Re: [Qemu-devel] [RFC PATCH v2 06/12] mc: introduce state machine changes for MC

[Michael R. Hines]

On 02/19/2014 09:00 AM, Li Guang wrote:

Hi,

mrhi...@linux.vnet.ibm.com wrote:

From: "Michael R. Hines"

This patch sets up the initial changes to the migration state
machine and prototypes to be used by the checkpointing code
to interact with the state machine so that we can later handle
failure and recovery scenarios.

Signed-off-by: Michael R. Hines
---
  arch_init.c   | 29 -
  include/migration/migration.h |  2 ++
  migration.c   | 37 
+

  3 files changed, 47 insertions(+), 21 deletions(-)

diff --git a/arch_init.c b/arch_init.c
index db75120..e9d4d9e 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -658,13 +658,13 @@ static void ram_migration_cancel(void *opaque)
  migration_end();
  }

-static void reset_ram_globals(void)
+static void reset_ram_globals(bool reset_bulk_stage)
  {
  last_seen_block = NULL;
  last_sent_block = NULL;
  last_offset = 0;
  last_version = ram_list.version;
-ram_bulk_stage = true;
+ram_bulk_stage = reset_bulk_stage;
  }



here is a chance that ram_save_block will never break while loop
if loat_seen_block be reset for mc when there are no dirty pages
to be migrated.

Thanks!



This bug is fixed now - you can re-pull from github.com.

Believe it or not, when there is no network devices attached to the
guest whatsoever, the initial bootup process can be extremely slow,
where there are almost no processes dirtying memory at all or
only occasionally except for maybe a DHCP client. This results in
some 100ms periods of time where there are actually *no* dirty
pages - hard to believe, but it does happen.

ram_save_block() really doesn't understand this possibility,
surprisingly. It results in an infinite loop because it was expecting
last_seen_block to always be non-NULL, when in fact, we have reset
the value to start from the beginning of the guest can scan the
entire VM for dirty memory.



  #define MAX_WAIT 50 /* ms, half buffered_file limit */
@@ -674,6 +674,15 @@ static int ram_save_setup(QEMUFile *f, void 
*opaque)

  RAMBlock *block;
  int64_t ram_pages = last_ram_offset()>> TARGET_PAGE_BITS;

+/*
+ * RAM stays open during micro-checkpointing for the next 
transaction.

+ */
+if (migration_is_mc(migrate_get_current())) {
+qemu_mutex_lock_ramlist();
+reset_ram_globals(false);
+goto skip_setup;
+}
+
  migration_bitmap = bitmap_new(ram_pages);
  bitmap_set(migration_bitmap, 0, ram_pages);
  migration_dirty_pages = ram_pages;
@@ -710,12 +719,14 @@ static int ram_save_setup(QEMUFile *f, void 
*opaque)

  qemu_mutex_lock_iothread();
  qemu_mutex_lock_ramlist();
  bytes_transferred = 0;
-reset_ram_globals();
+reset_ram_globals(true);

  memory_global_dirty_log_start();
  migration_bitmap_sync();
  qemu_mutex_unlock_iothread();

+skip_setup:
+
  qemu_put_be64(f, ram_bytes_total() | RAM_SAVE_FLAG_MEM_SIZE);

  QTAILQ_FOREACH(block,&ram_list.blocks, next) {
@@ -744,7 +755,7 @@ static int ram_save_iterate(QEMUFile *f, void 
*opaque)

  qemu_mutex_lock_ramlist();

  if (ram_list.version != last_version) {
-reset_ram_globals();
+reset_ram_globals(true);
  }

  ram_control_before_iterate(f, RAM_CONTROL_ROUND);
@@ -825,7 +836,15 @@ static int ram_save_complete(QEMUFile *f, void 
*opaque)

  }

  ram_control_after_iterate(f, RAM_CONTROL_FINISH);
-migration_end();
+
+/*
+ * Only cleanup at the end of normal migrations
+ * or if the MC destination failed and we got an error.
+ * Otherwise, we are (or will soon be) in MIG_STATE_CHECKPOINTING.
+ */
+if(!migrate_use_mc() || 
migration_has_failed(migrate_get_current())) {

+migration_end();
+}

  qemu_mutex_unlock_ramlist();
  qemu_put_be64(f, RAM_SAVE_FLAG_EOS);
diff --git a/include/migration/migration.h 
b/include/migration/migration.h

index a7c54fe..e876a2c 100644
--- a/include/migration/migration.h
+++ b/include/migration/migration.h
@@ -101,7 +101,9 @@ int migrate_fd_close(MigrationState *s);

  void add_migration_state_change_notifier(Notifier *notify);
  void remove_migration_state_change_notifier(Notifier *notify);
+bool migration_is_active(MigrationState *);
  bool migration_in_setup(MigrationState *);
+bool migration_is_mc(MigrationState *s);
  bool migration_has_finished(MigrationState *);
  bool migration_has_failed(MigrationState *);
  MigrationState *migrate_get_current(void);
diff --git a/migration.c b/migration.c
index 25add6f..f42dae4 100644
--- a/migration.c
+++ b/migration.c
@@ -36,16 +36,6 @@
  do { } while (0)
  #endif

-enum {
-MIG_STATE_ERROR = -1,
-MIG_STATE_NONE,
-MIG_STATE_SETUP,
-MIG_STATE_CANCELLING,
-MIG_STATE_CANCELLED,
-MIG_STATE_ACTIVE,
-MIG_STATE_COMPLETED,
-};
-
  #define MAX_THROTTLE  (32<<  20)  /* Migration speed thr

Re: [Qemu-devel] [PATCH V7 07/11] qapi script: support pre-defined enum type as discriminator in union

[Markus Armbruster]

Wenchao Xia  writes:

> 于 2014/2/21 0:38, Markus Armbruster 写道:
>> Wenchao Xia  writes:
>> 
>>> By default, any union will automatically generate a enum type as
>>> "[UnionName]Kind" in C code, and it is duplicated when the discriminator
>>> is specified as a pre-defined enum type in schema. After this patch,
>>> the pre-defined enum type will be really used as the switch case
>>> condition in generated C code, if discriminator is an enum field.
>>>
>>> Signed-off-by: Wenchao Xia 
>>> ---
>>>   docs/qapi-code-gen.txt |8 ++--
>>>   scripts/qapi-types.py  |   20 
>>>   scripts/qapi-visit.py  |   27 ---
>>>   scripts/qapi.py|   13 -
>>>   4 files changed, 54 insertions(+), 14 deletions(-)
>>>
>>> diff --git a/docs/qapi-code-gen.txt b/docs/qapi-code-gen.txt
>>> index 0728f36..a2e7921 100644
>>> --- a/docs/qapi-code-gen.txt
>>> +++ b/docs/qapi-code-gen.txt
>>> @@ -123,11 +123,15 @@ And it looks like this on the wire:
>>>   
>>>   Flat union types avoid the nesting on the wire. They are used whenever a
>>>   specific field of the base type is declared as the discriminator ('type' 
>>> is
>>> -then no longer generated). The discriminator must always be a string field.
>>> +then no longer generated). The discriminator can be a string field or a
>>> +predefined enum field. If it is a string field, a hidden enum type will be
>>> +generated as "[UNION_NAME]Kind". If it is an enum field, a compile time 
>>> check
>>> +will be done to verify the correctness. It is recommended to use an enum 
>>> field.
>>>   The above example can then be modified as follows:
>>>   
>>> + { 'enum': 'BlockdevDriver', 'data': [ 'raw', 'qcow2' ] }
>>>{ 'type': 'BlockdevCommonOptions',
>>> -   'data': { 'driver': 'str', 'readonly': 'bool' } }
>>> +   'data': { 'driver': 'BlockdevDriver', 'readonly': 'bool' } }
>>>{ 'union': 'BlockdevOptions',
>>>  'base': 'BlockdevCommonOptions',
>>>  'discriminator': 'driver',
>>> diff --git a/scripts/qapi-types.py b/scripts/qapi-types.py
>>> index 656a9a0..4098c60 100644
>>> --- a/scripts/qapi-types.py
>>> +++ b/scripts/qapi-types.py
>>> @@ -201,14 +201,22 @@ def generate_union(expr):
>>>   base = expr.get('base')
>>>   discriminator = expr.get('discriminator')
>>>   
>>> +expr_elem = {'expr': expr}
>>> +enum_define = discriminator_find_enum_define(expr_elem)
>> 
>> expr_elem has no fp, line.  What if discriminator_find_enum_define
>> throws a QAPIExprError?
>> 
>   It shouldn't happen, since all error check happens in parse_schema().

Impossible errors often mean the abstractions aren't quite right.  But
this series is progress, and I don't want to delay it by demanding
perfection.  We can improve on it in tree if we want.

>> More of the same below.
[...]
>>> diff --git a/scripts/qapi.py b/scripts/qapi.py
>>> index 130dced..2a5eb59 100644
>>> --- a/scripts/qapi.py
>>> +++ b/scripts/qapi.py
>>> @@ -250,11 +250,22 @@ def parse_schema(fp):
>>>   add_enum(expr['enum'], expr['data'])
>>>   elif expr.has_key('union'):
>>>   add_union(expr)
>>> -add_enum('%sKind' % expr['union'])
>>>   elif expr.has_key('type'):
>>>   add_struct(expr)
>>>   exprs.append(expr)
>>>   
>>> +# Try again for hidden UnionKind enum
>>> +for expr_elem in schema.exprs:
>>> +expr = expr_elem['expr']
>>> +if expr.has_key('union'):
>>> +try:
>>> +enum_define = discriminator_find_enum_define(expr_elem)
>>> +except QAPIExprError, e:
>>> +print >>sys.stderr, e
>>> +exit(1)
>>> +if not enum_define:
>>> +add_enum('%sKind' % expr['union'])
>>> +
>>>   try:
>>>   check_exprs(schema)
>>>   except QAPIExprError, e:
>> 
>> I guess you move this into its own loop because when base types are used
>> before they're defined, or an enum type is used for a discriminator
>> before it's defined, then discriminator_find_enum_define() complains.
>> Correct?
>> 
>   Exactly, which allow enum define after usage in schema.

Do we want to (have to?) support "use before define" in schemas?  Eric,
what do you think?

If yes, we should add suitable tests.  Outside the scope of this series.

[Qemu-devel] [PATCH 02/51] virtio-bus: remove vdev field

[Michael Roth]

From: Paolo Bonzini 

The vdev field is complicated to synchronize.  Just access the
BusState's list of children.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 06d3dff0723c712a4b109ced4243edf49ef850af)

Signed-off-by: Michael Roth 
---
 hw/virtio/virtio-bus.c |   65 
 hw/virtio/virtio-mmio.c|9 +++---
 hw/virtio/virtio-pci.c |2 +-
 include/hw/virtio/virtio-bus.h |   16 +++---
 4 files changed, 57 insertions(+), 35 deletions(-)

diff --git a/hw/virtio/virtio-bus.c b/hw/virtio/virtio-bus.c
index e6b103c..17dd06e 100644
--- a/hw/virtio/virtio-bus.c
+++ b/hw/virtio/virtio-bus.c
@@ -46,8 +46,6 @@ int virtio_bus_plug_device(VirtIODevice *vdev)
 VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(bus);
 DPRINTF("%s: plug device.\n", qbus->name);
 
-bus->vdev = vdev;
-
 if (klass->device_plugged != NULL) {
 klass->device_plugged(qbus->parent);
 }
@@ -58,9 +56,11 @@ int virtio_bus_plug_device(VirtIODevice *vdev)
 /* Reset the virtio_bus */
 void virtio_bus_reset(VirtioBusState *bus)
 {
+VirtIODevice *vdev = virtio_bus_get_device(bus);
+
 DPRINTF("%s: reset device.\n", qbus->name);
-if (bus->vdev != NULL) {
-virtio_reset(bus->vdev);
+if (vdev != NULL) {
+virtio_reset(vdev);
 }
 }
 
@@ -69,62 +69,71 @@ void virtio_bus_destroy_device(VirtioBusState *bus)
 {
 BusState *qbus = BUS(bus);
 VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(bus);
+VirtIODevice *vdev = virtio_bus_get_device(bus);
+
 DPRINTF("%s: remove device.\n", qbus->name);
 
-if (bus->vdev != NULL) {
+if (vdev != NULL) {
 if (klass->device_unplug != NULL) {
 klass->device_unplug(qbus->parent);
 }
-object_unparent(OBJECT(bus->vdev));
-bus->vdev = NULL;
+object_unparent(OBJECT(vdev));
 }
 }
 
 /* Get the device id of the plugged device. */
 uint16_t virtio_bus_get_vdev_id(VirtioBusState *bus)
 {
-assert(bus->vdev != NULL);
-return bus->vdev->device_id;
+VirtIODevice *vdev = virtio_bus_get_device(bus);
+assert(vdev != NULL);
+return vdev->device_id;
 }
 
 /* Get the config_len field of the plugged device. */
 size_t virtio_bus_get_vdev_config_len(VirtioBusState *bus)
 {
-assert(bus->vdev != NULL);
-return bus->vdev->config_len;
+VirtIODevice *vdev = virtio_bus_get_device(bus);
+assert(vdev != NULL);
+return vdev->config_len;
 }
 
 /* Get the features of the plugged device. */
 uint32_t virtio_bus_get_vdev_features(VirtioBusState *bus,
 uint32_t requested_features)
 {
+VirtIODevice *vdev = virtio_bus_get_device(bus);
 VirtioDeviceClass *k;
-assert(bus->vdev != NULL);
-k = VIRTIO_DEVICE_GET_CLASS(bus->vdev);
+
+assert(vdev != NULL);
+k = VIRTIO_DEVICE_GET_CLASS(vdev);
 assert(k->get_features != NULL);
-return k->get_features(bus->vdev, requested_features);
+return k->get_features(vdev, requested_features);
 }
 
 /* Set the features of the plugged device. */
 void virtio_bus_set_vdev_features(VirtioBusState *bus,
   uint32_t requested_features)
 {
+VirtIODevice *vdev = virtio_bus_get_device(bus);
 VirtioDeviceClass *k;
-assert(bus->vdev != NULL);
-k = VIRTIO_DEVICE_GET_CLASS(bus->vdev);
+
+assert(vdev != NULL);
+k = VIRTIO_DEVICE_GET_CLASS(vdev);
 if (k->set_features != NULL) {
-k->set_features(bus->vdev, requested_features);
+k->set_features(vdev, requested_features);
 }
 }
 
 /* Get bad features of the plugged device. */
 uint32_t virtio_bus_get_vdev_bad_features(VirtioBusState *bus)
 {
+VirtIODevice *vdev = virtio_bus_get_device(bus);
 VirtioDeviceClass *k;
-assert(bus->vdev != NULL);
-k = VIRTIO_DEVICE_GET_CLASS(bus->vdev);
+
+assert(vdev != NULL);
+k = VIRTIO_DEVICE_GET_CLASS(vdev);
 if (k->bad_features != NULL) {
-return k->bad_features(bus->vdev);
+return k->bad_features(vdev);
 } else {
 return 0;
 }
@@ -133,22 +142,26 @@ uint32_t virtio_bus_get_vdev_bad_features(VirtioBusState 
*bus)
 /* Get config of the plugged device. */
 void virtio_bus_get_vdev_config(VirtioBusState *bus, uint8_t *config)
 {
+VirtIODevice *vdev = virtio_bus_get_device(bus);
 VirtioDeviceClass *k;
-assert(bus->vdev != NULL);
-k = VIRTIO_DEVICE_GET_CLASS(bus->vdev);
+
+assert(vdev != NULL);
+k = VIRTIO_DEVICE_GET_CLASS(vdev);
 if (k->get_config != NULL) {
-k->get_config(bus->vdev, config);
+k->get_config(vdev, config);
 }
 }
 
 /* Set config of the plugged device. */
 void virtio_bus_set_vdev_config(VirtioBusState *bus, uint8_t *config)
 {
+VirtIODevice *vdev = virtio_bus_get_device(bus);
 VirtioDeviceClass *k;
-assert(bus->vdev != NULL);
-k = VIRTIO_DEVICE_GET_CLASS(bus->vdev);
+
+assert(vdev !=

[Qemu-devel] [PATCH 01/51] virtio-ccw: move virtio_ccw_stop_ioeventfd to virtio_ccw_busdev_unplug

[Michael Roth]

From: Paolo Bonzini 

Similar to the PCI bug that prompted these patches, virtio-ccw will
segfault after the reworking of hotplug/hot-unplug.  Prepare for
this by moving virtio_ccw_stop_ioeventfd to before the freeing
of the proxy device.

A better place for this could be the device_unplugged callback
for the virtio-ccw bus.  However, we do not yet have a callback
that works: this patch avoids the problem while leaving the tree
bisectable.

Cc: qemu-sta...@nongnu.org
Reported-by: Cornelia Huck 
Suggested-by: Cornelia Huck 
Reviewed-by: Cornelia Huck 
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 0b81c1ef5c677c2a07be5f8bf0dfe2c62ef52115)

Signed-off-by: Michael Roth 
---
 hw/s390x/virtio-ccw.c |3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index f93a81c..e8b4547 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -631,7 +631,6 @@ static int virtio_ccw_exit(VirtioCcwDevice *dev)
 {
 SubchDev *sch = dev->sch;
 
-virtio_ccw_stop_ioeventfd(dev);
 if (sch) {
 css_subch_assign(sch->cssid, sch->ssid, sch->schid, sch->devno, NULL);
 g_free(sch);
@@ -1228,6 +1227,8 @@ static int virtio_ccw_busdev_unplug(DeviceState *dev)
 VirtioCcwDevice *_dev = (VirtioCcwDevice *)dev;
 SubchDev *sch = _dev->sch;
 
+virtio_ccw_stop_ioeventfd(_dev);
+
 /*
  * We should arrive here only for device_del, since we don't support
  * direct hot(un)plug of channels, but only through virtio.
-- 
1.7.9.5

[Qemu-devel] Patch Round-up for stable 1.7.1, freeze on 2013-02-27

[Michael Roth]

Hi everyone,

The following new patches are queued for QEMU stable v1.7.1:

https://github.com/mdroth/qemu/commits/stable-1.7-staging

The release is planned for 2014-03-03:

http://wiki.qemu.org/Planning/1.7

Please respond here or CC qemu-sta...@nongnu.org on any patches you
think should be included in the release. The cut-off date has
been extended to 2013-02-27 due to the round-up email going
out late.

Testing/feedback is greatly appreciated.

Thanks! 


Alex Williamson (1):
  vfio-pci: Release all MSI-X vectors when disabled

Alexander Graf (1):
  x86: only allow real mode to access 32bit without LMA

Aurelien Jarno (1):
  tcg/optimize: fix known-zero bits for right shift ops

Brad (1):
  Fix QEMU build on OpenBSD on x86 archs

Corey Bryant (1):
  seccomp: exit if seccomp_init() fails

Cornelia Huck (1):
  s390x/kvm: Fix diagnose handling.

Eric Farman (2):
  virtio-scsi: Cleanup of I/Os that never started
  virtio-scsi: Prevent assertion on missed events

Gerd Hoffmann (2):
  intel-hda: fix position buffer
  piix: fix 32bit pci hole

Huw Davies (1):
  tcg-arm: The shift count of op_rotl_i32 is in args[2] not args[1].

Laszlo Ersek (1):
  qemu_opts_parse(): always check return value

Luiz Capitulino (1):
  migration: qmp_migrate(): keep working after syntax error

Marcel Apfelbaum (2):
  memory.c: bugfix - ref counting mismatch in memory_region_find
  exec: separate sections and nodes per address space

Mark Cave-Ayland (1):
  Update OpenBIOS images

Markus Armbruster (1):
  qdev-monitor: Avoid device_add crashing on non-device driver name

Matthew Garrett (1):
  migration: Fix rate limit

Michael S. Tsirkin (4):
  exec: replace leaf with skip
  exec: pass hw address to phys_page_find
  pc: map PCI address space as catchall region for not mapped addresses
  hpet: fix build with CONFIG_HPET off

Paolo Bonzini (19):
  virtio-ccw: move virtio_ccw_stop_ioeventfd to virtio_ccw_busdev_unplug
  virtio-bus: remove vdev field
  virtio-ccw: remove vdev field
  virtio-pci: remove vdev field
  virtio-bus: cleanup plug/unplug interface
  virtio-blk: switch exit callback to VirtioDeviceClass
  virtio-serial: switch exit callback to VirtioDeviceClass
  virtio-net: switch exit callback to VirtioDeviceClass
  virtio-scsi: switch exit callback to VirtioDeviceClass
  virtio-balloon: switch exit callback to VirtioDeviceClass
  virtio-rng: switch exit callback to VirtioDeviceClass
  virtio-pci: add device_unplugged callback
  scsi-bus: fix transfer length and direction for VERIFY command
  scsi-disk: fix VERIFY emulation
  vl: add missing transition debug->finish_migrate
  split definitions for exec.c and translate-all.c radix trees
  scsi: Support TEST UNIT READY in the dummy LUN0
  scsi: Assign cancel_io vector for scsi_disk_emulate_ops
  memory: fix limiting of translation at a page boundary

Petar Jovanovic (3):
  target-mips: fix 64-bit FPU config for user-mode emulation
  linux-user: pass correct parameter to do_shmctl()
  linux-user: create target_structs header to place ipc_perm and shmid_ds

Peter Crosthwaite (1):
  qom: Split out object and class caches

Peter Lieven (1):
  block/iscsi: use a bh to schedule co reentrance

Peter Maydell (1):
  block/curl: Implement the libcurl timer callback interface

Stefan Weil (3):
  mainstone: Fix duplicate array values for key 'space'
  i386: Add missing include file for QEMU_PACKED
  linux-user: Fix trampoline code for CRIS

thomas knych (1):
  KVM: Retry KVM_CREATE_VM on EINTR

 block/curl.c   |   81 +--
 block/iscsi.c  |   11 +-
 configure  |7 +
 exec.c |  230 
 hw/arm/mainstone.c |   13 +-
 hw/audio/intel-hda.c   |1 +
 hw/block/virtio-blk.c  |   10 +-
 hw/char/virtio-serial-bus.c|   10 +-
 hw/i386/bios-linker-loader.c   |3 +-
 hw/i386/pc.c   |   20 +--
 hw/i386/pc_piix.c  |1 -
 hw/misc/vfio.c |   12 ++
 hw/net/virtio-net.c|   11 +-
 hw/pci-host/piix.c |   37 +
 hw/pci-host/q35.c  |   27 +---
 hw/s390x/virtio-ccw.c  |   83 +++-
 hw/s390x/virtio-ccw.h  |1 -
 hw/scsi/scsi-bus.c |   16 ++-
 hw/scsi/scsi-disk.c|   27 +++-
 hw/scsi/vhost-scsi.c   |   11 +-
 hw/scsi/virtio-scsi.c  |   21 +--
 hw/timer/hpet.c|6 -
 hw/virtio/virtio-balloon.c |   10 +-
 hw/virtio/virtio-bus.c |   80 ++-
 hw/virtio/virtio-mmio.c|9 +-
 hw/v

[Qemu-devel] [PATCH 05/51] virtio-bus: cleanup plug/unplug interface

[Michael Roth]

From: Paolo Bonzini 

Right now we have these pairs:

- virtio_bus_plug_device/virtio_bus_destroy_device.  The first
  takes a VirtIODevice, the second takes a VirtioBusState

- device_plugged/device_unplug callbacks in the VirtioBusClass
  (here it's just the naming that is inconsistent)

- virtio_bus_destroy_device is not called by anyone (and since
  it calls qdev_free, it would be called by the proxies---but
  then the callback is useless since the proxies can do whatever
  they want before calling virtio_bus_destroy_device)

And there is a k->init but no k->exit, hence virtio_device_exit is
overwritten by subclasses (except virtio-9p).  This cleans it up by:

- renaming the device_unplug callback to device_unplugged

- renaming virtio_bus_plug_device to virtio_bus_device_plugged,
  matching the callback name

- renaming virtio_bus_destroy_device to virtio_bus_device_unplugged,
  removing the qdev_free, making it take a VirtIODevice and calling it
  from virtio_device_exit

- adding a k->exit callback

virtio_device_exit is still overwritten, the next patches will fix that.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 5e96f5d2f8d2696ef7d2d8d7282c18fa6023470b)

Signed-off-by: Michael Roth 
---
 hw/virtio/virtio-bus.c |   19 +--
 hw/virtio/virtio.c |7 ++-
 include/hw/virtio/virtio-bus.h |6 +++---
 include/hw/virtio/virtio.h |1 +
 4 files changed, 19 insertions(+), 14 deletions(-)

diff --git a/hw/virtio/virtio-bus.c b/hw/virtio/virtio-bus.c
index 17dd06e..eb77019 100644
--- a/hw/virtio/virtio-bus.c
+++ b/hw/virtio/virtio-bus.c
@@ -37,8 +37,8 @@ do { printf("virtio_bus: " fmt , ## __VA_ARGS__); } while (0)
 #define DPRINTF(fmt, ...) do { } while (0)
 #endif
 
-/* Plug the VirtIODevice */
-int virtio_bus_plug_device(VirtIODevice *vdev)
+/* A VirtIODevice is being plugged */
+int virtio_bus_device_plugged(VirtIODevice *vdev)
 {
 DeviceState *qdev = DEVICE(vdev);
 BusState *qbus = BUS(qdev_get_parent_bus(qdev));
@@ -64,20 +64,19 @@ void virtio_bus_reset(VirtioBusState *bus)
 }
 }
 
-/* Destroy the VirtIODevice */
-void virtio_bus_destroy_device(VirtioBusState *bus)
+/* A VirtIODevice is being unplugged */
+void virtio_bus_device_unplugged(VirtIODevice *vdev)
 {
-BusState *qbus = BUS(bus);
-VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(bus);
-VirtIODevice *vdev = virtio_bus_get_device(bus);
+DeviceState *qdev = DEVICE(vdev);
+BusState *qbus = BUS(qdev_get_parent_bus(qdev));
+VirtioBusClass *klass = VIRTIO_BUS_GET_CLASS(qbus);
 
 DPRINTF("%s: remove device.\n", qbus->name);
 
 if (vdev != NULL) {
-if (klass->device_unplug != NULL) {
-klass->device_unplug(qbus->parent);
+if (klass->device_unplugged != NULL) {
+klass->device_unplugged(qbus->parent);
 }
-object_unparent(OBJECT(vdev));
 }
 }
 
diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 2f1e73b..965b2c0 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -1158,14 +1158,19 @@ static int virtio_device_init(DeviceState *qdev)
 if (k->init(vdev) < 0) {
 return -1;
 }
-virtio_bus_plug_device(vdev);
+virtio_bus_device_plugged(vdev);
 return 0;
 }
 
 static int virtio_device_exit(DeviceState *qdev)
 {
 VirtIODevice *vdev = VIRTIO_DEVICE(qdev);
+VirtioDeviceClass *k = VIRTIO_DEVICE_GET_CLASS(qdev);
 
+virtio_bus_device_unplugged(vdev);
+if (k->exit) {
+k->exit(vdev);
+}
 if (vdev->bus_name) {
 g_free(vdev->bus_name);
 vdev->bus_name = NULL;
diff --git a/include/hw/virtio/virtio-bus.h b/include/hw/virtio/virtio-bus.h
index ba0f86a..0756545 100644
--- a/include/hw/virtio/virtio-bus.h
+++ b/include/hw/virtio/virtio-bus.h
@@ -61,7 +61,7 @@ typedef struct VirtioBusClass {
  * transport independent exit function.
  * This is called by virtio-bus just before the device is unplugged.
  */
-void (*device_unplug)(DeviceState *d);
+void (*device_unplugged)(DeviceState *d);
 /*
  * Does the transport have variable vring alignment?
  * (ie can it ever call virtio_queue_set_align()?)
@@ -74,9 +74,9 @@ struct VirtioBusState {
 BusState parent_obj;
 };
 
-int virtio_bus_plug_device(VirtIODevice *vdev);
+int virtio_bus_device_plugged(VirtIODevice *vdev);
 void virtio_bus_reset(VirtioBusState *bus);
-void virtio_bus_destroy_device(VirtioBusState *bus);
+void virtio_bus_device_unplugged(VirtIODevice *bus);
 /* Get the device id of the plugged device. */
 uint16_t virtio_bus_get_vdev_id(VirtioBusState *bus);
 /* Get the config_len field of the plugged device. */
diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
index a90522d..59756c2 100644
--- a/include/hw/virtio/virtio.h
+++ b/include/hw/virtio/virtio.h
@@ -127,6 +127,7 @@ typedef struct VirtioDeviceClass {
 /* This is what a VirtioDevice must implement */
 D

[Qemu-devel] [PATCH 08/51] virtio-net: switch exit callback to VirtioDeviceClass

[Michael Roth]

From: Paolo Bonzini 

This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 3786cff5eb384d058395a2729af627fa3253d056)

Signed-off-by: Michael Roth 
---
 hw/net/virtio-net.c |   11 ---
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index b75c753..93a81eb 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -1570,16 +1570,15 @@ static int virtio_net_device_init(VirtIODevice *vdev)
 return 0;
 }
 
-static int virtio_net_device_exit(DeviceState *qdev)
+static void virtio_net_device_exit(VirtIODevice *vdev)
 {
-VirtIONet *n = VIRTIO_NET(qdev);
-VirtIODevice *vdev = VIRTIO_DEVICE(qdev);
+VirtIONet *n = VIRTIO_NET(vdev);
 int i;
 
 /* This will stop vhost backend if appropriate. */
 virtio_net_set_status(vdev, 0);
 
-unregister_savevm(qdev, "virtio-net", n);
+unregister_savevm(DEVICE(vdev), "virtio-net", n);
 
 if (n->netclient_name) {
 g_free(n->netclient_name);
@@ -1610,8 +1609,6 @@ static int virtio_net_device_exit(DeviceState *qdev)
 g_free(n->vqs);
 qemu_del_nic(n->nic);
 virtio_cleanup(vdev);
-
-return 0;
 }
 
 static void virtio_net_instance_init(Object *obj)
@@ -1638,10 +1635,10 @@ static void virtio_net_class_init(ObjectClass *klass, 
void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
-dc->exit = virtio_net_device_exit;
 dc->props = virtio_net_properties;
 set_bit(DEVICE_CATEGORY_NETWORK, dc->categories);
 vdc->init = virtio_net_device_init;
+vdc->exit = virtio_net_device_exit;
 vdc->get_config = virtio_net_get_config;
 vdc->set_config = virtio_net_set_config;
 vdc->get_features = virtio_net_get_features;
-- 
1.7.9.5

[Qemu-devel] [PATCH 03/51] virtio-ccw: remove vdev field

[Michael Roth]

From: Paolo Bonzini 

The vdev field is complicated to synchronize.  Just access the
BusState's list of children.

Cc: qemu-sta...@nongnu.org
Reviewed-by: Cornelia Huck 
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit f24a684073bcdaf4e9d3c592345744ba3356d9e3)

Signed-off-by: Michael Roth 
---
 hw/s390x/virtio-ccw.c |   80 +++--
 hw/s390x/virtio-ccw.h |1 -
 2 files changed, 44 insertions(+), 37 deletions(-)

diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index e8b4547..ecc80ec 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -57,9 +57,10 @@ static const TypeInfo virtual_css_bus_info = {
 VirtIODevice *virtio_ccw_get_vdev(SubchDev *sch)
 {
 VirtIODevice *vdev = NULL;
+VirtioCcwDevice *dev = sch->driver_data;
 
-if (sch->driver_data) {
-vdev = ((VirtioCcwDevice *)sch->driver_data)->vdev;
+if (dev) {
+vdev = virtio_bus_get_device(&dev->bus);
 }
 return vdev;
 }
@@ -67,7 +68,8 @@ VirtIODevice *virtio_ccw_get_vdev(SubchDev *sch)
 static int virtio_ccw_set_guest2host_notifier(VirtioCcwDevice *dev, int n,
   bool assign, bool set_handler)
 {
-VirtQueue *vq = virtio_get_queue(dev->vdev, n);
+VirtIODevice *vdev = virtio_bus_get_device(&dev->bus);
+VirtQueue *vq = virtio_get_queue(vdev, n);
 EventNotifier *notifier = virtio_queue_get_host_notifier(vq);
 int r = 0;
 SubchDev *sch = dev->sch;
@@ -97,6 +99,7 @@ static int virtio_ccw_set_guest2host_notifier(VirtioCcwDevice 
*dev, int n,
 
 static void virtio_ccw_start_ioeventfd(VirtioCcwDevice *dev)
 {
+VirtIODevice *vdev;
 int n, r;
 
 if (!(dev->flags & VIRTIO_CCW_FLAG_USE_IOEVENTFD) ||
@@ -104,8 +107,9 @@ static void virtio_ccw_start_ioeventfd(VirtioCcwDevice *dev)
 dev->ioeventfd_started) {
 return;
 }
+vdev = virtio_bus_get_device(&dev->bus);
 for (n = 0; n < VIRTIO_PCI_QUEUE_MAX; n++) {
-if (!virtio_queue_get_num(dev->vdev, n)) {
+if (!virtio_queue_get_num(vdev, n)) {
 continue;
 }
 r = virtio_ccw_set_guest2host_notifier(dev, n, true, true);
@@ -118,7 +122,7 @@ static void virtio_ccw_start_ioeventfd(VirtioCcwDevice *dev)
 
   assign_error:
 while (--n >= 0) {
-if (!virtio_queue_get_num(dev->vdev, n)) {
+if (!virtio_queue_get_num(vdev, n)) {
 continue;
 }
 r = virtio_ccw_set_guest2host_notifier(dev, n, false, false);
@@ -132,13 +136,15 @@ static void virtio_ccw_start_ioeventfd(VirtioCcwDevice 
*dev)
 
 static void virtio_ccw_stop_ioeventfd(VirtioCcwDevice *dev)
 {
+VirtIODevice *vdev;
 int n, r;
 
 if (!dev->ioeventfd_started) {
 return;
 }
+vdev = virtio_bus_get_device(&dev->bus);
 for (n = 0; n < VIRTIO_PCI_QUEUE_MAX; n++) {
-if (!virtio_queue_get_num(dev->vdev, n)) {
+if (!virtio_queue_get_num(vdev, n)) {
 continue;
 }
 r = virtio_ccw_set_guest2host_notifier(dev, n, false, false);
@@ -189,7 +195,7 @@ typedef struct VirtioFeatDesc {
 static int virtio_ccw_set_vqs(SubchDev *sch, uint64_t addr, uint32_t align,
   uint16_t index, uint16_t num)
 {
-VirtioCcwDevice *dev = sch->driver_data;
+VirtIODevice *vdev = virtio_ccw_get_vdev(sch);
 
 if (index > VIRTIO_PCI_QUEUE_MAX) {
 return -EINVAL;
@@ -200,23 +206,23 @@ static int virtio_ccw_set_vqs(SubchDev *sch, uint64_t 
addr, uint32_t align,
 return -EINVAL;
 }
 
-if (!dev) {
+if (!vdev) {
 return -EINVAL;
 }
 
-virtio_queue_set_addr(dev->vdev, index, addr);
+virtio_queue_set_addr(vdev, index, addr);
 if (!addr) {
-virtio_queue_set_vector(dev->vdev, index, 0);
+virtio_queue_set_vector(vdev, index, 0);
 } else {
 /* Fail if we don't have a big enough queue. */
 /* TODO: Add interface to handle vring.num changing */
-if (virtio_queue_get_num(dev->vdev, index) > num) {
+if (virtio_queue_get_num(vdev, index) > num) {
 return -EINVAL;
 }
-virtio_queue_set_vector(dev->vdev, index, index);
+virtio_queue_set_vector(vdev, index, index);
 }
 /* tell notify handler in case of config change */
-dev->vdev->config_vector = VIRTIO_PCI_QUEUE_MAX;
+vdev->config_vector = VIRTIO_PCI_QUEUE_MAX;
 return 0;
 }
 
@@ -230,6 +236,7 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw)
 hwaddr indicators;
 VqConfigBlock vq_config;
 VirtioCcwDevice *dev = sch->driver_data;
+VirtIODevice *vdev = virtio_ccw_get_vdev(sch);
 bool check_len;
 int len;
 hwaddr hw_len;
@@ -272,7 +279,7 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw)
 break;
 case CCW_CMD_VDEV_RESET:
 virtio_ccw_stop_ioeventfd(dev);
-virtio_reset(dev->vdev);
+virtio_reset(vdev);
 ret = 0;
 

[Qemu-devel] [PATCH 07/51] virtio-serial: switch exit callback to VirtioDeviceClass

[Michael Roth]

From: Paolo Bonzini 

This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 0e86c13fe2058adb8c792ebb7c51a6a7ca9d3d55)

Signed-off-by: Michael Roth 
---
 hw/char/virtio-serial-bus.c |   10 --
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/hw/char/virtio-serial-bus.c b/hw/char/virtio-serial-bus.c
index 703f026..a7ede90 100644
--- a/hw/char/virtio-serial-bus.c
+++ b/hw/char/virtio-serial-bus.c
@@ -987,12 +987,11 @@ static const TypeInfo virtio_serial_port_type_info = {
 .class_init = virtio_serial_port_class_init,
 };
 
-static int virtio_serial_device_exit(DeviceState *dev)
+static void virtio_serial_device_exit(VirtIODevice *vdev)
 {
-VirtIOSerial *vser = VIRTIO_SERIAL(dev);
-VirtIODevice *vdev = VIRTIO_DEVICE(dev);
+VirtIOSerial *vser = VIRTIO_SERIAL(vdev);
 
-unregister_savevm(dev, "virtio-console", vser);
+unregister_savevm(DEVICE(vdev), "virtio-console", vser);
 
 g_free(vser->ivqs);
 g_free(vser->ovqs);
@@ -1004,7 +1003,6 @@ static int virtio_serial_device_exit(DeviceState *dev)
 g_free(vser->post_load);
 }
 virtio_cleanup(vdev);
-return 0;
 }
 
 static Property virtio_serial_properties[] = {
@@ -1016,10 +1014,10 @@ static void virtio_serial_class_init(ObjectClass 
*klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
-dc->exit = virtio_serial_device_exit;
 dc->props = virtio_serial_properties;
 set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
 vdc->init = virtio_serial_device_init;
+vdc->exit = virtio_serial_device_exit;
 vdc->get_features = get_features;
 vdc->get_config = get_config;
 vdc->set_config = set_config;
-- 
1.7.9.5

[Qemu-devel] [PATCH 13/51] scsi-bus: fix transfer length and direction for VERIFY command

[Michael Roth]

From: Paolo Bonzini 

The amount of bytes to transfer depends on the BYTCHK field.
If any data is transferred, it is sent to the device.

