Re: [Qemu-devel] [PATCH 0/3] virtio: Eliminate "exit(1)" upon invalid request in virtio-blk and virtio-scsi
"Michael S. Tsirkin" writes: > On Wed, Apr 23, 2014 at 11:22:51AM +0800, Fam Zheng wrote: >> On Tue, 04/22 22:12, Michael S. Tsirkin wrote: >> > On Tue, Apr 22, 2014 at 04:55:14PM +0800, Fam Zheng wrote: >> > > Today, buggy or malicous guests that submit invalid requests can >> > > cause QEMU's >> > > exit with an error message, which is not friendly to neither >> > > user/admin nor >> > > guest. When passing through a virtio device to a nested vm, >> > > there is also an >> > > D.O.S. vulnerability. >> > > >> > > This series adds "broken" flag to VirtIODevice and allows device >> > > emulation code >> > > to set it if invalid data from guest is seen, and then decide >> > > what to do with >> > > the (invalid and/or further) requests, by checking the status of the >> > > flag. >> > > >> > > Upon device reset, "broken" is cleared and the device comes back to >> > > normal >> > > again. >> > > >> > > In the patch 2 and 3, virtio-blk and virtio-scsi will just set >> > > the broken flag, >> > > and stop poping requests from virt queue. In other words, the >> > > guest will find >> > > the device inresponsive, the only way it can do is resetting the device. >> > > >> > > Other virtio device types, as well as virtqueue core code, have >> > > more exit(1)'s >> > > to be converted, but could be done on top of this. >> > > >> > > Thanks, >> > > Fam >> > > >> > >> > >> > It still seems trivially easy for a buggy guest to cause qemu to >> > abort, e.g. by supplying an invalid physical address to write to. >> > >> > OTOH it seems possible that killing the malicious guest early reduces our >> > security attack surface. >> > >> >> IMO, a buggy guest doing wrong operations is not necessarily the end of world >> for QEMU, we shouldn't tear down the whole process because of invalid input. > > OK so we'd have to find a way to handle errors under memory APIs, > in such a way that doesn't break all users. > Maybe returning some dummy value on read and on ignoring writes? > Another tricky issue would be device triggering infinite recursion by > doing io on itself. I'm not too familiar with the memory APIs, so take this with the due grain of salt. You want the API to check its input rigorously, *especially* when they come from untrusted sources. If bad input should not happen, you want to abort right away, so you can debug how it happened. If the input comes from the guest, you want the API to return an error, so you can log the guest's bad behavior, and recover appropriately. Often, the only practical recovery is to put the device in question in a guest-visible error state, which can be escaped only via device reset. If the input comes from a monitor command, you also want the API to return an error, so you can report the error and fail the command. Could you give a use case for silently doing nothing / returning garbage? >> This series is a step towards getting rid of such code, > > Sure, incremental patches are good. At this point I think it's > a good idea to clearly mark this as RFC - I don't think we should yet merge > this upstream until the solution is a bit more complete. > > Changing virtio is the easy part though, so I'm not sure it's a good > idea to start there. Does this series hinder work on the harder parts in any way? Does it pick a specific solution that may not work for the harder parts? If not, then I can't see what keeping it out of tree can buy us. >> if there are trivial >> ways to abort qemu from a guest bug, > > There's no "if" here :) > >> then they may be candidates to improve as >> well. > > I'd say let's see some progress on the harder parts of the problem first. > > >> Regarding the malicious guest, protecting D.O.S. attack is also >> valuable, isn't >> it? >> >> Thanks, >> Fam > > Guest denying itself a service? I'm not sure why it's valuable. If I remember correctly, the DOS involved passthrough of a virtual device to a nested guest or something like that. Guest killing itself is unexciting, nested guest killing its host qualifies as DOS. I guess our current answer to that is "don't do that then". > If we can have a guarantee (even if that's only for some specific > machine types) that illegal input won't ever cause QEMU > to abort, that could be valuable e.g. to make fuzzing easier. > Just not having it abort on a specific path only serves to make > guest driver development easier. That also has value but only for > things that are hard for drivers to get right. > E.g. what's the chance driver gets the header size wrong? Probably nil. Too complicated an argument for me. I'd rather stick to a simple rule: if bad input comes from the guest or a monitor command, log / report the error and recover. But yes, we need to get there step by step, and some steps are more important than others.
Re: [Qemu-devel] [PATCH] ps2: set ps/2 output buffer size as the same as kernel
> Subject: Re: [PATCH] ps2: set ps/2 output buffer size as the same as kernel
>
> > @@ -137,7 +139,7 @@ void ps2_queue(void *opaque, int b)
> > PS2State *s = (PS2State *)opaque;
> > PS2Queue *q = &s->queue;
> >
> > -if (q->count >= PS2_QUEUE_SIZE)
> > +if (q->count >= PS2_QUEUE_SIZE - 1)
>
> Why?
>
Because when the queue buffer is 16 bytes (full), the i8042_controller_check()
will report the error in linux kernel code. And the testing results show
decreasing 1 is necessary.
> > if (!(s->mouse_status & MOUSE_STATUS_REMOTE) &&
> > -(s->common.queue.count < (PS2_QUEUE_SIZE - 16))) {
> > +(s->common.queue.count < PS2_QUEUE_SIZE)) {
>
> To me this looks like an attempt to make sure the queue has enough space
> for the whole mouse message. Message size is 3 or 4 bytes (depending on
> mode), so I think we should make that "... < (PS2_QUEUE_SIZE-4)".
>
TBH, I don't understand the reason, and I haven't found any patches
about " PS2_QUEUE_SIZE - 16". But I quite agree with you, and I will test it.
> > for(;;) {
> > /* if not remote, send event. Multiple events are sent if
> > too big deltas */
>
> ... and move the check into the loop. Or, maybe even better, into the
> ps2_mouse_send_packet() function.
>
OK.
> > +for (i = 0; i < size; i++) {
> > +/* move the queue elements to the temporary buffer */
> > +tmp_data[i] = q->data[q->rptr];
> > +if (++q->rptr == 256) {
> > +q->rptr = 0;
> > +}
> > +}
> > +/* move the queue elements to the start of data array */
> > +if (size > 0) {
> > +memcpy(q->data, tmp_data, size);
> > +}
>
> You can move the loop into the "if (size > 0) { ... }" section.
>
Agreed.
> > static const VMStateDescription vmstate_ps2_mouse = {
> > .name = "ps2mouse",
> > .version_id = 2,
> > .minimum_version_id = 2,
> > .minimum_version_id_old = 2,
> > +.post_load = ps2_mouse_post_load,
>
> You have to call ps2_common_post_load in pre_save too.
>
OK. I will rework the patch and test it. Thanks, Gerd.
Best regards,
-Gonglei
Re: [Qemu-devel] [PATCH] block: Expose host_* drivers in blockdev-add
Kevin Wolf writes:
> Am 23.04.2014 um 17:34 hat Eric Blake geschrieben:
>> On 04/23/2014 09:12 AM, Kevin Wolf wrote:
>> > All the functionality to use the host_device, host_cdrom and host_floppy
>> > drivers is already there, they just need to be added to the schema.
>> >
>> > Signed-off-by: Kevin Wolf
>> > ---
>> > qapi-schema.json | 6 +-
>> > 1 file changed, 5 insertions(+), 1 deletion(-)
>> >
>> > diff --git a/qapi-schema.json b/qapi-schema.json
>> > index 391356f..0fc0f12 100644
>> > --- a/qapi-schema.json
>> > +++ b/qapi-schema.json
>> > @@ -4288,7 +4288,8 @@
>> > # Since: 2.0
>>
>> We haven't been good at tracking enum growth, but it can't hurt to try.
>> It might be worth changing this line to read:
>>
>> # Since: 2.0, 'host_device', 'host_cdrom', 'host_floppy' since 2.1
>
> I'm fine with documenting the changes, but this format doesn't look like
> it works very well in the long term.
>
>> > ##
>> > { 'enum': 'BlockdevDriver',
>> > - 'data': [ 'file', 'http', 'https', 'ftp', 'ftps', 'tftp',
>> > vvfat', 'blkdebug',
>> > + 'data': [ 'file', 'host_device', 'host_cdrom', 'host_floppy',
>>
>> Any reason you used _ instead of - in these names? Newer QMP tends to
>> prefer - unless there is a good reason why _ has already been baked in
>> due to back-compat.
>
> The block driver has always been called host_device with an underscore.
> We can't change it because that would break compatibility on the command
> line.
A simple indirection could buy us a little more consistency in QMP. If
you say that's not worth the trouble because there's so much
inconsistency already, you have a point. I still hate it, though :)
Probably the only way to stop the proliferation of this '-' vs. '_'
nuisance is to accept both '-' and '_' everywhere in QMP, and use only
'-' in documentation. Clearly beyond the scope of your patch.
Re: [Qemu-devel] Monitor Readline - no terminal echo after exit
Mike Day writes: > I believe someone on the list mentioned they are seeing a couple > problems entering and exiting the Monitor. I'd like to look at this more > closely, starting with my most pending issue: losing the terminal echo > after exiting the Monitor. Reproducer? > Does anyone have a quick pointer as to where I should look for this > code? Otherwise I'll start looking through main_loop and friends and > vl.c for init and destroy routines. The monitor runs on top of a QEMU chardev. Suggest to start digging at monitor_init(), both into the monitor itself, and into the CharDriverState object.
Re: [Qemu-devel] [RFC PATCH v2 00/16] visitor+BER migration format
"Dr. David Alan Gilbert" writes: > * Eric Blake (ebl...@redhat.com) wrote: >> On 04/23/2014 10:37 AM, Dr. David Alan Gilbert (git) wrote: >> > From: "Dr. David Alan Gilbert" >> > >> >> >4) At the moment you select BER output format by setting an environment >> > variable ( export QEMUMIGFORMAT=BER ) , I need to put more thought >> > in to the right way to do this, there are some harder questions like >> > what happens to devices that are still using pre-vmstate encodings >> > (that are currently sent as blobs) when they eventually convert over >> > and thus how to keep compatibility with earlier BER output versions >> > where they were blobs. >> >> I don't have good advice on how to address intra-version design (what >> happens when an old version of BER sends a blob but a new version on the >> receiving side expects formatted data instead of a blob), other than >> it's going to be similar to any other intra-version design that we >> already have to consider when upgrading from old to new qemu. >> >> But for how to select BER format, I _do_ have an idea: >> >> https://lists.gnu.org/archive/html/qemu-devel/2014-04/msg00782.html >> >> Basically, I think that the choice of migration format should be >> selected via a new extended capability added to >> migrate-set-capabilities. Setting the choice at the environment >> variable is too inflexible (it's locked down for the duration of the >> entire qemu process), whereas setting it via QMP is desirable (for >> example, it would let us choose at the time of migration whether we are >> migrating to an older host and want the old format, or migrating to a >> file for checkpointing reasons and want the new format). > > Yep, that would certainly be easy to do - and I can do that for > the next version. > It's more the intra-version I'm worried about, primarily because I don't > want to have to wait until every device is vmstate'd before moving this > code forward. > > The one thing that the environment variable does make nice and easy, > for dev, is using it with existing test setups - e.g. running virt-test > in BER mode or existing mode. Sounds like a useful hack to speed up development, but not so much like a useful permanent API :)
Re: [Qemu-devel] [PATCH v8] net: L2TPv3 transport
On Sun, Apr 06, 2014 at 03:22:16PM +0100, anton.iva...@kot-begemot.co.uk wrote:
> +int net_init_l2tpv3(const NetClientOptions *opts,
> +const char *name,
> +NetClientState *peer)
> +{
> +
> +
> +const NetdevL2TPv3Options *l2tpv3;
> +NetL2TPV3State *s;
> +NetClientState *nc;
> +int fd = -1, gairet;
> +struct addrinfo hints;
> +struct addrinfo *result = NULL;
> +char *srcport, *dstport;
> +
> +nc = qemu_new_net_client(&net_l2tpv3_info, peer, "l2tpv3", name);
> +
> +s = DO_UPCAST(NetL2TPV3State, nc, nc);
> +
> +s->queue_head = 0;
> +s->queue_tail = 0;
> +s->header_mismatch = false;
> +
> +assert(opts->kind == NET_CLIENT_OPTIONS_KIND_L2TPV3);
> +l2tpv3 = opts->l2tpv3;
> +
> +if (l2tpv3->has_ipv6 && l2tpv3->ipv6) {
> +s->ipv6 = l2tpv3->ipv6;
> +} else {
> +s->ipv6 = false;
> +}
> +
> +if ((l2tpv3->has_offset) && (l2tpv3->offset > 256)) {
> +error_report("l2tpv3_open : offset must be less than 256 bytes");
> +goto outerr;
> +}
> +
> +if (l2tpv3->has_rxcookie || l2tpv3->has_txcookie) {
> +if (l2tpv3->has_rxcookie && l2tpv3->has_txcookie) {
> +s->cookie = true;
> +} else {
> +goto outerr;
> +}
> +} else {
> +s->cookie = false;
> +}
> +
> +if (l2tpv3->has_cookie64 || l2tpv3->cookie64) {
> +s->cookie_is_64 = true;
> +} else {
> +s->cookie_is_64 = false;
> +}
> +
> +if (l2tpv3->has_udp && l2tpv3->udp) {
> +s->udp = true;
> +if (!(l2tpv3->has_srcport && l2tpv3->has_dstport)) {
> +error_report("l2tpv3_open : need both src and dst port for udp");
> +goto outerr;
> +} else {
> +srcport = l2tpv3->srcport;
> +dstport = l2tpv3->dstport;
> +}
> +} else {
> +s->udp = false;
> +srcport = NULL;
> +dstport = NULL;
> +}
> +
> +
> +s->offset = 4;
> +s->session_offset = 0;
> +s->cookie_offset = 4;
> +s->counter_offset = 4;
> +
> +s->tx_session = l2tpv3->txsession;
> +if (l2tpv3->has_rxsession) {
> +s->rx_session = l2tpv3->rxsession;
> +} else {
> +s->rx_session = s->tx_session;
> +}
> +
> +if (s->cookie) {
> +s->rx_cookie = l2tpv3->rxcookie;
> +s->tx_cookie = l2tpv3->txcookie;
> +if (s->cookie_is_64 == true) {
> +/* 64 bit cookie */
> +s->offset += 8;
> +s->counter_offset += 8;
> +} else {
> +/* 32 bit cookie */
> +s->offset += 4;
> +s->counter_offset += 4;
> +}
> +}
> +
> +memset(&hints, 0, sizeof(hints));
> +
> +if (s->ipv6) {
> +hints.ai_family = AF_INET6;
> +} else {
> +hints.ai_family = AF_INET;
> +}
> +if (s->udp) {
> +hints.ai_socktype = SOCK_DGRAM;
> +hints.ai_protocol = 0;
> +s->offset += 4;
> +s->counter_offset += 4;
> +s->session_offset += 4;
> +s->cookie_offset += 4;
> +} else {
> +hints.ai_socktype = SOCK_RAW;
> +hints.ai_protocol = IPPROTO_L2TP;
> +}
> +
> +gairet = getaddrinfo(l2tpv3->src, srcport, &hints, &result);
> +
> +if ((gairet != 0) || (result == NULL)) {
> +error_report(
> +"l2tpv3_open : could not resolve src, errno = %s",
> +gai_strerror(gairet)
> +);
> +goto outerr;
> +}
> +fd = socket(result->ai_family, result->ai_socktype, result->ai_protocol);
> +if (fd == -1) {
> +fd = -errno;
> +error_report("l2tpv3_open : socket creation failed, errno = %d",
> -fd);
> +freeaddrinfo(result);
> +goto outerr;
> +}
> +if (bind(fd, (struct sockaddr *) result->ai_addr, result->ai_addrlen)) {
> +error_report("l2tpv3_open : could not bind socket err=%i", errno);
> +goto outerr;
> +}
> +
> +freeaddrinfo(result);
It's a little risky to do this without:
result = NULL;
If we take the goto outerr below (for example, if getaddrinfo() doesn't
assign NULL before returning an error value) or the code is changed in
the future, then we'd get a double-free in the outerr code path.
> +
> +memset(&hints, 0, sizeof(hints));
> +
> +if (s->ipv6) {
> +hints.ai_family = AF_INET6;
> +} else {
> +hints.ai_family = AF_INET;
> +}
> +if (s->udp) {
> +hints.ai_socktype = SOCK_DGRAM;
> +hints.ai_protocol = 0;
> +} else {
> +hints.ai_socktype = SOCK_RAW;
> +hints.ai_protocol = IPPROTO_L2TP;
> +}
> +
> +gairet = getaddrinfo(l2tpv3->dst, dstport, &hints, &result);
> +if ((gairet != 0) || (result == NULL)) {
> +error_report(
> +"l2tpv3_open : could not resolve dst, error = %s",
> +gai_strerror(gairet)
> +);
> +goto outerr;
> +}
> +
> +s->dgram_dst = g_mall
Re: [Qemu-devel] [Bug 1288620] Re: memory leak with default NIC model
Aidan Gauland writes: > On Wed, 23 Apr 2014 13:10:39 -, Stefan Hajnoczi wrote: >> So this is a problem that only happens under Valgrind? Perhaps this >> is >> a valgrind bug. > > No, it happens outside of Valgrind as well. It only happens when QEMU > is told to read a config file (with -readconfig). Please post a valgrind.log from a leaky run. If it's big (it almost certainly is), attach it to the bug rather than sending it to the list.
Re: [Qemu-devel] [patch 2/2] target-i386: block migration and savevm if invariant tsc is exposed
On Thu, Apr 24, 2014 at 04:42:33PM -0400, Paolo Bonzini wrote: > Il 22/04/2014 21:14, Eduardo Habkost ha scritto: > >Not for "-cpu host". If somebody needs migration to work, they shouldn't > >be using "-cpu host" anyway (I don't know if you have seen the other > >comments in my message?). > > I'm not entirely sure. If you have hosts with exactly identical > chipsets, "-cpu host" migration will in all likelihood work. > Marcelo's approach is safer. If that didn't break other use cases, I would agree. But "-cpu host" today covers two use cases: 1) enabling everything that can be enabled, even if it breaks migration; 2) enabling all stuff that can be safely enabled without breaking migration. Now we can't do both at the same time[1]. (1) is important for management software; (2) works only if you are lucky. Why would it make sense to break (1) to try make (2) work? [1] I would even argue that we never did both at the same time."-cpu host" depends on host hardware capabilities, host kernel capabilities, and host QEMU version (we never took care of keeping guest ABI with "-cpu host"). If migration did work, it was never supposed to. -- Eduardo
[Qemu-devel] [PATCH 2/3] disas/libvixl: Add missing ULL suffixes
Upstream libvixl 1.3 fixes a number of the places which needed
ULL suffixes, but not all of them; reapply those ones from
commit 37fd5b53b which are still relevant.
Signed-off-by: Peter Maydell
---
disas/libvixl/a64/instructions-a64.h | 24
disas/libvixl/utils.h| 4 ++--
2 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/disas/libvixl/a64/instructions-a64.h
b/disas/libvixl/a64/instructions-a64.h
index 4eaee58..d7b09e2 100644
--- a/disas/libvixl/a64/instructions-a64.h
+++ b/disas/libvixl/a64/instructions-a64.h
@@ -58,20 +58,20 @@ const unsigned kDRegSizeLog2 = 6;
const unsigned kDRegSizeInBytes = kDRegSize / 8;
const unsigned kDRegSizeInBytesLog2 = kDRegSizeLog2 - 3;
const uint64_t kWRegMask = 0x;
-const uint64_t kXRegMask = 0x;
+const uint64_t kXRegMask = 0xULL;
const uint64_t kSRegMask = 0x;
-const uint64_t kDRegMask = 0x;
+const uint64_t kDRegMask = 0xULL;
const uint64_t kSSignMask = 0x8000;
-const uint64_t kDSignMask = 0x8000;
+const uint64_t kDSignMask = 0x8000ULL;
const uint64_t kWSignMask = 0x8000;
-const uint64_t kXSignMask = 0x8000;
+const uint64_t kXSignMask = 0x8000ULL;
const uint64_t kByteMask = 0xff;
const uint64_t kHalfWordMask = 0x;
const uint64_t kWordMask = 0x;
-const uint64_t kXMaxUInt = 0x;
+const uint64_t kXMaxUInt = 0xULL;
const uint64_t kWMaxUInt = 0x;
-const int64_t kXMaxInt = 0x7fff;
-const int64_t kXMinInt = 0x8000;
+const int64_t kXMaxInt = 0x7fffULL;
+const int64_t kXMinInt = 0x8000ULL;
const int32_t kWMaxInt = 0x7fff;
const int32_t kWMinInt = 0x8000;
const unsigned kLinkRegCode = 30;
@@ -87,20 +87,20 @@ const unsigned kFloatExponentBits = 8;
const float kFP32PositiveInfinity = rawbits_to_float(0x7f80);
const float kFP32NegativeInfinity = rawbits_to_float(0xff80);
-const double kFP64PositiveInfinity = rawbits_to_double(0x7ff0);
-const double kFP64NegativeInfinity = rawbits_to_double(0xfff0);
+const double kFP64PositiveInfinity = rawbits_to_double(0x7ff0ULL);
+const double kFP64NegativeInfinity = rawbits_to_double(0xfff0ULL);
// This value is a signalling NaN as both a double and as a float (taking the
// least-significant word).
-static const double kFP64SignallingNaN = rawbits_to_double(0x7ff07f81);
+static const double kFP64SignallingNaN =
rawbits_to_double(0x7ff07f81ULL);
static const float kFP32SignallingNaN = rawbits_to_float(0x7f81);
// A similar value, but as a quiet NaN.
-static const double kFP64QuietNaN = rawbits_to_double(0x7ff87fc1);
+static const double kFP64QuietNaN = rawbits_to_double(0x7ff87fc1ULL);
static const float kFP32QuietNaN = rawbits_to_float(0x7fc1);
// The default NaN values (for FPCR.DN=1).
-static const double kFP64DefaultNaN = rawbits_to_double(0x7ff8);
+static const double kFP64DefaultNaN = rawbits_to_double(0x7ff8ULL);
static const float kFP32DefaultNaN = rawbits_to_float(0x7fc0);
diff --git a/disas/libvixl/utils.h b/disas/libvixl/utils.h
index bed70c6..34fb50e 100644
--- a/disas/libvixl/utils.h
+++ b/disas/libvixl/utils.h
@@ -99,7 +99,7 @@ double rawbits_to_double(uint64_t bits);
// NaN tests.
inline bool IsSignallingNaN(double num) {
- const uint64_t kFP64QuietNaNMask = 0x0008;
+ const uint64_t kFP64QuietNaNMask = 0x0008ULL;
uint64_t raw = double_to_rawbits(num);
if (isnan(num) && ((raw & kFP64QuietNaNMask) == 0)) {
return true;
@@ -126,7 +126,7 @@ inline bool IsQuietNaN(T num) {
// Convert the NaN in 'num' to a quiet NaN.
inline double ToQuietNaN(double num) {
- const uint64_t kFP64QuietNaNMask = 0x0008;
+ const uint64_t kFP64QuietNaNMask = 0x0008ULL;
VIXL_ASSERT(isnan(num));
return rawbits_to_double(double_to_rawbits(num) | kFP64QuietNaNMask);
}
--
1.9.2
[Qemu-devel] [PULL 00/40] target-alpha queue
Pull request for the patch series posted here Message-Id: <1397763195-1485-1-git-send-email-...@twiddle.net> http://lists.gnu.org/archive/html/qemu-devel/2014-04/msg02763.html Since there are no changes since then, I'm just posting the pull. Thanks, r~ The following changes since commit a9e8aeb3755bccb7b51174adcf4a3fc427e0d147: Update version for v2.0.0 release (2014-04-17 13:41:45 +0100) are available in the git repository at: git://github.com/rth7680/qemu.git tags/tgt-axp-pull-20140424 for you to fetch changes up to 06ef8604e92964cbf30084b7d31091aa7cbbb62f: target-alpha: Remove cpu_unique, cpu_sysval, cpu_usp (2014-04-17 11:47:42 -0700) target-alpha queue pull for 20140424 Paolo Bonzini (1): target-alpha: fix the braces Richard Henderson (39): target-alpha: Introduce REQUIRE_TB_FLAG target-alpha: Introduce REQUIRE_REG_31 target-alpha: Introduce functions for source/sink target-alpha: Convert opcode 0x11 to source/sink target-alpha: Convert opcode 0x12 to source/sink target-alpha: Convert opcode 0x13 to source/sink target-alpha: Convert opcode 0x14 to source/sink target-alpha: Convert opcode 0x17 to source/sink target-alpha: Convert opcode 0x18 to source/sink target-alpha: Convert opcode 0x1A to source/sink target-alpha: Convert opcode 0x1B to source/sink target-alpha: Convert opcode 0x1C to source/sink target-alpha: Convert opcode 0x1E to source/sink target-alpha: Convert opcode 0x1F to source/sink target-alpha: Convert gen_load/store_mem to source/sink target-alpha: Convert gen_store_conditional to source/sink target-alpha: Convert gen_cmp to source/sink target-alpha: Convert ARITH3_EX to source/sink target-alpha: Convert gen_cmov to source/sink target-alpha: Convert gen_msk_h/l to source/sink target-alpha: Convert gen_ext_h/l to source/sink target-alpha: Convert gen_ins_h/l to source/sink target-alpha: Convert gen_zap/not to source/sink target-alpha: Convert FARITH2 to source/sink target-alpha: Convert FARITH3 to source/sink target-alpha: Convert ARITH3 to source/sink target-alpha: Convert MVIOP2 to source/sink target-alpha: Convert gen_ieee_input to source/sink target-alpha: Convert most ieee insns to source/sink target-alpha: Convert gen_bcond to source/sink target-alpha: Convert gen_fcmov to source/sink target-alpha: Convert gen_fcvtlq/ql to source/sink target-alpha: Convert gen_cpys et al to source/sink target-alpha: Convert mfpr/mtpr to source/sink target-alpha: Use extract to get insn fields target-alpha: Use non-local temps for zero/sink target-alpha: Don't issue goto_tb under singlestep target-alpha: Tidy alpha_translate_init target-alpha: Remove cpu_unique, cpu_sysval, cpu_usp target-alpha/fpu_helper.c |7 + target-alpha/helper.h |1 + target-alpha/translate.c | 2363 + 3 files changed, 879 insertions(+), 1492 deletions(-)
Re: [Qemu-devel] [patch 2/2] target-i386: block migration and savevm if invariant tsc is exposed
Il 22/04/2014 21:14, Eduardo Habkost ha scritto: Not for "-cpu host". If somebody needs migration to work, they shouldn't be using "-cpu host" anyway (I don't know if you have seen the other comments in my message?). I'm not entirely sure. If you have hosts with exactly identical chipsets, "-cpu host" migration will in all likelihood work. Marcelo's approach is safer. Paolo
[Qemu-devel] [PATCH 3/3] hw/arm/virt: Add support for Cortex-A57
Support the Cortex-A57 in the virt machine model.
