Re: [Qemu-devel] [PATCH 2/3] guest agent: add guest-pipe-open

[Denis V. Lunev]

On 22/12/14 12:06, Denis V. Lunev wrote:

From: Simon Zolin 

Creates a FIFO pair that can be used with existing file read/write
interfaces to communicate with processes spawned via the forthcoming
guest-file-exec interface.

Signed-off-by: Simon Zolin 
Acked-by: Roman Kagan 
Signed-off-by: Denis V. Lunev 
CC: Michael Roth 


hmm, it looks like we have missed SIGPIPE handling,
which could kill the agent. Though the same applies
for the agent even without this patch if someone
will open named pipe on the filesystem and perform
writing.

[Qemu-devel] [PATCH] xen-pt: Fix PCI devices re-attach failed

[Liang Li]

Use the 'xl pci-attach $DomU $BDF' command to attach more then
one PCI devices to the guest, then detach the devices with
'xl pci-detach $DomU $BDF', after that, re-attach these PCI
devices again, an error message will be reported like following:

libxl: error: libxl_qmp.c:287:qmp_handle_error_response: receive
an error message from QMP server: Duplicate ID 'pci-pt-03_10.1'
for device.

The count of calling xen_pt_region_add and xen_pt_region_del are
not the same will cause the XenPCIPassthroughState and it's related
QemuOpts object not be released properly.

Signed-off-by: Liang Li 
Reported-by: Longtao Pang 
---
 hw/xen/xen_pt.c | 4 
 1 file changed, 4 deletions(-)

diff --git a/hw/xen/xen_pt.c b/hw/xen/xen_pt.c
index c1bf357..523b8a2 100644
--- a/hw/xen/xen_pt.c
+++ b/hw/xen/xen_pt.c
@@ -588,7 +588,6 @@ static void xen_pt_region_add(MemoryListener *l, 
MemoryRegionSection *sec)
 XenPCIPassthroughState *s = container_of(l, XenPCIPassthroughState,
  memory_listener);
 
-memory_region_ref(sec->mr);
 xen_pt_region_update(s, sec, true);
 }
 
@@ -598,7 +597,6 @@ static void xen_pt_region_del(MemoryListener *l, 
MemoryRegionSection *sec)
  memory_listener);
 
 xen_pt_region_update(s, sec, false);
-memory_region_unref(sec->mr);
 }
 
 static void xen_pt_io_region_add(MemoryListener *l, MemoryRegionSection *sec)
@@ -606,7 +604,6 @@ static void xen_pt_io_region_add(MemoryListener *l, 
MemoryRegionSection *sec)
 XenPCIPassthroughState *s = container_of(l, XenPCIPassthroughState,
  io_listener);
 
-memory_region_ref(sec->mr);
 xen_pt_region_update(s, sec, true);
 }
 
@@ -616,7 +613,6 @@ static void xen_pt_io_region_del(MemoryListener *l, 
MemoryRegionSection *sec)
  io_listener);
 
 xen_pt_region_update(s, sec, false);
-memory_region_unref(sec->mr);
 }
 
 static const MemoryListener xen_pt_memory_listener = {
-- 
1.9.1

Re: [Qemu-devel] '-usb' regressed by 49d2e648 ("machine: remove qemu_machine_opts global list")

[Paolo Bonzini]

On 23/12/2014 23:12, Laszlo Ersek wrote:
> Apologies if this problem is known. After building qemu at ab0302ee:
> 
> $ qemu-system-x86_64 -usb
> 
> qemu-system-x86_64: util/qemu-option.c:387: qemu_opt_get_bool_helper: 
> Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed.

Does this work?

diff --git a/util/qemu-option.c b/util/qemu-option.c
index a708241..4f1f86a 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -384,7 +384,7 @@ static bool qemu_opt_get_bool_helper(QemuOpts *opts,
const char *name,
 }
 return ret;
 }
-assert(opt->desc && opt->desc->type == QEMU_OPT_BOOL);
+assert(!opt->desc || opt->desc->type == QEMU_OPT_BOOL);
 ret = opt->value.boolean;
 if (del) {
 qemu_opt_del_all(opts, name);
@@ -420,7 +420,7 @@ static uint64_t qemu_opt_get_number_helper(QemuOpts
*opts, const char *name,
 }
 return ret;
 }
-assert(opt->desc && opt->desc->type == QEMU_OPT_NUMBER);
+assert(!opt->desc || opt->desc->type == QEMU_OPT_NUMBER);
 ret = opt->value.uint;
 if (del) {
 qemu_opt_del_all(opts, name);
@@ -457,7 +457,7 @@ static uint64_t qemu_opt_get_size_helper(QemuOpts
*opts, const char *name,
 }
 return ret;
 }
-assert(opt->desc && opt->desc->type == QEMU_OPT_SIZE);
+assert(!opt->desc || opt->desc->type == QEMU_OPT_SIZE);
 ret = opt->value.uint;
 if (del) {
 qemu_opt_del_all(opts, name);

