw/acpi_ich9.c |   38 --
 hw/acpi_ich9.h |1 +
 2 files changed, 29 insertions(+), 10 deletions(-)

diff --git a/hw/acpi_ich9.c b/hw/acpi_ich9.c
index 3b5bac6..5fc160a 100644
--- a/hw/acpi_ich9.c
+++ b/hw/acpi_ich9.c
@@ -73,12 +73,7 @@ static void ich9_pm_update_sci_fn(ACPIREGS *regs)
 
 static void pm_ioport_writeb(void *opaque, uint32_t addr, uint32_t val)
 {
-ICH9LPCPMRegs *pm = opaque;
-
 switch (addr & ICH9_PMIO_MASK) {
-case ICH9_PMIO_GPE0_STS ... (ICH9_PMIO_GPE0_STS + ICH9_PMIO_GPE0_LEN - 1):
-acpi_gpe_ioport_writeb(&pm->acpi_regs, addr, val);
-break;
 default:
 break;
 }
@@ -88,13 +83,9 @@ static void pm_ioport_writeb(void *opaque, uint32_t addr, 
uint32_t val)
 
 static uint32_t pm_ioport_readb(void *opaque, uint32_t addr)
 {
-ICH9LPCPMRegs *pm = opaque;
 uint32_t val = 0;
 
 switch (addr & ICH9_PMIO_MASK) {
-case ICH9_PMIO_GPE0_STS ... (ICH9_PMIO_GPE0_STS + ICH9_PMIO_GPE0_LEN - 1):
-val = acpi_gpe_ioport_readb(&pm->acpi_regs, addr);
-break;
 default:
 val = 0;
 break;
@@ -209,6 +200,29 @@ static const MemoryRegionOps pm_io_ops = {
 .endianness = DEVICE_LITTLE_ENDIAN,
 };
 
+static uint64_t ich9_gpe_readb(void *opaque, hwaddr addr, unsigned width)
+{
+ICH9LPCPMRegs *pm = opaque;
+return acpi_gpe_ioport_readb(&pm->acpi_regs, addr);
+}
+
+static void ich9_gpe_writeb(void *opaque, hwaddr addr, uint64_t val,
+unsigned width)
+{
+ICH9LPCPMRegs *pm = opaque;
+acpi_gpe_ioport_writeb(&pm->acpi_regs, addr, val);
+}
+
+static const MemoryRegionOps ich9_gpe_ops = {
+.read = ich9_gpe_readb,
+.write = ich9_gpe_writeb,
+.valid.min_access_size = 1,
+.valid.max_access_size = 4,
+.impl.min_access_size = 1,
+.impl.max_access_size = 1,
+.endianness = DEVICE_LITTLE_ENDIAN,
+};
+
 void ich9_pm_iospace_update(ICH9LPCPMRegs *pm, uint32_t pm_io_base)
 {
 ICH9_DEBUG("to 0x%x\n", pm_io_base);
@@ -297,8 +311,12 @@ void ich9_pm_init(ICH9LPCPMRegs *pm, qemu_irq sci_irq, 
qemu_irq cmos_s3)
 acpi_pm_tmr_init(&pm->acpi_regs, ich9_pm_update_sci_fn, &pm->io);
 acpi_pm1_evt_init(&pm->acpi_regs, ich9_pm_update_sci_fn, &pm->io);
 acpi_pm1_cnt_init(&pm->acpi_regs, &pm->io);
+
 acpi_gpe_init(&pm->acpi_regs, ICH9_PMIO_GPE0_LEN);
-acpi_gpe_blk(&pm->acpi_regs, ICH9_PMIO_GPE0_STS);
+acpi_gpe_blk(&pm->acpi_regs, 0);
+memory_region_init_io(&pm->io_gpe, &ich9_gpe_ops, pm, "apci-gpe0",
+  ICH9_PMIO_GPE0_LEN);
+memory_region_add_subregion(&pm->io, ICH9_PMIO_GPE0_STS, &pm->io_gpe);
 
 pm->irq = sci_irq;
 qemu_register_reset(pm_reset, pm);
diff --git a/hw/acpi_ich9.h b/hw/acpi_ich9.h
index 0a2ee6c..f3b05d7 100644
--- a/hw/acpi_ich9.h
+++ b/hw/acpi_ich9.h
@@ -31,6 +31,7 @@ typedef struct ICH9LPCPMRegs {
  */
 ACPIREGS acpi_regs;
 MemoryRegion io;
+MemoryRegion io_gpe;
 uint32_t smi_en;
 uint32_t smi_sts;
 
-- 
1.7.1

[Qemu-devel] [PULL 00/18] acpi: switch to memory api

[Gerd Hoffmann]

  Hi,

Same patches as posted last week.  No review comments, 1.4 tree
open, so it should be ready to go in now.

cheers,
  Gerd

The following changes since commit 16c6c80ac3a772b42a87b77dfdf0fdac7c607b0e:

  Open up 1.4 development branch (2012-12-03 14:08:40 -0600)

are available in the git repository at:
  git://git.kraxel.org/qemu acpi.1

Gerd Hoffmann (18):
  apci: switch piix4 to memory api
  apci: switch ich9 to memory api
  apci: switch vt82c686 to memory api
  apci: switch timer to memory api
  apci: switch cnt to memory api
  apci: switch evt to memory api
  acpi: cleanup piix4 memory region
  acpi: cleanup vt82c686 memory region
  apci: switch ich9 gpe to memory api
  apci: switch ich9 smi to memory api
  acpi: cleanup ich9 memory region
  acpi: switch smbus to memory api
  acpi: fix piix4 smbus mapping
  apci: switch piix4 gpe to memory api
  acpi: remove acpi_gpe_blk
  apci: switch piix4 pci hotplug to memory api
  q35: update lpc pci config space according to configured devices
  acpi: drop debug port

 hw/acpi.c   |  113 ++-
 hw/acpi.h   |   18 +++--
 hw/acpi_ich9.c  |  199 ++
 hw/acpi_ich9.h  |3 +
 hw/acpi_piix4.c |  183 +++
 hw/ich9.h   |1 +
 hw/lpc_ich9.c   |   29 
 hw/pm_smbus.c   |   17 -
 hw/pm_smbus.h   |3 +-
 hw/smbus_ich9.c |   64 --
 hw/vt82c686.c   |  102 +
 11 files changed, 317 insertions(+), 415 deletions(-)

[Qemu-devel] [RFC 4/8] libqemustub: vmstate register/unregister stubs

[Eduardo Habkost]

Add vmstate stub functions, so that qdev.o can be used without savevm.o
when vmstate support is not necessary (i.e. by *-user).

Signed-off-by: Eduardo Habkost 
---
Originally submitted as:
  Subject: qdev-core: isolate vmstate handling into separate functions

Changes v1 -> v2:
 - Add GCC_WEAK_DECL to function declarations

Changes v2 -> v3:
 - Subject: qdev: add weak aliases for vmstate handling on qdev.c
 - Make vmstate_register_with_alias_id()/vmstate_unregister()
   have GCC_WEAK versions, instead of creating a new function
 - Kept qdev_get_vmsd() inside qdev.c

Changss v3 -> v4:
 - Use the new QEMU_WEAK_ALIAS system instead of GCC_WEAK

Changes v4 -> v5:
 - Use the new libqemustub.a, instead of QEMU_WEAK_ALIAS

Changes v5 -> v6:
 - Cosmetic whitespace changes
---
 stubs/Makefile.objs |  1 +
 stubs/vmstate.c | 17 +
 2 files changed, 18 insertions(+)
 create mode 100644 stubs/vmstate.c

diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 00f0b64..ca2197e 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -6,4 +6,5 @@ stub-obj-y += fdset-remove-fd.o
 stub-obj-y += get-fd.o
 stub-obj-y += set-fd-handler.o
 stub-obj-y += reset.o
+stub-obj-y += vmstate.o
 stub-obj-$(CONFIG_WIN32) += fd-register.o
diff --git a/stubs/vmstate.c b/stubs/vmstate.c
new file mode 100644
index 000..badf79e
--- /dev/null
+++ b/stubs/vmstate.c
@@ -0,0 +1,17 @@
+#include "qemu-common.h"
+#include "vmstate.h"
+
+int vmstate_register_with_alias_id(DeviceState *dev,
+   int instance_id,
+   const VMStateDescription *vmsd,
+   void *base, int alias_id,
+   int required_for_version)
+{
+return 0;
+}
+
+void vmstate_unregister(DeviceState *dev,
+const VMStateDescription *vmsd,
+void *opaque)
+{
+}
-- 
1.7.11.7

[Qemu-devel] [PATCH 01/18] apci: switch piix4 to memory api

[Gerd Hoffmann]

Signed-off-by: Gerd Hoffmann 
---
 hw/acpi_piix4.c |   41 -
 1 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/hw/acpi_piix4.c b/hw/acpi_piix4.c
index 519269a..320e045 100644
--- a/hw/acpi_piix4.c
+++ b/hw/acpi_piix4.c
@@ -28,6 +28,7 @@
 #include "range.h"
 #include "ioport.h"
 #include "fw_cfg.h"
+#include "exec-memory.h"
 
 //#define DEBUG
 
@@ -55,7 +56,7 @@ struct pci_status {
 
 typedef struct PIIX4PMState {
 PCIDevice dev;
-IORange ioport;
+MemoryRegion io;
 ACPIREGS ar;
 
 APMState apm;
@@ -109,10 +110,10 @@ static void pm_tmr_timer(ACPIREGS *ar)
 pm_update_sci(s);
 }
 
-static void pm_ioport_write(IORange *ioport, uint64_t addr, unsigned width,
-uint64_t val)
+static void pm_ioport_write(void *opaque, hwaddr addr, uint64_t val,
+unsigned width)
 {
-PIIX4PMState *s = container_of(ioport, PIIX4PMState, ioport);
+PIIX4PMState *s = opaque;
 
 if (width != 2) {
 PIIX4_DPRINTF("PM write port=0x%04x width=%d val=0x%08x\n",
@@ -138,10 +139,9 @@ static void pm_ioport_write(IORange *ioport, uint64_t 
addr, unsigned width,
   (unsigned int)val);
 }
 
-static void pm_ioport_read(IORange *ioport, uint64_t addr, unsigned width,
-uint64_t *data)
+static uint64_t pm_ioport_read(void *opaque, hwaddr addr, unsigned width)
 {
-PIIX4PMState *s = container_of(ioport, PIIX4PMState, ioport);
+PIIX4PMState *s = opaque;
 uint32_t val;
 
 switch(addr) {
@@ -162,12 +162,17 @@ static void pm_ioport_read(IORange *ioport, uint64_t 
addr, unsigned width,
 break;
 }
 PIIX4_DPRINTF("PM readw port=0x%04x val=0x%04x\n", (unsigned int)addr, 
val);
-*data = val;
+return val;
 }
 
-static const IORangeOps pm_iorange_ops = {
+static const MemoryRegionOps pm_io_ops = {
 .read = pm_ioport_read,
 .write = pm_ioport_write,
+.valid.min_access_size = 1,
+.valid.max_access_size = 4,
+.impl.min_access_size = 1,
+.impl.max_access_size = 4,
+.endianness = DEVICE_LITTLE_ENDIAN,
 };
 
 static void apm_ctrl_changed(uint32_t val, void *arg)
@@ -193,15 +198,13 @@ static void pm_io_space_update(PIIX4PMState *s)
 {
 uint32_t pm_io_base;
 
-if (s->dev.config[0x80] & 1) {
-pm_io_base = le32_to_cpu(*(uint32_t *)(s->dev.config + 0x40));
-pm_io_base &= 0xffc0;
+pm_io_base = le32_to_cpu(*(uint32_t *)(s->dev.config + 0x40));
+pm_io_base &= 0xffc0;
 
-/* XXX: need to improve memory and ioport allocation */
-PIIX4_DPRINTF("PM: mapping to 0x%x\n", pm_io_base);
-iorange_init(&s->ioport, &pm_iorange_ops, pm_io_base, 64);
-ioport_register(&s->ioport);
-}
+memory_region_transaction_begin();
+memory_region_set_enabled(&s->io, s->dev.config[0x80] & 1);
+memory_region_set_address(&s->io, pm_io_base);
+memory_region_transaction_commit();
 }
 
 static void pm_write_config(PCIDevice *d,
@@ -456,6 +459,10 @@ static int piix4_pm_initfn(PCIDevice *dev)
 register_ioport_write(s->smb_io_base, 64, 1, smb_ioport_writeb, &s->smb);
 register_ioport_read(s->smb_io_base, 64, 1, smb_ioport_readb, &s->smb);
 
+memory_region_init_io(&s->io, &pm_io_ops, s, "piix4-pm", 64);
+memory_region_set_enabled(&s->io, false);
+memory_region_add_subregion(get_system_io(), 0, &s->io);
+
 acpi_pm_tmr_init(&s->ar, pm_tmr_timer);
 acpi_gpe_init(&s->ar, GPE_LEN);
 
-- 
1.7.1

[Qemu-devel] [RFC 7/8] include qdev code into *-user, too

[Eduardo Habkost]

The code depends on some functions from qemu-option.o, so add
qemu-option.o to universal-obj-y to make sure it's included.

Signed-off-by: Eduardo Habkost 
---
Changes v1 -> v2:
 - Keep files on the hw/ directory
   (it's simply easier to keep them there, as qdev.o depends on irq.o)
 - Add a $(hw-core-obj-y) variable to Makefile.objs for the qdev core code
 - Add irq.o to the list of core qdev files
   (as now the gpio code is being kept inside qdev.c)

Changes v2 -> v3:
 - Add reset.o to hw-core-obj-y

Changes v3 -> v4:
 - Removed reset.o again (it was replaced by stubs on libqemustub.a)
---
 Makefile.objs| 8 
 hw/Makefile.objs | 9 +++--
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/Makefile.objs b/Makefile.objs
index 0a0a33a..8fe4991 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -31,6 +31,13 @@ qom-obj-y = qom/
 universal-obj-y += $(qom-obj-y)
 
 ###
+# Core hw code (qdev core)
+hw-core-obj-y += hw/
+hw-core-obj-y += qemu-option.o
+
+universal-obj-y += $(hw-core-obj-y)
+
+###
 # oslib-obj-y is code depending on the OS (win32 vs posix)
 oslib-obj-y = osdep.o cutils.o qemu-timer-common.o
 oslib-obj-$(CONFIG_WIN32) += oslib-win32.o qemu-thread-win32.o
@@ -253,5 +260,6 @@ nested-vars += \
block-obj-y \
user-obj-y \
common-obj-y \
+   hw-core-obj-y \
extra-obj-y
 dummy := $(call unnest-vars)
diff --git a/hw/Makefile.objs b/hw/Makefile.objs
index 96a8365..1815536 100644
--- a/hw/Makefile.objs
+++ b/hw/Makefile.objs
@@ -1,3 +1,9 @@
+# core qdev-related obj files, also used by *-user:
+hw-core-obj-y += qdev.o qdev-properties.o
+# irq.o needed for qdev GPIO handling:
+hw-core-obj-y += irq.o
+
+
 common-obj-y = usb/ ide/
 common-obj-y += loader.o
 common-obj-$(CONFIG_VIRTIO) += virtio-console.o
@@ -158,7 +164,6 @@ common-obj-$(CONFIG_SOUND) += $(sound-obj-y)
 common-obj-$(CONFIG_REALLY_VIRTFS) += 9pfs/
 
 common-obj-y += usb/
-common-obj-y += irq.o
 common-obj-$(CONFIG_PTIMER) += ptimer.o
 common-obj-$(CONFIG_MAX7310) += max7310.o
 common-obj-$(CONFIG_WM8750) += wm8750.o
@@ -184,7 +189,7 @@ common-obj-$(CONFIG_SD) += sd.o
 common-obj-y += bt.o bt-l2cap.o bt-sdp.o bt-hci.o bt-hid.o
 common-obj-y += bt-hci-csr.o
 common-obj-y += msmouse.o ps2.o
-common-obj-y += qdev.o qdev-properties.o qdev-monitor.o
+common-obj-y += qdev-monitor.o
 common-obj-y += qdev-properties-system.o
 common-obj-$(CONFIG_BRLAPI) += baum.o
 
-- 
1.7.11.7

[Qemu-devel] [PATCH 10/18] apci: switch ich9 smi to memory api

[Gerd Hoffmann]

Signed-off-by: Gerd Hoffmann 
---
 hw/acpi_ich9.c |   46 --
 hw/acpi_ich9.h |1 +
 2 files changed, 37 insertions(+), 10 deletions(-)

diff --git a/hw/acpi_ich9.c b/hw/acpi_ich9.c
index 5fc160a..0ed17da 100644
--- a/hw/acpi_ich9.c
+++ b/hw/acpi_ich9.c
@@ -119,12 +119,7 @@ static uint32_t pm_ioport_readw(void *opaque, uint32_t 
addr)
 
 static void pm_ioport_writel(void *opaque, uint32_t addr, uint32_t val)
 {
-ICH9LPCPMRegs *pm = opaque;
-
 switch (addr & ICH9_PMIO_MASK) {
-case ICH9_PMIO_SMI_EN:
-pm->smi_en = val;
-break;
 default:
 pm_ioport_write_fallback(opaque, addr, 4, val);
 break;
@@ -134,14 +129,9 @@ static void pm_ioport_writel(void *opaque, uint32_t addr, 
uint32_t val)
 
 static uint32_t pm_ioport_readl(void *opaque, uint32_t addr)
 {
-ICH9LPCPMRegs *pm = opaque;
 uint32_t val;
 
 switch (addr & ICH9_PMIO_MASK) {
-case ICH9_PMIO_SMI_EN:
-val = pm->smi_en;
-break;
-
 default:
 val = pm_ioport_read_fallback(opaque, addr, 4);
 break;
@@ -223,6 +213,38 @@ static const MemoryRegionOps ich9_gpe_ops = {
 .endianness = DEVICE_LITTLE_ENDIAN,
 };
 
+static uint64_t ich9_smi_readl(void *opaque, hwaddr addr, unsigned width)
+{
+ICH9LPCPMRegs *pm = opaque;
+switch (addr) {
+case 0:
+return pm->smi_en;
+case 4:
+return pm->smi_sts;
+default:
+return 0;
+}
+}
+
+static void ich9_smi_writel(void *opaque, hwaddr addr, uint64_t val,
+unsigned width)
+{
+ICH9LPCPMRegs *pm = opaque;
+switch (addr) {
+case 0:
+pm->smi_en = val;
+break;
+}
+}
+
+static const MemoryRegionOps ich9_smi_ops = {
+.read = ich9_smi_readl,
+.write = ich9_smi_writel,
+.valid.min_access_size = 4,
+.valid.max_access_size = 4,
+.endianness = DEVICE_LITTLE_ENDIAN,
+};
+
 void ich9_pm_iospace_update(ICH9LPCPMRegs *pm, uint32_t pm_io_base)
 {
 ICH9_DEBUG("to 0x%x\n", pm_io_base);
@@ -318,6 +340,10 @@ void ich9_pm_init(ICH9LPCPMRegs *pm, qemu_irq sci_irq, 
qemu_irq cmos_s3)
   ICH9_PMIO_GPE0_LEN);
 memory_region_add_subregion(&pm->io, ICH9_PMIO_GPE0_STS, &pm->io_gpe);
 
+memory_region_init_io(&pm->io_smi, &ich9_smi_ops, pm, "apci-smi",
+  8);
+memory_region_add_subregion(&pm->io, ICH9_PMIO_SMI_EN, &pm->io_smi);
+
 pm->irq = sci_irq;
 qemu_register_reset(pm_reset, pm);
 pm->powerdown_notifier.notify = pm_powerdown_req;
diff --git a/hw/acpi_ich9.h b/hw/acpi_ich9.h
index f3b05d7..bc221d3 100644
--- a/hw/acpi_ich9.h
+++ b/hw/acpi_ich9.h
@@ -32,6 +32,7 @@ typedef struct ICH9LPCPMRegs {
 ACPIREGS acpi_regs;
 MemoryRegion io;
 MemoryRegion io_gpe;
+MemoryRegion io_smi;
 uint32_t smi_en;
 uint32_t smi_sts;
 
-- 
1.7.1

[Qemu-devel] [RFC 8/8] qom: make CPU a child of DeviceState

[Eduardo Habkost]

From: Igor Mammedov 

Signed-off-by: Igor Mammedov 
[ehabkost: change CPU type declaration to hae TYPE_DEVICE as parent]
Signed-off-by: Eduardo Habkost 
---
Yes, there is "changelog" data before the "---" mark, but I believe that
in this case they are important to indicate authorship and the scope of
the Signed-off-by lines (so they need to get into the git commit
message).
---
 include/qemu/cpu.h | 6 +++---
 qom/cpu.c  | 3 ++-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/include/qemu/cpu.h b/include/qemu/cpu.h
index 61b7698..bc004fd 100644
--- a/include/qemu/cpu.h
+++ b/include/qemu/cpu.h
@@ -20,7 +20,7 @@
 #ifndef QEMU_CPU_H
 #define QEMU_CPU_H
 
-#include "qemu/object.h"
+#include "hw/qdev-core.h"
 #include "qemu-thread.h"
 
 /**
@@ -46,7 +46,7 @@ typedef struct CPUState CPUState;
  */
 typedef struct CPUClass {
 /*< private >*/
-ObjectClass parent_class;
+DeviceClass parent_class;
 /*< public >*/
 
 void (*reset)(CPUState *cpu);
@@ -62,7 +62,7 @@ typedef struct CPUClass {
  */
 struct CPUState {
 /*< private >*/
-Object parent_obj;
+DeviceState parent_obj;
 /*< public >*/
 
 struct QemuThread *thread;
diff --git a/qom/cpu.c b/qom/cpu.c
index 5b36046..f59db7d 100644
--- a/qom/cpu.c
+++ b/qom/cpu.c
@@ -20,6 +20,7 @@
 
 #include "qemu/cpu.h"
 #include "qemu-common.h"
+#include "hw/qdev-core.h"
 
 void cpu_reset(CPUState *cpu)
 {
@@ -43,7 +44,7 @@ static void cpu_class_init(ObjectClass *klass, void *data)
 
 static TypeInfo cpu_type_info = {
 .name = TYPE_CPU,
-.parent = TYPE_OBJECT,
+.parent = TYPE_DEVICE,
 .instance_size = sizeof(CPUState),
 .abstract = true,
 .class_size = sizeof(CPUClass),
-- 
1.7.11.7

[Qemu-devel] [PATCH 08/18] acpi: cleanup vt82c686 memory region

[Gerd Hoffmann]

Nothing left to do, everything handled by subregions,
we can zap the reaw/write handlers now.

Signed-off-by: Gerd Hoffmann 
---
 hw/vt82c686.c |   61 +
 1 files changed, 1 insertions(+), 60 deletions(-)

diff --git a/hw/vt82c686.c b/hw/vt82c686.c
index 52f46f1..99e6b2f 100644
--- a/hw/vt82c686.c
+++ b/hw/vt82c686.c
@@ -197,65 +197,6 @@ static void pm_tmr_timer(ACPIREGS *ar)
 pm_update_sci(s);
 }
 
-static void pm_ioport_writew(void *opaque, uint32_t addr, uint32_t val)
-{
-addr &= 0x0f;
-switch (addr) {
-default:
-break;
-}
-DPRINTF("PM writew port=0x%04x val=0x%02x\n", addr, val);
-}
-
-static uint32_t pm_ioport_readw(void *opaque, uint32_t addr)
-{
-uint32_t val;
-
-addr &= 0x0f;
-switch (addr) {
-default:
-val = 0;
-break;
-}
-DPRINTF("PM readw port=0x%04x val=0x%02x\n", addr, val);
-return val;
-}
-
-static void pm_ioport_writel(void *opaque, uint32_t addr, uint32_t val)
-{
-addr &= 0x0f;
-DPRINTF("PM writel port=0x%04x val=0x%08x\n", addr, val);
-}
-
-static uint32_t pm_ioport_readl(void *opaque, uint32_t addr)
-{
-uint32_t val;
-
-addr &= 0x0f;
-switch (addr) {
-default:
-val = 0;
-break;
-}
-DPRINTF("PM readl port=0x%04x val=0x%08x\n", addr, val);
-return val;
-}
-
-static const MemoryRegionOps pm_io_ops = {
-.old_portio = (MemoryRegionPortio[]) {
-{ .offset = 0, .len = 64, .size = 2,
-  .read = pm_ioport_readw, .write = pm_ioport_writew },
-{ .offset = 0, .len = 64, .size = 4,
-  .read = pm_ioport_readl, .write = pm_ioport_writel },
-PORTIO_END_OF_LIST(),
-},
-.valid.min_access_size = 1,
-.valid.max_access_size = 4,
-.impl.min_access_size = 1,
-.impl.max_access_size = 4,
-.endianness = DEVICE_LITTLE_ENDIAN,
-};
-
 static void pm_io_space_update(VT686PMState *s)
 {
 uint32_t pm_io_base;
@@ -415,7 +356,7 @@ static int vt82c686b_pm_initfn(PCIDevice *dev)
 
 apm_init(&s->apm, NULL, s);
 
-memory_region_init_io(&s->io, &pm_io_ops, s, "vt82c686-pm", 64);
+memory_region_init(&s->io, "vt82c686-pm", 64);
 memory_region_set_enabled(&s->io, false);
 memory_region_add_subregion(get_system_io(), 0, &s->io);
 
-- 
1.7.1

[Qemu-devel] [PATCH 03/18] apci: switch vt82c686 to memory api

[Gerd Hoffmann]

Signed-off-by: Gerd Hoffmann 
---
 hw/vt82c686.c |   37 +++--
 1 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/hw/vt82c686.c b/hw/vt82c686.c
index 5d7c00c..3fc6063 100644
--- a/hw/vt82c686.c
+++ b/hw/vt82c686.c
@@ -24,6 +24,7 @@
 #include "pm_smbus.h"
 #include "sysemu.h"
 #include "qemu-timer.h"
+#include "exec-memory.h"
 
 typedef uint32_t pci_addr_t;
 #include "pci_host.h"
@@ -159,6 +160,7 @@ static void vt82c686b_write_config(PCIDevice * d, uint32_t 
address,
 
 typedef struct VT686PMState {
 PCIDevice dev;
+MemoryRegion io;
 ACPIREGS ar;
 APMState apm;
 PMSMBus smb;
@@ -266,21 +268,32 @@ static uint32_t pm_ioport_readl(void *opaque, uint32_t 
addr)
 return val;
 }
 
+static const MemoryRegionOps pm_io_ops = {
+.old_portio = (MemoryRegionPortio[]) {
+{ .offset = 0, .len = 64, .size = 2,
+  .read = pm_ioport_readw, .write = pm_ioport_writew },
+{ .offset = 0, .len = 64, .size = 4,
+  .read = pm_ioport_readl, .write = pm_ioport_writel },
+PORTIO_END_OF_LIST(),
+},
+.valid.min_access_size = 1,
+.valid.max_access_size = 4,
+.impl.min_access_size = 1,
+.impl.max_access_size = 4,
+.endianness = DEVICE_LITTLE_ENDIAN,
+};
+
 static void pm_io_space_update(VT686PMState *s)
 {
 uint32_t pm_io_base;
 
-if (s->dev.config[0x80] & 1) {
-pm_io_base = pci_get_long(s->dev.config + 0x40);
-pm_io_base &= 0xffc0;
+pm_io_base = pci_get_long(s->dev.config + 0x40);
+pm_io_base &= 0xffc0;
 
-/* XXX: need to improve memory and ioport allocation */
-DPRINTF("PM: mapping to 0x%x\n", pm_io_base);
-register_ioport_write(pm_io_base, 64, 2, pm_ioport_writew, s);
-register_ioport_read(pm_io_base, 64, 2, pm_ioport_readw, s);
-register_ioport_write(pm_io_base, 64, 4, pm_ioport_writel, s);
-register_ioport_read(pm_io_base, 64, 4, pm_ioport_readl, s);
-}
+memory_region_transaction_begin();
+memory_region_set_enabled(&s->io, s->dev.config[0x80] & 1);
+memory_region_set_address(&s->io, pm_io_base);
+memory_region_transaction_commit();
 }
 
 static void pm_write_config(PCIDevice *d,
@@ -429,6 +442,10 @@ static int vt82c686b_pm_initfn(PCIDevice *dev)
 
 apm_init(&s->apm, NULL, s);
 
+memory_region_init_io(&s->io, &pm_io_ops, s, "vt82c686-pm", 64);
+memory_region_set_enabled(&s->io, false);
+memory_region_add_subregion(get_system_io(), 0, &s->io);
+
 acpi_pm_tmr_init(&s->ar, pm_tmr_timer);
 acpi_pm1_cnt_init(&s->ar);
 
-- 
1.7.1

[Qemu-devel] [PATCH 07/18] acpi: cleanup piix4 memory region

[Gerd Hoffmann]

Nothing left to do, everything handled by subregions,
we can zap the reaw/write handlers now.

Signed-off-by: Gerd Hoffmann 
---
 hw/acpi_piix4.c |   41 +
 1 files changed, 1 insertions(+), 40 deletions(-)

diff --git a/hw/acpi_piix4.c b/hw/acpi_piix4.c
index d4e28c4..cf8aa3d 100644
--- a/hw/acpi_piix4.c
+++ b/hw/acpi_piix4.c
@@ -110,45 +110,6 @@ static void pm_tmr_timer(ACPIREGS *ar)
 pm_update_sci(s);
 }
 
-static void pm_ioport_write(void *opaque, hwaddr addr, uint64_t val,
-unsigned width)
-{
-if (width != 2) {
-PIIX4_DPRINTF("PM write port=0x%04x width=%d val=0x%08x\n",
-  (unsigned)addr, width, (unsigned)val);
-}
-
-switch(addr) {
-default:
-break;
-}
-PIIX4_DPRINTF("PM writew port=0x%04x val=0x%04x\n", (unsigned int)addr,
-  (unsigned int)val);
-}
-
-static uint64_t pm_ioport_read(void *opaque, hwaddr addr, unsigned width)
-{
-uint32_t val;
-
-switch(addr) {
-default:
-val = 0;
-break;
-}
-PIIX4_DPRINTF("PM readw port=0x%04x val=0x%04x\n", (unsigned int)addr, 
val);
-return val;
-}
-
-static const MemoryRegionOps pm_io_ops = {
-.read = pm_ioport_read,
-.write = pm_ioport_write,
-.valid.min_access_size = 1,
-.valid.max_access_size = 4,
-.impl.min_access_size = 1,
-.impl.max_access_size = 4,
-.endianness = DEVICE_LITTLE_ENDIAN,
-};
-
 static void apm_ctrl_changed(uint32_t val, void *arg)
 {
 PIIX4PMState *s = arg;
@@ -433,7 +394,7 @@ static int piix4_pm_initfn(PCIDevice *dev)
 register_ioport_write(s->smb_io_base, 64, 1, smb_ioport_writeb, &s->smb);
 register_ioport_read(s->smb_io_base, 64, 1, smb_ioport_readb, &s->smb);
 
-memory_region_init_io(&s->io, &pm_io_ops, s, "piix4-pm", 64);
+memory_region_init(&s->io, "piix4-pm", 64);
 memory_region_set_enabled(&s->io, false);
 memory_region_add_subregion(get_system_io(), 0, &s->io);
 
-- 
1.7.1

[Qemu-devel] [RFC 1/8] move -I$(SRC_PATH)/include compiler flag to Makefile.objs

[Eduardo Habkost]

The flag is necessary for code that doesn't use the variables from
Makefile (but use Makefile.objs), like libcacard/ and stubs/.