Signed-off-by: Peter Maydell
---
hw/arm/virt.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 9c4d337..ea4f02d 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -119,6 +119,11 @@ static VirtBoardInfo machines[] = {
.irqmap = a15irqmap,
},
{
+.cpu_model = "cortex-a57",
+.memmap = a15memmap,
+.irqmap = a15irqmap,
+},
+{
.cpu_model = "host",
.memmap = a15memmap,
.irqmap = a15irqmap,
--
1.9.2
[Qemu-devel] [PATCH 2/3] hw/arm/virt: Put GIC register banks on 64K boundaries
For an AArch64 CPU which supports 64K pages, having the GIC
register banks at 4K offsets is potentially awkward. Move
them out to being at 64K offsets. (This is harmless for
AArch32 CPUs and for AArch64 CPUs with 4K pages, so it is simpler
to use the same offsets everywhere than to try to use 64K offsets
only for AArch64 host CPUs.)
Signed-off-by: Peter Maydell
---
hw/arm/virt.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index ecff256..9c4d337 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -96,10 +96,10 @@ typedef struct VirtBoardInfo {
static const MemMapEntry a15memmap[] = {
/* Space up to 0x800 is reserved for a boot ROM */
[VIRT_FLASH] = { 0, 0x800 },
-[VIRT_CPUPERIPHS] = { 0x800, 0x8000 },
+[VIRT_CPUPERIPHS] = { 0x800, 0x2 },
/* GIC distributor and CPU interfaces sit inside the CPU peripheral space
*/
-[VIRT_GIC_DIST] = { 0x8001000, 0x1000 },
-[VIRT_GIC_CPU] = { 0x8002000, 0x1000 },
+[VIRT_GIC_DIST] = { 0x800, 0x1 },
+[VIRT_GIC_CPU] = { 0x801, 0x1 },
[VIRT_UART] = { 0x900, 0x1000 },
[VIRT_MMIO] = { 0xa00, 0x200 },
/* ...repeating for a total of NUM_VIRTIO_TRANSPORTS, each of that size */
--
1.9.2
[Qemu-devel] [PATCH v3] configure: Enable TPM by default, add --disable-tpm
I don't see why tpm is disabled by default: it doesn't have any external dependencies, or change default behavior. Leaving it disabled is just going to cause it to bit rot. Enable it by default, and add a --disable-tpm option. Signed-off-by: Cole Robinson --- v2: Don't drop --enable-tpm v3: Update patch description configure | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/configure b/configure index b08afc3..976d815 100755 --- a/configure +++ b/configure @@ -320,7 +320,7 @@ virtio_blk_data_plane="" gtk="" gtkabi="2.0" vte="" -tpm="no" +tpm="yes" libssh2="" vhdx="" quorum="no" @@ -1073,6 +1073,8 @@ for opt do ;; --enable-vte) vte="yes" ;; + --disable-tpm) tpm="no" + ;; --enable-tpm) tpm="yes" ;; --disable-libssh2) libssh2="no" @@ -1343,6 +1345,7 @@ Advanced options (experts only): --disable-glusterfs disable GlusterFS backend --enable-gcovenable test coverage analysis with gcov --gcov=GCOV use specified gcov [$gcov_tool] + --disable-tpmdisable TPM support --enable-tpm enable TPM support --disable-libssh2disable ssh block device support --enable-libssh2 enable ssh block device support -- 1.9.0
[Qemu-devel] [PATCH 0/5] gtk: Misc fixes
A collection of fixes related to the gtk UI. See individual patches for details. Cole Robinson (5): configure: Re-run make if gtkabi/sdlabi is changed gtk: Fix monitor greeting gtk: Fix -serial vc gtk: Fix zoom in accelerator gtk: Fix accelerators being triggered twice with gtk3 configure | 2 ++ ui/gtk.c | 101 +- 2 files changed, 36 insertions(+), 67 deletions(-) -- 1.9.0
[Qemu-devel] [PATCH v2 12/13] tcg-sparc: Fix small 32-bit movi
We tested imm13 before discarding garbage high bits.
Signed-off-by: Richard Henderson
---
tcg/sparc/tcg-target.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/tcg/sparc/tcg-target.c b/tcg/sparc/tcg-target.c
index a977c57..1526f2c 100644
--- a/tcg/sparc/tcg-target.c
+++ b/tcg/sparc/tcg-target.c
@@ -432,6 +432,11 @@ static void tcg_out_movi(TCGContext *s, TCGType type,
{
tcg_target_long hi, lo = (int32_t)arg;
+/* Make sure we test 32-bit constants for imm13 properly. */
+if (type == TCG_TYPE_I32) {
+arg = lo;
+}
+
/* A 13-bit constant sign-extended to 64-bits. */
if (check_fit_tl(arg, 13)) {
tcg_out_movi_imm13(s, ret, arg);
--
1.9.0
[Qemu-devel] [PATCH v2] configure: Change --enable-tpm to --disable-tpm
I don't see why tpm is disabled by default: it doesn't have any external dependencies, or change default behavior. Leaving it disabled is just going to cause it to bit rot. Enable it by default, and change --enable-tpm to --disable-tpm if people still want an option to compile it out. Signed-off-by: Cole Robinson --- v2: Don't drop --enable-tpm option configure | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/configure b/configure index b08afc3..976d815 100755 --- a/configure +++ b/configure @@ -320,7 +320,7 @@ virtio_blk_data_plane="" gtk="" gtkabi="2.0" vte="" -tpm="no" +tpm="yes" libssh2="" vhdx="" quorum="no" @@ -1073,6 +1073,8 @@ for opt do ;; --enable-vte) vte="yes" ;; + --disable-tpm) tpm="no" + ;; --enable-tpm) tpm="yes" ;; --disable-libssh2) libssh2="no" @@ -1343,6 +1345,7 @@ Advanced options (experts only): --disable-glusterfs disable GlusterFS backend --enable-gcovenable test coverage analysis with gcov --gcov=GCOV use specified gcov [$gcov_tool] + --disable-tpmdisable TPM support --enable-tpm enable TPM support --disable-libssh2disable ssh block device support --enable-libssh2 enable ssh block device support -- 1.9.0
Re: [Qemu-devel] Monitor Readline - no terminal echo after exit
On Thu, Apr 24, 2014 at 3:31 AM, Markus Armbruster wrote: >> I believe someone on the list mentioned they are seeing a couple >> problems entering and exiting the Monitor. I'd like to look at this more >> closely, starting with my most pending issue: losing the terminal echo >> after exiting the Monitor. Thanks for the reply Markus. > Reproducer? I've found a couple of ways to reproduce the problem. The easiest is to use -nographic on the qemu command line when starting a qemu session. In this case the monitor opens stdio but there is no visible input or output. Another way is to use -nographic along with -mon ,mode=readline. In this case the monitor works, but when you exit from the monitor your terminal will not echo characters. For reference, here are the chardev and mon options I use: -chardev stdio,id=mon0 -mon chardev=mon0,mode=readline I see that -nographic is a deprecated option, fwiw. > The monitor runs on top of a QEMU chardev. Suggest to start digging at > monitor_init(), both into the monitor itself, and into the > CharDriverState object. Thus far I've confirmed that when the -nographic option is passed, the mon_init_func does not get called (as it does for readline mode). I know why this is, but I'm not yet sure the right way to fix it. Also, with -nographic and mon:stdio monitor_flush is called for every line entered execpt for the last line. Normally monitor_flush is called for every line including the last line, at least in readline mode. I've run out of time looking at this today, but would but would be happy if anyone has further ideas. Mike
[Qemu-devel] [PATCH v2 09/13] tcg-sparc: Don't handle mov/movi in tcg_out_op
Signed-off-by: Richard Henderson --- tcg/sparc/tcg-target.c | 13 ++--- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/tcg/sparc/tcg-target.c b/tcg/sparc/tcg-target.c index af9673f..d5d1761 100644 --- a/tcg/sparc/tcg-target.c +++ b/tcg/sparc/tcg-target.c @@ -1187,9 +1187,6 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode opc, const TCGArg *args, tcg_out_bpcc(s, COND_A, BPCC_PT, args[0]); tcg_out_nop(s); break; -case INDEX_op_movi_i32: -tcg_out_movi(s, TCG_TYPE_I32, args[0], (uint32_t)args[1]); -break; #define OP_32_64(x) \ glue(glue(case INDEX_op_, x), _i32):\ @@ -1324,9 +1321,6 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode opc, const TCGArg *args, tcg_out_qemu_st(s, args[0], args[1], args[2], args[3]); break; -case INDEX_op_movi_i64: -tcg_out_movi(s, TCG_TYPE_I64, args[0], args[1]); -break; case INDEX_op_ld32s_i64: tcg_out_ldst(s, args[0], args[1], args[2], LDSW); break; @@ -1392,8 +1386,13 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode opc, const TCGArg *args, tcg_out_arithc(s, args[0], TCG_REG_G0, args[1], const_args[1], c); break; +case INDEX_op_mov_i64: +case INDEX_op_mov_i32: +case INDEX_op_movi_i64: +case INDEX_op_movi_i32: +/* Always implemented with tcg_out_mov/i, never with tcg_out_op. */ default: -fprintf(stderr, "unknown opcode 0x%x\n", opc); +/* Opcode not implemented. */ tcg_abort(); } } -- 1.9.0
Re: [Qemu-devel] [RFC PATCH v2 00/16] visitor+BER migration format
* Markus Armbruster (arm...@redhat.com) wrote: > "Dr. David Alan Gilbert" writes: > > > * Eric Blake (ebl...@redhat.com) wrote: > >> On 04/23/2014 10:37 AM, Dr. David Alan Gilbert (git) wrote: > >> > From: "Dr. David Alan Gilbert" > >> > > >> > >> >4) At the moment you select BER output format by setting an > >> > environment > >> > variable ( export QEMUMIGFORMAT=BER ) , I need to put more thought > >> > in to the right way to do this, there are some harder questions > >> > like > >> > what happens to devices that are still using pre-vmstate encodings > >> > (that are currently sent as blobs) when they eventually convert > >> > over > >> > and thus how to keep compatibility with earlier BER output versions > >> > where they were blobs. > >> > >> I don't have good advice on how to address intra-version design (what > >> happens when an old version of BER sends a blob but a new version on the > >> receiving side expects formatted data instead of a blob), other than > >> it's going to be similar to any other intra-version design that we > >> already have to consider when upgrading from old to new qemu. > >> > >> But for how to select BER format, I _do_ have an idea: > >> > >> https://lists.gnu.org/archive/html/qemu-devel/2014-04/msg00782.html > >> > >> Basically, I think that the choice of migration format should be > >> selected via a new extended capability added to > >> migrate-set-capabilities. Setting the choice at the environment > >> variable is too inflexible (it's locked down for the duration of the > >> entire qemu process), whereas setting it via QMP is desirable (for > >> example, it would let us choose at the time of migration whether we are > >> migrating to an older host and want the old format, or migrating to a > >> file for checkpointing reasons and want the new format). > > > > Yep, that would certainly be easy to do - and I can do that for > > the next version. > > It's more the intra-version I'm worried about, primarily because I don't > > want to have to wait until every device is vmstate'd before moving this > > code forward. > > > > The one thing that the environment variable does make nice and easy, > > for dev, is using it with existing test setups - e.g. running virt-test > > in BER mode or existing mode. > > Sounds like a useful hack to speed up development, but not so much like > a useful permanent API :) Yep, I think what I'll do is go with Eric's suggestion of the migration-capability, but initialise it based on the environment variable; then I can take that out once it all settles out. Dave -- Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
[Qemu-devel] [PATCH 10/10] tests: Add EHCI qtest
Signed-off-by: Andreas Färber
---
MAINTAINERS | 1 +
tests/Makefile| 4
tests/usb-hcd-ehci-test.c | 40
3 files changed, 45 insertions(+)
create mode 100644 tests/usb-hcd-ehci-test.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 8882c31..1a4657f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -601,6 +601,7 @@ USB
M: Gerd Hoffmann
S: Maintained
F: hw/usb/*
+F: tests/usb-hcd-ehci-test.c
VFIO
M: Alex Williamson
diff --git a/tests/Makefile b/tests/Makefile
index 19f2208..b7f0aa0 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -145,6 +145,9 @@ check-qtest-i386-y += tests/i82801b11-test$(EXESUF)
gcov-files-i386-y += hw/pci-bridge/i82801b11.c
check-qtest-i386-y += tests/ioh3420-test$(EXESUF)
gcov-files-i386-y += hw/pci-bridge/ioh3420.c
+check-qtest-i386-y += tests/usb-hcd-ehci-test$(EXESUF)
+gcov-files-i386-y += hw/usb/hcd-ehci.c
+gcov-files-i386-y += hw/usb/hcd-uhci.c
check-qtest-x86_64-y = $(check-qtest-i386-y)
gcov-files-i386-y += i386-softmmu/hw/timer/mc146818rtc.c
gcov-files-x86_64-y = $(subst
i386-softmmu/,x86_64-softmmu/,$(gcov-files-i386-y))
@@ -299,6 +302,7 @@ tests/ac97-test$(EXESUF): tests/ac97-test.o
tests/es1370-test$(EXESUF): tests/es1370-test.o
tests/intel-hda-test$(EXESUF): tests/intel-hda-test.o
tests/ioh3420-test$(EXESUF): tests/ioh3420-test.o
+tests/usb-hcd-ehci-test$(EXESUF): tests/usb-hcd-ehci-test.o
tests/qemu-iotests/socket_scm_helper$(EXESUF):
tests/qemu-iotests/socket_scm_helper.o
# QTest rules
diff --git a/tests/usb-hcd-ehci-test.c b/tests/usb-hcd-ehci-test.c
new file mode 100644
index 000..bc56ba7
--- /dev/null
+++ b/tests/usb-hcd-ehci-test.c
@@ -0,0 +1,40 @@
+/*
+ * QTest testcase for USB EHCI
+ *
+ * Copyright (c) 2014 SUSE LINUX Products GmbH
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include
+#include
+#include "libqtest.h"
+#include "qemu/osdep.h"
+
+/* Tests only initialization so far. TODO: Replace with functional tests */
+static void pci_nop(void)
+{
+}
+
+int main(int argc, char **argv)
+{
+int ret;
+
+g_test_init(&argc, &argv, NULL);
+qtest_add_func("/ehci/pci/nop", pci_nop);
+
+qtest_start("-machine q35 -device ich9-usb-ehci1,bus=pcie.0,addr=1d.7,"
+"multifunction=on,id=ich9-ehci-1 "
+"-device ich9-usb-uhci1,bus=pcie.0,addr=1d.0,"
+"multifunction=on,masterbus=ich9-ehci-1.0,firstport=0 "
+"-device ich9-usb-uhci2,bus=pcie.0,addr=1d.1,"
+"multifunction=on,masterbus=ich9-ehci-1.0,firstport=2 "
+"-device ich9-usb-uhci3,bus=pcie.0,addr=1d.2,"
+"multifunction=on,masterbus=ich9-ehci-1.0,firstport=4");
+ret = g_test_run();
+
+qtest_end();
+
+return ret;
+}
--
1.8.4.5
Re: [Qemu-devel] QEMU 2.0 RC with Spice
On Wednesday 16 April 2014 10:44:36 Rick Vernam wrote: > On Wednesday 16 April 2014 07:12:16 Richard Vernam wrote: > > On Apr 16, 2014 3:07 AM, "Dr. David Alan Gilbert" > > > > wrote: > > > * Rick Vernam (rtver...@hobi.com) wrote: > > > > On Tuesday 15 April 2014 19:25:22 Rick Vernam wrote: > > > > > Looks like it's in Spice: > > > > > > > > > > > I'll see if I can build spice with debugging symbols and what not > > > > > and > > > > write > > > > > > > back with findings. Are others have problems with Qemu 2.0 RCs & > > > > Spice? > > > > > > > Here is how I started qemu with gdb: > > > > > > > > > > QEMU_AUDIO_DRV=spice > > > > > TMPDIR=/home/rick/qemu/hds gdb --args > > > > /usr/local/bin/qemu-system-x86_64 -cpu > > > > > > > host -enable-kvm \ -m 1536 -name Win7Pro64 -localtime -no-fd-bootchk > > > > -smp > > > > > > > cores=4 \ > > > > > -pidfile /home/rick/qemu/hds/win7pro64.pid \ > > > > > -drive > > > > file=/home/rick/qemu/hds/win7pro64.qed,if=virtio,index=0,snapshot=on > > > > > > > \ -vga qxl \ > > > > > -net nic,model=virtio -net user \ > > > > > -device > > > > virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x5 > > > > > > > \ -chardev spicevmc,name=vdagent,id=vdagent \ > > > > > -device > > > > virtserialport,nr=1,bus=virtio-serial0.0,chardev=vdagent,name=com.redhat.s > > p > > > > > > > ice.0 \ -spice port=1247,disable-ticketing \ > > > > > -monitor telnet:localhost:12471,server,nowait \ > > > > > -drive if=none,id=cd,file=/dev/sg1 \ > > > > > -device virtio-scsi-pci,id=scsi \ > > > > > -device scsi-generic,drive=cd \ > > > > > -balloon virtio \ > > > > > -soundhw hda \ > > > > > -device usb-ehci > > > > > > > > > > > > > > > Thanks, > > > > > -Rick > > > > > > > > > > On Tuesday 15 April 2014 15:22:04 Dr. David Alan Gilbert wrote: > > > > > > * Rick Vernam (rtver...@hobi.com) wrote: > > > > > > > I have been trying out the 2.0 RCs, and I've noticed that when I > > > > use > > > > > > > > > spice > > > > > > > qemu aborts when I reboot the VM. This occurs on Win XP guest, > > > > Win 7 > > > > > > > > > (64-bit) guest and Win 8 (64-bit) guest. > > > > > > > Is this something that anybody else experiences? > > > > > > > I don't care to divert anybody's energy if this a spice thing - > > > > how best > > > > > > > > > to > > > > > > > determine this? > > > > > > > > > > > > You say qemu aborts; can you get a backtrace and the abort > > > > > > message? > > > > > > > > > > > > Dave > > > > > > -- > > > > > > Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK > > > > > > > > sorry, for top posting my last response. and also sorry for not > > > > noticing that I had let the binaries get stripped previously. > > > > > > Here with qemu-system-x86_64 not stripped, and spice lib not stripped: > > > > > > > > Program received signal SIGSEGV, Segmentation fault. > > > > 0x7211eae5 in spice_char_device_write_to_device > > > > (dev=0x5687bcf0) at char_device.c:443 > > > > > > 443 sif = SPICE_CONTAINEROF(dev->sin->base.sif, > > > > SpiceCharDeviceInterface, base); > > > > > > (gdb) bt > > > > #0 0x7211eae5 in spice_char_device_write_to_device > > > > (dev=0x5687bcf0) at char_device.c:443 > > > > > > #1 0x7211fd81 in spice_char_device_start (dev=0x5687bcf0) > > > > at char_device.c:798 > > > > > > #2 0x72171f95 in spice_server_vm_start (s=0x561d4360) at > > > > reds.c:4520 > > > > > > #3 0x556a1119 in qdev_reset_one (dev=, > > > > opaque=) at hw/core/qdev.c:240 > > > > > > #4 0x556a0958 in qbus_walk_children (bus=0x567576a0, > > > > pre_devfn=0x0, pre_busfn=0x0, post_devfn=0x556a1100 , > > post_busfn=0x5569f060 , opaque=0x0) at > > hw/core/qdev.c:369 > > > > > > #5 0x556a0878 in qdev_walk_children (dev=0x5677c0b0, > > > > pre_devfn=0x0, pre_busfn=0x0, post_devfn=0x556a1100 , > > post_busfn=0x5569f060 , opaque=0x0) at > > hw/core/qdev.c:403 > > > > > > #6 0x556a0958 in qbus_walk_children (bus=0x567459c0, > > > > pre_devfn=0x0, pre_busfn=0x0, post_devfn=0x556a1100 , > > post_busfn=0x5569f060 , opaque=0x0) at > > hw/core/qdev.c:369 > > > > > > #7 0x557d717a in qemu_devices_reset () at vl.c:1867 > > > > #8 qemu_system_reset (report=report@entry=true) at vl.c:1880 > > > > #9 0x555f9e2f in main_loop_should_exit () at vl.c:2015 > > > > #10 main_loop () at vl.c:2055 > > > > #11 main (argc=, argv=, envp= > > > out>) at vl.c:4507 > > > > > > Thanks, and what can I do to provide more info? > > > > > > I don't know much about spice; I've added kra...@redhat.com to cc who > > > > knows spice. > > > > > Can you clarify a bit more about which spice version you're using and > > > > anything else > > > > > about your setup that might be relevant. > > > > > > Dave > > > -- > > > Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK > > > > Spice is 0.12.4 via Gentoo, which makes
Re: [Qemu-devel] [PATCH] qemu-iotests: Improve and make use of QMPTestCase.wait_until_completed()
On Wed, Apr 02, 2014 at 01:54:07PM +0800, Fam Zheng wrote: > This eliminates code duplication. > > Signed-off-by: Fam Zheng > --- > tests/qemu-iotests/030| 50 > +-- > tests/qemu-iotests/056| 9 +--- > tests/qemu-iotests/iotests.py | 5 +++-- > 3 files changed, 9 insertions(+), 55 deletions(-) Thanks, applied to my block tree: https://github.com/stefanha/qemu/commits/block Stefan
[Qemu-devel] [PATCH 5/5] iscsi: Don't use error_is_set() to suppress additional errors
Using error_is_set(errp) that way can sweep programming errors under
the carpet when we get called incorrectly with an error set.
Commit 24d3bd6 added a broken error path to iscsi_do_inquiry(): it
first calls error_setg(), then jumps to the preexisting error label,
where error_setg() gets called again, triggering an assertion failure.
Commit cbee81f fixed this by guarding the second error_setg() with an
error_is_set().
Replace this fix by a simpler and safer one: jump right behind the
second error_setg().
Signed-off-by: Markus Armbruster
---
block/iscsi.c | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/block/iscsi.c b/block/iscsi.c
index f425573..f78e678 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -1095,16 +1095,15 @@ static struct scsi_task *iscsi_do_inquiry(struct
iscsi_context *iscsi, int lun,
*inq = scsi_datain_unmarshall(task);
if (*inq == NULL) {
error_setg(errp, "iSCSI: failed to unmarshall inquiry datain blob");
-goto fail;
+goto fail_with_err;
}
return task;
fail:
-if (!error_is_set(errp)) {
-error_setg(errp, "iSCSI: Inquiry command failed : %s",
- iscsi_get_error(iscsi));
-}
+error_setg(errp, "iSCSI: Inquiry command failed : %s",
+ iscsi_get_error(iscsi));
+fail_with_err:
if (task != NULL) {
scsi_free_scsi_task(task);
}
--
1.8.1.4
Re: [Qemu-devel] [PATCH v5 07/12] qemu-img: Empty images after commit
Am 24.04.2014 um 16:54 hat Max Reitz geschrieben: > On 23.04.2014 11:32, Kevin Wolf wrote: > >Am 22.04.2014 um 18:22 hat Max Reitz geschrieben: > >>On 22.04.2014 17:19, Eric Blake wrote: > >>>On 04/17/2014 03:59 PM, Max Reitz wrote: > After the top image has been committed into an image in its backing > chain, all images above that base image should be emptied to restore the > old qemu-img commit behavior. > > Signed-off-by: Max Reitz > --- > qemu-img.c | 87 > +++--- > 1 file changed, 84 insertions(+), 3 deletions(-) > >>>Does emptying an image take significant time? If so, does that need to > >>>be reflected in the progress meter? > >>For a 16 GB image I have here (should be nearly full) it took 1:22 > >>min. Copying it took six minutes, so I guess committing it would > >>take even more. I think the ratio is small enough not to include it > >>in the progress meter. > >Did you check why it took that long? Sounds like we're issuing a lot of > >independent discard requests instead of few big ones. Is the image > >heavily fragmented? > > Indeed it is, judging from qemu-img map. I see. But even that should be handled by the discard caching mechanism in qcow2, so that it should still merge most requests, even if it has to issue a few separate ones. I think some more in-depth debugging wouldn't hurt. Kevin
[Qemu-devel] [PATCH v2 04/13] tcg-sparc: Support trunc_shr_i32
Unlike a 64-bit shift op, allows the output to be in %l or %i registers
for sparcv8plus.