Cc: qemu-sta...@nongnu.org
Tested-by: Hervé Poussineau 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit d12ad44cc4cc9142179e64295608611f118b8ad8)

Signed-off-by: Michael Roth 
---
 hw/scsi/scsi-bus.c |   14 +-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
index ea916d1..2d6ce4d 100644
--- a/hw/scsi/scsi-bus.c
+++ b/hw/scsi/scsi-bus.c
@@ -886,7 +886,6 @@ static int scsi_req_length(SCSICommand *cmd, SCSIDevice 
*dev, uint8_t *buf)
 case RELEASE:
 case ERASE:
 case ALLOW_MEDIUM_REMOVAL:
-case VERIFY_10:
 case SEEK_10:
 case SYNCHRONIZE_CACHE:
 case SYNCHRONIZE_CACHE_16:
@@ -903,6 +902,16 @@ static int scsi_req_length(SCSICommand *cmd, SCSIDevice 
*dev, uint8_t *buf)
 case ALLOW_OVERWRITE:
 cmd->xfer = 0;
 break;
+case VERIFY_10:
+case VERIFY_12:
+case VERIFY_16:
+if ((buf[1] & 2) == 0) {
+cmd->xfer = 0;
+} else if ((buf[1] & 4) == 1) {
+cmd->xfer = 1;
+}
+cmd->xfer *= dev->blocksize;
+break;
 case MODE_SENSE:
 break;
 case WRITE_SAME_10:
@@ -1100,6 +1109,9 @@ static void scsi_cmd_xfer_mode(SCSICommand *cmd)
 case WRITE_VERIFY_12:
 case WRITE_16:
 case WRITE_VERIFY_16:
+case VERIFY_10:
+case VERIFY_12:
+case VERIFY_16:
 case COPY:
 case COPY_VERIFY:
 case COMPARE:
-- 
1.7.9.5

[Qemu-devel] [PATCH 15/51] intel-hda: fix position buffer

[Michael Roth]

From: Gerd Hoffmann 

Fix position buffer updates to use the correct stream offset.

Without this patch both IN (record) and OUT (playback) streams
will update the IN buffer positions.  The linux kernel notices
and complains:
  hda-intel: Invalid position buffer, using LPIB read method instead.

The bug may also lead to glitches when recording and playing
at the same time:
  https://bugzilla.redhat.com/show_bug.cgi?id=947785

Cc: qemu-sta...@nongnu.org
Signed-off-by: Gerd Hoffmann 
(cherry picked from commit d58ce68a454e5ae9cbde0308def379e272f13b10)

Signed-off-by: Michael Roth 
---
 hw/audio/intel-hda.c |1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/audio/intel-hda.c b/hw/audio/intel-hda.c
index 4327264..6ab8c24 100644
--- a/hw/audio/intel-hda.c
+++ b/hw/audio/intel-hda.c
@@ -444,6 +444,7 @@ static bool intel_hda_xfer(HDACodecDevice *dev, uint32_t 
stnr, bool output,
 }
 }
 if (d->dp_lbase & 0x01) {
+s = st - d->st;
 addr = intel_hda_addr(d->dp_lbase & ~0x01, d->dp_ubase);
 stl_le_pci_dma(&d->pci, addr + 8*s, st->lpib);
 }
-- 
1.7.9.5

[Qemu-devel] [PATCH 12/51] virtio-pci: add device_unplugged callback

[Michael Roth]

From: Paolo Bonzini 

This fixes a crash in hot-unplug of virtio-pci devices behind a PCIe
switch.  The crash happens because the ioeventfd is still set whent the
child is destroyed (destruction happens in postorder).  Then the proxy
tries to unset to ioeventfd, but the virtqueue structure that holds the
EventNotifier has been trashed in the meanwhile.  kvm_set_ioeventfd_pio
does not expect failure and aborts.

The fix is simply to move parts of uninitialization to a new
device_unplugged callback, which is called before the child is destroyed.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 06a1307379fcd6c551185ad87679cd7ed896b9ea)

Signed-off-by: Michael Roth 
---
 hw/virtio/virtio-pci.c |   12 ++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 15b92e9..30c9f2b 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1002,6 +1002,15 @@ static void virtio_pci_device_plugged(DeviceState *d)
   proxy->host_features);
 }
 
+static void virtio_pci_device_unplugged(DeviceState *d)
+{
+PCIDevice *pci_dev = PCI_DEVICE(d);
+VirtIOPCIProxy *proxy = VIRTIO_PCI(d);
+
+virtio_pci_stop_ioeventfd(proxy);
+msix_uninit_exclusive_bar(pci_dev);
+}
+
 static int virtio_pci_init(PCIDevice *pci_dev)
 {
 VirtIOPCIProxy *dev = VIRTIO_PCI(pci_dev);
@@ -1016,9 +1025,7 @@ static int virtio_pci_init(PCIDevice *pci_dev)
 static void virtio_pci_exit(PCIDevice *pci_dev)
 {
 VirtIOPCIProxy *proxy = VIRTIO_PCI(pci_dev);
-virtio_pci_stop_ioeventfd(proxy);
 memory_region_destroy(&proxy->bar);
-msix_uninit_exclusive_bar(pci_dev);
 }
 
 static void virtio_pci_reset(DeviceState *qdev)
@@ -1553,6 +1560,7 @@ static void virtio_pci_bus_class_init(ObjectClass *klass, 
void *data)
 k->set_guest_notifiers = virtio_pci_set_guest_notifiers;
 k->vmstate_change = virtio_pci_vmstate_change;
 k->device_plugged = virtio_pci_device_plugged;
+k->device_unplugged = virtio_pci_device_unplugged;
 }
 
 static const TypeInfo virtio_pci_bus_info = {
-- 
1.7.9.5

[Qemu-devel] [PATCH 10/51] virtio-balloon: switch exit callback to VirtioDeviceClass

[Michael Roth]

From: Paolo Bonzini 

This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit baa61b9870dd7e0bb07e0ae61c6ec805db13f699)

Signed-off-by: Michael Roth 
---
 hw/virtio/virtio-balloon.c |   10 --
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c
index 9504877..d7a392d 100644
--- a/hw/virtio/virtio-balloon.c
+++ b/hw/virtio/virtio-balloon.c
@@ -370,16 +370,14 @@ static int virtio_balloon_device_init(VirtIODevice *vdev)
 return 0;
 }
 
-static int virtio_balloon_device_exit(DeviceState *qdev)
+static void virtio_balloon_device_exit(VirtIODevice *vdev)
 {
-VirtIOBalloon *s = VIRTIO_BALLOON(qdev);
-VirtIODevice *vdev = VIRTIO_DEVICE(qdev);
+VirtIOBalloon *s = VIRTIO_BALLOON(vdev);
 
 balloon_stats_destroy_timer(s);
 qemu_remove_balloon_handler(s);
-unregister_savevm(qdev, "virtio-balloon", s);
+unregister_savevm(DEVICE(vdev), "virtio-balloon", s);
 virtio_cleanup(vdev);
-return 0;
 }
 
 static Property virtio_balloon_properties[] = {
@@ -390,10 +388,10 @@ static void virtio_balloon_class_init(ObjectClass *klass, 
void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
-dc->exit = virtio_balloon_device_exit;
 dc->props = virtio_balloon_properties;
 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
 vdc->init = virtio_balloon_device_init;
+vdc->exit = virtio_balloon_device_exit;
 vdc->get_config = virtio_balloon_get_config;
 vdc->set_config = virtio_balloon_set_config;
 vdc->get_features = virtio_balloon_get_features;
-- 
1.7.9.5

[Qemu-devel] [PATCH 09/51] virtio-scsi: switch exit callback to VirtioDeviceClass

[Michael Roth]

From: Paolo Bonzini 

This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit e3c9d76acc984218264bbc6435b0c09f959ed9b8)

Signed-off-by: Michael Roth 
---
 hw/scsi/vhost-scsi.c|   11 +--
 hw/scsi/virtio-scsi.c   |   15 +++
 include/hw/virtio/virtio-scsi.h |2 +-
 3 files changed, 13 insertions(+), 15 deletions(-)

diff --git a/hw/scsi/vhost-scsi.c b/hw/scsi/vhost-scsi.c
index 9e770fb..5e3cc61 100644
--- a/hw/scsi/vhost-scsi.c
+++ b/hw/scsi/vhost-scsi.c
@@ -240,11 +240,10 @@ static int vhost_scsi_init(VirtIODevice *vdev)
 return 0;
 }
 
-static int vhost_scsi_exit(DeviceState *qdev)
+static void vhost_scsi_exit(VirtIODevice *vdev)
 {
-VirtIODevice *vdev = VIRTIO_DEVICE(qdev);
-VHostSCSI *s = VHOST_SCSI(qdev);
-VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(qdev);
+VHostSCSI *s = VHOST_SCSI(vdev);
+VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(vdev);
 
 migrate_del_blocker(s->migration_blocker);
 error_free(s->migration_blocker);
@@ -253,7 +252,7 @@ static int vhost_scsi_exit(DeviceState *qdev)
 vhost_scsi_set_status(vdev, 0);
 
 g_free(s->dev.vqs);
-return virtio_scsi_common_exit(vs);
+virtio_scsi_common_exit(vs);
 }
 
 static Property vhost_scsi_properties[] = {
@@ -265,10 +264,10 @@ static void vhost_scsi_class_init(ObjectClass *klass, 
void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
-dc->exit = vhost_scsi_exit;
 dc->props = vhost_scsi_properties;
 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
 vdc->init = vhost_scsi_init;
+vdc->exit = vhost_scsi_exit;
 vdc->get_features = vhost_scsi_get_features;
 vdc->set_config = vhost_scsi_set_config;
 vdc->set_status = vhost_scsi_set_status;
diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
index 26d95a1..83344ea 100644
--- a/hw/scsi/virtio-scsi.c
+++ b/hw/scsi/virtio-scsi.c
@@ -644,22 +644,21 @@ static int virtio_scsi_device_init(VirtIODevice *vdev)
 return 0;
 }
 
-int virtio_scsi_common_exit(VirtIOSCSICommon *vs)
+void virtio_scsi_common_exit(VirtIOSCSICommon *vs)
 {
 VirtIODevice *vdev = VIRTIO_DEVICE(vs);
 
 g_free(vs->cmd_vqs);
 virtio_cleanup(vdev);
-return 0;
 }
 
-static int virtio_scsi_device_exit(DeviceState *qdev)
+static void virtio_scsi_device_exit(VirtIODevice *vdev)
 {
-VirtIOSCSI *s = VIRTIO_SCSI(qdev);
-VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(qdev);
+VirtIOSCSI *s = VIRTIO_SCSI(vdev);
+VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(vdev);
 
-unregister_savevm(qdev, "virtio-scsi", s);
-return virtio_scsi_common_exit(vs);
+unregister_savevm(DEVICE(vdev), "virtio-scsi", s);
+virtio_scsi_common_exit(vs);
 }
 
 static Property virtio_scsi_properties[] = {
@@ -680,10 +679,10 @@ static void virtio_scsi_class_init(ObjectClass *klass, 
void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
-dc->exit = virtio_scsi_device_exit;
 dc->props = virtio_scsi_properties;
 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
 vdc->init = virtio_scsi_device_init;
+vdc->exit = virtio_scsi_device_exit;
 vdc->set_config = virtio_scsi_set_config;
 vdc->get_features = virtio_scsi_get_features;
 vdc->reset = virtio_scsi_reset;
diff --git a/include/hw/virtio/virtio-scsi.h b/include/hw/virtio/virtio-scsi.h
index 9a98540..206c61d 100644
--- a/include/hw/virtio/virtio-scsi.h
+++ b/include/hw/virtio/virtio-scsi.h
@@ -187,6 +187,6 @@ typedef struct {
 VIRTIO_SCSI_F_CHANGE, true)
 
 int virtio_scsi_common_init(VirtIOSCSICommon *vs);
-int virtio_scsi_common_exit(VirtIOSCSICommon *vs);
+void virtio_scsi_common_exit(VirtIOSCSICommon *vs);
 
 #endif /* _QEMU_VIRTIO_SCSI_H */
-- 
1.7.9.5

[Qemu-devel] [PATCH 18/51] migration: Fix rate limit

[Michael Roth]

From: Matthew Garrett 

The migration thread appears to want to allow writeout to occur at full
speed rather than being rate limited during completion of state saving,
but sets the limit to INT_MAX when xfer_limit is INT64_MAX. This causes
problems if there's more than 2GB of state left to save at this point. It
probably ought to just be INT64_MAX instead.

Signed-off-by: Matthew Garrett 
Reviewed-by: Paolo Bonzini 
Signed-off-by: Juan Quintela 
(cherry picked from commit 40596834c0d57a223124a956ccbe39dfeadc9f0e)

Signed-off-by: Michael Roth 
---
 migration.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/migration.c b/migration.c
index 2b1ab20..ff00bfb 100644
--- a/migration.c
+++ b/migration.c
@@ -583,7 +583,7 @@ static void *migration_thread(void *opaque)
 
 ret = vm_stop_force_state(RUN_STATE_FINISH_MIGRATE);
 if (ret >= 0) {
-qemu_file_set_rate_limit(s->file, INT_MAX);
+qemu_file_set_rate_limit(s->file, INT64_MAX);
 qemu_savevm_state_complete(s->file);
 }
 qemu_mutex_unlock_iothread();
-- 
1.7.9.5

[Qemu-devel] [PATCH 19/51] vl: add missing transition debug->finish_migrate

[Michael Roth]

From: Paolo Bonzini 

This fixes an abort if you invoke the "migrate" command while the
guest is being debugged.

Cc: qemu-sta...@nongnu.org
Cc: lcapitul...@redhat.com
Signed-off-by: Paolo Bonzini 
Signed-off-by: Luiz Capitulino 
(cherry picked from commit eca01d3a93be4041ac5858ef7676e60352e9c2ed)

Signed-off-by: Michael Roth 
---
 vl.c |1 +
 1 file changed, 1 insertion(+)

diff --git a/vl.c b/vl.c
index 8d5d874..31e3411 100644
--- a/vl.c
+++ b/vl.c
@@ -589,6 +589,7 @@ typedef struct {
 static const RunStateTransition runstate_transitions_def[] = {
 /* from  -> to  */
 { RUN_STATE_DEBUG, RUN_STATE_RUNNING },
+{ RUN_STATE_DEBUG, RUN_STATE_FINISH_MIGRATE },
 
 { RUN_STATE_INMIGRATE, RUN_STATE_RUNNING },
 { RUN_STATE_INMIGRATE, RUN_STATE_PAUSED },
-- 
1.7.9.5

[Qemu-devel] [PATCH 21/51] qdev-monitor: Avoid device_add crashing on non-device driver name

[Michael Roth]

From: Markus Armbruster 

Watch this:

$ upstream-qemu -nodefaults -S -display none -monitor stdio
QEMU 1.7.50 monitor - type 'help' for more information
(qemu) device_add rng-egd
/work/armbru/qemu/qdev-monitor.c:491:qdev_device_add: Object 0x2089b00 is 
not an instance of type device
Aborted (core dumped)

Crashes because "rng-egd" exists, but isn't a subtype of TYPE_DEVICE.
Broken in commit 18b6dad.

Cc: qemu-sta...@nongnu.org
Signed-off-by: Markus Armbruster 
Signed-off-by: Andreas Färber 
(cherry picked from commit 061e84f7a469ad1f94f3b5f6a5361b346ab990e8)

Signed-off-by: Michael Roth 
---
 qdev-monitor.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qdev-monitor.c b/qdev-monitor.c
index dc37a43..90a0cea 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -477,7 +477,7 @@ DeviceState *qdev_device_add(QemuOpts *opts)
 }
 }
 
-if (!oc) {
+if (!object_class_dynamic_cast(oc, TYPE_DEVICE)) {
 qerror_report(QERR_INVALID_PARAMETER_VALUE, "driver", "device type");
 return NULL;
 }
-- 
1.7.9.5

[Qemu-devel] [PATCH 17/51] qom: Split out object and class caches

[Michael Roth]

From: Peter Crosthwaite 

The object-cast and class-cast caches cannot be shared because class
caching is conditional on the target type not being an interface and
object caching is unconditional. Leads to a bug when a class cast
to an interface follows an object cast to the same interface type:

FooObject = FOO(obj);
FooClass = FOO_GET_CLASS(obj);

Where TYPE_FOO is an interface. The first (object) cast will be
successful and cache the casting result (i.e. TYPE_FOO will be cached).
The second (class) cast will then check the shared cast cache
and register a hit. The issue is, when a class cast hits in the cache
it just returns a pointer cast of the input class (i.e. the concrete
class).

When casting to an interface, the cast itself must return the
interface class, not the concrete class. The implementation of class
cast caching already ensures that the returned cast result is only
a pointer cast before caching. The object cast logic however does
not have this check.

Resolve by just splitting the object and class caches.

Cc: qemu-sta...@nongnu.org
Signed-off-by: Peter Crosthwaite 
Reviewed-by: Paolo Bonzini 
Tested-by: Nathan Rossi 
Reviewed-by: Edgar E. Iglesias 
Signed-off-by: Andreas Färber 
(cherry picked from commit 0ab4c94c844cb3953adedbd27adc378b3cf31d9e)

Signed-off-by: Michael Roth 
---
 include/qom/object.h |3 ++-
 qom/object.c |   13 +++--
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/include/qom/object.h b/include/qom/object.h
index a275db2..5f78847 100644
--- a/include/qom/object.h
+++ b/include/qom/object.h
@@ -358,7 +358,8 @@ struct ObjectClass
 Type type;
 GSList *interfaces;
 
-const char *cast_cache[OBJECT_CLASS_CAST_CACHE];
+const char *object_cast_cache[OBJECT_CLASS_CAST_CACHE];
+const char *class_cast_cache[OBJECT_CLASS_CAST_CACHE];
 
 ObjectUnparent *unparent;
 };
diff --git a/qom/object.c b/qom/object.c
index fc19cf6..21b5a0b 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -458,7 +458,7 @@ Object *object_dynamic_cast_assert(Object *obj, const char 
*typename,
 Object *inst;
 
 for (i = 0; obj && i < OBJECT_CLASS_CAST_CACHE; i++) {
-if (obj->class->cast_cache[i] == typename) {
+if (obj->class->object_cast_cache[i] == typename) {
 goto out;
 }
 }
@@ -475,9 +475,10 @@ Object *object_dynamic_cast_assert(Object *obj, const char 
*typename,
 
 if (obj && obj == inst) {
 for (i = 1; i < OBJECT_CLASS_CAST_CACHE; i++) {
-obj->class->cast_cache[i - 1] = obj->class->cast_cache[i];
+obj->class->object_cast_cache[i - 1] =
+obj->class->object_cast_cache[i];
 }
-obj->class->cast_cache[i - 1] = typename;
+obj->class->object_cast_cache[i - 1] = typename;
 }
 
 out:
@@ -547,7 +548,7 @@ ObjectClass *object_class_dynamic_cast_assert(ObjectClass 
*class,
 int i;
 
 for (i = 0; class && i < OBJECT_CLASS_CAST_CACHE; i++) {
-if (class->cast_cache[i] == typename) {
+if (class->class_cast_cache[i] == typename) {
 ret = class;
 goto out;
 }
@@ -568,9 +569,9 @@ ObjectClass *object_class_dynamic_cast_assert(ObjectClass 
*class,
 #ifdef CONFIG_QOM_CAST_DEBUG
 if (class && ret == class) {
 for (i = 1; i < OBJECT_CLASS_CAST_CACHE; i++) {
-class->cast_cache[i - 1] = class->cast_cache[i];
+class->class_cast_cache[i - 1] = class->class_cast_cache[i];
 }
-class->cast_cache[i - 1] = typename;
+class->class_cast_cache[i - 1] = typename;
 }
 out:
 #endif
-- 
1.7.9.5

[Qemu-devel] [PATCH 14/51] scsi-disk: fix VERIFY emulation

[Michael Roth]

From: Paolo Bonzini 

VERIFY emulation was completely botched (and remained botched through
all the refactorings).  The command must be emulated both in check-medium
mode (BYTCHK=00, which we implement by doing nothing) and in check-bytes
mode (which we do not implement yet).  Unlike WRITE AND VERIFY (which we
treat simply as WRITE with FUA bit set), VERIFY cannot be handled like
READ.  In fact the device is _receiving_ data for VERIFY, not _sending_
it like READ.

Cc: qemu-sta...@nongnu.org
Tested-by: Hervé Poussineau 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit d97e7730816094a71cd1f19a56d7a73f77cdbf96)

Conflicts:

hw/scsi/scsi-disk.c

*fixed up WRITE_SAME_* conflicts due to 84f94a9a not being in 1.7.0

Signed-off-by: Michael Roth 
---
 hw/scsi/scsi-disk.c |   26 +++---
 1 file changed, 19 insertions(+), 7 deletions(-)

diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index 74e6a14..1fd1c26 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -1597,6 +1597,14 @@ static void scsi_disk_emulate_write_data(SCSIRequest 
*req)
 scsi_disk_emulate_unmap(r, r->iov.iov_base);
 break;
 
+case VERIFY_10:
+case VERIFY_12:
+case VERIFY_16:
+if (r->req.status == -1) {
+scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
+}
+break;
+
 default:
 abort();
 }
@@ -1837,6 +1845,14 @@ static int32_t scsi_disk_emulate_command(SCSIRequest 
*req, uint8_t *buf)
 case UNMAP:
 DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer);
 break;
+case VERIFY_10:
+case VERIFY_12:
+case VERIFY_16:
+DPRINTF("Verify (bytchk %lu)\n", (r->req.buf[1] >> 1) & 3);
+if (req->cmd.buf[1] & 6) {
+goto illegal_request;
+}
+break;
 case WRITE_SAME_10:
 case WRITE_SAME_16:
 nb_sectors = scsi_data_cdb_length(r->req.cmd.buf);
@@ -1936,10 +1952,6 @@ static int32_t scsi_disk_dma_command(SCSIRequest *req, 
uint8_t *buf)
 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
 return 0;
 }
-/* fallthrough */
-case VERIFY_10:
-case VERIFY_12:
-case VERIFY_16:
 DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
 (command & 0xe) == 0xe ? "And Verify " : "",
 r->req.cmd.lba, len);
@@ -2207,14 +2219,14 @@ static const SCSIReqOps *const 
scsi_disk_reqops_dispatch[256] = {
 [UNMAP]   = &scsi_disk_emulate_reqops,
 [WRITE_SAME_10]   = &scsi_disk_emulate_reqops,
 [WRITE_SAME_16]   = &scsi_disk_emulate_reqops,
+[VERIFY_10]   = &scsi_disk_emulate_reqops,
+[VERIFY_12]   = &scsi_disk_emulate_reqops,
+[VERIFY_16]   = &scsi_disk_emulate_reqops,
 
 [READ_6]  = &scsi_disk_dma_reqops,
 [READ_10] = &scsi_disk_dma_reqops,
 [READ_12] = &scsi_disk_dma_reqops,
 [READ_16] = &scsi_disk_dma_reqops,
-[VERIFY_10]   = &scsi_disk_dma_reqops,
-[VERIFY_12]   = &scsi_disk_dma_reqops,
-[VERIFY_16]   = &scsi_disk_dma_reqops,
 [WRITE_6] = &scsi_disk_dma_reqops,
 [WRITE_10]= &scsi_disk_dma_reqops,
 [WRITE_12]= &scsi_disk_dma_reqops,
-- 
1.7.9.5

[Qemu-devel] [PATCH 27/51] piix: fix 32bit pci hole

[Michael Roth]

From: Gerd Hoffmann 

Make the 32bit pci hole start at end of ram, so all possible address
space is covered.

We used to try and make addresses aligned so they are easier to cover
with MTRRs, but since they are cosmetic on KVM, this is probably not
worth worrying about.
Of course the firmware can use less than that.  Leaving space unused is
no problem, mapping pci bars outside the hole causes problems though.

Signed-off-by: Gerd Hoffmann 
Signed-off-by: Laszlo Ersek 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
(cherry picked from commit ddaaefb4dd427d6d2e41c1cfbe0cd8d8e8d6aad9)

Signed-off-by: Michael Roth 
---
 hw/i386/pc_piix.c|1 +
 hw/pci-host/piix.c   |   11 ++-
 include/hw/i386/pc.h |1 +
 3 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 29b47d4..cc9b273 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -149,6 +149,7 @@ static void pc_init1(QEMUMachineInitArgs *args,
 if (pci_enabled) {
 pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus, gsi,
   system_memory, system_io, args->ram_size,
+  below_4g_mem_size,
   above_4g_mem_size,
   pci_memory, ram_memory);
 } else {
diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index 63be7f6..4229d09 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-host/piix.c
@@ -311,6 +311,7 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state,
 MemoryRegion *address_space_mem,
 MemoryRegion *address_space_io,
 ram_addr_t ram_size,
+ram_addr_t below_4g_mem_size,
 ram_addr_t above_4g_mem_size,
 MemoryRegion *pci_address_space,
 MemoryRegion *ram_memory)
@@ -340,15 +341,7 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state,
 f->ram_memory = ram_memory;
 
 i440fx = I440FX_PCI_HOST_BRIDGE(dev);
-/* Set PCI window size the way seabios has always done it. */
-/* Power of 2 so bios can cover it with a single MTRR */
-if (ram_size <= 0x8000) {
-i440fx->pci_info.w32.begin = 0x8000;
-} else if (ram_size <= 0xc000) {
-i440fx->pci_info.w32.begin = 0xc000;
-} else {
-i440fx->pci_info.w32.begin = 0xe000;
-}
+i440fx->pci_info.w32.begin = below_4g_mem_size;
 
 /* setup pci memory mapping */
 pc_pci_as_mapping_init(OBJECT(f), f->system_memory,
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 8ea1a98..2a4a094 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -179,6 +179,7 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int 
*piix_devfn,
 MemoryRegion *address_space_mem,
 MemoryRegion *address_space_io,
 ram_addr_t ram_size,
+ram_addr_t below_4g_mem_size,
 ram_addr_t above_4g_mem_size,
 MemoryRegion *pci_memory,
 MemoryRegion *ram_memory);
-- 
1.7.9.5

[Qemu-devel] [PATCH 16/51] memory.c: bugfix - ref counting mismatch in memory_region_find

[Michael Roth]

From: Marcel Apfelbaum 

'address_space_get_flatview' gets a reference to a FlatView.
If the flatview lookup fails, the code returns without
"unreferencing" the view.

Cc: qemu-sta...@nongnu.org

Signed-off-by: Marcel Apfelbaum 
Reviewed-by: Paolo Bonzini 
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
(cherry picked from commit 6307d974f9a28bb6652352f52da97f820427d29d)

Signed-off-by: Michael Roth 
---
 memory.c |1 +
 1 file changed, 1 insertion(+)

diff --git a/memory.c b/memory.c
index 28f6449..7764314 100644
--- a/memory.c
+++ b/memory.c
@@ -1596,6 +1596,7 @@ MemoryRegionSection memory_region_find(MemoryRegion *mr,
 view = address_space_get_flatview(as);
 fr = flatview_lookup(view, range);
 if (!fr) {
+flatview_unref(view);
 return ret;
 }
 
-- 
1.7.9.5

[Qemu-devel] [PATCH 20/51] x86: only allow real mode to access 32bit without LMA

[Michael Roth]

From: Alexander Graf 

When we're running in non-64bit mode with qemu-system-x86_64 we can
still end up with virtual addresses that are above the 32bit boundary
if a segment offset is set up.

GNU Hurd does exactly that. It sets the segment offset to 0x8000 and
puts its EIP value to 0x8xxx to access low memory.

This doesn't hit us when we enable paging, as there we just mask away the
unused bits. But with real mode, we assume that vaddr == paddr which is
wrong in this case. Real hardware wraps the virtual address around at the
32bit boundary. So let's do the same.

This fixes booting GNU Hurd in qemu-system-x86_64 for me.

Reported-by: Michael Tokarev 
Signed-off-by: Alexander Graf 
Reviewed-by: Richard Henderson 
Signed-off-by: Michael Tokarev 
(cherry picked from commit 33dfdb56f2f3c8686d218395b871ec12fd5bf30b)

Signed-off-by: Michael Roth 
---
 target-i386/helper.c |6 ++
 1 file changed, 6 insertions(+)

diff --git a/target-i386/helper.c b/target-i386/helper.c
index 7c196ff..ed965d6 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -531,6 +531,12 @@ int cpu_x86_handle_mmu_fault(CPUX86State *env, 
target_ulong addr,
 
 if (!(env->cr[0] & CR0_PG_MASK)) {
 pte = addr;
+#ifdef TARGET_X86_64
+if (!(env->hflags & HF_LMA_MASK)) {
+/* Without long mode we can only address 32bits in real mode */
+pte = (uint32_t)pte;
+}
+#endif
 virt_addr = addr & TARGET_PAGE_MASK;
 prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
 page_size = 4096;
-- 
1.7.9.5

[Qemu-devel] [PATCH 23/51] exec: replace leaf with skip

[Michael Roth]

From: "Michael S. Tsirkin" 

In preparation for dynamic radix tree depth support, rename is_leaf
field to skip, telling us how many bits to skip to next level.
Set to 0 for leaf.

Signed-off-by: Michael S. Tsirkin 
(cherry picked from commit 9736e55b78dc49b7f3a265932ab32ed360f633e4)

*prereq for 53cb28c backport

Signed-off-by: Michael Roth 
---
 exec.c |   17 +
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/exec.c b/exec.c
index e3feaec..885e329 100644
--- a/exec.c
+++ b/exec.c
@@ -83,8 +83,9 @@ int use_icount;
 typedef struct PhysPageEntry PhysPageEntry;
 
 struct PhysPageEntry {
-uint16_t is_leaf : 1;
- /* index into phys_sections (is_leaf) or phys_map_nodes (!is_leaf) */
+/* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
+uint16_t skip : 1;
+ /* index into phys_sections (!skip) or phys_map_nodes (skip) */
 uint16_t ptr : 15;
 };
 
@@ -164,7 +165,7 @@ static uint16_t phys_map_node_alloc(void)
 assert(ret != PHYS_MAP_NODE_NIL);
 assert(ret != next_map.nodes_nb_alloc);
 for (i = 0; i < P_L2_SIZE; ++i) {
-next_map.nodes[ret][i].is_leaf = 0;
+next_map.nodes[ret][i].skip = 1;
 next_map.nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
 }
 return ret;
@@ -178,12 +179,12 @@ static void phys_page_set_level(PhysPageEntry *lp, hwaddr 
*index,
 int i;
 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
 
-if (!lp->is_leaf && lp->ptr == PHYS_MAP_NODE_NIL) {
+if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
 lp->ptr = phys_map_node_alloc();
 p = next_map.nodes[lp->ptr];
 if (level == 0) {
 for (i = 0; i < P_L2_SIZE; i++) {
-p[i].is_leaf = 1;
+p[i].skip = 0;
 p[i].ptr = PHYS_SECTION_UNASSIGNED;
 }
 }
@@ -194,7 +195,7 @@ static void phys_page_set_level(PhysPageEntry *lp, hwaddr 
*index,
 
 while (*nb && lp < &p[P_L2_SIZE]) {
 if ((*index & (step - 1)) == 0 && *nb >= step) {
-lp->is_leaf = true;
+lp->skip = 0;
 lp->ptr = leaf;
 *index += step;
 *nb -= step;
@@ -221,7 +222,7 @@ static MemoryRegionSection *phys_page_find(PhysPageEntry 
lp, hwaddr index,
 PhysPageEntry *p;
 int i;
 
-for (i = P_L2_LEVELS - 1; i >= 0 && !lp.is_leaf; i--) {
+for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
 if (lp.ptr == PHYS_MAP_NODE_NIL) {
 return §ions[PHYS_SECTION_UNASSIGNED];
 }
@@ -1646,7 +1647,7 @@ static void mem_begin(MemoryListener *listener)
 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
 AddressSpaceDispatch *d = g_new(AddressSpaceDispatch, 1);
 
-d->phys_map  = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .is_leaf = 0 };
+d->phys_map  = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .skip = 1 };
 d->as = as;
 as->next_dispatch = d;
 }
-- 
1.7.9.5

[Qemu-devel] [PATCH 11/51] virtio-rng: switch exit callback to VirtioDeviceClass

[Michael Roth]

From: Paolo Bonzini 

This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 7bb6edb0e3dd78d74e0ac980cf6c0a07307f61bf)

Signed-off-by: Michael Roth 
---
 hw/virtio/virtio-rng.c |   10 --
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/hw/virtio/virtio-rng.c b/hw/virtio/virtio-rng.c
index b22ccf1..42ca568 100644
--- a/hw/virtio/virtio-rng.c
+++ b/hw/virtio/virtio-rng.c
@@ -190,16 +190,14 @@ static int virtio_rng_device_init(VirtIODevice *vdev)
 return 0;
 }
 
-static int virtio_rng_device_exit(DeviceState *qdev)
+static void virtio_rng_device_exit(VirtIODevice *vdev)
 {
-VirtIORNG *vrng = VIRTIO_RNG(qdev);
-VirtIODevice *vdev = VIRTIO_DEVICE(qdev);
+VirtIORNG *vrng = VIRTIO_RNG(vdev);
 
 timer_del(vrng->rate_limit_timer);
 timer_free(vrng->rate_limit_timer);
-unregister_savevm(qdev, "virtio-rng", vrng);
+unregister_savevm(DEVICE(vdev), "virtio-rng", vrng);
 virtio_cleanup(vdev);
-return 0;
 }
 
 static Property virtio_rng_properties[] = {
@@ -211,10 +209,10 @@ static void virtio_rng_class_init(ObjectClass *klass, 
void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
-dc->exit = virtio_rng_device_exit;
 dc->props = virtio_rng_properties;
 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
 vdc->init = virtio_rng_device_init;
+vdc->exit = virtio_rng_device_exit;
 vdc->get_features = get_features;
 }
 
-- 
1.7.9.5

[Qemu-devel] [PATCH 33/51] hpet: fix build with CONFIG_HPET off

[Michael Roth]

From: "Michael S. Tsirkin" 

make hpet_find inline so we don't need
to build hpet.c to check if hpet is enabled.