Signed-off-by: Eduardo Habkost 
---
 Makefile  |  1 -
 Makefile.objs | 15 +--
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/Makefile b/Makefile
index 9ecbcbb..739d9cd 100644
--- a/Makefile
+++ b/Makefile
@@ -145,7 +145,6 @@ audio/audio.o audio/fmodaudio.o: QEMU_CFLAGS += 
$(FMOD_CFLAGS)
 
 QEMU_CFLAGS+=$(CURL_CFLAGS)
 
-QEMU_CFLAGS += -I$(SRC_PATH)/include
 
 ui/cocoa.o: ui/cocoa.m
 
diff --git a/Makefile.objs b/Makefile.objs
index 3c7abca..0a0a33a 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -1,4 +1,13 @@
 ###
+# general compiler flags
+
+QEMU_CFLAGS += $(GLIB_CFLAGS)
+QEMU_CFLAGS += -I$(SRC_PATH)/include
+
+vl.o: QEMU_CFLAGS+=$(GPROF_CFLAGS)
+vl.o: QEMU_CFLAGS+=$(SDL_CFLAGS)
+
+###
 # Stub library, linked in tools
 stub-obj-y = stubs/
 
@@ -236,12 +245,6 @@ universal-obj-y += $(qapi-obj-y)
 qga-obj-y = qga/ qemu-ga.o module.o qemu-tool.o
 qga-obj-$(CONFIG_POSIX) += qemu-sockets.o qemu-option.o
 
-vl.o: QEMU_CFLAGS+=$(GPROF_CFLAGS)
-
-vl.o: QEMU_CFLAGS+=$(SDL_CFLAGS)
-
-QEMU_CFLAGS+=$(GLIB_CFLAGS)
-
 nested-vars += \
stub-obj-y \
qga-obj-y \
-- 
1.7.11.7

Re: [Qemu-devel] [PATCH 0/8] qemu-common.h header cleanups

[Andreas Färber]

Hi Paolo,

Am 04.12.2012 09:50, schrieb Paolo Bonzini:
> Il 30/11/2012 21:53, Andreas Färber ha scritto:
>> Thanks, applied the remaining patches to qom-cpu:
>> https://github.com/afaerber/qemu-cpu/commits/qom-cpu
>>
>> I had already re-verified that qemu-types.h didn't loose anything but
>> didn't push until now. Sorry.
> 
> Hi Andreas,
> 
> I would like to get the header file renaming in as soon as possible, can
> you make a pull request of this for me to rebase onto?

I have one or two patches ready to add to that, then I'll flush it!

And I was about to ask you: Do you have a tree ready that I could rebase
my QOM realize / ISA work on?

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

[Qemu-devel] [RFC 6/8] qdev-properties.c: separate core from the code used only by qemu-system-*

[Eduardo Habkost]

This separates the qdev properties code in two parts:
 - qdev-properties.c, that contains most of the qdev properties code;
 - qdev-properties-system.c for code specific for qemu-system-*,
   containing:
   - Property types: drive, chr, netdev, vlan, that depend on code that
 won't be included on *-user
   - qemu_add_globals(), that depends on qemu-config.o.

This change should help on two things:
 - Allowing DeviceState to be used by *-user without pulling
   dependencies that are specific for qemu-system-*;
 - Writing qdev unit tests without pulling too many dependencies.

The copyright/license header for the new file is directly copied from
qdev-properties.c.

Signed-off-by: Eduardo Habkost 
---
Detailed changelog:

Changes v1 (ehabkost) -> v2 (imammedo):
 - keep qdev_get_child_bus() in hw/qdev.c
 - put qdev_set_nic_properties() in hw/qdev-properties-system.c

Changes v2 -> v3 (ehabkost):
 - updated the qdev_init_gpio_in() code on qdev-system.c to current
   version

Changes v3 -> v4 (ehabkost):
 - Added copyright/license information to qdev-properties-system.c
   (based on copyright/license of qdev-properties.c)
 - Whitespace change at the end of qdev-properties.c
 - Don't create qdev-system.c, now we can keep the qdev.c code as-is
   as the qdev.c dependencies were reduced
 - Rewrite patch description

Changes v4 -> v5 (ehabkost):
 - Remove large copyright header and instead just point to the original
   file it was based on

Changes v5 -> v6 (ehabkost):
 - Removed inter-SoB line changelog from commit message
---
 hw/Makefile.objs|   1 +
 hw/qdev-properties-system.c | 352 
 hw/qdev-properties.c| 321 +---
 hw/qdev-properties.h|   1 +
 hw/qdev.c   |  13 --
 5 files changed, 355 insertions(+), 333 deletions(-)
 create mode 100644 hw/qdev-properties-system.c

diff --git a/hw/Makefile.objs b/hw/Makefile.objs
index d581d8d..96a8365 100644
--- a/hw/Makefile.objs
+++ b/hw/Makefile.objs
@@ -185,6 +185,7 @@ common-obj-y += bt.o bt-l2cap.o bt-sdp.o bt-hci.o bt-hid.o
 common-obj-y += bt-hci-csr.o
 common-obj-y += msmouse.o ps2.o
 common-obj-y += qdev.o qdev-properties.o qdev-monitor.o
+common-obj-y += qdev-properties-system.o
 common-obj-$(CONFIG_BRLAPI) += baum.o
 
 # xen backend driver support
diff --git a/hw/qdev-properties-system.c b/hw/qdev-properties-system.c
new file mode 100644
index 000..9a7e0b3
--- /dev/null
+++ b/hw/qdev-properties-system.c
@@ -0,0 +1,352 @@
+/*
+ * qdev property parsing and global properties
+ * (parts specific for qemu-system-*)
+ *
+ * This file is based on code from hw/qdev-properties.c from
+ * commit 4e68f7a0819f179c2ff90a60611806c789911cc2,
+ * Copyright (c) Gerd Hoffmann  and other contributors.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "net.h"
+#include "qdev.h"
+#include "qerror.h"
+#include "blockdev.h"
+#include "hw/block-common.h"
+#include "net/hub.h"
+#include "qapi/qapi-visit-core.h"
+
+static void get_pointer(Object *obj, Visitor *v, Property *prop,
+const char *(*print)(void *ptr),
+const char *name, Error **errp)
+{
+DeviceState *dev = DEVICE(obj);
+void **ptr = qdev_get_prop_ptr(dev, prop);
+char *p;
+
+p = (char *) (*ptr ? print(*ptr) : "");
+visit_type_str(v, &p, name, errp);
+}
+
+static void set_pointer(Object *obj, Visitor *v, Property *prop,
+int (*parse)(DeviceState *dev, const char *str,
+ void **ptr),
+const char *name, Error **errp)
+{
+DeviceState *dev = DEVICE(obj);
+Error *local_err = NULL;
+void **ptr = qdev_get_prop_ptr(dev, prop);
+char *str;
+int ret;
+
+if (dev->state != DEV_STATE_CREATED) {
+error_set(errp, QERR_PERMISSION_DENIED);
+return;
+}
+
+visit_type_str(v, &str, name, &local_err);
+if (local_err) {
+error_propagate(errp, local_err);
+return;
+}
+if (!*str) {
+g_free(str);
+*ptr = NULL;
+return;
+}
+ret = parse(dev, str, ptr);
+error_set_from_qdev_prop_error(errp, ret, dev, prop, str);
+g_free(str);
+}
+
+/* --- drive --- */
+
+static int parse_drive(DeviceState *dev, const char *str, void **ptr)
+{
+BlockDriverState *bs;
+
+bs = bdrv_find(str);
+if (bs == NULL)
+return -ENOENT;
+if (bdrv_attach_dev(bs, dev) < 0)
+return -EEXIST;
+*ptr = bs;
+return 0;
+}
+
+static void release_drive(Object *obj, const char *name, void *opaque)
+{
+DeviceState *dev = DEVICE(obj);
+Property *prop = opaque;
+BlockDriverState **ptr = qdev_get_prop_ptr(dev, prop);
+
+if (*ptr) {
+bdrv_detach_dev(*ptr, dev);
+blockdev_auto_del(*ptr);
+}
+}
+
+static const char *print_drive(void *ptr)
+{

[Qemu-devel] [RFC 0/8] CPU DeviceState v9

[Eduardo Habkost]

Changes on v9:
 - Instead of moving qemu_[un]register_reset() to reset.c and including
   it on *-user, create stubs for them on libqemustub.a
 - This is based on afaerber's qom-cpu branch, that has some header cleanup
   changes. You can get the complete series in a git tree at:
   https://github.com/ehabkost/qemu-hacks/tree/cpu_qdev.v9
   git://github.com/ehabkost/qemu-hacks.git cpu_qdev.v9

v8:
 - Use a simpler copyright header on qdev-properties-system.c
 - Use the new libqemustub.a mechanism instead of the (now exting)
   QEMU_WEAK_ALIAS mechanism
 - Move the reset-handler registration code to a new hw/reset.c file

v7:
 - Use the new QEMU_WEAK_ALIAS mechanism instead of the (now extinct)
   GCC_WEAK attribute (patches 20 and 21)

v6:
 - Simple rebase against latest qemu.git master
 - Patch 13: some new typedefs were added and others were removed
 - Patch 19: trivial rebase
v5:
 - Tons of header cleanups just to eliminate qlist.h <-> cpu-common.h circular
   dependency (patches 1-17)
 - Add copyright/license information to qdev-properties.c (patch 17)
 - Add copyright/license information to qdev-properties-system.c (patch 22)
 - use error_report()+abort() instead of hw_error() on qdev.c (patch 18)
 - Move qemu_[un]register_reset() and qemu_devices_reset() to qdev-core.c
   (patch 19)
 - Make vmstate_[un]register() weak stubs, instead of a new function (patch 20)
 - Make sysbus_get_default() weak stub, instead of new qbus reset (un)register
   functions (patch 21)
 - Eliminate qdev-system.c (all code is kept on qdev.c, now) (patch 22)
v4:
  - Add GCC_WEAK_DECL to functions that have GCC_WEAK versions
  - Updated the qdev_init_gpio_in() code on qdev-system.c to current version
  - Patch description updates (moved changelog below "---" and/or move info
about changes made by different authors between SoB lines)
v3 (submitted by Igor):
  - rebased on top of 8b4a3df (today's master)
  - slight code reshuffling in (see commit's changelog)
 "qdev: separate core from the code used only by qemu-system-*"
 "move qemu_irq typedef out of cpu-common.h"
  - commit messages cleanup
v2:
  Removes the CONFIG_USER_ONLY ifdefs, and use weak symbols to move
  the vmstate and qemu_register_reset() handling to qdev-system.c

git tree for testing:
  https://github.com/ehabkost/qemu-hacks/tree/cpu_qdev.v9
  git://github.com/ehabkost/qemu-hacks.git cpu_qdev.v9

References to previous versions:
  v8: http://article.gmane.org/gmane.comp.emulators.qemu/182589
  v7: http://article.gmane.org/gmane.comp.emulators.qemu/179969
  v6: http://article.gmane.org/gmane.comp.emulators.qemu/179918
  v5: http://article.gmane.org/gmane.comp.emulators.qemu/177426
  v4: http://article.gmane.org/gmane.comp.emulators.qemu/176127
  v3: http://article.gmane.org/gmane.comp.emulators.qemu/175980
  v2: http://article.gmane.org/gmane.comp.emulators.qemu/173909
  v1: http://article.gmane.org/gmane.comp.emulators.qemu/166630


Eduardo Habkost (7):
  move -I$(SRC_PATH)/include compiler flag to Makefile.objs
  qdev: qdev_create(): use error_report() instead of hw_error()
  libqemustub: add qemu_[un]register_reset() stubs
  libqemustub: vmstate register/unregister stubs
  libqemustub: sysbus_get_default() stub
  qdev-properties.c: separate core from the code used only by
qemu-system-*
  include qdev code into *-user, too

Igor Mammedov (1):
  qom: make CPU a child of DeviceState

 Makefile|   1 -
 Makefile.objs   |  23 ++-
 hw/Makefile.objs|  10 +-
 hw/qdev-properties-system.c | 352 
 hw/qdev-properties.c| 321 +---
 hw/qdev-properties.h|   1 +
 hw/qdev.c   |  21 +--
 include/qemu/cpu.h  |   6 +-
 qom/cpu.c   |   3 +-
 stubs/Makefile.objs |   3 +
 stubs/reset.c   |  13 ++
 stubs/sysbus.c  |   6 +
 stubs/vmstate.c |  17 +++
 13 files changed, 428 insertions(+), 349 deletions(-)
 create mode 100644 hw/qdev-properties-system.c
 create mode 100644 stubs/reset.c
 create mode 100644 stubs/sysbus.c
 create mode 100644 stubs/vmstate.c

-- 
1.7.11.7

[Qemu-devel] [PATCH 17/18] q35: update lpc pci config space according to configured devices

[Gerd Hoffmann]

Signed-off-by: Gerd Hoffmann 
---
 hw/ich9.h   |1 +
 hw/lpc_ich9.c   |   29 +
 hw/smbus_ich9.c |   12 
 3 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/hw/ich9.h b/hw/ich9.h
index de49135..34e216f 100644
--- a/hw/ich9.h
+++ b/hw/ich9.h
@@ -51,6 +51,7 @@ typedef struct ICH9LPCState {
 /* isa bus */
 ISABus *isa_bus;
 MemoryRegion rbca_mem;
+Notifier machine_ready;
 
 qemu_irq *pic;
 qemu_irq *ioapic;
diff --git a/hw/lpc_ich9.c b/hw/lpc_ich9.c
index 2fc83a4..6585236 100644
--- a/hw/lpc_ich9.c
+++ b/hw/lpc_ich9.c
@@ -60,6 +60,7 @@
 #include "pam.h"
 #include "pci_internals.h"
 #include "exec-memory.h"
+#include "sysemu.h"
 
 static int ich9_lpc_sci_irq(ICH9LPCState *lpc);
 
@@ -456,6 +457,30 @@ static const MemoryRegionOps rbca_mmio_ops = {
 .endianness = DEVICE_LITTLE_ENDIAN,
 };
 
+static void ich9_lpc_machine_ready(Notifier *n, void *opaque)
+{
+ICH9LPCState *s = container_of(n, ICH9LPCState, machine_ready);
+uint8_t *pci_conf;
+
+pci_conf = s->d.config;
+if (isa_is_ioport_assigned(0x3f8)) {
+/* com1 */
+pci_conf[0x82] |= 0x01;
+}
+if (isa_is_ioport_assigned(0x2f8)) {
+/* com2 */
+pci_conf[0x82] |= 0x02;
+}
+if (isa_is_ioport_assigned(0x378)) {
+/* lpt */
+pci_conf[0x82] |= 0x04;
+}
+if (isa_is_ioport_assigned(0x3f0)) {
+/* floppy */
+pci_conf[0x82] |= 0x08;
+}
+}
+
 static int ich9_lpc_initfn(PCIDevice *d)
 {
 ICH9LPCState *lpc = ICH9_LPC_DEVICE(d);
@@ -473,6 +498,10 @@ static int ich9_lpc_initfn(PCIDevice *d)
 
 ich9_cc_init(lpc);
 apm_init(&lpc->apm, ich9_apm_ctrl_changed, lpc);
+
+lpc->machine_ready.notify = ich9_lpc_machine_ready;
+qemu_add_machine_init_done_notifier(&lpc->machine_ready);
+
 return 0;
 }
 
diff --git a/hw/smbus_ich9.c b/hw/smbus_ich9.c
index 54e7e12..4194785 100644
--- a/hw/smbus_ich9.c
+++ b/hw/smbus_ich9.c
@@ -78,18 +78,6 @@ static int ich9_smbus_initfn(PCIDevice *d)
 pci_config_set_interrupt_pin(d->config, 0x01); /* interrupt pin 1 */
 
 pci_set_byte(d->config + ICH9_SMB_HOSTC, 0);
-
-/*
- * update parameters based on
- * paralell_hds[0]
- * serial_hds[0]
- * serial_hds[0]
- * fdc
- *
- * Is there any OS that depends on them?
- */
-
-pci_set_byte(d->config + ICH9_SMB_HOSTC, 0);
 /* TODO bar0, bar1: 64bit BAR support*/
 
 pm_smbus_init(&d->qdev, &s->smb);
-- 
1.7.1

[Qemu-devel] [RFC 3/8] libqemustub: add qemu_[un]register_reset() stubs

[Eduardo Habkost]

This will be useful for code that don't call qemu_devices_reset() (e.g.
*-user). If qemu_devices_reset() is never called, it means we don't need
to keep track of the reset handler list.

Signed-off-by: Eduardo Habkost 
---
 stubs/Makefile.objs |  1 +
 stubs/reset.c   | 13 +
 2 files changed, 14 insertions(+)
 create mode 100644 stubs/reset.c

diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 035b29a..00f0b64 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -5,4 +5,5 @@ stub-obj-y += fdset-get-fd.o
 stub-obj-y += fdset-remove-fd.o
 stub-obj-y += get-fd.o
 stub-obj-y += set-fd-handler.o
+stub-obj-y += reset.o
 stub-obj-$(CONFIG_WIN32) += fd-register.o
diff --git a/stubs/reset.c b/stubs/reset.c
new file mode 100644
index 000..ad28725
--- /dev/null
+++ b/stubs/reset.c
@@ -0,0 +1,13 @@
+#include "hw/hw.h"
+
+/* Stub functions for binaries that never call qemu_devices_reset(),
+ * and don't need to keep track of the reset handler list.
+ */
+
+void qemu_register_reset(QEMUResetHandler *func, void *opaque)
+{
+}
+
+void qemu_unregister_reset(QEMUResetHandler *func, void *opaque)
+{
+}
-- 
1.7.11.7

[Qemu-devel] [PATCH 12/18] acpi: switch smbus to memory api

[Gerd Hoffmann]

Signed-off-by: Gerd Hoffmann 
---
 hw/acpi_piix4.c |5 ++---
 hw/pm_smbus.c   |   17 +
 hw/pm_smbus.h   |3 +--
 hw/smbus_ich9.c |   52 +++-
 hw/vt82c686.c   |6 ++
 5 files changed, 33 insertions(+), 50 deletions(-)

diff --git a/hw/acpi_piix4.c b/hw/acpi_piix4.c
index cf8aa3d..9e6c97e 100644
--- a/hw/acpi_piix4.c
+++ b/hw/acpi_piix4.c
@@ -391,8 +391,8 @@ static int piix4_pm_initfn(PCIDevice *dev)
 pci_conf[0x90] = s->smb_io_base | 1;
 pci_conf[0x91] = s->smb_io_base >> 8;
 pci_conf[0xd2] = 0x09;
-register_ioport_write(s->smb_io_base, 64, 1, smb_ioport_writeb, &s->smb);
-register_ioport_read(s->smb_io_base, 64, 1, smb_ioport_readb, &s->smb);
+pm_smbus_init(&s->dev.qdev, &s->smb);
+memory_region_add_subregion(get_system_io(), s->smb_io_base, &s->smb.io);
 
 memory_region_init(&s->io, "piix4-pm", 64);
 memory_region_set_enabled(&s->io, false);
@@ -406,7 +406,6 @@ static int piix4_pm_initfn(PCIDevice *dev)
 s->powerdown_notifier.notify = piix4_pm_powerdown_req;
 qemu_register_powerdown_notifier(&s->powerdown_notifier);
 
-pm_smbus_init(&s->dev.qdev, &s->smb);
 s->machine_ready.notify = piix4_pm_machine_ready;
 qemu_add_machine_init_done_notifier(&s->machine_ready);
 qemu_register_reset(piix4_reset, s);
diff --git a/hw/pm_smbus.c b/hw/pm_smbus.c
index 5d6046d..ea1380c 100644
--- a/hw/pm_smbus.c
+++ b/hw/pm_smbus.c
@@ -94,10 +94,11 @@ static void smb_transaction(PMSMBus *s)
 s->smb_stat |= 0x04;
 }
 
-void smb_ioport_writeb(void *opaque, uint32_t addr, uint32_t val)
+static void smb_ioport_writeb(void *opaque, hwaddr addr, uint64_t val,
+  unsigned width)
 {
 PMSMBus *s = opaque;
-addr &= 0x3f;
+
 SMBUS_DPRINTF("SMB writeb port=0x%04x val=0x%02x\n", addr, val);
 switch(addr) {
 case SMBHSTSTS:
@@ -131,12 +132,11 @@ void smb_ioport_writeb(void *opaque, uint32_t addr, 
uint32_t val)
 }
 }
 
-uint32_t smb_ioport_readb(void *opaque, uint32_t addr)
+static uint64_t smb_ioport_readb(void *opaque, hwaddr addr, unsigned width)
 {
 PMSMBus *s = opaque;
 uint32_t val;
 
-addr &= 0x3f;
 switch(addr) {
 case SMBHSTSTS:
 val = s->smb_stat;
@@ -170,7 +170,16 @@ uint32_t smb_ioport_readb(void *opaque, uint32_t addr)
 return val;
 }
 
+static const MemoryRegionOps pm_smbus_ops = {
+.read = smb_ioport_readb,
+.write = smb_ioport_writeb,
+.valid.min_access_size = 1,
+.valid.max_access_size = 1,
+.endianness = DEVICE_LITTLE_ENDIAN,
+};
+
 void pm_smbus_init(DeviceState *parent, PMSMBus *smb)
 {
 smb->smbus = i2c_init_bus(parent, "i2c");
+memory_region_init_io(&smb->io, &pm_smbus_ops, smb, "pm-smbus", 64);
 }
diff --git a/hw/pm_smbus.h b/hw/pm_smbus.h
index 4750a40..e3069bf 100644
--- a/hw/pm_smbus.h
+++ b/hw/pm_smbus.h
@@ -3,6 +3,7 @@
 
 typedef struct PMSMBus {
 i2c_bus *smbus;
+MemoryRegion io;
 
 uint8_t smb_stat;
 uint8_t smb_ctl;
@@ -15,7 +16,5 @@ typedef struct PMSMBus {
 } PMSMBus;
 
 void pm_smbus_init(DeviceState *parent, PMSMBus *smb);
-void smb_ioport_writeb(void *opaque, uint32_t addr, uint32_t val);
-uint32_t smb_ioport_readb(void *opaque, uint32_t addr);
 
 #endif /* !PM_SMBUS_H */
diff --git a/hw/smbus_ich9.c b/hw/smbus_ich9.c
index 6940583..54e7e12 100644
--- a/hw/smbus_ich9.c
+++ b/hw/smbus_ich9.c
@@ -40,7 +40,6 @@ typedef struct ICH9SMBState {
 PCIDevice dev;
 
 PMSMBus smb;
-MemoryRegion mem_bar;
 } ICH9SMBState;
 
 static const VMStateDescription vmstate_ich9_smbus = {
@@ -54,42 +53,23 @@ static const VMStateDescription vmstate_ich9_smbus = {
 }
 };
 
-static void ich9_smb_ioport_writeb(void *opaque, hwaddr addr,
-   uint64_t val, unsigned size)
+static void ich9_smbus_write_config(PCIDevice *d, uint32_t address,
+uint32_t val, int len)
 {
-ICH9SMBState *s = opaque;
-uint8_t hostc = s->dev.config[ICH9_SMB_HOSTC];
+ICH9SMBState *s = ICH9_SMB_DEVICE(d);
 
-if ((hostc & ICH9_SMB_HOSTC_HST_EN) && !(hostc & ICH9_SMB_HOSTC_I2C_EN)) {
-uint64_t offset = addr - s->dev.io_regions[ICH9_SMB_SMB_BASE_BAR].addr;
-smb_ioport_writeb(&s->smb, offset, val);
+pci_default_write_config(d, address, val, len);
+if (range_covers_byte(address, len, ICH9_SMB_HOSTC)) {
+uint8_t hostc = s->dev.config[ICH9_SMB_HOSTC];
+if ((hostc & ICH9_SMB_HOSTC_HST_EN) &&
+!(hostc & ICH9_SMB_HOSTC_I2C_EN)) {
+memory_region_set_enabled(&s->smb.io, true);
+} else {
+memory_region_set_enabled(&s->smb.io, false);
+}
 }
 }
 
-static uint64_t ich9_smb_ioport_readb(void *opaque, hwaddr addr,
-  unsigned size)
-{
-ICH9SMBState *s = opaque;
-uint8_t hostc = s->dev.config[ICH9_SMB_HOSTC];
-
-if ((hostc & ICH9_SMB_HOSTC_HST_EN) && !(hostc & ICH9_SMB_HOSTC_I2C

[Qemu-devel] [PATCH 11/18] acpi: cleanup ich9 memory region

[Gerd Hoffmann]

Nothing left to do, everything handled by subregions,
we can zap the reaw/write handlers now.

Signed-off-by: Gerd Hoffmann 
---
 hw/acpi_ich9.c |  125 +---
 1 files changed, 1 insertions(+), 124 deletions(-)

diff --git a/hw/acpi_ich9.c b/hw/acpi_ich9.c
index 0ed17da..db0d7a5 100644
--- a/hw/acpi_ich9.c
+++ b/hw/acpi_ich9.c
@@ -42,10 +42,6 @@ do { printf("%s "fmt, __func__, ## __VA_ARGS__); } while (0)
 #define ICH9_DEBUG(fmt, ...)do { } while (0)
 #endif
 
-static void pm_ioport_write_fallback(void *opaque, uint32_t addr, int len,
- uint32_t val);
-static uint32_t pm_ioport_read_fallback(void *opaque, uint32_t addr, int len);
-
 static void pm_update_sci(ICH9LPCPMRegs *pm)
 {
 int sci_level, pm1a_sts;
@@ -71,125 +67,6 @@ static void ich9_pm_update_sci_fn(ACPIREGS *regs)
 pm_update_sci(pm);
 }
 
-static void pm_ioport_writeb(void *opaque, uint32_t addr, uint32_t val)
-{
-switch (addr & ICH9_PMIO_MASK) {
-default:
-break;
-}
-
-ICH9_DEBUG("port=0x%04x val=0x%04x\n", addr, val);
-}
-
-static uint32_t pm_ioport_readb(void *opaque, uint32_t addr)
-{
-uint32_t val = 0;
-
-switch (addr & ICH9_PMIO_MASK) {
-default:
-val = 0;
-break;
-}
-ICH9_DEBUG("port=0x%04x val=0x%04x\n", addr, val);
-return val;
-}
-
-static void pm_ioport_writew(void *opaque, uint32_t addr, uint32_t val)
-{
-switch (addr & ICH9_PMIO_MASK) {
-default:
-pm_ioport_write_fallback(opaque, addr, 2, val);
-break;
-}
-ICH9_DEBUG("port=0x%04x val=0x%04x\n", addr, val);
-}
-
-static uint32_t pm_ioport_readw(void *opaque, uint32_t addr)
-{
-uint32_t val;
-
-switch (addr & ICH9_PMIO_MASK) {
-default:
-val = pm_ioport_read_fallback(opaque, addr, 2);
-break;
-}
-ICH9_DEBUG("port=0x%04x val=0x%04x\n", addr, val);
-return val;
-}
-
-static void pm_ioport_writel(void *opaque, uint32_t addr, uint32_t val)
-{
-switch (addr & ICH9_PMIO_MASK) {
-default:
-pm_ioport_write_fallback(opaque, addr, 4, val);
-break;
-}
-ICH9_DEBUG("port=0x%04x val=0x%08x\n", addr, val);
-}
-
-static uint32_t pm_ioport_readl(void *opaque, uint32_t addr)
-{
-uint32_t val;
-
-switch (addr & ICH9_PMIO_MASK) {
-default:
-val = pm_ioport_read_fallback(opaque, addr, 4);
-break;
-}
-ICH9_DEBUG("port=0x%04x val=0x%08x\n", addr, val);
-return val;
-}
-
-static void pm_ioport_write_fallback(void *opaque, uint32_t addr, int len,
- uint32_t val)
- {
-int subsize = (len == 4) ? 2 : 1;
-IOPortWriteFunc *ioport_write =
-(subsize == 2) ? pm_ioport_writew : pm_ioport_writeb;
-
-int i;
-
-for (i = 0; i < len; i += subsize) {
-ioport_write(opaque, addr, val);
-val >>= 8 * subsize;
-}
-}
-
-static uint32_t pm_ioport_read_fallback(void *opaque, uint32_t addr, int len)
-{
-int subsize = (len == 4) ? 2 : 1;
-IOPortReadFunc *ioport_read =
-(subsize == 2) ? pm_ioport_readw : pm_ioport_readb;
-
-uint32_t val;
-int i;
-
-val = 0;
-for (i = 0; i < len; i += subsize) {
-val <<= 8 * subsize;
-val |= ioport_read(opaque, addr);
-}
-
-return val;
-}
-
-static const MemoryRegionOps pm_io_ops = {
-.old_portio = (MemoryRegionPortio[]) {
-{ .offset = 0, .len = ICH9_PMIO_SIZE, .size = 1,
-  .read = pm_ioport_readb, .write = pm_ioport_writeb },
-{ .offset = 0, .len = ICH9_PMIO_SIZE, .size = 2,
-  .read = pm_ioport_readw, .write = pm_ioport_writew },
-{ .offset = 0, .len = ICH9_PMIO_SIZE, .size = 4,
-  .read = pm_ioport_readl, .write = pm_ioport_writel },
-PORTIO_END_OF_LIST(),
-},
-.valid.min_access_size = 1,
-.valid.max_access_size = 4,
-.impl.min_access_size = 1,
-.impl.max_access_size = 4,
-.endianness = DEVICE_LITTLE_ENDIAN,
-};
-
 static uint64_t ich9_gpe_readb(void *opaque, hwaddr addr, unsigned width)
 {
 ICH9LPCPMRegs *pm = opaque;
@@ -326,7 +203,7 @@ static void pm_powerdown_req(Notifier *n, void *opaque)
 
 void ich9_pm_init(ICH9LPCPMRegs *pm, qemu_irq sci_irq, qemu_irq cmos_s3)
 {
-memory_region_init_io(&pm->io, &pm_io_ops, pm, "ich9-pm", ICH9_PMIO_SIZE);
+memory_region_init(&pm->io, "ich9-pm", ICH9_PMIO_SIZE);
 memory_region_set_enabled(&pm->io, false);
 memory_region_add_subregion(get_system_io(), 0, &pm->io);
 
-- 
1.7.1

Re: [Qemu-devel] [PATCH v4 11/11] virtio-blk: add x-data-plane=on|off performance feature

[Stefan Hajnoczi]

On Tue, Dec 04, 2012 at 01:20:20PM +0200, Michael S. Tsirkin wrote:
> On Thu, Nov 29, 2012 at 04:55:48PM +0200, Michael S. Tsirkin wrote:
> > On Thu, Nov 29, 2012 at 03:45:55PM +0100, Stefan Hajnoczi wrote:
> > > On Thu, Nov 29, 2012 at 03:12:35PM +0200, Michael S. Tsirkin wrote:
> > > > On Thu, Nov 22, 2012 at 04:16:52PM +0100, Stefan Hajnoczi wrote:
> > > > > The virtio-blk-data-plane feature is easy to integrate into
> > > > > hw/virtio-blk.c.  The data plane can be started and stopped similar to
> > > > > vhost-net.
> > > > > 
> > > > > Users can take advantage of the virtio-blk-data-plane feature using 
> > > > > the
> > > > > new -device virtio-blk-pci,x-data-plane=on property.
> > > > > 
> > > > > The x-data-plane name was chosen because at this stage the feature is
> > > > > experimental and likely to see changes in the future.
> > > > > 
> > > > > If the VM configuration does not support virtio-blk-data-plane an 
> > > > > error
> > > > > message is printed.  Although we could fall back to regular 
> > > > > virtio-blk,
> > > > > I prefer the explicit approach since it prompts the user to fix their
> > > > > configuration if they want the performance benefit of
> > > > > virtio-blk-data-plane.
> > > > 
> > > > Not only that, this affects features exposed to guest so it really 
> > > > can't be
> > > > trasparent.
> > > > 
> > > > Which reminds me - shouldn't some features be turned off?
> > > > For example, VIRTIO_BLK_F_SCSI?
> > > 
> > > Yes, virtio-blk-data-plane only starts when you give -device
> > > virtio-blk-pci,scsi=off,x-data-plane=on.  If you use scsi=on an error
> > > message is printed.
> > > 
> > > > > Limitations:
> > > > >  * Only format=raw is supported
> > > > >  * Live migration is not supported
> > > > 
> > > > This is probably fixable long term?
> > > 
> > > Absolutely.  There are two parts:
> > > 
> > > 1. Marking written memory dirty so live RAM migration can work.  Missing
> > >today, easy cheat is to switch off virtio-blk-data-plane and silently
> > >switch to regular virtio-blk emulation while memory dirty logging is
> > >enabled.  The more long-term solution is to actually communicate the
> > >dirty information back to the memory API.
> > > 
> > > 2. Synchronizing virtio-blk-data-plane vring state with virtio-blk so
> > >save/load works.  This should be relatively straightforward.
> > > 
> > > I don't want to gate this patch series on live migration support but it
> > > is on my TODO list for virtio-blk-data-plane after this initial series
> > > has been merged.
> > > 
> > > > >  * Block jobs, hot unplug, and other operations fail with -EBUSY
> > > > 
> > > > Hmm I don't see code to disable PCU unplug in this patch.
> > > > I expected no_hotplug to be set.
> > > > Where is it?
> > > 
> > > It uses the bdrv_in_use() mechanism.
> > 
> > Hmm but PCI device can still go away if
> > guest ejects it. Does this work fine?
> 
> Any comment?