Signed-off-by: Richard Henderson
---
tcg/sparc/tcg-target.c | 8
tcg/sparc/tcg-target.h | 2 +-
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/tcg/sparc/tcg-target.c b/tcg/sparc/tcg-target.c
index f1226ab..4287bbe 100644
--- a/tcg/sparc/tcg-target.c
+++ b/tcg/sparc/tcg-target.c
@@ -1482,6 +1482,13 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc, const TCGArg *args,
case INDEX_op_ext32u_i64:
tcg_out_arithi(s, args[0], args[1], 0, SHIFT_SRL);
break;
+case INDEX_op_trunc_shr_i32:
+if (args[2] == 0) {
+tcg_out_mov(s, TCG_TYPE_I32, args[0], args[1]);
+} else {
+tcg_out_arithi(s, args[0], args[1], args[2], SHIFT_SRLX);
+}
+break;
case INDEX_op_brcond_i64:
tcg_out_brcond_i64(s, args[2], args[0], args[1], const_args[1],
@@ -1593,6 +1600,7 @@ static const TCGTargetOpDef sparc_op_defs[] = {
{ INDEX_op_ext32s_i64, { "r", "r" } },
{ INDEX_op_ext32u_i64, { "r", "r" } },
+{ INDEX_op_trunc_shr_i32, { "r", "r" } },
{ INDEX_op_brcond_i64, { "rZ", "rJ" } },
{ INDEX_op_setcond_i64, { "r", "rZ", "rJ" } },
diff --git a/tcg/sparc/tcg-target.h b/tcg/sparc/tcg-target.h
index f44739f..61fd6b8 100644
--- a/tcg/sparc/tcg-target.h
+++ b/tcg/sparc/tcg-target.h
@@ -117,7 +117,7 @@ typedef enum {
#define TCG_TARGET_HAS_mulsh_i320
#if TCG_TARGET_REG_BITS == 64
-#define TCG_TARGET_HAS_trunc_shr_i320
+#define TCG_TARGET_HAS_trunc_shr_i321
#define TCG_TARGET_HAS_div_i64 1
#define TCG_TARGET_HAS_rem_i64 0
#define TCG_TARGET_HAS_rot_i64 0
--
1.9.0
Re: [Qemu-devel] memory allocation of migration changed?
* Stefan Hajnoczi (stefa...@gmail.com) wrote: > On Tue, Feb 11, 2014 at 07:30:54PM +0100, Stefan Priebe wrote: > > Am 11.02.2014 16:44, schrieb Stefan Hajnoczi: > > >On Tue, Feb 11, 2014 at 3:54 PM, Stefan Priebe - Profihost AG > > > wrote: > > >>in the past (Qemu 1.5) a migration failed if there was not enogh memory > > >>on the target host available directly at the beginning. > > >> > > >>Now with Qemu 1.7 i've seen succeeded migrations but the kernel OOM > > >>memory killer killing qemu processes. So the migration seems to takes > > >>place without having anough memory on the target machine? > > > > > >How much memory is the guest configured with? How much memory does > > >the host have? > > > > Guest: 48GB > > Host: 192GB > > > > >I wonder if there are zero pages that can be migrated almost "for > > >free" and the destination host doesn't touch. When they are touched > > >for the first time after migration handover, they need to be allocated > > >on the destination host. This can lead to OOM if you overcommitted > > >memory. > > > > In the past the migration failed immediatly with exit code 255. > > > > >Can you reproduce the OOM reliably? It should be possible to debug it > > >and figure out whether it's just bad luck or a true regression. > > > > So there is no known patch changing this behaviour? > > > > What is about those? > > fc1c4a5d32e15a4c40c47945da85ef9c1e0c1b54 > > 211ea74022f51164a7729030b28eec90b6c99a08 > > f1c72795af573b24a7da5eb52375c9aba8a37972 > > Yes, that's what I was referring to when I mentioned zero pages. > > The problem might just be that the destination host didn't have enough > free memory. Migration succeeded due to memory overcommit on the host, > but quickly ran out of memory after handover. The quick answer there is > to reconsider your overcommitting memory and also checking memory > availability before live migrating. When you said 'in the past (Qemu 1.5)' is that actual 1.5 release? I ask because a bit of bisecting leads me to 7dda5dc82a776a39a799 'migration: initialize RAM to zero' (16th April 2013 slightly before 1.5.0 time) - Although I think it's effect maybe just to make these previous changes have the effect they were intended to. So if the behaviour you're seeing is between 1.5/1.7 then it's something else I think one of the ways to think about it is that previously you could start a guest on a host relying on overcommit (although it might OOM) but you were unlikely to be able to migrate it in to a host with overcommit because it would write all it's 0 pages. However, if you're seeing the difference between a 1.5 release and 1.7 then maybe it's something more subtle. Dave -- Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
Re: [Qemu-devel] [PATCH v2 1/4] acpi/pcihp.c: Rewrite acpi_pcihp_get_bsel using object_property_get_int
On Thu, Apr 24, 2014 at 06:15:56PM +0400, Kirill Batuzov wrote:
> acpi_pcihp_get_bsel implements functionality of object_property_get_int for
> specific property named ACPI_PCIHP_PROP_BSEL, but fails to decrement object's
> reference counter properly. Rewriting it using generic object_property_get_int
> serves two purposes: reducing code duplication and fixing memory leak.
>
> Signed-off-by: Kirill Batuzov
Applied this and 2/4. Thanks!
> ---
> hw/acpi/pcihp.c | 18 ++
> 1 file changed, 10 insertions(+), 8 deletions(-)
>
> v1 -> v2:
> Keep acpi_pcihp_get_bsel, but rewrite it using object_property_get_int and
> validate returned value.
>
> diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
> index f80c480..3b143b3 100644
> --- a/hw/acpi/pcihp.c
> +++ b/hw/acpi/pcihp.c
> @@ -63,16 +63,18 @@ typedef struct AcpiPciHpFind {
>
> static int acpi_pcihp_get_bsel(PCIBus *bus)
> {
> -QObject *o = object_property_get_qobject(OBJECT(bus),
> - ACPI_PCIHP_PROP_BSEL, NULL);
> -int64_t bsel = -1;
> -if (o) {
> -bsel = qint_get_int(qobject_to_qint(o));
> -}
> -if (bsel < 0) {
> +Error *local_err = NULL;
> +int64_t bsel = object_property_get_int(OBJECT(bus), ACPI_PCIHP_PROP_BSEL,
> + &local_err);
> +
> +if (local_err || bsel < 0 || bsel >= ACPI_PCIHP_MAX_HOTPLUG_BUS) {
> +if (local_err) {
> +error_free(local_err);
> +}
> return -1;
> +} else {
> +return bsel;
> }
> -return bsel;
> }
>
> static void acpi_pcihp_test_hotplug_bus(PCIBus *bus, void *opaque)
> --
> 1.7.10.4
[Qemu-devel] [PATCH v2 13/13] tcg-sparc: Accept stores of zero
Signed-off-by: Richard Henderson
---
tcg/sparc/tcg-target.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tcg/sparc/tcg-target.c b/tcg/sparc/tcg-target.c
index 1526f2c..5468ff5 100644
--- a/tcg/sparc/tcg-target.c
+++ b/tcg/sparc/tcg-target.c
@@ -1470,8 +1470,8 @@ static const TCGTargetOpDef sparc_op_defs[] = {
{ INDEX_op_qemu_ld_i32, { "r", "A" } },
{ INDEX_op_qemu_ld_i64, { "R", "A" } },
-{ INDEX_op_qemu_st_i32, { "s", "A" } },
-{ INDEX_op_qemu_st_i64, { "S", "A" } },
+{ INDEX_op_qemu_st_i32, { "sZ", "A" } },
+{ INDEX_op_qemu_st_i64, { "SZ", "A" } },
{ -1 },
};
--
1.9.0
Re: [Qemu-devel] [PATCH 1/3] virtio: Introduce VirtIODevice.broken
On Thu, Apr 24, 2014 at 11:19:14AM +0800, Fam Zheng wrote:
> On Wed, 04/23 10:17, Michael S. Tsirkin wrote:
> > On Tue, Apr 22, 2014 at 04:55:15PM +0800, Fam Zheng wrote:
> > > If guest driver behaves abnormally, emulation code could mark the device
> > > as "broken".
> > >
> > > Once "broken" is set, device emulation will typically wait for a reset
> > > command and ignore any other operations, but it could also return error
> > > responds. In other words, whether and how does guest know about this
> > > error status is device specific.
> > >
> > > Signed-off-by: Fam Zheng
> >
> > We really need a flag to notify guest about this state though.
> > We should add this in virtio 1.0.
> > For now, how about clearing DRIVER_OK?
>
> >From Public Review Draft 02:
>
> DRIVER_OK (4) Indicates that the driver is set up and ready to drive the
> device.
>
> Does clearing it here have any effect on guest behavior?
>
> We could add a DEVICE_OK bit and let the driver check it before passing vq.
Could you please send this suggestion as review comment on the draft?
We'll take it from here.
> > This way we don't need to touch so much code.
>
> Don't understand how clearing DRIVER_OK can avoid exit(). Could you explain a
> bit?
>
> Thanks,
> Fam
>
> >
> > > ---
> > > hw/virtio/virtio.c | 12
> > > include/hw/virtio/virtio.h | 3 +++
> > > 2 files changed, 15 insertions(+)
> > >
> > > diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
> > > index aeabf3a..222bb73 100644
> > > --- a/hw/virtio/virtio.c
> > > +++ b/hw/virtio/virtio.c
> > > @@ -538,6 +538,16 @@ void virtio_set_status(VirtIODevice *vdev, uint8_t
> > > val)
> > > vdev->status = val;
> > > }
> > >
> > > +bool virtio_broken(VirtIODevice *vdev)
> > > +{
> > > +return vdev->broken;
> > > +}
> > > +
> > > +void virtio_set_broken(VirtIODevice *vdev)
> > > +{
> > > +vdev->broken = true;
> > > +}
> > > +
> > > void virtio_reset(void *opaque)
> > > {
> > > VirtIODevice *vdev = opaque;
> > > @@ -554,6 +564,7 @@ void virtio_reset(void *opaque)
> > > vdev->queue_sel = 0;
> > > vdev->status = 0;
> > > vdev->isr = 0;
> > > +vdev->broken = false;
> > > vdev->config_vector = VIRTIO_NO_VECTOR;
> > > virtio_notify_vector(vdev, vdev->config_vector);
> > >
> > > @@ -995,6 +1006,7 @@ void virtio_init(VirtIODevice *vdev, const char
> > > *name,
> > > vdev->status = 0;
> > > vdev->isr = 0;
> > > vdev->queue_sel = 0;
> > > +vdev->broken = 0;
> > > vdev->config_vector = VIRTIO_NO_VECTOR;
> > > vdev->vq = g_malloc0(sizeof(VirtQueue) * VIRTIO_PCI_QUEUE_MAX);
> > > vdev->vm_running = runstate_is_running();
> > > diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
> > > index 3e54e90..5b16faa 100644
> > > --- a/include/hw/virtio/virtio.h
> > > +++ b/include/hw/virtio/virtio.h
> > > @@ -121,6 +121,7 @@ struct VirtIODevice
> > > bool vm_running;
> > > VMChangeStateEntry *vmstate;
> > > char *bus_name;
> > > +bool broken;
> > > };
> > >
> > > typedef struct VirtioDeviceClass {
> > > @@ -211,6 +212,8 @@ void virtio_queue_notify(VirtIODevice *vdev, int n);
> > > uint16_t virtio_queue_vector(VirtIODevice *vdev, int n);
> > > void virtio_queue_set_vector(VirtIODevice *vdev, int n, uint16_t vector);
> > > void virtio_set_status(VirtIODevice *vdev, uint8_t val);
> > > +void virtio_set_broken(VirtIODevice *vdev);
> > > +bool virtio_broken(VirtIODevice *vdev);
> > > void virtio_reset(void *opaque);
> > > void virtio_update_irq(VirtIODevice *vdev);
> > > int virtio_set_features(VirtIODevice *vdev, uint32_t val);
> > > --
> > > 1.9.2
[Qemu-devel] [PATCH 0/3] hw/arm/virt: Support Cortex-A57
This patchset wires up our new Cortex-A57 emulation into the "virt" machine model. Rather than the somewhat hacky approach in the previous system emulation patchsets, I've decided that our best approach is to have the board model create the GIC itself. This essentially corresponds to modelling a board with a standalone GIC -- you can see this in some real hardware which uses a GIC-400. I think this makes more sense than either borrowing the a15mpcore_priv device, or creating an a57mpcore_priv device (since the A57 does not actually have a built-in GICv2). To handle hosts with 64K pages in KVM mode, we need to amke sure our GIC puts its GICC and GICD at 64K boundaries (so that the host kernel can map a 64K host page with the host GICV in as the guest GICC). For consistency, we make the 'virt' machine's GIC the same for all supported CPUs; 32 bit CPUs don't need the 64K spacing, but they don't object to it either, and it's simpler to use the same memory map for everything rather than fiddle with it based on CPU features. Peter Maydell (3): hw/arm/virt: Create the GIC ourselves rather than (ab)using a15mpcore_priv hw/arm/virt: Put GIC register banks on 64K boundaries hw/arm/virt: Add support for Cortex-A57 hw/arm/virt.c | 93 +++ 1 file changed, 61 insertions(+), 32 deletions(-) -- 1.9.2
[Qemu-devel] [PATCH v2 00/13] tcg/sparc v8plus code generation
Our 32-bit build for sparc has been requiring a 64-bit capable chip for about 2 years now, by way of requiring move-conditional and LE memory instructions. But we've mostly been generating 32-bit code otherwise. This patch set changes things so that we make full use of the cpu. The sparcv8plus code model requires that 64-bit data be kept only in the %g and %o registers. These are saved by the kernel in full 64-bit slots somewhere. Whereas the %i and %l registers are saved via the register window mechanism, and as part of the 32-bit ABI we've only allocated 32-bits of stack for storing these. Since the register window can roll at any time, due to signals and interrupts, we must consider the high bits of %i and %l to be garbage. This implies that we must treat 32-bit and 64-bit quantities differently. For the most part, TCG is good with that. The one case where that falls down, however, is when we frob data between widths. Thus the addition of the trunc_shr_i32 opcode. This new opcode, or something like it, would have been required if we ever got around to supporting MIPS64 code generation, where 32-bit quantities must remain sign-extended in the 64-bit register at all times. In the case of sparcv8plus, we can get what we need out of the opcode merely by setting its register constraints properly. --- Changed v1-v2: * Renamed the trunc_i32 opcode based on feedback from Stuart Brady, though I didn't use the full trunc_shr_i64_i32 name he suggested. * Dropped patch 13/14, as that's now handled with a change to pass a TCGType to tcg_target_const_match, now on mainline. r~ Richard Henderson (13): tcg: Fix missed pointer size != TCG_TARGET_REG_BITS changes tcg: Add INDEX_op_trunc_shr_i32 tcg-sparc: Remove most uses of TCG_TARGET_REG_BITS tcg-sparc: Support trunc_shr_i32 tcg-sparc: Use 64-bit registers with sparcv8plus tcg-sparc: Use the RETURN instruction tcg-sparc: Implement muls2_i32 tcg-sparc: Tidy check_fit_* tests tcg-sparc: Don't handle mov/movi in tcg_out_op tcg-sparc: Hoist common argument loads in tcg_out_op tcg-sparc: Fixup function argument types tcg-sparc: Fix small 32-bit movi tcg-sparc: Accept stores of zero include/exec/def-helper.h | 2 +- tcg/README| 5 + tcg/aarch64/tcg-target.h | 1 + tcg/i386/tcg-target.h | 1 + tcg/ia64/tcg-target.h | 1 + tcg/optimize.c| 16 + tcg/ppc64/tcg-target.h| 1 + tcg/s390/tcg-target.h | 1 + tcg/sparc/tcg-target.c| 842 +++--- tcg/sparc/tcg-target.h| 17 +- tcg/tcg-op.h | 54 ++- tcg/tcg-opc.h | 4 + tcg/tcg.c | 80 - tcg/tcg.h | 1 + tcg/tci/tcg-target.h | 1 + 15 files changed, 498 insertions(+), 529 deletions(-) -- 1.9.0
[Qemu-devel] [PATCH v2 11/13] tcg-sparc: Fixup function argument types
Use TCGReg everywhere appropriate. Use int32_t for all arguments
that may be registers or immediate constants. Merge tcg_out_addi
into its only caller.
Signed-off-by: Richard Henderson
---
tcg/sparc/tcg-target.c | 117 +
1 file changed, 51 insertions(+), 66 deletions(-)
diff --git a/tcg/sparc/tcg-target.c b/tcg/sparc/tcg-target.c
index 655e435..a977c57 100644
--- a/tcg/sparc/tcg-target.c
+++ b/tcg/sparc/tcg-target.c
@@ -390,22 +390,20 @@ static inline int tcg_target_const_match(tcg_target_long
val, TCGType type,
}
}
-static inline void tcg_out_arith(TCGContext *s, int rd, int rs1, int rs2,
- int op)
+static inline void tcg_out_arith(TCGContext *s, TCGReg rd, TCGReg rs1,
+ TCGReg rs2, int op)
{
-tcg_out32(s, op | INSN_RD(rd) | INSN_RS1(rs1) |
- INSN_RS2(rs2));
+tcg_out32(s, op | INSN_RD(rd) | INSN_RS1(rs1) | INSN_RS2(rs2));
}
-static inline void tcg_out_arithi(TCGContext *s, int rd, int rs1,
- uint32_t offset, int op)
+static inline void tcg_out_arithi(TCGContext *s, TCGReg rd, TCGReg rs1,
+ int32_t offset, int op)
{
-tcg_out32(s, op | INSN_RD(rd) | INSN_RS1(rs1) |
- INSN_IMM13(offset));
+tcg_out32(s, op | INSN_RD(rd) | INSN_RS1(rs1) | INSN_IMM13(offset));
}
-static void tcg_out_arithc(TCGContext *s, int rd, int rs1,
- int val2, int val2const, int op)
+static void tcg_out_arithc(TCGContext *s, TCGReg rd, TCGReg rs1,
+ int32_t val2, int val2const, int op)
{
tcg_out32(s, op | INSN_RD(rd) | INSN_RS1(rs1)
| (val2const ? INSN_IMM13(val2) : INSN_RS2(val2)));
@@ -419,12 +417,12 @@ static inline void tcg_out_mov(TCGContext *s, TCGType
type,
}
}
-static inline void tcg_out_sethi(TCGContext *s, int ret, uint32_t arg)
+static inline void tcg_out_sethi(TCGContext *s, TCGReg ret, uint32_t arg)
{
tcg_out32(s, SETHI | INSN_RD(ret) | ((arg & 0xfc00) >> 10));
}
-static inline void tcg_out_movi_imm13(TCGContext *s, int ret, uint32_t arg)
+static inline void tcg_out_movi_imm13(TCGContext *s, TCGReg ret, int32_t arg)
{
tcg_out_arithi(s, ret, TCG_REG_G0, arg, ARITH_OR);
}
@@ -471,14 +469,14 @@ static void tcg_out_movi(TCGContext *s, TCGType type,
}
}
-static inline void tcg_out_ldst_rr(TCGContext *s, int data, int a1,
- int a2, int op)
+static inline void tcg_out_ldst_rr(TCGContext *s, TCGReg data, TCGReg a1,
+ TCGReg a2, int op)
{
tcg_out32(s, op | INSN_RD(data) | INSN_RS1(a1) | INSN_RS2(a2));
}
-static inline void tcg_out_ldst(TCGContext *s, int ret, int addr,
-int offset, int op)
+static void tcg_out_ldst(TCGContext *s, TCGReg ret, TCGReg addr,
+ intptr_t offset, int op)
{
if (check_fit_ptr(offset, 13)) {
tcg_out32(s, op | INSN_RD(ret) | INSN_RS1(addr) |
@@ -501,40 +499,24 @@ static inline void tcg_out_st(TCGContext *s, TCGType
type, TCGReg arg,
tcg_out_ldst(s, arg, arg1, arg2, (type == TCG_TYPE_I32 ? STW : STX));
}
-static inline void tcg_out_ld_ptr(TCGContext *s, TCGReg ret, uintptr_t arg)
+static void tcg_out_ld_ptr(TCGContext *s, TCGReg ret, uintptr_t arg)
{
-TCGReg base = TCG_REG_G0;
-if (!check_fit_ptr(arg, 10)) {
-tcg_out_movi(s, TCG_TYPE_PTR, ret, arg & ~0x3ff);
-base = ret;
-}
-tcg_out_ld(s, TCG_TYPE_PTR, ret, base, arg & 0x3ff);
+tcg_out_movi(s, TCG_TYPE_PTR, ret, arg & ~0x3ff);
+tcg_out_ld(s, TCG_TYPE_PTR, ret, ret, arg & 0x3ff);
}
-static inline void tcg_out_sety(TCGContext *s, int rs)
+static inline void tcg_out_sety(TCGContext *s, TCGReg rs)
{
tcg_out32(s, WRY | INSN_RS1(TCG_REG_G0) | INSN_RS2(rs));
}
-static inline void tcg_out_rdy(TCGContext *s, int rd)
+static inline void tcg_out_rdy(TCGContext *s, TCGReg rd)
{
tcg_out32(s, RDY | INSN_RD(rd));
}
-static inline void tcg_out_addi(TCGContext *s, int reg, tcg_target_long val)
-{
-if (val != 0) {
-if (check_fit_tl(val, 13))
-tcg_out_arithi(s, reg, reg, val, ARITH_ADD);
-else {
-tcg_out_movi(s, TCG_TYPE_PTR, TCG_REG_T1, val);
-tcg_out_arith(s, reg, reg, TCG_REG_T1, ARITH_ADD);
-}
-}
-}
-
-static void tcg_out_div32(TCGContext *s, int rd, int rs1,
- int val2, int val2const, int uns)
+static void tcg_out_div32(TCGContext *s, TCGReg rd, TCGReg rs1,
+ int32_t val2, int val2const, int uns)
{
/* Load Y with the sign/zero extension of RS1 to 64-bits. */
if (uns) {
@@ -595,37 +577,37 @@ static void tcg_out_bpcc(TCGContext *s, int scond, int
flags, int label)
tcg_out_bpcc0(s, scond, flags, off19);
}
-static void tcg_out_cmp(TCGContext *s, TCGArg c1, TCGArg c2, int c2const)
+stat
[Qemu-devel] [PATCH 3/3] libvixl: fix 64bit constants usage
From: Michael Tokarev
Cherry-pick QEMU commit 0dbcf95a1, because it is still needed
for libvixl 1.3:
disas/libvixl/ contains functions which uses 64bit constants
without using appropriate suffixes, which fails on 32bits.
Fix this by using ULL suffix.
Signed-off-by: Michael Tokarev
Reviewed-by: Peter Maydell
Signed-off-by: Peter Maydell
---
disas/libvixl/a64/disasm-a64.cc | 16
disas/libvixl/utils.cc | 20 +---
2 files changed, 21 insertions(+), 15 deletions(-)
diff --git a/disas/libvixl/a64/disasm-a64.cc b/disas/libvixl/a64/disasm-a64.cc
index 4a2a6df..94b0063 100644
--- a/disas/libvixl/a64/disasm-a64.cc
+++ b/disas/libvixl/a64/disasm-a64.cc
@@ -269,19 +269,19 @@ bool Disassembler::IsMovzMovnImm(unsigned reg_size,
uint64_t value) {
((reg_size == kWRegSize) && (value <= 0x)));
// Test for movz: 16 bits set at positions 0, 16, 32 or 48.
- if (((value & 0x) == 0) ||
- ((value & 0x) == 0) ||
- ((value & 0x) == 0) ||
- ((value & 0x) == 0)) {
+ if (((value & 0xULL) == 0ULL) ||
+ ((value & 0xULL) == 0ULL) ||
+ ((value & 0xULL) == 0ULL) ||
+ ((value & 0xULL) == 0ULL)) {
return true;
}
// Test for movn: NOT(16 bits set at positions 0, 16, 32 or 48).
if ((reg_size == kXRegSize) &&
- (((value & 0x) == 0x) ||
- ((value & 0x) == 0x) ||
- ((value & 0x) == 0x) ||
- ((value & 0x) == 0x))) {
+ (((value & 0xULL) == 0xULL) ||
+ ((value & 0xULL) == 0xULL) ||
+ ((value & 0xULL) == 0xULL) ||
+ ((value & 0xULL) == 0xULL))) {
return true;
}
if ((reg_size == kWRegSize) &&
diff --git a/disas/libvixl/utils.cc b/disas/libvixl/utils.cc
index 6e3aa71..e6e2516 100644
--- a/disas/libvixl/utils.cc
+++ b/disas/libvixl/utils.cc
@@ -95,7 +95,7 @@ int CountSetBits(uint64_t value, int width) {
VIXL_ASSERT((width == 32) || (width == 64));
// Mask out unused bits to ensure that they are not counted.
- value &= (0x >> (64-width));
+ value &= (0xULL >> (64-width));
// Add up the set bits.