Fixes link error with CONFIG_HPET off.

Cc: qemu-sta...@nongnu.org
Signed-off-by: Michael S. Tsirkin 
(cherry picked from commit 142e0950cfaf023a81112dc3cdfa799d769886a4)

Signed-off-by: Michael Roth 
---
 hw/timer/hpet.c |6 --
 include/hw/timer/hpet.h |   10 +-
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/hw/timer/hpet.c b/hw/timer/hpet.c
index 2eb75ea..c6c2803 100644
--- a/hw/timer/hpet.c
+++ b/hw/timer/hpet.c
@@ -42,7 +42,6 @@
 
 #define HPET_MSI_SUPPORT0
 
-#define TYPE_HPET "hpet"
 #define HPET(obj) OBJECT_CHECK(HPETState, (obj), TYPE_HPET)
 
 struct HPETState;
@@ -757,11 +756,6 @@ static void hpet_device_class_init(ObjectClass *klass, 
void *data)
 dc->props = hpet_device_properties;
 }
 
-bool hpet_find(void)
-{
-return object_resolve_path_type("", TYPE_HPET, NULL);
-}
-
 static const TypeInfo hpet_device_info = {
 .name  = TYPE_HPET,
 .parent= TYPE_SYS_BUS_DEVICE,
diff --git a/include/hw/timer/hpet.h b/include/hw/timer/hpet.h
index ab44bd3..773953b 100644
--- a/include/hw/timer/hpet.h
+++ b/include/hw/timer/hpet.h
@@ -13,6 +13,8 @@
 #ifndef QEMU_HPET_EMUL_H
 #define QEMU_HPET_EMUL_H
 
+#include "qom/object.h"
+
 #define HPET_BASE   0xfed0
 #define HPET_CLK_PERIOD 1000ULL /* 1000 femtoseconds == 10ns*/
 
@@ -72,5 +74,11 @@ struct hpet_fw_config
 
 extern struct hpet_fw_config hpet_cfg;
 
-bool hpet_find(void);
+#define TYPE_HPET "hpet"
+
+static inline bool hpet_find(void)
+{
+return object_resolve_path_type("", TYPE_HPET, NULL);
+}
+
 #endif
-- 
1.7.9.5

[Qemu-devel] [PATCH 30/51] linux-user: create target_structs header to place ipc_perm and shmid_ds

[Michael Roth]

From: Petar Jovanovic 

Creating target_structs header in linux-user/$arch/ and making
target_ipc_perm and target_shmid_ds its first inhabitants.
The struct defintions may/should be further fine-tuned by arch maintainers.

Signed-off-by: Petar Jovanovic 
Signed-off-by: Riku Voipio 
(cherry picked from commit 55a2b1631fb343edac4a2d4596c72e58ee1372b3)

Signed-off-by: Michael Roth 
---
 linux-user/aarch64/target_structs.h|   58 
 linux-user/alpha/target_structs.h  |   48 
 linux-user/arm/target_structs.h|   52 ++
 linux-user/cris/target_structs.h   |   58 
 linux-user/i386/target_structs.h   |   58 
 linux-user/m68k/target_structs.h   |   58 
 linux-user/microblaze/target_structs.h |   58 
 linux-user/mips/target_structs.h   |   48 
 linux-user/mips64/target_cpu.h |   18 
 linux-user/mips64/target_structs.h |2 +
 linux-user/openrisc/target_structs.h   |   58 
 linux-user/ppc/target_structs.h|   60 +
 linux-user/qemu.h  |1 +
 linux-user/s390x/target_structs.h  |   63 ++
 linux-user/sh4/target_structs.h|   58 
 linux-user/sparc/target_structs.h  |   63 ++
 linux-user/sparc64/target_structs.h|   58 
 linux-user/syscall.c   |   76 
 linux-user/unicore32/target_structs.h  |   58 
 linux-user/x86_64/target_structs.h |   58 
 20 files changed, 963 insertions(+), 48 deletions(-)
 create mode 100644 linux-user/aarch64/target_structs.h
 create mode 100644 linux-user/alpha/target_structs.h
 create mode 100644 linux-user/arm/target_structs.h
 create mode 100644 linux-user/cris/target_structs.h
 create mode 100644 linux-user/i386/target_structs.h
 create mode 100644 linux-user/m68k/target_structs.h
 create mode 100644 linux-user/microblaze/target_structs.h
 create mode 100644 linux-user/mips/target_structs.h
 create mode 100644 linux-user/mips64/target_structs.h
 create mode 100644 linux-user/openrisc/target_structs.h
 create mode 100644 linux-user/ppc/target_structs.h
 create mode 100644 linux-user/s390x/target_structs.h
 create mode 100644 linux-user/sh4/target_structs.h
 create mode 100644 linux-user/sparc/target_structs.h
 create mode 100644 linux-user/sparc64/target_structs.h
 create mode 100644 linux-user/unicore32/target_structs.h
 create mode 100644 linux-user/x86_64/target_structs.h

diff --git a/linux-user/aarch64/target_structs.h 
b/linux-user/aarch64/target_structs.h
new file mode 100644
index 000..21c1f2c
--- /dev/null
+++ b/linux-user/aarch64/target_structs.h
@@ -0,0 +1,58 @@
+/*
+ * ARM AArch64 specific structures for linux-user
+ *
+ * Copyright (c) 2013 Fabrice Bellard
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ */
+#ifndef TARGET_STRUCTS_H
+#define TARGET_STRUCTS_H
+
+struct target_ipc_perm {
+abi_int __key;  /* Key.  */
+abi_uint uid;   /* Owner's user ID.  */
+abi_uint gid;   /* Owner's group ID.  */
+abi_uint cuid;  /* Creator's user ID.  */
+abi_uint cgid;  /* Creator's group ID.  */
+abi_ushort mode;/* Read/write permission.  */
+abi_ushort __pad1;
+abi_ushort __seq;   /* Sequence number.  */
+abi_ushort __pad2;
+abi_ulong __unused1;
+abi_ulong __unused2;
+};
+
+struct target_shmid_ds {
+struct target_ipc_perm shm_perm;/* operation permission struct */
+abi_long shm_segsz; /* size of segment in bytes */
+abi_ulong shm_atime;/* time of last shmat() */
+#if TARGET_ABI_BITS == 32
+abi_ulong __unused1;
+#endif
+abi_ulong shm_dtime;/* time of last shmdt() */
+#if TARGET_ABI_BITS == 32
+abi_ulong __unused2;
+#endif
+abi_ulong shm_ctime;/* time of last change by shmctl() */
+#if TARGET_ABI_BITS == 32
+abi_ulong __unused3;
+#endif
+abi_int shm_cpid;   /* pid o

[Qemu-devel] [PATCH 24/51] exec: pass hw address to phys_page_find

[Michael Roth]

From: "Michael S. Tsirkin" 

callers always shift by target page bits so let's just do this
internally.

Signed-off-by: Michael S. Tsirkin 
(cherry picked from commit 97115a8d4500abeb090b968f01605e0bdafcdfd3)

*prereq for 53cb28c backport

Signed-off-by: Michael Roth 
---
 exec.c |8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/exec.c b/exec.c
index 885e329..283b196 100644
--- a/exec.c
+++ b/exec.c
@@ -216,10 +216,11 @@ static void phys_page_set(AddressSpaceDispatch *d,
 phys_page_set_level(&d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
 }
 
-static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr index,
+static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr addr,
Node *nodes, MemoryRegionSection 
*sections)
 {
 PhysPageEntry *p;
+hwaddr index = addr >> TARGET_PAGE_BITS;
 int i;
 
 for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
@@ -245,8 +246,7 @@ static MemoryRegionSection 
*address_space_lookup_region(AddressSpaceDispatch *d,
 MemoryRegionSection *section;
 subpage_t *subpage;
 
-section = phys_page_find(d->phys_map, addr >> TARGET_PAGE_BITS,
- d->nodes, d->sections);
+section = phys_page_find(d->phys_map, addr, d->nodes, d->sections);
 if (resolve_subpage && section->mr->subpage) {
 subpage = container_of(section->mr, subpage_t, iomem);
 section = &d->sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
@@ -802,7 +802,7 @@ static void register_subpage(AddressSpaceDispatch *d, 
MemoryRegionSection *secti
 subpage_t *subpage;
 hwaddr base = section->offset_within_address_space
 & TARGET_PAGE_MASK;
-MemoryRegionSection *existing = phys_page_find(d->phys_map, base >> 
TARGET_PAGE_BITS,
+MemoryRegionSection *existing = phys_page_find(d->phys_map, base,
next_map.nodes, 
next_map.sections);
 MemoryRegionSection subsection = {
 .offset_within_address_space = base,
-- 
1.7.9.5

[Qemu-devel] [PATCH 29/51] linux-user: pass correct parameter to do_shmctl()

[Michael Roth]

From: Petar Jovanovic 

Fix shmctl issue by passing correct parameter buf to do_shmctl().

Signed-off-by: Petar Jovanovic 
Signed-off-by: Riku Voipio 
(cherry picked from commit a29267846a52b4ca294ba3a962b74b67df7ce6d2)

Signed-off-by: Michael Roth 
---
 linux-user/syscall.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index eaaf00d..a3575e7 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -3216,7 +3216,7 @@ static abi_long do_ipc(unsigned int call, int first,
 
/* IPC_* and SHM_* command values are the same on all linux platforms */
 case IPCOP_shmctl:
-ret = do_shmctl(first, second, third);
+ret = do_shmctl(first, second, ptr);
 break;
 default:
gemu_log("Unsupported ipc call: %d (version %d)\n", call, version);
-- 
1.7.9.5

[Qemu-devel] [PATCH 39/51] migration: qmp_migrate(): keep working after syntax error

[Michael Roth]

From: Luiz Capitulino 

If a user or QMP client enter a bad syntax for the migrate
command in QMP/HMP, then the migrate command will never succeed
from that point on.

For example, if you enter:

(qemu) migrate tcp;0:
migrate: Parameter 'uri' expects a valid migration protocol

Then the migrate command will always fail from now on:

(qemu) migrate tcp:0:
migrate: There's a migration process in progress

The problem is that qmp_migrate() sets the migration status to
MIG_STATE_SETUP and doesn't reset it on syntax error. This bug
was introduced by commit 29ae8a4133082e16970c9d4be09f4b6a15034617.

Reviewed-by: Michael R. Hines 
Signed-off-by: Luiz Capitulino 
(cherry picked from commit c950114286ea358a93ce632db0421945e1008395)

Signed-off-by: Michael Roth 
---
 migration.c |1 +
 1 file changed, 1 insertion(+)

diff --git a/migration.c b/migration.c
index ff00bfb..79c86c9 100644
--- a/migration.c
+++ b/migration.c
@@ -437,6 +437,7 @@ void qmp_migrate(const char *uri, bool has_blk, bool blk,
 #endif
 } else {
 error_set(errp, QERR_INVALID_PARAMETER_VALUE, "uri", "a valid 
migration protocol");
+s->state = MIG_STATE_ERROR;
 return;
 }
 
-- 
1.7.9.5

[Qemu-devel] [PATCH 25/51] exec: separate sections and nodes per address space

[Michael Roth]

From: Marcel Apfelbaum 

Every address space has its own nodes and sections, but
it uses the same global arrays of nodes/section.

This limits the number of devices that can be attached
to the guest to 20-30 devices. It happens because:
 - The sections array is limited to 2^12 entries.
 - The main memory has at least 100 sections.
 - Each device address space is actually an alias to
   main memory, multiplying its number of nodes/sections.

Remove the limitation by using separate arrays of
nodes and sections for each address space.

Signed-off-by: Marcel Apfelbaum 
Reviewed-by: Michael S. Tsirkin 
Reviewed-by: Paolo Bonzini 
Signed-off-by: Michael S. Tsirkin 
(cherry picked from commit 53cb28cbfea038f8ad50132dc8a684e638c7d48b)

Conflicts:

exec.c

*removed dependency on b35ba30

Signed-off-by: Michael Roth 
---
 exec.c |  151 +++-
 1 file changed, 64 insertions(+), 87 deletions(-)

diff --git a/exec.c b/exec.c
index 283b196..df94429 100644
--- a/exec.c
+++ b/exec.c
@@ -99,13 +99,21 @@ struct PhysPageEntry {
 
 typedef PhysPageEntry Node[P_L2_SIZE];
 
+typedef struct PhysPageMap {
+unsigned sections_nb;
+unsigned sections_nb_alloc;
+unsigned nodes_nb;
+unsigned nodes_nb_alloc;
+Node *nodes;
+MemoryRegionSection *sections;
+} PhysPageMap;
+
 struct AddressSpaceDispatch {
 /* This is a multi-level map on the physical address space.
  * The bottom level has pointers to MemoryRegionSections.
  */
 PhysPageEntry phys_map;
-Node *nodes;
-MemoryRegionSection *sections;
+PhysPageMap map;
 AddressSpace *as;
 };
 
@@ -122,18 +130,6 @@ typedef struct subpage_t {
 #define PHYS_SECTION_ROM 2
 #define PHYS_SECTION_WATCH 3
 
-typedef struct PhysPageMap {
-unsigned sections_nb;
-unsigned sections_nb_alloc;
-unsigned nodes_nb;
-unsigned nodes_nb_alloc;
-Node *nodes;
-MemoryRegionSection *sections;
-} PhysPageMap;
-
-static PhysPageMap *prev_map;
-static PhysPageMap next_map;
-
 #define PHYS_MAP_NODE_NIL (((uint16_t)~0) >> 1)
 
 static void io_mem_init(void);
@@ -144,35 +140,32 @@ static MemoryRegion io_mem_watch;
 
 #if !defined(CONFIG_USER_ONLY)
 
-static void phys_map_node_reserve(unsigned nodes)
+static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
 {
-if (next_map.nodes_nb + nodes > next_map.nodes_nb_alloc) {
-next_map.nodes_nb_alloc = MAX(next_map.nodes_nb_alloc * 2,
-16);
-next_map.nodes_nb_alloc = MAX(next_map.nodes_nb_alloc,
-  next_map.nodes_nb + nodes);
-next_map.nodes = g_renew(Node, next_map.nodes,
- next_map.nodes_nb_alloc);
+if (map->nodes_nb + nodes > map->nodes_nb_alloc) {
+map->nodes_nb_alloc = MAX(map->nodes_nb_alloc * 2, 16);
+map->nodes_nb_alloc = MAX(map->nodes_nb_alloc, map->nodes_nb + nodes);
+map->nodes = g_renew(Node, map->nodes, map->nodes_nb_alloc);
 }
 }
 
-static uint16_t phys_map_node_alloc(void)
+static uint16_t phys_map_node_alloc(PhysPageMap *map)
 {
 unsigned i;
 uint16_t ret;
 
-ret = next_map.nodes_nb++;
+ret = map->nodes_nb++;
 assert(ret != PHYS_MAP_NODE_NIL);
-assert(ret != next_map.nodes_nb_alloc);
+assert(ret != map->nodes_nb_alloc);
 for (i = 0; i < P_L2_SIZE; ++i) {
-next_map.nodes[ret][i].skip = 1;
-next_map.nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
+map->nodes[ret][i].skip = 1;
+map->nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
 }
 return ret;
 }
 
-static void phys_page_set_level(PhysPageEntry *lp, hwaddr *index,
-hwaddr *nb, uint16_t leaf,
+static void phys_page_set_level(PhysPageMap *map, PhysPageEntry *lp,
+hwaddr *index, hwaddr *nb, uint16_t leaf,
 int level)
 {
 PhysPageEntry *p;
@@ -180,8 +173,8 @@ static void phys_page_set_level(PhysPageEntry *lp, hwaddr 
*index,
 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
 
 if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
-lp->ptr = phys_map_node_alloc();
-p = next_map.nodes[lp->ptr];
+lp->ptr = phys_map_node_alloc(map);
+p = map->nodes[lp->ptr];
 if (level == 0) {
 for (i = 0; i < P_L2_SIZE; i++) {
 p[i].skip = 0;
@@ -189,7 +182,7 @@ static void phys_page_set_level(PhysPageEntry *lp, hwaddr 
*index,
 }
 }
 } else {
-p = next_map.nodes[lp->ptr];
+p = map->nodes[lp->ptr];
 }
 lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
 
@@ -200,7 +193,7 @@ static void phys_page_set_level(PhysPageEntry *lp, hwaddr 
*index,
 *index += step;
 *nb -= step;
 } else {
-phys_page_set_level(lp, index, nb, leaf, level - 1);
+phys_page_set_level(map, lp, index, nb, leaf, level -

[Qemu-devel] [PATCH 32/51] tcg/optimize: fix known-zero bits for right shift ops

[Michael Roth]

From: Aurelien Jarno 

32-bit versions of sar and shr ops should not propagate known-zero bits
from the unused 32 high bits. For sar it could even lead to wrong code
being generated.

Cc: qemu-sta...@nongnu.org
Reviewed-by: Paolo Bonzini 
Signed-off-by: Aurelien Jarno 
Signed-off-by: Richard Henderson 
(cherry picked from commit e46b225a3137e62c975c49aaae7bb5f9583cc428)

Signed-off-by: Michael Roth 
---
 tcg/optimize.c |   19 ++-
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/tcg/optimize.c b/tcg/optimize.c
index 89e2d6a..c5cdde2 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -726,16 +726,25 @@ static TCGArg *tcg_constant_folding(TCGContext *s, 
uint16_t *tcg_opc_ptr,
 mask = temps[args[1]].mask & mask;
 break;
 
-CASE_OP_32_64(sar):
+case INDEX_op_sar_i32:
+if (temps[args[2]].state == TCG_TEMP_CONST) {
+mask = (int32_t)temps[args[1]].mask >> temps[args[2]].val;
+}
+break;
+case INDEX_op_sar_i64:
 if (temps[args[2]].state == TCG_TEMP_CONST) {
-mask = ((tcg_target_long)temps[args[1]].mask
->> temps[args[2]].val);
+mask = (int64_t)temps[args[1]].mask >> temps[args[2]].val;
 }
 break;
 
-CASE_OP_32_64(shr):
+case INDEX_op_shr_i32:
+if (temps[args[2]].state == TCG_TEMP_CONST) {
+mask = (uint32_t)temps[args[1]].mask >> temps[args[2]].val;
+}
+break;
+case INDEX_op_shr_i64:
 if (temps[args[2]].state == TCG_TEMP_CONST) {
-mask = temps[args[1]].mask >> temps[args[2]].val;
+mask = (uint64_t)temps[args[1]].mask >> temps[args[2]].val;
 }
 break;
 
-- 
1.7.9.5

[Qemu-devel] [PATCH 38/51] mainstone: Fix duplicate array values for key 'space'

[Michael Roth]

From: Stefan Weil 

cgcc reported a duplicate initialisation. Mainstone includes a matrix
keyboard where two different positions map to 'space'.

QEMU uses the reversed mapping and does not map 'space' to two different
matrix positions.

Some other keys are either missing or might be mapped wrongly (cf. Linux
kernel code). Don't fix these until someone can test them with real
hardware, but add TODO comments.

Signed-off-by: Stefan Weil 
Reviewed-by: Peter Maydell 
Signed-off-by: Michael Tokarev 
(cherry picked from commit 7dbc1158bc63fdbad849d21409eeeb53f5230445)

Signed-off-by: Michael Roth 
---
 hw/arm/mainstone.c |   13 +++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/hw/arm/mainstone.c b/hw/arm/mainstone.c
index 9402c84..ffbf4bd 100644
--- a/hw/arm/mainstone.c
+++ b/hw/arm/mainstone.c
@@ -75,9 +75,18 @@ static struct keymap map[0xE0] = {
 [0x2c] = {4,3}, /* z */
 [0xc7] = {5,0}, /* Home */
 [0x2a] = {5,1}, /* shift */
-[0x39] = {5,2}, /* space */
+/*
+ * There are two matrix positions which map to space,
+ * but QEMU can only use one of them for the reverse
+ * mapping, so simply use the second one.
+ */
+/* [0x39] = {5,2}, space */
 [0x39] = {5,3}, /* space */
-[0x1c] = {5,5}, /*  enter */
+/*
+ * Matrix position {5,4} and other keys are missing here.
+ * TODO: Compare with Linux code and test real hardware.
+ */
+[0x1c] = {5,5}, /* enter (TODO: might be wrong) */
 [0xc8] = {6,0}, /* up */
 [0xd0] = {6,1}, /* down */
 [0xcb] = {6,2}, /* left */
-- 
1.7.9.5

[Qemu-devel] [PATCH 37/51] seccomp: exit if seccomp_init() fails

[Michael Roth]

From: Corey Bryant 

This fixes a bug where we weren't exiting if seccomp_init() failed.

Signed-off-by: Corey Bryant 
Acked-by: Eduardo Otubo 
Acked-by: Paul Moore 
(cherry picked from commit 2a13f991123fa16841e6d94b02a9cc2c76d91725)

Signed-off-by: Michael Roth 
---
 qemu-seccomp.c |1 +
 1 file changed, 1 insertion(+)

diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index 69cee44..7c7b474 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -230,6 +230,7 @@ int seccomp_start(void)
 
 ctx = seccomp_init(SCMP_ACT_KILL);
 if (ctx == NULL) {
+rc = -1;
 goto seccomp_return;
 }
 
-- 
1.7.9.5

[Qemu-devel] [PATCH 28/51] target-mips: fix 64-bit FPU config for user-mode emulation

[Michael Roth]

From: Petar Jovanovic 

FR bit should be initialized to 1 for MIPS64, under condition that this
bit is writable and that CPU has an FPU unit. It should be initialized to
zero for MIPS32.
This fixes different MIPS32 issues with FPU instructions whose behaviour
defaulted to 64-bit FPU mode.

Signed-off-by: Petar Jovanovic 
Signed-off-by: Aurelien Jarno 
(cherry picked from commit 4d66261f71f2efa31e1052e4041c5ee505572fe5)

Signed-off-by: Michael Roth 
---
 target-mips/translate.c |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/target-mips/translate.c b/target-mips/translate.c
index 67f326b..e302734 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -15983,10 +15983,13 @@ void cpu_state_reset(CPUMIPSState *env)
 if (env->CP0_Config3 & (1 << CP0C3_DSPP)) {
 env->CP0_Status |= (1 << CP0St_MX);
 }
-/* Enable 64-bit FPU if the target cpu supports it.  */
-if (env->active_fpu.fcr0 & (1 << FCR0_F64)) {
+# if defined(TARGET_MIPS64)
+/* For MIPS64, init FR bit to 1 if FPU unit is there and bit is writable. 
*/
+if ((env->CP0_Config1 & (1 << CP0C1_FP)) &&
+(env->CP0_Status_rw_bitmask & (1 << CP0St_FR))) {
 env->CP0_Status |= (1 << CP0St_FR);
 }
+# endif
 #else
 if (env->hflags & MIPS_HFLAG_BMASK) {
 /* If the exception was raised from a delay slot,
-- 
1.7.9.5

[Qemu-devel] [PATCH 44/51] virtio-scsi: Cleanup of I/Os that never started

[Michael Roth]

From: Eric Farman 

There is still a small window that occurs when a cancel I/O affects
an asynchronous I/O operation that hasn't started.  In other words,
when the residual data length equals the expected data length.

Today, the routine virtio_scsi_command_complete fails because the
VirtIOSCSIReq pointer (from the hba_private field in SCSIRequest)
was cleared earlier when virtio_scsi_complete_req was called by
the virtio_scsi_request_cancelled routine.  As a result, the
virtio_scsi_command_complete routine needs to simply return when
it is processing a SCSIRequest block that was marked canceled.

Signed-off-by: Eric Farman 
Cc: qemu-sta...@nongnu.org
Signed-off-by: Paolo Bonzini 
(cherry picked from commit e9c0f0f58ad0a41c3c4b19e1911cfe095afc09ca)

Signed-off-by: Michael Roth 
---
 hw/scsi/virtio-scsi.c |4 
 1 file changed, 4 insertions(+)

diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
index 83344ea..5e524b2 100644
--- a/hw/scsi/virtio-scsi.c
+++ b/hw/scsi/virtio-scsi.c
@@ -306,6 +306,10 @@ static void virtio_scsi_command_complete(SCSIRequest *r, 
uint32_t status,
 VirtIOSCSIReq *req = r->hba_private;
 uint32_t sense_len;
 
+if (r->io_canceled) {
+return;
+}
+
 req->resp.cmd->response = VIRTIO_SCSI_S_OK;
 req->resp.cmd->status = status;
 if (req->resp.cmd->status == GOOD) {
-- 
1.7.9.5

[Qemu-devel] [PATCH 46/51] KVM: Retry KVM_CREATE_VM on EINTR

[Michael Roth]

From: thomas knych 

Upstreaming this change from Android 
(https://android-review.googlesource.com/54211).

On heavily loaded machines with many VM instances we see KVM_CREATE_VM
failing with EINTR on this path:

kvm_dev_ioctl_create_vm -> kvm_create_vm -> kvm_init_mmu_notifier -> 
mmu_notifier_register ->  do_mmu_notifier_register -> mm_take_all_locks

which checks if any signals have been raised while it was attaining locks
and returns EINTR.  Retrying the system call greatly improves reliability.

Cc: qemu-sta...@nongnu.org
Signed-off-by: thomas knych 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 94ccff133820552a859c0fb95e33a539e0b90a75)

Signed-off-by: Michael Roth 
---
 kvm-all.c |   12 +---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/kvm-all.c b/kvm-all.c
index 4478969..951e6e3 100644
--- a/kvm-all.c
+++ b/kvm-all.c
@@ -1431,16 +1431,22 @@ int kvm_init(void)
 nc++;
 }
 
-s->vmfd = kvm_ioctl(s, KVM_CREATE_VM, 0);
-if (s->vmfd < 0) {
+do {
+ret = kvm_ioctl(s, KVM_CREATE_VM, 0);
+} while (ret == -EINTR);
+
+if (ret < 0) {
+fprintf(stderr, "ioctl(KVM_CREATE_VM) failed: %d %s\n", -s->vmfd,
+strerror(-ret));
+
 #ifdef TARGET_S390X
 fprintf(stderr, "Please add the 'switch_amode' kernel parameter to "
 "your host kernel command line\n");
 #endif
-ret = s->vmfd;
 goto err;
 }
 
+s->vmfd = ret;
 missing_cap = kvm_check_extension_list(s, kvm_required_capabilites);
 if (!missing_cap) {
 missing_cap =
-- 
1.7.9.5

[Qemu-devel] [PATCH 42/51] scsi: Support TEST UNIT READY in the dummy LUN0

[Michael Roth]

From: Paolo Bonzini 

SeaBIOS waits for LUN0 to respond to the TEST UNIT READY command
in order to decide whether it should part of the boot sequence.
If LUN0 does not respond to the command, boot is delayed by up
to 5 seconds.  This currently happens when there is no LUN0 on
a target.  Fix that by adding a trivial implementation of the
command.

Cc: qemu-sta...@nongnu.org
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 1cb27d9233d572826b45bd8498d2fab1b6f01df9)

Signed-off-by: Michael Roth 
---
 hw/scsi/scsi-bus.c |2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
index 2d6ce4d..b04438b 100644
--- a/hw/scsi/scsi-bus.c
+++ b/hw/scsi/scsi-bus.c
@@ -469,6 +469,8 @@ static int32_t scsi_target_send_command(SCSIRequest *req, 
uint8_t *buf)
 r->req.dev->sense_is_ua = false;
 }
 break;
+case TEST_UNIT_READY:
+break;
 default:
 scsi_req_build_sense(req, SENSE_CODE(LUN_NOT_SUPPORTED));
 scsi_req_complete(req, CHECK_CONDITION);
-- 
1.7.9.5

[Qemu-devel] [PATCH 45/51] virtio-scsi: Prevent assertion on missed events

[Michael Roth]

From: Eric Farman 

In some cases, an unplug can cause events to be dropped, which
leads to an assertion failure when preparing to notify the guest
kernel.

Signed-off-by: Eric Farman 
Cc: qemu-sta...@nongnu.org
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 49fb65c7f985baa56d2964e0a85c1f098e3e2a9d)

Signed-off-by: Michael Roth 
---
 hw/scsi/virtio-scsi.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
index 5e524b2..3fa6d07 100644
--- a/hw/scsi/virtio-scsi.c
+++ b/hw/scsi/virtio-scsi.c
@@ -520,7 +520,7 @@ static void virtio_scsi_push_event(VirtIOSCSI *s, 
SCSIDevice *dev,
 evt->event = event;
 evt->reason = reason;
 if (!dev) {
-assert(event == VIRTIO_SCSI_T_NO_EVENT);
+assert(event == VIRTIO_SCSI_T_EVENTS_MISSED);
 } else {
 evt->lun[0] = 1;
 evt->lun[1] = dev->id;
-- 
1.7.9.5

[Qemu-devel] [PATCH 51/51] tcg-arm: The shift count of op_rotl_i32 is in args[2] not args[1].

[Michael Roth]

From: Huw Davies 

It's this that should be subtracted from 0x20 when converting to a right rotate.

Cc: qemu-sta...@nongnu.org
Signed-off-by: Huw Davies 
Signed-off-by: Richard Henderson 
(cherry picked from commit 7a3a00979d9dfe2aaa66ce5fc68cd161b4f900ba)

Signed-off-by: Michael Roth 
---
 tcg/arm/tcg-target.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tcg/arm/tcg-target.c b/tcg/arm/tcg-target.c
index e93a4a2..5d4bbe7 100644
--- a/tcg/arm/tcg-target.c
+++ b/tcg/arm/tcg-target.c
@@ -1868,7 +1868,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode 
opc,
 SHIFT_IMM_ROR((0x20 - args[2]) & 0x1f) :
 SHIFT_IMM_LSL(0));
 } else {
-tcg_out_dat_imm(s, COND_AL, ARITH_RSB, TCG_REG_TMP, args[1], 0x20);
+tcg_out_dat_imm(s, COND_AL, ARITH_RSB, TCG_REG_TMP, args[2], 0x20);
 tcg_out_dat_reg(s, COND_AL, ARITH_MOV, args[0], 0, args[1],
 SHIFT_REG_ROR(TCG_REG_TMP));
 }
-- 
1.7.9.5

[Qemu-devel] [PATCH 40/51] vfio-pci: Release all MSI-X vectors when disabled

[Michael Roth]

From: Alex Williamson 

We were relying on msix_unset_vector_notifiers() to release all the
vectors when we disable MSI-X, but this only happens when MSI-X is
still enabled on the device.  Perform further cleanup by releasing
any remaining vectors listed as in-use after this call.  This caused
a leak of IRQ routes on hotplug depending on how the guest OS prepared
the device for removal.

Signed-off-by: Alex Williamson 
Cc: qemu-sta...@nongnu.org
(cherry picked from commit 3e40ba0faf0822fa78336fe6cd9d677ea9b14f1b)

Signed-off-by: Michael Roth 
---
 hw/misc/vfio.c |   12 
 1 file changed, 12 insertions(+)

diff --git a/hw/misc/vfio.c b/hw/misc/vfio.c
index f7f8a19..355b018 100644
--- a/hw/misc/vfio.c
+++ b/hw/misc/vfio.c
@@ -878,8 +878,20 @@ static void vfio_disable_msi_common(VFIODevice *vdev)
 
 static void vfio_disable_msix(VFIODevice *vdev)
 {
+int i;
+
 msix_unset_vector_notifiers(&vdev->pdev);
 
+/*
+ * MSI-X will only release vectors if MSI-X is still enabled on the
+ * device, check through the rest and release it ourselves if necessary.
+ */
+for (i = 0; i < vdev->nr_vectors; i++) {
+if (vdev->msi_vectors[i].use) {
+vfio_msix_vector_release(&vdev->pdev, i);
+}
+}
+
 if (vdev->nr_vectors) {
 vfio_disable_irqindex(vdev, VFIO_PCI_MSIX_IRQ_INDEX);
 }
-- 
1.7.9.5

[Qemu-devel] [PATCH 43/51] scsi: Assign cancel_io vector for scsi_disk_emulate_ops

[Michael Roth]

From: Paolo Bonzini 

Some emulated disk operations (MODE SELECT, UNMAP, WRITE SAME)
can trigger asynchronous I/Os.  Provide the cancel_io callback
to ensure that AIOCBs are properly cleaned up.

Signed-off-by: Eric Farman 
Cc: qemu-sta...@nongnu.org
[Tweak commit message. - Paolo]
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 33325a53f15ab5370e1917b2a11cadffc77c5a52)

Signed-off-by: Michael Roth 
---
 hw/scsi/scsi-disk.c |1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
index 1fd1c26..ade5d4a 100644
--- a/hw/scsi/scsi-disk.c
+++ b/hw/scsi/scsi-disk.c
@@ -2181,6 +2181,7 @@ static const SCSIReqOps scsi_disk_emulate_reqops = {
 .send_command = scsi_disk_emulate_command,
 .read_data= scsi_disk_emulate_read_data,
 .write_data   = scsi_disk_emulate_write_data,
+.cancel_io= scsi_cancel_io,
 .get_buf  = scsi_get_buf,
 };
 
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH V7 10/11] qapi script: do not add "_" for every capitalized char in enum

[Markus Armbruster]

Eric Blake  writes:

> On 02/20/2014 09:54 AM, Markus Armbruster wrote:
>>> +# When c is upper and no "_" appears before, do more checks
>>> +if c.isupper() and (i > 0) and c_fun_str[i - 1] != "_":
>> 
>> c_fun_str[i - 1]... what if i == 0?
>
> How? We already had '(i > 0) and' prior to the use of i-1.