Sorry for the delay.

virtio_blk_exit() is called when the device is freed.  The code destroys
the data plane thread - this includes draining requests and then
terminating the thread.

I tested with pci_del so the guest is cooperating but virtio_blk_exit()
does not assume that the data plane thread is already stopped.

Is this what you were asking?

Stefan

Re: [Qemu-devel] KVM call agenda for 2012-12-04

[Juan Quintela]

Juan Quintela  wrote:
> Hi
>
> Please send in any agenda topics you are interested in.
> - migration troubles from 1.2 -> 1.3 due to qemu-kvm integration

As there is no topics & 1.3 is out, this would be discussed on the
list.

Happy hacking, Juan.

>
> Later, Juan.

[Qemu-devel] [RFC PATCH v5 3/6] virtio-pci-bus : Introduce virtio-pci-bus.

[fred . konrad]

From: KONRAD Frederic 

Introduce virtio-pci-bus, which extends virtio-bus. It is used with virtio-pci
transport device.

Signed-off-by: KONRAD Frederic 
---
 hw/virtio-pci.c | 37 +
 hw/virtio-pci.h | 19 +--
 2 files changed, 54 insertions(+), 2 deletions(-)

diff --git a/hw/virtio-pci.c b/hw/virtio-pci.c
index 71f4fb5..5ac8d0d 100644
--- a/hw/virtio-pci.c
+++ b/hw/virtio-pci.c
@@ -32,6 +32,7 @@
 #include "blockdev.h"
 #include "virtio-pci.h"
 #include "range.h"
+#include "virtio-bus.h"
 
 /* from Linux's linux/virtio_pci.h */
 
@@ -1118,6 +1119,41 @@ static TypeInfo virtio_scsi_info = {
 .class_init= virtio_scsi_class_init,
 };
 
+/* virtio-pci-bus */
+
+VirtioBusState *virtio_pci_bus_new(VirtIOPCIProxy *dev)
+{
+DeviceState *qdev = DEVICE(dev);
+BusState *qbus = qbus_create(TYPE_VIRTIO_PCI_BUS, qdev, NULL);
+VirtioBusState *bus = VIRTIO_BUS(qbus);
+qbus->allow_hotplug = 0;
+/* Only one virtio-device allowed for virtio-pci. */
+qbus->max_dev = 1;
+return bus;
+}
+
+static void virtio_pci_bus_class_init(ObjectClass *klass, void *data)
+{
+VirtioBusClass *k = VIRTIO_BUS_CLASS(klass);
+k->notify = virtio_pci_notify;
+k->save_config = virtio_pci_save_config;
+k->load_config = virtio_pci_load_config;
+k->save_queue = virtio_pci_save_queue;
+k->load_queue = virtio_pci_load_queue;
+k->get_features = virtio_pci_get_features;
+k->query_guest_notifiers = virtio_pci_query_guest_notifiers;
+k->set_host_notifier = virtio_pci_set_host_notifier;
+k->set_guest_notifiers = virtio_pci_set_guest_notifiers;
+k->vmstate_change = virtio_pci_vmstate_change;
+}
+
+static const TypeInfo virtio_pci_bus_info = {
+.name  = TYPE_VIRTIO_PCI_BUS,
+.parent= TYPE_VIRTIO_BUS,
+.instance_size = sizeof(VirtioBusState),
+.class_init= virtio_pci_bus_class_init,
+};
+
 static void virtio_pci_register_types(void)
 {
 type_register_static(&virtio_blk_info);
@@ -1126,6 +1162,7 @@ static void virtio_pci_register_types(void)
 type_register_static(&virtio_balloon_info);
 type_register_static(&virtio_scsi_info);
 type_register_static(&virtio_rng_info);
+type_register_static(&virtio_pci_bus_info);
 }
 
 type_init(virtio_pci_register_types)
diff --git a/hw/virtio-pci.h b/hw/virtio-pci.h
index b58d9a2..0e3288e 100644
--- a/hw/virtio-pci.h
+++ b/hw/virtio-pci.h
@@ -20,6 +20,21 @@
 #include "virtio-rng.h"
 #include "virtio-serial.h"
 #include "virtio-scsi.h"
+#include "virtio-bus.h"
+
+/* VirtIOPCIProxy will be renammed VirtioPCIState at the end. */
+typedef struct VirtIOPCIProxy VirtIOPCIProxy;
+
+/* virtio-pci-bus */
+#define TYPE_VIRTIO_PCI_BUS "virtio-pci-bus"
+#define VIRTIO_PCI_BUS_GET_CLASS(obj) \
+OBJECT_GET_CLASS(VirtioBusClass, obj, TYPE_VIRTIO_PCI_BUS)
+#define VIRTIO_PCI_BUS_CLASS(klass) \
+OBJECT_CLASS_CHECK(VirtioBusClass, klass, TYPE_VIRTIO_PCI_BUS)
+#define VIRTIO_PCI_BUS(obj) \
+OBJECT_CHECK(VirtioBusState, (obj), TYPE_VIRTIO_PCI_BUS)
+
+VirtioBusState *virtio_pci_bus_new(VirtIOPCIProxy *dev);
 
 /* Performance improves when virtqueue kick processing is decoupled from the
  * vcpu thread using ioeventfd for some devices. */
@@ -31,7 +46,7 @@ typedef struct {
 unsigned int users;
 } VirtIOIRQFD;
 
-typedef struct {
+struct VirtIOPCIProxy {
 PCIDevice pci_dev;
 VirtIODevice *vdev;
 MemoryRegion bar;
@@ -51,7 +66,7 @@ typedef struct {
 bool ioeventfd_disabled;
 bool ioeventfd_started;
 VirtIOIRQFD *vector_irqfd;
-} VirtIOPCIProxy;
+};
 
 void virtio_init_pci(VirtIOPCIProxy *proxy, VirtIODevice *vdev);
 void virtio_pci_reset(DeviceState *d);
-- 
1.7.11.7

Re: [Qemu-devel] [PULL for-1.3 0/3] seabios: q35 update

[Jason Baron]

On Tue, Dec 04, 2012 at 08:40:27AM +0100, Gerd Hoffmann wrote:
>   Hi,
> 
> > 1) legacy ide mode
> > 
> > I can currently create a ide controller on the command-line using
> > '-device'. However, on the real h/w there is an IDE compatibility mode
> > which essentially advertises an ide controller at the same location that
> > the ahci lives at. In fact, it changes the PCI device id. To deal with
> > the fact that AHCI has 6 ports and thus 6 possible devices, it then adds
> > a second controller for the remaining 2 disks. This shouldn't be too
> > hard to emulate. But I'm wondering what we want the qemu interface
> > to look like? A -machine options such as:
> > '-machine q35,diskmode=ahci,ide,raid'? 
> 
> I'm wondering whenever we want to deal with that at all?
> 
> "If your guest is too old to handle ahci natively, just stick to piix."
> is a sensible policy IMHO.
> 

There was some discussion of trying to make q35 the default for 1.4, in
which case it may be important to support older OS's such as WinXP.

Anthony, do you have any opinion on this?


> > 2) HPET ACPI error
> > 
> > This line: 'IRQNoFlags () {2, 8}' in the HPET acpi table is causing the
> > folloing ACPI message (removing it makes it go away):
> 
> Hmm.  That was added to make macos x happy and is also present on real
> hardware, so I'm wondering what is going on here.
> 

I also noticed that on Windows 7, the 'IRQNoFlags' line above makes the RTC
clock complain that it does not have resources available. While removing the
above line, removes that error.

thanks,

-Jason

Re: [Qemu-devel] [PULL for-1.3 0/3] seabios: q35 update

[Gabriel L. Somlo]

On Tue, 04 Dec 2012 08:40:27 +0100 Gerd Hoffmann wrote:
>On Mon, 3 Dec 2012 13:47:04 -0500, Jason Baron wrote:
>> 2) HPET ACPI error
>> 
>> This line: 'IRQNoFlags () {2, 8}' in the HPET acpi table is causing the
>> folloing ACPI message (removing it makes it go away):
>
> Hmm.  That was added to make macos x happy and is also present on real
> hardware, so I'm wondering what is going on here.

Without that line, OS X only works as a single-core, non-SMP guest.
This is the "legacy replacement irq mapping" option for HPET (section
2.4.2, page 24 of the IA-PC HPET Specification).

The options are 'IRQNoFlags () {2, 8}' for "APIC mapping" or
'IRQNoFlags () {0, 8}' for "8259 mapping". Either one works for SMP + OS X.

I don't have an XP install image anymore, but does replacing 2,8 with
0,8 help ?

On a few of my machines, this is actually coded as

IRQNoFlags ()
{0} /* or 2 */
IRQNoFlags ()
{8}

Based on my reading of the ACPI manual, this should be syntactically
equivalent to the the comma-separated single-line format we're currently
using, but could it be that WinXP is picky about the specifics ?

Also, as far as I can tell, this change never made it into the
"q35-acpi-dsdt.dsl" file, just the "classic" acpi-dsdt.dsl (or, lately,
acpi-dsdt-hpet.dsl). I was about to submit another patch for that, but
now I guess I won't press it until we sort this out :)

--Gabriel

Re: [Qemu-devel] detecting seccomp sandbox capability via QMP

[Ján Tomko]

On 12/04/12 12:46, Luiz Capitulino wrote:
> On Mon, 03 Dec 2012 16:55:35 +0100
> Ján Tomko  wrote:
> 
>> Hello,
>>
>> is there a way to check if QEMU was compiled with --enable-seccomp via QMP?
> 
> Not that I'm aware of. Could you describe your use-case?

It's for libvirt. The detection is broken since the switch from parsing
-help output to QMP and I wanted to fix it.

Assuming it's supported if we do capabilities detection via QMP (since
libvirt 1.0.0 and QEMU 1.2) would work except for this case:
If seccomp sandbox was requested in /etc/libvirt/qemu.conf, but it was
compiled out from qemu, libvirt would try to run QEMU with -sandbox on
instead of printing an error earlier.

Jan

[Qemu-devel] [RFC PATCH v5 1/6] qdev : add a maximum device allowed field for the bus.

[fred . konrad]

From: KONRAD Frederic 

Add a max_dev field to BusState to specify the maximum amount of devices allowed
on the bus ( have no effect if max_dev=0 )

Signed-off-by: KONRAD Frederic 
---
 hw/qdev-core.h|  2 ++
 hw/qdev-monitor.c | 11 +++
 2 files changed, 13 insertions(+)

diff --git a/hw/qdev-core.h b/hw/qdev-core.h
index fff7f0f..ee4becd 100644
--- a/hw/qdev-core.h
+++ b/hw/qdev-core.h
@@ -113,6 +113,8 @@ struct BusState {
 const char *name;
 int allow_hotplug;
 int max_index;
+/* maximum devices allowed on the bus, 0 : no limit. */
+int max_dev;
 QTAILQ_HEAD(ChildrenHead, BusChild) children;
 QLIST_ENTRY(BusState) sibling;
 };
diff --git a/hw/qdev-monitor.c b/hw/qdev-monitor.c
index a1b4d6a..7a9d275 100644
--- a/hw/qdev-monitor.c
+++ b/hw/qdev-monitor.c
@@ -292,6 +292,17 @@ static BusState *qbus_find_recursive(BusState *bus, const 
char *name,
 if (bus_typename && !object_dynamic_cast(OBJECT(bus), bus_typename)) {
 match = 0;
 }
+if ((bus->max_dev != 0) && (bus->max_dev <= bus->max_index)) {
+if (name != NULL) {
+/* bus was explicitly specified : return an error. */
+qerror_report(ERROR_CLASS_GENERIC_ERROR, "Bus '%s' is full",
+  bus->name);
+return NULL;
+} else {
+/* bus was not specified : try to find another one. */
+match = 0;
+}
+}
 if (match) {
 return bus;
 }
-- 
1.7.11.7

[Qemu-devel] [PATCH] target-mips: Fix incorrect shift for SHILO and SHILOV

[Petar Jovanovic]

From: Petar Jovanovic 

helper_shilo has not been shifting an accumulator value correctly for negative
values in 'shift' field. Minor optimization for shift=0 case.
This change also adds tests that will trigger issue and check for regressions.

Signed-off-by: Petar Jovanovic 
---
 target-mips/dsp_helper.c   |   16 
 tests/tcg/mips/mips32-dsp/shilo.c  |   18 ++
 tests/tcg/mips/mips32-dsp/shilov.c |   20 
 3 files changed, 46 insertions(+), 8 deletions(-)

diff --git a/target-mips/dsp_helper.c b/target-mips/dsp_helper.c
index e7949c2..f8a7a9f 100644
--- a/target-mips/dsp_helper.c
+++ b/target-mips/dsp_helper.c
@@ -3814,17 +3814,17 @@ void helper_shilo(target_ulong ac, target_ulong rs, 
CPUMIPSState *env)
 
 rs5_0 = rs & 0x3F;
 rs5_0 = (int8_t)(rs5_0 << 2) >> 2;
-rs5_0 = MIPSDSP_ABS(rs5_0);
+
+if (rs5_0 == 0)
+return;
+
 acc   = (((uint64_t)env->active_tc.HI[ac] << 32) & MIPSDSP_LHI) |
 ((uint64_t)env->active_tc.LO[ac] & MIPSDSP_LLO);
-if (rs5_0 == 0) {
-temp = acc;
+
+if (rs5_0 > 0) {
+temp = acc >> MIPSDSP_ABS(rs5_0);
 } else {
-if (rs5_0 > 0) {
-temp = acc >> rs5_0;
-} else {
-temp = acc << rs5_0;
-}
+temp = acc << MIPSDSP_ABS(rs5_0);
 }
 
 env->active_tc.HI[ac] = (target_ulong)(int32_t)((temp & MIPSDSP_LHI) >> 
32);
diff --git a/tests/tcg/mips/mips32-dsp/shilo.c 
b/tests/tcg/mips/mips32-dsp/shilo.c
index b686616..ce8ebc6 100644
--- a/tests/tcg/mips/mips32-dsp/shilo.c
+++ b/tests/tcg/mips/mips32-dsp/shilo.c
@@ -23,5 +23,23 @@ int main()
 assert(ach == resulth);
 assert(acl == resultl);
 
+
+ach = 0x1;
+acl = 0x8000;
+
+resulth = 0x3;
+resultl = 0x0;
+
+__asm
+("mthi %0, $ac1\n\t"
+ "mtlo %1, $ac1\n\t"
+ "shilo $ac1, -1\n\t"
+ "mfhi %0, $ac1\n\t"
+ "mflo %1, $ac1\n\t"
+ : "+r"(ach), "+r"(acl)
+);
+assert(ach == resulth);
+assert(acl == resultl);
+
 return 0;
 }
diff --git a/tests/tcg/mips/mips32-dsp/shilov.c 
b/tests/tcg/mips/mips32-dsp/shilov.c
index f186032..e1d6cea 100644
--- a/tests/tcg/mips/mips32-dsp/shilov.c
+++ b/tests/tcg/mips/mips32-dsp/shilov.c
@@ -25,5 +25,25 @@ int main()
 assert(ach == resulth);
 assert(acl == resultl);
 
+
+rs  = 0x;
+ach = 0x1;
+acl = 0x8000;
+
+resulth = 0x3;
+resultl = 0x0;
+
+__asm
+("mthi %0, $ac1\n\t"
+ "mtlo %1, $ac1\n\t"
+ "shilov $ac1, %2\n\t"
+ "mfhi %0, $ac1\n\t"
+ "mflo %1, $ac1\n\t"
+ : "+r"(ach), "+r"(acl)
+ : "r"(rs)
+);
+assert(ach == resulth);
+assert(acl == resultl);
+
 return 0;
 }
-- 
1.7.5.4

Re: [Qemu-devel] [RFC PATCH v5 4/6] virtio-pci : Refactor virtio-pci device.

[Peter Maydell]

On 4 December 2012 14:35,   wrote:
> From: KONRAD Frederic 
>
> Create the virtio-pci device. This transport device will create a
> virtio-pci-bus, so one VirtIODevice can be connected.
>
> Signed-off-by: KONRAD Frederic 
> ---
>  hw/virtio-pci.c | 112 
> 
>  hw/virtio-pci.h |  14 +++
>  2 files changed, 126 insertions(+)
>
> diff --git a/hw/virtio-pci.c b/hw/virtio-pci.c
> index 5ac8d0d..8426122 100644
> --- a/hw/virtio-pci.c
> +++ b/hw/virtio-pci.c
> @@ -1119,6 +1119,115 @@ static TypeInfo virtio_scsi_info = {
>  .class_init= virtio_scsi_class_init,
>  };
>
> +/*
> + * virtio-pci : This is the PCIDevice which have a virtio-pci-bus.
> + */
> +
> +/* init callback */
> +static void virtio_pci_init_cb(void *opaque)

> +/* exit callback */
> +static void virtio_pci_exit_cb(void *opaque)

> +static int virtio_pci_init(PCIDevice *pci_dev)

> +static void virtio_pci_exit(PCIDevice *pci_dev)

It's rather confusing to have an init and an init_cb and also
an exit and an exit_cb, and not to have anything explaining
what the difference is or when each one is called or what
needs to be done in one that can't be done in the other.

-- PMM

Re: [Qemu-devel] [RFC PATCH v5 5/6] virtio-device : Refactor virtio-device.

[Peter Maydell]

On 4 December 2012 14:35,   wrote:
> From: KONRAD Frederic 
>
> Create the virtio-device which is abstract. All the virtio-device can extend
> this class.
>
> Signed-off-by: KONRAD Frederic 
> ---
>  hw/virtio.c | 56 
>  hw/virtio.h | 29 +
>  2 files changed, 85 insertions(+)
>
> diff --git a/hw/virtio.c b/hw/virtio.c
> index f40a8c5..cd46af1 100644
> --- a/hw/virtio.c
> +++ b/hw/virtio.c
> @@ -16,6 +16,7 @@
>  #include "trace.h"
>  #include "qemu-error.h"
>  #include "virtio.h"
> +#include "virtio-bus.h"
>  #include "qemu-barrier.h"
>
>  /* The alignment to use between consumer and producer parts of vring.
> @@ -934,6 +935,38 @@ VirtIODevice *virtio_common_init(const char *name, 
> uint16_t device_id,
>  return vdev;
>  }
>
> +/*
> + * The same initialization as above without allocating the structure.
> + */
> +void virtio_common_init_(VirtIODevice *vdev, const char *name,
> + uint16_t device_id, size_t config_size,
> + size_t struct_size)

If you find yourself cut-and-pasting 25 lines of code, think again.
In this case, just make virtio_common_init() a wrapper that does
a malloc and calls your non-allocation init.

Also, find a better function name than "just add a random underscore".

-- PMM

[Qemu-devel] [RFC PATCH v5 6/6] virtio-blk : Refactor virtio-blk.

[fred . konrad]

From: KONRAD Frederic 

Create virtio-blk which extends virtio-device, so it can be connected on
virtio-bus.

Signed-off-by: KONRAD Frederic 
---
 hw/virtio-blk.c | 170 
 hw/virtio-blk.h |   4 ++
 2 files changed, 150 insertions(+), 24 deletions(-)

diff --git a/hw/virtio-blk.c b/hw/virtio-blk.c
index e25cc96..ee1ea8b 100644
--- a/hw/virtio-blk.c
+++ b/hw/virtio-blk.c
@@ -21,24 +21,42 @@
 #ifdef __linux__
 # include 
 #endif
+#include "virtio-bus.h"
 
+/* Take this structure as our device structure. */
 typedef struct VirtIOBlock
 {
+/*
+ * Adding parent_obj breaks to_virtio_blk cast function,
+ * and virtio_blk_init.
+ */
+DeviceState parent_obj;
+/*
+ * We don't need that anymore, as we'll use QOM cast to get the
+ * VirtIODevice. Just temporary keep it, for not breaking functionality.
+ */
 VirtIODevice vdev;
 BlockDriverState *bs;
 VirtQueue *vq;
 void *rq;
 QEMUBH *bh;
 BlockConf *conf;
-VirtIOBlkConf *blk;
+/*
+ * We can't use pointer with properties.
+ */
+VirtIOBlkConf blk;
 unsigned short sector_mask;
 DeviceState *qdev;
 } VirtIOBlock;
 
-static VirtIOBlock *to_virtio_blk(VirtIODevice *vdev)
-{
-return (VirtIOBlock *)vdev;
-}
+/*
+ * Use the QOM cast, so we don't need that anymore.
+ *
+ * static VirtIOBlock *to_virtio_blk(VirtIODevice *vdev)
+ * {
+ * return (VirtIOBlock *)vdev;
+ * }
+ */
 
 typedef struct VirtIOBlockReq
 {
@@ -55,18 +73,20 @@ typedef struct VirtIOBlockReq
 static void virtio_blk_req_complete(VirtIOBlockReq *req, int status)
 {
 VirtIOBlock *s = req->dev;
+VirtIODevice *vdev = VIRTIO_DEVICE(s);
 
 trace_virtio_blk_req_complete(req, status);
 
 stb_p(&req->in->status, status);
 virtqueue_push(s->vq, &req->elem, req->qiov.size + sizeof(*req->in));
-virtio_notify(&s->vdev, s->vq);
+virtio_notify(vdev, s->vq);
 }
 
 static int virtio_blk_handle_rw_error(VirtIOBlockReq *req, int error,
 bool is_read)
 {
-BlockErrorAction action = bdrv_get_error_action(req->dev->bs, is_read, 
error);
+BlockErrorAction action = bdrv_get_error_action(req->dev->bs, is_read,
+error);
 VirtIOBlock *s = req->dev;
 
 if (action == BDRV_ACTION_STOP) {
@@ -164,7 +184,7 @@ static void virtio_blk_handle_scsi(VirtIOBlockReq *req)
  */
 req->scsi = (void *)req->elem.in_sg[req->elem.in_num - 2].iov_base;
 
-if (!req->dev->blk->scsi) {
+if (!req->dev->blk.scsi) {
 status = VIRTIO_BLK_S_UNSUPP;
 goto fail;
 }
@@ -384,7 +404,7 @@ static void virtio_blk_handle_request(VirtIOBlockReq *req,
  * terminated by '\0' only when shorter than buffer.
  */
 strncpy(req->elem.in_sg[0].iov_base,
-s->blk->serial ? s->blk->serial : "",
+s->blk.serial ? s->blk.serial : "",
 MIN(req->elem.in_sg[0].iov_len, VIRTIO_BLK_ID_BYTES));
 virtio_blk_req_complete(req, VIRTIO_BLK_S_OK);
 g_free(req);
@@ -401,7 +421,7 @@ static void virtio_blk_handle_request(VirtIOBlockReq *req,
 
 static void virtio_blk_handle_output(VirtIODevice *vdev, VirtQueue *vq)
 {
-VirtIOBlock *s = to_virtio_blk(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 VirtIOBlockReq *req;
 MultiReqBuffer mrb = {
 .num_writes = 0,
@@ -422,7 +442,7 @@ static void virtio_blk_handle_output(VirtIODevice *vdev, 
VirtQueue *vq)
 
 static void virtio_blk_dma_restart_bh(void *opaque)
 {
-VirtIOBlock *s = opaque;
+VirtIOBlock *s = VIRTIO_BLK(opaque);
 VirtIOBlockReq *req = s->rq;
 MultiReqBuffer mrb = {
 .num_writes = 0,
@@ -444,7 +464,7 @@ static void virtio_blk_dma_restart_bh(void *opaque)
 static void virtio_blk_dma_restart_cb(void *opaque, int running,
   RunState state)
 {
-VirtIOBlock *s = opaque;
+VirtIOBlock *s = VIRTIO_BLK(opaque);
 
 if (!running)
 return;
@@ -468,7 +488,7 @@ static void virtio_blk_reset(VirtIODevice *vdev)
  */
 static void virtio_blk_update_config(VirtIODevice *vdev, uint8_t *config)
 {
-VirtIOBlock *s = to_virtio_blk(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 struct virtio_blk_config blkcfg;
 uint64_t capacity;
 int blk_size = s->conf->logical_block_size;
@@ -507,7 +527,7 @@ static void virtio_blk_update_config(VirtIODevice *vdev, 
uint8_t *config)
 
 static void virtio_blk_set_config(VirtIODevice *vdev, const uint8_t *config)
 {
-VirtIOBlock *s = to_virtio_blk(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 struct virtio_blk_config blkcfg;
 
 memcpy(&blkcfg, config, sizeof(blkcfg));
@@ -516,7 +536,7 @@ static void virtio_blk_set_config(VirtIODevice *vdev, const 
uint8_t *config)
 
 static uint32_t virtio_blk_get_features(VirtIODevice *vdev, uint32_t features)
 {
-VirtIOBlock *s = to_virtio_blk(vdev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 
 features 

[Qemu-devel] [RFC PATCH v5 4/6] virtio-pci : Refactor virtio-pci device.

[fred . konrad]

From: KONRAD Frederic 

Create the virtio-pci device. This transport device will create a
virtio-pci-bus, so one VirtIODevice can be connected.

Signed-off-by: KONRAD Frederic 
---
 hw/virtio-pci.c | 112 
 hw/virtio-pci.h |  14 +++
 2 files changed, 126 insertions(+)

diff --git a/hw/virtio-pci.c b/hw/virtio-pci.c
index 5ac8d0d..8426122 100644
--- a/hw/virtio-pci.c
+++ b/hw/virtio-pci.c
@@ -1119,6 +1119,115 @@ static TypeInfo virtio_scsi_info = {
 .class_init= virtio_scsi_class_init,
 };
 
+/*
+ * virtio-pci : This is the PCIDevice which have a virtio-pci-bus.
+ */
+
+/* init callback */
+static void virtio_pci_init_cb(void *opaque)
+{
+VirtIOPCIProxy *proxy = VIRTIO_PCI(opaque);
+uint8_t *config;
+uint32_t size;
+
+/* Put the PCI IDs */
+switch (get_virtio_device_id(proxy->bus)) {
+
+case VIRTIO_ID_BLOCK:
+pci_config_set_device_id(proxy->pci_dev.config,
+ PCI_DEVICE_ID_VIRTIO_BLOCK);
+pci_config_set_class(proxy->pci_dev.config, PCI_CLASS_STORAGE_SCSI);
+break;
+default:
+error_report("unknown device id\n");
+break;
+
+}
+
+/* TODO: vdev should be accessed through virtio-bus functions. */
+proxy->vdev = proxy->bus->vdev;
+config = proxy->pci_dev.config;
+
+if (proxy->class_code) {
+pci_config_set_class(config, proxy->class_code);
+}
+pci_set_word(config + PCI_SUBSYSTEM_VENDOR_ID,
+ pci_get_word(config + PCI_VENDOR_ID));
+pci_set_word(config + PCI_SUBSYSTEM_ID, get_virtio_device_id(proxy->bus));
+config[PCI_INTERRUPT_PIN] = 1;
+
+if (proxy->bus->vdev->nvectors &&
+msix_init_exclusive_bar(&proxy->pci_dev, proxy->bus->vdev->nvectors,
+1)) {
+proxy->bus->vdev->nvectors = 0;
+}
+
+proxy->pci_dev.config_write = virtio_write_config;
+
+size = VIRTIO_PCI_REGION_SIZE(&proxy->pci_dev)
+ + proxy->bus->vdev->config_len;
+if (size & (size-1)) {
+size = 1 << qemu_fls(size);
+}
+
+memory_region_init_io(&proxy->bar, &virtio_pci_config_ops, proxy,
+  "virtio-pci", size);
+pci_register_bar(&proxy->pci_dev, 0, PCI_BASE_ADDRESS_SPACE_IO,
+ &proxy->bar);
+
+if (!kvm_has_many_ioeventfds()) {
+proxy->flags &= ~VIRTIO_PCI_FLAG_USE_IOEVENTFD;
+}
+
+proxy->host_features |= 0x1 << VIRTIO_F_NOTIFY_ON_EMPTY;
+proxy->host_features |= 0x1 << VIRTIO_F_BAD_FEATURE;
+proxy->host_features = proxy->bus->vdev->get_features(proxy->bus->vdev,
+  
proxy->host_features);
+}
+
+/* exit callback */
+static void virtio_pci_exit_cb(void *opaque)
+{
+VirtIOPCIProxy *dev = VIRTIO_PCI(opaque);
+virtio_pci_stop_ioeventfd(dev);
+}
+
+static int virtio_pci_init(PCIDevice *pci_dev)
+{
+VirtIOPCIProxy *dev = VIRTIO_PCI(pci_dev);
+dev->bus = virtio_pci_bus_new(dev);
+return 0;
+}
+
+static void virtio_pci_exit(PCIDevice *pci_dev)
+{
+DeviceState *qdev = DEVICE(pci_dev);
+BusState *qbus = BUS(qdev_get_parent_bus(qdev));
+VirtioBusState *bus = VIRTIO_BUS(qbus);
+virtio_bus_destroy_device(bus);
+qbus_free(qbus);
+}
+
+static void virtio_pci_class_init(ObjectClass *klass, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(klass);
+PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
+
+k->init = virtio_pci_init;
+k->exit = virtio_pci_exit;
+k->vendor_id = PCI_VENDOR_ID_REDHAT_QUMRANET;
+k->revision = VIRTIO_PCI_ABI_VERSION;
+k->class_id = PCI_CLASS_OTHERS;
+dc->reset = virtio_pci_reset;
+}
+
+static const TypeInfo virtio_pci_info = {
+.name  = TYPE_VIRTIO_PCI,
+.parent= TYPE_PCI_DEVICE,
+.instance_size = sizeof(VirtIOPCIProxy),
+.class_init= virtio_pci_class_init,
+};
+
 /* virtio-pci-bus */
 
 VirtioBusState *virtio_pci_bus_new(VirtIOPCIProxy *dev)
@@ -1145,6 +1254,8 @@ static void virtio_pci_bus_class_init(ObjectClass *klass, 
void *data)
 k->set_host_notifier = virtio_pci_set_host_notifier;
 k->set_guest_notifiers = virtio_pci_set_guest_notifiers;
 k->vmstate_change = virtio_pci_vmstate_change;
+k->init = virtio_pci_init_cb;
+k->exit = virtio_pci_exit_cb;
 }
 
 static const TypeInfo virtio_pci_bus_info = {
@@ -1163,6 +1274,7 @@ static void virtio_pci_register_types(void)
 type_register_static(&virtio_scsi_info);
 type_register_static(&virtio_rng_info);
 type_register_static(&virtio_pci_bus_info);
+type_register_static(&virtio_pci_info);
 }
 
 type_init(virtio_pci_register_types)
diff --git a/hw/virtio-pci.h b/hw/virtio-pci.h
index 0e3288e..2c31b7a 100644
--- a/hw/virtio-pci.h
+++ b/hw/virtio-pci.h
@@ -46,6 +46,17 @@ typedef struct {
 unsigned int users;
 } VirtIOIRQFD;
 
+/*
+ * virtio-pci : This is the PCIDevice which have a virtio-pci-bus.
+ */
+#define TYPE_VIRTIO_PCI "virtio-pci"
+#defin

[Qemu-devel] [RFC 3/3] docs: document virtio-balloon stats

[Luiz Capitulino]

Signed-off-by: Luiz Capitulino 
---
 docs/virtio-balloon-stats.txt | 73 +++
 1 file changed, 73 insertions(+)
 create mode 100644 docs/virtio-balloon-stats.txt

diff --git a/docs/virtio-balloon-stats.txt b/docs/virtio-balloon-stats.txt
new file mode 100644
index 000..7e7ddc4
--- /dev/null
+++ b/docs/virtio-balloon-stats.txt
@@ -0,0 +1,73 @@
+virtio balloon memory statistics
+
+
+The virtio balloon driver supports guest memory statistics reporting. These
+statistics are available to QEMU users as QOM (QEMU Obejct Model) device
+properties via a polling mechanism.
+
+Basically, clients have to enable polling. Then they can query the available
+statistics.
+
+There are two control properties and six memory statistics from the guest.
+
+The control properties are:
+
+ o stats-polling-interval: a value greater than zero enables polling
+   in the specified interval (in seconds). When value equals zero,
+   polling is disabled. If polling is already enabled and a value
+   greater than zero is written, the polling interval time is changed
+
+ o stats-last-update: last stats update timestamp, in seconds
+
+The memory statistics are:
+
+ o stat-swap-in
+ o stat-swap-out
+ o stat-major-faults
+ o stat-minor-faults
+ o stat-free-memory
+ o stat-total-memory
+
+All values are in bytes. A value of -1 means that the statistic isn't
+available right now.
+
+Here are a few examples. The virtio-balloon device is assumed to be in the
+'/machine/peripheral-anon/device[1]' QOM path.
+
+Enable polling with 2 seconds interval:
+
+{ "execute": "qom-set",
+ "arguments": { "path": "/machine/peripheral-anon/device[1]",
+"property": "stats-polling-interval", "value": 2 } }
+
+{ "return": {} }
+
+Change polling to 10 seconds:
+
+{ "execute": "qom-set",
+ "arguments": { "path": "/machine/peripheral-anon/device[1]",
+"property": "stats-polling-interval", "value": 10 } }
+
+{ "return": {} }
+
+Get last update timestamp and free memory stat:
+
+{ "execute": "qom-get",
+  "arguments": { "path": "/machine/peripheral-anon/device[1]",
+  "property": "stats-last-update" } }
+
+{ "return": 1354629634 }
+
+{ "execute": "qom-get",
+  "arguments": { "path": "/machine/peripheral-anon/device[1]",
+  "property": "stat-free-memory" } }
+
+{ "return": 845115392 }
+
+Disable polling:
+
+{ "execute": "qom-set",
+ "arguments": { "path": "/machine/peripheral-anon/device[1]",
+"property": "stats-polling-interval", "value": 0 } }
+
+{ "return": {} }
-- 
1.8.0

[Qemu-devel] [RFC 1/3] virtio-balloon: drop old stats code

[Luiz Capitulino]

Next commit will re-enable balloon stats with a different interface, but
this old code conflicts with it, drop it then.