// The algorithm works by adding pairs of bit fields together iteratively,
@@ -108,12 +108,18 @@ int CountSetBits(uint64_t value, int width) {
// value = h+g+f+e d+c+b+a
// \ |
// value = h+g+f+e+d+c+b+a
- value = ((value >> 1) & 0x) + (value & 0x);
- value = ((value >> 2) & 0x) + (value & 0x);
- value = ((value >> 4) & 0x0f0f0f0f0f0f0f0f) + (value & 0x0f0f0f0f0f0f0f0f);
- value = ((value >> 8) & 0x00ff00ff00ff00ff) + (value & 0x00ff00ff00ff00ff);
- value = ((value >> 16) & 0x) + (value & 0x);
- value = ((value >> 32) & 0x) + (value & 0x);
+ value = ((value >> 1) & 0xULL) +
+ (value & 0xULL);
+ value = ((value >> 2) & 0xULL) +
+ (value & 0xULL);
+ value = ((value >> 4) & 0x0f0f0f0f0f0f0f0fULL) +
+ (value & 0x0f0f0f0f0f0f0f0fULL);
+ value = ((value >> 8) & 0x00ff00ff00ff00ffULL) +
+ (value & 0x00ff00ff00ff00ffULL);
+ value = ((value >> 16) & 0xULL) +
+ (value & 0xULL);
+ value = ((value >> 32) & 0xULL) +
+ (value & 0xULL);
return value;
}
--
1.9.2
Re: [Qemu-devel] [PATCH] block: prefer protocol_name over format_name in bdrv_iterate_format
On Tue, Apr 15, 2014 at 04:00:54PM +0200, Kevin Wolf wrote: > Am 15.04.2014 um 15:28 hat Jeff Cody geschrieben: > > Some block drivers have multiple BlockDriver instances with identical > > format_name fields (e.g. gluster, nbd). In those cases, the > > protocol_name is usually the more unique identifier (e.g. gluster+tcp). > > > > Both qemu-img and qemu will use bdrv_iterate_format() to list the > > supported formats when a help option is invoked. When just the > > format_name is used, redundant listings of formats occur (e.g., > > "Supported formats: ... gluster gluster gluster gluster ... "). > > > > If we prefer the protocol_name over the format_name (when the > > protocol name exists), then that provides a more informative > > help message: > > > > "Supported formats: ... gluster gluster+tcp gluster+unix > > gluster+rdma ... " > > > > Signed-off-by: Jeff Cody > > On the other hand, it means that you can't take any driver name from > here as use it as -drive driver=... value any more. I think this change is problematic because of this. It doesn't make sense that "Supported formats" lists names that actually bdrv_find_format() is unable to find. blockdev_init()'s format= code will break if we make this change. How about we change bdrv_iterate_format() to process unique format names only? It doesn't make sense to process duplicate format names since the callback function has no way of identifying the specific BlockDriver from just the duplicate format name argument. Stefan
[Qemu-devel] [PATCH v2 02/13] tcg: Add INDEX_op_trunc_shr_i32
Let the backend do something special for truncation.
Cc: Stuart Brady
Signed-off-by: Richard Henderson
---
tcg/README | 5 +
tcg/aarch64/tcg-target.h | 1 +
tcg/i386/tcg-target.h| 1 +
tcg/ia64/tcg-target.h| 1 +
tcg/optimize.c | 16
tcg/ppc64/tcg-target.h | 1 +
tcg/s390/tcg-target.h| 1 +
tcg/sparc/tcg-target.h | 1 +
tcg/tcg-op.h | 50
tcg/tcg-opc.h| 4
tcg/tcg.h| 1 +
tcg/tci/tcg-target.h | 1 +
12 files changed, 67 insertions(+), 16 deletions(-)
diff --git a/tcg/README b/tcg/README
index 776e925..a550ff1 100644
--- a/tcg/README
+++ b/tcg/README
@@ -314,6 +314,11 @@ This operation would be equivalent to
dest = (t1 & ~0x0f00) | ((t2 << 8) & 0x0f00)
+* trunc_shr_i32 t0, t1, pos
+
+For 64-bit hosts only, right shift the 64-bit input T1 by POS and
+truncate to 32-bit output T0. Depending on the host, this may be
+a simple mov/shift, or may require additional canonicalization.
* Conditional moves
diff --git a/tcg/aarch64/tcg-target.h b/tcg/aarch64/tcg-target.h
index eff1d68..a1d4322 100644
--- a/tcg/aarch64/tcg-target.h
+++ b/tcg/aarch64/tcg-target.h
@@ -68,6 +68,7 @@ typedef enum {
#define TCG_TARGET_HAS_muls2_i320
#define TCG_TARGET_HAS_muluh_i320
#define TCG_TARGET_HAS_mulsh_i320
+#define TCG_TARGET_HAS_trunc_shr_i320
#define TCG_TARGET_HAS_div_i64 1
#define TCG_TARGET_HAS_rem_i64 1
diff --git a/tcg/i386/tcg-target.h b/tcg/i386/tcg-target.h
index ababca0..dbeb16d 100644
--- a/tcg/i386/tcg-target.h
+++ b/tcg/i386/tcg-target.h
@@ -99,6 +99,7 @@ extern bool have_bmi1;
#define TCG_TARGET_HAS_mulsh_i320
#if TCG_TARGET_REG_BITS == 64
+#define TCG_TARGET_HAS_trunc_shr_i320
#define TCG_TARGET_HAS_div2_i64 1
#define TCG_TARGET_HAS_rot_i64 1
#define TCG_TARGET_HAS_ext8s_i641
diff --git a/tcg/ia64/tcg-target.h b/tcg/ia64/tcg-target.h
index 52a939c..2f67409 100644
--- a/tcg/ia64/tcg-target.h
+++ b/tcg/ia64/tcg-target.h
@@ -152,6 +152,7 @@ typedef enum {
#define TCG_TARGET_HAS_muluh_i640
#define TCG_TARGET_HAS_mulsh_i320
#define TCG_TARGET_HAS_mulsh_i640
+#define TCG_TARGET_HAS_trunc_shr_i320
#define TCG_TARGET_HAS_new_ldst 0
diff --git a/tcg/optimize.c b/tcg/optimize.c
index c447062..0302f4f 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -228,6 +228,7 @@ static TCGArg do_constant_folding_2(TCGOpcode op, TCGArg x,
TCGArg y)
case INDEX_op_shr_i32:
return (uint32_t)x >> (y & 31);
+case INDEX_op_trunc_shr_i32:
case INDEX_op_shr_i64:
return (uint64_t)x >> (y & 63);
@@ -830,6 +831,10 @@ static TCGArg *tcg_constant_folding(TCGContext *s,
uint16_t *tcg_opc_ptr,
}
break;
+case INDEX_op_trunc_shr_i32:
+mask = (uint64_t)temps[args[1]].mask >> args[2];
+break;
+
CASE_OP_32_64(shl):
if (temps[args[2]].state == TCG_TEMP_CONST) {
tmp = temps[args[2]].val & (TCG_TARGET_REG_BITS - 1);
@@ -1021,6 +1026,17 @@ static TCGArg *tcg_constant_folding(TCGContext *s,
uint16_t *tcg_opc_ptr,
}
goto do_default;
+case INDEX_op_trunc_shr_i32:
+if (temps[args[1]].state == TCG_TEMP_CONST) {
+s->gen_opc_buf[op_index] = op_to_movi(op);
+tmp = do_constant_folding(op, temps[args[1]].val, args[2]);
+tcg_opt_gen_movi(gen_args, args[0], tmp);
+gen_args += 2;
+args += 3;
+break;
+}
+goto do_default;
+
CASE_OP_32_64(add):
CASE_OP_32_64(sub):
CASE_OP_32_64(mul):
diff --git a/tcg/ppc64/tcg-target.h b/tcg/ppc64/tcg-target.h
index 78bbf7a..3815b84 100644
--- a/tcg/ppc64/tcg-target.h
+++ b/tcg/ppc64/tcg-target.h
@@ -96,6 +96,7 @@ typedef enum {
#define TCG_TARGET_HAS_muls2_i320
#define TCG_TARGET_HAS_muluh_i320
#define TCG_TARGET_HAS_mulsh_i320
+#define TCG_TARGET_HAS_trunc_shr_i320
#define TCG_TARGET_HAS_div_i64 1
#define TCG_TARGET_HAS_rem_i64 0
diff --git a/tcg/s390/tcg-target.h b/tcg/s390/tcg-target.h
index b3bfdcc..755c002 100644
--- a/tcg/s390/tcg-target.h
+++ b/tcg/s390/tcg-target.h
@@ -69,6 +69,7 @@ typedef enum TCGReg {
#define TCG_TARGET_HAS_muls2_i320
#define TCG_TARGET_HAS_muluh_i320
#define TCG_TARGET_HAS_mulsh_i320
+#define TCG_TARGET_HAS_trunc_shr_i320
#define TCG_TARGET_HAS_div2_i64 1
#define TCG_TARGET_HAS_rot_i64 1
diff --git a/tcg/sparc/tcg-target.h b/tcg/sparc/tcg-target.h
index 4519c64..f44739f 100644
--- a/tcg/sparc/tcg-target.h
+++ b/tcg/sparc/tcg-target.h
@@ -117,6 +117,7 @@ typedef enum {
#define TCG_TARGET_HAS_mulsh_i320
#if TCG_TARGET_REG_BITS == 64
+#define TC
Re: [Qemu-devel] [PATCH 3/3] s390x/helper: Added format control bit to MMU translation
On 24.04.14 10:51, Jens Freimann wrote:
From: Thomas Huth
With the EDAT-1 facility, the MMU translation can stop at the
segment table already, pointing to a 1 MB block.
Signed-off-by: Thomas Huth
Signed-off-by: Jens Freimann
Reviewed-by: David Hildenbrand
---
target-s390x/helper.c | 4
1 file changed, 4 insertions(+)
diff --git a/target-s390x/helper.c b/target-s390x/helper.c
index ddf268e..4f2279f 100644
--- a/target-s390x/helper.c
+++ b/target-s390x/helper.c
@@ -231,6 +231,10 @@ static int mmu_translate_asce(CPUS390XState *env,
target_ulong vaddr,
offs = (vaddr >> 17) & 0x3ff8;
break;
case _ASCE_TYPE_SEGMENT:
+if (env && (env->cregs[0] & 0x80) && (asce & 0x400)) { /* FC? */
Please convert these into #defines.
Alex
+*raddr = (asce & 0xfff0ULL) | (vaddr & 0xf);
+return 0;
+}
offs = (vaddr >> 9) & 0x07f8;
origin = asce & _SEGMENT_ENTRY_ORIGIN;
break;
Re: [Qemu-devel] [PATCH 3/3] s390x/helper: Added format control bit to MMU translation
On 04/24/2014 03:40 PM, Alexander Graf wrote:
On 24.04.14 10:51, Jens Freimann wrote:
From: Thomas Huth
With the EDAT-1 facility, the MMU translation can stop at the
segment table already, pointing to a 1 MB block.
Signed-off-by: Thomas Huth
Signed-off-by: Jens Freimann
Reviewed-by: David Hildenbrand
---
target-s390x/helper.c | 4
1 file changed, 4 insertions(+)
diff --git a/target-s390x/helper.c b/target-s390x/helper.c
index ddf268e..4f2279f 100644
--- a/target-s390x/helper.c
+++ b/target-s390x/helper.c
@@ -231,6 +231,10 @@ static int mmu_translate_asce(CPUS390XState
*env, target_ulong vaddr,
offs = (vaddr >> 17) & 0x3ff8;
break;
case _ASCE_TYPE_SEGMENT:
+if (env && (env->cregs[0] & 0x80) && (asce & 0x400)) {
/* FC? */
Please convert these into #defines.
ok, we'll change that.
Thanks for the review!
Jens
Alex
+*raddr = (asce & 0xfff0ULL) | (vaddr &
0xf);
+return 0;
+}
offs = (vaddr >> 9) & 0x07f8;
origin = asce & _SEGMENT_ENTRY_ORIGIN;
break;
[Qemu-devel] [PATCH v2 1/4] acpi/pcihp.c: Rewrite acpi_pcihp_get_bsel using object_property_get_int
acpi_pcihp_get_bsel implements functionality of object_property_get_int for
specific property named ACPI_PCIHP_PROP_BSEL, but fails to decrement object's
reference counter properly. Rewriting it using generic object_property_get_int
serves two purposes: reducing code duplication and fixing memory leak.
Signed-off-by: Kirill Batuzov
---
hw/acpi/pcihp.c | 18 ++
1 file changed, 10 insertions(+), 8 deletions(-)
v1 -> v2:
Keep acpi_pcihp_get_bsel, but rewrite it using object_property_get_int and
validate returned value.
diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
index f80c480..3b143b3 100644
--- a/hw/acpi/pcihp.c
+++ b/hw/acpi/pcihp.c
@@ -63,16 +63,18 @@ typedef struct AcpiPciHpFind {
static int acpi_pcihp_get_bsel(PCIBus *bus)
{
-QObject *o = object_property_get_qobject(OBJECT(bus),
- ACPI_PCIHP_PROP_BSEL, NULL);
-int64_t bsel = -1;
-if (o) {
-bsel = qint_get_int(qobject_to_qint(o));
-}
-if (bsel < 0) {
+Error *local_err = NULL;
+int64_t bsel = object_property_get_int(OBJECT(bus), ACPI_PCIHP_PROP_BSEL,
+ &local_err);
+
+if (local_err || bsel < 0 || bsel >= ACPI_PCIHP_MAX_HOTPLUG_BUS) {
+if (local_err) {
+error_free(local_err);
+}
return -1;
+} else {
+return bsel;
}
-return bsel;
}
static void acpi_pcihp_test_hotplug_bus(PCIBus *bus, void *opaque)
--
1.7.10.4
[Qemu-devel] [PATCH 2/2] net: Don't use error_is_set() to suppress additional errors
Using error_is_set(errp) that way can sweep programming errors under
the carpet when we get called incorrectly with an error set.
qmp_query_rx_filter() breaks its loop when it detects an error. It
needs to set another error when the loop completes normally.
Return right away instead of merely breaking the loop.
Signed-off-by: Markus Armbruster
---
net/net.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/net/net.c b/net/net.c
index 3175809..aaf4a60 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1043,7 +1043,7 @@ RxFilterInfoList *qmp_query_rx_filter(bool has_name,
const char *name,
if (nc->info->type != NET_CLIENT_OPTIONS_KIND_NIC) {
if (has_name) {
error_setg(errp, "net client(%s) isn't a NIC", name);
-break;
+return NULL;
}
continue;
}
@@ -1062,7 +1062,7 @@ RxFilterInfoList *qmp_query_rx_filter(bool has_name,
const char *name,
} else if (has_name) {
error_setg(errp, "net client(%s) doesn't support"
" rx-filter querying", name);
-break;
+return NULL;
}
if (has_name) {
@@ -1070,7 +1070,7 @@ RxFilterInfoList *qmp_query_rx_filter(bool has_name,
const char *name,
}
}
-if (filter_list == NULL && !error_is_set(errp) && has_name) {
+if (filter_list == NULL && has_name) {
error_setg(errp, "invalid net client name: %s", name);
}
--
1.8.1.4
[Qemu-devel] [PATCH v2 03/13] tcg-sparc: Remove most uses of TCG_TARGET_REG_BITS
Replace with SPARC64 define. Soon even sparcv8plus will use
64-bit register as far as TCG is concerned.
Signed-off-by: Richard Henderson
---
tcg/sparc/tcg-target.c | 70 ++
1 file changed, 37 insertions(+), 33 deletions(-)
diff --git a/tcg/sparc/tcg-target.c b/tcg/sparc/tcg-target.c
index 35089b8..f1226ab 100644
--- a/tcg/sparc/tcg-target.c
+++ b/tcg/sparc/tcg-target.c
@@ -61,6 +61,12 @@ static const char * const
tcg_target_reg_names[TCG_TARGET_NB_REGS] = {
};
#endif
+#ifdef __arch64__
+# define SPARC64 1
+#else
+# define SPARC64 0
+#endif
+
/* Define some temporary registers. T2 is used for constant generation. */
#define TCG_REG_T1 TCG_REG_G1
#define TCG_REG_T2 TCG_REG_O7
@@ -402,9 +408,7 @@ static void tcg_out_movi(TCGContext *s, TCGType type,
}
/* A 32-bit constant, or 32-bit zero-extended to 64-bits. */
-if (TCG_TARGET_REG_BITS == 32
-|| type == TCG_TYPE_I32
-|| (arg & ~0xu) == 0) {
+if (type == TCG_TYPE_I32 || (arg & ~0xu) == 0) {
tcg_out_sethi(s, ret, arg);
if (arg & 0x3ff) {
tcg_out_arithi(s, ret, ret, arg & 0x3ff, ARITH_OR);
@@ -588,7 +592,7 @@ static void tcg_out_movcond_i32(TCGContext *s, TCGCond
cond, TCGArg ret,
tcg_out_movcc(s, cond, MOVCC_ICC, ret, v1, v1const);
}
-#if TCG_TARGET_REG_BITS == 64
+#if SPARC64
static void tcg_out_brcond_i64(TCGContext *s, TCGCond cond, TCGArg arg1,
TCGArg arg2, int const_arg2, int label)
{
@@ -726,7 +730,7 @@ static void tcg_out_setcond_i32(TCGContext *s, TCGCond
cond, TCGArg ret,
}
}
-#if TCG_TARGET_REG_BITS == 64
+#if SPARC64
static void tcg_out_setcond_i64(TCGContext *s, TCGCond cond, TCGArg ret,
TCGArg c1, TCGArg c2, int c2const)
{
@@ -858,7 +862,7 @@ static void build_trampolines(TCGContext *s)
qemu_ld_trampoline[i] = tramp;
/* Find the retaddr argument register. */
-ra = TCG_REG_O3 + (TARGET_LONG_BITS > TCG_TARGET_REG_BITS);
+ra = TCG_REG_O3 + (!SPARC64 && TARGET_LONG_BITS == 64);
/* Set the retaddr operand. */
tcg_out_mov(s, TCG_TYPE_PTR, ra, TCG_REG_O7);
@@ -885,8 +889,8 @@ static void build_trampolines(TCGContext *s)
/* Find the retaddr argument. For 32-bit, this may be past the
last argument register, and need passing on the stack. */
ra = (TCG_REG_O4
- + (TARGET_LONG_BITS > TCG_TARGET_REG_BITS)
- + (TCG_TARGET_REG_BITS == 32 && (i & MO_SIZE) == MO_64));
+ + (!SPARC64 && TARGET_LONG_BITS == 64)
+ + (!SPARC64 && (i & MO_SIZE) == MO_64));
/* Set the retaddr operand. */
if (ra >= TCG_REG_O6) {
@@ -965,7 +969,7 @@ static TCGReg tcg_out_tlb_load(TCGContext *s, TCGReg
addrlo, TCGReg addrhi,
TCGReg addr = addrlo;
int tlb_ofs;
-if (TCG_TARGET_REG_BITS == 32 && TARGET_LONG_BITS == 64) {
+if (!SPARC64 && TARGET_LONG_BITS == 64) {
/* Assemble the 64-bit address in R0. */
tcg_out_arithi(s, r0, addrlo, 0, SHIFT_SRL);
tcg_out_arithi(s, r1, addrhi, 32, SHIFT_SLLX);
@@ -1007,7 +1011,7 @@ static TCGReg tcg_out_tlb_load(TCGContext *s, TCGReg
addrlo, TCGReg addrhi,
tcg_out_cmp(s, r0, r2, 0);
/* If the guest address must be zero-extended, do so now. */
-if (TCG_TARGET_REG_BITS == 64 && TARGET_LONG_BITS == 32) {
+if (SPARC64 && TARGET_LONG_BITS == 32) {
tcg_out_arithi(s, r0, addrlo, 0, SHIFT_SRL);
return r0;
}
@@ -1056,9 +1060,9 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args, bool is64)
#endif
datalo = *args++;
-datahi = (TCG_TARGET_REG_BITS == 32 && is64 ? *args++ : 0);
+datahi = (!SPARC64 && is64 ? *args++ : 0);
addrlo = *args++;
-addrhi = (TARGET_LONG_BITS > TCG_TARGET_REG_BITS ? *args++ : 0);
+addrhi = (!SPARC64 && TARGET_LONG_BITS == 64 ? *args++ : 0);
memop = *args++;
s_bits = memop & MO_SIZE;
@@ -1067,7 +1071,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args, bool is64)
addrz = tcg_out_tlb_load(s, addrlo, addrhi, memi, s_bits,
offsetof(CPUTLBEntry, addr_read));
-if (TCG_TARGET_REG_BITS == 32 && s_bits == MO_64) {
+if (!SPARC64 && s_bits == MO_64) {
int reg64;
/* bne,pn %[xi]cc, label0 */
@@ -1149,11 +1153,11 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args, bool is64)
*label_ptr[1] |= INSN_OFF19((unsigned long)s->code_ptr -
(unsigned long)label_ptr[1]);
#else
-if (TCG_TARGET_REG_BITS == 64 && TARGET_LONG_BITS == 32) {
+if (SPARC64 && TARGET_LONG_BITS == 32) {
tcg_out_arithi(s, TCG_REG_T1, addrlo, 0, SHIFT_SRL);
addrlo = TCG_REG_T1;
}
-if (TCG_TARGET_REG_BITS == 32 && s_bits == MO_64) {
+if (!SPARC64 && s_bits == MO_64) {
int reg64 = (datal
Re: [Qemu-devel] [Qemu-trivial] [PATCH v2] configure: Improve help behavior
18.04.2014 10:55, Fam Zheng wrote: > Old: > There are two paths to show help and exit 1, one is with "-h" or > "--help", one is with invalid options. > > New: > Show help and exit 0 for --help. > On invalid option, don't show the long help and bury the early "ERROR:" > line, just give a message pointing to --help. Applied to -trivial, thanks! /mjt
[Qemu-devel] [PATCH v2] block: Expose host_* drivers in blockdev-add
All the functionality to use the host_device, host_cdrom and host_floppy
drivers is already there, they just need to be added to the schema.
The block driver names containing underscores are preexisting and cannot
be changed without breaking command line compatibility.
Signed-off-by: Kevin Wolf
Reviewed-by: Eric Blake
Reviewed-by: Fam Zheng
---
qapi-schema.json | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/qapi-schema.json b/qapi-schema.json
index 391356f..0b00427 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -4285,10 +4285,13 @@
#
# Drivers that are supported in block device operations.
#
+# @host_device, @host_cdrom, @host_floppy: Since 2.1
+#
# Since: 2.0
##
{ 'enum': 'BlockdevDriver',
- 'data': [ 'file', 'http', 'https', 'ftp', 'ftps', 'tftp', 'vvfat',
'blkdebug',
+ 'data': [ 'file', 'host_device', 'host_cdrom', 'host_floppy',
+'http', 'https', 'ftp', 'ftps', 'tftp', 'vvfat', 'blkdebug',
'blkverify', 'bochs', 'cloop', 'cow', 'dmg', 'parallels', 'qcow',
'qcow2', 'qed', 'raw', 'vdi', 'vhdx', 'vmdk', 'vpc', 'quorum' ] }
@@ -4555,6 +4558,9 @@
'discriminator': 'driver',
'data': {
'file': 'BlockdevOptionsFile',
+ 'host_device':'BlockdevOptionsFile',
+ 'host_cdrom': 'BlockdevOptionsFile',
+ 'host_floppy':'BlockdevOptionsFile',
'http': 'BlockdevOptionsFile',
'https': 'BlockdevOptionsFile',
'ftp':'BlockdevOptionsFile',
--
1.8.3.1
[Qemu-devel] [PATCH 0/2] net: Purge error_is_set()
I got a private branch getting rid of it entirely. This is the second part, covering network backends. Markus Armbruster (2): net: Make qmp_query_rx_filter() with name argument more obvious net: Don't use error_is_set() to suppress additional errors net/net.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) -- 1.8.1.4
[Qemu-devel] [PATCH v2 4/4] PortioList: Store PortioList in device state
PortioList is an abstraction used for construction of MemoryRegionPortioList
from MemoryRegionPortio. It can be used later to unmap created memory regions.
It also requires proper cleanup because some of the memory inside is allocated
dynamically.
By moving PortioList to device state we make it possible to cleanup later and
avoid leaking memory.
This change spans several target platforms. The following testcases cover all
changed lines:
qemu-system-ppc -M prep
qemu-system-i386 -vga qxl
qemu-system-i386 -M isapc -soundhw adlib -device ib700,id=watchdog0,bus=isa.0
Signed-off-by: Kirill Batuzov
---
hw/audio/adlib.c|6 +++---
hw/display/qxl.c|7 +++
hw/display/qxl.h|1 +
hw/display/vga.c| 12 +---
hw/display/vga_int.h|2 ++
hw/dma/i82374.c |7 ---
hw/isa/isa-bus.c| 28 +---
hw/ppc/prep.c |7 ---
hw/watchdog/wdt_ib700.c |7 ---
include/hw/isa/isa.h|1 +
10 files changed, 52 insertions(+), 26 deletions(-)
v1 -> v2:
I tried adding PortioList to AdlibState, PCIQXLDevice etc like Paolo suggested.
It worked fine for all cases except for isa_register_portio_list.
isa_register_portio_list can be called:
- with NULL instead of real ISADevice *,
- several times for one device.