Paolo

Re: [Qemu-devel] [PATCH 2/2] target-ppc: Cast ssize_t to size_t before printing with %zx

[Stefan Weil]

Am 23.12.2014 um 23:47 schrieb Peter Maydell:
> On 23 December 2014 at 22:36, Stefan Weil  wrote:
>> Am 23.12.2014 um 23:22 schrieb Peter Maydell:
>>> --- a/hw/ppc/spapr.c
>>> +++ b/hw/ppc/spapr.c
>>> @@ -1438,7 +1438,7 @@ static void ppc_spapr_init(MachineState *machine)
>>>   }
>>>   if (spapr->rtas_size > RTAS_MAX_SIZE) {
>>>   hw_error("RTAS too big ! 0x%zx bytes (max is 0x%x)\n",
>>> - spapr->rtas_size, RTAS_MAX_SIZE);
>>> + (size_t)spapr->rtas_size, RTAS_MAX_SIZE);
>>>   exit(1);
>>>   }
>>>   g_free(filename);
>>
>>
>> Which compiler did you use? I get no warning with Debian's
>> x86_64-w64-mingw32-gcc 4.6.3 or
>> native MinGW-w32 compilers.
> 
> $ i586-mingw32msvc-gcc --version
> i586-mingw32msvc-gcc (GCC) 4.2.1-sjlj (mingw32-2)
> 
> Yes, this is ancient... it's from the Debian mingw32 package.
> I just use this for compile testing, not for trying to run.
> I should probably switch to the w64 compiler for build tests;
> I forget now if there was a reason why I hadn't.
> 
> I suspect, as I say, that this is just a generic old-gcc bug,
> but it's the only one in the codebase, so it seems easiest
> just to fix it.
> 
> -- PMM

"git grep" finds 6 "%zx", 66 "%zu" and 80 "%zd" in my QEMU source tree.
Some of those are in debug traces, others are conditionally compiled
depending on your configuration. Are you sure that none of those needs
the same kind of modification, too? I don't thing fixing one of them for
an ancient compiler is worth the trouble of explaining why there is a
type cast.

What about using hwaddr instead of ssize_t for rtas_size (and
HWADDR_PRIx in the format string)? It looks like that would be more
consistent with the rest of the code. See for example the arguments of
function spapr_finalize_fdt.

Stefan

Re: [Qemu-devel] '-usb' regressed by 49d2e648 ("machine: remove qemu_machine_opts global list")

[Gonglei]

On 2014/12/24 17:30, Paolo Bonzini wrote:

> 
> 
> On 23/12/2014 23:12, Laszlo Ersek wrote:
>> Apologies if this problem is known. After building qemu at ab0302ee:
>>
>> $ qemu-system-x86_64 -usb
>>
>> qemu-system-x86_64: util/qemu-option.c:387: qemu_opt_get_bool_helper: 
>> Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed.
> 
> Does this work?
> 
> diff --git a/util/qemu-option.c b/util/qemu-option.c
> index a708241..4f1f86a 100644
> --- a/util/qemu-option.c
> +++ b/util/qemu-option.c
> @@ -384,7 +384,7 @@ static bool qemu_opt_get_bool_helper(QemuOpts *opts,
> const char *name,
>  }
>  return ret;
>  }
> -assert(opt->desc && opt->desc->type == QEMU_OPT_BOOL);
> +assert(!opt->desc || opt->desc->type == QEMU_OPT_BOOL);
>  ret = opt->value.boolean;
>  if (del) {
>  qemu_opt_del_all(opts, name);
> @@ -420,7 +420,7 @@ static uint64_t qemu_opt_get_number_helper(QemuOpts
> *opts, const char *name,
>  }
>  return ret;
>  }
> -assert(opt->desc && opt->desc->type == QEMU_OPT_NUMBER);
> +assert(!opt->desc || opt->desc->type == QEMU_OPT_NUMBER);
>  ret = opt->value.uint;
>  if (del) {
>  qemu_opt_del_all(opts, name);
> @@ -457,7 +457,7 @@ static uint64_t qemu_opt_get_size_helper(QemuOpts
> *opts, const char *name,
>  }
>  return ret;
>  }
> -assert(opt->desc && opt->desc->type == QEMU_OPT_SIZE);
> +assert(!opt->desc || opt->desc->type == QEMU_OPT_SIZE);
>  ret = opt->value.uint;
>  if (del) {
>  qemu_opt_del_all(opts, name);
> 
> Paolo
> 

Nice~

Regards,
-Gonglei

[Qemu-devel] [RFC PATCH] qga: implement guest-network-get-interfaces command for windows

[zhanghailiang]

Signed-off-by: zhanghailiang 
---
Hi,

This patch implements guest-network-get-interfaces command for
Windows.