Signed-off-by: Luiz Capitulino 
---
 hw/virtio-balloon.c | 22 --
 1 file changed, 22 deletions(-)

diff --git a/hw/virtio-balloon.c b/hw/virtio-balloon.c
index dd1a650..4398025 100644
--- a/hw/virtio-balloon.c
+++ b/hw/virtio-balloon.c
@@ -164,28 +164,6 @@ static uint32_t virtio_balloon_get_features(VirtIODevice 
*vdev, uint32_t f)
 static void virtio_balloon_stat(void *opaque, BalloonInfo *info)
 {
 VirtIOBalloon *dev = opaque;
-
-#if 0
-/* Disable guest-provided stats for now. For more details please check:
- * https://bugzilla.redhat.com/show_bug.cgi?id=623903
- *
- * If you do enable it (which is probably not going to happen as we
- * need a new command for it), remember that you also need to fill the
- * appropriate members of the BalloonInfo structure so that the stats
- * are returned to the client.
- */
-if (dev->vdev.guest_features & (1 << VIRTIO_BALLOON_F_STATS_VQ)) {
-virtqueue_push(dev->svq, &dev->stats_vq_elem, dev->stats_vq_offset);
-virtio_notify(&dev->vdev, dev->svq);
-return;
-}
-#endif
-
-/* Stats are not supported.  Clear out any stale values that might
- * have been set by a more featureful guest kernel.
- */
-reset_stats(dev);
-
 info->actual = ram_size - ((uint64_t) dev->actual <<
VIRTIO_BALLOON_PFN_SHIFT);
 }
-- 
1.8.0

[Qemu-devel] [RFC 0/3] re-enable balloon stats

[Luiz Capitulino]

This new try to re-enable the virtio-balloon driver stats uses QOM properties
via a polling mechanism as suggested by Anthony here:

 http://lists.gnu.org/archive/html/qemu-devel/2012-02/msg02390.html

The second patch contains the implementation, the last patch contains
documentation and examples.

Luiz Capitulino (3):
  virtio-balloon: drop old stats code
  virtio-balloon: re-enable balloon stats
  docs: document virtio-balloon stats

 docs/virtio-balloon-stats.txt |  73 +
 hw/virtio-balloon.c   | 178 --
 2 files changed, 228 insertions(+), 23 deletions(-)
 create mode 100644 docs/virtio-balloon-stats.txt

-- 
1.8.0

Re: [Qemu-devel] [PULL for-1.3 0/3] seabios: q35 update

[jbaron]

On Tue, Dec 04, 2012 at 09:42:44AM -0500, Gabriel L. Somlo wrote:
> On Tue, 04 Dec 2012 08:40:27 +0100 Gerd Hoffmann wrote:
> >On Mon, 3 Dec 2012 13:47:04 -0500, Jason Baron wrote:
> >> 2) HPET ACPI error
> >> 
> >> This line: 'IRQNoFlags () {2, 8}' in the HPET acpi table is causing the
> >> folloing ACPI message (removing it makes it go away):
> >
> > Hmm.  That was added to make macos x happy and is also present on real
> > hardware, so I'm wondering what is going on here.
> 
> Without that line, OS X only works as a single-core, non-SMP guest.
> This is the "legacy replacement irq mapping" option for HPET (section
> 2.4.2, page 24 of the IA-PC HPET Specification).
> 
> The options are 'IRQNoFlags () {2, 8}' for "APIC mapping" or
> 'IRQNoFlags () {0, 8}' for "8259 mapping". Either one works for SMP + OS X.
> 
> I don't have an XP install image anymore, but does replacing 2,8 with
> 0,8 help ?
> 

no.

> On a few of my machines, this is actually coded as
> 
> IRQNoFlags ()
> {0}   /* or 2 */
> IRQNoFlags ()
> {8}
> 
> Based on my reading of the ACPI manual, this should be syntactically
> equivalent to the the comma-separated single-line format we're currently
> using, but could it be that WinXP is picky about the specifics ?
> 

Didn't seem to help either. I also tried having just a single irq from
0,2,8, and that didn't work either. The only thing that seems to make XP
happy is completely removing that line. So I'm not sure what is wrong.

> Also, as far as I can tell, this change never made it into the
> "q35-acpi-dsdt.dsl" file, just the "classic" acpi-dsdt.dsl (or, lately,
> acpi-dsdt-hpet.dsl). I was about to submit another patch for that, but
> now I guess I won't press it until we sort this out :)
> 

q35-acpi-dsdt.dsl is the current sebios tree does:

#include "acpi-dsdt-hpet.dsl"

Thanks,

-Jason

[Qemu-devel] [PATCH 0/2] tests: avoid aio_flush() in test cases

[Stefan Hajnoczi]

There is a patch to drop aio_flush().  Most callers shouldn't use that
interface.  It turns out that the aio and thread pool test cases *do* need
low-level flush functionality so they can test the aio code.

Convert test-aio.c and test-thread-pool.c to use replacements for
qemu_aio_flush() and aio_flush().

Stefan Hajnoczi (2):
  tests: use aio_poll() instead of aio_flush() in test-aio.c
  tests: avoid qemu_aio_flush() in test-thread-pool.c

 tests/test-aio.c | 31 +++
 tests/test-thread-pool.c | 20 ++--
 2 files changed, 29 insertions(+), 22 deletions(-)

-- 
1.8.0.1

[Qemu-devel] [PATCH 1/2] tests: use aio_poll() instead of aio_flush() in test-aio.c

[Stefan Hajnoczi]

There has been confusion between various aio wait and flush functions.
It's time to get rid of qemu_aio_flush() but in the aio test cases we
really do want this low-level functionality.

Therefore declare a local wait_for_aio() helper for the test cases.
Drop the aio_flush() test case.

Signed-off-by: Stefan Hajnoczi 
---
 tests/test-aio.c | 31 +++
 1 file changed, 15 insertions(+), 16 deletions(-)

diff --git a/tests/test-aio.c b/tests/test-aio.c
index f53c908..a8a4f0c 100644
--- a/tests/test-aio.c
+++ b/tests/test-aio.c
@@ -15,6 +15,14 @@
 
 AioContext *ctx;
 
+/* Wait until there are no more BHs or AIO requests */
+static void wait_for_aio(void)
+{
+while (aio_poll(ctx, true)) {
+/* Do nothing */
+}
+}
+
 /* Simple callbacks for testing.  */
 
 typedef struct {
@@ -78,14 +86,6 @@ static void test_notify(void)
 g_assert(!aio_poll(ctx, false));
 }
 
-static void test_flush(void)
-{
-g_assert(!aio_poll(ctx, false));
-aio_notify(ctx);
-aio_flush(ctx);
-g_assert(!aio_poll(ctx, false));
-}
-
 static void test_bh_schedule(void)
 {
 BHTestData data = { .n = 0 };
@@ -116,7 +116,7 @@ static void test_bh_schedule10(void)
 g_assert(aio_poll(ctx, true));
 g_assert_cmpint(data.n, ==, 2);
 
-aio_flush(ctx);
+wait_for_aio();
 g_assert_cmpint(data.n, ==, 10);
 
 g_assert(!aio_poll(ctx, false));
@@ -164,7 +164,7 @@ static void test_bh_delete_from_cb(void)
 qemu_bh_schedule(data1.bh);
 g_assert_cmpint(data1.n, ==, 0);
 
-aio_flush(ctx);
+wait_for_aio();
 g_assert_cmpint(data1.n, ==, data1.max);
 g_assert(data1.bh == NULL);
 
@@ -200,7 +200,7 @@ static void test_bh_delete_from_cb_many(void)
 g_assert_cmpint(data4.n, ==, 1);
 g_assert(data1.bh == NULL);
 
-aio_flush(ctx);
+wait_for_aio();
 g_assert_cmpint(data1.n, ==, data1.max);
 g_assert_cmpint(data2.n, ==, data2.max);
 g_assert_cmpint(data3.n, ==, data3.max);
@@ -219,7 +219,7 @@ static void test_bh_flush(void)
 qemu_bh_schedule(data.bh);
 g_assert_cmpint(data.n, ==, 0);
 
-aio_flush(ctx);
+wait_for_aio();
 g_assert_cmpint(data.n, ==, 1);
 
 g_assert(!aio_poll(ctx, false));
@@ -281,7 +281,7 @@ static void test_flush_event_notifier(void)
 g_assert_cmpint(data.active, ==, 9);
 g_assert(aio_poll(ctx, false));
 
-aio_flush(ctx);
+wait_for_aio();
 g_assert_cmpint(data.n, ==, 10);
 g_assert_cmpint(data.active, ==, 0);
 g_assert(!aio_poll(ctx, false));
@@ -325,7 +325,7 @@ static void test_wait_event_notifier_noflush(void)
 g_assert_cmpint(data.n, ==, 2);
 
 event_notifier_set(&dummy.e);
-aio_flush(ctx);
+wait_for_aio();
 g_assert_cmpint(data.n, ==, 2);
 g_assert_cmpint(dummy.n, ==, 1);
 g_assert_cmpint(dummy.active, ==, 0);
@@ -346,7 +346,7 @@ static void test_wait_event_notifier_noflush(void)
  * - sometimes both the AioContext and the glib main loop wake
  *   themselves up.  Hence, some "g_assert(!aio_poll(ctx, false));"
  *   are replaced by "while (g_main_context_iteration(NULL, false));".
- * - there is no exact replacement for aio_flush's blocking wait.
+ * - there is no exact replacement for a blocking wait.
  *   "while (g_main_context_iteration(NULL, true)" seems to work,
  *   but it is not documented _why_ it works.  For these tests a
  *   non-blocking loop like "while (g_main_context_iteration(NULL, false)"
@@ -637,7 +637,6 @@ int main(int argc, char **argv)
 
 g_test_init(&argc, &argv, NULL);
 g_test_add_func("/aio/notify",  test_notify);
-g_test_add_func("/aio/flush",   test_flush);
 g_test_add_func("/aio/bh/schedule", test_bh_schedule);
 g_test_add_func("/aio/bh/schedule10",   test_bh_schedule10);
 g_test_add_func("/aio/bh/cancel",   test_bh_cancel);
-- 
1.8.0.1

[Qemu-devel] [PATCH 2/2] tests: avoid qemu_aio_flush() in test-thread-pool.c

[Stefan Hajnoczi]

We need to eliminate calls to qemu_aio_flush() since the function is
being removed.  Most callers will use bdrv_drain_all() instead but
test-thread-pool.c is lower level.

Since the test uses the global AioContext we can loop on qemu_aio_wait()
to wait for aio and bh activity to complete.

Signed-off-by: Stefan Hajnoczi 
---
 tests/test-thread-pool.c | 20 ++--
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/tests/test-thread-pool.c b/tests/test-thread-pool.c
index fea0445..ea8e676 100644
--- a/tests/test-thread-pool.c
+++ b/tests/test-thread-pool.c
@@ -47,11 +47,19 @@ static void qemu_aio_wait_nonblocking(void)
 qemu_aio_wait();
 }
 
+/* Wait until all aio and bh activity has finished */
+static void qemu_aio_wait_all(void)
+{
+while (qemu_aio_wait()) {
+/* Do nothing */
+}
+}
+
 static void test_submit(void)
 {
 WorkerTestData data = { .n = 0 };
 thread_pool_submit(worker_cb, &data);
-qemu_aio_flush();
+qemu_aio_wait_all();
 g_assert_cmpint(data.n, ==, 1);
 }
 
@@ -63,7 +71,7 @@ static void test_submit_aio(void)
 /* The callbacks are not called until after the first wait.  */
 active = 1;
 g_assert_cmpint(data.ret, ==, -EINPROGRESS);
-qemu_aio_flush();
+qemu_aio_wait_all();
 g_assert_cmpint(active, ==, 0);
 g_assert_cmpint(data.n, ==, 1);
 g_assert_cmpint(data.ret, ==, 0);
@@ -84,7 +92,7 @@ static void co_test_cb(void *opaque)
 data->ret = 0;
 active--;
 
-/* The test continues in test_submit_co, after qemu_aio_flush... */
+/* The test continues in test_submit_co, after qemu_aio_wait_all... */
 }
 
 static void test_submit_co(void)
@@ -99,9 +107,9 @@ static void test_submit_co(void)
 g_assert_cmpint(active, ==, 1);
 g_assert_cmpint(data.ret, ==, -EINPROGRESS);
 
-/* qemu_aio_flush will execute the rest of the coroutine.  */
+/* qemu_aio_wait_all will execute the rest of the coroutine.  */
 
-qemu_aio_flush();
+qemu_aio_wait_all();
 
 /* Back here after the coroutine has finished.  */
 
@@ -184,7 +192,7 @@ static void test_cancel(void)
 }
 
 /* Finish execution and execute any remaining callbacks.  */
-qemu_aio_flush();
+qemu_aio_wait_all();
 g_assert_cmpint(active, ==, 0);
 for (i = 0; i < 100; i++) {
 if (data[i].n == 3) {
-- 
1.8.0.1

[Qemu-devel] [RFC 2/3] virtio-balloon: re-enable balloon stats

[Luiz Capitulino]

The statistics are now available through device properties via a
polling mechanism. First, a client has to enable polling, then it
can query the stats.

The following control properties are introduced:

 o stats-polling-interval: a value greater than zero enables polling
   in the specified interval (in seconds). When value equals zero,
   polling is disabled. If polling is already enabled and a value
   greater than zero is written, the polling interval time is changed

 o stats-last-update: last stats update timestamp, in seconds.

The following stats properties are introduced:

 o stat-swap-in
 o stat-swap-out
 o stat-major-faults
 o stat-minor-faults
 o stat-free-memory
 o stat-total-memory

All values are in bytes. A value of -1 means that the statistic isn't
available right now.

FIXME: Can balloon_stats_poll_cb(), balloon_stats_set_poll_interval(),
   virtio_balloon_handle_output() can run in parallel?

XXX: Should we return an error instead of -1? Might require a specific
 error. Although this is not exactly a failure...

Signed-off-by: Luiz Capitulino 
---

NOTE: Anthony suggested having a bool to enable/disable polling, but I prefer
  to let the client specify the polling interval. I can revisit this,
  though.

 hw/virtio-balloon.c | 156 +++-
 1 file changed, 155 insertions(+), 1 deletion(-)

diff --git a/hw/virtio-balloon.c b/hw/virtio-balloon.c
index 4398025..06af18f 100644
--- a/hw/virtio-balloon.c
+++ b/hw/virtio-balloon.c
@@ -22,6 +22,8 @@
 #include "virtio-balloon.h"
 #include "kvm.h"
 #include "exec-memory.h"
+#include "qemu-timer.h"
+#include "qapi/qapi-visit-core.h"
 
 #if defined(__linux__)
 #include 
@@ -36,6 +38,9 @@ typedef struct VirtIOBalloon
 uint64_t stats[VIRTIO_BALLOON_S_NR];
 VirtQueueElement stats_vq_elem;
 size_t stats_vq_offset;
+QEMUTimer *stats_timer;
+int64_t stats_last_update;
+int64_t stats_poll_interval;
 DeviceState *qdev;
 } VirtIOBalloon;
 
@@ -53,6 +58,16 @@ static void balloon_page(void *addr, int deflate)
 #endif
 }
 
+static const char *balloon_stat_names[] = {
+   [VIRTIO_BALLOON_S_SWAP_IN] = "stat-swap-in", 
+   [VIRTIO_BALLOON_S_SWAP_OUT] = "stat-swap-out",
+   [VIRTIO_BALLOON_S_MAJFLT] = "stat-major-faults",
+   [VIRTIO_BALLOON_S_MINFLT] = "stat-minor-faults",
+   [VIRTIO_BALLOON_S_MEMFREE] = "stat-free-memory",
+   [VIRTIO_BALLOON_S_MEMTOT] = "stat-total-memory",
+   [VIRTIO_BALLOON_S_NR] = NULL
+};
+
 /*
  * reset_stats - Mark all items in the stats array as unset
  *
@@ -67,6 +82,119 @@ static inline void reset_stats(VirtIOBalloon *dev)
 for (i = 0; i < VIRTIO_BALLOON_S_NR; dev->stats[i++] = -1);
 }
 
+static bool balloon_stats_supported(const VirtIOBalloon *s)
+{
+return s->vdev.guest_features & (1 << VIRTIO_BALLOON_F_STATS_VQ);
+}
+
+static bool balloon_stats_enabled(const VirtIOBalloon *s)
+{
+return s->stats_poll_interval > 0;
+}
+
+static void balloon_stats_disable_timer(VirtIOBalloon *s)
+{
+if (balloon_stats_enabled(s)) {
+qemu_del_timer(s->stats_timer);
+qemu_free_timer(s->stats_timer);
+s->stats_timer = NULL;
+s->stats_poll_interval = 0;
+}
+}
+
+static void balloon_stats_change_timer(VirtIOBalloon *s, int secs)
+{
+qemu_mod_timer(s->stats_timer, qemu_get_clock_ms(vm_clock) + secs * 1000);
+}
+
+static void balloon_stats_poll_cb(void *opaque)
+{
+VirtIOBalloon *s = opaque;
+
+virtqueue_push(s->svq, &s->stats_vq_elem, s->stats_vq_offset);
+virtio_notify(&s->vdev, s->svq);
+
+balloon_stats_change_timer(s, s->stats_poll_interval);
+}
+
+static void balloon_stats_get_last_update(Object *obj, struct Visitor *v,
+  void *opaque, const char *name,
+  Error **errp)
+{
+VirtIOBalloon *s = opaque;
+visit_type_int(v, &s->stats_last_update, name, errp);
+}
+
+static void balloon_stats_get_stat(Object *obj, struct Visitor *v,
+   void *opaque, const char *name, Error 
**errp)
+{
+VirtIOBalloon *s = opaque;
+int i;
+
+for (i = 0; i < VIRTIO_BALLOON_S_NR; i++) {
+if (!strcmp(balloon_stat_names[i], name)) {
+visit_type_int(v, (int64_t *) &s->stats[i], name, errp);
+return;
+}
+}
+
+error_setg(errp, "invalid property name '%s'", name);
+}
+
+static void balloon_stats_get_poll_interval(Object *obj, struct Visitor *v,
+void *opaque, const char *name,
+Error **errp)
+{
+VirtIOBalloon *s = opaque;
+visit_type_int(v, &s->stats_poll_interval, name, errp);
+}
+
+static void balloon_stats_set_poll_interval(Object *obj, struct Visitor *v,
+void *opaque, const char *name,
+Error **errp)
+{
+VirtIOBalloon *s = opaque;
+int64_t value;
+
+i

Re: [Qemu-devel] detecting seccomp sandbox capability via QMP

[Luiz Capitulino]

On Tue, 04 Dec 2012 15:42:32 +0100
Ján Tomko  wrote:

> On 12/04/12 12:46, Luiz Capitulino wrote:
> > On Mon, 03 Dec 2012 16:55:35 +0100
> > Ján Tomko  wrote:
> > 
> >> Hello,
> >>
> >> is there a way to check if QEMU was compiled with --enable-seccomp via QMP?
> > 
> > Not that I'm aware of. Could you describe your use-case?
> 
> It's for libvirt. The detection is broken since the switch from parsing
> -help output to QMP and I wanted to fix it.

Different folks have been adding QMP commands to allow feature detection,
then I believe that's what we should do.

[Qemu-devel] [RFC PATCH v5 0/6] Virtio refactoring.

[fred . konrad]

From: KONRAD Frederic 

I think the global structure is good as we discuted in the V4. So, I tried to
start device refactoring, and also made some little fix.

For the device refactoring, what are you suggesting for replacing
VirtIOBindings ?

Also, the virtio_pci_init_cb(..) currently use direct access to VirtIODevice,
can I just implement functions in virtio-bus to access the fields ?
( eg : get/set_nvectors ).

Finally, any idea on how I can make this patch-set for not breaking anything ?
The virtio-blk refactoring breaks all virtio-blk devices.

This patch-set is :
* Introducing a virtio-bus which extends bus-state.
* Implementing a virtio-pci-bus which extends virtio-bus.
* Implementing a virtio-pci device which has a virtio-pci-bus.
* Implementing virtio-device which extends device-states.
* Implementing a virtio-blk which extends virtio-device.

The first patch is a modification of qdev-monitor.c, it forces the function
qbus_find_recursive(..) to return a non-full bus, and return an error if the
desired bus ( with "bus=" option ) is full. It add a max_dev field to the
bus_state structure. If max_dev=0 it has no limitation, if not the maximum
amount of device connected to the bus is max_dev.

Changes v4 -> v5:
* use ERROR_CLASS_GENERIC_ERROR in place of creating a new error type for
  the maximum device limitation. ( Peter )
* Removed bus_in_use function. We assume that the virtio-bus is not in use,
  when plugin in. ( Peter )
* Added virtio_bus_destroy_device().
* Implemented the exit function of virtio-pci.
* Implemented the init callback for virtio-pci ( must be modified, it still
  access vdev directly. ).
* Implemented the exit callback for virtio-pci.
* Started virtio-device refactoring.
* Started virtio-blk refactoring. 

Changes v3 -> v4:
* Added virtio-bus.o in Makefile.objs ( accidentally dropped from v3 ).
* *const* TypeInfo in virtio-bus.
* Introduced virtio-pci-bus.
* Reintroduced virtio-pci.
* Introduced virtio-device.
* Started virtio-blk refactoring.
* Added an error type in qerror.h for the "bus full" error.

Changes v2 -> v3:
* Added VirtioBusClass.
* Renamed VirtioBus -> VirtioBusState.
* Renamed qbus -> parent_obj.
* Plug the device only in a non-full bus.

Changes v1 -> v2:
* All the little fix you suggest ( License, Debug printf, naming convention,
  ...)
* Added get_virtio_device_id(), and remove the pci_id* from the VirtioBus
  structure.
* Added virtio_bus_reset().
* Added cast macros VIRTIO_BUS.
* Added virtio_bus_plug_device.
* Replaced the old-style "bus->qbus" by BUS() macro.

Fred.

KONRAD Frederic (6):
  qdev : add a maximum device allowed field for the bus.
  virtio-bus : Introduce virtio-bus
  virtio-pci-bus : Introduce virtio-pci-bus.
  virtio-pci : Refactor virtio-pci device.
  virtio-device : Refactor virtio-device.
  virtio-blk : Refactor virtio-blk.

 hw/Makefile.objs  |   1 +
 hw/qdev-core.h|   2 +
 hw/qdev-monitor.c |  11 
 hw/virtio-blk.c   | 170 ++
 hw/virtio-blk.h   |   4 ++
 hw/virtio-bus.c   | 111 +++
 hw/virtio-bus.h   |  76 
 hw/virtio-pci.c   | 149 +++
 hw/virtio-pci.h   |  33 ++-
 hw/virtio.c   |  56 ++
 hw/virtio.h   |  29 ++
 11 files changed, 616 insertions(+), 26 deletions(-)
 create mode 100644 hw/virtio-bus.c
 create mode 100644 hw/virtio-bus.h

-- 
1.7.11.7

Re: [Qemu-devel] [PATCH v5] Add compare subcommand for qemu-img

[Stefan Hajnoczi]

On Tue, Dec 04, 2012 at 06:06:55AM -0500, Miroslav Rezanina wrote:
> +for (;;) {
> +c = getopt(argc, argv, "pf:F:sq");
> +if (c == -1) {
> +break;
> +}
> +switch (c) {
> +case 'f':
> +fmt1 = optarg;
> +break;
> +case 'F':
> +fmt2 = optarg;
> +break;
> +case 'p':
> +progress = 1;
> +break;
> +case 'q':
> +quiet = 1;
> +break;
> +case 's':
> +strict = 1;
> +break;
> +}
> +}

Still missing '?' and 'h'.  They should call help().

Without this an invalid command-line option doesn't abort execution and
weird things can happen :).

Stefan

[Qemu-devel] [RFC PATCH v5 2/6] virtio-bus : Introduce virtio-bus

[fred . konrad]

From: KONRAD Frederic 

Introduce virtio-bus. Refactored transport device will create a bus which
extends virtio-bus.

Signed-off-by: KONRAD Frederic 
---
 hw/Makefile.objs |   1 +
 hw/virtio-bus.c  | 111 +++
 hw/virtio-bus.h  |  76 +
 3 files changed, 188 insertions(+)
 create mode 100644 hw/virtio-bus.c
 create mode 100644 hw/virtio-bus.h

diff --git a/hw/Makefile.objs b/hw/Makefile.objs
index d581d8d..6fa4de4 100644
--- a/hw/Makefile.objs
+++ b/hw/Makefile.objs
@@ -3,6 +3,7 @@ common-obj-y += loader.o
 common-obj-$(CONFIG_VIRTIO) += virtio-console.o
 common-obj-$(CONFIG_VIRTIO) += virtio-rng.o
 common-obj-$(CONFIG_VIRTIO_PCI) += virtio-pci.o
+common-obj-$(CONFIG_VIRTIO) += virtio-bus.o
 common-obj-y += fw_cfg.o
 common-obj-$(CONFIG_PCI) += pci.o pci_bridge.o pci_bridge_dev.o
 common-obj-$(CONFIG_PCI) += msix.o msi.o
diff --git a/hw/virtio-bus.c b/hw/virtio-bus.c
new file mode 100644
index 000..ccf1cb0
--- /dev/null
+++ b/hw/virtio-bus.c
@@ -0,0 +1,111 @@
+/*
+ * VirtioBus
+ *
+ *  Copyright (C) 2012 : GreenSocs Ltd
+ *  http://www.greensocs.com/ , email: i...@greensocs.com
+ *
+ *  Developed by :
+ *  Frederic Konrad   
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ *
+ */
+
+#include "hw.h"
+#include "qemu-error.h"
+#include "qdev.h"
+#include "virtio-bus.h"
+#include "virtio.h"
+
+/* #define DEBUG_VIRTIO_BUS */
+
+#ifdef DEBUG_VIRTIO_BUS
+#define DPRINTF(fmt, ...) \
+do { printf("virtio_bus: " fmt , ## __VA_ARGS__); } while (0)
+#else
+#define DPRINTF(fmt, ...) do { } while (0)
+#endif
+
+/* Plug the VirtIODevice */
+int virtio_bus_plug_device(VirtIODevice *vdev)
+{
+DeviceState *qdev = DEVICE(vdev);
+BusState *qbus = BUS(qdev_get_parent_bus(qdev));
+VirtioBusState *bus = VIRTIO_BUS(qbus);
+VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(bus);
+DPRINTF("%s : plug device.\n", qbus->name);
+
+bus->vdev = vdev;
+
+if (klass->init != NULL) {
+klass->init(qbus->parent);
+}
+
+/*
+ * The lines below will disappear when we drop VirtIOBindings.
+ */
+bus->bindings.notify = klass->notify;
+bus->bindings.save_config = klass->save_config;
+bus->bindings.save_queue = klass->save_queue;
+bus->bindings.load_config = klass->load_config;
+bus->bindings.load_queue = klass->load_queue;
+bus->bindings.load_done = klass->load_done;
+bus->bindings.get_features = klass->get_features;
+bus->bindings.query_guest_notifiers = klass->query_guest_notifiers;
+bus->bindings.set_guest_notifiers = klass->set_guest_notifiers;
+bus->bindings.set_host_notifier = klass->set_host_notifier;
+bus->bindings.vmstate_change = klass->vmstate_change;
+virtio_bind_device(bus->vdev, &(bus->bindings), qbus->parent);
+
+return 0;
+}
+
+/* Destroy the VirtIODevice */
+void virtio_bus_destroy_device(VirtioBusState *bus)
+{
+DeviceState *qdev;
+BusState *qbus = BUS(bus);
+VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(bus);
+DPRINTF("%s : remove device.\n", qbus->name);
+
+if (bus->vdev != NULL) {
+if (klass->exit != NULL) {
+klass->exit(qbus->parent);
+}
+qdev = DEVICE(bus->vdev);
+qdev_free(qdev);
+bus->vdev = NULL;
+}
+}
+
+/* Return the virtio device id of the plugged device. */
+uint16_t get_virtio_device_id(VirtioBusState *bus)
+{
+return bus->vdev->device_id;
+}
+
+static const TypeInfo virtio_bus_info = {
+.name = TYPE_VIRTIO_BUS,
+.parent = TYPE_BUS,
+.instance_size = sizeof(VirtioBusState),
+.abstract = true,
+.class_size = sizeof(VirtioBusClass),
+};
+
+static void virtio_register_types(void)
+{
+type_register_static(&virtio_bus_info);
+}
+
+type_init(virtio_register_types)
diff --git a/hw/virtio-bus.h b/hw/virtio-bus.h
new file mode 100644
index 000..570ad98
--- /dev/null
+++ b/hw/virtio-bus.h
@@ -0,0 +1,76 @@
+/*
+ * VirtioBus
+ *
+ *  Copyright (C) 2012 : GreenSocs Ltd
+ *  http://www.greensocs.com/ , email: i...@greensocs.com
+ *
+ *  Developed by :
+ *  Frederic Konrad   
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *

Re: [Qemu-devel] detecting seccomp sandbox capability via QMP

[Daniel P. Berrange]

On Tue, Dec 04, 2012 at 03:42:32PM +0100, Ján Tomko wrote:
> On 12/04/12 12:46, Luiz Capitulino wrote:
> > On Mon, 03 Dec 2012 16:55:35 +0100
> > Ján Tomko  wrote:
> > 
> >> Hello,
> >>
> >> is there a way to check if QEMU was compiled with --enable-seccomp via QMP?
> > 
> > Not that I'm aware of. Could you describe your use-case?
> 
> It's for libvirt. The detection is broken since the switch from parsing
> -help output to QMP and I wanted to fix it.
> 
> Assuming it's supported if we do capabilities detection via QMP (since
> libvirt 1.0.0 and QEMU 1.2) would work except for this case:
> If seccomp sandbox was requested in /etc/libvirt/qemu.conf, but it was
> compiled out from qemu, libvirt would try to run QEMU with -sandbox on
> instead of printing an error earlier.

In the absence of any way to detect it via QMP, libvirt should fallback
to hardcoding it based on the version number. This presumes that QEMU was
built with it enabled in configure, but we've no other option for current
released 1.2/1.3 versions.

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

[Qemu-devel] [RFC PATCH v5 5/6] virtio-device : Refactor virtio-device.

[fred . konrad]

From: KONRAD Frederic 

Create the virtio-device which is abstract. All the virtio-device can extend
this class.