Currently I put a workaroung for these cases but it is ugly. Proper solution
would be to add another parameter PortioList * to isa_register_portio_list and
to update all devices which use it. But it will change even more devices in
this patch.
diff --git a/hw/audio/adlib.c b/hw/audio/adlib.c
index 28eed81..5dd739e 100644
--- a/hw/audio/adlib.c
+++ b/hw/audio/adlib.c
@@ -86,6 +86,7 @@ typedef struct {
#ifndef HAS_YMF262
FM_OPL *opl;
#endif
+PortioList port_list;
} AdlibState;
static AdlibState *glob_adlib;
@@ -293,7 +294,6 @@ static MemoryRegionPortio adlib_portio_list[] = {
static void adlib_realizefn (DeviceState *dev, Error **errp)
{
AdlibState *s = ADLIB(dev);
-PortioList *port_list = g_new(PortioList, 1);
struct audsettings as;
if (glob_adlib) {
@@ -349,8 +349,8 @@ static void adlib_realizefn (DeviceState *dev, Error **errp)
adlib_portio_list[0].offset = s->port;
adlib_portio_list[1].offset = s->port + 8;
-portio_list_init (port_list, OBJECT(s), adlib_portio_list, s, "adlib");
-portio_list_add (port_list, isa_address_space_io(&s->parent_obj), 0);
+portio_list_init (&s->port_list, OBJECT(s), adlib_portio_list, s, "adlib");
+portio_list_add (&s->port_list, isa_address_space_io(&s->parent_obj), 0);
}
static Property adlib_properties[] = {
diff --git a/hw/display/qxl.c b/hw/display/qxl.c
index 47bbf1f..b307b3d 100644
--- a/hw/display/qxl.c
+++ b/hw/display/qxl.c
@@ -2055,7 +2055,6 @@ static int qxl_init_primary(PCIDevice *dev)
{
PCIQXLDevice *qxl = DO_UPCAST(PCIQXLDevice, pci, dev);
VGACommonState *vga = &qxl->vga;
-PortioList *qxl_vga_port_list = g_new(PortioList, 1);
int rc;
qxl->id = 0;
@@ -2064,10 +2063,10 @@ static int qxl_init_primary(PCIDevice *dev)
vga_common_init(vga, OBJECT(dev));
vga_init(vga, OBJECT(dev),
pci_address_space(dev), pci_address_space_io(dev), false);
-portio_list_init(qxl_vga_port_list, OBJECT(dev), qxl_vga_portio_list,
+portio_list_init(&qxl->vga_port_list, OBJECT(dev), qxl_vga_portio_list,
vga, "vga");
-portio_list_set_flush_coalesced(qxl_vga_port_list);
-portio_list_add(qxl_vga_port_list, pci_address_space_io(dev), 0x3b0);
+portio_list_set_flush_coalesced(&qxl->vga_port_list);
+portio_list_add(&qxl->vga_port_list, pci_address_space_io(dev), 0x3b0);
vga->con = graphic_console_init(DEVICE(dev), 0, &qxl_ops, qxl);
qemu_spice_display_init_common(&qxl->ssd);
diff --git a/hw/display/qxl.h b/hw/display/qxl.h
index c5de3d7..412e346 100644
--- a/hw/display/qxl.h
+++ b/hw/display/qxl.h
@@ -32,6 +32,7 @@ enum qxl_mode {
typedef struct PCIQXLDevice {
PCIDevice pci;
+PortioList vga_port_list;
SimpleSpiceDisplay ssd;
intid;
uint32_t debug;
diff --git a/hw/display/vga.c b/hw/display/vga.c
index 063319d..5284920 100644
--- a/hw/display/vga.c
+++ b/hw/display/vga.c
@@ -2351,8 +2351,6 @@ void vga_init(VGACommonState *s, Object *obj,
MemoryRegion *address_space,
{
MemoryRegion *vga_io_memory;
const MemoryRegionPortio *vga_ports, *vbe_ports;
-PortioList *vga_port_list = g_new(PortioList, 1);
-PortioList *vbe_port_list = g_new(PortioList, 1);
qemu_register_reset(vga_reset, s);
@@ -2367,13 +2365,13 @@ void vga_init(VGACommonState *s, Object *obj,
MemoryRegion *address_space,
1);
memory_region_set_coalescing(vga_io_memory);
if (init_vga_ports) {
-portio_list_init(vga_port_list, obj, vga_ports, s, "vga");
-portio_list_set_flush_coal
Re: [Qemu-devel] [PATCH] Re: snapshot: fixed bdrv_get_full_backing_filename can not get correct full_backing_filename
On Thu, Apr 10, 2014 at 01:03:51AM +0800, Jun Li wrote: > Thanks Eric's analysis and review firstly. As not so clear to the application > context, so the first patch can not cover symlink scenarios. > In this patch, will check the backing_filename is a symlink or not firstly, > then return the full(absolute) path via realpath. > If this patch has something not coverd, please give me more suggestions. > Thx. I don't know what series this patch is part of. I'm ignoring it, please resend a proper series with revision numbers. Also, the commit description should only contain information that will become part of the git commit history. Comments about code review or asking for suggestions are not appropriate for the commit description since they are irrelevant once the patch has been merged. Please make sure to put this stuff after the '---' line so git-am(1) will strip it from the commit description. Thanks, Stefan
Re: [Qemu-devel] target-i386: block migration and savevm if invariant tsc is exposed (v3)
On Wed, Apr 23, 2014 at 06:04:45PM -0300, Marcelo Tosatti wrote:
>
> Invariant TSC documentation mentions that "invariant TSC will run at a
> constant rate in all ACPI P-, C-. and T-states".
>
> This is not the case if migration to a host with different TSC frequency
> is allowed, or if savevm is performed. So block migration/savevm.
>
> Signed-off-by: Marcelo Tosatti
>
[...]
> @@ -702,6 +706,16 @@ int kvm_arch_init_vcpu(CPUState *cs)
>!!(c->ecx & CPUID_EXT_SMX);
> }
>
> +c = cpuid_find_entry(&cpuid_data.cpuid, 0x8007, 0);
> +if (c && (c->edx & 1<<8) && invtsc_mig_blocker == NULL) {
> +/* for migration */
> +error_set(&invtsc_mig_blocker,
> + QERR_DEVICE_FEATURE_BLOCKS_MIGRATION, "invtsc", "cpu");
> +migrate_add_blocker(invtsc_mig_blocker);
> +/* for savevm */
> +vmstate_x86_cpu.unmigratable = 1;
Did you ensure this will always happen before vmstate_register() is
called for vmstate_x86_cpu? I believe kvm_arch_init_vcpu() is called a
long long time after device_set_realized() (which is where
vmstate_register() is called for DeviceState objects).
--
Eduardo
Re: [Qemu-devel] [GSoC] Wanted: small warmup tasks
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 24.04.2014 08:19, schrieb Jan Kiszka:
> On 2014-04-23 11:25, Stefan Hajnoczi wrote:
>> Dear QEMU, Libvirt, and KVM communities, We are participating in
>> Google Summer of Code 2014 (http://google-melange.com/) and
>> Outreach Program for Women (http://opw.gnome.org/). Both
>> programs fund candidates to work on our open source projects for
>> 12 weeks this summer.
>
> To follow up on this: I'm currently looking for optional tiny
> "warmup" tasks for our QEMU students during the bonding period
> (till May 18). If you have any trivial issues or extensions in mind
> that someone could address within a few days or even hours, that
> would be perfect. It could even be something like "reformat the
> printing of these messages" or so.
Replacing some more fprintf(stderr, "foo\n") with error_report("foo")
comes to mind. :)
I'd also be happy to get some more stub qtests for devices not by
default in any machines, in particular PCI devices.
Cf. https://github.com/afaerber/qemu-cpu/commits/qtest
There's probably also still enough QOM DO_UPCAST() cleanups to be
done, but they too would need test cases to avoid yet another
two-distinct-devices-share-struct bug [*].
If someone had a cool idea how to figure out which devices (QOM types)
are being covered by qtests at all (and thus, which are missing) that
would be appreciated - but probably too involved for a newbie.
Cheers,
Andreas
[*]
http://git.qemu-project.org/?p=qemu.git;a=commit;h=19d46d711d93cb3a37dada945cb3410278b94bc3
- --
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJTWPeyAAoJEPou0S0+fgE/RykP/jZ9Tjrk/v6tRSwxnBLgyo5F
QMD/SrjBrX5JkBtQu2+T10mV2RGLuMobbTxqzFKcE4VVaEcCjr+q2LzDcYuXv6I6
GdGOnos83MnuBrbvGqCsfGorcW9xRzSrYqXUdIH8bc0Z0MDwuBA+Hliy2/e/TOz/
umIQU8wyHW8pQrxXZuc17ZJPy0gbXV7KzO/e9lLfcq6kbj/CdNLUbAlsH7l/mVdr
fn1HvOU7thTVJxxrdIS78b6TaWhv/c6Uua2NsaqfkLsRzBL74oN+d5gbhOn9bcIT
3b64xS8so06DNfC5eJt/2U3EOT3riW+O5+h96kMwTkcAIl2N+y6LFSJvUNu7vbCJ
oSWZNjqaBPmu/0hqh6TdG+mBzGFUz7H8846PtcnELipVfx0ASR2PdU9h5dwIqqjT
J7sC2nua4j5nsS89BQHb31fHi8HPi5BMfan9YHXsWKox+ItYQX1gLHdlRMurev2+
8A3Dg6+zGibyv+BHXFcWUqLAXq9VkTs+pZ9mNMbEnCAyEFlSut1kqEtyF87MhjtD
yCo+VMsnI+5ShcI0VQpqvPunzIA07tLZNfsu+KJBnhxdmG5JQmfUyveTYuZms2t+
pcQaDyZZNHZJ4sqPQqDjK/i0DJ+qeAi+HSZMyFfg4/6bVVJ0h7ryWPirgdFqqL16
hAskg5UV0FK7Rw5nbjpP
=cCL5
-END PGP SIGNATURE-
[Qemu-devel] [PATCH v2 0/4] Fix memory leaks in QEMU
This patch series addresses several cases of memory leaks I've found in QEMU using Valgrind's Memcheck tool. I only checked "definitely lost" reports. I ignored reports related to SDL/GTK because it is hard to tell if memory leak occurred in QEMU or in the library. List of addressed problems. - Missing Error set by error_set deallocation in ui/console.c. - Several missing qobject_decref. - Incorrect usage of PortioList. v1 -> v2: All review feedback incorporated. Changes are listed in each individual patch. Kirill Batuzov (4): acpi/pcihp.c: Rewrite acpi_pcihp_get_bsel using object_property_get_int acpi-build: properly decrement objects' reference counters console: Abort on property access errors PortioList: Store PortioList in device state hw/acpi/pcihp.c | 18 ++ hw/audio/adlib.c|6 +++--- hw/display/qxl.c|7 +++ hw/display/qxl.h|1 + hw/display/vga.c| 12 +--- hw/display/vga_int.h|2 ++ hw/dma/i82374.c |7 --- hw/i386/acpi-build.c|6 ++ hw/isa/isa-bus.c| 28 +--- hw/ppc/prep.c |7 --- hw/watchdog/wdt_ib700.c |7 --- include/hw/isa/isa.h|1 + ui/console.c| 30 +- 13 files changed, 81 insertions(+), 51 deletions(-) -- 1.7.10.4
[Qemu-devel] [PATCH 5/5] gtk: Fix accelerators being triggered twice with gtk3
When keyboard focus is grabbed, current qemu wants to pass every
keypress to the VM, unless the user is pressing a UI accelerator.
That's exactly how things work without any of the fancy handling. Drop
the special handling, which seems to trigger accelerators twice on gtk3.
Signed-off-by: Cole Robinson
---
ui/gtk.c | 22 --
1 file changed, 22 deletions(-)
diff --git a/ui/gtk.c b/ui/gtk.c
index 45a61da..93896ed 100644
--- a/ui/gtk.c
+++ b/ui/gtk.c
@@ -99,8 +99,6 @@ static inline void gdk_drawable_get_size(GdkWindow *w, gint
*ww, gint *wh)
#endif
#define HOTKEY_MODIFIERS(GDK_CONTROL_MASK | GDK_MOD1_MASK)
-#define IGNORE_MODIFIER_MASK \
-(GDK_MODIFIER_MASK & ~(GDK_LOCK_MASK | GDK_MOD2_MASK))
static const int modifier_keycode[] = {
/* shift, control, alt keys, meta keys, both left & right */
@@ -485,24 +483,6 @@ static void gd_mouse_mode_change(Notifier *notify, void
*data)
/** GTK Events **/
-static gboolean gd_window_key_event(GtkWidget *widget, GdkEventKey *key, void
*opaque)
-{
-GtkDisplayState *s = opaque;
-gboolean handled = FALSE;
-
-if (!gd_is_grab_active(s) ||
-(key->state & IGNORE_MODIFIER_MASK) == HOTKEY_MODIFIERS) {
-handled = gtk_window_activate_key(GTK_WINDOW(widget), key);
-}
-if (handled) {
-gtk_release_modifiers(s);
-} else {
-handled = gtk_window_propagate_key_event(GTK_WINDOW(widget), key);
-}
-
-return handled;
-}
-
static gboolean gd_window_close(GtkWidget *widget, GdkEvent *event,
void *opaque)
{
@@ -1286,8 +1266,6 @@ static void gd_connect_signals(GtkDisplayState *s)
g_signal_connect(s->show_tabs_item, "activate",
G_CALLBACK(gd_menu_show_tabs), s);
-g_signal_connect(s->window, "key-press-event",
- G_CALLBACK(gd_window_key_event), s);
g_signal_connect(s->window, "delete-event",
G_CALLBACK(gd_window_close), s);
--
1.9.0
Re: [Qemu-devel] [Bug 1310714] Re: User mode networking SLIRP rapid memory leak
On Mon, Apr 21, 2014 at 08:53:43PM -, Likai Liu wrote: > I also noticed that the command I ran is causing this bug to happen. I > had accidentally repeated -net nic twice, so there are two -net user > network interfaces. Removing one of them makes the problem go away. This is still a bug, the packets should be freed even with 2 -net user. Stefan
Re: [Qemu-devel] [PATCH 0/3] virtio: Eliminate "exit(1)" upon invalid request in virtio-blk and virtio-scsi
Am 24.04.2014 um 09:55 hat Michael S. Tsirkin geschrieben: > On Thu, Apr 24, 2014 at 09:15:25AM +0200, Markus Armbruster wrote: > > "Michael S. Tsirkin" writes: > > > > > On Wed, Apr 23, 2014 at 11:22:51AM +0800, Fam Zheng wrote: > > >> This series is a step towards getting rid of such code, > > > > > > Sure, incremental patches are good. At this point I think it's > > > a good idea to clearly mark this as RFC - I don't think we should yet > > > merge > > > this upstream until the solution is a bit more complete. > > > > > > Changing virtio is the easy part though, so I'm not sure it's a good > > > idea to start there. > > > > Does this series hinder work on the harder parts in any way? Does it > > pick a specific solution that may not work for the harder parts? > > > > If not, then I can't see what keeping it out of tree can buy us. > > Less code churn. It's more code apparently for no real benefit > since buggy drivers will still abort qemu. Depends on what bugs the driver has. Not fixing bugs because there are still other bugs that can crash qemu isn't productive. If we went this way consistently, we would reject any bug fix unless the commit message contains a mathematical proof that all of qemu is correct now. We could stop development right now. This is an easy bug to fix, we have the patches, so let's just fix it. The solution won't become any better by waiting for independent fixes. > Making nested virt work well is a big project, I'd like to see some > progress on the hard parts before trying to address easy corner cases > like this one. Addressing the easy parts doesn't make the hard parts any harder. > > >> Regarding the malicious guest, protecting D.O.S. attack is also > > >> valuable, isn't > > >> it? > > >> > > >> Thanks, > > >> Fam > > > > > > Guest denying itself a service? I'm not sure why it's valuable. > > > > If I remember correctly, the DOS involved passthrough of a virtual > > device to a nested guest or something like that. > > Guest killing itself > > is unexciting, nested guest killing its host qualifies as DOS. I guess > > our current answer to that is "don't do that then". > > Yes. virtio doesn't support that for a variety of other reasons, > one of which is that it doesn't go through an mmu. > Now, before someone sends a trivial patch converting it to > mmu aware calls, that's not yet possible without teaching vhost > and dataplane about MMU. Nested virt is really just one example for a userspace virtio driver. Userspace shouldn't be able to kill the whole guest. Kevin
[Qemu-devel] [PATCH qom-next] MAINTAINERS: Document QOM
Invented by Anthony. Maintained through my qom-next tree lately. Cc: Anthony Liguori Cc: Paolo Bonzini Signed-off-by: Andreas Färber --- MAINTAINERS | 10 ++ 1 file changed, 10 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index c66946f..87a56b7 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -778,6 +778,16 @@ S: Supported F: qapi-schema.json T: git git://repo.or.cz/qemu/qmp-unstable.git queue/qmp +QOM +M: Anthony Liguori +M: Andreas Färber +S: Supported +T: git git://github.com/afaerber/qemu-cpu.git qom-next +F: include/qom/object.h +F: qom/object.c +F: qom/container.c +F: tests/qom-test.c + QMP M: Luiz Capitulino S: Maintained -- 1.8.4.5
Re: [Qemu-devel] [SeaBIOS] seabios release?
On Wed, Apr 23, 2014 at 04:41:32PM +0200, Gerd Hoffmann wrote: > Hi, > > I think it's time to start planning the next seabios release. First, > because a bunch of changes have piled up in master. And second, because > of the smbios changes. They are a step forward in making seabios less > dependent on qemu internals and I want have that in qemu soonish. > > So, how about this plan: > > (1) merge smbios patches in qemu (patchset is close to final now). > (2) merge smbios patch in seabios > (3) start freeze > (4) tag release candidate (early may is realistic for that I think). > (5) pull release candidate into qemu for wider testing > (6) merge bugfix patches if needed > (7) tag final release 2-3 weeks after release candidate (end of > may probably). > (8) pull final release into qemu. > > Comments? A release around the end of May sounds good to me. I think we should aim for a feature freeze of no more than two weeks - if any problems or defects are found then we can extend the release. I have some ideas for possible code changes after the next release. I'll send a separate email. -Kevin
[Qemu-devel] [PATCH] MAINTAINERS: Add qemu-img/io to block subsystem
qemu-img and qemu-io were not covered by any MAINTAINERS entry so far. Reported-by: Markus Armbruster Signed-off-by: Kevin Wolf --- MAINTAINERS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index c66946f..b287ef8 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -674,6 +674,8 @@ S: Supported F: block* F: block/ F: hw/block/ +F: qemu-img* +F: qemu-io* T: git git://repo.or.cz/qemu/kevin.git block T: git git://github.com/stefanha/qemu.git block -- 1.8.3.1
[Qemu-devel] [PATCH 1/5] Use error_is_set() only when necessary (again)
error_is_set(&var) is the same as var != NULL, but it takes
whole-program analysis to figure that out. Unnecessarily hard for
optimizers, static checkers, and human readers. Commit 84d18f0 dumbed
it down to obvious, but a few more have crept in since, and
documentation was overlooked. Dumb these down, too.
Signed-off-by: Markus Armbruster
---
block/mirror.c| 2 +-
block/nfs.c | 2 +-
block/quorum.c| 4 ++--
docs/writing-qmp-commands.txt | 6 +++---
tests/test-qmp-input-strict.c | 8
5 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/block/mirror.c b/block/mirror.c
index 0ef41f9..d6e5d88 100644
--- a/block/mirror.c
+++ b/block/mirror.c
@@ -677,7 +677,7 @@ void commit_active_start(BlockDriverState *bs,
BlockDriverState *base,
mirror_start_job(bs, base, speed, 0, 0,
on_error, on_error, cb, opaque, &local_err,
&commit_active_job_driver, false, base);
-if (error_is_set(&local_err)) {
+if (local_err) {
error_propagate(errp, local_err);
goto error_restore_flags;
}
diff --git a/block/nfs.c b/block/nfs.c
index 98aa363..9fa831f 100644
--- a/block/nfs.c
+++ b/block/nfs.c
@@ -343,7 +343,7 @@ static int nfs_file_open(BlockDriverState *bs, QDict
*options, int flags,
opts = qemu_opts_create(&runtime_opts, NULL, 0, &error_abort);
qemu_opts_absorb_qdict(opts, options, &local_err);
-if (error_is_set(&local_err)) {
+if (local_err) {
error_propagate(errp, local_err);
return -EINVAL;
}
diff --git a/block/quorum.c b/block/quorum.c
index 7f580a8..ecec3a5 100644
--- a/block/quorum.c
+++ b/block/quorum.c
@@ -753,7 +753,7 @@ static int quorum_open(BlockDriverState *bs, QDict
*options, int flags,
opts = qemu_opts_create(&quorum_runtime_opts, NULL, 0, &error_abort);
qemu_opts_absorb_qdict(opts, options, &local_err);
-if (error_is_set(&local_err)) {
+if (local_err) {
ret = -EINVAL;
goto exit;
}
@@ -828,7 +828,7 @@ close_exit:
g_free(opened);
exit:
/* propagate error */
-if (error_is_set(&local_err)) {
+if (local_err) {
error_propagate(errp, local_err);
}
QDECREF(list);
diff --git a/docs/writing-qmp-commands.txt b/docs/writing-qmp-commands.txt
index 8349dec..3930a9b 100644
--- a/docs/writing-qmp-commands.txt
+++ b/docs/writing-qmp-commands.txt
@@ -311,7 +311,7 @@ void hmp_hello_world(Monitor *mon, const QDict *qdict)
Error *errp = NULL;
qmp_hello_world(!!message, message, &errp);
-if (error_is_set(&errp)) {
+if (errp) {
monitor_printf(mon, "%s\n", error_get_pretty(errp));
error_free(errp);
return;
@@ -483,7 +483,7 @@ void hmp_info_alarm_clock(Monitor *mon)
Error *errp = NULL;
clock = qmp_query_alarm_clock(&errp);
-if (error_is_set(&errp)) {
+if (errp) {
monitor_printf(mon, "Could not query alarm clock information\n");
error_free(errp);
return;
@@ -634,7 +634,7 @@ void hmp_info_alarm_methods(Monitor *mon)
Error *errp = NULL;
method_list = qmp_query_alarm_methods(&errp);
-if (error_is_set(&errp)) {
+if (errp) {
monitor_printf(mon, "Could not query alarm methods\n");
error_free(errp);
return;
diff --git a/tests/test-qmp-input-strict.c b/tests/test-qmp-input-strict.c
index 38b5e95..f03353b 100644
--- a/tests/test-qmp-input-strict.c
+++ b/tests/test-qmp-input-strict.c
@@ -153,7 +153,7 @@ static void test_validate_union_flat(TestInputVisitorData
*data,
/* TODO when generator bug is fixed, add 'integer': 41 */
visit_type_UserDefFlatUnion(v, &tmp, NULL, &errp);
-g_assert(!error_is_set(&errp));
+g_assert(!errp);
qapi_free_UserDefFlatUnion(tmp);
}
@@ -167,7 +167,7 @@ static void test_validate_union_anon(TestInputVisitorData
*data,
v = validate_test_init(data, "42");
visit_type_UserDefAnonUnion(v, &tmp, NULL, &errp);
-g_assert(!error_is_set(&errp));
+g_assert(!errp);
qapi_free_UserDefAnonUnion(tmp);
}
@@ -240,7 +240,7 @@ static void
test_validate_fail_union_flat(TestInputVisitorData *data,
v = validate_test_init(data, "{ 'string': 'c', 'integer': 41, 'boolean':
true }");
visit_type_UserDefFlatUnion(v, &tmp, NULL, &errp);
-g_assert(error_is_set(&errp));
+g_assert(errp);
qapi_free_UserDefFlatUnion(tmp);
}
@@ -254,7 +254,7 @@ static void
test_validate_fail_union_anon(TestInputVisitorData *data,
v = validate_test_init(data, "3.14");
visit_type_UserDefAnonUnion(v, &tmp, NULL, &errp);
-g_assert(error_is_set(&errp));
+g_assert(errp);
qapi_free_UserDefAnonUnion(tmp);
}
--
1.8.1.4
Re: [Qemu-devel] [Qemu-trivial] [PATCH trivial v2] vl: avoid closing stdout with 'writeconfig'
22.04.2014 05:12, Chen Gang wrotr: > 'writeconfig' supports output to stdout (with '-'); when that happens, > we must not close stdout, or further command line options that also use > stdout will be impacted. (Although 'writeconfig' was copied from > 'readconfig', the latter does not have the problem because it does not > support reading from '-') Thanks, applied to -trivial. /mjt
[Qemu-devel] [PATCH 0/5] block: Purge error_is_set()
I got a private branch getting rid of it entirely. This is the first part, covering the block subsystem. Markus Armbruster (5): Use error_is_set() only when necessary (again) qemu-img: Consistently name Error * objects err, and not errp nbd: Use return values instead of error_is_set(errp) blockdev: Clean up fragile use of error_is_set() iscsi: Don't use error_is_set() to suppress additional errors block/iscsi.c | 9 - block/mirror.c| 2 +- block/nbd.c | 2 +- block/nfs.c | 2 +- block/quorum.c| 4 ++-- blockdev.c| 7 +-- docs/writing-qmp-commands.txt | 6 +++--- qemu-img.c| 12 ++-- tests/test-qmp-input-strict.c | 8 9 files changed, 27 insertions(+), 25 deletions(-) -- 1.8.1.4
Re: [Qemu-devel] [PATCH 01/10] MAINTAINERS: Take maintainership for QTest
On Thu, Apr 24, 2014 at 02:49:14PM +0200, Andreas Färber wrote: > Invented by Anthony. Maintenance has been handled by me lately. > > Note that the tests themselves are intentionally not part of this entry; > they are considered part of the device or subsystem they are covering. > > Cc: Anthony Liguori > Cc: Stefan Hajnoczi > Signed-off-by: Andreas Färber > --- > MAINTAINERS | 10 ++ > 1 file changed, 10 insertions(+) Reviewed-by: Stefan Hajnoczi
Re: [Qemu-devel] [PULL 00/14] tcg generic queue
On 22 April 2014 22:05, Richard Henderson wrote: > Minmal reviewage, but they've all been posted more than once. > Please pull. > > > r~ > > > The following changes since commit 2d03b49c3f225994c4b0b46146437d8c887d6774: > > Merge remote-tracking branch > 'remotes/pmaydell/tags/pull-target-arm-20140417-1' into staging (2014-04-17 > 21:37:26 +0100) > > are available in the git repository at: > > > git://github.com/rth7680/qemu.git tags/tcg-next-20140422 > > for you to fetch changes up to 02eb19d0ec19ac8fb1de1116999184663763eaa0: > > tcg: Use HOST_WORDS_BIGENDIAN (2014-04-18 16:57:37 -0700) > Applied, thanks. -- PMM
[Qemu-devel] [PATCH 07/10] tests: Add es1370 qtest
Signed-off-by: Andreas Färber
---
MAINTAINERS | 1 +
tests/Makefile | 3 +++
tests/es1370-test.c | 33 +
3 files changed, 37 insertions(+)
create mode 100644 tests/es1370-test.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 5d5f9e2..204089f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -667,6 +667,7 @@ S: Maintained
F: audio/
F: hw/audio/
F: tests/ac97-test.c
+F: tests/es1370-test.c
Block
M: Kevin Wolf
diff --git a/tests/Makefile b/tests/Makefile
index 81ea4a3..af63064 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -109,6 +109,8 @@ check-qtest-pci-y += tests/nvme-test$(EXESUF)
gcov-files-pci-y += hw/block/nvme.c
check-qtest-pci-y += tests/ac97-test$(EXESUF)
gcov-files-pci-y += hw/audio/ac97.c
+check-qtest-pci-y += tests/es1370-test$(EXESUF)
+gcov-files-pci-y += hw/audio/es1370.c
check-qtest-pci-y += $(check-qtest-virtio-y)
gcov-files-pci-y += $(gcov-files-virtio-y) hw/virtio/virtio-pci.c
check-qtest-pci-y += tests/tpci200-test$(EXESUF)
@@ -290,6 +292,7 @@ tests/nvme-test$(EXESUF): tests/nvme-test.o
tests/pvpanic-test$(EXESUF): tests/pvpanic-test.o
tests/i82801b11-test$(EXESUF): tests/i82801b11-test.o
tests/ac97-test$(EXESUF): tests/ac97-test.o
+tests/es1370-test$(EXESUF): tests/es1370-test.o
tests/qemu-iotests/socket_scm_helper$(EXESUF):
tests/qemu-iotests/socket_scm_helper.o
# QTest rules
diff --git a/tests/es1370-test.c b/tests/es1370-test.c
new file mode 100644
index 000..cc23fb5
--- /dev/null
+++ b/tests/es1370-test.c
@@ -0,0 +1,33 @@
+/*
+ * QTest testcase for ES1370
+ *
+ * Copyright (c) 2014 SUSE LINUX Products GmbH
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include
+#include
+#include "libqtest.h"
+#include "qemu/osdep.h"
+
+/* Tests only initialization so far. TODO: Replace with functional tests */
+static void nop(void)
+{
+}
+
+int main(int argc, char **argv)
+{
+int ret;
+
+g_test_init(&argc, &argv, NULL);
+qtest_add_func("/es1370/nop", nop);
+
+qtest_start("-device ES1370");
+ret = g_test_run();
+
+qtest_end();
+
+return ret;
+}
--
1.8.4.5
Re: [Qemu-devel] [patch 2/2] target-i386: block migration and savevm if invariant tsc is exposed
On Fri, Apr 25, 2014 at 12:57:48AM +0200, Paolo Bonzini wrote: > Il 24/04/2014 22:57, Eduardo Habkost ha scritto: > >On Thu, Apr 24, 2014 at 04:42:33PM -0400, Paolo Bonzini wrote: > >>Il 22/04/2014 21:14, Eduardo Habkost ha scritto: > >>>Not for "-cpu host". If somebody needs migration to work, they shouldn't > >>>be using "-cpu host" anyway (I don't know if you have seen the other > >>>comments in my message?). > >> > >>I'm not entirely sure. If you have hosts with exactly identical > >>chipsets, "-cpu host" migration will in all likelihood work. > >>Marcelo's approach is safer. > > > >If that didn't break other use cases, I would agree. > > > >But "-cpu host" today covers two use cases: 1) enabling everything that > >can be enabled, even if it breaks migration; 2) enabling all stuff that > >can be safely enabled without breaking migration. > > What does it enable *now* that breaks migration? Every single feature it enables can break it. It breaks if you upgrade to a QEMU version with new feature words. It breaks if you upgrade to a kernel which supports new features. A feature that doesn't let you upgrade the kernel isn't a feature I expect users to be relying upon. libvirt even blocks migration if "-cpu host" is in use. > > >Now we can't do both at the same time[1]. > > > >(1) is important for management software; > >(2) works only if you are lucky. > > Or if you plan ahead. With additional logic even invariant TSC in > principle can be made to work across migration if the host clocks are > synchronized well enough (PTP accuracy is in the 100-1000 TSC ticks > range). Yes, it is possible in the future. But we never planned for it, so "-cpu host" never supported migration. > > >Why would it make sense to break (1) to try make (2) work? > > > >[1] I would even argue that we never did both at the same time."-cpu > >host" depends on host hardware capabilities, host kernel capabilities, > >and host QEMU version (we never took care of keeping guest ABI with > >"-cpu host"). If migration did work, it was never supposed to. > > I think this is where I disagree. Migration of the PMU is one thing > that obviously was done with "-cpu host" in mind. We may try to make a reliable implementation of use case (2) some day, yes. But the choice I see right now is between trying not break a feature that was never declared to exist, or breaking an existing interface that is required to solve existing bugs between libvirt and QEMU. -- Eduardo
[Qemu-devel] [PATCH v2] configure: add more detailed hint of old libfdt-dev missing, libfdt_env.h
libfdt_env.h is missing in some stable installs (<1.3.0-3), some released linux distributions(e.g. Ubuntu 12.04) depending on it still complain missing libfdt even if already installed. So give more detailed hint for such OS users. Signed-off-by: Liu Li --- configure |5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/configure b/configure index 69b9f56..8eb0b90 100755 --- a/configure +++ b/configure @@ -2948,8 +2948,9 @@ EOF fdt_libs="-L\$(BUILD_DIR)/dtc/libfdt $fdt_libs" elif test "$fdt" = "yes" ; then # have neither and want - prompt for system/submodule install -error_exit "DTC (libfdt) not present. Your options:" \ -" (1) Preferred: Install the DTC (libfdt) devel package" \ +error_exit "DTC (libfdt) not present or too old. Your options:" \ +" (1) Preferred: Install or update the DTC (libfdt)" \ +" devel package" \ " (2) Fetch the DTC submodule, using:" \ " git submodule update --init dtc" else -- 1.7.9.5
Re: [Qemu-devel] [Qemu-trivial] [PATCH] qmp: Remove unused variable.