Blind on both eyes, sorry for the noise %-}

[Qemu-devel] [PATCH 47/51] i386: Add missing include file for QEMU_PACKED

[Michael Roth]

From: Stefan Weil 

Instead of packing BiosLinkerLoaderEntry, an unused global variable called
QEMU_PACKED was created (detected by smatch static code analysis).

Including qemu-common.h gets the right definition and also includes some
standard include files which now can be removed here.

Cc: qemu-sta...@nongnu.org
Signed-off-by: Stefan Weil 
Signed-off-by: Michael Tokarev 
(cherry picked from commit c428c5a21ce9a9861839ee544afd10638016e3f5)

Signed-off-by: Michael Roth 
---
 hw/i386/bios-linker-loader.c |3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hw/i386/bios-linker-loader.c b/hw/i386/bios-linker-loader.c
index fd23611..aa56184 100644
--- a/hw/i386/bios-linker-loader.c
+++ b/hw/i386/bios-linker-loader.c
@@ -18,11 +18,10 @@
  * with this program; if not, see .
  */
 
+#include "qemu-common.h"
 #include "bios-linker-loader.h"
 #include "hw/nvram/fw_cfg.h"
 
-#include 
-#include 
 #include "qemu/bswap.h"
 
 #define BIOS_LINKER_LOADER_FILESZ FW_CFG_MAX_FILE_PATH
-- 
1.7.9.5

[Qemu-devel] [PATCH 50/51] memory: fix limiting of translation at a page boundary

[Michael Roth]

From: Paolo Bonzini 

Commit 360e607 (address_space_translate: do not cross page boundaries,
2014-01-30) broke MMIO accesses in cases where the section is shorter
than the full register width.  This can happen for example with the
Bochs DISPI registers, which are 16 bits wide but have only a 1-byte
long MemoryRegion (if you write to the "second byte" of the register
your access is discarded; it doesn't write only to half of the register).

Restrict the action of commit 360e607 to direct RAM accesses.  This
is enough for Xen, since MMIO will not go through the mapcache.

Reported-by: Mark Cave-Ayland 
Cc: qemu-sta...@nongnu.org
Signed-off-by: Paolo Bonzini 
Tested-by: Mark Cave-Ayland 
Signed-off-by: Peter Maydell 
(cherry picked from commit a87f39543a9259f671c5413723311180ee2ad2a8)

Signed-off-by: Michael Roth 
---
 exec.c |   29 +
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/exec.c b/exec.c
index df94429..b324fcc 100644
--- a/exec.c
+++ b/exec.c
@@ -266,6 +266,18 @@ address_space_translate_internal(AddressSpaceDispatch *d, 
hwaddr addr, hwaddr *x
 return section;
 }
 
+static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
+{
+if (memory_region_is_ram(mr)) {
+return !(is_write && mr->readonly);
+}
+if (memory_region_is_romd(mr)) {
+return !is_write;
+}
+
+return false;
+}
+
 MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
   hwaddr *xlat, hwaddr *plen,
   bool is_write)
@@ -295,6 +307,11 @@ MemoryRegion *address_space_translate(AddressSpace *as, 
hwaddr addr,
 as = iotlb.target_as;
 }
 
+if (memory_access_is_direct(mr, is_write)) {
+hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
+len = MIN(page, len);
+}
+
 *plen = len;
 *xlat = addr;
 return mr;
@@ -1815,18 +1832,6 @@ static void invalidate_and_set_dirty(hwaddr addr,
 xen_modified_memory(addr, length);
 }
 
-static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
-{
-if (memory_region_is_ram(mr)) {
-return !(is_write && mr->readonly);
-}
-if (memory_region_is_romd(mr)) {
-return !is_write;
-}
-
-return false;
-}
-
 static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
 {
 unsigned access_size_max = mr->ops->valid.max_access_size;
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH] virtio-net: calculate proper msix vectors on init

[Jason Wang]

On 02/21/2014 01:00 PM, Jason Wang wrote:
> Currently, the default msix vectors for virtio-net-pci is 3 which is
> obvious not suitable for multiqueue guest, so we depends on the user
> or management tools to pass a correct vectors parameter. In fact, we
> can simplifying this by calculate the number of vectors on init.
>
> Consider we have N queues, the number of vectors needed is 2*N + 2
> (plus one config interrupt and control vq). We didn't check whether or
> not host support control vq because it was added unconditionally by
> qemu to avoid breaking legacy guests such as Minix.
>
> Cc: Paolo Bonzini 
> Cc: Michael S. Tsirkin 
> Signed-off-by: Jason Wang 
> ---

Unnecessary debug line was found, will send V2.

Re: [Qemu-devel] [RFC PATCH] file ram alloc: fail if cannot preallocate

[Alexander Graf]

On 21.02.2014, at 05:57, Alexey Kardashevskiy  wrote:

> On 02/10/2014 05:32 PM, Alexey Kardashevskiy wrote:
>> At the moment if the user asked for huge pages and there is no more huge
>> pages, QEMU prints warning and falls back to the anonymous memory
>> allocator which is quite easy not to notice. QEMU also does so even
>> if the user specified -mem-prealloc and it seems wrong as the user
>> specifically requested huge pages for the entire RAM but QEMU failed to do
>> so and continued. On PPC64 this will produce a fragile guest as QEMU
>> tells the guest via device-tree that it can use huge pages when it
>> actually cannot.
>> 
>> This adds message+exit if RAM cannot be preallocated from huge pages.
> 
> 
> Too bad? Should I increase my personal pinging timeout from 1 to 2 weeks to
> avoid annoying the community? :) Thanks!

The patch changes the semantics of -mem-prealloc from "make sure all RAM is 
mapped" to "make sure all RAM is mapped and is backed by huge pages if we use 
huge pages" and thus is just plain wrong.

The real question is why are we allowing sparsely mapped huge page backing at 
all? Should we change that? Do we need a new flag for this to specify "yes, I 
do want all my pages backed by -mem-path"?

This is also something that should be coordinated with the -mem-path 
refactoring.


Alex

Re: [Qemu-devel] [PATCH] spapr-vlan: flush queue whenever can_receive can go from false to true

[Alexander Graf]

On 21.02.2014, at 04:46, Alexey Kardashevskiy  wrote:

> On 02/14/2014 12:27 PM, Alexey Kardashevskiy wrote:
>> When the guests adds buffers to receive queue, the network device
>> should flush its queue of pending packets. This is done with
>> qemu_flush_queued_packets.
>> 
>> This adds a call to qemu_flush_queued_packets() which wakes up the main
>> loop and let QEMU update the network device status which now is "can
>> receive". The patch basically does the same thing as e8b4c68 does.
> 
> 
> Ping, anyone?

Thanks, applied to ppc-next.


Alex

[Qemu-devel] [PATCH V2] virtio-net: calculate proper msix vectors on init

[Jason Wang]

Currently, the default msix vectors for virtio-net-pci is 3 which is
obvious not suitable for multiqueue guest, so we depends on the user
or management tools to pass a correct vectors parameter. In fact, we
can simplifying this by calculate the number of vectors on init.

Consider we have N queues, the number of vectors needed is 2*N + 2
(plus one config interrupt and control vq). We didn't check whether or
not host support control vq because it was added unconditionally by
qemu to avoid breaking legacy guests such as Minix.

Cc: Paolo Bonzini 
Cc: Michael S. Tsirkin 
Signed-off-by: Jason Wang 
---
 hw/virtio/virtio-pci.c | 8 +++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 7b91841..3b3b0e2 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1416,7 +1416,8 @@ static const TypeInfo virtio_serial_pci_info = {
 static Property virtio_net_properties[] = {
 DEFINE_PROP_BIT("ioeventfd", VirtIOPCIProxy, flags,
 VIRTIO_PCI_FLAG_USE_IOEVENTFD_BIT, false),
-DEFINE_PROP_UINT32("vectors", VirtIOPCIProxy, nvectors, 3),
+DEFINE_PROP_UINT32("vectors", VirtIOPCIProxy, nvectors,
+   DEV_NVECTORS_UNSPECIFIED),
 DEFINE_VIRTIO_NET_FEATURES(VirtIOPCIProxy, host_features),
 DEFINE_NIC_PROPERTIES(VirtIONetPCI, vdev.nic_conf),
 DEFINE_VIRTIO_NET_PROPERTIES(VirtIONetPCI, vdev.net_conf),
@@ -1428,6 +1429,11 @@ static int virtio_net_pci_init(VirtIOPCIProxy *vpci_dev)
 DeviceState *qdev = DEVICE(vpci_dev);
 VirtIONetPCI *dev = VIRTIO_NET_PCI(vpci_dev);
 DeviceState *vdev = DEVICE(&dev->vdev);
+VirtIONet *net = VIRTIO_NET(&dev->vdev);
+
+if (vpci_dev->nvectors == DEV_NVECTORS_UNSPECIFIED) {
+vpci_dev->nvectors = 2 * MAX(net->nic_conf.queues, 1) + 2;
+}
 
 virtio_net_set_config_size(&dev->vdev, vpci_dev->host_features);
 virtio_net_set_netclient_name(&dev->vdev, qdev->id,
-- 
1.8.3.2

[Qemu-devel] QOM vs QAPI for QMP APIs

[Stefan Hajnoczi]

I need to add a QMP API that lists dataplane threads.  This is similar
to "query-cpus" where the thread IDs are reported.  It allows the client
to bind threads to host CPUs.

I'm inclined to add a "query-iothreads" QMP command:
 * It's easy to implement using QAPI
 * We've developed best practices for QMP APIs
 * We know how to version and make QMP APIs extensible
 * Clients (including libvirt) are used to QMP JSON RPC

But maybe I should use QOM instead:
 * Add a "qom-find-objects-by-class" QMP command (Paolo's idea)
 * Client does "qom-find-objects-by-class IOThread /objects"
 * Client then uses "qom-get" to fetch the thread_id property on each
   IOThread object
 * But we haven't really established how QOM APIs will work

So my question is: should we use QOM as the external API or continue
using QAPI?

I don't think we gain much by switching to QOM other than opening a
whole new design space that we've yet to master.  We'll make plenty of
mistakes just like we did with QMP and QAPI.

Although QOM eliminates the need to implement dedicated QMP commands, it
exposes a more complex model to the client.  Instead of a JSON
command/response model we now expose a general object-oriented namespace
with properties, links, etc.  The client has to make sense of all that
and has to perform multiple qom-list/qom-get/etc commands for something
that would take a single dedicated QMP command.

Maybe I just need some convincing but it seems that QAPI is the simplest
and cleanest way to define external APIs.

Disagree?  Tell me why :).

Stefan

[Qemu-devel] [PATCH 04/51] virtio-pci: remove vdev field

[Michael Roth]

From: Paolo Bonzini 

The vdev field is complicated to synchronize.  Just access the
BusState's list of children.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit a3fc66d9fd37acbfcee013692246a8ae42bd93bb)

Signed-off-by: Michael Roth 
---
 hw/virtio/virtio-pci.c |  110 
 hw/virtio/virtio-pci.h |1 -
 2 files changed, 65 insertions(+), 46 deletions(-)

diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 76b7652..15b92e9 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -113,31 +113,40 @@ static inline VirtIOPCIProxy 
*to_virtio_pci_proxy_fast(DeviceState *d)
 static void virtio_pci_notify(DeviceState *d, uint16_t vector)
 {
 VirtIOPCIProxy *proxy = to_virtio_pci_proxy_fast(d);
+
 if (msix_enabled(&proxy->pci_dev))
 msix_notify(&proxy->pci_dev, vector);
-else
-pci_set_irq(&proxy->pci_dev, proxy->vdev->isr & 1);
+else {
+VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+pci_set_irq(&proxy->pci_dev, vdev->isr & 1);
+}
 }
 
 static void virtio_pci_save_config(DeviceState *d, QEMUFile *f)
 {
 VirtIOPCIProxy *proxy = to_virtio_pci_proxy(d);
+VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
 pci_device_save(&proxy->pci_dev, f);
 msix_save(&proxy->pci_dev, f);
 if (msix_present(&proxy->pci_dev))
-qemu_put_be16(f, proxy->vdev->config_vector);
+qemu_put_be16(f, vdev->config_vector);
 }
 
 static void virtio_pci_save_queue(DeviceState *d, int n, QEMUFile *f)
 {
 VirtIOPCIProxy *proxy = to_virtio_pci_proxy(d);
+VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
 if (msix_present(&proxy->pci_dev))
-qemu_put_be16(f, virtio_queue_vector(proxy->vdev, n));
+qemu_put_be16(f, virtio_queue_vector(vdev, n));
 }
 
 static int virtio_pci_load_config(DeviceState *d, QEMUFile *f)
 {
 VirtIOPCIProxy *proxy = to_virtio_pci_proxy(d);
+VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
 int ret;
 ret = pci_device_load(&proxy->pci_dev, f);
 if (ret) {
@@ -146,12 +155,12 @@ static int virtio_pci_load_config(DeviceState *d, 
QEMUFile *f)
 msix_unuse_all_vectors(&proxy->pci_dev);
 msix_load(&proxy->pci_dev, f);
 if (msix_present(&proxy->pci_dev)) {
-qemu_get_be16s(f, &proxy->vdev->config_vector);
+qemu_get_be16s(f, &vdev->config_vector);
 } else {
-proxy->vdev->config_vector = VIRTIO_NO_VECTOR;
+vdev->config_vector = VIRTIO_NO_VECTOR;
 }
-if (proxy->vdev->config_vector != VIRTIO_NO_VECTOR) {
-return msix_vector_use(&proxy->pci_dev, proxy->vdev->config_vector);
+if (vdev->config_vector != VIRTIO_NO_VECTOR) {
+return msix_vector_use(&proxy->pci_dev, vdev->config_vector);
 }
 return 0;
 }
@@ -159,13 +168,15 @@ static int virtio_pci_load_config(DeviceState *d, 
QEMUFile *f)
 static int virtio_pci_load_queue(DeviceState *d, int n, QEMUFile *f)
 {
 VirtIOPCIProxy *proxy = to_virtio_pci_proxy(d);
+VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
 uint16_t vector;
 if (msix_present(&proxy->pci_dev)) {
 qemu_get_be16s(f, &vector);
 } else {
 vector = VIRTIO_NO_VECTOR;
 }
-virtio_queue_set_vector(proxy->vdev, n, vector);
+virtio_queue_set_vector(vdev, n, vector);
 if (vector != VIRTIO_NO_VECTOR) {
 return msix_vector_use(&proxy->pci_dev, vector);
 }
@@ -175,7 +186,8 @@ static int virtio_pci_load_queue(DeviceState *d, int n, 
QEMUFile *f)
 static int virtio_pci_set_host_notifier_internal(VirtIOPCIProxy *proxy,
  int n, bool assign, bool 
set_handler)
 {
-VirtQueue *vq = virtio_get_queue(proxy->vdev, n);
+VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+VirtQueue *vq = virtio_get_queue(vdev, n);
 EventNotifier *notifier = virtio_queue_get_host_notifier(vq);
 int r = 0;
 
@@ -200,6 +212,7 @@ static int 
virtio_pci_set_host_notifier_internal(VirtIOPCIProxy *proxy,
 
 static void virtio_pci_start_ioeventfd(VirtIOPCIProxy *proxy)
 {
+VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
 int n, r;
 
 if (!(proxy->flags & VIRTIO_PCI_FLAG_USE_IOEVENTFD) ||
@@ -209,7 +222,7 @@ static void virtio_pci_start_ioeventfd(VirtIOPCIProxy 
*proxy)
 }
 
 for (n = 0; n < VIRTIO_PCI_QUEUE_MAX; n++) {
-if (!virtio_queue_get_num(proxy->vdev, n)) {
+if (!virtio_queue_get_num(vdev, n)) {
 continue;
 }
 
@@ -223,7 +236,7 @@ static void virtio_pci_start_ioeventfd(VirtIOPCIProxy 
*proxy)
 
 assign_error:
 while (--n >= 0) {
-if (!virtio_queue_get_num(proxy->vdev, n)) {
+if (!virtio_queue_get_num(vdev, n)) {
 continue;
 }
 
@@ -236,6 +249,7 @@ assign_error:
 
 static void virtio_pci_stop_ioeventfd(VirtIOPCIProxy *proxy)
 {
+VirtIODevic

[Qemu-devel] [PATCH 22/51] split definitions for exec.c and translate-all.c radix trees

[Michael Roth]

From: Paolo Bonzini 

The exec.c and translate-all.c radix trees are quite different, and
the exec.c one in particular is not limited to the CPU---it can be
used also by devices that do DMA, and in that case the address space
is not limited to TARGET_PHYS_ADDR_SPACE_BITS bits.

We want to make exec.c's radix trees 64-bit wide.  As a first step,
stop sharing the constants between exec.c and translate-all.c.
exec.c gets P_L2_* constants, translate-all.c gets V_L2_*, for
consistency with the existing V_L1_* symbols.  Though actually
in the softmmu case translate-all.c is also indexed by physical
addresses...

This patch has no semantic change.

Signed-off-by: Paolo Bonzini 
Signed-off-by: Michael S. Tsirkin 
(cherry picked from commit 03f4995781a64e106e6f73864a1e9c4163dac53b)

*prereq for 53cb28c backport

Signed-off-by: Michael Roth 
---
 exec.c  |   29 +
 translate-all.c |   32 ++--
 translate-all.h |7 ---
 3 files changed, 39 insertions(+), 29 deletions(-)

diff --git a/exec.c b/exec.c
index 95c4356..e3feaec 100644
--- a/exec.c
+++ b/exec.c
@@ -88,7 +88,15 @@ struct PhysPageEntry {
 uint16_t ptr : 15;
 };
 
-typedef PhysPageEntry Node[L2_SIZE];
+/* Size of the L2 (and L3, etc) page tables.  */
+#define ADDR_SPACE_BITS TARGET_PHYS_ADDR_SPACE_BITS
+
+#define P_L2_BITS 10
+#define P_L2_SIZE (1 << P_L2_BITS)
+
+#define P_L2_LEVELS (((ADDR_SPACE_BITS - TARGET_PAGE_BITS - 1) / P_L2_BITS) + 
1)
+
+typedef PhysPageEntry Node[P_L2_SIZE];
 
 struct AddressSpaceDispatch {
 /* This is a multi-level map on the physical address space.
@@ -155,7 +163,7 @@ static uint16_t phys_map_node_alloc(void)
 ret = next_map.nodes_nb++;
 assert(ret != PHYS_MAP_NODE_NIL);
 assert(ret != next_map.nodes_nb_alloc);
-for (i = 0; i < L2_SIZE; ++i) {
+for (i = 0; i < P_L2_SIZE; ++i) {
 next_map.nodes[ret][i].is_leaf = 0;
 next_map.nodes[ret][i].ptr = PHYS_MAP_NODE_NIL;
 }
@@ -168,13 +176,13 @@ static void phys_page_set_level(PhysPageEntry *lp, hwaddr 
*index,
 {
 PhysPageEntry *p;
 int i;
-hwaddr step = (hwaddr)1 << (level * L2_BITS);
+hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
 
 if (!lp->is_leaf && lp->ptr == PHYS_MAP_NODE_NIL) {
 lp->ptr = phys_map_node_alloc();
 p = next_map.nodes[lp->ptr];
 if (level == 0) {
-for (i = 0; i < L2_SIZE; i++) {
+for (i = 0; i < P_L2_SIZE; i++) {
 p[i].is_leaf = 1;
 p[i].ptr = PHYS_SECTION_UNASSIGNED;
 }
@@ -182,9 +190,9 @@ static void phys_page_set_level(PhysPageEntry *lp, hwaddr 
*index,
 } else {
 p = next_map.nodes[lp->ptr];
 }
-lp = &p[(*index >> (level * L2_BITS)) & (L2_SIZE - 1)];
+lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
 
-while (*nb && lp < &p[L2_SIZE]) {
+while (*nb && lp < &p[P_L2_SIZE]) {
 if ((*index & (step - 1)) == 0 && *nb >= step) {
 lp->is_leaf = true;
 lp->ptr = leaf;
@@ -218,7 +226,7 @@ static MemoryRegionSection *phys_page_find(PhysPageEntry 
lp, hwaddr index,
 return §ions[PHYS_SECTION_UNASSIGNED];
 }
 p = nodes[lp.ptr];
-lp = p[(index >> (i * L2_BITS)) & (L2_SIZE - 1)];
+lp = p[(index >> (i * P_L2_BITS)) & (P_L2_SIZE - 1)];
 }
 return §ions[lp.ptr];
 }
@@ -1743,7 +1751,12 @@ void address_space_destroy_dispatch(AddressSpace *as)
 static void memory_map_init(void)
 {
 system_memory = g_malloc(sizeof(*system_memory));
-memory_region_init(system_memory, NULL, "system", INT64_MAX);
+
+assert(ADDR_SPACE_BITS <= 64);
+
+memory_region_init(system_memory, NULL, "system",
+   ADDR_SPACE_BITS == 64 ?
+   UINT64_MAX : (0x1ULL << ADDR_SPACE_BITS));
 address_space_init(&address_space_memory, system_memory, "memory");
 
 system_io = g_malloc(sizeof(*system_io));
diff --git a/translate-all.c b/translate-all.c
index aeda54d..1c63d78 100644
--- a/translate-all.c
+++ b/translate-all.c
@@ -96,12 +96,16 @@ typedef struct PageDesc {
 # define L1_MAP_ADDR_SPACE_BITS  TARGET_VIRT_ADDR_SPACE_BITS
 #endif
 
+/* Size of the L2 (and L3, etc) page tables.  */
+#define V_L2_BITS 10
+#define V_L2_SIZE (1 << V_L2_BITS)
+
 /* The bits remaining after N lower levels of page tables.  */
 #define V_L1_BITS_REM \
-((L1_MAP_ADDR_SPACE_BITS - TARGET_PAGE_BITS) % L2_BITS)
+((L1_MAP_ADDR_SPACE_BITS - TARGET_PAGE_BITS) % V_L2_BITS)
 
 #if V_L1_BITS_REM < 4
-#define V_L1_BITS  (V_L1_BITS_REM + L2_BITS)
+#define V_L1_BITS  (V_L1_BITS_REM + V_L2_BITS)
 #else
 #define V_L1_BITS  V_L1_BITS_REM
 #endif
@@ -395,18 +399,18 @@ static PageDesc *page_find_alloc(tb_page_addr_t index, 
int alloc)
 lp = l1_map + ((index >> V_L1_SHIFT) & (V_L1_SIZE - 1));
 
 /* Level 2..N-1.  */
-for (i = V_L1_SHIFT / L2_BITS - 1; i > 0; i--) {
+for (i = V_L1_SHIFT / V_L2_BITS - 1; i > 0; i--) {
 

[Qemu-devel] [PATCH 06/51] virtio-blk: switch exit callback to VirtioDeviceClass

[Michael Roth]

From: Paolo Bonzini 

This ensures hot-unplug is handled properly by the proxy, and avoids
leaking bus_name which is freed by virtio_device_exit.

Cc: qemu-sta...@nongnu.org
Acked-by: Andreas Faerber 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 40dfc16f5fe0afb66f9436718781264dfadb6c61)

Signed-off-by: Michael Roth 
---
 hw/block/virtio-blk.c |   10 --
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index 13f6d82..7f0440f 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -728,20 +728,18 @@ static int virtio_blk_device_init(VirtIODevice *vdev)
 return 0;
 }
 
-static int virtio_blk_device_exit(DeviceState *dev)
+static void virtio_blk_device_exit(VirtIODevice *vdev)
 {
-VirtIODevice *vdev = VIRTIO_DEVICE(dev);
-VirtIOBlock *s = VIRTIO_BLK(dev);
+VirtIOBlock *s = VIRTIO_BLK(vdev);
 #ifdef CONFIG_VIRTIO_BLK_DATA_PLANE
 remove_migration_state_change_notifier(&s->migration_state_notifier);
 virtio_blk_data_plane_destroy(s->dataplane);
 s->dataplane = NULL;
 #endif
 qemu_del_vm_change_state_handler(s->change);
-unregister_savevm(dev, "virtio-blk", s);
+unregister_savevm(DEVICE(vdev), "virtio-blk", s);
 blockdev_mark_auto_del(s->bs);
 virtio_cleanup(vdev);
-return 0;
 }
 
 static Property virtio_blk_properties[] = {
@@ -753,10 +751,10 @@ static void virtio_blk_class_init(ObjectClass *klass, 
void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
-dc->exit = virtio_blk_device_exit;
 dc->props = virtio_blk_properties;
 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
 vdc->init = virtio_blk_device_init;
+vdc->exit = virtio_blk_device_exit;
 vdc->get_config = virtio_blk_update_config;
 vdc->set_config = virtio_blk_set_config;
 vdc->get_features = virtio_blk_get_features;
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH] target-ppc/translate.c: Use ULL suffix for 64 bit constants

[Alexander Graf]

On 20.02.2014, at 20:47, Peter Maydell  wrote:

> 64 bit constants need the "ULL" suffix, not just "UL", because
> on 32 bit platforms 'long' is not large enough and this will
> cause a compiler warning.
> 
> Signed-off-by: Peter Maydell 

Thanks, applied to ppc-next.


Alex

[Qemu-devel] [PATCH 31/51] Fix QEMU build on OpenBSD on x86 archs

[Michael Roth]

From: Brad 

This resolves the build issue with building the ROMs on OpenBSD on x86 archs.
As of OpenBSD 5.3 the compiler builds PIE binaries by default and thus the
whole OS/packages and so forth. The ROMs need to have PIE disabled.
Check in configure whether the compiler supports the flags for disabling
PIE, and if it does then use them for building the ROMs. This fixes the
following buildbot failure:

>From the OpenBSD buildbots..
  Building optionrom/multiboot.img
ld: multiboot.o: relocation R_X86_64_16 can not be used when making a shared 
object; recompile with -fPIC

Signed-off by: Brad Smith 
Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Peter Maydell 
(cherry picked from commit 46eef33b89e936ca793e13c4aeea1414e97e8dbb)

Signed-off-by: Michael Roth 
---
 configure  |7 +++
 pc-bios/optionrom/Makefile |3 ++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/configure b/configure
index 0666228..3cbcea1 100755
--- a/configure
+++ b/configure
@@ -1357,6 +1357,11 @@ EOF
   pie="no"
 fi
   fi
+
+  if compile_prog "-fno-pie" "-nopie"; then
+CFLAGS_NOPIE="-fno-pie"
+LDFLAGS_NOPIE="-nopie"
+  fi
 fi
 
 ##
@@ -4288,6 +4293,7 @@ echo "LD=$ld" >> $config_host_mak
 echo "WINDRES=$windres" >> $config_host_mak
 echo "LIBTOOL=$libtool" >> $config_host_mak
 echo "CFLAGS=$CFLAGS" >> $config_host_mak
+echo "CFLAGS_NOPIE=$CFLAGS_NOPIE" >> $config_host_mak
 echo "QEMU_CFLAGS=$QEMU_CFLAGS" >> $config_host_mak
 echo "QEMU_INCLUDES=$QEMU_INCLUDES" >> $config_host_mak
 if test "$sparse" = "yes" ; then
@@ -4301,6 +4307,7 @@ else
   echo "AUTOCONF_HOST := " >> $config_host_mak
 fi
 echo "LDFLAGS=$LDFLAGS" >> $config_host_mak
+echo "LDFLAGS_NOPIE=$LDFLAGS_NOPIE" >> $config_host_mak
 echo "LIBTOOLFLAGS=$LIBTOOLFLAGS" >> $config_host_mak
 echo "LIBS+=$LIBS" >> $config_host_mak
 echo "LIBS_TOOLS+=$libs_tools" >> $config_host_mak
diff --git a/pc-bios/optionrom/Makefile b/pc-bios/optionrom/Makefile
index 57d8bd0..ce4852a 100644
--- a/pc-bios/optionrom/Makefile
+++ b/pc-bios/optionrom/Makefile
@@ -12,6 +12,7 @@ $(call set-vpath, $(SRC_PATH)/pc-bios/optionrom)
 CFLAGS := -Wall -Wstrict-prototypes -Werror -fomit-frame-pointer -fno-builtin
 CFLAGS += -I$(SRC_PATH)
 CFLAGS += $(call cc-option, $(CFLAGS), -fno-stack-protector)
+CFLAGS += $(CFLAGS_NOPIE)
 QEMU_CFLAGS = $(CFLAGS)
 
 build-all: multiboot.bin linuxboot.bin kvmvapic.bin
@@ -20,7 +21,7 @@ build-all: multiboot.bin linuxboot.bin kvmvapic.bin
 .SECONDARY:
 
 %.img: %.o
-   $(call quiet-command,$(LD) -Ttext 0 -e _start -s -o $@ $<,"  Building 
$(TARGET_DIR)$@")
+   $(call quiet-command,$(LD) $(LDFLAGS_NOPIE) -Ttext 0 -e _start -s -o $@ 
$<,"  Building $(TARGET_DIR)$@")
 
 %.raw: %.img
$(call quiet-command,$(OBJCOPY) -O binary -j .text $< $@,"  Building 
$(TARGET_DIR)$@")
-- 
1.7.9.5

[Qemu-devel] Add a new hardware

[atlas khan]

I am working on project in which we have add support of a board in
QEMU. We have to add some virtual devices in QEMU. The question which
I want to ask that what should I do to add virtual device. And after
adding that device in \hw in which file I have to make changes so that
program access that hardware when it need it. Because the device which
I have to add is the device which is already available, but in our
board, this device has different architecture, so we want our program
to access that file which we have made for our board instead of file
which is already available in QEMU

[Qemu-devel] [PATCH 26/51] pc: map PCI address space as catchall region for not mapped addresses

[Michael Roth]

From: "Michael S. Tsirkin" 

With a help of negative memory region priority PCI address space
is mapped underneath RAM regions effectively catching every access
to addresses not mapped by any other region.
It simplifies PCI address space mapping into system address space.

Signed-off-by: Michael S. Tsirkin 
Signed-off-by: Igor Mammedov 
(cherry picked from commit 83d08f2673504a299194dcac1657a13754b5932a)

*prereq for ddaaefb backport

Signed-off-by: Michael Roth 
---
 hw/i386/pc.c  |   20 ++--
 hw/i386/pc_piix.c |2 --
 hw/pci-host/piix.c|   26 --
 hw/pci-host/q35.c |   27 +--
 include/hw/i386/pc.h  |   14 ++
 include/hw/pci-host/q35.h |2 --
 6 files changed, 17 insertions(+), 74 deletions(-)

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 12c436e..6c82ada 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1093,21 +1093,13 @@ PcGuestInfo *pc_guest_info_init(ram_addr_t 
below_4g_mem_size,
 return guest_info;
 }
 
-void pc_init_pci64_hole(PcPciInfo *pci_info, uint64_t pci_hole64_start,
-uint64_t pci_hole64_size)
+/* setup pci memory address space mapping into system address space */
+void pc_pci_as_mapping_init(Object *owner, MemoryRegion *system_memory,
+MemoryRegion *pci_address_space)
 {
-if ((sizeof(hwaddr) == 4) || (!pci_hole64_size)) {
-return;
-}
-/*
- * BIOS does not set MTRR entries for the 64 bit window, so no need to
- * align address to power of two.  Align address at 1G, this makes sure
- * it can be exactly covered with a PAT entry even when using huge
- * pages.
- */
-pci_info->w64.begin = ROUND_UP(pci_hole64_start, 0x1ULL << 30);
-pci_info->w64.end = pci_info->w64.begin + pci_hole64_size;
-assert(pci_info->w64.begin <= pci_info->w64.end);
+/* Set to lower priority than RAM */
+memory_region_add_subregion_overlap(system_memory, 0x0,
+pci_address_space, -1);
 }
 
 void pc_acpi_init(const char *default_dsdt)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 2111f01..29b47d4 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -149,8 +149,6 @@ static void pc_init1(QEMUMachineInitArgs *args,
 if (pci_enabled) {
 pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, &isa_bus, gsi,
   system_memory, system_io, args->ram_size,
-  below_4g_mem_size,
-  0x1ULL - below_4g_mem_size,
   above_4g_mem_size,
   pci_memory, ram_memory);
 } else {
diff --git a/hw/pci-host/piix.c b/hw/pci-host/piix.c
index edc974e..63be7f6 100644
--- a/hw/pci-host/piix.c
+++ b/hw/pci-host/piix.c
@@ -103,8 +103,6 @@ struct PCII440FXState {
 MemoryRegion *system_memory;
 MemoryRegion *pci_address_space;
 MemoryRegion *ram_memory;
-MemoryRegion pci_hole;
-MemoryRegion pci_hole_64bit;
 PAMMemoryRegion pam_regions[13];
 MemoryRegion smram_region;
 uint8_t smm_enabled;
@@ -313,8 +311,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state,
 MemoryRegion *address_space_mem,
 MemoryRegion *address_space_io,
 ram_addr_t ram_size,
-hwaddr pci_hole_start,
-hwaddr pci_hole_size,
 ram_addr_t above_4g_mem_size,
 MemoryRegion *pci_address_space,
 MemoryRegion *ram_memory)
@@ -327,7 +323,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state,
 PCII440FXState *f;
 unsigned i;
 I440FXState *i440fx;
-uint64_t pci_hole64_size;
 
 dev = qdev_create(NULL, TYPE_I440FX_PCI_HOST_BRIDGE);
 s = PCI_HOST_BRIDGE(dev);
@@ -355,23 +350,10 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state,
 i440fx->pci_info.w32.begin = 0xe000;
 }
 
-memory_region_init_alias(&f->pci_hole, OBJECT(d), "pci-hole", 
f->pci_address_space,
- pci_hole_start, pci_hole_size);
-memory_region_add_subregion(f->system_memory, pci_hole_start, 
&f->pci_hole);
-
-pci_hole64_size = pci_host_get_hole64_size(i440fx->pci_hole64_size);
-
-pc_init_pci64_hole(&i440fx->pci_info, 0x1ULL + above_4g_mem_size,
-   pci_hole64_size);
-memory_region_init_alias(&f->pci_hole_64bit, OBJECT(d), "pci-hole64",
- f->pci_address_space,
- i440fx->pci_info.w64.begin,
- pci_hole64_size);
-if (pci_hole64_size) {
-memory_region_add_subregion(f->system_memory,
-i440fx->pci_info.w64.begin,
-&f->pci_hole_64bit);
-}
+/* setup pci memory mapping */
+pc_pci_as_mapping_init(OBJECT(f), f->system_memory,

[Qemu-devel] Fwd: AArch64 register SP value always appearing as zero in "info registers" (kvm control)

[Claudio Fontana]

I realized that I mistakenly stripped qemu-devel from the discussion;
forwarding to make the workaround and todo visible.