Signed-off-by: KONRAD Frederic 
---
 hw/virtio.c | 56 
 hw/virtio.h | 29 +
 2 files changed, 85 insertions(+)

diff --git a/hw/virtio.c b/hw/virtio.c
index f40a8c5..cd46af1 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -16,6 +16,7 @@
 #include "trace.h"
 #include "qemu-error.h"
 #include "virtio.h"
+#include "virtio-bus.h"
 #include "qemu-barrier.h"
 
 /* The alignment to use between consumer and producer parts of vring.
@@ -934,6 +935,38 @@ VirtIODevice *virtio_common_init(const char *name, 
uint16_t device_id,
 return vdev;
 }
 
+/*
+ * The same initialization as above without allocating the structure.
+ */
+void virtio_common_init_(VirtIODevice *vdev, const char *name,
+ uint16_t device_id, size_t config_size,
+ size_t struct_size)
+{
+int i;
+
+vdev->device_id = device_id;
+vdev->status = 0;
+vdev->isr = 0;
+vdev->queue_sel = 0;
+vdev->config_vector = VIRTIO_NO_VECTOR;
+vdev->vq = g_malloc0(sizeof(VirtQueue) * VIRTIO_PCI_QUEUE_MAX);
+vdev->vm_running = runstate_is_running();
+for (i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) {
+vdev->vq[i].vector = VIRTIO_NO_VECTOR;
+vdev->vq[i].vdev = vdev;
+}
+
+vdev->name = name;
+vdev->config_len = config_size;
+if (vdev->config_len) {
+vdev->config = g_malloc0(config_size);
+} else {
+vdev->config = NULL;
+}
+vdev->vmstate = qemu_add_vm_change_state_handler(virtio_vmstate_change,
+ vdev);
+}
+
 void virtio_bind_device(VirtIODevice *vdev, const VirtIOBindings *binding,
 void *opaque)
 {
@@ -1056,3 +1089,26 @@ EventNotifier *virtio_queue_get_host_notifier(VirtQueue 
*vq)
 {
 return &vq->host_notifier;
 }
+
+static void virtio_device_class_init(ObjectClass *klass, void *data)
+{
+/* Set the default value here. */
+DeviceClass *dc = DEVICE_CLASS(klass);
+dc->bus_type = TYPE_VIRTIO_BUS;
+}
+
+static const TypeInfo virtio_device_info = {
+.name = TYPE_VIRTIO_DEVICE,
+.parent = TYPE_DEVICE,
+.instance_size = sizeof(VirtIODevice),
+.class_init = virtio_device_class_init,
+.abstract = true,
+.class_size = sizeof(VirtioDeviceClass),
+};
+
+static void virtio_register_types(void)
+{
+type_register_static(&virtio_device_info);
+}
+
+type_init(virtio_register_types)
diff --git a/hw/virtio.h b/hw/virtio.h
index 7c17f7b..361ad95 100644
--- a/hw/virtio.h
+++ b/hw/virtio.h
@@ -108,8 +108,17 @@ typedef struct {
 
 #define VIRTIO_NO_VECTOR 0x
 
+#define TYPE_VIRTIO_DEVICE "virtio-device"
+#define VIRTIO_DEVICE_GET_CLASS(obj) \
+OBJECT_GET_CLASS(VirtioDeviceClass, obj, TYPE_VIRTIO_DEVICE)
+#define VIRTIO_DEVICE_CLASS(klass) \
+OBJECT_CLASS_CHECK(VirtioDeviceClass, klass, TYPE_VIRTIO_DEVICE)
+#define VIRTIO_DEVICE(obj) \
+OBJECT_CHECK(VirtIODevice, (obj), TYPE_VIRTIO_DEVICE)
+
 struct VirtIODevice
 {
+DeviceState parent_obj;
 const char *name;
 uint8_t status;
 uint8_t isr;
@@ -119,6 +128,9 @@ struct VirtIODevice
 void *config;
 uint16_t config_vector;
 int nvectors;
+/*
+ * Must be removed as we have it in VirtioDeviceClass.
+ */
 uint32_t (*get_features)(VirtIODevice *vdev, uint32_t requested_features);
 uint32_t (*bad_features)(VirtIODevice *vdev);
 void (*set_features)(VirtIODevice *vdev, uint32_t val);
@@ -126,6 +138,7 @@ struct VirtIODevice
 void (*set_config)(VirtIODevice *vdev, const uint8_t *config);
 void (*reset)(VirtIODevice *vdev);
 void (*set_status)(VirtIODevice *vdev, uint8_t val);
+/***/
 VirtQueue *vq;
 const VirtIOBindings *binding;
 void *binding_opaque;
@@ -134,6 +147,22 @@ struct VirtIODevice
 VMChangeStateEntry *vmstate;
 };
 
+typedef struct {
+/* This is what a VirtioDevice must implement */
+DeviceClass parent;
+uint32_t (*get_features)(VirtIODevice *vdev, uint32_t requested_features);
+uint32_t (*bad_features)(VirtIODevice *vdev);
+void (*set_features)(VirtIODevice *vdev, uint32_t val);
+void (*get_config)(VirtIODevice *vdev, uint8_t *config);
+void (*set_config)(VirtIODevice *vdev, const uint8_t *config);
+void (*reset)(VirtIODevice *vdev);
+void (*set_status)(VirtIODevice *vdev, uint8_t val);
+} VirtioDeviceClass;
+
+void virtio_common_init_(VirtIODevice *vdev, const char *name,
+ uint16_t device_id, size_t config_size,
+ size_t struct_size);
+
 VirtQueue *virtio_add_queue(VirtIODevice *vdev, int queue_size,
 void (*handle_output)(VirtIODevice *,
   VirtQueue *));
-- 
1.7.11.7

Re: [Qemu-devel] [PATCH] tests: Add tests for fdsets

[Stefan Hajnoczi]

On Wed, Nov 14, 2012 at 05:53:16PM -0500, Corey Bryant wrote:
> 
> Signed-off-by: Corey Bryant 
> ---
>  tests/qemu-iotests/044| 129 
> ++
>  tests/qemu-iotests/044.out|   5 ++
>  tests/qemu-iotests/group  |   1 +
>  tests/qemu-iotests/iotests.py |  12 
>  4 files changed, 147 insertions(+)
>  create mode 100755 tests/qemu-iotests/044
>  create mode 100644 tests/qemu-iotests/044.out

Thanks, applied to my block tree:
https://github.com/stefanha/qemu/commits/block

Stefan

[Qemu-devel] [PATCH] qemu-io: Implement write -c for compressed clusters

[Kevin Wolf]

This makes it easier to create images with both compressed and
uncompressed clusters for testing.

Signed-off-by: Kevin Wolf 
---
 qemu-io.c |   23 +--
 1 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/qemu-io.c b/qemu-io.c
index 5730aeb..1637773 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -265,6 +265,18 @@ static int do_co_write_zeroes(int64_t offset, int count, 
int *total)
 }
 }
 
+static int do_write_compressed(char *buf, int64_t offset, int count, int 
*total)
+{
+int ret;
+
+ret = bdrv_write_compressed(bs, offset >> 9, (uint8_t *)buf, count >> 9);
+if (ret < 0) {
+return ret;
+}
+*total = count;
+return 1;
+}
+
 static int do_load_vmstate(char *buf, int64_t offset, int count, int *total)
 {
 *total = bdrv_load_vmstate(bs, (uint8_t *)buf, offset, count);
@@ -687,6 +699,7 @@ static void write_help(void)
 " Writes into a segment of the currently open file, using a buffer\n"
 " filled with a set pattern (0xcdcdcdcd).\n"
 " -b, -- write to the VM state rather than the virtual disk\n"
+" -c, -- write compressed data with bdrv_write_compressed\n"
 " -p, -- use bdrv_pwrite to write the file\n"
 " -P, -- use different pattern to fill file\n"
 " -C, -- report statistics in a machine parsable format\n"
@@ -703,7 +716,7 @@ static const cmdinfo_t write_cmd = {
 .cfunc  = write_f,
 .argmin = 2,
 .argmax = -1,
-.args   = "[-bCpqz] [-P pattern ] off len",
+.args   = "[-bcCpqz] [-P pattern ] off len",
 .oneline= "writes a number of bytes at a specified offset",
 .help   = write_help,
 };
@@ -712,6 +725,7 @@ static int write_f(int argc, char **argv)
 {
 struct timeval t1, t2;
 int Cflag = 0, pflag = 0, qflag = 0, bflag = 0, Pflag = 0, zflag = 0;
+int cflag = 0;
 int c, cnt;
 char *buf = NULL;
 int64_t offset;
@@ -720,11 +734,14 @@ static int write_f(int argc, char **argv)
 int total = 0;
 int pattern = 0xcd;
 
-while ((c = getopt(argc, argv, "bCpP:qz")) != EOF) {
+while ((c = getopt(argc, argv, "bcCpP:qz")) != EOF) {
 switch (c) {
 case 'b':
 bflag = 1;
 break;
+case 'c':
+cflag = 1;
+break;
 case 'C':
 Cflag = 1;
 break;
@@ -801,6 +818,8 @@ static int write_f(int argc, char **argv)
 cnt = do_save_vmstate(buf, offset, count, &total);
 } else if (zflag) {
 cnt = do_co_write_zeroes(offset, count, &total);
+} else if (cflag) {
+cnt = do_write_compressed(buf, offset, count, &total);
 } else {
 cnt = do_write(buf, offset, count, &total);
 }
-- 
1.7.6.5

Re: [Qemu-devel] [PULL for-1.3 0/3] seabios: q35 update

[Gerd Hoffmann]

  Hi,

>>> '-machine q35,diskmode=ahci,ide,raid'? 
>>
>> I'm wondering whenever we want to deal with that at all?
>>
>> "If your guest is too old to handle ahci natively, just stick to piix."
>> is a sensible policy IMHO.
>>
> 
> There was some discussion of trying to make q35 the default for 1.4, in
> which case it may be important to support older OS's such as WinXP.
> 
> Anthony, do you have any opinion on this?

The fundamental issue is that you have either good compatibility (makes
old guests happy) or good performance (makes modern guests happy) by
default.  Picking a default which makes everybody happy is impossible.

That problem doesn't change no matter whenever the choice is piix vs.
q35 or q35+ide vs. q35+ahci.

management apps (using libosinfo) can tackle this in a sensible manner
by picking virtual hardware depending on the guest capabilities.  So I
wouldn't worry too much on qemu level.

>>> 2) HPET ACPI error
>>>
>>> This line: 'IRQNoFlags () {2, 8}' in the HPET acpi table is causing the
>>> folloing ACPI message (removing it makes it go away):
>>
>> Hmm.  That was added to make macos x happy and is also present on real
>> hardware, so I'm wondering what is going on here.
>>
> 
> I also noticed that on Windows 7, the 'IRQNoFlags' line above makes the RTC
> clock complain that it does not have resources available. While removing the
> above line, removes that error.

Hmm.  The IRQNoFlags for the RTC isn't new though, but I can see that
with win7 on piix too.

cheers,
  Gerd

Re: [Qemu-devel] [PULL for-1.3 0/3] seabios: q35 update

[Gabriel L. Somlo]

On Tue, Dec 04, 2012 at 10:11:38AM -0500, jba...@redhat.com wrote:
> > I don't have an XP install image anymore, but does replacing 2,8 with
> > 0,8 help ?
> > 
> 
> no.
> 
> > On a few of my machines, this is actually coded as
> > 
> > IRQNoFlags ()
> > {0} /* or 2 */
> > IRQNoFlags ()
> > {8}
> > 
> > Based on my reading of the ACPI manual, this should be syntactically
> > equivalent to the the comma-separated single-line format we're currently
> > using, but could it be that WinXP is picky about the specifics ?
> > 
> 
> Didn't seem to help either. I also tried having just a single irq from
> 0,2,8, and that didn't work either. The only thing that seems to make XP
> happy is completely removing that line. So I'm not sure what is wrong.

I got one more thing to try:

diff --git a/src/acpi-dsdt-hpet.dsl b/src/acpi-dsdt-hpet.dsl
index d5aa3f1..8385ce4 100644
--- a/src/acpi-dsdt-hpet.dsl
+++ b/src/acpi-dsdt-hpet.dsl
@@ -23,12 +23,17 @@ Scope(\_SB) {
 }
 Return (0x0F)
 }
-Name(_CRS, ResourceTemplate() {
+Name(BUF0, ResourceTemplate() {
 IRQNoFlags() {2, 8}
 Memory32Fixed(ReadOnly,
 0xFED0, // Address Base
 0x0400, // Address Length
-)
+_Y09)
 })
+Method(_CRS, 0, Serialized) {
+CreateDWordField (BUF0, \_SB.HPET._Y09._BAS, HPT0)
+Store(0xFED0, HPT0)
+Return (BUF0)
+}
 }
 }

The complete definition for the HPET on my MacPro5,1 is below; along
with the 0xFED0 value gleaned from the previous SeaBIOS version of
_CRS, I came up with the above. Hopefully it works for WinXP too...

Thanks,
--Gabriel

Device (HPET) {
Name (_HID, EisaId ("PNP0103"))
Name (BUF0, ResourceTemplate () {
IRQNoFlags ()
{0}
IRQNoFlags ()
{8}
Memory32Fixed (ReadOnly,
0xFED0, // Address Base
0x0010, // Address Length
_Y09)
})
Method (_STA, 0, NotSerialized) {
If (LGreaterEqual (OSYS, 0x07D1)) {
If (HPAE) {
Return (0x0F)
}
} Else {
If (HPAE) {
Return (0x0B)
}
}
Return (0x00)
}
Method (_CRS, 0, Serialized) {
If (HPAE) {
CreateDWordField (BUF0, \_SB.PCI0.LPCB.HPET._Y09._BAS,   HPT0)
If (LEqual (HPAS, 0x01)) {
Store (0xFED1, HPT0)
}
If (LEqual (HPAS, 0x02)) {
Store (0xFED2, HPT0)
}
If (LEqual (HPAS, 0x03)) {
Store (0xFED3, HPT0)
}
}
Return (BUF0)
}
}

Re: [Qemu-devel] [PATCH] qemu-io: Implement write -c for compressed clusters

[Stefan Hajnoczi]

On Tue, Dec 04, 2012 at 04:35:12PM +0100, Kevin Wolf wrote:
> This makes it easier to create images with both compressed and
> uncompressed clusters for testing.
> 
> Signed-off-by: Kevin Wolf 
> ---
>  qemu-io.c |   23 +--
>  1 files changed, 21 insertions(+), 2 deletions(-)

Thanks, applied to the block tree:
https://github.com/stefanha/qemu/commits/block

Stefan

Re: [Qemu-devel] [RFC PATCH v5 4/6] virtio-pci : Refactor virtio-pci device.

[KONRAD Frédéric]

On 04/12/2012 15:49, Peter Maydell wrote:

On 4 December 2012 14:35,   wrote:

From: KONRAD Frederic 

Create the virtio-pci device. This transport device will create a
virtio-pci-bus, so one VirtIODevice can be connected.

Signed-off-by: KONRAD Frederic 
---
  hw/virtio-pci.c | 112 
  hw/virtio-pci.h |  14 +++
  2 files changed, 126 insertions(+)

diff --git a/hw/virtio-pci.c b/hw/virtio-pci.c
index 5ac8d0d..8426122 100644
--- a/hw/virtio-pci.c
+++ b/hw/virtio-pci.c
@@ -1119,6 +1119,115 @@ static TypeInfo virtio_scsi_info = {
  .class_init= virtio_scsi_class_init,
  };

+/*
+ * virtio-pci : This is the PCIDevice which have a virtio-pci-bus.
+ */
+
+/* init callback */
+static void virtio_pci_init_cb(void *opaque)
+/* exit callback */
+static void virtio_pci_exit_cb(void *opaque)
+static int virtio_pci_init(PCIDevice *pci_dev)
+static void virtio_pci_exit(PCIDevice *pci_dev)

It's rather confusing to have an init and an init_cb and also
an exit and an exit_cb, and not to have anything explaining
what the difference is or when each one is called or what
needs to be done in one that can't be done in the other.

Right, I'll change the name and add comments.


-- PMM

Re: [Qemu-devel] [RFC PATCH v5 5/6] virtio-device : Refactor virtio-device.

[KONRAD Frédéric]

On 04/12/2012 15:55, Peter Maydell wrote:

On 4 December 2012 14:35,   wrote:

From: KONRAD Frederic 

Create the virtio-device which is abstract. All the virtio-device can extend
this class.

Signed-off-by: KONRAD Frederic 
---
  hw/virtio.c | 56 
  hw/virtio.h | 29 +
  2 files changed, 85 insertions(+)

diff --git a/hw/virtio.c b/hw/virtio.c
index f40a8c5..cd46af1 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -16,6 +16,7 @@
  #include "trace.h"
  #include "qemu-error.h"
  #include "virtio.h"
+#include "virtio-bus.h"
  #include "qemu-barrier.h"

  /* The alignment to use between consumer and producer parts of vring.
@@ -934,6 +935,38 @@ VirtIODevice *virtio_common_init(const char *name, 
uint16_t device_id,
  return vdev;
  }

+/*
+ * The same initialization as above without allocating the structure.
+ */
+void virtio_common_init_(VirtIODevice *vdev, const char *name,
+ uint16_t device_id, size_t config_size,
+ size_t struct_size)

If you find yourself cut-and-pasting 25 lines of code, think again.
In this case, just make virtio_common_init() a wrapper that does
a malloc and calls your non-allocation init.

I didn't think about it, I'll do it.

Thanks,

Fred.

Re: [Qemu-devel] [PULL 00/18] acpi: switch to memory api

[Andreas Färber]

Hi Gerd,

Am 04.12.2012 14:04, schrieb Gerd Hoffmann:
>   Hi,
> 
> Same patches as posted last week.  No review comments, 1.4 tree
> open, so it should be ready to go in now.

That's not quite true - you ignored my review comment wrt MemoryRegion
placement (and I left it to you to look for further instances). Can you
please fix that up on your branch or as follow-up?

Did you see any overlap with Julien's series or can I post my PULL in
parallel?

Regards,
Andreas

> 
> cheers,
>   Gerd
> 
> The following changes since commit 16c6c80ac3a772b42a87b77dfdf0fdac7c607b0e:
> 
>   Open up 1.4 development branch (2012-12-03 14:08:40 -0600)
> 
> are available in the git repository at:
>   git://git.kraxel.org/qemu acpi.1
> 
> Gerd Hoffmann (18):
>   apci: switch piix4 to memory api
>   apci: switch ich9 to memory api
>   apci: switch vt82c686 to memory api
>   apci: switch timer to memory api
>   apci: switch cnt to memory api
>   apci: switch evt to memory api
>   acpi: cleanup piix4 memory region
>   acpi: cleanup vt82c686 memory region
>   apci: switch ich9 gpe to memory api
>   apci: switch ich9 smi to memory api
>   acpi: cleanup ich9 memory region
>   acpi: switch smbus to memory api
>   acpi: fix piix4 smbus mapping
>   apci: switch piix4 gpe to memory api
>   acpi: remove acpi_gpe_blk
>   apci: switch piix4 pci hotplug to memory api
>   q35: update lpc pci config space according to configured devices
>   acpi: drop debug port
> 
>  hw/acpi.c   |  113 ++-
>  hw/acpi.h   |   18 +++--
>  hw/acpi_ich9.c  |  199 ++
>  hw/acpi_ich9.h  |3 +
>  hw/acpi_piix4.c |  183 +++
>  hw/ich9.h   |1 +
>  hw/lpc_ich9.c   |   29 
>  hw/pm_smbus.c   |   17 -
>  hw/pm_smbus.h   |3 +-
>  hw/smbus_ich9.c |   64 --
>  hw/vt82c686.c   |  102 +
>  11 files changed, 317 insertions(+), 415 deletions(-)
> 


-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PULL for-1.3 0/3] seabios: q35 update

[Gerd Hoffmann]

On 12/04/12 16:37, Gerd Hoffmann wrote:
>> > I also noticed that on Windows 7, the 'IRQNoFlags' line above makes the RTC
>> > clock complain that it does not have resources available. While removing 
>> > the
>> > above line, removes that error.
> Hmm.  The IRQNoFlags for the RTC isn't new though, but I can see that
> with win7 on piix too.

Works fine with 1.7.1 though.  /me goes bisecting.

cheers,
  Gerd

[Qemu-devel] [PATCH] configure: allow disabling pixman if not needed

[Robert Schiele]

When we build neither any system emulation targets nor the tools there
is actually no need for pixman library.  In that case do not enforce
presence of that library on the system.

Signed-off-by: Robert Schiele 
---
This allows to reduce dependencies in case you build only user
emulation targets.

 configure |   18 --
 target-unicore32/helper.c |2 ++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index 994f731..7043b5a 100755
--- a/configure
+++ b/configure
@@ -647,6 +647,8 @@ for opt do
   ;;
   --without-system-pixman) pixman="internal"
   ;;
+  --without-pixman) pixman="none"
+  ;;
   --disable-sdl) sdl="no"
   ;;
   --enable-sdl) sdl="yes"
@@ -2118,13 +2120,25 @@ fi
 # pixman support probe
 
 if test "$pixman" = ""; then
-  if $pkg_config pixman-1 > /dev/null 2>&1; then
+  if test "$want_tools" = "no" -a "$softmmu" = "no"; then
+pixman="none"
+  elif $pkg_config pixman-1 > /dev/null 2>&1; then
 pixman="system"
   else
 pixman="internal"
   fi
 fi
-if test "$pixman" = "system"; then
+if test "$pixman" = "none"; then
+  if test "$want_tools" != "no" -o "$softmmu" != "no"; then
+echo "ERROR: pixman disabled but system emulation or tools build"
+echo "   enabled.  You can turn off pixman only if you also"
+echo "   disable all system emulation targets and the tools"
+echo "   build with '--disable-tools --disable-system'."
+exit 1
+  fi
+  pixman_cflags=
+  pixman_libs=
+elif test "$pixman" = "system"; then
   pixman_cflags=`$pkg_config --cflags pixman-1 2>/dev/null`
   pixman_libs=`$pkg_config --libs pixman-1 2>/dev/null`
 else
diff --git a/target-unicore32/helper.c b/target-unicore32/helper.c
index a9e226b..3e0df33 100644
--- a/target-unicore32/helper.c
+++ b/target-unicore32/helper.c
@@ -13,7 +13,9 @@
 #include "gdbstub.h"
 #include "helper.h"
 #include "host-utils.h"
+#ifndef CONFIG_USER_ONLY
 #include "console.h"
+#endif
 
 #undef DEBUG_UC32
 
-- 
1.7.10.4

Re: [Qemu-devel] [RFC 0/8] CPU DeviceState v9

[Andreas Färber]

Am 04.12.2012 14:19, schrieb Eduardo Habkost:
> Changes on v9:
>  - Instead of moving qemu_[un]register_reset() to reset.c and including
>it on *-user, create stubs for them on libqemustub.a

We compile cpu.c twice. Can't we do the same for qdev.c or whatever uses
those functions? I feel they have no business being used in *-user.
CC'ing Riku and Peter.

Andreas

>  - This is based on afaerber's qom-cpu branch, that has some header cleanup
>changes. You can get the complete series in a git tree at:
>https://github.com/ehabkost/qemu-hacks/tree/cpu_qdev.v9
>git://github.com/ehabkost/qemu-hacks.git cpu_qdev.v9
> 
> v8:
>  - Use a simpler copyright header on qdev-properties-system.c
>  - Use the new libqemustub.a mechanism instead of the (now exting)
>QEMU_WEAK_ALIAS mechanism
>  - Move the reset-handler registration code to a new hw/reset.c file
> 
> v7:
>  - Use the new QEMU_WEAK_ALIAS mechanism instead of the (now extinct)
>GCC_WEAK attribute (patches 20 and 21)
> 
> v6:
>  - Simple rebase against latest qemu.git master
>  - Patch 13: some new typedefs were added and others were removed
>  - Patch 19: trivial rebase
> v5:
>  - Tons of header cleanups just to eliminate qlist.h <-> cpu-common.h circular
>dependency (patches 1-17)
>  - Add copyright/license information to qdev-properties.c (patch 17)
>  - Add copyright/license information to qdev-properties-system.c (patch 22)
>  - use error_report()+abort() instead of hw_error() on qdev.c (patch 18)
>  - Move qemu_[un]register_reset() and qemu_devices_reset() to qdev-core.c
>(patch 19)
>  - Make vmstate_[un]register() weak stubs, instead of a new function (patch 
> 20)
>  - Make sysbus_get_default() weak stub, instead of new qbus reset (un)register
>functions (patch 21)
>  - Eliminate qdev-system.c (all code is kept on qdev.c, now) (patch 22)
> v4:
>   - Add GCC_WEAK_DECL to functions that have GCC_WEAK versions
>   - Updated the qdev_init_gpio_in() code on qdev-system.c to current version
>   - Patch description updates (moved changelog below "---" and/or move info
> about changes made by different authors between SoB lines)
> v3 (submitted by Igor):
>   - rebased on top of 8b4a3df (today's master)
>   - slight code reshuffling in (see commit's changelog)
>  "qdev: separate core from the code used only by qemu-system-*"
>  "move qemu_irq typedef out of cpu-common.h"
>   - commit messages cleanup
> v2:
>   Removes the CONFIG_USER_ONLY ifdefs, and use weak symbols to move
>   the vmstate and qemu_register_reset() handling to qdev-system.c
> 
> git tree for testing:
>   https://github.com/ehabkost/qemu-hacks/tree/cpu_qdev.v9
>   git://github.com/ehabkost/qemu-hacks.git cpu_qdev.v9
> 
> References to previous versions:
>   v8: http://article.gmane.org/gmane.comp.emulators.qemu/182589
>   v7: http://article.gmane.org/gmane.comp.emulators.qemu/179969
>   v6: http://article.gmane.org/gmane.comp.emulators.qemu/179918
>   v5: http://article.gmane.org/gmane.comp.emulators.qemu/177426
>   v4: http://article.gmane.org/gmane.comp.emulators.qemu/176127
>   v3: http://article.gmane.org/gmane.comp.emulators.qemu/175980
>   v2: http://article.gmane.org/gmane.comp.emulators.qemu/173909
>   v1: http://article.gmane.org/gmane.comp.emulators.qemu/166630
> 
> 
> Eduardo Habkost (7):
>   move -I$(SRC_PATH)/include compiler flag to Makefile.objs
>   qdev: qdev_create(): use error_report() instead of hw_error()
>   libqemustub: add qemu_[un]register_reset() stubs
>   libqemustub: vmstate register/unregister stubs
>   libqemustub: sysbus_get_default() stub
>   qdev-properties.c: separate core from the code used only by
> qemu-system-*
>   include qdev code into *-user, too
> 
> Igor Mammedov (1):
>   qom: make CPU a child of DeviceState
> 
>  Makefile|   1 -
>  Makefile.objs   |  23 ++-
>  hw/Makefile.objs|  10 +-
>  hw/qdev-properties-system.c | 352 
> 
>  hw/qdev-properties.c| 321 +---
>  hw/qdev-properties.h|   1 +
>  hw/qdev.c   |  21 +--
>  include/qemu/cpu.h  |   6 +-
>  qom/cpu.c   |   3 +-
>  stubs/Makefile.objs |   3 +
>  stubs/reset.c   |  13 ++
>  stubs/sysbus.c  |   6 +
>  stubs/vmstate.c |  17 +++
>  13 files changed, 428 insertions(+), 349 deletions(-)
>  create mode 100644 hw/qdev-properties-system.c
>  create mode 100644 stubs/reset.c
>  create mode 100644 stubs/sysbus.c
>  create mode 100644 stubs/vmstate.c
> 


-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [RFC 1/8] move -I$(SRC_PATH)/include compiler flag to Makefile.objs

[Andreas Färber]

Am 04.12.2012 14:19, schrieb Eduardo Habkost:
> The flag is necessary for code that doesn't use the variables from
> Makefile (but use Makefile.objs), like libcacard/ and stubs/.
> 
> Signed-off-by: Eduardo Habkost 

I don't quite understand the rationale of this patch.
libcacard/ and stubs/ shouldn't need vl.o, do they? The CFLAGS move
makes more sense to me.

Paolo, can you take a look please?

Thanks,
Andreas

> ---
>  Makefile  |  1 -
>  Makefile.objs | 15 +--
>  2 files changed, 9 insertions(+), 7 deletions(-)
> 
> diff --git a/Makefile b/Makefile
> index 9ecbcbb..739d9cd 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -145,7 +145,6 @@ audio/audio.o audio/fmodaudio.o: QEMU_CFLAGS += 
> $(FMOD_CFLAGS)
>  
>  QEMU_CFLAGS+=$(CURL_CFLAGS)
>  
> -QEMU_CFLAGS += -I$(SRC_PATH)/include
>  
>  ui/cocoa.o: ui/cocoa.m
>  
> diff --git a/Makefile.objs b/Makefile.objs
> index 3c7abca..0a0a33a 100644
> --- a/Makefile.objs
> +++ b/Makefile.objs
> @@ -1,4 +1,13 @@
>  ###
> +# general compiler flags
> +
> +QEMU_CFLAGS += $(GLIB_CFLAGS)
> +QEMU_CFLAGS += -I$(SRC_PATH)/include
> +
> +vl.o: QEMU_CFLAGS+=$(GPROF_CFLAGS)
> +vl.o: QEMU_CFLAGS+=$(SDL_CFLAGS)
> +
> +###
>  # Stub library, linked in tools
>  stub-obj-y = stubs/
>  
> @@ -236,12 +245,6 @@ universal-obj-y += $(qapi-obj-y)
>  qga-obj-y = qga/ qemu-ga.o module.o qemu-tool.o
>  qga-obj-$(CONFIG_POSIX) += qemu-sockets.o qemu-option.o
>  
> -vl.o: QEMU_CFLAGS+=$(GPROF_CFLAGS)
> -
> -vl.o: QEMU_CFLAGS+=$(SDL_CFLAGS)
> -
> -QEMU_CFLAGS+=$(GLIB_CFLAGS)
> -
>  nested-vars += \
>   stub-obj-y \
>   qga-obj-y \

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PULL 00/18] acpi: switch to memory api

[Gerd Hoffmann]

On 12/04/12 16:57, Andreas Färber wrote:
> Hi Gerd,
> 
> Am 04.12.2012 14:04, schrieb Gerd Hoffmann:
>>   Hi,
>>
>> Same patches as posted last week.  No review comments, 1.4 tree
>> open, so it should be ready to go in now.
> 
> That's not quite true - you ignored my review comment wrt MemoryRegion
> placement (and I left it to you to look for further instances). Can you
> please fix that up on your branch or as follow-up?

You mean that empty line after parent_object?  I can send a followup for
that one.

Why it is important btw?  Just style?  Some parser tool?  Can we make
checkpatch.pl check this?

> Did you see any overlap with Julien's series or can I post my PULL in
> parallel?

Given that you kicked out the acpi changes due to q35 merge conflicts it
should work in parallel as my series touches acpi only.  Havn't actually
tried to merge though.

A small followup is needed once both are in: replace get_system_io()
with the new isa_address_space() in the acpi code.

cheers,
  Gerd

Re: [Qemu-devel] [RFC 2/8] qdev: qdev_create(): use error_report() instead of hw_error()

[Andreas Färber]

Am 04.12.2012 14:19, schrieb Eduardo Habkost:
> hw_error() is specific for fatal hardware emulation errors, not for
> internal errors related to the qdev object/class abstraction or object
> initialization.
> 
> Replace it with an error_report() call, followed by abort().
> 
> This will also help reduce dependencies of the qdev code (as hw_error()
> is from cpus.o, and depends on the CPU list from exec.o).
> 
> Signed-off-by: Eduardo Habkost 

This was already posted as a PATCH and I thought I had acked it ...
seems I didn't, so I re-checked cpus.c:hw_error() to abort() as well:

Acked-by: Andreas Färber 

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH 18/24] qdev: qdev_create(): use error_report() instead of hw_error()

[Andreas Färber]

Am 09.11.2012 15:56, schrieb Eduardo Habkost:
> hw_error() is specific for fatal hardware emulation errors, not for
> internal errors related to the qdev object/class abstraction or object
> initialization.
> 
> Replace it with an error_report() call, followed by abort().
> 
> This will also help reduce dependencies of the qdev code (as hw_error()
> is from cpus.o, and depends on the CPU list from exec.o).
> 
> Signed-off-by: Eduardo Habkost 

Thanks, applied to qom-cpu:
https://github.com/afaerber/qemu-cpu/commits/qom-cpu

Andreas

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

[Qemu-devel] [PATCH 1/6] isa: Add isa_address_space_io()

[Andreas Färber]

From: Julien Grall 

This function permits to retrieve ISA IO address space.
It will be usefull when we need to pass IO address space as argument.