This patch is RFC because the value of network 'prefix' length may be wrong
When there is an adapter with multiple IP which have different netmask.

The main reason is I get this value by hunting for matching prefix in linked 
list,
But unfortunately the order of linked IP_ADAPTER_UNICAST_ADDRESS structures 
pointed
to by the FirstUnicastAddress member does not have any relationship with the
order of linked IP_ADAPTER_PREFIX structures pointed to by the FirstPrefix
member. So actually, we cannot match exactly prefix with unicast struct. :(

Yes, MSDN suggests we get prefix length value by reference to 
OnLinkPrefixLength which 
is a member of struct IP_ADAPTER_UNICAST_ADDRESS, but this structure member is 
only
available on Windows Vista and later, and it seems that the cross compiling 
environment is like Windows XP. Who know this?

Any comments and suggestion are welcomed.

You can test this by command:
'{"execute":"guest-network-get-interfaces"}'
The return value is like:
{"return":[{"name":"{FE2D1285-75FF-48E7-BDEF-50D19DA7D6B4}","ip-addresses":[{"ip-address-type":"ipv6","ip-address":"fe80::e4ca:8658:61e3:8b83","prefix":64},{"ip-address-type":"ipv4","ip-address":"9.61.170.170","prefix":16}],"hardware-address":"52:54:00:7b:4b:19"},{"name":"{846EE342-7039-11DE-9D20-806E6F6E6963}","ip-addresses":[{"ip-address-type":"ipv6","ip-address":"::1","prefix":128},{"ip-address-type":"ipv4","ip-address":"127.0.0.1","prefix":8}],"hardware-address":"52:54:00:7b:4b:19"}]}

---
 configure  |   2 +-
 qga/Makefile.objs  |   2 +-
 qga/commands-win32.c   | 201 -
 qga/guest-agent-core.h |  11 +++
 qga/inet_ntop-win32.c  | 184 
 5 files changed, 394 insertions(+), 6 deletions(-)
 create mode 100644 qga/inet_ntop-win32.c

diff --git a/configure b/configure
index cae588c..7cafbdd 100755
--- a/configure
+++ b/configure
@@ -717,7 +717,7 @@ EOF
   sysconfdir="\${prefix}"
   local_statedir=
   confsuffix=""
-  libs_qga="-lws2_32 -lwinmm -lpowrprof $libs_qga"
+  libs_qga="-lws2_32 -lwinmm -lpowrprof -liphlpapi $libs_qga"
 fi
 
 werror=""
diff --git a/qga/Makefile.objs b/qga/Makefile.objs
index 1c5986c..47ef4aa 100644
--- a/qga/Makefile.objs
+++ b/qga/Makefile.objs
@@ -1,6 +1,6 @@
 qga-obj-y = commands.o guest-agent-command-state.o main.o
 qga-obj-$(CONFIG_POSIX) += commands-posix.o channel-posix.o
-qga-obj-$(CONFIG_WIN32) += commands-win32.o channel-win32.o service-win32.o
+qga-obj-$(CONFIG_WIN32) += commands-win32.o channel-win32.o service-win32.o 
inet_ntop-win32.o
 qga-obj-$(CONFIG_WIN32) += vss-win32.o
 qga-obj-y += qapi-generated/qga-qapi-types.o qapi-generated/qga-qapi-visit.o
 qga-obj-y += qapi-generated/qga-qmp-marshal.o
diff --git a/qga/commands-win32.c b/qga/commands-win32.c
index 3bcbeae..af4eb31 100644
--- a/qga/commands-win32.c
+++ b/qga/commands-win32.c
@@ -14,6 +14,9 @@
 #include 
 #include 
 #include 
+#include 
+#include 
+#include 
 #include "qga/guest-agent-core.h"
 #include "qga/vss-win32.h"
 #include "qga-qmp-commands.h"
@@ -359,9 +362,200 @@ void qmp_guest_suspend_hybrid(Error **errp)
 error_set(errp, QERR_UNSUPPORTED);
 }
 