Claudio

-- Forwarded message --
From: Peter Maydell 
Date: 20 February 2014 16:18
Subject: Re: AArch64 register SP value always appearing as zero in
"info registers" (kvm control)
To: Claudio Fontana 


On 20 February 2014 15:13, Claudio Fontana  wrote:
> I got it to "work for me" by replacing AARCH64_CORE_REG(regs.sp)
> with AARCH64_CORE_REG(sp_el1), since I am at EL1.
>
> I read in kvm_arch_put_registers:
>
> /* TODO:
>  * SP_EL1
>  * ELR_EL1
>  * SPSR[]
>  * FP state
>  * system registers
>  */
>
> So I think getting the SP at EL1 is not supported yet while running at
> EL1 and using SP_ELx.

Yeah. I guess we assumed regs.sp would be "current SP"...
I'll put it on my todo list to fix.

thanks
-- PMM

Re: [Qemu-devel] spapr_pci.c:spapr_pci_msi_init() creates memory region whose size is host-dependent

[Alexander Graf]

On 20.02.2014, at 20:58, Peter Maydell  wrote:

> spapr_pci_msi_init() does this:
> 
>memory_region_init_io(&spapr->msiwindow, NULL, &spapr_msi_ops, spapr,
>  "msi", getpagesize());
> 
> That means this device's memory region size will depend on
> the host OS CPU and configuration, which seems like a bad idea,
> especially if this machine is supposed to work with TCG.
> It also means that on Win32 the compiler complains:
> 
>  CCppc64-softmmu/hw/ppc/spapr_pci.o
> cc1: warnings being treated as errors
> /home/petmay01/linaro/qemu-from-laptop/qemu/hw/ppc/spapr_pci.c: In
> function ‘spapr_pci_msi_init’:
> /home/petmay01/linaro/qemu-from-laptop/qemu/hw/ppc/spapr_pci.c:482:
> warning: implicit declaration of function ‘getpagesize’
> /home/petmay01/linaro/qemu-from-laptop/qemu/hw/ppc/spapr_pci.c:482:
> warning: nested extern declaration of ‘getpagesize’
> 
> since getpagesize() doesn't exist there.
> 
> Not sure which of the following is best:
> * use a fixed size for the memory region (eg "worst
>   case page size for target CPU")
> * query the target CPU for its page size rather than the
>   host OS/CPU
> * guard with suitable ifdefs if this code can't actually
>   be used except with KVM
> * abstract out the "how do I find my page size on $OS?"
>   check to an os-*.c file
> * something else
> 
> Any suggestions?

I think this should just be wrapped in a kvm special case and default to 4k 
otherwise (we can't use TARGET_PAGE_SIZE here, right?). That should get 
optimized out on win32 and fix your build :).

I'll post a proper patch any minute.


Alex

diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c
index 66ddf10..a3af75c 100644
--- a/hw/ppc/spapr_pci.c
+++ b/hw/ppc/spapr_pci.c
@@ -469,6 +469,8 @@ static const MemoryRegionOps spapr_msi_ops = {

 void spapr_pci_msi_init(sPAPREnvironment *spapr, hwaddr addr)
 {
+uint64_t window_size = 4096;
+
 /*
  * As MSI/MSIX interrupts trigger by writing at MSI/MSIX vectors,
  * we need to allocate some memory to catch those writes coming
@@ -476,10 +478,17 @@ void spapr_pci_msi_init(sPAPREnvironment *spapr, hwaddr 
addr)
  * As MSIMessage:addr is going to be the same and MSIMessage:data
  * is going to be a VIRQ number, 4 bytes of the MSI MR will only
  * be used.
+ *
+ * For KVM we want to ensure that this memory is a full page so that
+ * our memory slot is of page size granularity.
  */
+if (kvm_enabled()) {
+window_size = getpagesize();
+}
+
 spapr->msi_win_addr = addr;
 memory_region_init_io(&spapr->msiwindow, NULL, &spapr_msi_ops, spapr,
-  "msi", getpagesize());
+  "msi", window_size);
 memory_region_add_subregion(get_system_memory(), spapr->msi_win_addr,
 &spapr->msiwindow);
 }

[Qemu-devel] [PATCH] PPC: sPAPR: Only use getpagesize() when we run with kvm

[Alexander Graf]

We currently size the msi window trap page according to the host's page
size so that we poke a working hole into a memory slot in case we overlap.

However, this is only ever necessary with KVM active. Without KVM, we should
rather try to be host platform agnostic and use a constant size: 4k.

This fixes a build breakage on win32 hosts.

Signed-off-by: Alexander Graf 
---
 hw/ppc/spapr_pci.c | 11 ++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c
index 66ddf10..a3af75c 100644
--- a/hw/ppc/spapr_pci.c
+++ b/hw/ppc/spapr_pci.c
@@ -469,6 +469,8 @@ static const MemoryRegionOps spapr_msi_ops = {
 
 void spapr_pci_msi_init(sPAPREnvironment *spapr, hwaddr addr)
 {
+uint64_t window_size = 4096;
+
 /*
  * As MSI/MSIX interrupts trigger by writing at MSI/MSIX vectors,
  * we need to allocate some memory to catch those writes coming
@@ -476,10 +478,17 @@ void spapr_pci_msi_init(sPAPREnvironment *spapr, hwaddr 
addr)
  * As MSIMessage:addr is going to be the same and MSIMessage:data
  * is going to be a VIRQ number, 4 bytes of the MSI MR will only
  * be used.
+ *
+ * For KVM we want to ensure that this memory is a full page so that
+ * our memory slot is of page size granularity.
  */
+if (kvm_enabled()) {
+window_size = getpagesize();
+}
+
 spapr->msi_win_addr = addr;
 memory_region_init_io(&spapr->msiwindow, NULL, &spapr_msi_ops, spapr,
-  "msi", getpagesize());
+  "msi", window_size);
 memory_region_add_subregion(get_system_memory(), spapr->msi_win_addr,
 &spapr->msiwindow);
 }
-- 
1.8.1.4

Re: [Qemu-devel] [RFC PATCH v2 01/12] mc: add documentation for micro-checkpointing

[Dr. David Alan Gilbert]

* Michael R. Hines (mrhi...@linux.vnet.ibm.com) wrote:
> On 02/21/2014 12:32 AM, Dr. David Alan Gilbert wrote:
> >
> >I'm happy to use more memory to get FT, all I'm trying to do is see
> >if it's possible to put a lower bound than 2x on it while still maintaining
> >full FT, at the expense of performance in the case where it uses
> >a lot of memory.
> >
> >>The bottom line is: if you put a *hard* constraint on memory usage,
> >>what will happen to the guest when that garbage collection you mentioned
> >>shows up later and runs for several minutes? How about an hour?
> >>Are we just going to block the guest from being allowed to start a
> >>checkpoint until the memory usage goes down just for the sake of avoiding
> >>the 2x memory usage?
> >Yes, or move to the next checkpoint sooner than the N milliseconds when
> >we see the buffer is getting full.
> 
> OK, I see there is definitely some common ground there: So to be
> more specific, what we really need is two things: (I've learned that
> the reviewers are very cautious about adding to much policy into
> QEMU itself, but let's iron this out anyway:)
> 
> 1. First, we need to throttle down the guest (QEMU can already do this
> using the recently introduced "auto-converge" feature). This means
> that the guest is still making forward progress, albeit slow progress.
> 
> 2. Then we would need some kind of policy, or better yet, a trigger that
> does something to the effect of "we're about to use a whole lot of
> checkpoint memory soon - can we afford this much memory usage".
> Such a trigger would be conditional on the current policy of the
> administrator or management software: We would either have a QMP
> command that with a boolean flag that says "Yes" or "No", it's
> tolerable or not to use that much memory in the next checkpoint.
> 
> If the answer is "Yes", then nothing changes.
> If the answer is "No", then we should either:
>a) throttle down the guest
>b) Adjust the checkpoint frequency
>c) Or pause it altogether while we migrate some other VMs off the
>host such that we can complete the next checkpoint in its
> entirety.

Yes I think so, although what I was thinking was mainly (b) possibly
to the point of not starting the next checkpoint.

> It's not clear to me how much of this (or any) of this control loop should
> be in QEMU or in the management software, but I would definitely agree
> that a minimum of at least the ability to detect the situation and remedy
> the situation should be in QEMU. I'm not entirely convince that the
> ability to *decide* to remedy the situation should be in QEMU, though.

The management software access is low frequency, high latency; it should
be setting general parameters (max memory allowed, desired checkpoint
frequency etc) but I don't see that we can use it to do anything on
a sooner than a few second basis; so yes it can monitor things and
tweek the knobs if it sees the host as a whole is getting tight on RAM
etc - but we can't rely on it to throw in the breaks if this guest
suddenly decides to take bucket loads of RAM; something has to react
quickly in relation to previously set limits.

> >>If you block the guest from being checkpointed,
> >>then what happens if there is a failure during that extended period?
> >>We will have saved memory at the expense of availability.
> >If the active machine fails during this time then the secondary carries
> >on from it's last good snapshot in the knowledge that the active
> >never finished the new snapshot and so never uncorked it's previous packets.
> >
> >If the secondary machine fails during this time then tha active drops
> >it's nascent snapshot and carries on.
> 
> Yes, that makes sense. Where would that policy go, though,
> continuing the above concern?

I think there has to be some input from the management layer for failover,
because (as per my split-brain concerns) something has to make the decision
about which of the source/destination is to take over, and I don't
believe individual instances have that information.

> >However, what you have made me realise is that I don't have an answer
> >for the memory usage on the secondary; while the primary can pause
> >it's guest until the secondary ack's the checkpoint, the secondary has
> >to rely on the primary not to send it huge checkpoints.
> 
> Good question: There's a lot of work ideas out there in the academic
> community to compress the secondary, or push the secondary to
> a flash-based device, or de-duplicate the secondary. I'm sure any
> of them would put a dent in the problem, but I'm not seeing a smoking
> gun solution that would absolutely save all that memory completely.

Ah, I was thinking that flash would be a good solution for secondary;
it would be a nice demo.

> (Personally, I don't believe in swap. I wouldn't even consider swap
> or any kind of traditional disk-based remedy to be a viable solution).

Well it certainly exists

[Qemu-devel] [PATCH 48/51] linux-user: Fix trampoline code for CRIS

[Michael Roth]

From: Stefan Weil 

__put_user can write bytes, words (2 bytes) or longwords (4 bytes).
Here obviously words should have been written, but bytes were written,
so values like 0x9c5f were truncated to 0x5f.

Fix this by changing retcode from uint8_t to to uint16_t in
target_signal_frame and also in the unused rt_signal_frame.

This problem was reported by static code analysis (smatch).

Cc: qemu-sta...@nongnu.org
Signed-off-by: Stefan Weil 
Acked-by: Riku Voipio 
Reviewed-by: Peter Maydell 
Tested-by: Edgar E. Iglesias 
Reviewed-by: Edgar E. Iglesias 
Signed-off-by: Edgar E. Iglesias 
(cherry picked from commit 8cfc114a2f293c40077d1bdb7500b29db359ca22)

Signed-off-by: Michael Roth 
---
 linux-user/signal.c |8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/linux-user/signal.c b/linux-user/signal.c
index 7751c47..544e77e 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -3653,7 +3653,7 @@ struct target_sigcontext {
 struct target_signal_frame {
 struct target_sigcontext sc;
 uint32_t extramask[TARGET_NSIG_WORDS - 1];
-uint8_t retcode[8];   /* Trampoline code. */
+uint16_t retcode[4];  /* Trampoline code. */
 };
 
 struct rt_signal_frame {
@@ -3661,7 +3661,7 @@ struct rt_signal_frame {
 void *puc;
 siginfo_t info;
 struct ucontext uc;
-uint8_t retcode[8];   /* Trampoline code. */
+uint16_t retcode[4];  /* Trampoline code. */
 };
 
 static void setup_sigcontext(struct target_sigcontext *sc, CPUCRISState *env)
@@ -3739,8 +3739,8 @@ static void setup_frame(int sig, struct target_sigaction 
*ka,
 */
err |= __put_user(0x9c5f, frame->retcode+0);
err |= __put_user(TARGET_NR_sigreturn, 
- frame->retcode+2);
-   err |= __put_user(0xe93d, frame->retcode+4);
+ frame->retcode + 1);
+   err |= __put_user(0xe93d, frame->retcode + 2);
 
/* Save the mask.  */
err |= __put_user(set->sig[0], &frame->sc.oldmask);
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH V7 04/11] qapi script: check correctness of discriminator values in union

[Markus Armbruster]

Eric Blake  writes:

> On 02/20/2014 07:43 AM, Markus Armbruster wrote:
>> Wenchao Xia  writes:
>> 
>>> It will check whether base is set, whether discriminator is found
>>> in base, whether the values specified are written correctly, and
>>> whether all enum values are covered, when discriminator is a
>
>> 
>> And every member of the discriminator enum type must also occur as key
>> of the union's member 'data'.  Why?
>> 
>> Consider:
>> 
>> { 'enum': 'FooEnum', 'data': [ 'plain', 'bells', 'whistles' ] }
>> 
>> { 'type': 'CommonFooOptions',
>>   'data': { 'type: 'FooType', 'readonly': 'bool' } }
>> { 'union': 'FooOptions',
>>   'base': 'CommonFooOptions',
>>   'discriminator': 'type',
>>   'data': { 'bells': 'BellsOptions',
>> 'whistles': 'WhistlesOptions' } }
>> 
>> Type 'plain' doesn't have options beyond CommonFooOptions.
>
> I'd still rather make it explicit that we KNOW that this branch of the
> union has no additional options:
>
> { 'union': 'FooOptions',
>   'base': 'CommonFooOptions',
>   'discriminator': 'type',
>   'data': { 'plain': {},
> 'bells': 'BellsOptions',
> 'whistles': 'WhistlesOptions' } }
>
> to show that we explicitly thought about all the cases.  We don't
> currently have any such unions with an empty branch, but it would be
> worth documenting in the qapi text and explicitly testing that it works
> if we intend to support this.

Fair point.  However, it requires 'plain': {} to work, and it doesn't in
my testing.  When I add "'c': {}" to qapi-schema-test.json's
UserDefFlatUnion like this:

{ 'union': 'UserDefFlatUnion',
  'base': 'UserDefOne',
  'discriminator': 'string',
  'data': { 'a' : 'UserDefA', 'b' : 'UserDefB', 'c': {} } }

the generator gives me

struct UserDefFlatUnion
{
UserDefFlatUnionKind kind;
union {
void *data;
UserDefA * a;
UserDefB * b;
--->void c;
};
bool has_enum1;
EnumOne enum1;
};

which doesn't compile.  This is only the first compile error, there are
more.

We should extend the generator to permit {} before we insist on unions
covering all discriminator values explicitly.  Because if we don't,
people will be compelled to add dummy fields.

Re: [Qemu-devel] [PATCH] pseries: Update SLOF firmware image to 20140204

[Alexander Graf]

On 21.02.2014, at 07:09, Alexey Kardashevskiy  wrote:

> On 02/10/2014 05:52 PM, Alexey Kardashevskiy wrote:
>> The changelog is:
>>> version: update to 20140204
>>> virtio-9p: disable unused structure
>>> Make "boot net:dhcp" boot from IPv4 only
>>> Fix virtio device shutdown
>>> Change shutdown method name for virtio-scsi
>>> Add support for 64bit LE ABI v1 and v2 support
>>> Change representation of string environment variable
>>> cas: return error when unknown node found
>>> version: update
>>> Reset obp-tftp arguments before parsing
>>> Enable seamless netboot on IPv6 network
>>> Fix shutdown for virtio devices
>>> Fix zero checksum in UDP header
>>> Handle router advertisement message properly
>>> [oex]hci_exit: Check before freeing/unmapping memory
>>> Work around missing sc 1 traps on pHyp
>>> fix print_version() to return where it came from
>>> usb-xhci: memory freeing and using returns as bool uniformly
>>> Output banner and initial display output in VNC window
>>> use VERSION file to generate FW version
>>> cas: remove warning
>>> Add support for loading little endian ELF binaries.
>>> Add bswap_{16,32,64}p
>>> dhcpv6 and other minor net-snk fixes
>>> Fix missing drop in virtio-fs setup-alias
>>> Find next available alias name
>>> SLOF does not exit if given 1KB disk
>>> boot: enable support for bootindex
>>> pci-properties: add properties to enable hotplug for spapr
>>> e1000: remember node handle
>>> Increase quiesce tokens array size
>>> virtio: timeout after 5sec
>>> Enable IPv6 support in dns
>>> usb-ohci: fix warnings
>>> Add ipv6 support in net-snk
>>> ipv4: fix frame overwriting following arp_send_request
>>> e1000: fix SLOF_dma_map_out arguments
>>> Maintain single global packet buffer for tftp
>>> Increase virtio-net receive queue size
>>> Increase veth receive queue size
>>> Fix dprintf macros at various points
>>> usb-ohci: rewrite done_head processing code
>>> boot: add net in default boot order
>>> block 0 address in the allocator
>>> scsi: make-media-alias fix
>>> usb-xhci: add xhci host controller support
>>> usb-xhci: add xhci support
>>> Avoid veth read/write calls with zero length buffer
>>> boot: include other aliases
>>> usb-core: disable xhci
> 
> 
> Ping?

Anthony / Stefan, could you please update the SLOF.git mirror on git.qemu.org?


Alex

Re: [Qemu-devel] [PATCH] virtio-net: Do not filter VLANs without F_CTRL_VLAN

[Amos Kong]

On Wed, Feb 12, 2014 at 10:46:28PM +0100, Stefan Fritsch wrote:
> If VIRTIO_NET_F_CTRL_VLAN is not negotiated, do not filter out all
> VLAN-tagged packets but send them to the guest.

Can we just update receive_filter() to filter out VLAN-tagged packets
only when VIRTIO_NET_F_CTRL_VLAN is negotiated?

@@ -913,7 +940,8 @@ static int receive_filter(VirtIONet
*n, const uint8_t *buf, int size)
 
 if (!memcmp(&ptr[12], vlan, sizeof(vlan))) {
 int vid = be16_to_cpup((uint16_t *)(ptr + 14)) & 0xfff;
-if (!(n->vlans[vid >> 5] & (1U << (vid & 0x1f
+if ((vdev->guest_features & (1 << VIRTIO_NET_F_CTRL_VLAN)) &&
+!(n->vlans[vid >> 5] & (1U << (vid & 0x1f
 return 0;
 }
 
> Signed-off-by: Stefan Fritsch 
> ---
> 
> This time CCing the maintainers.
> 
> This fixes VLANs with OpenBSD guests (and probably NetBSD, too, because
> the OpenBSD driver started as a port from NetBSD).
> 
> 
>  hw/net/virtio-net.c |   12 +++-
>  1 file changed, 11 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
> index 3626608..0ae9a91 100644
> --- a/hw/net/virtio-net.c
> +++ b/hw/net/virtio-net.c
> @@ -315,7 +315,11 @@ static void virtio_net_reset(VirtIODevice *vdev)
>  memset(n->mac_table.macs, 0, MAC_TABLE_ENTRIES * ETH_ALEN);
>  memcpy(&n->mac[0], &n->nic->conf->macaddr, sizeof(n->mac));
>  qemu_format_nic_info_str(qemu_get_queue(n->nic), n->mac);
> -memset(n->vlans, 0, MAX_VLAN >> 3);
> +if (vdev->guest_features & (1 << VIRTIO_NET_F_CTRL_VLAN)) {
> +memset(n->vlans, 0, MAX_VLAN >> 3);
> +} else {
> +memset(n->vlans, 0xff, MAX_VLAN >> 3);
> +}
>  }
>  
>  static void peer_test_vnet_hdr(VirtIONet *n)
> @@ -515,6 +519,12 @@ static void virtio_net_set_features(VirtIODevice *vdev, 
> uint32_t features)
>  }
>  vhost_net_ack_features(tap_get_vhost_net(nc->peer), features);
>  }
> +
> +if (vdev->guest_features & (1 << VIRTIO_NET_F_CTRL_VLAN)) {
> +memset(n->vlans, 0, MAX_VLAN >> 3);
> +} else {
> +memset(n->vlans, 0xff, MAX_VLAN >> 3);
> +}
>  }
>  
>  static int virtio_net_handle_rx_mode(VirtIONet *n, uint8_t cmd,
> -- 
> 1.7.10.4

-- 
Amos.

[Qemu-devel] [PATCH 35/51] qemu_opts_parse(): always check return value

[Michael Roth]

From: Laszlo Ersek 

qemu_opts_parse() can always return NULL, even if the QemuOptsList.desc in
question would be trivial to satisfy (eg. because it's empty). For
example:

qemu_opts_parse()
  opts_parse()
qemu_opts_create()
  id_wellformed()

In practice:

  $ .../qemu-system-x86_64 -acpitable id=3
  qemu-system-x86_64: -acpitable id=3: Parameter 'id' expects an identifier
  **
  ERROR:vl.c:3491:main: assertion failed: (opts != NULL)
  Aborted (core dumped)

  $ .../qemu-system-x86_64 -smbios id=3
  qemu-system-x86_64: -smbios id=3: Parameter 'id' expects an identifier
  Segmentation fault (core dumped)

I checked all qemu_opts_parse() invocations (and all drive_def()
invocations too, because it blindly forwards the former's retval). Only
the two above examples look problematic.

Signed-off-by: Laszlo Ersek 
Reviewed-by: Markus Armbruster 
Message-id: 1385658779-7529-1-git-send-email-ler...@redhat.com
Signed-off-by: Anthony Liguori 
(cherry picked from commit f46e720a82ccdf1a521cf459448f3f96ed895d43)

Signed-off-by: Michael Roth 
---
 vl.c |7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/vl.c b/vl.c
index 31e3411..30b5076 100644
--- a/vl.c
+++ b/vl.c
@@ -3489,11 +3489,16 @@ int main(int argc, char **argv, char **envp)
 }
 case QEMU_OPTION_acpitable:
 opts = qemu_opts_parse(qemu_find_opts("acpi"), optarg, 1);
-g_assert(opts != NULL);
+if (!opts) {
+exit(1);
+}
 do_acpitable_option(opts);
 break;
 case QEMU_OPTION_smbios:
 opts = qemu_opts_parse(qemu_find_opts("smbios"), optarg, 0);
+if (!opts) {
+exit(1);
+}
 do_smbios_option(opts);
 break;
 case QEMU_OPTION_enable_kvm:
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH 29/51] linux-user: pass correct parameter to do_shmctl()

[Laurent Vivier]

> Le 21 février 2014 à 09:17, Michael Roth  a écrit :
>
>
> From: Petar Jovanovic 
>
> Fix shmctl issue by passing correct parameter buf to do_shmctl().
>
> Signed-off-by: Petar Jovanovic 
> Signed-off-by: Riku Voipio 
> (cherry picked from commit a29267846a52b4ca294ba3a962b74b67df7ce6d2)
>
> Signed-off-by: Michael Roth 
> ---
> linux-user/syscall.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index eaaf00d..a3575e7 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -3216,7 +3216,7 @@ static abi_long do_ipc(unsigned int call, int first,
>
> /* IPC_* and SHM_* command values are the same on all linux platforms */
> case IPCOP_shmctl:
> - ret = do_shmctl(first, second, third);
> + ret = do_shmctl(first, second, ptr);
> break;
> default:
> gemu_log("Unsupported ipc call: %d (version %d)\n", call, version);
>

I though this one was already applied :
 


Regards,
Laurent

[Qemu-devel] [PATCH 34/51] block/iscsi: use a bh to schedule co reentrance

[Michael Roth]

From: Peter Lieven 

this fixes a potential segfault and performance regression.

If the coroutine is reentered directly in the iscsi_co_generic_cb
iscsi_process_{read,write} are interrupted and reentered any
time later. One the one hand this could happen after an iscsi_close
where the iscsi context is already gone (segfault). On the
other hand this limits the number of processed callbacks
in each aio_dispatch to one (potential performance regression).

Cc: qemu-sta...@nongnu.org
Signed-off-by: Peter Lieven 
Signed-off-by: Paolo Bonzini 
(cherry picked from commit 8b9dfe9098d91e06a3dd6376624307fe5fa13be8)

Signed-off-by: Michael Roth 
---
 block/iscsi.c |   11 ++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/block/iscsi.c b/block/iscsi.c
index a2d578c..a410a28 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -65,6 +65,7 @@ typedef struct IscsiTask {
 int do_retry;
 struct scsi_task *task;
 Coroutine *co;
+QEMUBH *bh;
 } IscsiTask;
 
 typedef struct IscsiAIOCB {
@@ -121,6 +122,13 @@ iscsi_schedule_bh(IscsiAIOCB *acb)
 qemu_bh_schedule(acb->bh);
 }
 
+static void iscsi_co_generic_bh_cb(void *opaque)
+{
+struct IscsiTask *iTask = opaque;
+qemu_bh_delete(iTask->bh);
+qemu_coroutine_enter(iTask->co, NULL);
+}
+
 static void
 iscsi_co_generic_cb(struct iscsi_context *iscsi, int status,
 void *command_data, void *opaque)
@@ -145,7 +153,8 @@ iscsi_co_generic_cb(struct iscsi_context *iscsi, int status,
 
 out:
 if (iTask->co) {
-qemu_coroutine_enter(iTask->co, NULL);
+iTask->bh = qemu_bh_new(iscsi_co_generic_bh_cb, iTask);
+qemu_bh_schedule(iTask->bh);
 }
 }
 
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH v2] virtio-net: add a field to indicate if vlan table is used

[Amos Kong]

On Thu, Feb 20, 2014 at 12:46:14PM -0500, Vlad Yasevich wrote:
> On 02/20/2014 11:38 AM, Amos Kong wrote:
> > Stefan Fritsch just fixed a virtio-net driver bug [1], virtio-net won't
> > filter out VLAN-tagged packets if VIRTIO_NET_F_CTRL_VLAN isn't negotiated.
> > 
> > This patch added a new field to @RxFilterInfo to indicate if management
> > uses the vlan table.
> > 
> > [1] http://lists.nongnu.org/archive/html/qemu-devel/2014-02/msg02604.html
> > 
> > Signed-off-by: Amos Kong 
> > ---
> > V2: don't make vlan-table optional, add a flag to indicate
> > if vlan table is used by management
> > ---
> >  hw/net/virtio-net.c | 38 +-
> >  qapi-schema.json|  3 +++
> >  qmp-commands.hx |  2 ++
> >  3 files changed, 30 insertions(+), 13 deletions(-)
> > 
> > diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
> > index 3626608..f591f4e 100644
> > --- a/hw/net/virtio-net.c
> > +++ b/hw/net/virtio-net.c
> > @@ -222,13 +222,33 @@ static char *mac_strdup_printf(const uint8_t *mac)
> >  mac[1], mac[2], mac[3], mac[4], mac[5]);
> >  }
> >  
> > +static intList *get_vlan_table(VirtIONet *n)
> > +{
> > +intList *list, *entry;
> > +int i, j;
> > +
> > +list = NULL;
> > +for (i = 0; i < MAX_VLAN >> 5; i++) {
> > +for (j = 0; n->vlans[i] && j < 0x1f; j++) {
> > +if (n->vlans[i] & (1U << j)) {
> > +entry = g_malloc0(sizeof(*entry));
> > +entry->value = (i << 5) + j;
> > +entry->next = list;
> > +list = entry;
> > +}
> > +}
> > +}
> > +
> > +return list;
> > +}
> > +
> >  static RxFilterInfo *virtio_net_query_rxfilter(NetClientState *nc)
> >  {
> >  VirtIONet *n = qemu_get_nic_opaque(nc);
> > +VirtIODevice *vdev = VIRTIO_DEVICE(n);
> >  RxFilterInfo *info;
> >  strList *str_list, *entry;
> > -intList *int_list, *int_entry;
> > -int i, j;
> > +int i;
> >  
> >  info = g_malloc0(sizeof(*info));
> >  info->name = g_strdup(nc->name);
> > @@ -273,19 +293,11 @@ static RxFilterInfo 
> > *virtio_net_query_rxfilter(NetClientState *nc)
> >  str_list = entry;
> >  }
> >  info->multicast_table = str_list;
> > +info->vlan_table = get_vlan_table(n);
> >  
> > -int_list = NULL;
> > -for (i = 0; i < MAX_VLAN >> 5; i++) {
> > -for (j = 0; n->vlans[i] && j < 0x1f; j++) {
> > -if (n->vlans[i] & (1U << j)) {
> > -int_entry = g_malloc0(sizeof(*int_entry));
> > -int_entry->value = (i << 5) + j;
> > -int_entry->next = int_list;
> > -int_list = int_entry;
> > -}
> > -}
> > +if ((1 << VIRTIO_NET_F_CTRL_VLAN) & vdev->guest_features) {
> > +info->vlan = true;
> >  }
> 
> So, in the case that vlan filtering is not supported in the guest
> we get:
>  "vlan": false,
>  "vlan-table": [
>  0,
>  1,
>  2,
>  ...
>  4095
> ]
> since virtio_net now initializes the table to all 1s.
> Seems a bit awkward.  We are providing a lot of data that
> is simply going to be ignored.

In Stefan's patch [1], qemu fills all vlan ids to 1, then all the
packets will come to guest.

For the host device, it also should not filter out any vlan-tagged
packets when VIRTIO_NET_F_CTRL_VLAN is not negotiated. We should also
fill vlan ids of host device to 1, then vlan-filter of host device
will not perform.

If so, we don't need my patch, just pass [0,1,2,...4095] to management
as past. The new field in RxFilterInfo isn't necessary.

[1] [PATCH] virtio-net: Do not filter VLANs without F_CTRL_VLAN 

Thanks, Amos
 
> > -info->vlan_table = int_list;
> >  
> >  /* enable event notification after query */
> >  nc->rxfilter_notify_enabled = 1;
> > diff --git a/qapi-schema.json b/qapi-schema.json
> > index 7cfb5e5..5b54e94 100644
> > --- a/qapi-schema.json
> > +++ b/qapi-schema.json
> > @@ -4032,6 +4032,8 @@
> >  #
> >  # @unicast-overflow: unicast table is overflowed or not
> >  #
> > +# @vlan: whether management uses the vlan table
> > +#
> 
> The above description seems a bit confusing to me.  The value
> we are returning describes whether or not qemu is performing
> vlan filtering.  I am not sure if it has any bearing on what
> management may be doing.
> 
> I think the idea is that management, in the future, would look at
> this value and make some decision about applying provided filter
> to the current host configuration.
> 
> >  # @main-mac: the main macaddr string
> >  #
> >  # @vlan-table: a list of active vlan id
> > @@ -4052,6 +4054,7 @@
> >  'broadcast-allowed':  'bool',
> >  'multicast-overflow': 'bool',
> >  'unicast-overflow':   'bool',
> > +'vlan':   'bool',
> 
> Not terribly descriptive.  May be call it vlan-filter?
> 
> Thanks
> -vlad
> 

[Qemu-devel] [PATCH 36/51] s390x/kvm: Fix diagnose handling.

[Michael Roth]

From: Cornelia Huck 

The instruction intercept handler for diagnose used only the displacement
when trying to calculate the function code. This is only correct for base
0, however; we need to perform a complete base/displacement address
calculation and use bits 48-63 as the function code.

Reviewed-by: Thomas Huth 
Signed-off-by: Cornelia Huck 
Signed-off-by: Jens Freimann 
Signed-off-by: Alexander Graf 
(cherry picked from commit 638129ff475dd3b4c0e57e0be598efe41461e9b3)

Signed-off-by: Michael Roth 
---
 target-s390x/cpu.h |3 +++
 target-s390x/kvm.c |   19 +--
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/target-s390x/cpu.h b/target-s390x/cpu.h
index a2c077b..68b5ab7 100644
--- a/target-s390x/cpu.h
+++ b/target-s390x/cpu.h
@@ -352,6 +352,9 @@ static inline hwaddr decode_basedisp_s(CPUS390XState *env, 
uint32_t ipb)
 return addr;
 }
 
+/* Base/displacement are at the same locations. */
+#define decode_basedisp_rs decode_basedisp_s
+
 void s390x_tod_timer(void *opaque);
 void s390x_cpu_timer(void *opaque);
 
diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index 02ac4ba..b00a661 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -562,11 +562,19 @@ static void kvm_handle_diag_308(S390CPU *cpu, struct 
kvm_run *run)
 handle_diag_308(&cpu->env, r1, r3);
 }
 
-static int handle_diag(S390CPU *cpu, struct kvm_run *run, int ipb_code)
+#define DIAG_KVM_CODE_MASK 0x
+
+static int handle_diag(S390CPU *cpu, struct kvm_run *run, uint32_t ipb)
 {
 int r = 0;
-
-switch (ipb_code) {
+uint16_t func_code;
+
+/*
+ * For any diagnose call we support, bits 48-63 of the resulting
+ * address specify the function code; the remainder is ignored.
+ */
+func_code = decode_basedisp_rs(&cpu->env, ipb) & DIAG_KVM_CODE_MASK;
+switch (func_code) {
 case DIAG_IPL:
 kvm_handle_diag_308(cpu, run);
 break;
@@ -577,7 +585,7 @@ static int handle_diag(S390CPU *cpu, struct kvm_run *run, 
int ipb_code)
 sleep(10);
 break;
 default:
-DPRINTF("KVM: unknown DIAG: 0x%x\n", ipb_code);
+DPRINTF("KVM: unknown DIAG: 0x%x\n", func_code);
 r = -1;
 break;
 }
@@ -684,7 +692,6 @@ static void handle_instruction(S390CPU *cpu, struct kvm_run 
*run)
 {
 unsigned int ipa0 = (run->s390_sieic.ipa & 0xff00);
 uint8_t ipa1 = run->s390_sieic.ipa & 0x00ff;
-int ipb_code = (run->s390_sieic.ipb & 0x0fff) >> 16;
 int r = -1;
 
 DPRINTF("handle_instruction 0x%x 0x%x\n",
@@ -696,7 +703,7 @@ static void handle_instruction(S390CPU *cpu, struct kvm_run 
*run)
 r = handle_priv(cpu, run, ipa0 >> 8, ipa1);
 break;
 case IPA0_DIAG:
-r = handle_diag(cpu, run, ipb_code);
+r = handle_diag(cpu, run, run->s390_sieic.ipb);
 break;
 case IPA0_SIGP:
 r = handle_sigp(cpu, run, ipa1);
-- 
1.7.9.5

[Qemu-devel] [PATCH 41/51] block/curl: Implement the libcurl timer callback interface

[Michael Roth]

From: Peter Maydell 

libcurl versions 7.16.0 and later have a timer callback interface which
must be implemented in order for libcurl to make forward progress (it
will sometimes rely on being called back on the timeout if there are
no file descriptors registered). Implement the callback, and use a
QEMU AIO timer to ensure we prod libcurl again when it asks us to.

Based on Peter's original patch plus my fix to add curl_multi_timeout_do.
Should compile just fine even on older versions of libcurl.

I also tried copy-on-read and streaming:

$ ./qemu-img create -f qcow2 -o \
 
backing_file=http://download.fedoraproject.org/pub/fedora/linux/releases/20/Live/x86_64/Fedora-Live-Desktop-x86_64-20-1.iso
 \
 foo.qcow2 1G
$ x86_64-softmmu/qemu-system-x86_64 \
 -drive if=none,file=foo.qcow2,copy-on-read=on,id=cd \
 -device ide-cd,drive=cd --enable-kvm -m 1024

Direct http usage is probably too slow, but with copy-on-read ultimately
the image does boot!

After some time, streaming gets canceled by an EIO, which needs further
investigation.