Signed-off-by: Julien Grall 
Acked-by: Avi Kivity 
Signed-off-by: Andreas Färber 
---
 hw/isa-bus.c |9 +
 hw/isa.h |1 +
 2 Dateien geändert, 10 Zeilen hinzugefügt(+)

diff --git a/hw/isa-bus.c b/hw/isa-bus.c
index 685fdc0..144a88e 100644
--- a/hw/isa-bus.c
+++ b/hw/isa-bus.c
@@ -264,4 +264,13 @@ MemoryRegion *isa_address_space(ISADevice *dev)
 return get_system_memory();
 }
 
+MemoryRegion *isa_address_space_io(ISADevice *dev)
+{
+if (dev) {
+return isa_bus_from_device(dev)->address_space_io;
+}
+
+return isabus->address_space_io;
+}
+
 type_init(isabus_register_types)
diff --git a/hw/isa.h b/hw/isa.h
index f9382e8..9d719fa 100644
--- a/hw/isa.h
+++ b/hw/isa.h
@@ -43,6 +43,7 @@ void isa_bus_irqs(ISABus *bus, qemu_irq *irqs);
 qemu_irq isa_get_irq(ISADevice *dev, int isairq);
 void isa_init_irq(ISADevice *dev, qemu_irq *p, int isairq);
 MemoryRegion *isa_address_space(ISADevice *dev);
+MemoryRegion *isa_address_space_io(ISADevice *dev);
 ISADevice *isa_create(ISABus *bus, const char *name);
 ISADevice *isa_try_create(ISABus *bus, const char *name);
 ISADevice *isa_create_simple(ISABus *bus, const char *name);
-- 
1.7.10.4

[Qemu-devel] [PATCH 2/6] hw/apm.c: Replace register_ioport_*

[Andreas Färber]

From: Julien Grall 

Replace all register_ioport_*() with a MemoryRegion.
This permits to use the new Memory stuff like listeners.

Moreover, the PCI device is added as an argument for apm_init(),
so we can register IO inside the PCI IO address space.

Signed-off-by: Julien Grall 
Acked-by: Avi Kivity 
[AF: Rebased onto hwaddr and q35]
Signed-off-by: Andreas Färber 
---
 hw/acpi_piix4.c |2 +-
 hw/apm.c|   23 ++-
 hw/apm.h|5 -
 hw/lpc_ich9.c   |2 +-
 hw/vt82c686.c   |2 +-
 5 Dateien geändert, 25 Zeilen hinzugefügt(+), 9 Zeilen entfernt(-)

diff --git a/hw/acpi_piix4.c b/hw/acpi_piix4.c
index 519269a..dbddde1 100644
--- a/hw/acpi_piix4.c
+++ b/hw/acpi_piix4.c
@@ -438,7 +438,7 @@ static int piix4_pm_initfn(PCIDevice *dev)
 pci_conf[0x3d] = 0x01; // interrupt pin 1
 
 /* APM */
-apm_init(&s->apm, apm_ctrl_changed, s);
+apm_init(dev, &s->apm, apm_ctrl_changed, s);
 
 register_ioport_write(ACPI_DBG_IO_ADDR, 4, 4, acpi_dbg_writel, s);
 
diff --git a/hw/apm.c b/hw/apm.c
index 2aead52..e988ad9 100644
--- a/hw/apm.c
+++ b/hw/apm.c
@@ -22,6 +22,7 @@
 
 #include "apm.h"
 #include "hw.h"
+#include "pci.h"
 
 //#define DEBUG
 
@@ -35,7 +36,8 @@
 #define APM_CNT_IOPORT  0xb2
 #define APM_STS_IOPORT  0xb3
 
-static void apm_ioport_writeb(void *opaque, uint32_t addr, uint32_t val)
+static void apm_ioport_writeb(void *opaque, hwaddr addr, uint64_t val,
+  unsigned size)
 {
 APMState *apm = opaque;
 addr &= 1;
@@ -51,7 +53,7 @@ static void apm_ioport_writeb(void *opaque, uint32_t addr, 
uint32_t val)
 }
 }
 
-static uint32_t apm_ioport_readb(void *opaque, uint32_t addr)
+static uint64_t apm_ioport_readb(void *opaque, hwaddr addr, unsigned size)
 {
 APMState *apm = opaque;
 uint32_t val;
@@ -78,12 +80,23 @@ const VMStateDescription vmstate_apm = {
 }
 };
 
-void apm_init(APMState *apm, apm_ctrl_changed_t callback, void *arg)
+static const MemoryRegionOps apm_ops = {
+.read = apm_ioport_readb,
+.write = apm_ioport_writeb,
+.impl = {
+.min_access_size = 1,
+.max_access_size = 1,
+},
+};
+
+void apm_init(PCIDevice *dev, APMState *apm, apm_ctrl_changed_t callback,
+  void *arg)
 {
 apm->callback = callback;
 apm->arg = arg;
 
 /* ioport 0xb2, 0xb3 */
-register_ioport_write(APM_CNT_IOPORT, 2, 1, apm_ioport_writeb, apm);
-register_ioport_read(APM_CNT_IOPORT, 2, 1, apm_ioport_readb, apm);
+memory_region_init_io(&apm->io, &apm_ops, apm, "apm-io", 2);
+memory_region_add_subregion(pci_address_space_io(dev), APM_CNT_IOPORT,
+&apm->io);
 }
diff --git a/hw/apm.h b/hw/apm.h
index f7c741e..5431b6d 100644
--- a/hw/apm.h
+++ b/hw/apm.h
@@ -4,6 +4,7 @@
 #include 
 #include "qemu-common.h"
 #include "hw.h"
+#include "memory.h"
 
 typedef void (*apm_ctrl_changed_t)(uint32_t val, void *arg);
 
@@ -13,9 +14,11 @@ typedef struct APMState {
 
 apm_ctrl_changed_t callback;
 void *arg;
+MemoryRegion io;
 } APMState;
 
-void apm_init(APMState *s, apm_ctrl_changed_t callback, void *arg);
+void apm_init(PCIDevice *dev, APMState *s, apm_ctrl_changed_t callback,
+  void *arg);
 
 extern const VMStateDescription vmstate_apm;
 
diff --git a/hw/lpc_ich9.c b/hw/lpc_ich9.c
index 2fc83a4..7de5427 100644
--- a/hw/lpc_ich9.c
+++ b/hw/lpc_ich9.c
@@ -472,7 +472,7 @@ static int ich9_lpc_initfn(PCIDevice *d)
 lpc->isa_bus = isa_bus;
 
 ich9_cc_init(lpc);
-apm_init(&lpc->apm, ich9_apm_ctrl_changed, lpc);
+apm_init(d, &lpc->apm, ich9_apm_ctrl_changed, lpc);
 return 0;
 }
 
diff --git a/hw/vt82c686.c b/hw/vt82c686.c
index 5d7c00c..7f11dbe 100644
--- a/hw/vt82c686.c
+++ b/hw/vt82c686.c
@@ -427,7 +427,7 @@ static int vt82c686b_pm_initfn(PCIDevice *dev)
 register_ioport_write(s->smb_io_base, 0xf, 1, smb_ioport_writeb, &s->smb);
 register_ioport_read(s->smb_io_base, 0xf, 1, smb_ioport_readb, &s->smb);
 
-apm_init(&s->apm, NULL, s);
+apm_init(dev, &s->apm, NULL, s);
 
 acpi_pm_tmr_init(&s->ar, pm_tmr_timer);
 acpi_pm1_cnt_init(&s->ar);
-- 
1.7.10.4

[Qemu-devel] [PATCH 3/6] hw/cirrus_vga.c: Replace register_ioport_*

[Andreas Färber]

From: Julien Grall 

Replace all register_ioport_*() with the new Memory API.
This permits to use the new Memory stuff like listeners.

Signed-off-by: Julien Grall 
Acked-by: Avi Kivity 
[AF: Rebased onto hwaddr]
Signed-off-by: Andreas Färber 
---
 hw/cirrus_vga.c |   48 
 1 Datei geändert, 28 Zeilen hinzugefügt(+), 20 Zeilen entfernt(-)

diff --git a/hw/cirrus_vga.c b/hw/cirrus_vga.c
index 9bef96e..40efa8a 100644
--- a/hw/cirrus_vga.c
+++ b/hw/cirrus_vga.c
@@ -197,6 +197,7 @@ typedef void (*cirrus_fill_t)(struct CirrusVGAState *s,
 typedef struct CirrusVGAState {
 VGACommonState vga;
 
+MemoryRegion cirrus_vga_io;
 MemoryRegion cirrus_linear_io;
 MemoryRegion cirrus_linear_bitblt_io;
 MemoryRegion cirrus_mmio_io;
@@ -2432,13 +2433,15 @@ static void cirrus_update_memory_access(CirrusVGAState 
*s)
 
 /* I/O ports */
 
-static uint32_t cirrus_vga_ioport_read(void *opaque, uint32_t addr)
+static uint64_t cirrus_vga_ioport_read(void *opaque, hwaddr addr,
+   unsigned size)
 {
 CirrusVGAState *c = opaque;
 VGACommonState *s = &c->vga;
 int val, index;
 
 qemu_flush_coalesced_mmio_buffer();
+addr += 0x3b0;
 
 if (vga_ioport_invalid(s, addr)) {
val = 0xff;
@@ -2527,13 +2530,15 @@ static uint32_t cirrus_vga_ioport_read(void *opaque, 
uint32_t addr)
 return val;
 }
 
-static void cirrus_vga_ioport_write(void *opaque, uint32_t addr, uint32_t val)
+static void cirrus_vga_ioport_write(void *opaque, hwaddr addr, uint64_t val,
+unsigned size)
 {
 CirrusVGAState *c = opaque;
 VGACommonState *s = &c->vga;
 int index;
 
 qemu_flush_coalesced_mmio_buffer();
+addr += 0x3b0;
 
 /* check port range access depending on color/monochrome mode */
 if (vga_ioport_invalid(s, addr)) {
@@ -2646,7 +2651,7 @@ static uint64_t cirrus_mmio_read(void *opaque, hwaddr 
addr,
 if (addr >= 0x100) {
 return cirrus_mmio_blt_read(s, addr - 0x100);
 } else {
-return cirrus_vga_ioport_read(s, addr + 0x3c0);
+return cirrus_vga_ioport_read(s, addr + 0x10, size);
 }
 }
 
@@ -2658,7 +2663,7 @@ static void cirrus_mmio_write(void *opaque, hwaddr addr,
 if (addr >= 0x100) {
cirrus_mmio_blt_write(s, addr - 0x100, val);
 } else {
-cirrus_vga_ioport_write(s, addr + 0x3c0, val);
+cirrus_vga_ioport_write(s, addr + 0x10, val, size);
 }
 }
 
@@ -2784,8 +2789,19 @@ static const MemoryRegionOps cirrus_linear_io_ops = {
 },
 };
 
+static const MemoryRegionOps cirrus_vga_io_ops = {
+.read = cirrus_vga_ioport_read,
+.write = cirrus_vga_ioport_write,
+.endianness = DEVICE_LITTLE_ENDIAN,
+.impl = {
+.min_access_size = 1,
+.max_access_size = 1,
+},
+};
+
 static void cirrus_init_common(CirrusVGAState * s, int device_id, int is_pci,
-   MemoryRegion *system_memory)
+   MemoryRegion *system_memory,
+   MemoryRegion *system_io)
 {
 int i;
 static int inited;
@@ -2817,19 +2833,10 @@ static void cirrus_init_common(CirrusVGAState * s, int 
device_id, int is_pci,
 s->bustype = CIRRUS_BUSTYPE_ISA;
 }
 
-register_ioport_write(0x3c0, 16, 1, cirrus_vga_ioport_write, s);
-
-register_ioport_write(0x3b4, 2, 1, cirrus_vga_ioport_write, s);
-register_ioport_write(0x3d4, 2, 1, cirrus_vga_ioport_write, s);
-register_ioport_write(0x3ba, 1, 1, cirrus_vga_ioport_write, s);
-register_ioport_write(0x3da, 1, 1, cirrus_vga_ioport_write, s);
-
-register_ioport_read(0x3c0, 16, 1, cirrus_vga_ioport_read, s);
-
-register_ioport_read(0x3b4, 2, 1, cirrus_vga_ioport_read, s);
-register_ioport_read(0x3d4, 2, 1, cirrus_vga_ioport_read, s);
-register_ioport_read(0x3ba, 1, 1, cirrus_vga_ioport_read, s);
-register_ioport_read(0x3da, 1, 1, cirrus_vga_ioport_read, s);
+/* Register ioport 0x3b0 - 0x3df */
+memory_region_init_io(&s->cirrus_vga_io, &cirrus_vga_io_ops, s,
+  "cirrus-io", 0x30);
+memory_region_add_subregion(system_io, 0x3b0, &s->cirrus_vga_io);
 
 memory_region_init(&s->low_mem_container,
"cirrus-lowmem-container",
@@ -2900,7 +2907,7 @@ static int vga_initfn(ISADevice *dev)
 
 vga_common_init(s);
 cirrus_init_common(&d->cirrus_vga, CIRRUS_ID_CLGD5430, 0,
-   isa_address_space(dev));
+   isa_address_space(dev), isa_address_space_io(dev));
 s->ds = graphic_console_init(s->update, s->invalidate,
  s->screen_dump, s->text_update,
  s);
@@ -2948,7 +2955,8 @@ static int pci_cirrus_vga_initfn(PCIDevice *dev)
 
  /* setup VGA */
  vga_common_init(&s->vga);
- cirrus_init_common(s, device_id, 1, pci_address_space(dev));
+ cirrus_init_common(s, device_id, 1, pc

[Qemu-devel] [PATCH 6/6] hw/dma.c: Replace register_ioport_*

[Andreas Färber]

From: Julien Grall 

Replace all register_ioport_*() with the new Memory API functions.
This permits to use the new Memory stuff like listeners.

Signed-off-by: Julien Grall 
Acked-by: Avi Kivity 
[AF: Rebased onto hwaddr]
Signed-off-by: Andreas Färber 
---
 hw/dma.c |  106 +-
 1 Datei geändert, 70 Zeilen hinzugefügt(+), 36 Zeilen entfernt(-)

diff --git a/hw/dma.c b/hw/dma.c
index d6aeac2..c2d7b21 100644
--- a/hw/dma.c
+++ b/hw/dma.c
@@ -58,6 +58,8 @@ static struct dma_cont {
 int dshift;
 struct dma_regs regs[4];
 qemu_irq *cpu_request_exit;
+MemoryRegion channel_io;
+MemoryRegion cont_io;
 } dma_controllers[2];
 
 enum {
@@ -149,7 +151,7 @@ static inline int getff (struct dma_cont *d)
 return ff;
 }
 
-static uint32_t read_chan (void *opaque, uint32_t nport)
+static uint64_t read_chan(void *opaque, hwaddr nport, unsigned size)
 {
 struct dma_cont *d = opaque;
 int ichan, nreg, iport, ff, val, dir;
@@ -171,7 +173,8 @@ static uint32_t read_chan (void *opaque, uint32_t nport)
 return (val >> (d->dshift + (ff << 3))) & 0xff;
 }
 
-static void write_chan (void *opaque, uint32_t nport, uint32_t data)
+static void write_chan(void *opaque, hwaddr nport, uint64_t data,
+   unsigned size)
 {
 struct dma_cont *d = opaque;
 int iport, ichan, nreg;
@@ -189,22 +192,23 @@ static void write_chan (void *opaque, uint32_t nport, 
uint32_t data)
 }
 }
 
-static void write_cont (void *opaque, uint32_t nport, uint32_t data)
+static void write_cont(void *opaque, hwaddr nport, uint64_t data,
+   unsigned size)
 {
 struct dma_cont *d = opaque;
 int iport, ichan = 0;
 
 iport = (nport >> d->dshift) & 0x0f;
 switch (iport) {
-case 0x08:  /* command */
+case 0x01:  /* command */
 if ((data != 0) && (data & CMD_NOT_SUPPORTED)) {
-dolog ("command %#x not supported\n", data);
+dolog("command %"PRIx64" not supported\n", data);
 return;
 }
 d->command = data;
 break;
 
-case 0x09:
+case 0x02:
 ichan = data & 3;
 if (data & 4) {
 d->status |= 1 << (ichan + 4);
@@ -216,7 +220,7 @@ static void write_cont (void *opaque, uint32_t nport, 
uint32_t data)
 DMA_run();
 break;
 
-case 0x0a:  /* single mask */
+case 0x03:  /* single mask */
 if (data & 4)
 d->mask |= 1 << (data & 3);
 else
@@ -224,7 +228,7 @@ static void write_cont (void *opaque, uint32_t nport, 
uint32_t data)
 DMA_run();
 break;
 
-case 0x0b:  /* mode */
+case 0x04:  /* mode */
 {
 ichan = data & 3;
 #ifdef DEBUG_DMA
@@ -243,23 +247,23 @@ static void write_cont (void *opaque, uint32_t nport, 
uint32_t data)
 break;
 }
 
-case 0x0c:  /* clear flip flop */
+case 0x05:  /* clear flip flop */
 d->flip_flop = 0;
 break;
 
-case 0x0d:  /* reset */
+case 0x06:  /* reset */
 d->flip_flop = 0;
 d->mask = ~0;
 d->status = 0;
 d->command = 0;
 break;
 
-case 0x0e:  /* clear mask for all channels */
+case 0x07:  /* clear mask for all channels */
 d->mask = 0;
 DMA_run();
 break;
 
-case 0x0f:  /* write mask for all channels */
+case 0x08:  /* write mask for all channels */
 d->mask = data;
 DMA_run();
 break;
@@ -277,7 +281,7 @@ static void write_cont (void *opaque, uint32_t nport, 
uint32_t data)
 #endif
 }
 
-static uint32_t read_cont (void *opaque, uint32_t nport)
+static uint64_t read_cont(void *opaque, hwaddr nport, unsigned size)
 {
 struct dma_cont *d = opaque;
 int iport, val;
@@ -463,7 +467,7 @@ void DMA_schedule(int nchan)
 static void dma_reset(void *opaque)
 {
 struct dma_cont *d = opaque;
-write_cont (d, (0x0d << d->dshift), 0);
+write_cont(d, (0x06 << d->dshift), 0, 1);
 }
 
 static int dma_phony_handler (void *opaque, int nchan, int dma_pos, int 
dma_len)
@@ -473,38 +477,68 @@ static int dma_phony_handler (void *opaque, int nchan, 
int dma_pos, int dma_len)
 return dma_pos;
 }
 
+
+static const MemoryRegionOps channel_io_ops = {
+.read = read_chan,
+.write = write_chan,
+.endianness = DEVICE_NATIVE_ENDIAN,
+.impl = {
+.min_access_size = 1,
+.max_access_size = 1,
+},
+};
+
+/* IOport from page_base */
+static const MemoryRegionPortio page_portio_list[] = {
+{ 0x01, 3, 1, .write = write_page, .read = read_page, },
+{ 0x07, 1, 1, .write = write_page, .read = read_page, },
+PORTIO_END_OF_LIST(),
+};
+
+/* IOport from pageh_base */
+static const MemoryRegionPortio pageh_p

Re: [Qemu-devel] [PATCH v2] HACKING: List areas where we may rely on impdef C behaviour

[Peter Maydell]

Ping! now that 1.4 is open. patchwork url
  http://patchwork.ozlabs.org/patch/195783/

-- PMM

On 31 October 2012 09:30, Peter Maydell  wrote:
> Add a section to HACKING saying which version of the C spec
> we use and describing the bits of implementation defined C
> compiler behaviour which C code in QEMU is allowed to rely on.
>
> Signed-off-by: Peter Maydell 
> ---
>  HACKING | 20 
>  1 file changed, 20 insertions(+)
>
> diff --git a/HACKING b/HACKING
> index 89a6b3a..6654d33 100644
> --- a/HACKING
> +++ b/HACKING
> @@ -123,3 +123,23 @@ gcc's printf attribute directive in the prototype.
>  This makes it so gcc's -Wformat and -Wformat-security options can do
>  their jobs and cross-check format strings with the number and types
>  of arguments.
> +
> +6. C standard, implementation defined and undefined behaviors
> +
> +C code in QEMU should be written to the C99 language specification. A copy
> +of the final version of the C99 standard with corrigenda TC1, TC2, and TC3
> +included, formatted as a draft, can be downloaded from:
> + http://www.open-std.org/jtc1/sc22/WG14/www/docs/n1256.pdf
> +
> +The C language specification defines regions of undefined behavior and
> +implementation defined behavior (to give compiler authors enough leeway to
> +produce better code).  In general, code in QEMU should follow the language
> +specification and avoid both undefined and implementation defined
> +constructs. ("It works fine on the gcc I tested it with" is not a valid
> +argument...) However there are a few areas where we allow ourselves to
> +assume certain behaviors because in practice all the platforms we care about
> +behave in the same way and writing strictly conformant code would be
> +painful. These are:
> + * you may assume that integers are 2s complement representation
> + * you may assume that right shift of a signed integer duplicates
> +   the sign bit (ie it is an arithmetic shift, not a logical shift)
> --
> 1.7.11.4
>
>

Re: [Qemu-devel] [PATCH v6 2/2] qemu-ga: sample fsfreeze hooks

[Luiz Capitulino]

On Fri, 30 Nov 2012 22:33:57 +0900
Tomoki Sekiyama  wrote:

> Adds sample hook scripts for --fsfreeze-hook option of qemu-ga.
>   - fsfreeze-hook : execute scripts in fsfreeze-hook.d/
>   - fsfreeze-hook.d.sample/mysql-flush.sh : quiesce MySQL before snapshot
> 
> Signed-off-by: Tomoki Sekiyama 
> ---
>  docs/qemu-guest-agent/fsfreeze-hook|   33 
>  .../fsfreeze-hook.d.sample/mysql-flush.sh  |   55 
> 
>  2 files changed, 88 insertions(+)
>  create mode 100755 docs/qemu-guest-agent/fsfreeze-hook
>  create mode 100755 
> docs/qemu-guest-agent/fsfreeze-hook.d.sample/mysql-flush.sh
> 
> diff --git a/docs/qemu-guest-agent/fsfreeze-hook 
> b/docs/qemu-guest-agent/fsfreeze-hook
> new file mode 100755
> index 000..ed7d86d
> --- /dev/null
> +++ b/docs/qemu-guest-agent/fsfreeze-hook
> @@ -0,0 +1,33 @@
> +#!/bin/sh
> +
> +# This script is executed when a guest agent receives fsfreeze-freeze and
> +# fsfreeze-thaw command, if it is specified in --fsfreeze-hook (-F)
> +# option of qemu-ga or placed in default path (/etc/qemu/fsfreeze-hook).
> +# When the agent receives fsfreeze-freeze request, this script is issued with
> +# "freeze" argument before the filesystem is freezed. And for fsfreeze-thaw
> +# request, it is issued with "thaw" argument after filesystem is thawed.
> +
> +LOGFILE=/var/log/qga-fsfreeze-hook.log
> +FSFREEZE_D=$(dirname -- "$0")/fsfreeze-hook.d

The script you introduce is called fsfreeze-hook.d.sample. If it's expected
that people really use these two scripts (vs. doc purposes only) I suggest
the following:

 1. Move these files to scripts/
 2. Drop the .sample suffix

> +
> +# Check whether file $1 is a backup or rpm-generated file and should be 
> ignored
> +is_ignored_file() {
> +case "$1" in
> +*~ | *.bak | *.orig | *.rpmnew | *.rpmorig | *.rpmsave)
> +return 0 ;;
> +esac
> +return 1
> +}
> +
> +# Iterate executables in directory "fsfreeze-hook.d" with the specified args
> +[ ! -d "$FSFREEZE_D" ] && exit 1
> +for file in "$FSFREEZE_D"/* ; do
> +is_ignored_file "$file" && continue
> +[ -x "$file" ] || continue
> +echo "$(date): execute $file $@" >>$LOGFILE
> +"$file" "$@" >>$LOGFILE 2>&1
> +STATUS=$?
> +echo "$(date): $file finished with status=$STATUS" >>$LOGFILE
> +done
> +
> +exit 0
> diff --git a/docs/qemu-guest-agent/fsfreeze-hook.d.sample/mysql-flush.sh 
> b/docs/qemu-guest-agent/fsfreeze-hook.d.sample/mysql-flush.sh
> new file mode 100755
> index 000..611215e
> --- /dev/null
> +++ b/docs/qemu-guest-agent/fsfreeze-hook.d.sample/mysql-flush.sh
> @@ -0,0 +1,55 @@
> +#!/bin/sh
> +
> +# Flush MySQL tables to the disk before the filesystem is freezed.
> +# At the same time, this keeps a read lock while the filesystem is freezed
> +# in order to avoid write accesses by the other clients.
> +
> +MYSQL="/usr/bin/mysql"
> +MYSQL_OPTS="-uroot" #"-prootpassword"
> +FIFO=/tmp/mysql-flush.fifo
> +MYSQL_CMD="$MYSQL $MYSQL_OPTS"
> +
> +# Check mysql is installed and the server running
> +[ -x $MYSQL ] && $MYSQL_CMD < /dev/null || exit 0
> +
> +flush_and_wait() {
> +printf "FLUSH TABLES WITH READ LOCK \\G\n"
> +read < $FIFO
> +printf "UNLOCK TABLES \\G\n"
> +}
> +
> +case "$1" in
> +freeze)
> +mkfifo $FIFO || exit 1
> +flush_and_wait | $MYSQL_CMD &
> +# wait until every block is flushed
> +while [ "$(echo 'SHOW STATUS LIKE "Key_blocks_not_flushed"' |\
> + $MYSQL_CMD | tail -1 | cut -f 2)" -gt 0 ]; do
> +sleep 1
> +done
> +# for InnoDB, wait until every log is flushed
> +INNODB_STATUS=$(mktemp /tmp/mysql-flush.XX)
> +[ $? -ne 0 ] && exit 2
> +trap "rm -f $INNODB_STATUS" SIGINT
> +while :; do
> +printf "SHOW ENGINE INNODB STATUS \\G" | $MYSQL_CMD > 
> $INNODB_STATUS
> +LOG_CURRENT=$(grep 'Log sequence number' $INNODB_STATUS |\
> +  tr -s ' ' | cut -d' ' -f4)
> +LOG_FLUSHED=$(grep 'Log flushed up to' $INNODB_STATUS |\
> +  tr -s ' ' | cut -d' ' -f5)
> +[ "$LOG_CURRENT" = "$LOG_FLUSHED" ] && break
> +sleep 1
> +done
> +rm -f $INNODB_STATUS
> +;;
> +
> +thaw)
> +[ ! -p $FIFO ] && exit 1
> +echo > $FIFO
> +rm -f $FIFO
> +;;
> +
> +*)
> +exit 1
> +;;
> +esac
> 

Re: [Qemu-devel] [PATCH v6 0/2] qemu-ga: add hook to quiesce the guest on fsfreeze-freeze/thaw

[Luiz Capitulino]

On Fri, 30 Nov 2012 22:33:49 +0900
Tomoki Sekiyama  wrote:

> Hi,
> 
> This is version 6 of the qemu-ga fsfreeze hook patchset.

Made two small comments, otherwise series looks good to me now.

Re: [Qemu-devel] [PULL for-1.3 0/3] seabios: q35 update

[Gerd Hoffmann]

  Hi,

> The complete definition for the HPET on my MacPro5,1 is below; along
> with the 0xFED0 value gleaned from the previous SeaBIOS version of
> _CRS, I came up with the above. Hopefully it works for WinXP too...

> Device (HPET) {
> Name (_HID, EisaId ("PNP0103"))
> Name (BUF0, ResourceTemplate () {
> IRQNoFlags ()
> {0}
> IRQNoFlags ()
> {8}
> Memory32Fixed (ReadOnly,
> 0xFED0, // Address Base
> 0x0010, // Address Length
> _Y09)
> })
> Method (_STA, 0, NotSerialized) {
> If (LGreaterEqual (OSYS, 0x07D1)) {
> If (HPAE) {
> Return (0x0F)
> }
> } Else {
> If (HPAE) {
> Return (0x0B)
> }
> }
> Return (0x00)
> }
> Method (_CRS, 0, Serialized) {
> If (HPAE) {
> CreateDWordField (BUF0, \_SB.PCI0.LPCB.HPET._Y09._BAS,   HPT0)
> If (LEqual (HPAS, 0x01)) {
> Store (0xFED1, HPT0)
> }
> If (LEqual (HPAS, 0x02)) {
> Store (0xFED2, HPT0)
> }
> If (LEqual (HPAS, 0x03)) {
> Store (0xFED3, HPT0)
> }
> }
> Return (BUF0)
> }
> }

Ok, and how does the RTC look like on your MacPro?

thanks,
  Gerd

Re: [Qemu-devel] [PATCH 0/2] tests: avoid aio_flush() in test cases

[Paolo Bonzini]

Il 04/12/2012 16:12, Stefan Hajnoczi ha scritto:
> There is a patch to drop aio_flush().  Most callers shouldn't use that
> interface.  It turns out that the aio and thread pool test cases *do* need
> low-level flush functionality so they can test the aio code.
> 
> Convert test-aio.c and test-thread-pool.c to use replacements for
> qemu_aio_flush() and aio_flush().
> 
> Stefan Hajnoczi (2):
>   tests: use aio_poll() instead of aio_flush() in test-aio.c
>   tests: avoid qemu_aio_flush() in test-thread-pool.c
> 
>  tests/test-aio.c | 31 +++
>  tests/test-thread-pool.c | 20 ++--
>  2 files changed, 29 insertions(+), 22 deletions(-)
> 

Looks good.

Paolo

Re: [Qemu-devel] [PATCH] configure: allow disabling pixman if not needed

[Peter Maydell]

On 4 December 2012 15:58, Robert Schiele  wrote:
> diff --git a/target-unicore32/helper.c b/target-unicore32/helper.c
> index a9e226b..3e0df33 100644
> --- a/target-unicore32/helper.c
> +++ b/target-unicore32/helper.c
> @@ -13,7 +13,9 @@
>  #include "gdbstub.h"
>  #include "helper.h"
>  #include "host-utils.h"
> +#ifndef CONFIG_USER_ONLY
>  #include "console.h"
> +#endif

I said at the time that target-* including console.h
was broken; and look, now we wind up with ugliness here.

-- PMM

[Qemu-devel] [PATCH 5/6] hw/pc.c: Replace register_ioport_*

[Andreas Färber]

From: Julien Grall 

Replace all register_ioport_*() with portio_*() or a MemoryRegion.
This permits to use the new Memory stuff like listeners.