-GuestNetworkInterfaceList *qmp_guest_network_get_interfaces(Error **errp)
+#define WORKING_BUFFER_SIZE 15000
+#define MAX_TRIES 3
+#define IN_LINKLOCAL(a) uint32_t) (a)) & 0xa) == 0xa9fe)
+
+/*
+ * For Vista and later version, we can get the prefix length value from
+ * OnLinkPrefixLength which is a member of IP_ADAPTER_UNICAST_ADDRESS 
structure.
+ * Otherwise we must hunt for matching prefix in linked list.
+ *
+ * Note:The order of linked IP_ADAPTER_UNICAST_ADDRESS structures pointed to by
+ * the FirstUnicastAddress member does not have any relationship with the
+ * order of linked IP_ADAPTER_PREFIX structures pointed to by the FirstPrefix
+ * member, So the result may be incorrect for an adapter with multiple IP !!!
+ *
+ * More info can be found at:
+ 
*http://msdn.microsoft.com/en-us/library/windows/desktop/aa366066(v=vs.85).aspx
+ */
+static int64_t get_adapter_unicast_prefixlength(PIP_ADAPTER_ADDRESSES pAdapter,
+ PIP_ADAPTER_UNICAST_ADDRESS pUnicast)
 {
-error_set(errp, QERR_UNSUPPORTED);
+IP_ADAPTER_PREFIX *prefix;
+/*
+* Actually, here the cross compiling envirtonment for windows qemu-ga,
+* the IP_ADAPTER_UNICAST_ADDRESS structure is defined as
+* IP_ADAPTER_UNICAST_ADDRESS_XP.
+*/
+#if 0
+if (IsWindowsVistaOrGreater()) {
+return pUnicast->OnLinkPrefixLength;
+}
+#endif
+for (prefix = pAdapter->FirstPrefix; prefix; prefix = prefix->Next) {
+LPSOCKADDR lpSockaddr = prefix->Address.lpSockaddr;
+
+if (lpSockaddr->sa_family != pUnicast->Address.lpSockaddr->sa_family) {
+continue;
+}
+if (lpSockaddr->sa_family == AF_INET) {
+   

[Qemu-devel] [Bug 1405385] [NEW] QEMU crashes when virtio network cards are used together with e1000 network cards

[Bram Klein Gunnewiek]

Public bug reported:

QEMU version: QEMU emulator version 2.2.50, Copyright (c) 2003-2008 Fabrice 
Bellard
QEMU GIT version: ab0302ee764fd702465aef6d88612cdff4302809
Configure flags: ./configure --enable-kvm --prefix=/opt/qemu-devel
Linux version: Ubuntu 14.04.1 LTS
Kernel version: 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux

Problem:

QEMU crashes when using one (or more) virtio network cards
together with one (or more) e1000 (and possibly others) network cards
when those cards are bound to a linux bridge. When the cards are *not*
bound to a bridge QEMU does not crash.

Bridge configuration:

iface bridge0 inet dhcp
bridge_ports eth1
bridge_stp off
bridge_fd 0

Start-up command (including binding the network cards to the bridge +
strace logging):

./qemu-system-x86_64 -daemonize -smp 1 -m 128 -vnc 0.0.0.0:0 \
-netdev tap,id=tap_1,script=no,downscript=no,ifname=net_1_1,vhost=on \
-device virtio-net-pci,bootindex=1,id=nic_1,netdev=tap_1,mac=02:16:3F:00:00:FA \
-netdev tap,id=tap_2,script=no,downscript=no,ifname=net_1_2 \
-device e1000,bootindex=2,id=nic_2,netdev=tap_2,mac=02:16:3F:00:00:FB; \
brctl addif bridge0 net_1_1; \
brctl addif bridge0 net_1_2; \
ifconfig net_1_1 0.0.0.0 up; \
ifconfig net_1_2 0.0.0.0 up; \
sleep 2; \
strace -p `ps x |grep qemu-system-x86_64 |grep -v grep|awk '{print $1}'` -o 
/tmp/qemu-devel-trace.txt 

Kernel log:

Dec 24 11:12:08 bramws kernel: [12466.885581] device net_1_1 entered 
promiscuous mode
Dec 24 11:12:08 bramws kernel: [12466.886238] device net_1_2 entered 
promiscuous mode
Dec 24 11:12:08 bramws kernel: [12466.887084] bridge0: port 2(net_1_1) entered 
forwarding state
Dec 24 11:12:08 bramws kernel: [12466.887089] bridge0: port 2(net_1_1) entered 
forwarding state
Dec 24 11:12:08 bramws kernel: [12466.888940] bridge0: port 3(net_1_2) entered 
forwarding state
Dec 24 11:12:08 bramws kernel: [12466.888947] bridge0: port 3(net_1_2) entered 
forwarding state
Dec 24 11:12:29 bramws kernel: [12488.026376] bridge0: port 2(net_1_1) entered 
disabled state
Dec 24 11:12:29 bramws kernel: [12488.026820] device net_1_1 left promiscuous 
mode
Dec 24 11:12:29 bramws kernel: [12488.026832] bridge0: port 2(net_1_1) entered 
disabled state
Dec 24 11:12:29 bramws kernel: [12488.049636] bridge0: port 3(net_1_2) entered 
disabled state
Dec 24 11:12:29 bramws kernel: [12488.050058] device net_1_2 left promiscuous 
mode
Dec 24 11:12:29 bramws kernel: [12488.050074] bridge0: port 3(net_1_2) entered 
disabled state