Signed-off-by: Peter Maydell 
Signed-off-by: Paolo Bonzini 
Signed-off-by: Kevin Wolf 
(cherry picked from commit 031fd1be5618c347f9aeb44ec294f14a541e42b2)

Signed-off-by: Michael Roth 
---
 block/curl.c |   81 ++
 1 file changed, 70 insertions(+), 11 deletions(-)

diff --git a/block/curl.c b/block/curl.c
index 5a46f97..1c04dcc 100644
--- a/block/curl.c
+++ b/block/curl.c
@@ -34,6 +34,11 @@
 #define DPRINTF(fmt, ...) do { } while (0)
 #endif
 
+#if LIBCURL_VERSION_NUM >= 0x071000
+/* The multi interface timer callback was introduced in 7.16.0 */
+#define NEED_CURL_TIMER_CALLBACK
+#endif
+
 #define PROTOCOLS (CURLPROTO_HTTP | CURLPROTO_HTTPS | \
CURLPROTO_FTP | CURLPROTO_FTPS | \
CURLPROTO_TFTP)
@@ -77,6 +82,7 @@ typedef struct CURLState
 
 typedef struct BDRVCURLState {
 CURLM *multi;
+QEMUTimer timer;
 size_t len;
 CURLState states[CURL_NUM_STATES];
 char *url;
@@ -87,6 +93,23 @@ typedef struct BDRVCURLState {
 static void curl_clean_state(CURLState *s);
 static void curl_multi_do(void *arg);
 
+#ifdef NEED_CURL_TIMER_CALLBACK
+static int curl_timer_cb(CURLM *multi, long timeout_ms, void *opaque)
+{
+BDRVCURLState *s = opaque;
+
+DPRINTF("CURL: timer callback timeout_ms %ld\n", timeout_ms);
+if (timeout_ms == -1) {
+timer_del(&s->timer);
+} else {
+int64_t timeout_ns = (int64_t)timeout_ms * 1000 * 1000;
+timer_mod(&s->timer,
+  qemu_clock_get_ns(QEMU_CLOCK_REALTIME) + timeout_ns);
+}
+return 0;
+}
+#endif
+
 static int curl_sock_cb(CURL *curl, curl_socket_t fd, int action,
 void *s, void *sp)
 {
@@ -209,20 +232,10 @@ static int curl_find_buf(BDRVCURLState *s, size_t start, 
size_t len,
 return FIND_RET_NONE;
 }
 
-static void curl_multi_do(void *arg)
+static void curl_multi_read(BDRVCURLState *s)
 {
-BDRVCURLState *s = (BDRVCURLState *)arg;
-int running;
-int r;
 int msgs_in_queue;
 
-if (!s->multi)
-return;
-
-do {
-r = curl_multi_socket_all(s->multi, &running);
-} while(r == CURLM_CALL_MULTI_PERFORM);
-
 /* Try to find done transfers, so we can free the easy
  * handle again. */
 do {
@@ -266,6 +279,41 @@ static void curl_multi_do(void *arg)
 } while(msgs_in_queue);
 }
 
+static void curl_multi_do(void *arg)
+{
+BDRVCURLState *s = (BDRVCURLState *)arg;
+int running;
+int r;
+
+if (!s->multi) {
+return;
+}
+
+do {
+r = curl_multi_socket_all(s->multi, &running);
+} while(r == CURLM_CALL_MULTI_PERFORM);
+
+curl_multi_read(s);
+}
+
+static void curl_multi_timeout_do(void *arg)
+{
+#ifdef NEED_CURL_TIMER_CALLBACK
+BDRVCURLState *s = (BDRVCURLState *)arg;
+int running;
+
+if (!s->multi) {
+return;
+}
+
+curl_multi_socket_action(s->multi, CURL_SOCKET_TIMEOUT, 0, &running);
+
+curl_multi_read(s);
+#else
+abort();
+#endif
+}
+
 static CURLState *curl_init_state(BDRVCURLState *s)
 {
 CURLState *state = NULL;
@@ -473,12 +521,20 @@ static int curl_open(BlockDriverState *bs, QDict 
*options, int flags,
 curl_easy_cleanup(state->curl);
 state->curl = NULL;
 
+aio_timer_init(bdrv_get_aio_context(bs), &s->timer,
+   QEMU_CLOCK_REALTIME, SCALE_NS,
+   curl_multi_timeout_do, s);
+
 // Now we know the file exists and its size, so let's
 // initialize the multi interface!
 
 s->multi = curl_multi_init();
 curl_multi_setopt(s->multi, CURLMOPT_SOCKETDATA, s);
 curl_multi_setopt(s->multi, CURLMOPT_SOCKETFUNCTION, curl_sock_cb);
+#ifdef NEED_CURL_TIMER_CALLBACK
+curl_multi_setopt(s->multi, CURLMOPT_TIMERDATA, s);
+curl_multi_setopt(s->multi, CURLMOPT_TIMERFUNCTION, curl_timer_cb);
+#endif
 curl_multi_do(s);
 
 qemu_opts_del(opts);
@@ -

Re: [Qemu-devel] [PATCH v2] net: Disable netmap backend when not supported

[Stefan Hajnoczi]

On Thu, Feb 20, 2014 at 03:40:43PM +0100, Vincenzo Maffione wrote:
> This patch fixes configure so that the netmap backend is not compiled in if 
> the
> host doesn't support an API version >= 11. A version upper bound (15) has been
> added so that the netmap API can be extended with some minor features without
> requiring QEMU code modifications.
> 
> Moreover, some changes have been done to net/netmap.c in order to reflect the
> current netmap API/ABI (11).
> 
> The NETMAP_WITH_LIBS macro makes possible to include some utilities (e.g.
> netmap ring macros, D(), RD() and other high level functions) through the 
> netmap
> headers. In this way we get rid of the D and RD macro definitions in the QEMU
> code, and we open the way for further code simplifications that will be
> introduced by future patches.
> 
> Signed-off-by: Vincenzo Maffione 
> ---
> Note: This patch is against the net-next/net Stefan's branch.
> 
> Changes against the previous version:
>(1) more complete commit description
>(2) add comment in ./configure to explain version checks
> 
>  configure| 10 +-
>  net/netmap.c | 55 +--
>  2 files changed, 22 insertions(+), 43 deletions(-)

Thanks for adding the explanations, it will make it easier for people
reading the code to understand this change in the future.

Applied to my net tree:
https://github.com/stefanha/qemu/commits/net

Stefan

Re: [Qemu-devel] [PATCH] trace: Fix build warnings for Win32 build

[Stefan Hajnoczi]

On Thu, Feb 20, 2014 at 07:44:25PM +, Peter Maydell wrote:
> The Win32 build warns about trace/control-internal.h:
> 
> warning: 'trace_event_count' declared inline after being called
> 
> Fix this by simply reordering trace_event_id() and
> trace_event_count().
> 
> Signed-off-by: Peter Maydell 
> ---
>  trace/control-internal.h | 10 +-
>  1 file changed, 5 insertions(+), 5 deletions(-)

Thanks, applied to my tracing tree:
https://github.com/stefanha/qemu/commits/tracing

Stefan

Re: [Qemu-devel] Patch Round-up for stable 1.7.1, freeze on 2013-02-27

[Paolo Bonzini]

Il 21/02/2014 09:16, Michael Roth ha scritto:

Hi everyone,

The following new patches are queued for QEMU stable v1.7.1:

https://github.com/mdroth/qemu/commits/stable-1.7-staging

The release is planned for 2014-03-03:

http://wiki.qemu.org/Planning/1.7

Please respond here or CC qemu-sta...@nongnu.org on any patches you
think should be included in the release. The cut-off date has
been extended to 2013-02-27 due to the round-up email going
out late.


I have included "KVM: Use return value for error print" in uq/master and 
will post a pull request either today or next Monday.


Paolo

Re: [Qemu-devel] [PATCH v5 3/6] vl: allow customizing the class of /machine

[Paolo Bonzini]

Il 21/02/2014 04:04, Alexey Kardashevskiy ha scritto:

On 02/21/2014 12:50 AM, Alexey Kardashevskiy wrote:

> From: Paolo Bonzini 
>
> This is a first step towards QOMifying /machine.
>
> Signed-off-by: Paolo Bonzini 

I got interesting conversation about "sob" in my team so here it is:

Signed-off-by: Alexey Kardashevskiy 

Is that enough or I better repost the patch?
May be patchworks will pick it as it does for "RB" and other "by"'s.




Yeah, this is fine.

Paolo

[Qemu-devel] [PATCH v21 01/25] add def_value_str to QemuOptDesc

[Chunyan Liu]

Add def_value_str (default value) to QemuOptDesc, to replace function of the
default value in QEMUOptionParameter. And improved related functions.

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
Changes to v20:
  * fix Eric's comments:
- use abort_error instead of local_err
- refactor qemu_opts_print

 include/qemu/option.h |3 +-
 util/qemu-option.c|   59 +---
 2 files changed, 52 insertions(+), 10 deletions(-)

diff --git a/include/qemu/option.h b/include/qemu/option.h
index 3ea871a..2c5b03f 100644
--- a/include/qemu/option.h
+++ b/include/qemu/option.h
@@ -97,6 +97,7 @@ typedef struct QemuOptDesc {
 const char *name;
 enum QemuOptType type;
 const char *help;
+const char *def_value_str;
 } QemuOptDesc;
 
 struct QemuOptsList {
@@ -154,7 +155,7 @@ QDict *qemu_opts_to_qdict(QemuOpts *opts, QDict *qdict);
 void qemu_opts_absorb_qdict(QemuOpts *opts, QDict *qdict, Error **errp);
 
 typedef int (*qemu_opts_loopfunc)(QemuOpts *opts, void *opaque);
-int qemu_opts_print(QemuOpts *opts, void *dummy);
+void qemu_opts_print(QemuOpts *opts);
 int qemu_opts_foreach(QemuOptsList *list, qemu_opts_loopfunc func, void 
*opaque,
   int abort_on_failure);
 
diff --git a/util/qemu-option.c b/util/qemu-option.c
index fd76cd2..edd4b55 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -33,6 +33,9 @@
 #include "qapi/qmp/qerror.h"
 #include "qemu/option_int.h"
 
+static const QemuOptDesc *find_desc_by_name(const QemuOptDesc *desc,
+const char *name);
+
 /*
  * Extracts the name of an option from the parameter string (p points at the
  * first byte of the option name)
@@ -507,6 +510,13 @@ static QemuOpt *qemu_opt_find(QemuOpts *opts, const char 
*name)
 const char *qemu_opt_get(QemuOpts *opts, const char *name)
 {
 QemuOpt *opt = qemu_opt_find(opts, name);
+
+if (!opt) {
+const QemuOptDesc *desc = find_desc_by_name(opts->list->desc, name);
+if (desc && desc->def_value_str) {
+return desc->def_value_str;
+}
+}
 return opt ? opt->str : NULL;
 }
 
@@ -526,8 +536,13 @@ bool qemu_opt_get_bool(QemuOpts *opts, const char *name, 
bool defval)
 {
 QemuOpt *opt = qemu_opt_find(opts, name);
 
-if (opt == NULL)
+if (opt == NULL) {
+const QemuOptDesc *desc = find_desc_by_name(opts->list->desc, name);
+if (desc && desc->def_value_str) {
+parse_option_bool(name, desc->def_value_str, &defval, 
&error_abort);
+}
 return defval;
+}
 assert(opt->desc && opt->desc->type == QEMU_OPT_BOOL);
 return opt->value.boolean;
 }
@@ -536,8 +551,14 @@ uint64_t qemu_opt_get_number(QemuOpts *opts, const char 
*name, uint64_t defval)
 {
 QemuOpt *opt = qemu_opt_find(opts, name);
 
-if (opt == NULL)
+if (opt == NULL) {
+const QemuOptDesc *desc = find_desc_by_name(opts->list->desc, name);
+if (desc && desc->def_value_str) {
+parse_option_number(name, desc->def_value_str, &defval,
+&error_abort);
+}
 return defval;
+}
 assert(opt->desc && opt->desc->type == QEMU_OPT_NUMBER);
 return opt->value.uint;
 }
@@ -546,8 +567,13 @@ uint64_t qemu_opt_get_size(QemuOpts *opts, const char 
*name, uint64_t defval)
 {
 QemuOpt *opt = qemu_opt_find(opts, name);
 
-if (opt == NULL)
+if (opt == NULL) {
+const QemuOptDesc *desc = find_desc_by_name(opts->list->desc, name);
+if (desc && desc->def_value_str) {
+parse_option_size(name, desc->def_value_str, &defval, 
&error_abort);
+}
 return defval;
+}
 assert(opt->desc && opt->desc->type == QEMU_OPT_SIZE);
 return opt->value.uint;
 }
@@ -846,17 +872,32 @@ void qemu_opts_del(QemuOpts *opts)
 g_free(opts);
 }
 
-int qemu_opts_print(QemuOpts *opts, void *dummy)
+void qemu_opts_print(QemuOpts *opts)
 {
 QemuOpt *opt;
+QemuOptDesc *desc = opts->list->desc;
 
-fprintf(stderr, "%s: %s:", opts->list->name,
-opts->id ? opts->id : "");
-QTAILQ_FOREACH(opt, &opts->head, next) {
-fprintf(stderr, " %s=\"%s\"", opt->name, opt->str);
+if (desc[0].name == NULL) {
+QTAILQ_FOREACH(opt, &opts->head, next) {
+fprintf(stderr, "%s=\"%s\" ", opt->name, opt->str);
+}
+return;
+}
+for (; desc && desc->name; desc++) {
+const char *value;
+QemuOpt *opt = qemu_opt_find(opts, desc->name);
+
+value = opt ? opt->str : desc->def_value_str;
+if (!value) {
+continue;
+}
+if (desc->type == QEMU_OPT_STRING) {
+fprintf(stderr, "%s='%s' ", desc->name, value);
+} else {
+fprintf(stderr, "%s=%s ", desc->name, value);
+}
 }
 fprintf(stderr, "\n");
-return 0;
 }
 
 static int opts_do_parse(QemuOpts *opts, const char *params,
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 00/25] replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

This patch series is to replace QEMUOptionParameter with QemuOpts, so that only
one Qemu Option structure is kept in QEMU code.

---
Changes to v20:
  * fix Eric's comments
  * rebase to latest source

Chunyan Liu (25):
  add def_value_str to QemuOptDesc
  qapi: output def_value_str when query command line options
  improve some functions in qemu-option.c
  improve assertion in qemu_opt_get functions
  add some QemuOpts functions for replace work
  add convert functions between QEMUOptionParameter to QemuOpts
  change block layer to support both QemuOpts and QEMUOptionParamter
  cow.c: replace QEMUOptionParameter with QemuOpts
  gluster.c: replace QEMUOptionParameter with QemuOpts
  iscsi.c: replace QEMUOptionParameter with QemuOpts
  qcow.c: replace QEMUOptionParameter with QemuOpts
  qcow2.c: replace QEMUOptionParameter with QemuOpts
  qed.c: replace QEMUOptionParameter with QemuOpts
  raw-posix.c: replace QEMUOptionParameter with QemuOpts
  raw-win32.c: replace QEMUOptionParameter with QemuOpts
  raw_bsd.c: replace QEMUOptionParameter with QemuOpts
  rbd.c: replace QEMUOptionParameter with QemuOpts
  sheepdog.c: replace QEMUOptionParameter with QemuOpts
  ssh.c: replace QEMUOptionParameter with QemuOpts
  vdi.c: replace QEMUOptionParameter with QemuOpts
  vmdk.c: replace QEMUOptionParameter with QemuOpts
  vpc.c: replace QEMUOptionParameter with QemuOpts
  vhdx.c: replace QEMUOptionParameter with QemuOpts
  vvfat.c: replace QEMUOptionParameter with QemuOpts
  cleanup QEMUOptionParameter

 block.c   |   96 
 block/cow.c   |   52 ++---
 block/gluster.c   |   73 +++---
 block/iscsi.c |   29 ++--
 block/qcow.c  |   72 +++---
 block/qcow2.c |  325 ++-
 block/qed.c   |  111 +-
 block/qed.h   |3 +-
 block/raw-posix.c |   55 ++---
 block/raw-win32.c |   34 ++--
 block/raw_bsd.c   |   25 ++-
 block/rbd.c   |   61 +++---
 block/sheepdog.c  |  102 +
 block/ssh.c   |   30 ++--
 block/vdi.c   |   70 +++---
 block/vhdx.c  |   97 
 block/vhdx.h  |1 +
 block/vmdk.c  |  121 +-
 block/vpc.c   |   60 +++---
 block/vvfat.c |   10 +-
 include/block/block.h |7 +-
 include/block/block_int.h |9 +-
 include/qemu/option.h |   54 +
 include/qemu/option_int.h |4 +-
 qapi-schema.json  |8 +-
 qemu-img.c|   89 
 qmp-commands.hx   |2 +
 util/qemu-config.c|4 +
 util/qemu-option.c|  558 +
 29 files changed, 1052 insertions(+), 1110 deletions(-)

[Qemu-devel] [PATCH v21 02/25] qapi: output def_value_str when query command line options

[Chunyan Liu]

Change qapi interfaces to output the newly added def_value_str when querying
command line options.

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 qapi-schema.json   |8 ++--
 qmp-commands.hx|2 ++
 util/qemu-config.c |4 
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/qapi-schema.json b/qapi-schema.json
index 473c096..83e5870 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -4010,12 +4010,16 @@
 #
 # @help: #optional human readable text string, not suitable for parsing.
 #
-# Since 1.5
+# @default: #optional string representation of the default used
+#   if the option is omitted.
+#
+# Since 2.0
 ##
 { 'type': 'CommandLineParameterInfo',
   'data': { 'name': 'str',
 'type': 'CommandLineParameterType',
-'*help': 'str' } }
+'*help': 'str',
+'*default': 'str' } }
 
 ##
 # @CommandLineOptionInfo:
diff --git a/qmp-commands.hx b/qmp-commands.hx
index 8a0e832..9b89d6c 100644
--- a/qmp-commands.hx
+++ b/qmp-commands.hx
@@ -2833,6 +2833,8 @@ Each array entry contains the following:
   or 'size')
 - "help": human readable description of the parameter
   (json-string, optional)
+- "default": default value string for the parameter
+ (json-string, optional)
 
 Example:
 
diff --git a/util/qemu-config.c b/util/qemu-config.c
index 797df71..c6e7db6 100644
--- a/util/qemu-config.c
+++ b/util/qemu-config.c
@@ -68,6 +68,10 @@ static CommandLineParameterInfoList 
*query_option_descs(const QemuOptDesc *desc)
 info->has_help = true;
 info->help = g_strdup(desc[i].help);
 }
+if (desc[i].def_value_str) {
+info->has_q_default = true;
+info->q_default = g_strdup(desc[i].def_value_str);
+}
 
 entry = g_malloc0(sizeof(*entry));
 entry->value = info;
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 03/25] improve some functions in qemu-option.c

[Chunyan Liu]

Improve opt_get and opt_set group of functions. For opt_get, check and handle
NULL input; for opt_set, when set to an existing option, rewrite the option
with new value.

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
changes to v20:
  * fix Eric's comments
- change QemuOpt name and str to (char *)
- delete Opts == NULL check which is added in v20

 include/qemu/option_int.h |4 +-
 util/qemu-option.c|   81 +
 2 files changed, 69 insertions(+), 16 deletions(-)

diff --git a/include/qemu/option_int.h b/include/qemu/option_int.h
index 8212fa4..db9ed91 100644
--- a/include/qemu/option_int.h
+++ b/include/qemu/option_int.h
@@ -30,8 +30,8 @@
 #include "qemu/error-report.h"
 
 struct QemuOpt {
-const char   *name;
-const char   *str;
+char   *name;
+char   *str;
 
 const QemuOptDesc *desc;
 union {
diff --git a/util/qemu-option.c b/util/qemu-option.c
index edd4b55..b2d1a62 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -509,8 +509,13 @@ static QemuOpt *qemu_opt_find(QemuOpts *opts, const char 
*name)
 
 const char *qemu_opt_get(QemuOpts *opts, const char *name)
 {
-QemuOpt *opt = qemu_opt_find(opts, name);
+QemuOpt *opt;
 
+if (opts == NULL) {
+return NULL;
+}
+
+opt = qemu_opt_find(opts, name);
 if (!opt) {
 const QemuOptDesc *desc = find_desc_by_name(opts->list->desc, name);
 if (desc && desc->def_value_str) {
@@ -534,7 +539,13 @@ bool qemu_opt_has_help_opt(QemuOpts *opts)
 
 bool qemu_opt_get_bool(QemuOpts *opts, const char *name, bool defval)
 {
-QemuOpt *opt = qemu_opt_find(opts, name);
+QemuOpt *opt;
+
+if (opts == NULL) {
+return defval;
+}
+
+opt = qemu_opt_find(opts, name);
 
 if (opt == NULL) {
 const QemuOptDesc *desc = find_desc_by_name(opts->list->desc, name);
@@ -549,7 +560,13 @@ bool qemu_opt_get_bool(QemuOpts *opts, const char *name, 
bool defval)
 
 uint64_t qemu_opt_get_number(QemuOpts *opts, const char *name, uint64_t defval)
 {
-QemuOpt *opt = qemu_opt_find(opts, name);
+QemuOpt *opt;
+
+if (opts == NULL) {
+return defval;
+}
+
+opt = qemu_opt_find(opts, name);
 
 if (opt == NULL) {
 const QemuOptDesc *desc = find_desc_by_name(opts->list->desc, name);
@@ -565,8 +582,13 @@ uint64_t qemu_opt_get_number(QemuOpts *opts, const char 
*name, uint64_t defval)
 
 uint64_t qemu_opt_get_size(QemuOpts *opts, const char *name, uint64_t defval)
 {
-QemuOpt *opt = qemu_opt_find(opts, name);
+QemuOpt *opt;
 
+if (opts == NULL) {
+return defval;
+}
+
+opt = qemu_opt_find(opts, name);
 if (opt == NULL) {
 const QemuOptDesc *desc = find_desc_by_name(opts->list->desc, name);
 if (desc && desc->def_value_str) {
@@ -603,6 +625,10 @@ static void qemu_opt_parse(QemuOpt *opt, Error **errp)
 
 static void qemu_opt_del(QemuOpt *opt)
 {
+if (opt == NULL) {
+return;
+}
+
 QTAILQ_REMOVE(&opt->opts->head, opt, next);
 g_free((/* !const */ char*)opt->name);
 g_free((/* !const */ char*)opt->str);
@@ -655,6 +681,13 @@ static void opt_set(QemuOpts *opts, const char *name, 
const char *value,
 return;
 }
 
+opt = qemu_opt_find(opts, name);
+if (opt) {
+g_free((char *)opt->str);
+opt->str = g_strdup(value);
+return;
+}
+
 opt = g_malloc0(sizeof(*opt));
 opt->name = g_strdup(name);
 opt->opts = opts;
@@ -695,16 +728,24 @@ void qemu_opt_set_err(QemuOpts *opts, const char *name, 
const char *value,
 int qemu_opt_set_bool(QemuOpts *opts, const char *name, bool val)
 {
 QemuOpt *opt;
-const QemuOptDesc *desc = opts->list->desc;
+const QemuOptDesc *desc;
 
-opt = g_malloc0(sizeof(*opt));
-opt->desc = find_desc_by_name(desc, name);
-if (!opt->desc && !opts_accepts_any(opts)) {
+desc = find_desc_by_name(opts->list->desc, name);
+if (!desc && !opts_accepts_any(opts)) {
 qerror_report(QERR_INVALID_PARAMETER, name);
-g_free(opt);
 return -1;
 }
 
+opt = qemu_opt_find(opts, name);
+if (opt) {
+g_free((char *)opt->str);
+opt->value.boolean = val;
+opt->str = g_strdup(val ? "on" : "off");
+return 0;
+}
+
+opt = g_malloc0(sizeof(*opt));
+opt->desc = desc;
 opt->name = g_strdup(name);
 opt->opts = opts;
 opt->value.boolean = !!val;
@@ -717,16 +758,24 @@ int qemu_opt_set_bool(QemuOpts *opts, const char *name, 
bool val)
 int qemu_opt_set_number(QemuOpts *opts, const char *name, int64_t val)
 {
 QemuOpt *opt;
-const QemuOptDesc *desc = opts->list->desc;
+const QemuOptDesc *desc;
 
-opt = g_malloc0(sizeof(*opt));
-opt->desc = find_desc_by_name(desc, name);
-if (!opt->desc && !opts_accepts_any(opts)) {
+desc = find_desc_by_name(opts->list->desc, name);
+if (!desc && !opts_accepts_any(opts)) {
 qerror_report(QERR_INVA

[Qemu-devel] [PATCH v21 04/25] improve assertion in qemu_opt_get functions

[Chunyan Liu]

In qemu_opt_set functions, if desc doen't exist but opts_accepts_any is true, it
won't report error, but can still alloc an opt for the option and save it.
However, after that, when doing qemu_opt_get, this option could be found in opts
but opt->desc is NULL. This is correct, should not be treated as error.

This patch would fix vvfat issue after changing to QemuOpts.

Signed-off-by: Chunyan Liu 
---
changes to v20:
  * fix Eric's comments:
- checking opt->desc instead of removing the assertion

 util/qemu-option.c |   12 +---
 1 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/util/qemu-option.c b/util/qemu-option.c
index b2d1a62..11c0313 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -554,7 +554,9 @@ bool qemu_opt_get_bool(QemuOpts *opts, const char *name, 
bool defval)
 }
 return defval;
 }
-assert(opt->desc && opt->desc->type == QEMU_OPT_BOOL);
+if (opt->desc) {
+assert(opt->desc->type == QEMU_OPT_BOOL);
+}
 return opt->value.boolean;
 }
 
@@ -576,7 +578,9 @@ uint64_t qemu_opt_get_number(QemuOpts *opts, const char 
*name, uint64_t defval)
 }
 return defval;
 }
-assert(opt->desc && opt->desc->type == QEMU_OPT_NUMBER);
+if (opt->desc) {
+assert(opt->desc->type == QEMU_OPT_NUMBER);
+}
 return opt->value.uint;
 }
 
@@ -596,7 +600,9 @@ uint64_t qemu_opt_get_size(QemuOpts *opts, const char 
*name, uint64_t defval)
 }
 return defval;
 }
-assert(opt->desc && opt->desc->type == QEMU_OPT_SIZE);
+if (opt->desc) {
+assert(opt->desc->type == QEMU_OPT_SIZE);
+}
 return opt->value.uint;
 }
 
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 07/25] change block layer to support both QemuOpts and QEMUOptionParamter

[Chunyan Liu]

Change block layer to support both QemuOpts and QEMUOptionParameter.
After this patch, it will change backend drivers one by one. At the end,
QEMUOptionParameter will be removed and only QemuOpts is kept.

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block.c   |  121 +
 block/cow.c   |2 +-
 block/qcow.c  |2 +-
 block/qcow2.c |2 +-
 block/qed.c   |2 +-
 block/raw_bsd.c   |2 +-
 block/vhdx.c  |2 +-
 block/vmdk.c  |4 +-
 block/vvfat.c |2 +-
 include/block/block.h |7 ++-
 include/block/block_int.h |8 +++-
 qemu-img.c|  112 +++---
 12 files changed, 170 insertions(+), 96 deletions(-)

diff --git a/block.c b/block.c
index 6f4baca..300f387 100644
--- a/block.c
+++ b/block.c
@@ -408,6 +408,7 @@ typedef struct CreateCo {
 BlockDriver *drv;
 char *filename;
 QEMUOptionParameter *options;
+QemuOpts *opts;
 int ret;
 Error *err;
 } CreateCo;
@@ -420,7 +421,11 @@ static void coroutine_fn bdrv_create_co_entry(void *opaque)
 CreateCo *cco = opaque;
 assert(cco->drv);
 
-ret = cco->drv->bdrv_create(cco->filename, cco->options, &local_err);
+if (cco->drv->bdrv_create2) {
+ret = cco->drv->bdrv_create2(cco->filename, cco->opts, &local_err);
+} else {
+ret = cco->drv->bdrv_create(cco->filename, cco->options, &local_err);
+}
 if (local_err) {
 error_propagate(&cco->err, local_err);
 }
@@ -428,7 +433,7 @@ static void coroutine_fn bdrv_create_co_entry(void *opaque)
 }
 
 int bdrv_create(BlockDriver *drv, const char* filename,
-QEMUOptionParameter *options, Error **errp)
+QEMUOptionParameter *options, QemuOpts *opts, Error **errp)
 {
 int ret;
 
@@ -437,11 +442,12 @@ int bdrv_create(BlockDriver *drv, const char* filename,
 .drv = drv,
 .filename = g_strdup(filename),
 .options = options,
+.opts = opts,
 .ret = NOT_DONE,
 .err = NULL,
 };
 
-if (!drv->bdrv_create) {
+if (!drv->bdrv_create && !drv->bdrv_create2) {
 error_setg(errp, "Driver '%s' does not support image creation", 
drv->format_name);
 ret = -ENOTSUP;
 goto out;
@@ -473,7 +479,7 @@ out:
 }
 
 int bdrv_create_file(const char* filename, QEMUOptionParameter *options,
- Error **errp)
+ QemuOpts *opts, Error **errp)
 {
 BlockDriver *drv;
 Error *local_err = NULL;
@@ -485,7 +491,7 @@ int bdrv_create_file(const char* filename, 
QEMUOptionParameter *options,
 return -ENOENT;
 }
 
-ret = bdrv_create(drv, filename, options, &local_err);
+ret = bdrv_create(drv, filename, options, opts, &local_err);
 if (local_err) {
 error_propagate(errp, local_err);
 }
@@ -1253,7 +1259,8 @@ int bdrv_open(BlockDriverState *bs, const char *filename, 
QDict *options,
 BlockDriverState *bs1;
 int64_t total_size;
 BlockDriver *bdrv_qcow2;
-QEMUOptionParameter *create_options;
+QEMUOptionParameter *create_options = NULL;
+QemuOpts *opts = NULL;
 QDict *snapshot_options;
 
 /* if snapshot, we create a temporary backing file and open it
@@ -1280,13 +1287,21 @@ int bdrv_open(BlockDriverState *bs, const char 
*filename, QDict *options,
 }
 
 bdrv_qcow2 = bdrv_find_format("qcow2");
-create_options = parse_option_parameters("", 
bdrv_qcow2->create_options,
- NULL);
-
-set_option_parameter_int(create_options, BLOCK_OPT_SIZE, total_size);
+if (bdrv_qcow2->bdrv_create2) {
+opts = qemu_opts_create(bdrv_qcow2->create_opts, NULL, 0,
+&error_abort);
+qemu_opt_set_number(opts, BLOCK_OPT_SIZE, total_size);
+} else {
+create_options =
+parse_option_parameters("", bdrv_qcow2->create_options, NULL);
+set_option_parameter_int(create_options, BLOCK_OPT_SIZE,
+ total_size);
+}
 
-ret = bdrv_create(bdrv_qcow2, tmp_filename, create_options, 
&local_err);
+ret = bdrv_create(bdrv_qcow2, tmp_filename, create_options, opts,
+  &local_err);
 free_option_parameters(create_options);
+qemu_opts_del(opts);
 if (ret < 0) {
 error_setg_errno(errp, -ret, "Could not create temporary overlay "
  "'%s': %s", tmp_filename,
@@ -5202,7 +5217,10 @@ void bdrv_img_create(const char *filename, const char 
*fmt,
  Error **errp, bool quiet)
 {
 QEMUOptionParameter *param = NULL, *create_options = NULL;
-QEMUOptionParameter *backing_fmt, *backing_file, *size;
+QemuOptsList *create_opts = NULL;
+Qem

[Qemu-devel] [PATCH v21 06/25] add convert functions between QEMUOptionParameter to QemuOpts

[Chunyan Liu]

Add two temp convert functions between QEMUOptionParameter to QemuOpts, so that
next patch can use it. It will simplify next patch for easier review.