Signed-off-by: Julien Grall 
Acked-by: Avi Kivity 
[AF: Rebased onto hwaddr]
Signed-off-by: Andreas Färber 
---
 hw/pc.c |   49 -
 1 Datei geändert, 40 Zeilen hinzugefügt(+), 9 Zeilen entfernt(-)

diff --git a/hw/pc.c b/hw/pc.c
index 2b5bbbf..b11e7c4 100644
--- a/hw/pc.c
+++ b/hw/pc.c
@@ -98,7 +98,8 @@ void gsi_handler(void *opaque, int n, int level)
 qemu_set_irq(s->ioapic_irq[n], level);
 }
 
-static void ioport80_write(void *opaque, uint32_t addr, uint32_t data)
+static void ioport80_write(void *opaque, hwaddr addr, uint64_t data,
+   unsigned size)
 {
 }
 
@@ -116,7 +117,8 @@ void cpu_set_ferr(CPUX86State *s)
 qemu_irq_raise(ferr_irq);
 }
 
-static void ioportF0_write(void *opaque, uint32_t addr, uint32_t data)
+static void ioportF0_write(void *opaque, hwaddr addr, uint64_t data,
+   unsigned size)
 {
 qemu_irq_lower(ferr_irq);
 }
@@ -567,6 +569,14 @@ int e820_add_entry(uint64_t address, uint64_t length, 
uint32_t type)
 return index;
 }
 
+static const MemoryRegionPortio bochs_bios_portio_list[] = {
+{ 0x500, 1, 1, .write = bochs_bios_write, }, /* 0x500 */
+{ 0x501, 1, 1, .write = bochs_bios_write, }, /* 0x501 */
+{ 0x501, 2, 2, .write = bochs_bios_write, }, /* 0x501 */
+{ 0x8900, 1, 1, .write = bochs_bios_write, }, /* 0x8900 */
+PORTIO_END_OF_LIST(),
+};
+
 static void *bochs_bios_init(void)
 {
 void *fw_cfg;
@@ -574,12 +584,11 @@ static void *bochs_bios_init(void)
 size_t smbios_len;
 uint64_t *numa_fw_cfg;
 int i, j;
+PortioList *bochs_bios_port_list = g_new(PortioList, 1);
 
-register_ioport_write(0x8900, 1, 1, bochs_bios_write, NULL);
-
-register_ioport_write(0x501, 1, 1, bochs_bios_write, NULL);
-register_ioport_write(0x501, 1, 2, bochs_bios_write, NULL);
-register_ioport_write(0x502, 1, 2, bochs_bios_write, NULL);
+portio_list_init(bochs_bios_port_list, bochs_bios_portio_list,
+ NULL, "bochs-bios");
+portio_list_add(bochs_bios_port_list, get_system_io(), 0x0);
 
 fw_cfg = fw_cfg_init(BIOS_CFG_IOPORT, BIOS_CFG_IOPORT + 1, 0, 0);
 
@@ -967,6 +976,24 @@ static void cpu_request_exit(void *opaque, int irq, int 
level)
 }
 }
 
+static const MemoryRegionOps ioport80_io_ops = {
+.write = ioport80_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
+.impl = {
+.min_access_size = 1,
+.max_access_size = 1,
+},
+};
+
+static const MemoryRegionOps ioportF0_io_ops = {
+.write = ioportF0_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
+.impl = {
+.min_access_size = 1,
+.max_access_size = 1,
+},
+};
+
 void pc_basic_device_init(ISABus *isa_bus, qemu_irq *gsi,
   ISADevice **rtc_state,
   ISADevice **floppy,
@@ -981,10 +1008,14 @@ void pc_basic_device_init(ISABus *isa_bus, qemu_irq *gsi,
 qemu_irq *a20_line;
 ISADevice *i8042, *port92, *vmmouse, *pit = NULL;
 qemu_irq *cpu_exit_irq;
+MemoryRegion *ioport80_io = g_new(MemoryRegion, 1);
+MemoryRegion *ioportF0_io = g_new(MemoryRegion, 1);
 
-register_ioport_write(0x80, 1, 1, ioport80_write, NULL);
+memory_region_init_io(ioport80_io, &ioport80_io_ops, NULL, "ioport80", 1);
+memory_region_add_subregion(isa_bus->address_space_io, 0x80, ioport80_io);
 
-register_ioport_write(0xf0, 1, 1, ioportF0_write, NULL);
+memory_region_init_io(ioportF0_io, &ioportF0_io_ops, NULL, "ioportF0", 1);
+memory_region_add_subregion(isa_bus->address_space_io, 0xf0, ioportF0_io);
 
 /*
  * Check if an HPET shall be created.
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH] xilinx_zynq: Add one variable to avoid overwriting QSPI bus

[Peter Maydell]

On 28 November 2012 09:14, Liming Wang  wrote:
> commit 7b482bcf xilinx_zynq: added QSPI controller
>
> Adds one QSPI controller, which has two spi buses, one is for
> spi0, and another is for spi1. But when initializing the spi1
> bus, "dev" has been overwrited by the ssi_create_slave_no_init() function,
> so that qdev_get_child_bus() returns NULL and the last two m25p80 flashes
> won't be attached to the spi1 bus, but to main-system-bus.
>
> Here we add one variable to avoid overwriting.
>
> Signed-off-by: Liming Wang 

Thanks, applied to arm-devs.next.

-- PMM

Re: [Qemu-devel] [PULL for-1.3 0/3] seabios: q35 update

[Gabriel L. Somlo]

On Tue, Dec 04, 2012 at 05:56:55PM +0100, Gerd Hoffmann wrote:
> Ok, and how does the RTC look like on your MacPro?

Device (RTC)
{
Name (_HID, EisaId ("PNP0B00"))
Name (_CRS, ResourceTemplate ()
{
IO (Decode16,
0x0070, // Range Minimum
0x0070, // Range Maximum
0x01,   // Alignment
0x08,   // Length
)
})
}

[Qemu-devel] [PATCH 4/6] serial: Replace register_ioport_*

[Andreas Färber]

From: Julien Grall 

Replace all register_ioport_*() with a MemoryRegion.
This permits to use the new Memory stuff like listeners.

For more flexibility, the IO address space is passed as an argument.

Signed-off-by: Julien Grall 
Acked-by: Avi Kivity 
[AF: Rebased onto serial split]
Signed-off-by: Andreas Färber 
---
 hw/mips_mipssim.c |3 ++-
 hw/serial.c   |4 ++--
 hw/serial.h   |2 +-
 3 Dateien geändert, 5 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-)

diff --git a/hw/mips_mipssim.c b/hw/mips_mipssim.c
index a95a3c1..20b5f1a 100644
--- a/hw/mips_mipssim.c
+++ b/hw/mips_mipssim.c
@@ -217,7 +217,8 @@ mips_mipssim_init(QEMUMachineInitArgs *args)
 /* A single 16450 sits at offset 0x3f8. It is attached to
MIPS CPU INT2, which is interrupt 4. */
 if (serial_hds[0])
-serial_init(0x3f8, env->irq[4], 115200, serial_hds[0]);
+serial_init(0x3f8, env->irq[4], 115200, serial_hds[0],
+get_system_io());
 
 if (nd_table[0].used)
 /* MIPSnet uses the MIPS CPU INT0, which is interrupt 2. */
diff --git a/hw/serial.c b/hw/serial.c
index 60283ea..07a2a11 100644
--- a/hw/serial.c
+++ b/hw/serial.c
@@ -718,7 +718,7 @@ const MemoryRegionOps serial_io_ops = {
 };
 
 SerialState *serial_init(int base, qemu_irq irq, int baudbase,
- CharDriverState *chr)
+ CharDriverState *chr, MemoryRegion *system_io)
 {
 SerialState *s;
 
@@ -732,7 +732,7 @@ SerialState *serial_init(int base, qemu_irq irq, int 
baudbase,
 vmstate_register(NULL, base, &vmstate_serial, s);
 
 memory_region_init_io(&s->io, &serial_io_ops, s, "serial", 8);
-memory_region_add_subregion(get_system_io(), base, &s->io);
+memory_region_add_subregion(system_io, base, &s->io);
 
 return s;
 }
diff --git a/hw/serial.h b/hw/serial.h
index f1e3c4a..ed1a5cd 100644
--- a/hw/serial.h
+++ b/hw/serial.h
@@ -89,7 +89,7 @@ void serial_set_frequency(SerialState *s, uint32_t frequency);
 
 /* legacy pre qom */
 SerialState *serial_init(int base, qemu_irq irq, int baudbase,
- CharDriverState *chr);
+ CharDriverState *chr, MemoryRegion *system_io);
 SerialState *serial_mm_init(MemoryRegion *address_space,
 hwaddr base, int it_shift,
 qemu_irq irq, int baudbase,
-- 
1.7.10.4

[Qemu-devel] [PULL] Memory API ioport cleanups

[Andreas Färber]

Hello,

As coordinated with Avi and Gerd, here's some ioport conversions to Memory API.

Cc: Avi Kivity 
Cc: Gerd Hoffmann 
Cc: Julien Grall 
Cc: Jason Baron 


The following changes since commit 16c6c80ac3a772b42a87b77dfdf0fdac7c607b0e:

  Open up 1.4 development branch (2012-12-03 14:08:40 -0600)

are available in the git repository at:

  git://github.com/afaerber/qemu-cpu.git memory-ioport

for you to fetch changes up to 582299336879504353e60c7937fbc70fea93f3da:

  hw/dma.c: Replace register_ioport_* (2012-12-04 14:50:22 +0100)


Julien Grall (6):
  isa: Add isa_address_space_io()
  hw/apm.c: Replace register_ioport_*
  hw/cirrus_vga.c: Replace register_ioport_*
  serial: Replace register_ioport_*
  hw/pc.c: Replace register_ioport_*
  hw/dma.c: Replace register_ioport_*

 hw/acpi_piix4.c   |2 +-
 hw/apm.c  |   23 +---
 hw/apm.h  |5 ++-
 hw/cirrus_vga.c   |   48 ++--
 hw/dma.c  |  106 +++--
 hw/isa-bus.c  |9 +
 hw/isa.h  |1 +
 hw/lpc_ich9.c |2 +-
 hw/mips_mipssim.c |3 +-
 hw/pc.c   |   49 -
 hw/serial.c   |4 +-
 hw/serial.h   |2 +-
 hw/vt82c686.c |2 +-
 13 Dateien geändert, 178 Zeilen hinzugefügt(+), 78 Zeilen entfernt(-)

Re: [Qemu-devel] [PATCH v6 1/2] qemu-ga: execute hook to quiesce the guest on fsfreeze-freeze/thaw

[Luiz Capitulino]

On Fri, 30 Nov 2012 22:33:54 +0900
Tomoki Sekiyama  wrote:

> To use the online disk snapshot for online-backup, application-level
> consistency of the snapshot image is required. However, currently the
> guest agent can provide only filesystem-level consistency, and the
> snapshot may contain dirty data, for example, incomplete transactions.
> This patch provides the opportunity to quiesce applications before
> snapshot is taken.
> 
> If --fsfreeze-hook option is specified, the hook is executed with
> "freeze" argument before the filesystem is frozen by fsfreeze-freeze
> command. As for fsfreeze-thaw command, the hook is executed with "thaw"
> argument after the filesystem is thawed.
> 
> This patch depends on patchset to improve error reporting by Luiz Capitulino:
>   http://lists.gnu.org/archive/html/qemu-devel/2012-11/msg03016.html
> 
> Signed-off-by: Tomoki Sekiyama 
> ---
>  qemu-ga.c  |   42 -
>  qga/commands-posix.c   |   70 
> 
>  qga/guest-agent-core.h |1 +
>  3 files changed, 112 insertions(+), 1 deletion(-)
> 
> diff --git a/qemu-ga.c b/qemu-ga.c
> index 9b59a52..53ce462 100644
> --- a/qemu-ga.c
> +++ b/qemu-ga.c
> @@ -34,6 +34,12 @@
>  #include "qga/service-win32.h"
>  #include 
>  #endif
> +#ifdef __linux__
> +#include 
> +#ifdef FIFREEZE
> +#define CONFIG_FSFREEZE
> +#endif
> +#endif
>  
>  #ifndef _WIN32
>  #define QGA_VIRTIO_PATH_DEFAULT "/dev/virtio-ports/org.qemu.guest_agent.0"
> @@ -42,6 +48,9 @@
>  #endif
>  #define QGA_STATEDIR_DEFAULT CONFIG_QEMU_LOCALSTATEDIR "/run"
>  #define QGA_PIDFILE_DEFAULT QGA_STATEDIR_DEFAULT "/qemu-ga.pid"
> +#ifdef CONFIG_FSFREEZE
> +#define QGA_FSFREEZE_HOOK_DEFAULT CONFIG_QEMU_CONFDIR "/fsfreeze-hook"
> +#endif
>  #define QGA_SENTINEL_BYTE 0xFF
>  
>  struct GAState {
> @@ -64,6 +73,9 @@ struct GAState {
>  const char *log_filepath;
>  const char *pid_filepath;
>  } deferred_options;
> +#ifdef CONFIG_FSFREEZE
> +const char *fsfreeze_hook;
> +#endif
>  };
>  
>  struct GAState *ga_state;
> @@ -153,6 +165,10 @@ static void usage(const char *cmd)
>  "%s)\n"
>  "  -l, --logfile set logfile path, logs to stderr by default\n"
>  "  -f, --pidfile specify pidfile (default is %s)\n"
> +#ifdef CONFIG_FSFREEZE
> +"  -F, --fsfreeze-hook\n"
> +"enable fsfreeze hook (default is %s)\n"
> +#endif
>  "  -t, --statedirspecify dir to store state information (absolute 
> paths\n"
>  "only, default is %s)\n"
>  "  -v, --verbose log extra debugging information\n"
> @@ -167,6 +183,9 @@ static void usage(const char *cmd)
>  "\n"
>  "Report bugs to \n"
>  , cmd, QEMU_VERSION, QGA_VIRTIO_PATH_DEFAULT, QGA_PIDFILE_DEFAULT,
> +#ifdef CONFIG_FSFREEZE
> +QGA_FSFREEZE_HOOK_DEFAULT,
> +#endif
>  QGA_STATEDIR_DEFAULT);
>  }
>  
> @@ -401,6 +420,13 @@ void ga_unset_frozen(GAState *s)
>  }
>  }
>  
> +#ifdef CONFIG_FSFREEZE
> +const char *ga_fsfreeze_hook(GAState *s)
> +{
> +return s->fsfreeze_hook;
> +}
> +#endif
> +
>  static void become_daemon(const char *pidfile)
>  {
>  #ifndef _WIN32
> @@ -678,10 +704,13 @@ VOID WINAPI service_main(DWORD argc, TCHAR *argv[])
>  
>  int main(int argc, char **argv)
>  {
> -const char *sopt = "hVvdm:p:l:f:b:s:t:";
> +const char *sopt = "hVvdm:p:l:f:F::b:s:t:";
>  const char *method = NULL, *path = NULL;
>  const char *log_filepath = NULL;
>  const char *pid_filepath = QGA_PIDFILE_DEFAULT;
> +#ifdef CONFIG_FSFREEZE
> +const char *fsfreeze_hook = NULL;
> +#endif
>  const char *state_dir = QGA_STATEDIR_DEFAULT;
>  #ifdef _WIN32
>  const char *service = NULL;
> @@ -691,6 +720,9 @@ int main(int argc, char **argv)
>  { "version", 0, NULL, 'V' },
>  { "logfile", 1, NULL, 'l' },
>  { "pidfile", 1, NULL, 'f' },
> +#ifdef CONFIG_FSFREEZE
> +{ "fsfreeze-hook", 2, NULL, 'F' },
> +#endif
>  { "verbose", 0, NULL, 'v' },
>  { "method", 1, NULL, 'm' },
>  { "path", 1, NULL, 'p' },
> @@ -723,6 +755,11 @@ int main(int argc, char **argv)
>  case 'f':
>  pid_filepath = optarg;
>  break;
> +#ifdef CONFIG_FSFREEZE
> +case 'F':
> +fsfreeze_hook = optarg ? optarg : QGA_FSFREEZE_HOOK_DEFAULT;
> +break;
> +#endif
>  case 't':
>   state_dir = optarg;
>   break;
> @@ -786,6 +823,9 @@ int main(int argc, char **argv)
>  s = g_malloc0(sizeof(GAState));
>  s->log_level = log_level;
>  s->log_file = stderr;
> +#ifdef CONFIG_FSFREEZE
> +s->fsfreeze_hook = fsfreeze_hook;
> +#endif
>  g_log_set_default_handler(ga_log, s);
>  g_log_set_fatal_mask(NULL, G_LOG_LEVEL_ERROR);
>  ga_enable_logging(s);
> diff --git a/qga/commands-posix.c b/qga/commands-posix.c
> index ce058b5..dbfcbdf 100644
> --- a/qga/commands-posix.c
> +++ b/qga/commands-posix.c
> @@ -410,6 +410,67 @@ static 

Re: [Qemu-devel] [PATCH 1/4] hw/ds1338.c: Fix handling of HOURS register.

[Peter Maydell]

On 2 December 2012 17:14, Antoine Mathys  wrote:
> Per the datasheet, the mapping between 12 and 24 hours modes is:
> 0  <->  12   PM
> 1-12   <->  1-12 AM
> 13-23  <->  1-11 PM
>
> Signed-off-by: Antoine Mathys 

This looks good as far as the logic goes, but I think we
could use some symbolic constants for the 12-hour and PM
bits rather than all the literal 0x20 0x40 0x60.

thanks
-- PMM

Re: [Qemu-devel] [PATCH 2/4] hw/ds1338.c: Minor fixes

[Peter Maydell]

On 2 December 2012 17:17, Antoine Mathys  wrote:
> Minor fixes in the handling of the RTC registers.
>
> Signed-off-by: Antoine Mathys 
> ---
>  hw/ds1338.c |   15 ---
>  1 file changed, 8 insertions(+), 7 deletions(-)
>
> diff --git a/hw/ds1338.c b/hw/ds1338.c
> index 1274b22..1fb152e 100644
> --- a/hw/ds1338.c
> +++ b/hw/ds1338.c
> @@ -62,9 +62,9 @@ static void capture_current_time(DS1338State *s)
>  } else {
>  s->nvram[2] = to_bcd(now.tm_hour);
>  }
> -s->nvram[3] = to_bcd(now.tm_wday) + 1;
> +s->nvram[3] = to_bcd(now.tm_wday + 1);
>  s->nvram[4] = to_bcd(now.tm_mday);
> -s->nvram[5] = to_bcd(now.tm_mon) + 1;
> +s->nvram[5] = to_bcd(now.tm_mon + 1);
>  s->nvram[6] = to_bcd(now.tm_year - 100);
>  }

Yep, doing arithmetic after to_bcd() is pretty much always
a bug.

>
> @@ -119,7 +119,8 @@ static int ds1338_send(I2CSlave *i2c, uint8_t data)
>  s->addr_byte = false;
>  return 0;
>  }
> -if (s->ptr < 8) {
> +if (s->ptr < 7) {
> +/* Time register. */
>  struct tm now;
>  qemu_get_timedate(&now, s->offset);
>  switch(s->ptr) {
> @@ -145,7 +146,7 @@ static int ds1338_send(I2CSlave *i2c, uint8_t data)
>  }
>  break;
>  case 3:
> -now.tm_wday = from_bcd(data & 7) - 1;
> +now.tm_wday = from_bcd(data & 0x07) - 1;

Why bother changing this?

>  break;
>  case 4:
>  now.tm_mday = from_bcd(data & 0x3f);
> @@ -156,11 +157,11 @@ static int ds1338_send(I2CSlave *i2c, uint8_t data)
>  case 6:
>  now.tm_year = from_bcd(data) + 100;
>  break;
> -case 7:
> -/* Control register. Currently ignored.  */
> -break;
>  }
>  s->offset = qemu_timedate_diff(&now);
> +} else if (s->ptr == 7) {
> +/* Control register. Currently ignored.  */
> +s->nvram[s->ptr] = data;

The comment says ignored but the code isn't doing that: this
change will make it read-as-written. I think you should put
this movement of the control register out of the switch()
in the next patch, not this one. That would leave this patch
with just the to_bcd() fixes, and you could give it a more
precise commit message then.

>  } else {
>  s->nvram[s->ptr] = data;
>  }
> --
> 1.7.10.4
>

-- PMM

Re: [Qemu-devel] [PATCH 3/4] hw/ds1338.c: ensure OSF can only be cleared

[Peter Maydell]

On 2 December 2012 17:19, Antoine Mathys  wrote:
> Per the datasheet, the OSF bit in the control register can only be cleared.
> Attempts to set it have no effect. Implement this.

(As per comments on previous patch, I would suggest making this
an "implement the control register" patch.)

> Signed-off-by: Antoine Mathys 
> ---
>  hw/ds1338.c |7 ++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/hw/ds1338.c b/hw/ds1338.c
> index 1fb152e..f3c6bc5 100644
> --- a/hw/ds1338.c
> +++ b/hw/ds1338.c
> @@ -160,7 +160,12 @@ static int ds1338_send(I2CSlave *i2c, uint8_t data)
>  }
>  s->offset = qemu_timedate_diff(&now);
>  } else if (s->ptr == 7) {
> -/* Control register. Currently ignored.  */
> +/* Control register. */
> +
> +/* Attempting to write the OSF flag to logic 1 leaves the
> +   value unchanged. */
> +data = (data & 0xDF) | (data & s->nvram[s->ptr] & 0x20);

Some constants for bit values would probably help here.

Bits 2, 3 and 6 are RAZ/WI so we should mask those out
of the data written.

> +
>  s->nvram[s->ptr] = data;
>  } else {
>  s->nvram[s->ptr] = data;
> --
> 1.7.10.4
>

Shouldn't we also get the power-on-reset value of this register
correct if we're going to implement it?

-- PMM

Re: [Qemu-devel] [PATCH 4/4] hw/ds1338.c: Handle stuck bits and preserve CH

[Peter Maydell]

On 2 December 2012 17:22, Antoine Mathys  wrote:
> Preserve the CH bit when updating the time.
>
> Per the datasheet, some bits in the first eight registers must always read
> back as zero. These registers can be written in two ways:
> 1. By ourselves when we update the registers with the current time.
> 2. By user request
> Even though (1) is not supposed to set these bits it is safer to check
> anyway. In order not to duplicate this logic I thus chose to enforce it at
> read time.
> Note that currently we don't preserve what the user sends in (2). We will
> have to once we support stopping the clock (CH bit).

This patch is trying to do two things at once, which makes
it very hard to review. Please split it.

I'm also not convinced it's worth doing bit masking after
updating the time -- if that's wrong then we're returning
wrong values anyway and non-zero RAZ fields is the least
of our problems.

thanks
-- PMM

Re: [Qemu-devel] [PATCH 5/?] hw/ds1338.c: Fix handling of DATE (wday) register

[Peter Maydell]

On 3 December 2012 20:10, Antoine Mathys  wrote:
> Per the datasheet, the DATE (wday) register is user defined. Implement this.
>
> Signed-off-by: Antoine Mathys 
> ---
>  hw/ds1338.c |   14 --
>  1 file changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/hw/ds1338.c b/hw/ds1338.c
> index 8f85635..c502934 100644
> --- a/hw/ds1338.c
> +++ b/hw/ds1338.c
> @@ -20,6 +20,7 @@
>  typedef struct {
>  I2CSlave i2c;
>  int64_t offset;
> +uint8_t wday_offset;
>  uint8_t nvram[NVRAM_SIZE];
>  int32_t ptr;
>  bool addr_byte;
> @@ -33,6 +34,7 @@ static const VMStateDescription vmstate_ds1338 = {
>  .fields = (VMStateField[]) {
>  VMSTATE_I2C_SLAVE(i2c, DS1338State),
>  VMSTATE_INT64(offset, DS1338State),
> +VMSTATE_UINT8(wday_offset, DS1338State),
>  VMSTATE_UINT8_ARRAY(nvram, DS1338State, NVRAM_SIZE),
>  VMSTATE_INT32(ptr, DS1338State),
>  VMSTATE_BOOL(addr_byte, DS1338State),

This breaks migration -- you need to bump the version_id to 2 and mark
the new field as only present in the new version, like this:
 VMSTATE_UINT8_V(wday_offset, DS1338State, 2),

> @@ -62,7 +64,7 @@ static void write_time(DS1338State *s, const struct tm
> *tm)
>  } else {
>  s->nvram[2] = to_bcd(tm->tm_hour);
>  }
> -s->nvram[3] = to_bcd(tm->tm_wday + 1);
> +s->nvram[3] = to_bcd((tm->tm_wday + s->wday_offset) % 7 + 1);

There's not much point doing a to_bcd() on a value guaranteed to
be in [0..9].

>  s->nvram[4] = to_bcd(tm->tm_mday);
>  s->nvram[5] = to_bcd(tm->tm_mon + 1);
>  s->nvram[6] = to_bcd(tm->tm_year - 100);
> @@ -164,7 +166,12 @@ static int ds1338_send(I2CSlave *i2c, uint8_t data)
>  }
>  break;
>  case 3:
> -now.tm_wday = from_bcd(data & 0x07) - 1;
> +{

This brace should line up with the 'c' in 'case' (ditto the closing brace).

> +int user_wday = from_bcd(data & 0x07) - 1;

...again, from_bcd() is pointless here.

> +if ((user_wday >= 0) && (user_wday <= 6)) {

This condition is an obscure way to guard against the undefined case
of the guest writing zero to a register that's supposed to contain
values between 1 and 7. It would also be good to have a comment saying
explicitly that the datasheet says you get undefined operation here.

(for curiosity, do you happen to have real hardware to see what it
does in this case?)

> +s->wday_offset = (user_wday - now.tm_wday + 7) % 7;
> +}
> +}
>  break;
>  case 4:
>  now.tm_mday = from_bcd(data & 0x3f);
> @@ -194,6 +201,9 @@ static int ds1338_send(I2CSlave *i2c, uint8_t data)
>
>  static int ds1338_init(I2CSlave *i2c)
>  {
> +DS1338State *s = FROM_I2C_SLAVE(DS1338State, i2c);
> +s->wday_offset = 0;
> +

This doesn't belong in the device init function, you need to
create a reset function and reset it there. (ie set dc->reset
in the class init function, see eg hw/pl190.c for an example).

>  return 0;
>  }
>
> --
> 1.7.10.4
>

thanks
-- PMM

Re: [Qemu-devel] [PATCH v1 1/4] pflash_cfi01: qemu_log_mask "unimplemented" msg

[Peter Maydell]

On 4 December 2012 06:04, Peter Crosthwaite
 wrote:
> This printf is informing the user of unimplemented functionality. It should be
> re-directed to qemu_log(LOG_UNIMP, ...) accordingly.
>
> Signed-off-by: Peter Crosthwaite 

Reviewed-by: Peter Maydell 

I'm going to assume this series will go through -trivial
rather than arm-devs.

-- PMM

Re: [Qemu-devel] [PATCH v1 2/4] pflash_cfi0x: Send debug messages to stderr

[Peter Maydell]

On 4 December 2012 06:04, Peter Crosthwaite
 wrote:
> These debug info messages should go to stderr rather than stdout.
>
> Signed-off-by: Peter Crosthwaite 

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [PATCH v1 3/4] zynq_slcr: Compile time warning fixes.

[Peter Maydell]

On 4 December 2012 06:04, Peter Crosthwaite
 wrote:
> Few warnings when compiled with debug printfs enabled. Fixed all.
>
> Signed-off-by: Peter Crosthwaite 

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [PATCH v1 4/4] arm_gic: Add cpu nr to Raised IRQ message

[Peter Maydell]

On 4 December 2012 06:04, Peter Crosthwaite
 wrote:
> Add the relevant CPU nr to this debug message to make IRQ debugging more
> informative.
>
> Signed-off-by: Peter Crosthwaite 

Reviewed-by: Peter Maydell 

-- PMM

Re: [Qemu-devel] [PATCH 1/5] target-i386: cpu: separate feature string parsing from CPU model lookup

[Blue Swirl]

On Mon, Dec 3, 2012 at 5:27 PM, Eduardo Habkost  wrote:
> Instead of using parsing the whole cpu_model string inside
> cpu_x86_find_by_name(), first split it into the CPU model name and the
> full feature string, then parse the feature string into pieces.
>
> When using CPU model classes, those two pieces of information will be
> used at different moments (CPU model name will be used to find CPU
> class, feature string will be used after CPU object was created), so
> making the split in two steps will make it easier to refactor the code
> later.
>
> This should also help on the CPU properties work, that will just need to
> replace the cpu_x86_parse_featurestr() logic (and can keep the CPU model
> lookup code as-is).
>
> Signed-off-by: Eduardo Habkost 
> ---
>  target-i386/cpu.c | 64 
> ++-
>  1 file changed, 44 insertions(+), 20 deletions(-)
>
> diff --git a/target-i386/cpu.c b/target-i386/cpu.c
> index c6c2ca0..89fd700 100644
> --- a/target-i386/cpu.c
> +++ b/target-i386/cpu.c
> @@ -1208,13 +1208,31 @@ static void x86_cpuid_set_tsc_freq(Object *obj, 
> Visitor *v, void *opaque,
>  cpu->env.tsc_khz = value / 1000;
>  }
>
> -static int cpu_x86_find_by_name(x86_def_t *x86_cpu_def, const char 
> *cpu_model)
> +static int cpu_x86_find_by_name(x86_def_t *x86_cpu_def, const char *name)
>  {
> -unsigned int i;
>  x86_def_t *def;
>
> -char *s = g_strdup(cpu_model);
> -char *featurestr, *name = strtok(s, ",");
> +for (def = x86_defs; def; def = def->next)

Please add braces and check your patches with checkpatch.pl.

> +if (name && !strcmp(name, def->name))

Ditto.

> +break;
> +if (kvm_enabled() && name && strcmp(name, "host") == 0) {
> +kvm_cpu_fill_host(x86_cpu_def);
> +} else if (!def) {
> +goto error;
> +} else {
> +memcpy(x86_cpu_def, def, sizeof(*def));
> +}
> +return 0;
> +error:
> +return -1;
> +}
> +
> +/* Parse "+feature,-feature,feature=foo" CPU feature string
> + */
> +static int cpu_x86_parse_featurestr(x86_def_t *x86_cpu_def, char *features)
> +{
> +unsigned int i;
> +char *featurestr; /* Single 'key=value" string being parsed */
>  /* Features to be added*/
>  uint32_t plus_features = 0, plus_ext_features = 0;
>  uint32_t plus_ext2_features = 0, plus_ext3_features = 0;
> @@ -1227,22 +1245,11 @@ static int cpu_x86_find_by_name(x86_def_t 
> *x86_cpu_def, const char *cpu_model)
>  uint32_t minus_7_0_ebx_features = 0;
>  uint32_t numvalue;
>
> -for (def = x86_defs; def; def = def->next)
> -if (name && !strcmp(name, def->name))
> -break;
> -if (kvm_enabled() && name && strcmp(name, "host") == 0) {
> -kvm_cpu_fill_host(x86_cpu_def);
> -} else if (!def) {
> -goto error;
> -} else {
> -memcpy(x86_cpu_def, def, sizeof(*def));
> -}
> -
>  add_flagname_to_bitmaps("hypervisor", &plus_features,
>  &plus_ext_features, &plus_ext2_features, &plus_ext3_features,
>  &plus_kvm_features, &plus_svm_features,  &plus_7_0_ebx_features);
>
> -featurestr = strtok(NULL, ",");
> +featurestr = features ? strtok(features, ",") : NULL;
>
>  while (featurestr) {
>  char *val;
> @@ -1376,11 +1383,9 @@ static int cpu_x86_find_by_name(x86_def_t 
> *x86_cpu_def, const char *cpu_model)
>  if (x86_cpu_def->cpuid_7_0_ebx_features && x86_cpu_def->level < 7) {
>  x86_cpu_def->level = 7;
>  }
> -g_free(s);
>  return 0;
>
>  error:
> -g_free(s);
>  return -1;
>  }
>
> @@ -1490,11 +1495,25 @@ int cpu_x86_register(X86CPU *cpu, const char 
> *cpu_model)
>  CPUX86State *env = &cpu->env;
>  x86_def_t def1, *def = &def1;
>  Error *error = NULL;
> +char *name, *features;
> +gchar **model_pieces;
>
>  memset(def, 0, sizeof(*def));
>
> -if (cpu_x86_find_by_name(def, cpu_model) < 0)
> -return -1;
> +model_pieces = g_strsplit(cpu_model, ",", 2);
> +if (!model_pieces[0]) {
> +goto error;
> +}
> +name = model_pieces[0];
> +features = model_pieces[1];
> +
> +if (cpu_x86_find_by_name(def, name) < 0) {
> +goto error;
> +}
> +
> +if (cpu_x86_parse_featurestr(def, features) < 0) {
> +goto error;
> +}
>  if (def->vendor1) {
>  env->cpuid_vendor1 = def->vendor1;
>  env->cpuid_vendor2 = def->vendor2;
> @@ -1553,7 +1572,12 @@ int cpu_x86_register(X86CPU *cpu, const char 
> *cpu_model)
>  error_free(error);
>  return -1;
>  }
> +
> +g_strfreev(model_pieces);
>  return 0;
> +error:
> +g_strfreev(model_pieces);
> +return -1;
>  }
>
>  #if !defined(CONFIG_USER_ONLY)
> --
> 1.7.11.7
>
>

Re: [Qemu-devel] [Bug 1075252] Re: qemu-img cannot read VMDK4 file

[Stefan Hajnoczi]

On Tue, Dec 4, 2012 at 2:56 AM, Robert Hubbard  wrote:
> I have uploaded a patch - I am failing miserably to get any output from git
> patch!! ...  :^( . the code is structured to addres the fact that
> convert will not work today, needs lots of work to do this. This would be
> next effort.

Hi Rob,
git-patch(1) is used to apply patches - it's not the command for
producing patch emails.