Strace log: (full log attached)

ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 28646613}, NULL, 8) = 0 (Timeout)
write(5, "\1\0\0\0\0\0\0\0", 8) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 10899760}, NULL, 8) = 1 ([{fd=5, revents=POLLIN}], left {0, 10895457})
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
read(5, "\1\0\0\0\0\0\0\0", 512)= 8
write(6, "\1\0\0\0\0\0\0\0", 8) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
read(6, "\2\0\0\0\0\0\0\0", 16) = 8
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 0 (Timeout)
read(6, 0x7fff697320e0, 16) = -1 EAGAIN (Resource temporarily 
unavailable)
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 9570429}, NULL, 8) = 0 (Timeout)
futex(0x7f011c8ef094, FUTEX_CMP_REQUEUE_PRIVATE, 1, 2147483647, 0x7f011aaa0860, 
224) = 1
write(5, "\1\0\0\0\0\0\0\0", 8) = 8
write(5, "\1\0\0\0\0\0\0\0", 8) = 8
futex(0x7f011aaa0860, FUTEX_WAKE_PRIVATE, 1) = 1
ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 54463396}, NULL, 8) = 1 ([{fd=5, rev

[Qemu-devel] [Bug 1405385] Re: QEMU crashes when virtio network cards are used together with e1000 network cards

[Michael Tokarev]

What does qemu say when aborting?

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1405385

Title:
  QEMU crashes when virtio network cards are used together with e1000
  network cards

Status in QEMU:
  New

Bug description:
  QEMU version: QEMU emulator version 2.2.50, Copyright (c) 2003-2008 Fabrice 
Bellard
  QEMU GIT version: ab0302ee764fd702465aef6d88612cdff4302809
  Configure flags: ./configure --enable-kvm --prefix=/opt/qemu-devel
  Linux version: Ubuntu 14.04.1 LTS
  Kernel version: 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux

  Problem:

  QEMU crashes when using one (or more) virtio network cards
  together with one (or more) e1000 (and possibly others) network cards
  when those cards are bound to a linux bridge. When the cards are *not*
  bound to a bridge QEMU does not crash.

  Bridge configuration:

iface bridge0 inet dhcp
bridge_ports eth1
bridge_stp off
bridge_fd 0

  Start-up command (including binding the network cards to the bridge +
  strace logging):

  ./qemu-system-x86_64 -daemonize -smp 1 -m 128 -vnc 0.0.0.0:0 \
  -netdev tap,id=tap_1,script=no,downscript=no,ifname=net_1_1,vhost=on \
  -device 
virtio-net-pci,bootindex=1,id=nic_1,netdev=tap_1,mac=02:16:3F:00:00:FA \
  -netdev tap,id=tap_2,script=no,downscript=no,ifname=net_1_2 \
  -device e1000,bootindex=2,id=nic_2,netdev=tap_2,mac=02:16:3F:00:00:FB; \
  brctl addif bridge0 net_1_1; \
  brctl addif bridge0 net_1_2; \
  ifconfig net_1_1 0.0.0.0 up; \
  ifconfig net_1_2 0.0.0.0 up; \
  sleep 2; \
  strace -p `ps x |grep qemu-system-x86_64 |grep -v grep|awk '{print $1}'` -o 
/tmp/qemu-devel-trace.txt 

  Kernel log:

  Dec 24 11:12:08 bramws kernel: [12466.885581] device net_1_1 entered 
promiscuous mode
  Dec 24 11:12:08 bramws kernel: [12466.886238] device net_1_2 entered 
promiscuous mode
  Dec 24 11:12:08 bramws kernel: [12466.887084] bridge0: port 2(net_1_1) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.887089] bridge0: port 2(net_1_1) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.888940] bridge0: port 3(net_1_2) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.888947] bridge0: port 3(net_1_2) 
entered forwarding state
  Dec 24 11:12:29 bramws kernel: [12488.026376] bridge0: port 2(net_1_1) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.026820] device net_1_1 left promiscuous 
mode
  Dec 24 11:12:29 bramws kernel: [12488.026832] bridge0: port 2(net_1_1) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.049636] bridge0: port 3(net_1_2) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.050058] device net_1_2 left promiscuous 
mode
  Dec 24 11:12:29 bramws kernel: [12488.050074] bridge0: port 3(net_1_2) 
entered disabled state

  Strace log: (full log attached)