Signed-off-by: Chunyan Liu 
---
changes to v20:
  * fix Eric's comments:
- use g_strdup instead of strdup

 include/qemu/option.h |2 +
 util/qemu-option.c|  105 +
 2 files changed, 107 insertions(+), 0 deletions(-)

diff --git a/include/qemu/option.h b/include/qemu/option.h
index 62f0432..c3e85bd 100644
--- a/include/qemu/option.h
+++ b/include/qemu/option.h
@@ -168,4 +168,6 @@ int qemu_opts_foreach(QemuOptsList *list, 
qemu_opts_loopfunc func, void *opaque,
 QemuOptsList *qemu_opts_append(QemuOptsList *dst, QemuOptsList *list);
 void qemu_opts_free(QemuOptsList *list);
 void qemu_opts_print_help(QemuOptsList *list);
+QEMUOptionParameter *opts_to_params(QemuOpts *opts);
+QemuOptsList *params_to_opts(QEMUOptionParameter *list);
 #endif
diff --git a/util/qemu-option.c b/util/qemu-option.c
index 708fafa..c78adca 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -1415,3 +1415,108 @@ void qemu_opts_print_help(QemuOptsList *list)
list->desc[i].help : "");
 }
 }
+
+/* convert QEMUOptionParameter to QemuOpts */
+QemuOptsList *params_to_opts(QEMUOptionParameter *list)
+{
+QemuOptsList *opts = NULL;
+size_t num_opts, i = 0;
+
+if (!list) {
+return NULL;
+}
+
+num_opts = count_option_parameters(list);
+opts = g_malloc0(sizeof(QemuOptsList) +
+ (num_opts + 1) * sizeof(QemuOptDesc));
+QTAILQ_INIT(&opts->head);
+opts->desc[i].name = NULL;
+
+while (list && list->name) {
+opts->desc[i].name = g_strdup(list->name);
+opts->desc[i].help = g_strdup(list->help);
+switch (list->type) {
+case OPT_FLAG:
+opts->desc[i].type = QEMU_OPT_BOOL;
+opts->desc[i].def_value_str = list->value.n ? "on" : "off";
+break;
+
+case OPT_NUMBER:
+opts->desc[i].type = QEMU_OPT_NUMBER;
+if (list->value.n) {
+opts->desc[i].def_value_str =
+g_strdup_printf("%" PRIu64, list->value.n);
+}
+break;
+
+case OPT_SIZE:
+opts->desc[i].type = QEMU_OPT_SIZE;
+if (list->value.n) {
+opts->desc[i].def_value_str =
+g_strdup_printf("%" PRIu64, list->value.n);
+}
+break;
+
+case OPT_STRING:
+opts->desc[i].type = QEMU_OPT_STRING;
+opts->desc[i].def_value_str = g_strdup(list->value.s);
+break;
+}
+
+i++;
+list++;
+opts->desc[i].name = NULL;
+}
+
+return opts;
+}
+
+QEMUOptionParameter *opts_to_params(QemuOpts *opts)
+{
+QEMUOptionParameter *dest = NULL;
+QemuOptDesc *desc;
+size_t num_opts, i = 0;
+const char *tmp;
+
+if (!opts || !opts->list || !opts->list->desc) {
+return NULL;
+}
+
+num_opts = count_opts_list(opts->list);
+dest = g_malloc0((num_opts + 1) * sizeof(QEMUOptionParameter));
+dest[i].name = NULL;
+
+desc = opts->list->desc;
+while (desc && desc->name) {
+dest[i].name = g_strdup(desc->name);
+dest[i].help = g_strdup(desc->help);
+switch (desc->type) {
+case QEMU_OPT_STRING:
+dest[i].type = OPT_STRING;
+tmp = qemu_opt_get(opts, desc->name);
+dest[i].value.s = g_strdup(tmp);
+break;
+
+case QEMU_OPT_BOOL:
+dest[i].type = OPT_FLAG;
+dest[i].value.n = qemu_opt_get_bool(opts, desc->name, 0) ? 1 : 0;
+break;
+
+case QEMU_OPT_NUMBER:
+dest[i].type = OPT_NUMBER;
+dest[i].value.n = qemu_opt_get_number(opts, desc->name, 0);
+break;
+
+case QEMU_OPT_SIZE:
+dest[i].type = OPT_SIZE;
+dest[i].value.n = qemu_opt_get_size(opts, desc->name, 0);
+break;
+}
+
+i++;
+desc++;
+dest[i].name = NULL;
+}
+
+return dest;
+}
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 18/25] sheepdog.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

sheepdog.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/sheepdog.c |  108 +++--
 1 files changed, 55 insertions(+), 53 deletions(-)

diff --git a/block/sheepdog.c b/block/sheepdog.c
index e6c0376..9f20658 100644
--- a/block/sheepdog.c
+++ b/block/sheepdog.c
@@ -1625,12 +1625,13 @@ static int parse_redundancy(BDRVSheepdogState *s, const 
char *opt)
 return 0;
 }
 
-static int sd_create(const char *filename, QEMUOptionParameter *options,
+static int sd_create(const char *filename, QemuOpts *opts,
  Error **errp)
 {
 int ret = 0;
 uint32_t vid = 0;
 char *backing_file = NULL;
+char *buf = NULL;
 BDRVSheepdogState *s;
 char tag[SD_MAX_VDI_TAG_LEN];
 uint32_t snapid;
@@ -1649,31 +1650,26 @@ static int sd_create(const char *filename, 
QEMUOptionParameter *options,
 goto out;
 }
 
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-s->inode.vdi_size = options->value.n;
-} else if (!strcmp(options->name, BLOCK_OPT_BACKING_FILE)) {
-backing_file = options->value.s;
-} else if (!strcmp(options->name, BLOCK_OPT_PREALLOC)) {
-if (!options->value.s || !strcmp(options->value.s, "off")) {
-prealloc = false;
-} else if (!strcmp(options->value.s, "full")) {
-prealloc = true;
-} else {
-error_report("Invalid preallocation mode: '%s'",
- options->value.s);
-ret = -EINVAL;
-goto out;
-}
-} else if (!strcmp(options->name, BLOCK_OPT_REDUNDANCY)) {
-if (options->value.s) {
-ret = parse_redundancy(s, options->value.s);
-if (ret < 0) {
-goto out;
-}
-}
+s->inode.vdi_size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
+backing_file = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
+buf = qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC);
+if (!buf || !strcmp(buf, "off")) {
+prealloc = false;
+} else if (!strcmp(buf, "full")) {
+prealloc = true;
+} else {
+error_report("Invalid preallocation mode: '%s'", buf);
+ret = -EINVAL;
+goto out;
+}
+
+g_free(buf);
+buf = qemu_opt_get_del(opts, BLOCK_OPT_REDUNDANCY);
+if (buf) {
+ret = parse_redundancy(s, buf);
+if (ret < 0) {
+goto out;
 }
-options++;
 }
 
 if (s->inode.vdi_size > SD_MAX_VDI_SIZE) {
@@ -1721,6 +1717,8 @@ static int sd_create(const char *filename, 
QEMUOptionParameter *options,
 
 ret = sd_prealloc(filename);
 out:
+g_free(backing_file);
+g_free(buf);
 g_free(s);
 return ret;
 }
@@ -2487,28 +2485,32 @@ static int64_t 
sd_get_allocated_file_size(BlockDriverState *bs)
 return size;
 }
 
-static QEMUOptionParameter sd_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{
-.name = BLOCK_OPT_BACKING_FILE,
-.type = OPT_STRING,
-.help = "File name of a base image"
-},
-{
-.name = BLOCK_OPT_PREALLOC,
-.type = OPT_STRING,
-.help = "Preallocation mode (allowed values: off, full)"
-},
-{
-.name = BLOCK_OPT_REDUNDANCY,
-.type = OPT_STRING,
-.help = "Redundancy of the image"
-},
-{ NULL }
+static QemuOptsList sd_create_opts = {
+.name = "sheepdog-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(sd_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{
+.name = BLOCK_OPT_BACKING_FILE,
+.type = QEMU_OPT_STRING,
+.help = "File name of a base image"
+},
+{
+.name = BLOCK_OPT_PREALLOC,
+.type = QEMU_OPT_STRING,
+.help = "Preallocation mode (allowed values: off, full)"
+},
+{
+.name = BLOCK_OPT_REDUNDANCY,
+.type = QEMU_OPT_STRING,
+.help = "Redundancy of the image"
+},
+{ /* end of list */ }
+}
 };
 
 static BlockDriver bdrv_sheepdog = {
@@ -2518,7 +2520,7 @@ static BlockDriver bdrv_sheepdog = {
 .bdrv_needs_filename = true,
 .bdrv_file_open = sd_open,
 .bdrv_close = sd_close,
-.bdrv_create= sd_create,
+.bdrv_create2   = sd_create,
 .bdrv_has_zero_init = bdrv_has_zero_init_1,
 .bdrv_getlength = sd_getlength,
 .bdrv_get_allocated_file_size = sd_get_allocated_file_size,
@@ -2538,7 +2540,7 @@ static BlockDriver bdrv_sheepdog = {
 .bdrv_save_vmstate  = sd_save_vmstate,
 .bdrv_load_vmstate  = sd_load_vmstate,
 
-.create_opt

[Qemu-devel] [PATCH v21 10/25] iscsi.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

iscsi.c: replace QEMUOptionParamter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/iscsi.c |   29 ++---
 1 files changed, 14 insertions(+), 15 deletions(-)

diff --git a/block/iscsi.c b/block/iscsi.c
index f8e496f..6d00ec0 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -1382,13 +1382,8 @@ static int iscsi_create(const char *filename, 
QEMUOptionParameter *options,
 bs = bdrv_new("");
 
 /* Read out options */
-while (options && options->name) {
-if (!strcmp(options->name, "size")) {
-total_size = options->value.n / BDRV_SECTOR_SIZE;
-}
-options++;
-}
-
+total_size =
+qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0) / BDRV_SECTOR_SIZE;
 bs->opaque = g_malloc0(sizeof(struct IscsiLun));
 iscsilun = bs->opaque;
 
@@ -1439,13 +1434,17 @@ static int iscsi_get_info(BlockDriverState *bs, 
BlockDriverInfo *bdi)
 return 0;
 }
 
-static QEMUOptionParameter iscsi_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{ NULL }
+static QemuOptsList iscsi_create_opts = {
+.name = "iscsi-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(iscsi_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{ /* end of list */ }
+}
 };
 
 static BlockDriver bdrv_iscsi = {
@@ -1457,7 +1456,7 @@ static BlockDriver bdrv_iscsi = {
 .bdrv_file_open  = iscsi_open,
 .bdrv_close  = iscsi_close,
 .bdrv_create = iscsi_create,
-.create_options  = iscsi_create_options,
+.create_opts = &iscsi_create_opts,
 .bdrv_reopen_prepare  = iscsi_reopen_prepare,
 
 .bdrv_getlength  = iscsi_getlength,
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 05/25] add some QemuOpts functions for replace work

[Chunyan Liu]

Add some qemu_opt functions to replace the same functionality of
QEMUOptionParameter handling.

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
changes to v20:
  * fix Eric's comments:
- reorganize qemu_opt_*_del code, to avoid code duplication and double
  qemu_opt_find

 include/qemu/option.h |9 +++
 util/qemu-option.c|  188 +
 2 files changed, 184 insertions(+), 13 deletions(-)

diff --git a/include/qemu/option.h b/include/qemu/option.h
index 2c5b03f..62f0432 100644
--- a/include/qemu/option.h
+++ b/include/qemu/option.h
@@ -109,6 +109,7 @@ struct QemuOptsList {
 };
 
 const char *qemu_opt_get(QemuOpts *opts, const char *name);
+char *qemu_opt_get_del(QemuOpts *opts, const char *name);
 /**
  * qemu_opt_has_help_opt:
  * @opts: options to search for a help request
@@ -124,6 +125,11 @@ bool qemu_opt_has_help_opt(QemuOpts *opts);
 bool qemu_opt_get_bool(QemuOpts *opts, const char *name, bool defval);
 uint64_t qemu_opt_get_number(QemuOpts *opts, const char *name, uint64_t 
defval);
 uint64_t qemu_opt_get_size(QemuOpts *opts, const char *name, uint64_t defval);
+bool qemu_opt_get_bool_del(QemuOpts *opts, const char *name, bool defval);
+uint64_t qemu_opt_get_number_del(QemuOpts *opts, const char *name,
+ uint64_t defval);
+uint64_t qemu_opt_get_size_del(QemuOpts *opts, const char *name,
+   uint64_t defval);
 int qemu_opt_unset(QemuOpts *opts, const char *name);
 int qemu_opt_set(QemuOpts *opts, const char *name, const char *value);
 void qemu_opt_set_err(QemuOpts *opts, const char *name, const char *value,
@@ -159,4 +165,7 @@ void qemu_opts_print(QemuOpts *opts);
 int qemu_opts_foreach(QemuOptsList *list, qemu_opts_loopfunc func, void 
*opaque,
   int abort_on_failure);
 
+QemuOptsList *qemu_opts_append(QemuOptsList *dst, QemuOptsList *list);
+void qemu_opts_free(QemuOptsList *list);
+void qemu_opts_print_help(QemuOptsList *list);
 #endif
diff --git a/util/qemu-option.c b/util/qemu-option.c
index 11c0313..708fafa 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -35,6 +35,7 @@
 
 static const QemuOptDesc *find_desc_by_name(const QemuOptDesc *desc,
 const char *name);
+static void qemu_opt_del(QemuOpt *opt);
 
 /*
  * Extracts the name of an option from the parameter string (p points at the
@@ -379,6 +380,74 @@ QEMUOptionParameter 
*append_option_parameters(QEMUOptionParameter *dest,
 return dest;
 }
 
+static size_t count_opts_list(QemuOptsList *list)
+{
+QemuOptDesc *desc = NULL;
+size_t num_opts = 0;
+
+if (!list) {
+return 0;
+}
+
+desc = list->desc;
+while (desc && desc->name) {
+num_opts++;
+desc++;
+}
+
+return num_opts;
+}
+
+/* Create a new QemuOptsList with a desc of the merge of the first
+ * and second. It will allocate space for one new QemuOptsList plus
+ * enough space for QemuOptDesc in first and second QemuOptsList.
+ * First argument's QemuOptDesc members take precedence over second's.
+ * The result's name and implied_opt_name are not copied from them.
+ * Both merge_lists should not be set. Both lists can be NULL.
+ */
+QemuOptsList *qemu_opts_append(QemuOptsList *dst,
+   QemuOptsList *list)
+{
+size_t num_opts, num_dst_opts;
+QemuOptsList *tmp;
+QemuOptDesc *desc;
+
+if (!dst && !list) {
+return NULL;
+}
+
+num_opts = count_opts_list(dst);
+num_opts += count_opts_list(list);
+tmp = g_malloc0(sizeof(QemuOptsList) +
+(num_opts + 1) * sizeof(QemuOptDesc));
+QTAILQ_INIT(&tmp->head);
+num_dst_opts = 0;
+
+/* copy dst->desc to new list */
+if (dst) {
+desc = dst->desc;
+while (desc && desc->name) {
+tmp->desc[num_dst_opts++] = *desc;
+tmp->desc[num_dst_opts].name = NULL;
+desc++;
+}
+}
+
+/* add list->desc to new list */
+if (list) {
+desc = list->desc;
+while (desc && desc->name) {
+if (find_desc_by_name(tmp->desc, desc->name) == NULL) {
+tmp->desc[num_dst_opts++] = *desc;
+tmp->desc[num_dst_opts].name = NULL;
+}
+desc++;
+}
+}
+
+return tmp;
+}
+
 /*
  * Parses a parameter string (param) into an option list (dest).
  *
@@ -525,6 +594,29 @@ const char *qemu_opt_get(QemuOpts *opts, const char *name)
 return opt ? opt->str : NULL;
 }
 
+char *qemu_opt_get_del(QemuOpts *opts, const char *name)
+{
+QemuOpt *opt;
+const QemuOptDesc *desc;
+char *str = NULL;
+
+if (opts == NULL) {
+return NULL;
+}
+
+opt = qemu_opt_find(opts, name);
+if (!opt) {
+desc = find_desc_by_name(opts->list->desc, name);
+if (desc && desc->def_value_str) {
+str = g_strdup(desc->def_value_str);
+}
+retu

[Qemu-devel] [PATCH v21 13/25] qed.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

qed.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/qed.c |  113 +++---
 block/qed.h |3 +-
 2 files changed, 61 insertions(+), 55 deletions(-)

diff --git a/block/qed.c b/block/qed.c
index 243c539..ad985b1 100644
--- a/block/qed.c
+++ b/block/qed.c
@@ -619,53 +619,52 @@ out:
 return ret;
 }
 
-static int bdrv_qed_create(const char *filename, QEMUOptionParameter *options,
-   Error **errp)
+
+static int bdrv_qed_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 uint64_t image_size = 0;
 uint32_t cluster_size = QED_DEFAULT_CLUSTER_SIZE;
 uint32_t table_size = QED_DEFAULT_TABLE_SIZE;
-const char *backing_file = NULL;
-const char *backing_fmt = NULL;
-
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-image_size = options->value.n;
-} else if (!strcmp(options->name, BLOCK_OPT_BACKING_FILE)) {
-backing_file = options->value.s;
-} else if (!strcmp(options->name, BLOCK_OPT_BACKING_FMT)) {
-backing_fmt = options->value.s;
-} else if (!strcmp(options->name, BLOCK_OPT_CLUSTER_SIZE)) {
-if (options->value.n) {
-cluster_size = options->value.n;
-}
-} else if (!strcmp(options->name, BLOCK_OPT_TABLE_SIZE)) {
-if (options->value.n) {
-table_size = options->value.n;
-}
-}
-options++;
-}
+char *backing_file = NULL;
+char *backing_fmt = NULL;
+int ret;
+
+image_size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
+backing_file = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
+backing_fmt = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FMT);
+cluster_size = qemu_opt_get_size_del(opts,
+ BLOCK_OPT_CLUSTER_SIZE,
+ QED_DEFAULT_CLUSTER_SIZE);
+table_size = qemu_opt_get_size_del(opts, BLOCK_OPT_TABLE_SIZE,
+   QED_DEFAULT_TABLE_SIZE);
 
 if (!qed_is_cluster_size_valid(cluster_size)) {
 fprintf(stderr, "QED cluster size must be within range [%u, %u] and 
power of 2\n",
 QED_MIN_CLUSTER_SIZE, QED_MAX_CLUSTER_SIZE);
-return -EINVAL;
+ret = -EINVAL;
+goto finish;
 }
 if (!qed_is_table_size_valid(table_size)) {
 fprintf(stderr, "QED table size must be within range [%u, %u] and 
power of 2\n",
 QED_MIN_TABLE_SIZE, QED_MAX_TABLE_SIZE);
-return -EINVAL;
+ret = -EINVAL;
+goto finish;
 }
 if (!qed_is_image_size_valid(image_size, cluster_size, table_size)) {
 fprintf(stderr, "QED image size must be a non-zero multiple of "
 "cluster size and less than %" PRIu64 " bytes\n",
 qed_max_image_size(cluster_size, table_size));
-return -EINVAL;
+ret = -EINVAL;
+goto finish;
 }
 
-return qed_create(filename, cluster_size, image_size, table_size,
+ret = qed_create(filename, cluster_size, image_size, table_size,
   backing_file, backing_fmt);
+
+finish:
+g_free(backing_file);
+g_free(backing_fmt);
+return ret;
 }
 
 typedef struct {
@@ -1573,43 +1572,51 @@ static int bdrv_qed_check(BlockDriverState *bs, 
BdrvCheckResult *result,
 return qed_check(s, result, !!fix);
 }
 
-static QEMUOptionParameter qed_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size (in bytes)"
-}, {
-.name = BLOCK_OPT_BACKING_FILE,
-.type = OPT_STRING,
-.help = "File name of a base image"
-}, {
-.name = BLOCK_OPT_BACKING_FMT,
-.type = OPT_STRING,
-.help = "Image format of the base image"
-}, {
-.name = BLOCK_OPT_CLUSTER_SIZE,
-.type = OPT_SIZE,
-.help = "Cluster size (in bytes)",
-.value = { .n = QED_DEFAULT_CLUSTER_SIZE },
-}, {
-.name = BLOCK_OPT_TABLE_SIZE,
-.type = OPT_SIZE,
-.help = "L1/L2 table size (in clusters)"
-},
-{ /* end of list */ }
+static QemuOptsList qed_create_opts = {
+.name = "qed-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(qed_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{
+.name = BLOCK_OPT_BACKING_FILE,
+.type = QEMU_OPT_STRING,
+.help = "File name of a base image"
+},
+{
+.name = BLOCK_OPT_BACKING_FMT,
+.type = QEMU_OPT_STRING,
+.help = "Image format of the base image"
+},
+{
+.name = BLOCK_OPT_CLUSTER_SIZE,
+.type = QEMU_OPT_SI

[Qemu-devel] [PATCH v21 23/25] vhdx.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

vhdx.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/vhdx.c |   99 +++--
 block/vhdx.h |1 +
 2 files changed, 48 insertions(+), 52 deletions(-)

diff --git a/block/vhdx.c b/block/vhdx.c
index 23efc71..19d32d6 100644
--- a/block/vhdx.c
+++ b/block/vhdx.c
@@ -1711,8 +1711,7 @@ exit:
  *. ~ --- ~  ~  ~ ---.
  *   1MB
  */
-static int vhdx_create(const char *filename, QEMUOptionParameter *options,
-   Error **errp)
+static int vhdx_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 int ret = 0;
 uint64_t image_size = (uint64_t) 2 * GiB;
@@ -1725,24 +1724,15 @@ static int vhdx_create(const char *filename, 
QEMUOptionParameter *options,
 gunichar2 *creator = NULL;
 glong creator_items;
 BlockDriverState *bs;
-const char *type = NULL;
+char *type = NULL;
 VHDXImageType image_type;
 Error *local_err = NULL;
 
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-image_size = options->value.n;
-} else if (!strcmp(options->name, VHDX_BLOCK_OPT_LOG_SIZE)) {
-log_size = options->value.n;
-} else if (!strcmp(options->name, VHDX_BLOCK_OPT_BLOCK_SIZE)) {
-block_size = options->value.n;
-} else if (!strcmp(options->name, BLOCK_OPT_SUBFMT)) {
-type = options->value.s;
-} else if (!strcmp(options->name, VHDX_BLOCK_OPT_ZERO)) {
-use_zero_blocks = options->value.n != 0;
-}
-options++;
-}
+image_size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
+log_size = qemu_opt_get_size_del(opts, VHDX_BLOCK_OPT_LOG_SIZE, 0);
+block_size = qemu_opt_get_size_del(opts, VHDX_BLOCK_OPT_BLOCK_SIZE, 0);
+type = qemu_opt_get_del(opts, BLOCK_OPT_SUBFMT);
+use_zero_blocks = qemu_opt_get_bool_del(opts, VHDX_BLOCK_OPT_ZERO, false);
 
 if (image_size > VHDX_MAX_IMAGE_SIZE) {
 error_setg_errno(errp, EINVAL, "Image size too large; max of 64TB");
@@ -1751,7 +1741,7 @@ static int vhdx_create(const char *filename, 
QEMUOptionParameter *options,
 }
 
 if (type == NULL) {
-type = "dynamic";
+type = g_strdup("dynamic");
 }
 
 if (!strcmp(type, "dynamic")) {
@@ -1791,7 +1781,7 @@ static int vhdx_create(const char *filename, 
QEMUOptionParameter *options,
 block_size = block_size > VHDX_BLOCK_SIZE_MAX ? VHDX_BLOCK_SIZE_MAX :
 block_size;
 
-ret = bdrv_create_file(filename, options, NULL, &local_err);
+ret = bdrv_create_file(filename, NULL, opts, &local_err);
 if (ret < 0) {
 error_propagate(errp, local_err);
 goto exit;
@@ -1849,6 +1839,7 @@ static int vhdx_create(const char *filename, 
QEMUOptionParameter *options,
 delete_and_exit:
 bdrv_unref(bs);
 exit:
+g_free(type);
 g_free(creator);
 return ret;
 }
@@ -1871,37 +1862,41 @@ static int vhdx_check(BlockDriverState *bs, 
BdrvCheckResult *result,
 return 0;
 }
 
-static QEMUOptionParameter vhdx_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size; max of 64TB."
-},
-{
-.name = VHDX_BLOCK_OPT_LOG_SIZE,
-.type = OPT_SIZE,
-.value.n = 1 * MiB,
-.help = "Log size; min 1MB."
-},
-{
-.name = VHDX_BLOCK_OPT_BLOCK_SIZE,
-.type = OPT_SIZE,
-.value.n = 0,
-.help = "Block Size; min 1MB, max 256MB. " \
-"0 means auto-calculate based on image size."
-},
-{
-.name = BLOCK_OPT_SUBFMT,
-.type = OPT_STRING,
-.help = "VHDX format type, can be either 'dynamic' or 'fixed'. "\
-"Default is 'dynamic'."
-},
-{
-.name = VHDX_BLOCK_OPT_ZERO,
-.type = OPT_FLAG,
-.help = "Force use of payload blocks of type 'ZERO'.  Non-standard."
-},
-{ NULL }
+static QemuOptsList vhdx_create_opts = {
+.name = "vhdx-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(vhdx_create_opts.head),
+.desc = {
+{
+   .name = BLOCK_OPT_SIZE,
+   .type = QEMU_OPT_SIZE,
+   .help = "Virtual disk size; max of 64TB."
+   },
+   {
+   .name = VHDX_BLOCK_OPT_LOG_SIZE,
+   .type = QEMU_OPT_SIZE,
+   .def_value_str = stringify(DEFAULT_LOG_SIZE),
+   .help = "Log size; min 1MB."
+   },
+   {
+   .name = VHDX_BLOCK_OPT_BLOCK_SIZE,
+   .type = QEMU_OPT_SIZE,
+   .def_value_str = stringify(0),
+   .help = "Block Size; min 1MB, max 256MB. " \
+   "0 means auto-calculate based on image size."
+   },
+   {
+   .name = BLOCK_OPT_SUBFMT,
+   .type = QEMU_OPT_STRING,
+   .help = "VHDX format type, can be eith

[Qemu-devel] [PATCH v21 12/25] qcow2.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

qcow2.c: replace QEMUOptionParameter with QemuOpts.

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/qcow2.c |  325 +
 1 files changed, 167 insertions(+), 158 deletions(-)

diff --git a/block/qcow2.c b/block/qcow2.c
index 6da212a..72c2a03 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1455,7 +1455,7 @@ static int preallocate(BlockDriverState *bs)
 static int qcow2_create2(const char *filename, int64_t total_size,
  const char *backing_file, const char *backing_format,
  int flags, size_t cluster_size, int prealloc,
- QEMUOptionParameter *options, int version,
+ QemuOpts *opts, int version,
  Error **errp)
 {
 /* Calculate cluster_bits */
@@ -1487,7 +1487,7 @@ static int qcow2_create2(const char *filename, int64_t 
total_size,
 Error *local_err = NULL;
 int ret;
 
-ret = bdrv_create_file(filename, options, NULL, &local_err);
+ret = bdrv_create_file(filename, NULL, opts, &local_err);
 if (ret < 0) {
 error_propagate(errp, local_err);
 return ret;
@@ -1616,11 +1616,11 @@ out:
 return ret;
 }
 
-static int qcow2_create(const char *filename, QEMUOptionParameter *options,
-Error **errp)
+static int qcow2_create(const char *filename, QemuOpts *opts, Error **errp)
 {
-const char *backing_file = NULL;
-const char *backing_fmt = NULL;
+char *backing_file = NULL;
+char *backing_fmt = NULL;
+char *buf;
 uint64_t sectors = 0;
 int flags = 0;
 size_t cluster_size = DEFAULT_CLUSTER_SIZE;
@@ -1630,64 +1630,64 @@ static int qcow2_create(const char *filename, 
QEMUOptionParameter *options,
 int ret;
 
 /* Read out options */
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-sectors = options->value.n / 512;
-} else if (!strcmp(options->name, BLOCK_OPT_BACKING_FILE)) {
-backing_file = options->value.s;
-} else if (!strcmp(options->name, BLOCK_OPT_BACKING_FMT)) {
-backing_fmt = options->value.s;
-} else if (!strcmp(options->name, BLOCK_OPT_ENCRYPT)) {
-flags |= options->value.n ? BLOCK_FLAG_ENCRYPT : 0;
-} else if (!strcmp(options->name, BLOCK_OPT_CLUSTER_SIZE)) {
-if (options->value.n) {
-cluster_size = options->value.n;
-}
-} else if (!strcmp(options->name, BLOCK_OPT_PREALLOC)) {
-if (!options->value.s || !strcmp(options->value.s, "off")) {
-prealloc = 0;
-} else if (!strcmp(options->value.s, "metadata")) {
-prealloc = 1;
-} else {
-error_setg(errp, "Invalid preallocation mode: '%s'",
-   options->value.s);
-return -EINVAL;
-}
-} else if (!strcmp(options->name, BLOCK_OPT_COMPAT_LEVEL)) {
-if (!options->value.s) {
-/* keep the default */
-} else if (!strcmp(options->value.s, "0.10")) {
-version = 2;
-} else if (!strcmp(options->value.s, "1.1")) {
-version = 3;
-} else {
-error_setg(errp, "Invalid compatibility level: '%s'",
-   options->value.s);
-return -EINVAL;
-}
-} else if (!strcmp(options->name, BLOCK_OPT_LAZY_REFCOUNTS)) {
-flags |= options->value.n ? BLOCK_FLAG_LAZY_REFCOUNTS : 0;
-}
-options++;
+sectors = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0) / 512;
+backing_file = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
+backing_fmt = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FMT);
+if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ENCRYPT, false)) {
+flags |= BLOCK_FLAG_ENCRYPT;
+}
+cluster_size = qemu_opt_get_size_del(opts, BLOCK_OPT_CLUSTER_SIZE,
+ DEFAULT_CLUSTER_SIZE);
+buf = qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC);
+if (!buf || !strcmp(buf, "off")) {
+prealloc = 0;
+} else if (!strcmp(buf, "metadata")) {
+prealloc = 1;
+} else {
+fprintf(stderr, "Invalid preallocation mode: '%s'\n", buf);
+ret = -EINVAL;
+goto finish;
+}
+g_free(buf);
+buf = qemu_opt_get_del(opts, BLOCK_OPT_COMPAT_LEVEL);
+if (!buf || !strcmp(buf, "0.10")) {
+version = 2;
+} else if (!strcmp(buf, "1.1")) {
+version = 3;
+} else {
+fprintf(stderr, "Invalid compatibility level: '%s'\n", buf);
+ret = -EINVAL;
+goto finish;
+}
+
+if (qemu_opt_get_bool_del(opts, BLOCK_OPT_LAZY_REFCOUNTS, false)) {
+flags |= BLOCK_FLAG_LAZY_REFCOUNTS;
 }
 
 if (backing_file && prealloc) {
 error_setg(errp, "Backing file and preallocation cann

Re: [Qemu-devel] [PATCH] PPC: sPAPR: Only use getpagesize() when we run with kvm

[Peter Maydell]

On 21 February 2014 09:41, Alexander Graf  wrote:
> We currently size the msi window trap page according to the host's page
> size so that we poke a working hole into a memory slot in case we overlap.
>
> However, this is only ever necessary with KVM active. Without KVM, we should
> rather try to be host platform agnostic and use a constant size: 4k.
>
> This fixes a build breakage on win32 hosts.

Unfortunately it doesn't:

cam-vm-266:precise:qemu$ make -C build/w32
make: Entering directory `/home/petmay01/linaro/qemu-from-laptop/qemu/build/w32'
  CCppc64-softmmu/hw/ppc/spapr_pci.o
cc1: warnings being treated as errors
/home/petmay01/linaro/qemu-from-laptop/qemu/hw/ppc/spapr_pci.c: In
function ‘spapr_pci_msi_init’:
/home/petmay01/linaro/qemu-from-laptop/qemu/hw/ppc/spapr_pci.c:486:
warning: implicit declaration of function ‘getpagesize’
/home/petmay01/linaro/qemu-from-laptop/qemu/hw/ppc/spapr_pci.c:486:
warning: nested extern declaration of ‘getpagesize’

The compiler complains that there's no declaration
of the function you're trying to call before it gets
around to deciding whether it can eliminate the code
as unreachable.

thanks
-- PMM

[Qemu-devel] [PATCH v21 09/25] gluster.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

gluster.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/gluster.c |   81 --
 1 files changed, 42 insertions(+), 39 deletions(-)

diff --git a/block/gluster.c b/block/gluster.c
index 58eab07..0d040db 100644
--- a/block/gluster.c
+++ b/block/gluster.c
@@ -380,13 +380,14 @@ static inline int qemu_gluster_zerofill(struct glfs_fd 
*fd, int64_t offset,
 #endif
 
 static int qemu_gluster_create(const char *filename,
-QEMUOptionParameter *options, Error **errp)
+   QemuOpts *opts, Error **errp)
 {
 struct glfs *glfs;
 struct glfs_fd *fd;
 int ret = 0;
 int prealloc = 0;
 int64_t total_size = 0;
+char *tmp;
 GlusterConf *gconf = g_malloc0(sizeof(GlusterConf));
 
 glfs = qemu_gluster_init(gconf, filename);
@@ -395,24 +396,21 @@ static int qemu_gluster_create(const char *filename,
 goto out;
 }
 
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-total_size = options->value.n / BDRV_SECTOR_SIZE;
-} else if (!strcmp(options->name, BLOCK_OPT_PREALLOC)) {
-if (!options->value.s || !strcmp(options->value.s, "off")) {
-prealloc = 0;
-} else if (!strcmp(options->value.s, "full") &&
-gluster_supports_zerofill()) {
-prealloc = 1;
-} else {
-error_setg(errp, "Invalid preallocation mode: '%s'"
-" or GlusterFS doesn't support zerofill API",
-   options->value.s);
-ret = -EINVAL;
-goto out;
-}
-}
-options++;
+total_size =
+qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0) / BDRV_SECTOR_SIZE;
+
+tmp = qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC);
+if (!tmp || !strcmp(tmp, "off")) {
+prealloc = 0;
+} else if (!strcmp(tmp, "full") &&
+   gluster_supports_zerofill()) {
+prealloc = 1;
+} else {
+error_setg(errp, "Invalid preallocation mode: '%s'"
+" or GlusterFS doesn't support zerofill API",
+tmp);
+ret = -EINVAL;
+goto out;
 }
 
 fd = glfs_creat(glfs, gconf->image,
@@ -434,6 +432,7 @@ static int qemu_gluster_create(const char *filename,
 }
 }
 out:
+g_free(tmp);
 qemu_gluster_gconf_free(gconf);
 if (glfs) {
 glfs_fini(glfs);
@@ -597,18 +596,22 @@ static int qemu_gluster_has_zero_init(BlockDriverState 
*bs)
 return 0;
 }
 
-static QEMUOptionParameter qemu_gluster_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{
-.name = BLOCK_OPT_PREALLOC,
-.type = OPT_STRING,
-.help = "Preallocation mode (allowed values: off, full)"
-},
-{ NULL }
+static QemuOptsList qemu_gluster_create_opts = {
+.name = "qemu-gluster-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(qemu_gluster_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{
+.name = BLOCK_OPT_PREALLOC,
+.type = OPT_STRING,
+.help = "Preallocation mode (allowed values: off, full)"
+},
+{ /* end of list */ }
+}
 };
 
 static BlockDriver bdrv_gluster = {
@@ -618,7 +621,7 @@ static BlockDriver bdrv_gluster = {
 .bdrv_needs_filename  = true,
 .bdrv_file_open   = qemu_gluster_open,
 .bdrv_close   = qemu_gluster_close,
-.bdrv_create  = qemu_gluster_create,
+.bdrv_create2 = qemu_gluster_create,
 .bdrv_getlength   = qemu_gluster_getlength,
 .bdrv_get_allocated_file_size = qemu_gluster_allocated_file_size,
 .bdrv_truncate= qemu_gluster_truncate,
@@ -632,7 +635,7 @@ static BlockDriver bdrv_gluster = {
 #ifdef CONFIG_GLUSTERFS_ZEROFILL
 .bdrv_co_write_zeroes = qemu_gluster_co_write_zeroes,
 #endif
-.create_options   = qemu_gluster_create_options,
+.create_opts  = &qemu_gluster_create_opts,
 };
 
 static BlockDriver bdrv_gluster_tcp = {
@@ -642,7 +645,7 @@ static BlockDriver bdrv_gluster_tcp = {
 .bdrv_needs_filename  = true,
 .bdrv_file_open   = qemu_gluster_open,
 .bdrv_close   = qemu_gluster_close,
-.bdrv_create  = qemu_gluster_create,
+.bdrv_create2 = qemu_gluster_create,
 .bdrv_getlength   = qemu_gluster_getlength,
 .bdrv_get_allocated_file_size = qemu_gluster_allocated_file_size,
 .bdrv_truncate= qemu_gluster_truncate,
@@ -656,7 +659,7 @@ static BlockDriver bdrv_gluster_tcp = {
 #ifdef CONF

[Qemu-devel] [PATCH v21 20/25] vdi.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

vdi.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/vdi.c |   72 +++---
 1 files changed, 34 insertions(+), 38 deletions(-)

diff --git a/block/vdi.c b/block/vdi.c
index 2d7490f..6278cbc 100644
--- a/block/vdi.c
+++ b/block/vdi.c
@@ -646,8 +646,7 @@ static int vdi_co_write(BlockDriverState *bs,
 return ret;
 }
 
-static int vdi_create(const char *filename, QEMUOptionParameter *options,
-  Error **errp)
+static int vdi_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 int fd;
 int result = 0;
@@ -662,25 +661,17 @@ static int vdi_create(const char *filename, 
QEMUOptionParameter *options,
 logout("\n");
 
 /* Read out options. */
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-bytes = options->value.n;
+bytes = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
 #if defined(CONFIG_VDI_BLOCK_SIZE)
-} else if (!strcmp(options->name, BLOCK_OPT_CLUSTER_SIZE)) {
-if (options->value.n) {
-/* TODO: Additional checks (SECTOR_SIZE * 2^n, ...). */
-block_size = options->value.n;
-}
+block_size = qemu_opt_get_size_del(opts,
+   BLOCK_OPT_CLUSTER_SIZE,
+   DEFAULT_CLUSTER_SIZE);
 #endif
 #if defined(CONFIG_VDI_STATIC_IMAGE)
-} else if (!strcmp(options->name, BLOCK_OPT_STATIC)) {
-if (options->value.n) {
-image_type = VDI_TYPE_STATIC;
-}
-#endif
-}
-options++;
+if (qemu_opt_get_bool_del(opts, BLOCK_OPT_STATIC, false)) {
+image_type = VDI_TYPE_STATIC;
 }
+#endif
 
 fd = qemu_open(filename,
O_WRONLY | O_CREAT | O_TRUNC | O_BINARY | O_LARGEFILE,
@@ -760,29 +751,34 @@ static void vdi_close(BlockDriverState *bs)
 error_free(s->migration_blocker);
 }
 