Thanks, applied to -trivial. /mjt
Re: [Qemu-devel] [PATCH 4/5] blockdev: Clean up fragile use of error_is_set()
Am 24.04.2014 um 11:15 hat Markus Armbruster geschrieben: > Using error_is_set(ERRP) to find out whether a function failed is > either wrong, fragile, or unnecessarily opaque. It's wrong when ERRP > may be null, because errors go undetected when it is. It's fragile > when proving ERRP non-null involves a non-local argument. Else, it's > unnecessarily opaque (see commit 84d18f0). > > The error_is_set(errp) in internal_snapshot_prepare() is merely > fragile, because the caller never passes a null errp argument. > > Make the code more robust and more obviously correct: receive the > error in a local variable, then propagate it through the parameter. > > Signed-off-by: Markus Armbruster Reviewed-by: Kevin Wolf
[Qemu-devel] [PATCH] pcie_host: Turn pcie_host_init() into an instance_init
This assures the trivial field initialization is applied for any derived
type - currently only Q35PCIHost.
Signed-off-by: Andreas Färber
---
Michael, I've had this preparation lying around for a while but didn't
get further yet. Can you take this through the PCI queue already?
hw/pci-host/q35.c | 4
hw/pci/pcie_host.c | 7 ---
include/hw/pci/pcie_host.h | 1 -
3 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/hw/pci-host/q35.c b/hw/pci-host/q35.c
index 8b8cc4e..aa48b1c 100644
--- a/hw/pci-host/q35.c
+++ b/hw/pci-host/q35.c
@@ -47,10 +47,6 @@ static void q35_host_realize(DeviceState *dev, Error **errp)
sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, &pci->data_mem);
sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, 4);
-if (pcie_host_init(PCIE_HOST_BRIDGE(s)) < 0) {
-error_setg(errp, "failed to initialize pcie host");
-return;
-}
pci->bus = pci_bus_new(DEVICE(s), "pcie.0",
s->mch.pci_address_space, s->mch.address_space_io,
0, TYPE_PCIE_BUS);
diff --git a/hw/pci/pcie_host.c b/hw/pci/pcie_host.c
index c6e1b57..7c88a1d 100644
--- a/hw/pci/pcie_host.c
+++ b/hw/pci/pcie_host.c
@@ -83,11 +83,11 @@ static const MemoryRegionOps pcie_mmcfg_ops = {
.endianness = DEVICE_NATIVE_ENDIAN,
};
-int pcie_host_init(PCIExpressHost *e)
+static void pcie_host_init(Object *obj)
{
-e->base_addr = PCIE_BASE_ADDR_UNMAPPED;
+PCIExpressHost *e = PCIE_HOST_BRIDGE(obj);
-return 0;
+e->base_addr = PCIE_BASE_ADDR_UNMAPPED;
}
void pcie_host_mmcfg_unmap(PCIExpressHost *e)
@@ -128,6 +128,7 @@ static const TypeInfo pcie_host_type_info = {
.parent = TYPE_PCI_HOST_BRIDGE,
.abstract = true,
.instance_size = sizeof(PCIExpressHost),
+.instance_init = pcie_host_init,
};
static void pcie_host_register_types(void)
diff --git a/include/hw/pci/pcie_host.h b/include/hw/pci/pcie_host.h
index acca45e..ff44ef6 100644
--- a/include/hw/pci/pcie_host.h
+++ b/include/hw/pci/pcie_host.h
@@ -49,7 +49,6 @@ struct PCIExpressHost {
MemoryRegion mmio;
};
-int pcie_host_init(PCIExpressHost *e);
void pcie_host_mmcfg_unmap(PCIExpressHost *e);
void pcie_host_mmcfg_map(PCIExpressHost *e, hwaddr addr, uint32_t size);
void pcie_host_mmcfg_update(PCIExpressHost *e,
--
1.8.4.5
Re: [Qemu-devel] [PATCH 2/5] qemu-img: Consistently name Error * objects err, and not errp
Am 24.04.2014 um 11:15 hat Markus Armbruster geschrieben:
>
> Signed-off-by: Markus Armbruster
> ---
> qemu-img.c | 12 ++--
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/qemu-img.c b/qemu-img.c
> index 8455994..88124bf 100644
> --- a/qemu-img.c
> +++ b/qemu-img.c
> @@ -442,12 +442,12 @@ fail:
>
> static void dump_json_image_check(ImageCheck *check, bool quiet)
> {
> -Error *errp = NULL;
> +Error *err = NULL;
> QString *str;
> QmpOutputVisitor *ov = qmp_output_visitor_new();
> QObject *obj;
> visit_type_ImageCheck(qmp_output_get_visitor(ov),
> - &check, NULL, &errp);
> + &check, NULL, &err);
> obj = qmp_output_get_qobject(ov);
> str = qobject_to_json_pretty(obj);
> assert(str != NULL);
I'd like to have my bikeshed green: Can we use local_err instead, please?
Kevin
[Qemu-devel] [PATCH 00/10] qtest: Cleanups, more PCI tests
Hello, This series starts with some libqtest cleanups and improvements that I came across debugging occasional make check failures on our Open Build Service. It continues with some more test cases for optional PCI devices. Regards, Andreas Cc: Bruce Rogers Cc: Stefan Hajnoczi Cc: Michael S. Tsirkin Cc: Anthony Liguori Cc: Paolo Bonzini Cc: Peter Maydell Cc: Gerd Hoffmann Andreas Färber (10): MAINTAINERS: Take maintainership for QTest MAINTAINERS: Document I2C libqos qtest: Assure that init_socket()'s listen() does not fail qtest: Add error reporting to socket_accept() qtest: Be paranoid about accept() addrlen argument tests: Add ac97 qtest tests: Add es1370 qtest tests: Add intel-hda qtests tests: Add ioh3420 qtest tests: Add EHCI qtest MAINTAINERS | 20 tests/Makefile| 16 tests/ac97-test.c | 33 + tests/es1370-test.c | 33 + tests/intel-hda-test.c| 45 + tests/ioh3420-test.c | 34 ++ tests/libqtest.c | 8 ++-- tests/usb-hcd-ehci-test.c | 40 8 files changed, 227 insertions(+), 2 deletions(-) create mode 100644 tests/ac97-test.c create mode 100644 tests/es1370-test.c create mode 100644 tests/intel-hda-test.c create mode 100644 tests/ioh3420-test.c create mode 100644 tests/usb-hcd-ehci-test.c -- 1.8.4.5
[Qemu-devel] High dom0 cpu usage using spice
After endless troubles I'm finally approaching to use spice on xen in production in place of vnc+rdp. I have noticed an high dom0 cpu usage by guest's qemu process when spice is used (in particular using video streaming). This is my test system: Dom0: Dell Poweredge T310 with cpu xeon X3450 and 12 gb of ram Debian 7 (Wheezy) 64 bit with kernel from package linux-image-3.2.0-4-amd64 version 3.2.54-2 and all dependency packages for xen, spice and usb redirection. Seabios 1.7.4-4, spice 0.12.4-0nocelt2 and usbredir 0.6-2 compiled from debian unstable sources. Latest xen-unstable with some patches (https://github.com/Fantu/Xen/commits/hvm-improve.t10) with qemu 2.0.0-rc2. jpeg-turbo from x2go repository to make spice-server using it and decrease cpu usage. DomU: windows 7 pro 64 bit with latest gplpv and spice guest tools 0.74 stdvga with 32 mb videoram (qxl for now not working on xen, my latest test report of some months ago was without replies) resolution 1280x768x16bit Spice client: good notebook with core i5 cpu with Fedora 20 updated On start of my tests the dom0 cpu usage was avarage to 60-100% even with only one active guest using spice. Disabling the spice images compression the dom0 cpu usage was up to 30% but with drawback of an increased network traffic, specially during video streaming. Can someone advice me to further keep cpu down and/or other optimizations? Thanks for any reply.
Re: [Qemu-devel] [PATCH for-2.0 v2] tests: Don't run qom-test twice
On 24 April 2014 15:29, Stefan Hajnoczi wrote: > On Mon, Apr 07, 2014 at 04:13:00PM +0200, Andreas Färber wrote: >> Commit 3687d5325 accidentally resulted in running qom-test twice >> for x86_64, once directly via the wildcard, and once because x86_64 >> includes all the i386 qtests (which includes qom-test). >> >> Filter out x86_64 as well as microblazeel and xtensaeb to fix this. >> >> Cc: Peter Maydell >> Signed-off-by: Andreas Färber >> --- >> v1 (PMM) -> v2: >> * Instead of sorting all qtests, leave the order intact and just filter >>the three affected architectures out. >> >> tests/Makefile | 4 +++- >> 1 file changed, 3 insertions(+), 1 deletion(-) > > Didn't make it into 2.0 but... > > Reviewed-by: Stefan Hajnoczi Personally I prefer the "just sort-and-uniquify" approach. This patch introduces an explicit list of architectures which need to be special case, which means that if we ever add a future arch variant which also needs this special casing we need to update the list. The sort patch doesn't have this requirement -- it will just work for both this and for any other reason why we might end up with a test in the list multiple times. thanks -- PMM
Re: [Qemu-devel] [PATCH for-2.0 v2] tests: Don't run qom-test twice
Am 24.04.2014 16:34, schrieb Peter Maydell: > On 24 April 2014 15:29, Stefan Hajnoczi wrote: >> On Mon, Apr 07, 2014 at 04:13:00PM +0200, Andreas Färber wrote: >>> Commit 3687d5325 accidentally resulted in running qom-test twice >>> for x86_64, once directly via the wildcard, and once because x86_64 >>> includes all the i386 qtests (which includes qom-test). >>> >>> Filter out x86_64 as well as microblazeel and xtensaeb to fix this. >>> >>> Cc: Peter Maydell >>> Signed-off-by: Andreas Färber >>> --- >>> v1 (PMM) -> v2: >>> * Instead of sorting all qtests, leave the order intact and just filter >>>the three affected architectures out. >>> >>> tests/Makefile | 4 +++- >>> 1 file changed, 3 insertions(+), 1 deletion(-) >> >> Didn't make it into 2.0 but... >> >> Reviewed-by: Stefan Hajnoczi > > Personally I prefer the "just sort-and-uniquify" > approach. This patch introduces an explicit list of > architectures which need to be special case, which > means that if we ever add a future arch variant which > also needs this special casing we need to update the > list. The sort patch doesn't have this requirement -- > it will just work for both this and for any other > reason why we might end up with a test in the list > multiple times. Your dislike is why I didn't apply it for 2.0. However, a) the inheritance of tests for these three architectures is already an explicit statement in the Makefile and more severely b) by sorting the list, tests newly added get lost in the gcov stdout chatter (leading to even less verification of correctness) and we cannot sensibly order tests to first cover, say, PCI host bridge and then PCI devices depending on it. I already asked you for an alternative way of automatically stripping duplicates without changing their order, to no avail. What about defining some macro to replace the old hand-coded "reuse tests" bits and automatically put that arch into an exclusion list? If someone does add a test twice then I'd rather catch and fix that. Alternatively a) would be nicely solvable by being able to run tests individually rather than just at check-qtest-$arch granularity. No clue about that part of the gtester/Makefile infrastructure really; there's also a patch from Stefan that didn't make it into 2.0 due to me wondering whether it is the right thing to do or not: http://patchwork.ozlabs.org/patch/329820/ (The obvious issue being that it drops the architecture.) Regards, Andreas -- SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
[Qemu-devel] [PATCH 08/10] tests: Add intel-hda qtests
Test both the ich6 and the ich9 version (cf. q35 config) and all the
codecs.
Cc: Gerd Hoffmann
Signed-off-by: Andreas Färber
---
MAINTAINERS| 1 +
tests/Makefile | 3 +++
tests/intel-hda-test.c | 45 +
3 files changed, 49 insertions(+)
create mode 100644 tests/intel-hda-test.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 204089f..8882c31 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -668,6 +668,7 @@ F: audio/
F: hw/audio/
F: tests/ac97-test.c
F: tests/es1370-test.c
+F: tests/intel-hda-test.c
Block
M: Kevin Wolf
diff --git a/tests/Makefile b/tests/Makefile
index af63064..80f276f 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -117,6 +117,8 @@ check-qtest-pci-y += tests/tpci200-test$(EXESUF)
gcov-files-pci-y += hw/ipack/tpci200.c
check-qtest-pci-y += $(check-qtest-ipack-y)
gcov-files-pci-y += $(gcov-files-ipack-y)
+check-qtest-pci-y += tests/intel-hda-test$(EXESUF)
+gcov-files-pci-y += hw/audio/intel-hda.c hw/audio/hda-codec.c
check-qtest-i386-y = tests/endianness-test$(EXESUF)
check-qtest-i386-y += tests/fdc-test$(EXESUF)
@@ -293,6 +295,7 @@ tests/pvpanic-test$(EXESUF): tests/pvpanic-test.o
tests/i82801b11-test$(EXESUF): tests/i82801b11-test.o
tests/ac97-test$(EXESUF): tests/ac97-test.o
tests/es1370-test$(EXESUF): tests/es1370-test.o
+tests/intel-hda-test$(EXESUF): tests/intel-hda-test.o
tests/qemu-iotests/socket_scm_helper$(EXESUF):
tests/qemu-iotests/socket_scm_helper.o
# QTest rules
diff --git a/tests/intel-hda-test.c b/tests/intel-hda-test.c
new file mode 100644
index 000..d89b407
--- /dev/null
+++ b/tests/intel-hda-test.c
@@ -0,0 +1,45 @@
+/*
+ * QTest testcase for Intel HDA
+ *
+ * Copyright (c) 2014 SUSE LINUX Products GmbH
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include
+#include
+#include "libqtest.h"
+#include "qemu/osdep.h"
+
+#define HDA_ID "hda0"
+#define CODEC_DEVICES " -device hda-output,bus=" HDA_ID ".0" \
+ " -device hda-micro,bus=" HDA_ID ".0" \
+ " -device hda-duplex,bus=" HDA_ID ".0"
+
+/* Tests only initialization so far. TODO: Replace with functional tests */
+static void ich6_test(void)
+{
+qtest_start("-device intel-hda,id=" HDA_ID CODEC_DEVICES);
+qtest_end();
+}
+
+static void ich9_test(void)
+{
+qtest_start("-machine q35 -device ich9-intel-hda,bus=pcie.0,addr=1b.0,id="
+HDA_ID CODEC_DEVICES);
+qtest_end();
+}
+
+int main(int argc, char **argv)
+{
+int ret;
+
+g_test_init(&argc, &argv, NULL);
+qtest_add_func("/intel-hda/ich6", ich6_test);
+qtest_add_func("/intel-hda/ich9", ich9_test);
+
+ret = g_test_run();
+
+return ret;
+}
--
1.8.4.5
Re: [Qemu-devel] [PATCH v25 00/31] replace QEMUOptionParameter with QemuOpts
On Mon, Apr 21, 2014 at 02:44:36PM +0800, Chunyan Liu wrote: > Hi, Eric, Stefan, Leandro, > > Could you have a look at the new version? > https://lists.gnu.org/archive/html/qemu-devel/2014-04/msg01759.html > > This work lasts for a very long time, hope it could be ended soon :) Yes, I will look at it on Friday 24th of April. Stefan
Re: [Qemu-devel] [PATCH] MAINTAINERS: Add qemu-img/io to block subsystem
On Thu, Apr 24, 2014 at 11:53:39AM +0200, Kevin Wolf wrote: > qemu-img and qemu-io were not covered by any MAINTAINERS entry so far. > > Reported-by: Markus Armbruster > Signed-off-by: Kevin Wolf > --- > MAINTAINERS | 2 ++ > 1 file changed, 2 insertions(+) Thanks, applied to my block tree: https://github.com/stefanha/qemu/commits/block Stefan
Re: [Qemu-devel] [PULL v2 2/2] usb: mtp filesharing
Hi,
For this review, I grabbed the MTP 1.1 spec from USB.org. There are some
issues which are noted below.
On Wednesday 23 April 2014 10:31:01 Gerd Hoffmann wrote:
> Implementation of a USB Media Transfer Device device for easy
> filesharing. Read-only. No access control inside qemu, it will
> happily export any file it is able to open to the guest, i.e.
> standard unix access rights for the qemu process apply.
>
> Signed-off-by: Gerd Hoffmann
> ---
> default-configs/usb.mak |1 +
> hw/usb/Makefile.objs|4 +
> hw/usb/dev-mtp.c| 1103
> +++
> trace-events| 21 +
> 4 files changed, 1129 insertions(+)
> create mode 100644 hw/usb/dev-mtp.c
> +/* --- */
> +
> +static MTPObject *usb_mtp_object_alloc(MTPState *s, uint32_t handle,
> + MTPObject *parent, char *name)
> +{
> +MTPObject *o = g_new0(MTPObject, 1);
> +
> +if (name[0] == '.') {
> +goto ignore;
> +}
> +
> +o->handle = handle;
> +o->parent = parent;
> +o->name = g_strdup(name);
> +o->nchildren = -1;
> +if (parent == NULL) {
> +o->path = g_strdup(name);
> +} else {
> +o->path = g_strdup_printf("%s/%s", parent->path, name);
> +}
> +
> +if (lstat(o->path, &o->stat) != 0) {
> +goto ignore;
> +}
> +if (S_ISREG(o->stat.st_mode)) {
> +o->format = FMT_UNDEFINED_OBJECT;
> +} else if (S_ISDIR(o->stat.st_mode)) {
> +o->format = FMT_ASSOCIATION;
> +} else {
> +goto ignore;
> +}
> +
> +if (access(o->path, R_OK) != 0) {
> +goto ignore;
> +}
> +
> +fprintf(stderr, "%s: 0x%x %s\n", __func__, o->handle, o->path);
Debugging left-over?
> +QTAILQ_INSERT_TAIL(&s->objects, o, next);
> +return o;
> +
> +ignore:
> +g_free(o->name);
> +g_free(o->path);
> +g_free(o);
> +return NULL;
> +}
> +
> +static void usb_mtp_object_free(MTPState *s, MTPObject *o)
> +{
> +int i;
> +
> +fprintf(stderr, "%s: 0x%x %s\n", __func__, o->handle, o->path);
Debugging left-over #2?
> +QTAILQ_REMOVE(&s->objects, o, next);
> +for (i = 0; i < o->nchildren; i++) {
> +usb_mtp_object_free(s, o->children[i]);
> +}
> +g_free(o->children);
> +g_free(o->name);
> +g_free(o->path);
> +g_free(o);
> +}
> +
> +static void usb_mtp_add_u8(MTPData *data, uint8_t val)
> +{
> +usb_mtp_realloc(data, 1);
> +data->data[data->length++] = val;
> +}
> +
> +static void usb_mtp_add_u16(MTPData *data, uint16_t val)
> +{
> +usb_mtp_realloc(data, 2);
> +data->data[data->length++] = (val >> 0) & 0xff;
> +data->data[data->length++] = (val >> 8) & 0xff;
> +}
> +
> +static void usb_mtp_add_u32(MTPData *data, uint32_t val)
> +{
> +usb_mtp_realloc(data, 4);
> +data->data[data->length++] = (val >> 0) & 0xff;
> +data->data[data->length++] = (val >> 8) & 0xff;
> +data->data[data->length++] = (val >> 16) & 0xff;
> +data->data[data->length++] = (val >> 24) & 0xff;
> +}
> +
> +static void usb_mtp_add_u64(MTPData *data, uint64_t val)
> +{
> +usb_mtp_realloc(data, 4);
usb_mtp_realloc(data, 8);
> +data->data[data->length++] = (val >> 0) & 0xff;
> +data->data[data->length++] = (val >> 8) & 0xff;
> +data->data[data->length++] = (val >> 16) & 0xff;
> +data->data[data->length++] = (val >> 24) & 0xff;
> +data->data[data->length++] = (val >> 32) & 0xff;
> +data->data[data->length++] = (val >> 40) & 0xff;
> +data->data[data->length++] = (val >> 48) & 0xff;
> +data->data[data->length++] = (val >> 54) & 0xff;
48 + 8 = 56. What about a loop instead?