  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 28646613}, NULL, 8) = 0 (Timeout)
  write(5, "\1\0\0\0\0\0\0\0", 8) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 10899760}, NULL, 8) = 1 ([{fd=5, revents=POLLIN}], left {0, 10895457})
  write(6, "\1\0\0\0\0\0\0\0", 8) = 8
  read(5, "\1\0\0\0\0\0\0\0", 512)= 8
  write(6, "\1\0\0\0\0\0\0\0", 8) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
  read(6, "\2\0\0\0\0\0\0\0", 16) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 0 (Timeout)
  read(6, 0x7fff697320e0, 16) = -1 EAGAIN (Resource temporarily 
unavailable)
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 9570429}, NULL, 8) = 0 (Timeout)
  futex(0x7f011c8ef094, FUTEX_CMP_REQUEUE_PRIVATE, 1, 2147483647, 
0x7f011aaa0860, 2

[Qemu-devel] [Bug 1405385] Re: QEMU crashes when virtio network cards are used together with e1000 network cards

[Michael Tokarev]

Hm. I guess it says nothing, as else some write(2) should be seen by
strace.  So it is like abort() not assert().  And we have about 800
abort() calls in the code.  Oh well.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1405385

Title:
  QEMU crashes when virtio network cards are used together with e1000
  network cards

Status in QEMU:
  New

Bug description:
  QEMU version: QEMU emulator version 2.2.50, Copyright (c) 2003-2008 Fabrice 
Bellard
  QEMU GIT version: ab0302ee764fd702465aef6d88612cdff4302809
  Configure flags: ./configure --enable-kvm --prefix=/opt/qemu-devel
  Linux version: Ubuntu 14.04.1 LTS
  Kernel version: 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux

  Problem:

  QEMU crashes when using one (or more) virtio network cards
  together with one (or more) e1000 (and possibly others) network cards
  when those cards are bound to a linux bridge. When the cards are *not*
  bound to a bridge QEMU does not crash.

  Bridge configuration:

iface bridge0 inet dhcp
bridge_ports eth1
bridge_stp off
bridge_fd 0

  Start-up command (including binding the network cards to the bridge +
  strace logging):

  ./qemu-system-x86_64 -daemonize -smp 1 -m 128 -vnc 0.0.0.0:0 \
  -netdev tap,id=tap_1,script=no,downscript=no,ifname=net_1_1,vhost=on \
  -device 
virtio-net-pci,bootindex=1,id=nic_1,netdev=tap_1,mac=02:16:3F:00:00:FA \
  -netdev tap,id=tap_2,script=no,downscript=no,ifname=net_1_2 \
  -device e1000,bootindex=2,id=nic_2,netdev=tap_2,mac=02:16:3F:00:00:FB; \
  brctl addif bridge0 net_1_1; \
  brctl addif bridge0 net_1_2; \
  ifconfig net_1_1 0.0.0.0 up; \
  ifconfig net_1_2 0.0.0.0 up; \
  sleep 2; \
  strace -p `ps x |grep qemu-system-x86_64 |grep -v grep|awk '{print $1}'` -o 
/tmp/qemu-devel-trace.txt 

  Kernel log:

  Dec 24 11:12:08 bramws kernel: [12466.885581] device net_1_1 entered 
promiscuous mode
  Dec 24 11:12:08 bramws kernel: [12466.886238] device net_1_2 entered 
promiscuous mode
  Dec 24 11:12:08 bramws kernel: [12466.887084] bridge0: port 2(net_1_1) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.887089] bridge0: port 2(net_1_1) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.888940] bridge0: port 3(net_1_2) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.888947] bridge0: port 3(net_1_2) 
entered forwarding state
  Dec 24 11:12:29 bramws kernel: [12488.026376] bridge0: port 2(net_1_1) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.026820] device net_1_1 left promiscuous 
mode
  Dec 24 11:12:29 bramws kernel: [12488.026832] bridge0: port 2(net_1_1) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.049636] bridge0: port 3(net_1_2) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.050058] device net_1_2 left promiscuous 
mode
  Dec 24 11:12:29 bramws kernel: [12488.050074] bridge0: port 3(net_1_2) 
entered disabled state

  Strace log: (full log attached)

  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 28646613}, NULL, 8) = 0 (Timeout)
  write(5, "\1\0\0\0\0\0\0\0", 8) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 10899760}, NULL, 8) = 1 ([{fd=5, revents=POLLIN}], left {0, 10895457})
  write(6, "\1\0\0\0\0\0\0\0", 8) = 8
  read(5, "\1\0\0\0\0\0\0\0", 512)= 8
  write(6, "\1\0\0\0\0\0\0\0", 8) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
  read(6, "\2\0\0\0\0\0\0\0", 16) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 0 (Timeout)
  read(6, 0x7fff697320e0, 16) = -1 EAGAIN (Resource temporarily 
unavailable)
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, ev

[Qemu-devel] QEMU Advent Calendar 2014 final day and thank you

[Stefan Hajnoczi]

Today is the final day of QEMU Advent Calendar 2014:
http://www.qemu-advent-calendar.org/#day-24

A huge thanks to all the contributors who built fun and interesting
disk images for the advent calendar.  It was very successful and a
great way to celebrate QEMU.