-static QEMUOptionParameter vdi_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
+static QemuOptsList vdi_create_opts = {
+.name = "vdi-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(vdi_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
 #if defined(CONFIG_VDI_BLOCK_SIZE)
-{
-.name = BLOCK_OPT_CLUSTER_SIZE,
-.type = OPT_SIZE,
-.help = "VDI cluster (block) size",
-.value = { .n = DEFAULT_CLUSTER_SIZE },
-},
+{
+.name = BLOCK_OPT_CLUSTER_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "VDI cluster (block) size",
+.def_value_str = stringify(DEFAULT_CLUSTER_SIZE)
+},
 #endif
 #if defined(CONFIG_VDI_STATIC_IMAGE)
-{
-.name = BLOCK_OPT_STATIC,
-.type = OPT_FLAG,
-.help = "VDI static (pre-allocated) image"
-},
+{
+.name = BLOCK_OPT_STATIC,
+.type = QEMU_OPT_BOOL,
+.help = "VDI static (pre-allocated) image",
+.def_value_str = "off"
+},
 #endif
-/* TODO: An additional option to set UUID values might be useful. */
-{ NULL }
+/* TODO: An additional option to set UUID values might be useful. */
+{ /* end of list */ }
+}
 };
 
 static BlockDriver bdrv_vdi = {
@@ -792,7 +788,7 @@ static BlockDriver bdrv_vdi = {
 .bdrv_open = vdi_open,
 .bdrv_close = vdi_close,
 .bdrv_reopen_prepare = vdi_reopen_prepare,
-.bdrv_create = vdi_create,
+.bdrv_create2 = vdi_create,
 .bdrv_has_zero_init = bdrv_has_zero_init_1,
 .bdrv_co_get_block_status = vdi_co_get_block_status,
 .bdrv_make_empty = vdi_make_empty,
@@ -804,7 +800,7 @@ static BlockDriver bdrv_vdi = {
 
 .bdrv_get_info = vdi_get_info,
 
-.create_options = vdi_create_options,
+.create_opts = &vdi_create_opts,
 .bdrv_check = vdi_check,
 };
 
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 19/25] ssh.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

ssh.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/ssh.c |   32 +++-
 1 files changed, 15 insertions(+), 17 deletions(-)

diff --git a/block/ssh.c b/block/ssh.c
index aa63c9d..3a5eead 100644
--- a/block/ssh.c
+++ b/block/ssh.c
@@ -642,17 +642,20 @@ static int ssh_file_open(BlockDriverState *bs, QDict 
*options, int bdrv_flags,
 return ret;
 }
 
-static QEMUOptionParameter ssh_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{ NULL }
+static QemuOptsList ssh_create_opts = {
+.name = "ssh-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(ssh_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{ /* end of list */ }
+}
 };
 
-static int ssh_create(const char *filename, QEMUOptionParameter *options,
-  Error **errp)
+static int ssh_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 int r, ret;
 Error *local_err = NULL;
@@ -665,12 +668,7 @@ static int ssh_create(const char *filename, 
QEMUOptionParameter *options,
 ssh_state_init(&s);
 
 /* Get desired file size. */
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-total_size = options->value.n;
-}
-options++;
-}
+total_size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
 DPRINTF("total_size=%" PRIi64, total_size);
 
 uri_options = qdict_new();
@@ -1044,14 +1042,14 @@ static BlockDriver bdrv_ssh = {
 .instance_size= sizeof(BDRVSSHState),
 .bdrv_parse_filename  = ssh_parse_filename,
 .bdrv_file_open   = ssh_file_open,
-.bdrv_create  = ssh_create,
+.bdrv_create2 = ssh_create,
 .bdrv_close   = ssh_close,
 .bdrv_has_zero_init   = ssh_has_zero_init,
 .bdrv_co_readv= ssh_co_readv,
 .bdrv_co_writev   = ssh_co_writev,
 .bdrv_getlength   = ssh_getlength,
 .bdrv_co_flush_to_disk= ssh_co_flush,
-.create_options   = ssh_create_options,
+.create_opts  = &ssh_create_opts,
 };
 
 static void bdrv_ssh_init(void)
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 11/25] qcow.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

qcow.c: replace QEMUOptionParamter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/qcow.c |   72 +-
 1 files changed, 36 insertions(+), 36 deletions(-)

diff --git a/block/qcow.c b/block/qcow.c
index 992eed4..6609003 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -659,36 +659,30 @@ static void qcow_close(BlockDriverState *bs)
 error_free(s->migration_blocker);
 }
 
-static int qcow_create(const char *filename, QEMUOptionParameter *options,
-   Error **errp)
+static int qcow_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 int header_size, backing_filename_len, l1_size, shift, i;
 QCowHeader header;
 uint8_t *tmp;
 int64_t total_size = 0;
-const char *backing_file = NULL;
+char *backing_file;
 int flags = 0;
 Error *local_err = NULL;
 int ret;
 BlockDriverState *qcow_bs;
 
 /* Read out options */
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-total_size = options->value.n / 512;
-} else if (!strcmp(options->name, BLOCK_OPT_BACKING_FILE)) {
-backing_file = options->value.s;
-} else if (!strcmp(options->name, BLOCK_OPT_ENCRYPT)) {
-flags |= options->value.n ? BLOCK_FLAG_ENCRYPT : 0;
-}
-options++;
+total_size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0) / 512;
+backing_file = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
+if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ENCRYPT, false)) {
+flags |= BLOCK_FLAG_ENCRYPT;
 }
 
-ret = bdrv_create_file(filename, options, NULL, &local_err);
+ret = bdrv_create_file(filename, NULL, opts, &local_err);
 if (ret < 0) {
 qerror_report_err(local_err);
 error_free(local_err);
-return ret;
+goto cleanup;
 }
 
 ret = bdrv_file_open(&qcow_bs, filename, NULL, NULL, BDRV_O_RDWR,
@@ -696,7 +690,7 @@ static int qcow_create(const char *filename, 
QEMUOptionParameter *options,
 if (ret < 0) {
 qerror_report_err(local_err);
 error_free(local_err);
-return ret;
+goto cleanup;
 }
 
 ret = bdrv_truncate(qcow_bs, 0);
@@ -767,6 +761,8 @@ static int qcow_create(const char *filename, 
QEMUOptionParameter *options,
 ret = 0;
 exit:
 bdrv_unref(qcow_bs);
+cleanup:
+g_free(backing_file);
 return ret;
 }
 
@@ -879,24 +875,28 @@ static int qcow_get_info(BlockDriverState *bs, 
BlockDriverInfo *bdi)
 return 0;
 }
 
-
-static QEMUOptionParameter qcow_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{
-.name = BLOCK_OPT_BACKING_FILE,
-.type = OPT_STRING,
-.help = "File name of a base image"
-},
-{
-.name = BLOCK_OPT_ENCRYPT,
-.type = OPT_FLAG,
-.help = "Encrypt the image"
-},
-{ NULL }
+static QemuOptsList qcow_create_opts = {
+.name = "qcow-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(qcow_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{
+.name = BLOCK_OPT_BACKING_FILE,
+.type = QEMU_OPT_STRING,
+.help = "File name of a base image"
+},
+{
+.name = BLOCK_OPT_ENCRYPT,
+.type = QEMU_OPT_BOOL,
+.help = "Encrypt the image",
+.def_value_str = "off"
+},
+{ /* end of list */ }
+}
 };
 
 static BlockDriver bdrv_qcow = {
@@ -905,8 +905,8 @@ static BlockDriver bdrv_qcow = {
 .bdrv_probe= qcow_probe,
 .bdrv_open = qcow_open,
 .bdrv_close= qcow_close,
-.bdrv_reopen_prepare = qcow_reopen_prepare,
-.bdrv_create   = qcow_create,
+.bdrv_reopen_prepare= qcow_reopen_prepare,
+.bdrv_create2   = qcow_create,
 .bdrv_has_zero_init = bdrv_has_zero_init_1,
 
 .bdrv_co_readv  = qcow_co_readv,
@@ -918,7 +918,7 @@ static BlockDriver bdrv_qcow = {
 .bdrv_write_compressed  = qcow_write_compressed,
 .bdrv_get_info  = qcow_get_info,
 
-.create_options = qcow_create_options,
+.create_opts= &qcow_create_opts,
 };
 
 static void bdrv_qcow_init(void)
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 25/25] cleanup QEMUOptionParameter

[Chunyan Liu]

Now all places using QEMUOptionParameter could use QemuOpts too, remove
QEMUOptionParameter related code.

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block.c   |   69 ++--
 block/cow.c   |4 +-
 block/gluster.c   |8 +-
 block/qcow.c  |4 +-
 block/qcow2.c |6 +-
 block/qed.c   |4 +-
 block/raw-posix.c |   10 +-
 block/raw-win32.c |2 +-
 block/raw_bsd.c   |4 +-
 block/rbd.c   |2 +-
 block/sheepdog.c  |6 +-
 block/ssh.c   |2 +-
 block/vdi.c   |2 +-
 block/vhdx.c  |4 +-
 block/vmdk.c  |6 +-
 block/vpc.c   |2 +-
 block/vvfat.c |2 +-
 include/block/block.h |8 +-
 include/block/block_int.h |   13 +--
 include/qemu/option.h |   44 -
 qemu-img.c|   57 +--
 util/qemu-option.c|  399 -
 22 files changed, 63 insertions(+), 595 deletions(-)

diff --git a/block.c b/block.c
index 300f387..307959a 100644
--- a/block.c
+++ b/block.c
@@ -407,7 +407,6 @@ BlockDriver *bdrv_find_whitelisted_format(const char 
*format_name,
 typedef struct CreateCo {
 BlockDriver *drv;
 char *filename;
-QEMUOptionParameter *options;
 QemuOpts *opts;
 int ret;
 Error *err;
@@ -421,11 +420,7 @@ static void coroutine_fn bdrv_create_co_entry(void *opaque)
 CreateCo *cco = opaque;
 assert(cco->drv);
 
-if (cco->drv->bdrv_create2) {
-ret = cco->drv->bdrv_create2(cco->filename, cco->opts, &local_err);
-} else {
-ret = cco->drv->bdrv_create(cco->filename, cco->options, &local_err);
-}
+ret = cco->drv->bdrv_create(cco->filename, cco->opts, &local_err);
 if (local_err) {
 error_propagate(&cco->err, local_err);
 }
@@ -433,7 +428,7 @@ static void coroutine_fn bdrv_create_co_entry(void *opaque)
 }
 
 int bdrv_create(BlockDriver *drv, const char* filename,
-QEMUOptionParameter *options, QemuOpts *opts, Error **errp)
+QemuOpts *opts, Error **errp)
 {
 int ret;
 
@@ -441,13 +436,12 @@ int bdrv_create(BlockDriver *drv, const char* filename,
 CreateCo cco = {
 .drv = drv,
 .filename = g_strdup(filename),
-.options = options,
 .opts = opts,
 .ret = NOT_DONE,
 .err = NULL,
 };
 
-if (!drv->bdrv_create && !drv->bdrv_create2) {
+if (!drv->bdrv_create) {
 error_setg(errp, "Driver '%s' does not support image creation", 
drv->format_name);
 ret = -ENOTSUP;
 goto out;
@@ -478,8 +472,7 @@ out:
 return ret;
 }
 
-int bdrv_create_file(const char* filename, QEMUOptionParameter *options,
- QemuOpts *opts, Error **errp)
+int bdrv_create_file(const char *filename, QemuOpts *opts, Error **errp)
 {
 BlockDriver *drv;
 Error *local_err = NULL;
@@ -491,7 +484,7 @@ int bdrv_create_file(const char* filename, 
QEMUOptionParameter *options,
 return -ENOENT;
 }
 
-ret = bdrv_create(drv, filename, options, opts, &local_err);
+ret = bdrv_create(drv, filename, opts, &local_err);
 if (local_err) {
 error_propagate(errp, local_err);
 }
@@ -1259,7 +1252,6 @@ int bdrv_open(BlockDriverState *bs, const char *filename, 
QDict *options,
 BlockDriverState *bs1;
 int64_t total_size;
 BlockDriver *bdrv_qcow2;
-QEMUOptionParameter *create_options = NULL;
 QemuOpts *opts = NULL;
 QDict *snapshot_options;
 
@@ -1287,20 +1279,11 @@ int bdrv_open(BlockDriverState *bs, const char 
*filename, QDict *options,
 }
 
 bdrv_qcow2 = bdrv_find_format("qcow2");
-if (bdrv_qcow2->bdrv_create2) {
-opts = qemu_opts_create(bdrv_qcow2->create_opts, NULL, 0,
-&error_abort);
-qemu_opt_set_number(opts, BLOCK_OPT_SIZE, total_size);
-} else {
-create_options =
-parse_option_parameters("", bdrv_qcow2->create_options, NULL);
-set_option_parameter_int(create_options, BLOCK_OPT_SIZE,
- total_size);
-}
+opts = qemu_opts_create(bdrv_qcow2->create_opts, NULL, 0,
+&error_abort);
+qemu_opt_set_number(opts, BLOCK_OPT_SIZE, total_size);
 
-ret = bdrv_create(bdrv_qcow2, tmp_filename, create_options, opts,
-  &local_err);
-free_option_parameters(create_options);
+ret = bdrv_create(bdrv_qcow2, tmp_filename, opts, &local_err);
 qemu_opts_del(opts);
 if (ret < 0) {
 error_setg_errno(errp, -ret, "Could not create temporary overlay "
@@ -5216,7 +5199,6 @@ void bdrv_img_create(const char *filename, const char 
*fmt,
  char *options, uint64_t img_size, int flags,

[Qemu-devel] [PATCH v21 08/25] cow.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

cow.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/cow.c |   54 ++
 1 files changed, 26 insertions(+), 28 deletions(-)

diff --git a/block/cow.c b/block/cow.c
index 85c2971..cb48ca4 100644
--- a/block/cow.c
+++ b/block/cow.c
@@ -323,32 +323,25 @@ static void cow_close(BlockDriverState *bs)
 {
 }
 
-static int cow_create(const char *filename, QEMUOptionParameter *options,
-  Error **errp)
+static int cow_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 struct cow_header_v2 cow_header;
 struct stat st;
 int64_t image_sectors = 0;
-const char *image_filename = NULL;
+char *image_filename = NULL;
 Error *local_err = NULL;
 int ret;
 BlockDriverState *cow_bs;
 
 /* Read out options */
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-image_sectors = options->value.n / 512;
-} else if (!strcmp(options->name, BLOCK_OPT_BACKING_FILE)) {
-image_filename = options->value.s;
-}
-options++;
-}
+image_sectors = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0) / 512;
+image_filename = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
 
-ret = bdrv_create_file(filename, options, NULL, &local_err);
+ret = bdrv_create_file(filename, NULL, opts, &local_err);
 if (ret < 0) {
 qerror_report_err(local_err);
 error_free(local_err);
-return ret;
+goto exit;
 }
 
 ret = bdrv_file_open(&cow_bs, filename, NULL, NULL, BDRV_O_RDWR,
@@ -356,7 +349,7 @@ static int cow_create(const char *filename, 
QEMUOptionParameter *options,
 if (ret < 0) {
 qerror_report_err(local_err);
 error_free(local_err);
-return ret;
+goto exit;
 }
 
 memset(&cow_header, 0, sizeof(cow_header));
@@ -389,22 +382,27 @@ static int cow_create(const char *filename, 
QEMUOptionParameter *options,
 }
 
 exit:
+g_free(image_filename);
 bdrv_unref(cow_bs);
 return ret;
 }
 
-static QEMUOptionParameter cow_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{
-.name = BLOCK_OPT_BACKING_FILE,
-.type = OPT_STRING,
-.help = "File name of a base image"
-},
-{ NULL }
+static QemuOptsList cow_create_opts = {
+.name = "cow-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(cow_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{
+.name = BLOCK_OPT_BACKING_FILE,
+.type = QEMU_OPT_STRING,
+.help = "File name of a base image"
+},
+{ /* end of list */ }
+}
 };
 
 static BlockDriver bdrv_cow = {
@@ -414,14 +412,14 @@ static BlockDriver bdrv_cow = {
 .bdrv_probe = cow_probe,
 .bdrv_open  = cow_open,
 .bdrv_close = cow_close,
-.bdrv_create= cow_create,
+.bdrv_create2   = cow_create,
 .bdrv_has_zero_init = bdrv_has_zero_init_1,
 
 .bdrv_read  = cow_co_read,
 .bdrv_write = cow_co_write,
 .bdrv_co_get_block_status   = cow_co_get_block_status,
 
-.create_options = cow_create_options,
+.create_opts   = &cow_create_opts,
 };
 
 static void bdrv_cow_init(void)
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 21/25] vmdk.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

vmdk.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/vmdk.c |  123 +
 1 files changed, 63 insertions(+), 60 deletions(-)

diff --git a/block/vmdk.c b/block/vmdk.c
index 9b6660d..95d52c3 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -1641,17 +1641,16 @@ static int filename_decompose(const char *filename, 
char *path, char *prefix,
 return VMDK_OK;
 }
 
-static int vmdk_create(const char *filename, QEMUOptionParameter *options,
-   Error **errp)
+static int vmdk_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 int idx = 0;
 BlockDriverState *new_bs = NULL;
 Error *local_err;
 char *desc = NULL;
 int64_t total_size = 0, filesize;
-const char *adapter_type = NULL;
-const char *backing_file = NULL;
-const char *fmt = NULL;
+char *adapter_type = NULL;
+char *backing_file = NULL;
+char *fmt = NULL;
 int flags = 0;
 int ret = 0;
 bool flat, split, compress;
@@ -1691,24 +1690,19 @@ static int vmdk_create(const char *filename, 
QEMUOptionParameter *options,
 goto exit;
 }
 /* Read out options */
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-total_size = options->value.n;
-} else if (!strcmp(options->name, BLOCK_OPT_ADAPTER_TYPE)) {
-adapter_type = options->value.s;
-} else if (!strcmp(options->name, BLOCK_OPT_BACKING_FILE)) {
-backing_file = options->value.s;
-} else if (!strcmp(options->name, BLOCK_OPT_COMPAT6)) {
-flags |= options->value.n ? BLOCK_FLAG_COMPAT6 : 0;
-} else if (!strcmp(options->name, BLOCK_OPT_SUBFMT)) {
-fmt = options->value.s;
-} else if (!strcmp(options->name, BLOCK_OPT_ZEROED_GRAIN)) {
-zeroed_grain |= options->value.n;
-}
-options++;
+total_size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
+adapter_type = qemu_opt_get_del(opts, BLOCK_OPT_ADAPTER_TYPE);
+backing_file = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
+if (qemu_opt_get_bool_del(opts, BLOCK_OPT_COMPAT6, false)) {
+flags |= BLOCK_FLAG_COMPAT6;
+}
+fmt = qemu_opt_get_del(opts, BLOCK_OPT_SUBFMT);
+if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ZEROED_GRAIN, false)) {
+zeroed_grain = true;
 }
+
 if (!adapter_type) {
-adapter_type = "ide";
+adapter_type = g_strdup("ide");
 } else if (strcmp(adapter_type, "ide") &&
strcmp(adapter_type, "buslogic") &&
strcmp(adapter_type, "lsilogic") &&
@@ -1724,7 +1718,7 @@ static int vmdk_create(const char *filename, 
QEMUOptionParameter *options,
 }
 if (!fmt) {
 /* Default format to monolithicSparse */
-fmt = "monolithicSparse";
+fmt = g_strdup("monolithicSparse");
 } else if (strcmp(fmt, "monolithicFlat") &&
strcmp(fmt, "monolithicSparse") &&
strcmp(fmt, "twoGbMaxExtentSparse") &&
@@ -1825,7 +1819,7 @@ static int vmdk_create(const char *filename, 
QEMUOptionParameter *options,
 if (!split && !flat) {
 desc_offset = 0x200;
 } else {
-ret = bdrv_create_file(filename, options, NULL, &local_err);
+ret = bdrv_create_file(filename, NULL, opts, &local_err);
 if (ret < 0) {
 error_setg_errno(errp, -ret, "Could not create image file");
 goto exit;
@@ -1853,6 +1847,9 @@ exit:
 if (new_bs) {
 bdrv_unref(new_bs);
 }
+g_free(adapter_type);
+g_free(backing_file);
+g_free(fmt);
 g_free(desc);
 g_string_free(ext_desc_lines, true);
 return ret;
@@ -2020,41 +2017,47 @@ static ImageInfoSpecific 
*vmdk_get_specific_info(BlockDriverState *bs)
 return spec_info;
 }
 
-static QEMUOptionParameter vmdk_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{
-.name = BLOCK_OPT_ADAPTER_TYPE,
-.type = OPT_STRING,
-.help = "Virtual adapter type, can be one of "
-"ide (default), lsilogic, buslogic or legacyESX"
-},
-{
-.name = BLOCK_OPT_BACKING_FILE,
-.type = OPT_STRING,
-.help = "File name of a base image"
-},
-{
-.name = BLOCK_OPT_COMPAT6,
-.type = OPT_FLAG,
-.help = "VMDK version 6 image"
-},
-{
-.name = BLOCK_OPT_SUBFMT,
-.type = OPT_STRING,
-.help =
-"VMDK flat extent format, can be one of "
-"{monolithicSparse (default) | monolithicFlat | 
twoGbMaxExtentSparse | twoGbMaxExtentFlat | streamOptimized} "
-},
-{
-.name = BLOCK_OPT_ZEROED_GRAIN,
-.type = OPT_FLAG,
-.help = "Enable efficient zero writes using the zeroed-grain GTE 
feature"
-},
-{ NULL }
+static QemuOptsLi

[Qemu-devel] [PATCH v21 16/25] raw_bsd.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

raw_bsd.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/raw_bsd.c |   27 +++
 1 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/block/raw_bsd.c b/block/raw_bsd.c
index 9ae5fc2..ee797fd 100644
--- a/block/raw_bsd.c
+++ b/block/raw_bsd.c
@@ -29,13 +29,17 @@
 #include "block/block_int.h"
 #include "qemu/option.h"
 
-static QEMUOptionParameter raw_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{ 0 }
+static QemuOptsList raw_create_opts = {
+.name = "raw-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(raw_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{ /* end of list */ }
+}
 };
 
 static int raw_reopen_prepare(BDRVReopenState *reopen_state,
@@ -139,13 +143,12 @@ static int raw_has_zero_init(BlockDriverState *bs)
 return bdrv_has_zero_init(bs->file);
 }
 
-static int raw_create(const char *filename, QEMUOptionParameter *options,
-  Error **errp)
+static int raw_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 Error *local_err = NULL;
 int ret;
 
-ret = bdrv_create_file(filename, options, NULL, &local_err);
+ret = bdrv_create_file(filename, NULL, opts, &local_err);
 if (local_err) {
 error_propagate(errp, local_err);
 }
@@ -177,7 +180,7 @@ static BlockDriver bdrv_raw = {
 .bdrv_reopen_prepare  = &raw_reopen_prepare,
 .bdrv_open= &raw_open,
 .bdrv_close   = &raw_close,
-.bdrv_create  = &raw_create,
+.bdrv_create2 = &raw_create,
 .bdrv_co_readv= &raw_co_readv,
 .bdrv_co_writev   = &raw_co_writev,
 .bdrv_co_write_zeroes = &raw_co_write_zeroes,
@@ -194,7 +197,7 @@ static BlockDriver bdrv_raw = {
 .bdrv_lock_medium = &raw_lock_medium,
 .bdrv_ioctl   = &raw_ioctl,
 .bdrv_aio_ioctl   = &raw_aio_ioctl,
-.create_options   = &raw_create_options[0],
+.create_opts  = &raw_create_opts,
 .bdrv_has_zero_init   = &raw_has_zero_init
 };
 
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 22/25] vpc.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

vpc.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/vpc.c |   62 --
 1 files changed, 34 insertions(+), 28 deletions(-)

diff --git a/block/vpc.c b/block/vpc.c
index 1d326cb..4570827 100644
--- a/block/vpc.c
+++ b/block/vpc.c
@@ -713,12 +713,11 @@ static int create_fixed_disk(int fd, uint8_t *buf, 
int64_t total_size)
 return ret;
 }
 
-static int vpc_create(const char *filename, QEMUOptionParameter *options,
-  Error **errp)
+static int vpc_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 uint8_t buf[1024];
 VHDFooter *footer = (VHDFooter *) buf;
-QEMUOptionParameter *disk_type_param;
+char *disk_type_param;
 int fd, i;
 uint16_t cyls = 0;
 uint8_t heads = 0;
@@ -729,16 +728,16 @@ static int vpc_create(const char *filename, 
QEMUOptionParameter *options,
 int ret = -EIO;
 
 /* Read out options */
-total_size = get_option_parameter(options, BLOCK_OPT_SIZE)->value.n;
-
-disk_type_param = get_option_parameter(options, BLOCK_OPT_SUBFMT);
-if (disk_type_param && disk_type_param->value.s) {
-if (!strcmp(disk_type_param->value.s, "dynamic")) {
+total_size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
+disk_type_param = qemu_opt_get_del(opts, BLOCK_OPT_SUBFMT);
+if (disk_type_param) {
+if (!strcmp(disk_type_param, "dynamic")) {
 disk_type = VHD_DYNAMIC;
-} else if (!strcmp(disk_type_param->value.s, "fixed")) {
+} else if (!strcmp(disk_type_param, "fixed")) {
 disk_type = VHD_FIXED;
 } else {
-return -EINVAL;
+ret = -EINVAL;
+goto out;
 }
 } else {
 disk_type = VHD_DYNAMIC;
@@ -747,7 +746,8 @@ static int vpc_create(const char *filename, 
QEMUOptionParameter *options,
 /* Create the file */
 fd = qemu_open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
 if (fd < 0) {
-return -EIO;
+ret = -EIO;
+goto out;
 }
 
 /*
@@ -812,8 +812,10 @@ static int vpc_create(const char *filename, 
QEMUOptionParameter *options,
 ret = create_fixed_disk(fd, buf, total_size);
 }
 
- fail:
+fail:
 qemu_close(fd);
+out:
+g_free(disk_type_param);
 return ret;
 }
 
@@ -841,20 +843,24 @@ static void vpc_close(BlockDriverState *bs)
 error_free(s->migration_blocker);
 }
 
-static QEMUOptionParameter vpc_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{
-.name = BLOCK_OPT_SUBFMT,
-.type = OPT_STRING,
-.help =
-"Type of virtual hard disk format. Supported formats are "
-"{dynamic (default) | fixed} "
-},
-{ NULL }
+static QemuOptsList vpc_create_opts = {
+.name = "vpc-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(vpc_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{
+.name = BLOCK_OPT_SUBFMT,
+.type = QEMU_OPT_STRING,
+.help =
+"Type of virtual hard disk format. Supported formats are "
+"{dynamic (default) | fixed} "
+},
+{ /* end of list */ }
+}
 };
 
 static BlockDriver bdrv_vpc = {
@@ -865,14 +871,14 @@ static BlockDriver bdrv_vpc = {
 .bdrv_open  = vpc_open,
 .bdrv_close = vpc_close,
 .bdrv_reopen_prepare= vpc_reopen_prepare,
-.bdrv_create= vpc_create,
+.bdrv_create2   = vpc_create,
 
 .bdrv_read  = vpc_co_read,
 .bdrv_write = vpc_co_write,
 
 .bdrv_get_info  = vpc_get_info,
 
-.create_options = vpc_create_options,
+.create_opts= &vpc_create_opts,
 .bdrv_has_zero_init = vpc_has_zero_init,
 };
 
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 24/25] vvfat.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

vvfat.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/vvfat.c |   10 +-
 1 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/block/vvfat.c b/block/vvfat.c
index c8c8a1c..d901250 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -2910,7 +2910,7 @@ static BlockDriver vvfat_write_target = {
 static int enable_write_target(BDRVVVFATState *s)
 {
 BlockDriver *bdrv_qcow;
-QEMUOptionParameter *options;
+QemuOpts *opts;
 Error *local_err = NULL;
 int ret;
 int size = sector2cluster(s, s->sector_count);
@@ -2925,11 +2925,11 @@ static int enable_write_target(BDRVVVFATState *s)
 }
 
 bdrv_qcow = bdrv_find_format("qcow");
-options = parse_option_parameters("", bdrv_qcow->create_options, NULL);
-set_option_parameter_int(options, BLOCK_OPT_SIZE, s->sector_count * 512);
-set_option_parameter(options, BLOCK_OPT_BACKING_FILE, "fat:");
+opts = qemu_opts_create(bdrv_qcow->create_opts, NULL, 0, &error_abort);
+qemu_opt_set_number(opts, BLOCK_OPT_SIZE, s->sector_count * 512);
+qemu_opt_set(opts, BLOCK_OPT_BACKING_FILE, "fat:");
 
-ret = bdrv_create(bdrv_qcow, s->qcow_filename, options, NULL, &local_err);
+ret = bdrv_create(bdrv_qcow, s->qcow_filename, NULL, opts, &local_err);
 if (ret < 0) {
 qerror_report_err(local_err);
 error_free(local_err);
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 17/25] rbd.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

rbd.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/rbd.c |   63 --
 1 files changed, 30 insertions(+), 33 deletions(-)

diff --git a/block/rbd.c b/block/rbd.c
index dbc79f4..f878877 100644
--- a/block/rbd.c
+++ b/block/rbd.c
@@ -282,8 +282,7 @@ static int qemu_rbd_set_conf(rados_t cluster, const char 
*conf)
 return ret;
 }
 
-static int qemu_rbd_create(const char *filename, QEMUOptionParameter *options,
-   Error **errp)
+static int qemu_rbd_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 int64_t bytes = 0;
 int64_t objsize;
@@ -306,24 +305,18 @@ static int qemu_rbd_create(const char *filename, 
QEMUOptionParameter *options,
 }
 
 /* Read out options */
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-bytes = options->value.n;
-} else if (!strcmp(options->name, BLOCK_OPT_CLUSTER_SIZE)) {
-if (options->value.n) {
-objsize = options->value.n;
-if ((objsize - 1) & objsize) {/* not a power of 2? */
-error_report("obj size needs to be power of 2");
-return -EINVAL;
-}
-if (objsize < 4096) {
-error_report("obj size too small");
-return -EINVAL;
-}
-obj_order = ffs(objsize) - 1;
-}
+bytes = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
+objsize = qemu_opt_get_size_del(opts, BLOCK_OPT_CLUSTER_SIZE, 0);
+if (objsize) {
+if ((objsize - 1) & objsize) {/* not a power of 2? */
+error_report("obj size needs to be power of 2");
+return -EINVAL;
+}
+if (objsize < 4096) {
+error_report("obj size too small");
+return -EINVAL;
 }
-options++;
+obj_order = ffs(objsize) - 1;
 }
 
 clientname = qemu_rbd_parse_clientname(conf, clientname_buf);
@@ -900,18 +893,22 @@ static BlockDriverAIOCB* 
qemu_rbd_aio_discard(BlockDriverState *bs,
 }
 #endif
 
-static QEMUOptionParameter qemu_rbd_create_options[] = {
-{
- .name = BLOCK_OPT_SIZE,
- .type = OPT_SIZE,
- .help = "Virtual disk size"
-},
-{
- .name = BLOCK_OPT_CLUSTER_SIZE,
- .type = OPT_SIZE,
- .help = "RBD object size"
-},
-{NULL}
+static QemuOptsList qemu_rbd_create_opts = {
+.name = "rbd-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(qemu_rbd_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{
+.name = BLOCK_OPT_CLUSTER_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "RBD object size"
+},
+{ /* end of list */ }
+}
 };
 
 static BlockDriver bdrv_rbd = {
@@ -920,10 +917,10 @@ static BlockDriver bdrv_rbd = {
 .bdrv_needs_filename = true,
 .bdrv_file_open = qemu_rbd_open,
 .bdrv_close = qemu_rbd_close,
-.bdrv_create= qemu_rbd_create,
+.bdrv_create2   = qemu_rbd_create,
 .bdrv_has_zero_init = bdrv_has_zero_init_1,
 .bdrv_get_info  = qemu_rbd_getinfo,
-.create_options = qemu_rbd_create_options,
+.create_opts= &qemu_rbd_create_opts,
 .bdrv_getlength = qemu_rbd_getlength,
 .bdrv_truncate  = qemu_rbd_truncate,
 .protocol_name  = "rbd",
-- 
1.6.0.2

[Qemu-devel] [PATCH v21 15/25] raw-win32.c: replace QEMUOptionParameter with QemuOpts

[Chunyan Liu]

raw-win32.c: replace QEMUOptionParameter with QemuOpts

Signed-off-by: Dong Xu Wang 
Signed-off-by: Chunyan Liu 
---
 block/raw-win32.c |   34 +-
 1 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/block/raw-win32.c b/block/raw-win32.c
index ae1c8e6..d94973f 100644
--- a/block/raw-win32.c
+++ b/block/raw-win32.c
@@ -464,19 +464,14 @@ static int64_t 
raw_get_allocated_file_size(BlockDriverState *bs)
 return st.st_size;
 }
 
-static int raw_create(const char *filename, QEMUOptionParameter *options,
-  Error **errp)
+static int raw_create(const char *filename, QemuOpts *opts, Error **errp)
 {
 int fd;
 int64_t total_size = 0;
 
 /* Read out options */
-while (options && options->name) {
-if (!strcmp(options->name, BLOCK_OPT_SIZE)) {
-total_size = options->value.n / 512;
-}
-options++;
-}
+total_size =
+qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0) / 512;
 
 fd = qemu_open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY,
0644);
@@ -490,13 +485,18 @@ static int raw_create(const char *filename, 
QEMUOptionParameter *options,
 return 0;
 }
 
-static QEMUOptionParameter raw_create_options[] = {
-{
-.name = BLOCK_OPT_SIZE,
-.type = OPT_SIZE,
-.help = "Virtual disk size"
-},
-{ NULL }
+
+static QemuOptsList raw_create_opts = {
+.name = "raw-create-opts",
+.head = QTAILQ_HEAD_INITIALIZER(raw_create_opts.head),
+.desc = {
+{
+.name = BLOCK_OPT_SIZE,
+.type = QEMU_OPT_SIZE,
+.help = "Virtual disk size"
+},
+{ /* end of list */ }
+}
 };
 
 static BlockDriver bdrv_file = {
@@ -506,7 +506,7 @@ static BlockDriver bdrv_file = {
 .bdrv_needs_filename = true,
 .bdrv_file_open= raw_open,
 .bdrv_close= raw_close,
-.bdrv_create   = raw_create,
+.bdrv_create2   = raw_create,
 .bdrv_has_zero_init = bdrv_has_zero_init_1,
 
 .bdrv_aio_readv = raw_aio_readv,
@@ -518,7 +518,7 @@ static BlockDriver bdrv_file = {
 .bdrv_get_allocated_file_size
 = raw_get_allocated_file_size,
 
-.create_options = raw_create_options,
+.create_opts= &raw_create_opts,
 };
 
 /***/
-- 
1.6.0.2