> +}
> +
> +/* --- */
> +
> +static MTPData *usb_mtp_get_device_info(MTPState *s, MTPControl *c)
> +{
> +static const uint16_t ops[] = {
> +CMD_GET_DEVICE_INFO,
> +CMD_OPEN_SESSION,
> +CMD_CLOSE_SESSION,
> +CMD_GET_STORAGE_IDS,
> +CMD_GET_STORAGE_INFO,
> +CMD_GET_NUM_OBJECTS,
> +CMD_GET_OBJECT_HANDLES,
> +CMD_GET_OBJECT_INFO,
> +CMD_GET_OBJECT,
> +CMD_GET_PARTIAL_OBJECT,
> +};
> +static const uint16_t fmt[] = {
> +FMT_UNDEFINED_OBJECT,
> +FMT_ASSOCIATION,
> +};
> +MTPData *d = usb_mtp_data_alloc(c);
> +
> +trace_usb_mtp_op_get_device_info(s->dev.addr);
> +
> +usb_mtp_add_u16(d, 0x0100);
Sect. 5.1.1.1 says:
"This identifies the PTP version this device can support in
hundredths. For MTP devices implemented under this specification,
this shall contain the value 100 (representing 1.00)."
Is it an error in the spec (missing 0x) or should the value here really
be 0x0100 instead of 0x0064?
> +usb_mtp_add_u32(d, 0x);
> +usb_mtp_add_u16(d, 0x0101);
> +usb_mtp_add_wstr(d, L"");
> +usb_mtp_add_u16(d, 0x000
Re: [Qemu-devel] [PATCH] ps2: set ps/2 output buffer size as the same as kernel
> Hi, > > > Move the check into ps2_mouse_send_packet() is not a good idea. > > In that case, we cannot break the for loop except we change the return value > > of ps2_mouse_send_packet(). > > Changing the return value is fine IMO. > OK. Change it in v3. Could you review the v2 about other code parts ? Thanks. Best regards, -Gonglei
[Qemu-devel] [PATCH 3/5] nbd: Use return values instead of error_is_set(errp)
Using error_is_set(errp) to check whether a function call failed is
fragile: it breaks when errp is null. Check perfectly suitable return
values instead when possible. errp can't be null there now, but this
is more robust and more obviously correct
Signed-off-by: Markus Armbruster
---
block/nbd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block/nbd.c b/block/nbd.c
index 5512423..613f258 100644
--- a/block/nbd.c
+++ b/block/nbd.c
@@ -175,7 +175,7 @@ static void nbd_parse_filename(const char *filename, QDict
*options,
InetSocketAddress *addr = NULL;
addr = inet_parse(host_spec, errp);
-if (error_is_set(errp)) {
+if (!addr) {
goto out;
}
--
1.8.1.4
[Qemu-devel] [PATCH v2 07/13] tcg-sparc: Implement muls2_i32
Using the 32-bit SMUL is a tad more efficient than
resorting to extending and using the 64-bit MULX.
Signed-off-by: Richard Henderson
---
tcg/sparc/tcg-target.c | 18 +++---
tcg/sparc/tcg-target.h | 2 +-
2 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/tcg/sparc/tcg-target.c b/tcg/sparc/tcg-target.c
index b4a15af..5ae80c2 100644
--- a/tcg/sparc/tcg-target.c
+++ b/tcg/sparc/tcg-target.c
@@ -200,6 +200,7 @@ static const int tcg_target_call_oarg_regs[] = {
#define ARITH_ADDX (INSN_OP(2) | INSN_OP3(0x08))
#define ARITH_SUBX (INSN_OP(2) | INSN_OP3(0x0c))
#define ARITH_UMUL (INSN_OP(2) | INSN_OP3(0x0a))
+#define ARITH_SMUL (INSN_OP(2) | INSN_OP3(0x0b))
#define ARITH_UDIV (INSN_OP(2) | INSN_OP3(0x0e))
#define ARITH_SDIV (INSN_OP(2) | INSN_OP3(0x0f))
#define ARITH_MULX (INSN_OP(2) | INSN_OP3(0x09))
@@ -1290,9 +1291,19 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc, const TCGArg *args,
ARITH_SUBCC, ARITH_SUBX);
break;
case INDEX_op_mulu2_i32:
-tcg_out_arithc(s, args[0], args[2], args[3], const_args[3],
- ARITH_UMUL);
-tcg_out_rdy(s, args[1]);
+c = ARITH_UMUL;
+goto do_mul2;
+case INDEX_op_muls2_i32:
+c = ARITH_SMUL;
+do_mul2:
+/* The 32-bit multiply insns produce a full 64-bit result. If the
+ destination register can hold it, we can avoid the slower RDY. */
+tcg_out_arithc(s, args[0], args[2], args[3], const_args[3], c);
+if (SPARC64 || args[0] <= TCG_REG_O7) {
+tcg_out_arithi(s, args[1], args[0], 32, SHIFT_SRLX);
+} else {
+tcg_out_rdy(s, args[1]);
+}
break;
case INDEX_op_qemu_ld_i32:
@@ -1424,6 +1435,7 @@ static const TCGTargetOpDef sparc_op_defs[] = {
{ INDEX_op_add2_i32, { "r", "r", "rZ", "rZ", "rJ", "rJ" } },
{ INDEX_op_sub2_i32, { "r", "r", "rZ", "rZ", "rJ", "rJ" } },
{ INDEX_op_mulu2_i32, { "r", "r", "rZ", "rJ" } },
+{ INDEX_op_muls2_i32, { "r", "r", "rZ", "rJ" } },
{ INDEX_op_mov_i64, { "R", "R" } },
{ INDEX_op_movi_i64, { "R" } },
diff --git a/tcg/sparc/tcg-target.h b/tcg/sparc/tcg-target.h
index 8ce85f8..3a903db 100644
--- a/tcg/sparc/tcg-target.h
+++ b/tcg/sparc/tcg-target.h
@@ -106,7 +106,7 @@ typedef enum {
#define TCG_TARGET_HAS_add2_i32 1
#define TCG_TARGET_HAS_sub2_i32 1
#define TCG_TARGET_HAS_mulu2_i321
-#define TCG_TARGET_HAS_muls2_i320
+#define TCG_TARGET_HAS_muls2_i321
#define TCG_TARGET_HAS_muluh_i320
#define TCG_TARGET_HAS_mulsh_i320
--
1.9.0
Re: [Qemu-devel] [PATCH 1/3] s390x: empty function stubs in preparation for __KVM_HAVE_GUEST_DEBUG
On Thu, 24 Apr 2014 16:56:02 +0200 Christian Borntraeger wrote: > On 24/04/14 10:51, Jens Freimann wrote: > > From: David Hildenbrand > > > > This patch creates empty function stubs (used by the gdbserver) in > > preparation > > for the hw debugging support by kvm on s390, which will enable the > > __KVM_HAVE_GUEST_DEBUG define in the linux headers and require these > > methods on > > the qemu side. > > > > Signed-off-by: David Hildenbrand > > Signed-off-by: Jens Freimann > > Reviewed-by: Cornelia Huck > Acked-by: Christian Borntraeger > > > Conny, can you take that patch in your next pull request? Otherwise > qemu will fail to build as soon as somebody does a headersync from kvm/queue. Yup, will send this + the two onereg patches. > > > > Cc: qemu-sta...@nongnu.org > > --- > > target-s390x/kvm.c | 28 > > 1 file changed, 28 insertions(+)
[Qemu-devel] [PATCH 2/3] s390x/helper: Fixed real-to-absolute address translation
From: Thomas Huth
The real-to-absolute address translation in mmu_translate() was
missing the second part for translating the page at the prefix
address back to the 0 page. And while we're at it, also moved the
code into a separate helper function since this might come in
handy for other parts of the code, too.
Signed-off-by: Thomas Huth
Reviewed-by: David Hildenbrand
Signed-off-by: Jens Freimann
---
target-s390x/helper.c | 18 +++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/target-s390x/helper.c b/target-s390x/helper.c
index aa628b8..ddf268e 100644
--- a/target-s390x/helper.c
+++ b/target-s390x/helper.c
@@ -170,6 +170,20 @@ static void trigger_page_fault(CPUS390XState *env,
target_ulong vaddr,
trigger_pgm_exception(env, type, ilen);
}
+/**
+ * Translate real address to absolute (= physical)
+ * address by taking care of the prefix mapping.
+ */
+static target_ulong mmu_real2abs(CPUS390XState *env, target_ulong raddr)
+{
+if (raddr < 0x2000) {
+return raddr + env->psa;/* Map the lowcore. */
+} else if (raddr >= env->psa && raddr < env->psa + 0x2000) {
+return raddr - env->psa;/* Map the 0 page. */
+}
+return raddr;
+}
+
static int mmu_translate_asce(CPUS390XState *env, target_ulong vaddr,
uint64_t asc, uint64_t asce, int level,
target_ulong *raddr, int *flags, int rw)
@@ -363,9 +377,7 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr,
int rw, uint64_t asc,
out:
/* Convert real address -> absolute address */
-if (*raddr < 0x2000) {
-*raddr = *raddr + env->psa;
-}
+*raddr = mmu_real2abs(env, *raddr);
if (*raddr <= ram_size) {
sk = &env->storage_keys[*raddr / TARGET_PAGE_SIZE];
--
1.8.5.5
[Qemu-devel] [PULL 0/2] vga: add secondary stdvga variant
Hi, This series adds a standard vga variant which doesn't occupy any legacy ressources and thus can easily be used as secondary (or legacy-free) graphics adapter. Programming must be done using the MMIO bar. bochsdrm (linux 3.14+) can drive the card. You can use loginctl to attach the second vga to a separate seat. There isn't much you can do with it (yet) due to lack of multi-seat and input routing support in qemu, but I hope we'll make progress here during the 2.1 devel cycle. please pull, Gerd The following changes since commit 2d03b49c3f225994c4b0b46146437d8c887d6774: Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140417-1' into staging (2014-04-17 21:37:26 +0100) are available in the git repository at: git://git.kraxel.org/qemu tags/pull-vga-1 for you to fetch changes up to b3a28e2705da291aa2ac47bcd1a70d9dd9ea8e15: vga: add secondary stdvga variant (2014-04-22 12:41:00 +0200) vga: add secondary stdvga variant Gerd Hoffmann (2): vga: allow non-global vmstate vga: add secondary stdvga variant docs/specs/standard-vga.txt | 13 +++--- hw/display/cirrus_vga.c | 4 +-- hw/display/qxl.c| 2 +- hw/display/vga-isa-mm.c | 2 +- hw/display/vga-isa.c| 2 +- hw/display/vga-pci.c| 63 - hw/display/vga.c| 8 -- hw/display/vga_int.h| 2 +- hw/display/vmware_vga.c | 2 +- 9 files changed, 85 insertions(+), 13 deletions(-)
Re: [Qemu-devel] [PATCH v2 1/4] acpi/pcihp.c: Rewrite acpi_pcihp_get_bsel using object_property_get_int
On Thu, Apr 24, 2014 at 06:15:56PM +0400, Kirill Batuzov wrote:
> acpi_pcihp_get_bsel implements functionality of object_property_get_int for
> specific property named ACPI_PCIHP_PROP_BSEL, but fails to decrement object's
> reference counter properly. Rewriting it using generic object_property_get_int
> serves two purposes: reducing code duplication and fixing memory leak.
>
> Signed-off-by: Kirill Batuzov
Reviewed-by: Michael S. Tsirkin
which tree would you like to merge this through? mine?
> ---
> hw/acpi/pcihp.c | 18 ++
> 1 file changed, 10 insertions(+), 8 deletions(-)
>
> v1 -> v2:
> Keep acpi_pcihp_get_bsel, but rewrite it using object_property_get_int and
> validate returned value.
>
> diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
> index f80c480..3b143b3 100644
> --- a/hw/acpi/pcihp.c
> +++ b/hw/acpi/pcihp.c
> @@ -63,16 +63,18 @@ typedef struct AcpiPciHpFind {
>
> static int acpi_pcihp_get_bsel(PCIBus *bus)
> {
> -QObject *o = object_property_get_qobject(OBJECT(bus),
> - ACPI_PCIHP_PROP_BSEL, NULL);
> -int64_t bsel = -1;
> -if (o) {
> -bsel = qint_get_int(qobject_to_qint(o));
> -}
> -if (bsel < 0) {
> +Error *local_err = NULL;
> +int64_t bsel = object_property_get_int(OBJECT(bus), ACPI_PCIHP_PROP_BSEL,
> + &local_err);
> +
> +if (local_err || bsel < 0 || bsel >= ACPI_PCIHP_MAX_HOTPLUG_BUS) {
> +if (local_err) {
> +error_free(local_err);
> +}
> return -1;
> +} else {
> +return bsel;
> }
> -return bsel;
> }
>
> static void acpi_pcihp_test_hotplug_bus(PCIBus *bus, void *opaque)
> --
> 1.7.10.4
[Qemu-devel] [PATCH 2/5] gtk: Fix monitor greeting
The monitor greeting is line wrapped like:
QEMU 1.6.1 m
onitor - typ
e 'help' for
more inform
ation
(qemu)
Apparently requesting the vte terminal size isn't sufficient, we need
to force a size_request so text doesn't line wrap. We use slightly
different APIs for gtk3, since on 3.10 the size_request trick doesn't
seem to work.
Rather than duplicate the size request logic on tab change, just
hide/unhide the terminal widget when we switch tabs. This ensures that
the initial terminal size request doesn't restrict the minimum size of
the graphical window.
Signed-off-by: Cole Robinson
---
ui/gtk.c | 34 +++---
1 file changed, 23 insertions(+), 11 deletions(-)
diff --git a/ui/gtk.c b/ui/gtk.c
index ab630bc..816ef15 100644
--- a/ui/gtk.c
+++ b/ui/gtk.c
@@ -1098,8 +1098,8 @@ static void gd_change_page(GtkNotebook *nb, gpointer
arg1, guint arg2,
last_page = gtk_notebook_get_current_page(nb);
-if (last_page) {
-gtk_widget_set_size_request(s->vc[last_page - 1].terminal, -1, -1);
+if (last_page && s->vc[last_page - 1].terminal) {
+gtk_widget_hide(s->vc[last_page - 1].terminal);
}
on_vga = arg2 == 0;
@@ -1117,14 +1117,9 @@ static void gd_change_page(GtkNotebook *nb, gpointer
arg1, guint arg2,
} else {
#if defined(CONFIG_VTE)
VirtualConsole *vc = &s->vc[arg2 - 1];
-VteTerminal *term = VTE_TERMINAL(vc->terminal);
-int width, height;
-
-width = 80 * vte_terminal_get_char_width(term);
-height = 25 * vte_terminal_get_char_height(term);
-
-gtk_check_menu_item_set_active(GTK_CHECK_MENU_ITEM(vc->menu_item),
TRUE);
-gtk_widget_set_size_request(vc->terminal, width, height);
+gtk_widget_show(vc->terminal);
+gtk_check_menu_item_set_active(GTK_CHECK_MENU_ITEM(vc->menu_item),
+ TRUE);
#else
g_assert_not_reached();
#endif
@@ -1230,6 +1225,7 @@ static GSList *gd_vc_init(GtkDisplayState *s,
VirtualConsole *vc, int index, GSL
GtkWidget *scrolled_window;
GtkAdjustment *vadjustment;
int master_fd, slave_fd;
+int width, height;
snprintf(buffer, sizeof(buffer), "vc%d", index);
snprintf(path, sizeof(path), "/View/VC%d", index);
@@ -1270,7 +1266,16 @@ static GSList *gd_vc_init(GtkDisplayState *s,
VirtualConsole *vc, int index, GSL
scrolled_window = gtk_scrolled_window_new(NULL, vadjustment);
gtk_container_add(GTK_CONTAINER(scrolled_window), vc->terminal);
-vte_terminal_set_size(VTE_TERMINAL(vc->terminal), 80, 25);
+width = 80 * vte_terminal_get_char_width(VTE_TERMINAL(vc->terminal));
+height = 25 * vte_terminal_get_char_height(VTE_TERMINAL(vc->terminal));
+#if GTK_CHECK_VERSION(3, 0, 0)
+gtk_scrolled_window_set_min_content_width(
+GTK_SCROLLED_WINDOW(scrolled_window), width);
+gtk_scrolled_window_set_min_content_height(
+GTK_SCROLLED_WINDOW(scrolled_window), height);
+#else
+gtk_widget_set_size_request(vc->terminal, width, height);
+#endif
vc->fd = slave_fd;
vc->chr->opaque = vc;
@@ -1514,6 +1519,7 @@ void gtk_display_init(DisplayState *ds, bool full_screen,
bool grab_on_hover)
{
GtkDisplayState *s = g_malloc0(sizeof(*s));
char *filename;
+int i;
gtk_init(NULL, NULL);
@@ -1586,6 +1592,12 @@ void gtk_display_init(DisplayState *ds, bool
full_screen, bool grab_on_hover)
gtk_widget_show_all(s->window);
+for (i = 0; i < s->nb_vcs; i++) {
+if (s->vc[i].terminal) {
+gtk_widget_hide(s->vc[i].terminal);
+}
+}
+
if (full_screen) {
gtk_menu_item_activate(GTK_MENU_ITEM(s->full_screen_item));
}
--
1.9.0
[Qemu-devel] [PATCH 4/5] blockdev: Clean up fragile use of error_is_set()
Using error_is_set(ERRP) to find out whether a function failed is
either wrong, fragile, or unnecessarily opaque. It's wrong when ERRP
may be null, because errors go undetected when it is. It's fragile
when proving ERRP non-null involves a non-local argument. Else, it's
unnecessarily opaque (see commit 84d18f0).
The error_is_set(errp) in internal_snapshot_prepare() is merely
fragile, because the caller never passes a null errp argument.
Make the code more robust and more obviously correct: receive the
error in a local variable, then propagate it through the parameter.
Signed-off-by: Markus Armbruster
---
blockdev.c | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/blockdev.c b/blockdev.c
index 5dd01ea..da358a6 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1116,6 +1116,7 @@ typedef struct InternalSnapshotState {
static void internal_snapshot_prepare(BlkTransactionState *common,
Error **errp)
{
+Error *local_err = NULL;
const char *device;
const char *name;
BlockDriverState *bs;
@@ -1164,8 +1165,10 @@ static void
internal_snapshot_prepare(BlkTransactionState *common,
}
/* check whether a snapshot with name exist */
-ret = bdrv_snapshot_find_by_id_and_name(bs, NULL, name, &old_sn, errp);
-if (error_is_set(errp)) {
+ret = bdrv_snapshot_find_by_id_and_name(bs, NULL, name, &old_sn,
+&local_err);
+if (local_err) {
+error_propagate(errp, local_err);
return;
} else if (ret) {
error_setg(errp,
--
1.8.1.4
[Qemu-devel] [PATCH] monitor: fix qmp_getfd() fd leak in error case
qemu_chr_fe_get_msgfd() transfers ownership of the file descriptor to
the caller. Therefore all code paths in qmp_getfd() should either
register the file descriptor somewhere or close it.
Signed-off-by: Stefan Hajnoczi
---
monitor.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/monitor.c b/monitor.c
index 342e83b..7506ff5 100644
--- a/monitor.c
+++ b/monitor.c
@@ -2254,6 +2254,7 @@ void qmp_getfd(const char *fdname, Error **errp)
}
if (qemu_isdigit(fdname[0])) {
+close(fd);
error_set(errp, QERR_INVALID_PARAMETER_VALUE, "fdname",
"a name not starting with a digit");
return;
--
1.9.0
Re: [Qemu-devel] Cannot boot my VM image after switching to ahci.
I assume Windows 7 or newer? In order to speed boot time, Windows will remove the AHCI driver from the critical driver database when you boot with no AHCI controller on the bus. If you later want to switch to AHCI mode, you have to boot with IDE again, and re-add the AHCI driver, reboot, and then reboot again with QEMU AHCI enabled. To do this on Windows 7, set HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\msahci\Start to 0 To do this on Windows 8, delete the entire StartOverride key under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\storahci Good luck. On 04/23/2014 04:33 PM, Alex Davis wrote: I currently run my QEMU VM using the following command: /spare/qemu-1.7.1/bin/qemu-system-x86_64 -soundhw ac97 -sdl -vga std -net nic,macaddr=de:ad:be:ef:89:32 -net user -m 2048 -enable-kvm -drive file="$1",media=disk,if=ide,index=0 -drive file=/dev/sr0,media=cdrom,if=ide,index=1 -boot c -smp 2 I'm trying to run the VM using the following command: /spare/qemu-1.7.1/bin/qemu-system-x86_64 \ -machine type=q35,accel=kvm \ -acpitable file=/spare/qemu-1.7.1/share/qemu/q35-acpi-dsdt.aml \ -soundhw ac97 \ -sdl -vga std \ -net nic,macaddr=de:ad:be:ef:89:32 \ -net user \ -m 2G -enable-kvm \ -device ahci,id=ahci0 \ -drive file=win7.img,if=none,id=drive-sata0-0-0,index=0,media=disk \ -drive file=/dev/sr0,if=none,id=drive-sata0-0-1,index=1,media=cdrom \ -device ide-drive,bus=ahci0.0,unit=0,drive=drive-sata0-0-0,id=drive-sata0-0-0 \ -device ide-cd,bus=ahci0.1,unit=0,drive=drive-sata0-0-1,id=drive-sata0-0-1 \ -boot menu=on -smp 2 -monitor stdio I get 0x0007B unable to find boot device. I can boot into rescue mode and start a command prompt: the 'disk' and 'cdrom' are seen as d: and e:, instead of c: and d:. Any suggestions? I code, therefore I am
[Qemu-devel] [PATCH 1/3] s390x: empty function stubs in preparation for __KVM_HAVE_GUEST_DEBUG
From: David Hildenbrand
This patch creates empty function stubs (used by the gdbserver) in preparation
for the hw debugging support by kvm on s390, which will enable the
__KVM_HAVE_GUEST_DEBUG define in the linux headers and require these methods on
the qemu side.
Signed-off-by: David Hildenbrand
Signed-off-by: Jens Freimann
Reviewed-by: Cornelia Huck
Cc: qemu-sta...@nongnu.org
---
target-s390x/kvm.c | 28
1 file changed, 28 insertions(+)
diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index 56b9af7..2b2dcdc 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -383,6 +383,26 @@ int kvm_arch_remove_sw_breakpoint(CPUState *cs, struct
kvm_sw_breakpoint *bp)
return 0;
}
+int kvm_arch_insert_hw_breakpoint(target_ulong addr,
+ target_ulong len, int type)
+{
+return -ENOSYS;
+}
+
+int kvm_arch_remove_hw_breakpoint(target_ulong addr,
+ target_ulong len, int type)
+{
+return -ENOSYS;
+}
+
+void kvm_arch_remove_all_hw_breakpoints(void)
+{
+}
+
+void kvm_arch_update_guest_debug(CPUState *cpu, struct kvm_guest_debug *dbg)
+{
+}
+
void kvm_arch_pre_run(CPUState *cpu, struct kvm_run *run)
{
}
@@ -844,6 +864,11 @@ static int handle_tsch(S390CPU *cpu)
return ret;
}
+static int kvm_arch_handle_debug_exit(S390CPU *cpu)
+{
+return -ENOSYS;
+}
+
int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
{
S390CPU *cpu = S390_CPU(cs);
@@ -859,6 +884,9 @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
case KVM_EXIT_S390_TSCH:
ret = handle_tsch(cpu);
break;
+case KVM_EXIT_DEBUG:
+ret = kvm_arch_handle_debug_exit(cpu);
+break;
default:
fprintf(stderr, "Unknown KVM exit: %d\n", run->exit_reason);
break;
--
1.8.5.5
Re: [Qemu-devel] [PATCH] ivshmem: fix potential OOB r/w access (#2)
On Wed, Apr 23, 2014 at 03:31:36PM +0200, Sebastian Krahmer wrote:
Please put the patch revision number in the tags section of the commit
message. This way git-am(1) automatically strips it when applying the
patch. So:
[PATCH] ivshmem: fix potential OOB r/w access (#2)
should be:
[PATCH v2] ivshmem: fix potential OOB r/w access
The reason for this is to reduce noise in the commit history. Revision
numbers only matter during code review.
> tmp_fd does not leak on error; see following dup() call.
> According to docu g_realloc() may return NULL so we need
> to check that. Passes checkpatch.pl, after also fixing wrong
> ivshmem.c style itself.
These are responses to my review comments. They should not be part of
the commit description. Please place changelogs or comments like this
underneath the '---' line. Again, it's a convention for reducing noise
in the commit history.
Addressing your response:
> tmp_fd does not leak on error; see following dup() call
The existing ivshmem code is broken and leaks the file descriptor.
Please see tcp_get_msgfd(). It transfers ownership of the file
descriptor to the caller.
For more evidence, see the qmp_add_fd() call site.
I just noticed that another caller, qmp_getfd() leaks the fd in an error
code path and am sending a patch to fix that.
Since you are modifying ivshmem, please fix the fd leak in ivshmem and
include a patch in this series.
> According to docu g_realloc() may return NULL so we need to check
> that.
There is only one case where it returns NULL and we cannot reach it.
The documentation says: "n_bytes may be 0, in which case NULL will be
returned". We never pass n_bytes 0 because of the new_min_size <= 0
check added in your patch.
The entire glib memory allocator is designed to abort with a fatal error
if malloc(3)/realloc(3) fail to allocate memory. The documentation
states that here:
"If any call to allocate memory fails, the application is terminated.
This also means that there is no need to check if the call succeeded."