We drove 480 GB of web traffic, 41,000 unique visitors, and over 1,000,000 hits!

Top disk image by downloads: Day 1 - Slacker's time travel by Gerd
Hoffmann.  Congratulations Gerd!

Full details:
http://blog.vmsplice.net/2014/12/qemu-advent-calendar-2014-retrospective.html

Thanks and Happy New Year!

Stefan

Re: [Qemu-devel] '-usb' regressed by 49d2e648 ("machine: remove qemu_machine_opts global list")

[Laszlo Ersek]

On 12/24/14 10:30, Paolo Bonzini wrote:
> 
> 
> On 23/12/2014 23:12, Laszlo Ersek wrote:
>> Apologies if this problem is known. After building qemu at ab0302ee:
>>
>> $ qemu-system-x86_64 -usb
>>
>> qemu-system-x86_64: util/qemu-option.c:387: qemu_opt_get_bool_helper: 
>> Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed.
> 
> Does this work?
> 
> diff --git a/util/qemu-option.c b/util/qemu-option.c
> index a708241..4f1f86a 100644
> --- a/util/qemu-option.c
> +++ b/util/qemu-option.c
> @@ -384,7 +384,7 @@ static bool qemu_opt_get_bool_helper(QemuOpts *opts,
> const char *name,
>  }
>  return ret;
>  }
> -assert(opt->desc && opt->desc->type == QEMU_OPT_BOOL);
> +assert(!opt->desc || opt->desc->type == QEMU_OPT_BOOL);
>  ret = opt->value.boolean;
>  if (del) {
>  qemu_opt_del_all(opts, name);
> @@ -420,7 +420,7 @@ static uint64_t qemu_opt_get_number_helper(QemuOpts
> *opts, const char *name,
>  }
>  return ret;
>  }
> -assert(opt->desc && opt->desc->type == QEMU_OPT_NUMBER);
> +assert(!opt->desc || opt->desc->type == QEMU_OPT_NUMBER);
>  ret = opt->value.uint;
>  if (del) {
>  qemu_opt_del_all(opts, name);
> @@ -457,7 +457,7 @@ static uint64_t qemu_opt_get_size_helper(QemuOpts
> *opts, const char *name,
>  }
>  return ret;
>  }
> -assert(opt->desc && opt->desc->type == QEMU_OPT_SIZE);
> +assert(!opt->desc || opt->desc->type == QEMU_OPT_SIZE);
>  ret = opt->value.uint;
>  if (del) {
>  qemu_opt_del_all(opts, name);

Tested-by: Laszlo Ersek 

Thanks!
Laszlo

[Qemu-devel] [Bug 1405385] Re: QEMU crashes when virtio network cards are used together with e1000 network cards

[Bram Klein Gunnewiek]

Indeed, it does not say anything, it simply crashes. Besides the strace
log I created I can't find any other usefull information in other
logfiles.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1405385

Title:
  QEMU crashes when virtio network cards are used together with e1000
  network cards

Status in QEMU:
  New

Bug description:
  QEMU version: QEMU emulator version 2.2.50, Copyright (c) 2003-2008 Fabrice 
Bellard
  QEMU GIT version: ab0302ee764fd702465aef6d88612cdff4302809
  Configure flags: ./configure --enable-kvm --prefix=/opt/qemu-devel
  Linux version: Ubuntu 14.04.1 LTS
  Kernel version: 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux

  Problem:

  QEMU crashes when using one (or more) virtio network cards
  together with one (or more) e1000 (and possibly others) network cards
  when those cards are bound to a linux bridge. When the cards are *not*
  bound to a bridge QEMU does not crash.

  Bridge configuration:

iface bridge0 inet dhcp
bridge_ports eth1
bridge_stp off
bridge_fd 0

  Start-up command (including binding the network cards to the bridge +
  strace logging):

  ./qemu-system-x86_64 -daemonize -smp 1 -m 128 -vnc 0.0.0.0:0 \
  -netdev tap,id=tap_1,script=no,downscript=no,ifname=net_1_1,vhost=on \
  -device 
virtio-net-pci,bootindex=1,id=nic_1,netdev=tap_1,mac=02:16:3F:00:00:FA \
  -netdev tap,id=tap_2,script=no,downscript=no,ifname=net_1_2 \
  -device e1000,bootindex=2,id=nic_2,netdev=tap_2,mac=02:16:3F:00:00:FB; \
  brctl addif bridge0 net_1_1; \
  brctl addif bridge0 net_1_2; \
  ifconfig net_1_1 0.0.0.0 up; \
  ifconfig net_1_2 0.0.0.0 up; \
  sleep 2; \
  strace -p `ps x |grep qemu-system-x86_64 |grep -v grep|awk '{print $1}'` -o 
/tmp/qemu-devel-trace.txt 