Try git-format-patch(1).  Here is a short post I found on creating a
commit and using git-format-patch(1):

http://andrewprice.me.uk/weblog/entry/generating-patch-emails-with-git

There are several git tutorials that cover much more and will help you
get familiar.  If you want to learn git I recommend:

http://git-scm.com/book
http://www-cs-students.stanford.edu/~blynn/gitmagic/

But remember you don't need to use git - some people use other tools
or simply diff(1).  You just need to send patches to the mailing list
as described at http://wiki.qemu.org/Contribute/SubmitAPatch.

If you have doubts about how to structure a patch series, try peeking
at what other people have sent to the mailing list.

I took a quick look at the patch you uploaded:

It helps review to split changes up into multiple patches, one patch
for each logical code change.  For example, renaming a struct field
also involves changing code that uses the field because the name has
changed.  This is a good candidate for a patch - just the struct field
rename and updates to code that uses the old name.  If you think at
this level of code change your diff can be split into several
independent changes which are easier to review.

That said, renaming fields or changing whitespace should only be done
when necessary.  It introduces noise in the form of extra work to
review - the compiled object code probably doesn't change and the
behavior of the program won't either.  So it's best to only make
changes that are necessary or that provide clear value.  (I'm not an
expert on block/vmdk.c, for example, so any non-essential changes
basically mean extra work for me to check whether they are okay or
not.)

Going back to the original bug: can you confirm that qemu.git/master
qemu-img correctly displays the VMDK file you have?  Fam Zheng
indicated the bug you originally hit has already been fixed.

Please send patches or questions for new VMDK changes that are
unrelated to this bug report directly to qemu-devel.  Your patch seems
to be beyond the scope of this bug report and adds some additional
qemu-img info output.

Hope this helps.  If you want real-time discussion, try asking on
#qemu on irc.oftc.net where a lot of QEMU developers hang out.

Stefan

[Qemu-devel] [PATCH] finally kill cpudef config section support

[Eduardo Habkost]

The external CPU models were removed on QEMU 1.2, and the support for
the "cpudef" config sections was documented as deprecated, but the
actual removal of the config section was pending.

Now that QEMU 1.3 was released, we can finally kill the support for
cpudef config sections, and support only the built-in CPU models from
target-i386/cpu.c.

Signed-off-by: Eduardo Habkost 
---
 qemu-config.c | 49 -
 1 file changed, 49 deletions(-)

diff --git a/qemu-config.c b/qemu-config.c
index 10d1ba4..aa78fb9 100644
--- a/qemu-config.c
+++ b/qemu-config.c
@@ -417,54 +417,6 @@ static QemuOptsList qemu_trace_opts = {
 },
 };
 
-static QemuOptsList qemu_cpudef_opts = {
-.name = "cpudef",
-.head = QTAILQ_HEAD_INITIALIZER(qemu_cpudef_opts.head),
-.desc = {
-{
-.name = "name",
-.type = QEMU_OPT_STRING,
-},{
-.name = "level",
-.type = QEMU_OPT_NUMBER,
-},{
-.name = "vendor",
-.type = QEMU_OPT_STRING,
-},{
-.name = "family",
-.type = QEMU_OPT_NUMBER,
-},{
-.name = "model",
-.type = QEMU_OPT_NUMBER,
-},{
-.name = "stepping",
-.type = QEMU_OPT_NUMBER,
-},{
-.name = "feature_edx",  /* cpuid _0001.edx */
-.type = QEMU_OPT_STRING,
-},{
-.name = "feature_ecx",  /* cpuid _0001.ecx */
-.type = QEMU_OPT_STRING,
-},{
-.name = "extfeature_edx",   /* cpuid 8000_0001.edx */
-.type = QEMU_OPT_STRING,
-},{
-.name = "extfeature_ecx",   /* cpuid 8000_0001.ecx */
-.type = QEMU_OPT_STRING,
-},{
-.name = "xlevel",
-.type = QEMU_OPT_NUMBER,
-},{
-.name = "model_id",
-.type = QEMU_OPT_STRING,
-},{
-.name = "vendor_override",
-.type = QEMU_OPT_NUMBER,
-},
-{ /* end of list */ }
-},
-};
-
 QemuOptsList qemu_spice_opts = {
 .name = "spice",
 .head = QTAILQ_HEAD_INITIALIZER(qemu_spice_opts.head),
@@ -700,7 +652,6 @@ static QemuOptsList *vm_config_groups[32] = {
 &qemu_rtc_opts,
 &qemu_global_opts,
 &qemu_mon_opts,
-&qemu_cpudef_opts,
 &qemu_trace_opts,
 &qemu_option_rom_opts,
 &qemu_machine_opts,
-- 
1.7.11.7

Re: [Qemu-devel] [RFC] 1.4 release schedule

[Blue Swirl]

On Mon, Dec 3, 2012 at 9:30 PM, Anthony Liguori  wrote:
>
> Hi,
>
> Based on popular demand, I'd like to continue with a 3-month release
> cycle for the foreseeable future.  One thing I'd like to "fix" though is
> to avoid major holidays during the -rc cycles.
>
> The best cycle I can figure is:
>
> Feb 15th
> May 15th
> Aug 15th
> Nov 15th
>
> To get us onto this schedule, we'll need to make 1.4 a short release but
> I still think there's ample time to ge stuff done.
>
> I've put up a strawman schedule on the wiki:
>
> http://wiki.qemu.org/Planning/1.4

Looks fine.

The definition of the hard freeze bothers me. A few patches that went
in after 1.3-rc0 were not bug fixes but just new features, so the
difference between soft and hard freezes was not clear.

>
> Regards,
>
> Anthony Liguori
>
>

Re: [Qemu-devel] [RFC] 1.4 release schedule

[Peter Maydell]

On 3 December 2012 21:30, Anthony Liguori  wrote:
> I've put up a strawman schedule on the wiki:
>
> http://wiki.qemu.org/Planning/1.4

The definition of 'soft freeze' on this page ("Major features
should have initial code committed") and the definition on
the page http://wiki.qemu.org/Planning/SoftFeatureFreeze
which it links to ("any major feature should have some code
posted to the qemu-devel mailing list") disagree. Which
is right? I think in practice we're using "code committed",
which seems to me the right choice.

-- PMM

Re: [Qemu-devel] [PATCH] finally kill cpudef config section support

[Andreas Färber]

Am 04.12.2012 19:32, schrieb Eduardo Habkost:
> The external CPU models were removed on QEMU 1.2, and the support for
> the "cpudef" config sections was documented as deprecated, but the
> actual removal of the config section was pending.
> 
> Now that QEMU 1.3 was released, we can finally kill the support for
> cpudef config sections, and support only the built-in CPU models from
> target-i386/cpu.c.
> 
> Signed-off-by: Eduardo Habkost 

This looks okay so far, but I'm guessing this was based on another
branch of yours? If we apply this right now, we would also want to
remove the #ifdef'ed cpudef_init() or so function invoking the parsing, no?

Andreas

> ---
>  qemu-config.c | 49 -
>  1 file changed, 49 deletions(-)
> 
> diff --git a/qemu-config.c b/qemu-config.c
> index 10d1ba4..aa78fb9 100644
> --- a/qemu-config.c
> +++ b/qemu-config.c
> @@ -417,54 +417,6 @@ static QemuOptsList qemu_trace_opts = {
>  },
>  };
>  
> -static QemuOptsList qemu_cpudef_opts = {
> -.name = "cpudef",
> -.head = QTAILQ_HEAD_INITIALIZER(qemu_cpudef_opts.head),
> -.desc = {
> -{
> -.name = "name",
> -.type = QEMU_OPT_STRING,
> -},{
> -.name = "level",
> -.type = QEMU_OPT_NUMBER,
> -},{
> -.name = "vendor",
> -.type = QEMU_OPT_STRING,
> -},{
> -.name = "family",
> -.type = QEMU_OPT_NUMBER,
> -},{
> -.name = "model",
> -.type = QEMU_OPT_NUMBER,
> -},{
> -.name = "stepping",
> -.type = QEMU_OPT_NUMBER,
> -},{
> -.name = "feature_edx",  /* cpuid _0001.edx */
> -.type = QEMU_OPT_STRING,
> -},{
> -.name = "feature_ecx",  /* cpuid _0001.ecx */
> -.type = QEMU_OPT_STRING,
> -},{
> -.name = "extfeature_edx",   /* cpuid 8000_0001.edx */
> -.type = QEMU_OPT_STRING,
> -},{
> -.name = "extfeature_ecx",   /* cpuid 8000_0001.ecx */
> -.type = QEMU_OPT_STRING,
> -},{
> -.name = "xlevel",
> -.type = QEMU_OPT_NUMBER,
> -},{
> -.name = "model_id",
> -.type = QEMU_OPT_STRING,
> -},{
> -.name = "vendor_override",
> -.type = QEMU_OPT_NUMBER,
> -},
> -{ /* end of list */ }
> -},
> -};
> -
>  QemuOptsList qemu_spice_opts = {
>  .name = "spice",
>  .head = QTAILQ_HEAD_INITIALIZER(qemu_spice_opts.head),
> @@ -700,7 +652,6 @@ static QemuOptsList *vm_config_groups[32] = {
>  &qemu_rtc_opts,
>  &qemu_global_opts,
>  &qemu_mon_opts,
> -&qemu_cpudef_opts,
>  &qemu_trace_opts,
>  &qemu_option_rom_opts,
>  &qemu_machine_opts,
> 


-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [RFC] 1.4 release schedule

[Peter Maydell]

On 4 December 2012 18:38, Blue Swirl  wrote:
> The definition of the hard freeze bothers me. A few patches that went
> in after 1.3-rc0 were not bug fixes but just new features, so the
> difference between soft and hard freezes was not clear.

My vote for this would be to adhere to our definition
and only commit bugfixes.

-- PMM

Re: [Qemu-devel] [PATCH 3/3] target-i386:slightly refactor dr7 related function

[Blue Swirl]

On Tue, Dec 4, 2012 at 8:11 AM, liguang  wrote:
> Signed-off-by: liguang 
> ---
>  target-i386/helper.c  |   70 
> +
>  target-i386/machine.c |2 +-
>  target-i386/misc_helper.c |4 +-
>  target-i386/seg_helper.c  |6 ++--
>  4 files changed, 51 insertions(+), 31 deletions(-)
>
> diff --git a/target-i386/helper.c b/target-i386/helper.c
> index bf206cf..28307a1 100644
> --- a/target-i386/helper.c
> +++ b/target-i386/helper.c
> @@ -966,30 +966,31 @@ hwaddr cpu_get_phys_page_debug(CPUX86State *env, 
> target_ulong addr)
>
>  void hw_breakpoint_insert(CPUX86State *env, int index)
>  {
> -int type, err = 0;
> +int type = 0, err = 0;
>
>  switch (hw_breakpoint_type(env->dr[7], index)) {
> -case 0:
> -if (hw_breakpoint_enabled(env->dr[7], index))
> +case DR7_BP_INST:
> +if (hw_breakpoint_enabled(env->dr[7], index)) {
>  err = cpu_breakpoint_insert(env, env->dr[index], BP_CPU,
>  &env->cpu_breakpoint[index]);
> +}
>  break;
> -case 1:
> +case DR7_DATA_WR:
>  type = BP_CPU | BP_MEM_WRITE;
> -goto insert_wp;
> -case 2:
> - /* No support for I/O watchpoints yet */
> -break;
> -case 3:

Missing 'break'.

> +case DR7_DATA_RW:
>  type = BP_CPU | BP_MEM_ACCESS;
> -insert_wp:
> +   case DR7_IO_RW:
> + /* No support for I/O watchpoints yet */
> + break;
> +}
> +   if (type) {
>  err = cpu_watchpoint_insert(env, env->dr[index],
>  hw_breakpoint_len(env->dr[7], index),
>  type, &env->cpu_watchpoint[index]);
> -break;
>  }
> -if (err)
> +if (err) {
>  env->cpu_breakpoint[index] = NULL;
> +}
>  }
>
>  void hw_breakpoint_remove(CPUX86State *env, int index)
> @@ -997,15 +998,16 @@ void hw_breakpoint_remove(CPUX86State *env, int index)
>  if (!env->cpu_breakpoint[index])
>  return;
>  switch (hw_breakpoint_type(env->dr[7], index)) {
> -case 0:
> -if (hw_breakpoint_enabled(env->dr[7], index))
> +case DR7_BP_INST:
> +if (hw_breakpoint_enabled(env->dr[7], index)) {
>  cpu_breakpoint_remove_by_ref(env, env->cpu_breakpoint[index]);
> +}
>  break;
> -case 1:
> -case 3:
> +case DR7_DATA_RW:
> +case DR7_DATA_WR:
>  cpu_watchpoint_remove_by_ref(env, env->cpu_watchpoint[index]);
>  break;
> -case 2:
> +case DR7_IO_RW:
>  /* No support for I/O watchpoints yet */
>  break;
>  }
> @@ -1014,22 +1016,40 @@ void hw_breakpoint_remove(CPUX86State *env, int index)
>  int check_hw_breakpoints(CPUX86State *env, int force_dr6_update)
>  {
>  target_ulong dr6;
> -int reg, type;
> +int index;
>  int hit_enabled = 0;
> +bool bp_match = false;
> +bool wp_match = false;
>
>  dr6 = env->dr[6] & ~0xf;
> -for (reg = 0; reg < 4; reg++) {
> -type = hw_breakpoint_type(env->dr[7], reg);
> -if ((type == 0 && env->dr[reg] == env->eip) ||
> -((type & 1) && env->cpu_watchpoint[reg] &&
> - (env->cpu_watchpoint[reg]->flags & BP_WATCHPOINT_HIT))) {
> -dr6 |= 1 << reg;
> -if (hw_breakpoint_enabled(env->dr[7], reg))
> +   for (index = 0; index < DR7_MAX_BP; index++) {
> +switch (hw_breakpoint_type(env->dr[7], index)) {
> +case DR7_BP_INST:
> +if (env->dr[index] == env->eip) {
> +bp_match = true;
> +}
> +break;
> +case DR7_DATA_WR:
> +case DR7_DATA_RW:
> +if (env->cpu_watchpoint[index] &&
> +env->cpu_watchpoint[index]->flags & BP_WATCHPOINT_HIT) {
> +wp_match = true;
> +}

Also here.

> +case DR7_IO_RW:
> +break;
> +}
> +if (bp_match || wp_match) {
> +dr6 |= 1 << index;
> +if (hw_breakpoint_enabled(env->dr[7], index)) {
>  hit_enabled = 1;
> +}
> +bp_match = false;
> +wp_match = false;
>  }
>  }
>  if (hit_enabled || force_dr6_update)
>  env->dr[6] = dr6;
> +
>  return hit_enabled;
>  }
>
> diff --git a/target-i386/machine.c b/target-i386/machine.c
> index 4771508..a4b1a1e 100644
> --- a/target-i386/machine.c
> +++ b/target-i386/machine.c
> @@ -265,7 +265,7 @@ static int cpu_post_load(void *opaque, int version_id)
>
>  cpu_breakpoint_remove_all(env, BP_CPU);
>  cpu_watchpoint_remove_all(env, BP_CPU);
> -for (i = 0; i < 4; i++)
> +for (i = 0; i < DR7_MAX_BP; i++)

Please add braces and check your patches with checkpatch.pl.

>  hw_breakpoint_insert(env, i);
>
>  tlb_flush(env, 1);
> diff --git a/target-i386/misc_helper.c b/target-i386/misc_helper.c
> index a020379..5ee0863 100644
> --- 

Re: [Qemu-devel] [PATCH] finally kill cpudef config section support

[Eduardo Habkost]

On Tue, Dec 04, 2012 at 07:41:47PM +0100, Andreas Färber wrote:
> Am 04.12.2012 19:32, schrieb Eduardo Habkost:
> > The external CPU models were removed on QEMU 1.2, and the support for
> > the "cpudef" config sections was documented as deprecated, but the
> > actual removal of the config section was pending.
> > 
> > Now that QEMU 1.3 was released, we can finally kill the support for
> > cpudef config sections, and support only the built-in CPU models from
> > target-i386/cpu.c.
> > 
> > Signed-off-by: Eduardo Habkost 
> 
> This looks okay so far, but I'm guessing this was based on another
> branch of yours? If we apply this right now, we would also want to
> remove the #ifdef'ed cpudef_init() or so function invoking the parsing, no?

Right now cpudef_init() calls cpudef_setup(), that initializes some
fields in the builtin CPU model list on x86, but doesn't use the cpudef
config section anymore[1].

cpudef_setup() and cpudef_init() will be killed later, when we kill the
builtin_x86_defs table and introduce CPU model subclasses.


[1] The code dealing with the cpudef section was removed on
c04321b3685a0b06d737d04146a0f1f2c5950b39.
So, in the end it would be safe to apply this patch before 1.3, as
the code that actually used the cpudef CPU models was already
removed.

> 
> Andreas
> 
> > ---
> >  qemu-config.c | 49 -
> >  1 file changed, 49 deletions(-)
> > 
> > diff --git a/qemu-config.c b/qemu-config.c
> > index 10d1ba4..aa78fb9 100644
> > --- a/qemu-config.c
> > +++ b/qemu-config.c
> > @@ -417,54 +417,6 @@ static QemuOptsList qemu_trace_opts = {
> >  },
> >  };
> >  
> > -static QemuOptsList qemu_cpudef_opts = {
> > -.name = "cpudef",
> > -.head = QTAILQ_HEAD_INITIALIZER(qemu_cpudef_opts.head),
> > -.desc = {
> > -{
> > -.name = "name",
> > -.type = QEMU_OPT_STRING,
> > -},{
> > -.name = "level",
> > -.type = QEMU_OPT_NUMBER,
> > -},{
> > -.name = "vendor",
> > -.type = QEMU_OPT_STRING,
> > -},{
> > -.name = "family",
> > -.type = QEMU_OPT_NUMBER,
> > -},{
> > -.name = "model",
> > -.type = QEMU_OPT_NUMBER,
> > -},{
> > -.name = "stepping",
> > -.type = QEMU_OPT_NUMBER,
> > -},{
> > -.name = "feature_edx",  /* cpuid _0001.edx */
> > -.type = QEMU_OPT_STRING,
> > -},{
> > -.name = "feature_ecx",  /* cpuid _0001.ecx */
> > -.type = QEMU_OPT_STRING,
> > -},{
> > -.name = "extfeature_edx",   /* cpuid 8000_0001.edx */
> > -.type = QEMU_OPT_STRING,
> > -},{
> > -.name = "extfeature_ecx",   /* cpuid 8000_0001.ecx */
> > -.type = QEMU_OPT_STRING,
> > -},{
> > -.name = "xlevel",
> > -.type = QEMU_OPT_NUMBER,
> > -},{
> > -.name = "model_id",
> > -.type = QEMU_OPT_STRING,
> > -},{
> > -.name = "vendor_override",
> > -.type = QEMU_OPT_NUMBER,
> > -},
> > -{ /* end of list */ }
> > -},
> > -};
> > -
> >  QemuOptsList qemu_spice_opts = {
> >  .name = "spice",
> >  .head = QTAILQ_HEAD_INITIALIZER(qemu_spice_opts.head),
> > @@ -700,7 +652,6 @@ static QemuOptsList *vm_config_groups[32] = {
> >  &qemu_rtc_opts,
> >  &qemu_global_opts,
> >  &qemu_mon_opts,
> > -&qemu_cpudef_opts,
> >  &qemu_trace_opts,
> >  &qemu_option_rom_opts,
> >  &qemu_machine_opts,
> > 
> 
> 
> -- 
> SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
> GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
> 

-- 
Eduardo

Re: [Qemu-devel] [PATCH 1/4] hw/ds1338.c: Fix handling of HOURS register.

[Andreas Färber]

Am 04.12.2012 18:42, schrieb Peter Maydell:
> On 2 December 2012 17:14, Antoine Mathys  wrote:
>> Per the datasheet, the mapping between 12 and 24 hours modes is:
>> 0  <->  12   PM
>> 1-12   <->  1-12 AM
>> 13-23  <->  1-11 PM
>>
>> Signed-off-by: Antoine Mathys 
> 
> This looks good as far as the logic goes, but I think we
> could use some symbolic constants for the 12-hour and PM
> bits rather than all the literal 0x20 0x40 0x60.

What about adding qtests like we have for the x86 RTC?
Is I2C as problematic as PCI there?

Andreas

P.S. Antoine, please make sure you thread your patches to a cover letter
so that they stay together on the list.

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [RFC 6/8] qdev-properties.c: separate core from the code used only by qemu-system-*

[Blue Swirl]

On Tue, Dec 4, 2012 at 1:19 PM, Eduardo Habkost  wrote:
> This separates the qdev properties code in two parts:
>  - qdev-properties.c, that contains most of the qdev properties code;
>  - qdev-properties-system.c for code specific for qemu-system-*,
>containing:
>- Property types: drive, chr, netdev, vlan, that depend on code that
>  won't be included on *-user
>- qemu_add_globals(), that depends on qemu-config.o.
>
> This change should help on two things:
>  - Allowing DeviceState to be used by *-user without pulling
>dependencies that are specific for qemu-system-*;
>  - Writing qdev unit tests without pulling too many dependencies.
>
> The copyright/license header for the new file is directly copied from
> qdev-properties.c.
>
> Signed-off-by: Eduardo Habkost 
> ---
> Detailed changelog:
>
> Changes v1 (ehabkost) -> v2 (imammedo):
>  - keep qdev_get_child_bus() in hw/qdev.c
>  - put qdev_set_nic_properties() in hw/qdev-properties-system.c
>
> Changes v2 -> v3 (ehabkost):
>  - updated the qdev_init_gpio_in() code on qdev-system.c to current
>version
>
> Changes v3 -> v4 (ehabkost):
>  - Added copyright/license information to qdev-properties-system.c
>(based on copyright/license of qdev-properties.c)
>  - Whitespace change at the end of qdev-properties.c
>  - Don't create qdev-system.c, now we can keep the qdev.c code as-is
>as the qdev.c dependencies were reduced
>  - Rewrite patch description
>
> Changes v4 -> v5 (ehabkost):
>  - Remove large copyright header and instead just point to the original
>file it was based on
>
> Changes v5 -> v6 (ehabkost):
>  - Removed inter-SoB line changelog from commit message
> ---
>  hw/Makefile.objs|   1 +
>  hw/qdev-properties-system.c | 352 
> 
>  hw/qdev-properties.c| 321 +---
>  hw/qdev-properties.h|   1 +
>  hw/qdev.c   |  13 --
>  5 files changed, 355 insertions(+), 333 deletions(-)
>  create mode 100644 hw/qdev-properties-system.c
>
> diff --git a/hw/Makefile.objs b/hw/Makefile.objs
> index d581d8d..96a8365 100644
> --- a/hw/Makefile.objs
> +++ b/hw/Makefile.objs
> @@ -185,6 +185,7 @@ common-obj-y += bt.o bt-l2cap.o bt-sdp.o bt-hci.o bt-hid.o
>  common-obj-y += bt-hci-csr.o
>  common-obj-y += msmouse.o ps2.o
>  common-obj-y += qdev.o qdev-properties.o qdev-monitor.o
> +common-obj-y += qdev-properties-system.o
>  common-obj-$(CONFIG_BRLAPI) += baum.o
>
>  # xen backend driver support
> diff --git a/hw/qdev-properties-system.c b/hw/qdev-properties-system.c
> new file mode 100644
> index 000..9a7e0b3
> --- /dev/null
> +++ b/hw/qdev-properties-system.c
> @@ -0,0 +1,352 @@
> +/*
> + * qdev property parsing and global properties
> + * (parts specific for qemu-system-*)
> + *
> + * This file is based on code from hw/qdev-properties.c from
> + * commit 4e68f7a0819f179c2ff90a60611806c789911cc2,
> + * Copyright (c) Gerd Hoffmann  and other contributors.
> + *
> + * This work is licensed under the terms of the GNU GPL, version 2 or later.
> + * See the COPYING file in the top-level directory.
> + */
> +
> +#include "net.h"
> +#include "qdev.h"
> +#include "qerror.h"
> +#include "blockdev.h"
> +#include "hw/block-common.h"
> +#include "net/hub.h"
> +#include "qapi/qapi-visit-core.h"
> +
> +static void get_pointer(Object *obj, Visitor *v, Property *prop,
> +const char *(*print)(void *ptr),
> +const char *name, Error **errp)
> +{
> +DeviceState *dev = DEVICE(obj);
> +void **ptr = qdev_get_prop_ptr(dev, prop);
> +char *p;
> +
> +p = (char *) (*ptr ? print(*ptr) : "");
> +visit_type_str(v, &p, name, errp);
> +}
> +
> +static void set_pointer(Object *obj, Visitor *v, Property *prop,
> +int (*parse)(DeviceState *dev, const char *str,
> + void **ptr),
> +const char *name, Error **errp)
> +{
> +DeviceState *dev = DEVICE(obj);
> +Error *local_err = NULL;
> +void **ptr = qdev_get_prop_ptr(dev, prop);
> +char *str;
> +int ret;
> +
> +if (dev->state != DEV_STATE_CREATED) {
> +error_set(errp, QERR_PERMISSION_DENIED);
> +return;
> +}
> +
> +visit_type_str(v, &str, name, &local_err);
> +if (local_err) {
> +error_propagate(errp, local_err);
> +return;
> +}
> +if (!*str) {
> +g_free(str);
> +*ptr = NULL;
> +return;
> +}
> +ret = parse(dev, str, ptr);
> +error_set_from_qdev_prop_error(errp, ret, dev, prop, str);
> +g_free(str);
> +}
> +
> +/* --- drive --- */
> +
> +static int parse_drive(DeviceState *dev, const char *str, void **ptr)
> +{
> +BlockDriverState *bs;
> +
> +bs = bdrv_find(str);
> +if (bs == NULL)

Please add braces, use checkpatch.pl.

> +return -ENOENT;
> +if (bdrv_attach_dev(bs, dev) < 0)

Also here.

> +return -EEXIST;

Re: [Qemu-devel] [PATCH] virtfs-proxy-helper: check return code of setfsgid/setfsuid

[Aneesh Kumar K.V]

Paolo Bonzini  writes:

> Il 11/10/2012 09:25, M. Mohan Kumar ha scritto:
>> Also as per the man page:
>>When glibc determines that the argument is not a valid user ID,
>>it will return -1 and set errno  to  EINVAL
>>without attempting the system call.
>> 
>> If it mean a nonexistent id by 'not a valid user ID' it may be a
>> problem in virtfs case.
>
> I think only -1 would be an invalid user ID, or perhaps a user ID >
> 65535 if the kernel only supports 16-bit user IDs.
>
> Rather than dealing with the kernel, can we just use
> setresuid/setresgid like in the following (untested) patch?
>
> Paolo
>
> ps: so far in my short life I had managed to stay away from privilege
> dropping, so please review with extra care.
>
> --- 8< ---
> From: Paolo Bonzini 
> Date: Thu, 11 Oct 2012 14:20:23 +0200
> Subject: [PATCH] virtfs-proxy-helper: use setresuid and setresgid
>
> The setfsuid and setfsgid system calls are obscure and they complicate
> the error checking (that glibc's warn_unused_result "feature" forces
> us to do).  Switch to the standard setresuid and setresgid functions.
>
> ---
> diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
> index f9a8270..07b3b5b 100644
> --- a/fsdev/virtfs-proxy-helper.c
> +++ b/fsdev/virtfs-proxy-helper.c
> @@ -272,31 +272,76 @@ static int send_status(int sockfd, struct iovec *iovec, 
> int status)
>  /*
>   * from man 7 capabilities, section
>   * Effect of User ID Changes on Capabilities:
> - * 4. If the file system user ID is changed from 0 to nonzero (see 
> setfsuid(2))
> - * then the following capabilities are cleared from the effective set:
> - * CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_DAC_READ_SEARCH,  CAP_FOWNER, CAP_FSETID,
> - * CAP_LINUX_IMMUTABLE  (since  Linux 2.2.30), CAP_MAC_OVERRIDE, and 
> CAP_MKNOD
> - * (since Linux 2.2.30). If the file system UID is changed from nonzero to 0,
> - * then any of these capabilities that are enabled in the permitted set
> - * are enabled in the effective set.
> + * If the effective user ID is changed from nonzero to 0, then the permitted
> + * set is copied to the effective set.  If the effective user ID is changed
> + * from 0 to nonzero, then all capabilities are are cleared from the 
> effective
> + * set.
> + *
> + * The setfsuid/setfsgid man pages warn that changing the effective user ID 
> may
> + * expose the program to unwanted signals, but this is not true anymore: for 
> an
> + * unprivileged (without CAP_KILL) program to send a signal, the real or
> + * effective user ID of the sending process must equal the real or saved user
> + * ID of the target process.  Even when dropping privileges, it is enough to
> + * keep the saved UID to a "privileged" value and virtfs-proxy-helper won't
> + * be exposed to signals.  So just use setresuid/setresgid.
>   */
> -static int setfsugid(int uid, int gid)
> +static int setugid(int uid, int gid, int *suid, int *sgid)
>  {
> +int retval;
> +
>  /*
> - * We still need DAC_OVERRIDE because  we don't change
> + * We still need DAC_OVERRIDE because we don't change
>   * supplementary group ids, and hence may be subjected DAC rules
>   */
>  cap_value_t cap_list[] = {
>  CAP_DAC_OVERRIDE,
>  };
>
> -setfsgid(gid);
> -setfsuid(uid);
> +/*
> + * If suid/sgid are NULL, the saved uid/gid is set to the
> + * new effective uid/gid.  If they are not, the saved uid/gid
> + * is set to the current effective user id and stored into
> + * *suid and *sgid.
> + */
> +if (!suid) {
> +suid = &uid;
> +} else {
> +*suid = geteuid();
> +}
> +if (!sgid) {
> +sgid = &gid;
> +} else {
> +*sgid = getegid();
> +}
> +

I found this to be confusing. How about avoiding all those pointers, something
like below ? If you are ok can I add the signed-off-by for this ? I can
test this and get a pull request out with the build fix.

commit 24cc9f0d07c2a505bfafbdcb72006f2eda1288a4
Author: Paolo Bonzini 
Date:   Thu Oct 11 14:20:23 2012 +0200

virtfs-proxy-helper: use setresuid and setresgid

The setfsuid and setfsgid system calls are obscure and they complicate
the error checking (that glibc's warn_unused_result "feature" forces
us to do).  Switch to the standard setresuid and setresgid functions.

diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index f9a8270..49ab0eb 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -272,31 +272,59 @@ static int send_status(int sockfd, struct iovec *iovec, 
int status)
 /*
  * from man 7 capabilities, section
  * Effect of User ID Changes on Capabilities:
- * 4. If the file system user ID is changed from 0 to nonzero (see setfsuid(2))
- * then the following capabilities are cleared from the effective set:
- * CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_DAC_READ_SEARCH,  CAP_FOWNER, CAP_FSETID,
- * CAP_LINUX_IMMUTABLE  (since  Li

[Qemu-devel] [PATCH 4/6] target-i386: postpone cpuid_level update to realize time

[Eduardo Habkost]

From: Igor Mammedov 

delay capping cpuid_level to 7 to realize time so property setters
for cpuid_7_0_ebx_features and "level" could be used in any order/time
between x86_cpu_initfn() and x86_cpu_realize().

Signed-off-by: Igor Mammedov 
---
 target-i386/cpu.c | 8 +---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index 86d7a61..a56a130 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -1381,9 +1381,6 @@ static int cpu_x86_parse_featurestr(x86_def_t 
*x86_cpu_def, char *features)
 if (kvm_check_features_against_host(x86_cpu_def) && enforce_cpuid)
 goto error;
 }
-if (x86_cpu_def->cpuid_7_0_ebx_features && x86_cpu_def->level < 7) {
-x86_cpu_def->level = 7;
-}
 return 0;
 
 error:
@@ -2074,6 +2071,11 @@ static void x86_cpu_apic_init(X86CPU *cpu, Error **errp)
 void x86_cpu_realize(Object *obj, Error **errp)
 {
 X86CPU *cpu = X86_CPU(obj);
+CPUX86State *env = &cpu->env;
+
+if (env->cpuid_7_0_ebx_features && env->cpuid_level < 7) {
+env->cpuid_level = 7;
+}
 
 #ifndef CONFIG_USER_ONLY
 qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
-- 
1.7.11.7