Here is the g_realloc() implementation from glib:
newmem = glib_mem_vtable.realloc (mem, n_bytes);
TRACE (GLIB_MEM_REALLOC((void*) newmem, (void*)mem, (unsigned int) n_bytes,
0));
if (newmem)
return newmem;
g_error ("%s: failed to allocate %"G_GSIZE_FORMAT" bytes",
G_STRLOC, n_bytes);
> diff --git a/hw/misc/ivshmem.c b/hw/misc/ivshmem.c
> index 8d144ba..5c0f116 100644
> --- a/hw/misc/ivshmem.c
> +++ b/hw/misc/ivshmem.c
> @@ -28,6 +28,7 @@
>
> #include
> #include
> +#include
>
> #define PCI_VENDOR_ID_IVSHMEM PCI_VENDOR_ID_REDHAT_QUMRANET
> #define PCI_DEVICE_ID_IVSHMEM 0x1110
> @@ -401,23 +402,41 @@ static void close_guest_eventfds(IVShmemState *s, int
> posn)
>
> /* this function increase the dynamic storage need to store data about other
> * guests */
> -static void increase_dynamic_storage(IVShmemState *s, int new_min_size) {
> +static int increase_dynamic_storage(IVShmemState *s, int new_min_size)
> +{
>
> int j, old_nb_alloc;
>
> +/* check for integer overflow */
> +if (new_min_size >= INT_MAX/sizeof(Peer) - 1 || new_min_size <= 0) {
> +return -1;
> +}
> +
> old_nb_alloc = s->nb_peers;
>
> -while (new_min_size >= s->nb_peers)
> -s->nb_peers = s->nb_peers * 2;
> +/* heap allocators already have good alloc strategies, no need
> + * to re-implement here. +1 because #new_min_size is used as last array
> + * index */
This comment is confusing since it refers to code that is deleted by
your patch. People reading the code will not understand why it mentions
re-implementing heap allocation strategies - the loop will be gone.
Please drop this part of the comment.
Re: [Qemu-devel] [PATCH v2] block: Expose host_* drivers in blockdev-add
On Thu, Apr 24, 2014 at 03:02:39PM +0200, Kevin Wolf wrote: > All the functionality to use the host_device, host_cdrom and host_floppy > drivers is already there, they just need to be added to the schema. > > The block driver names containing underscores are preexisting and cannot > be changed without breaking command line compatibility. > > Signed-off-by: Kevin Wolf > Reviewed-by: Eric Blake > Reviewed-by: Fam Zheng > --- > qapi-schema.json | 8 +++- > 1 file changed, 7 insertions(+), 1 deletion(-) Thanks, applied to my block tree: https://github.com/stefanha/qemu/commits/block Stefan
[Qemu-devel] [PATCH 4/5] gtk: Fix zoom in accelerator
The accelerator was ctrl+shift+'+', but '+' required a shift key already,
so the accelerator didn't trigger. Switch it to ctrl+shift+'='
Signed-off-by: Cole Robinson
---
ui/gtk.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ui/gtk.c b/ui/gtk.c
index 117b0eb..45a61da 100644
--- a/ui/gtk.c
+++ b/ui/gtk.c
@@ -94,7 +94,7 @@ static inline void gdk_drawable_get_size(GdkWindow *w, gint
*ww, gint *wh)
#define GDK_KEY_f GDK_f
#define GDK_KEY_g GDK_g
#define GDK_KEY_q GDK_q
-#define GDK_KEY_plus GDK_plus
+#define GDK_KEY_equal GDK_equal
#define GDK_KEY_minus GDK_minus
#endif
@@ -1399,7 +1399,7 @@ static GtkWidget *gd_create_menu_view(GtkDisplayState *s,
GtkAccelGroup *accel_g
s->zoom_in_item = gtk_menu_item_new_with_mnemonic(_("Zoom _In"));
gtk_menu_item_set_accel_path(GTK_MENU_ITEM(s->zoom_in_item),
"/View/Zoom In");
-gtk_accel_map_add_entry("/View/Zoom In", GDK_KEY_plus,
+gtk_accel_map_add_entry("/View/Zoom In", GDK_KEY_equal,
HOTKEY_MODIFIERS);
gtk_menu_shell_append(GTK_MENU_SHELL(view_menu), s->zoom_in_item);
--
1.9.0
Re: [Qemu-devel] [PATCH microblaze v1 1/1] net: xilinx_axienet.c: Add phy soft reset bit clearing
On Tue, Apr 08, 2014 at 06:52:39PM -0700, Peter Crosthwaite wrote: > From: Nathan Rossi > > Clear the BMCR Reset when writing to registers. > > Signed-off-by: Nathan Rossi > [ PC: > * Trivial style fixes to commit message > ] > Signed-off-by: Peter Crosthwaite > --- > > hw/net/xilinx_axienet.c | 3 +++ > 1 file changed, 3 insertions(+) Will this patch go through Edgar's MicroBlaze tree? Just wanted to check I'm not holding it up :). Stefan
Re: [Qemu-devel] [PATCH for-2.0 v2] tests: Don't run qom-test twice
On Mon, Apr 07, 2014 at 04:13:00PM +0200, Andreas Färber wrote: > Commit 3687d5325 accidentally resulted in running qom-test twice > for x86_64, once directly via the wildcard, and once because x86_64 > includes all the i386 qtests (which includes qom-test). > > Filter out x86_64 as well as microblazeel and xtensaeb to fix this. > > Cc: Peter Maydell > Signed-off-by: Andreas Färber > --- > v1 (PMM) -> v2: > * Instead of sorting all qtests, leave the order intact and just filter >the three affected architectures out. > > tests/Makefile | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) Didn't make it into 2.0 but... Reviewed-by: Stefan Hajnoczi
Re: [Qemu-devel] [PATCH 5/5] iscsi: Don't use error_is_set() to suppress additional errors
Am 24.04.2014 um 11:15 hat Markus Armbruster geschrieben: > Using error_is_set(errp) that way can sweep programming errors under > the carpet when we get called incorrectly with an error set. > > Commit 24d3bd6 added a broken error path to iscsi_do_inquiry(): it > first calls error_setg(), then jumps to the preexisting error label, > where error_setg() gets called again, triggering an assertion failure. > > Commit cbee81f fixed this by guarding the second error_setg() with an > error_is_set(). > > Replace this fix by a simpler and safer one: jump right behind the > second error_setg(). > > Signed-off-by: Markus Armbruster Reviewed-by: Kevin Wolf
[Qemu-devel] [PATCH 1/5] configure: Re-run make if gtkabi/sdlabi is changed
Reconfiguring with a different --with-gtkabi or --with-sdlabi doesn't trigger a remake. Generate an (unused) CONFIG_GTKABI/CONFIG_SDLABI so config-host.h will actually give 'make' something to trigger on. Signed-off-by: Cole Robinson --- configure | 2 ++ 1 file changed, 2 insertions(+) diff --git a/configure b/configure index 57b8c41..8dcbb08 100755 --- a/configure +++ b/configure @@ -4345,6 +4345,7 @@ if test "$modules" = "yes"; then fi if test "$sdl" = "yes" ; then echo "CONFIG_SDL=y" >> $config_host_mak + echo "CONFIG_SDLABI=$sdlabi" >> $config_host_mak echo "SDL_CFLAGS=$sdl_cflags" >> $config_host_mak fi if test "$cocoa" = "yes" ; then @@ -4428,6 +4429,7 @@ fi echo "GLIB_CFLAGS=$glib_cflags" >> $config_host_mak if test "$gtk" = "yes" ; then echo "CONFIG_GTK=y" >> $config_host_mak + echo "CONFIG_GTKABI=$gtkabi" >> $config_host_mak echo "GTK_CFLAGS=$gtk_cflags" >> $config_host_mak fi if test "$vte" = "yes" ; then -- 1.9.0
Re: [Qemu-devel] [ceph-users] qemu + rbd block driver with cache=writeback, is live migration safe ?
>>My recommendation would be to add that bdrv_invalidate() implementation, >>then we can be sure for raw, and get the rest fixed as well. They are a bug tracker about bdrv_invalidate(), closed 2 years ago http://tracker.ceph.com/issues/2467 Can we reopened it ? - Mail original - De: "Kevin Wolf" À: "Josh Durgin" Cc: "Alexandre DERUMIER" , ceph-us...@lists.ceph.com, "qemu-devel" Envoyé: Mardi 22 Avril 2014 11:08:08 Objet: Re: [Qemu-devel] [ceph-users] qemu + rbd block driver with cache=writeback, is live migration safe ? Am 19.04.2014 um 00:33 hat Josh Durgin geschrieben: > On 04/18/2014 10:47 AM, Alexandre DERUMIER wrote: > >Thanks Kevin for for the full explain! > > > >>>cache.writeback=on,cache.direct=off,cache.no-flush=off > > > >I didn't known about the cache options split,thanks. > > > > > >>>rbd does, to my knowledge, not use the kernel page cache, so we're safe > >>>from that part. It does however honour the cache.direct flag when it > >>>decides whether to use its own cache. rbd doesn't implement > >>>bdrv_invalidate_cache() in order to clear that cache when migration > >>>completes. > > > >Maybe some ceph devs could comment about this ? > > That's correct, librbd uses its own in-memory cache instead of > the kernel page cache, and it honors flush requests. Furthermore, > librbd keeps its own metadata synchronized among different > clients via the ceph cluster (this is information like image > size, which rbd snapshots exist, and rbd parent image). > > So as I understand it live migration with raw format images on > rbd is safe even with cache.writeback=true and cache.direct=false > (i.e. cache=writeback) because: > > 1) rbd metadata is synchronized internally > > 2) the source vm has any rbd caches flushed by vm_stop() before > the destination starts > > 3) rbd does not read anything into its cache before the > destination starts > > 4) raw format images have no extra metadata that needs invalidation > > If librbd populated its cache when the disk was opened, the rbd driver > would need to implement bdrv_invalidate(), but since it does not, it's > unnecessary. > > Is this correct Kevin? I'm not sure about 3). The rbd block driver itself may not be reading anything into its cache during bdrv_open (though, what about things like the image size?), but qemu doesn't guarantee that it doesn't read anything from the image before migration completes. I think you may indeed be lucky for raw images, even though wouldn't bet money on it, but if your cache isn't internally kept coherent by librbd, without a bdrv_invalidate() implementation you're almost for sure unsafe with non-raw image formats. My recommendation would be to add that bdrv_invalidate() implementation, then we can be sure for raw, and get the rest fixed as well. Kevin > >>>No, such a QMP command doesn't exist, though it would be possible to > >>>implement (for toggling cache.direct, that is; cache.writeback is guest > >>>visible and can therefore only be toggled by the guest) > > > >yes, that's what I have in mind, toggling cache.direct=on before migration, > >then disable it after the migration. > > > > > > > >- Mail original - > > > >De: "Kevin Wolf" > >À: "Alexandre DERUMIER" > >Cc: "qemu-devel" , ceph-us...@lists.ceph.com > >Envoyé: Mardi 15 Avril 2014 11:36:22 > >Objet: Re: [Qemu-devel] qemu + rbd block driver with cache=writeback, is > >live migration safe ? > > > >Am 12.04.2014 um 17:01 hat Alexandre DERUMIER geschrieben: > >>Hello, > >> > >>I known that qemu live migration with disk with cache=writeback are not > >>safe with storage like nfs,iscsi... > >> > >>Is it also true with rbd ? > > > >First of all, in order to avoid misunderstandings, let's be clear that > >there are three dimensions for the cache configuration of qemu block > >devices. In current versions, they are separately configurable and > >cache=writeback really expands to: > > > >cache.writeback=on,cache.direct=off,cache.no-flush=off > > > >The problematic part of this for live migration is generally not > >cache.writeback being enabled, but cache.direct being disabled. > > > >The reason for that is that the destination host will open the image > >file immediately, because it needs things like the image size to > >correctly initialise the emulated disk devices. Now during the migration > >the source keeps working on the image, so if qemu read some metadata on > >the destination host, that metadata may be stale by the time that the > >migration actually completes. > > > >In order to solve this problem, qemu calls bdrv_invalidate_cache(), > >which throws away everything that is cached in qemu so that it is reread > >from the image. However, this is ineffective if there are other caches > >having stale data, such as the kernel page cache. cache.direct bypasses > >the kernel page cache, so this is why it's important in many cases. > > > >rbd does, to my knowledge, not use the kernel page cache, so we're safe > >from that part. It do
Re: [Qemu-devel] [PATCH 3/3] s390x/helper: Added format control bit to MMU translation
On 24.04.14 17:34, Jens Freimann wrote:
From: Thomas Huth
With the EDAT-1 facility, the MMU translation can stop at the
segment table already, pointing to a 1 MB block.
Signed-off-by: Thomas Huth
Signed-off-by: Jens Freimann
Reviewed-by: David Hildenbrand
---
target-s390x/cpu.h| 4
target-s390x/helper.c | 4
2 files changed, 8 insertions(+)
diff --git a/target-s390x/cpu.h b/target-s390x/cpu.h
index f332d41..686d458 100644
--- a/target-s390x/cpu.h
+++ b/target-s390x/cpu.h
@@ -267,6 +267,9 @@ typedef struct CPUS390XState {
#define FLAG_MASK_64(PSW_MASK_64 >> 32)
#define FLAG_MASK_320x1000
+/* Control register 0 bits */
+#define CR0_EDAT0x0080ULL
+
static inline int cpu_mmu_index (CPUS390XState *env)
{
if (env->psw.mask & PSW_MASK_PSTATE) {
@@ -924,6 +927,7 @@ struct sysib_322 {
#define _REGION_ENTRY_LENGTH0x03 /* region third length
*/
#define _SEGMENT_ENTRY_ORIGIN ~0x7ffULL /* segment table origin */
+#define _SEGMENT_ENTRY_FC 0x400 /* format control
*/
#define _SEGMENT_ENTRY_RO 0x200 /* page protection bit
*/
#define _SEGMENT_ENTRY_INV 0x20 /* invalid segment table entry
*/
diff --git a/target-s390x/helper.c b/target-s390x/helper.c
index aa628b8..89dc6e7 100644
--- a/target-s390x/helper.c
+++ b/target-s390x/helper.c
@@ -217,6 +217,10 @@ static int mmu_translate_asce(CPUS390XState *env,
target_ulong vaddr,
offs = (vaddr >> 17) & 0x3ff8;
break;
case _ASCE_TYPE_SEGMENT:
+if (env && (env->cregs[0] & CR0_EDAT) && (asce & _SEGMENT_ENTRY_FC)) {
+*raddr = (asce & 0xfff0ULL) | (vaddr & 0xf);
+return 0;
+}
This is missing the page flags. I also think we should rather align the
code with the PTE handling somehow. This way it gets pretty confusing to
follow. How about something like this (untested)?
Alex
diff --git a/target-s390x/helper.c b/target-s390x/helper.c
index aa628b8..96c1c66 100644
--- a/target-s390x/helper.c
+++ b/target-s390x/helper.c
@@ -170,6 +170,48 @@ static void trigger_page_fault(CPUS390XState *env,
target_ulong vaddr,
trigger_pgm_exception(env, type, ilen);
}
+static int mmu_translate_pte(CPUS390XState *env, target_ulong vaddr,
+ uint64_t asc, uint64_t asce,
+ target_ulong *raddr, int *flags, int rw)
+{
+if (asce & _PAGE_INVALID) {
+DPRINTF("%s: PTE=0x%" PRIx64 " invalid\n", __func__, asce);
+trigger_page_fault(env, vaddr, PGM_PAGE_TRANS, asc, rw);
+return -1;
+}
+
+if (asce & _PAGE_RO) {
+*flags &= ~PAGE_WRITE;
+}
+
+*raddr = asce & _ASCE_ORIGIN;
+
+PTE_DPRINTF("%s: PTE=0x%" PRIx64 "\n", __func__, asce);
+
+return 0;
+}
+
+static int mmu_translate_segpte(CPUS390XState *env, target_ulong vaddr,
+uint64_t asc, uint64_t asce,
+ target_ulong *raddr, int *flags, int rw)
+{
+if (asce & _SEGMENT_ENTRY_INV) {
+DPRINTF("%s: SEG=0x%" PRIx64 " invalid\n", __func__, asce);
+trigger_page_fault(env, vaddr, PGM_SEGMENT_TRANS, asc, rw);
+return -1;
+}
+
+if (asce & _PAGE_RO) { /* XXX is this correct? */
+*flags &= ~PAGE_WRITE;
+}
+
+*raddr = (asce & 0xfff0ULL) | (vaddr & 0xf);
+
+PTE_DPRINTF("%s: SEG=0x%" PRIx64 "\n", __func__, asce);
+
+return 0;
+}
+
static int mmu_translate_asce(CPUS390XState *env, target_ulong vaddr,
uint64_t asc, uint64_t asce, int level,
target_ulong *raddr, int *flags, int rw)
@@ -229,28 +271,19 @@ static int mmu_translate_asce(CPUS390XState *env,
target_ulong vaddr,
PTE_DPRINTF("%s: 0x%" PRIx64 " + 0x%" PRIx64 " => 0x%016" PRIx64 "\n",
__func__, origin, offs, new_asce);
-if (level != _ASCE_TYPE_SEGMENT) {
+} if (level == _ASCE_TYPE_SEGMENT) {
+/* 4KB page */
+return mmu_translate_pte(env, vaddr, asc, new_asce, raddr,
flags, rw);
+} else if (((level - 4) == _ASCE_TYPE_SEGMENT) &&
+ (env->cregs[0] & CR0_EDAT) &&
+(asce & _SEGMENT_ENTRY_FC)) {
+/* 1MB page */
+return mmu_translate_segpte(env, vaddr, asc, new_asce, raddr,
flags, rw);
+} else {
/* yet another region */
return mmu_translate_asce(env, vaddr, asc, new_asce, level -
4, raddr,
flags, rw);
}
-
-/* PTE */
-if (new_asce & _PAGE_INVALID) {
-DPRINTF("%s: PTE=0x%" PRIx64 " invalid\n", __func__, new_asce);
-trigger_page_fault(env, vaddr, PGM_PAGE_TRANS, asc, rw);
-return -1;
-}
-
-if (new_asce & _PAGE_RO) {
-*flags &= ~PAGE_WRITE;
-}
-
-*raddr = new_asce & _ASCE_ORIGIN;
-
-PTE_DPRINTF("%s
[Qemu-devel] [PATCH v2 08/13] tcg-sparc: Tidy check_fit_* tests
Use sextract instead of raw bit shifting for the tests. Introduce
a new check_fit_ptr macro to make it clear we're looking at pointers.
Signed-off-by: Richard Henderson
---
tcg/sparc/tcg-target.c | 35 ---
1 file changed, 20 insertions(+), 15 deletions(-)
diff --git a/tcg/sparc/tcg-target.c b/tcg/sparc/tcg-target.c
index 5ae80c2..af9673f 100644
--- a/tcg/sparc/tcg-target.c
+++ b/tcg/sparc/tcg-target.c
@@ -262,17 +262,23 @@ static const int tcg_target_call_oarg_regs[] = {
#define STW_LE (STWA | INSN_ASI(ASI_PRIMARY_LITTLE))
#define STX_LE (STXA | INSN_ASI(ASI_PRIMARY_LITTLE))
-static inline int check_fit_tl(tcg_target_long val, unsigned int bits)
+static inline int check_fit_i64(int64_t val, unsigned int bits)
{
-return (val << ((sizeof(tcg_target_long) * 8 - bits))
->> (sizeof(tcg_target_long) * 8 - bits)) == val;
+return val == sextract64(val, 0, bits);
}
-static inline int check_fit_i32(uint32_t val, unsigned int bits)
+static inline int check_fit_i32(int32_t val, unsigned int bits)
{
-return ((val << (32 - bits)) >> (32 - bits)) == val;
+return val == sextract32(val, 0, bits);
}
+#define check_fit_tlcheck_fit_i64
+#if SPARC64
+# define check_fit_ptr check_fit_i64
+#else
+# define check_fit_ptr check_fit_i32
+#endif
+
static void patch_reloc(uint8_t *code_ptr, int type,
intptr_t value, intptr_t addend)
{
@@ -287,7 +293,7 @@ static void patch_reloc(uint8_t *code_ptr, int type,
break;
case R_SPARC_WDISP16:
value -= (intptr_t)code_ptr;
-if (!check_fit_tl(value >> 2, 16)) {
+if (!check_fit_ptr(value >> 2, 16)) {
tcg_abort();
}
insn = *(uint32_t *)code_ptr;
@@ -297,7 +303,7 @@ static void patch_reloc(uint8_t *code_ptr, int type,
break;
case R_SPARC_WDISP19:
value -= (intptr_t)code_ptr;
-if (!check_fit_tl(value >> 2, 19)) {
+if (!check_fit_ptr(value >> 2, 19)) {
tcg_abort();
}
insn = *(uint32_t *)code_ptr;
@@ -426,7 +432,7 @@ static inline void tcg_out_movi_imm13(TCGContext *s, int
ret, uint32_t arg)
static void tcg_out_movi(TCGContext *s, TCGType type,
TCGReg ret, tcg_target_long arg)
{
-tcg_target_long hi, lo;
+tcg_target_long hi, lo = (int32_t)arg;
/* A 13-bit constant sign-extended to 64-bits. */
if (check_fit_tl(arg, 13)) {
@@ -444,15 +450,14 @@ static void tcg_out_movi(TCGContext *s, TCGType type,
}
/* A 32-bit constant sign-extended to 64-bits. */
-if (check_fit_tl(arg, 32)) {
+if (arg == lo) {
tcg_out_sethi(s, ret, ~arg);
tcg_out_arithi(s, ret, ret, (arg & 0x3ff) | -0x400, ARITH_XOR);
return;
}
/* A 64-bit constant decomposed into 2 32-bit pieces. */
-lo = (int32_t)arg;
-if (check_fit_tl(lo, 13)) {
+if (check_fit_i32(lo, 13)) {
hi = (arg - lo) >> 32;
tcg_out_movi(s, TCG_TYPE_I32, ret, hi);
tcg_out_arithi(s, ret, ret, 32, SHIFT_SLLX);
@@ -475,7 +480,7 @@ static inline void tcg_out_ldst_rr(TCGContext *s, int data,
int a1,
static inline void tcg_out_ldst(TCGContext *s, int ret, int addr,
int offset, int op)
{
-if (check_fit_tl(offset, 13)) {
+if (check_fit_ptr(offset, 13)) {
tcg_out32(s, op | INSN_RD(ret) | INSN_RS1(addr) |
INSN_IMM13(offset));
} else {
@@ -499,7 +504,7 @@ static inline void tcg_out_st(TCGContext *s, TCGType type,
TCGReg arg,
static inline void tcg_out_ld_ptr(TCGContext *s, TCGReg ret, uintptr_t arg)
{
TCGReg base = TCG_REG_G0;
-if (!check_fit_tl(arg, 10)) {
+if (!check_fit_ptr(arg, 10)) {
tcg_out_movi(s, TCG_TYPE_PTR, ret, arg & ~0x3ff);
base = ret;
}
@@ -954,7 +959,7 @@ static TCGReg tcg_out_tlb_load(TCGContext *s, TCGReg addr,
int mem_index,
/* Find a base address that can load both tlb comparator and addend. */
tlb_ofs = offsetof(CPUArchState, tlb_table[mem_index][0]);
-if (!check_fit_tl(tlb_ofs + sizeof(CPUTLBEntry), 13)) {
+if (!check_fit_ptr(tlb_ofs + sizeof(CPUTLBEntry), 13)) {
tcg_out_addi(s, r1, tlb_ofs & ~0x3ff);
tlb_ofs &= 0x3ff;
}
@@ -1144,7 +1149,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc, const TCGArg *args,
switch (opc) {
case INDEX_op_exit_tb:
-if (check_fit_tl(args[0], 13)) {
+if (check_fit_ptr(args[0], 13)) {
tcg_out_arithi(s, TCG_REG_G0, TCG_REG_I7, 8, RETURN);
tcg_out_movi_imm13(s, TCG_REG_O0, args[0]);
} else {
--
1.9.0
Re: [Qemu-devel] [PATCH 05/10] qtest: Be paranoid about accept() addrlen argument
On 04/24/2014 06:55 AM, Eric Blake wrote: > On 04/24/2014 06:49 AM, Andreas Färber wrote: >> POSIX specifies that address_len shall on output specify the length of >> the stored address; it does not however specify whether it may get >> updated on failure as well to, e.g., zero. > > Your reading of POSIX leaving the value undefined matches mine. It may > indeed be worth a report to the POSIX folks to see if that should be > tightened in the future to guarantee that it is unchanged on failure, > but we can't rely on that now. FYI - I filed that enhancement request: http://austingroupbugs.net/view.php?id=836 -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature
Re: [Qemu-devel] [Qemu-trivial] [PATCH v4 0/2] convert -m to QemuOpts
Thanks, applied to trivial patches. Finally. /mjt
[Qemu-devel] [Bug 1288620] Re: memory leak with config file
It does seem to be related to the guest, because with a dummy (non- bootable, garbage data) disk image, the rapid memory leak does not occur. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1288620 Title: memory leak with config file Status in QEMU: New Bug description: I have a Windows 7 SP1 Professional 64-bit installation on a QCOW2 image with compat=1.1, which I launch via qemu-system-x86_64 -drive file=windows_base_HDD.img,index=0,media=disk -enable-kvm -m 512M -vga std -net nic,vlan=0 -net user,vlan=0 As soon as I start using the network in any application — for example, visiting www.google.com in Internet Explorer — QEMU starts gobbling memory until the (host) kernel kills it because of an OOM condition. If I run the QEMU with the same options, but with model=e1000 option set for the NIC (i.e. -net -nic,vlan=0,model=e1000), I can use the network from the guest OS without any noticeable effect on QEMU's memory consumption. I do not have this problem when running QEMU with the exact same options (as above, without model=e1000) but with a Debian wheezy installation (on a QCOW image of the same format). My host system in Ubuntu 13.10 x86_64, kernel image 3.11.0-17-generic, but with the QEMU packages from trusty (the codename for the next release): Output of `dpkg -l \*qemu\* | grep '^ii'`: ii ipxe-qemu 1.0.0+git-20130710.936134e-0ubuntu1 all Virtual package to support use of kvm-ipxe with qemu ii qemu-keymaps 1.7.0+dfsg-3ubuntu2 all QEMU keyboard maps ii qemu-system-common1.7.0+dfsg-3ubuntu2 amd64QEMU full system emulation binaries (common files) ii qemu-system-x86 1.7.0+dfsg-3ubuntu2 amd64QEMU full system emulation binaries (x86) ii qemu-utils1.7.0+dfsg-3ubuntu2 amd64QEMU utilities (If necessary, I can try to reproduce this with QEMU built from the upstream source or the latest source from version control.) To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1288620/+subscriptions