  Kernel log:

  Dec 24 11:12:08 bramws kernel: [12466.885581] device net_1_1 entered 
promiscuous mode
  Dec 24 11:12:08 bramws kernel: [12466.886238] device net_1_2 entered 
promiscuous mode
  Dec 24 11:12:08 bramws kernel: [12466.887084] bridge0: port 2(net_1_1) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.887089] bridge0: port 2(net_1_1) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.888940] bridge0: port 3(net_1_2) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.888947] bridge0: port 3(net_1_2) 
entered forwarding state
  Dec 24 11:12:29 bramws kernel: [12488.026376] bridge0: port 2(net_1_1) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.026820] device net_1_1 left promiscuous 
mode
  Dec 24 11:12:29 bramws kernel: [12488.026832] bridge0: port 2(net_1_1) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.049636] bridge0: port 3(net_1_2) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.050058] device net_1_2 left promiscuous 
mode
  Dec 24 11:12:29 bramws kernel: [12488.050074] bridge0: port 3(net_1_2) 
entered disabled state

  Strace log: (full log attached)

  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 28646613}, NULL, 8) = 0 (Timeout)
  write(5, "\1\0\0\0\0\0\0\0", 8) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 10899760}, NULL, 8) = 1 ([{fd=5, revents=POLLIN}], left {0, 10895457})
  write(6, "\1\0\0\0\0\0\0\0", 8) = 8
  read(5, "\1\0\0\0\0\0\0\0", 512)= 8
  write(6, "\1\0\0\0\0\0\0\0", 8) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
  read(6, "\2\0\0\0\0\0\0\0", 16) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 0 (Timeout)
  read(6, 0x7fff697320e0, 16) = -1 EAGAIN (Resource temporarily 
unavailable)
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 957

[Qemu-devel] [PATCH] qemu_ram_resize: document assumptions

[Michael S. Tsirkin]

Document that when using qemu_ram_resize for anything mapped into guest
address space, it's the job of the resize function to update guest
visible state.

Signed-off-by: Michael S. Tsirkin 
---

Adding a comment at dgilbert's request.
This is a separate patch to avoid deferring merging the
code itself.

 exec.c | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/exec.c b/exec.c
index 2427319..9b7e515 100644
--- a/exec.c
+++ b/exec.c
@@ -1301,6 +1301,13 @@ static int memory_try_enable_merging(void *addr, size_t 
len)
 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
 }
 
+/* Only legal before guest might have detected the memory size: e.g. on
+ * incoming migration, or right after reset.
+ *
+ * As memory core doesn't know how is memory accessed, it is up to
+ * resize callback to update device state and/or add assertions to detect
+ * misuse, if necessary.
+ */
 int qemu_ram_resize(ram_addr_t base, ram_addr_t newsize, Error **errp)
 {
 RAMBlock *block = find_ram_block(base);
-- 
MST

Re: [Qemu-devel] [PATCH] qemu_ram_resize: document assumptions

[Paolo Bonzini]

On 24/12/2014 12:43, Michael S. Tsirkin wrote:
> Document that when using qemu_ram_resize for anything mapped into guest
> address space, it's the job of the resize function to update guest
> visible state.
> 
> Signed-off-by: Michael S. Tsirkin 
> ---
> 
> Adding a comment at dgilbert's request.
> This is a separate patch to avoid deferring merging the
> code itself.

Wait, I thought the agreement was to first merge Igor's patches to
generate the SSDT from C code, and then see if this was still necessary?

Paolo

Re: [Qemu-devel] '-usb' regressed by 49d2e648 ("machine: remove qemu_machine_opts global list")

[Marcel Apfelbaum]

On 12/24/2014 12:12 AM, Laszlo Ersek wrote:

Apologies if this problem is known. After building qemu at ab0302ee:

The problem is not known.
Thanks for finding it and testing it!
Marcel



$ qemu-system-x86_64 -usb

qemu-system-x86_64: util/qemu-option.c:387: qemu_opt_get_bool_helper: Assertion `opt->desc 
&& opt->desc->type == QEMU_OPT_BOOL' failed.

The stack is

#0  0x71e945c9 in raise () from /lib64/libc.so.6
#1  0x71e95cd8 in abort () from /lib64/libc.so.6
#2  0x71e8d536 in __assert_fail_base () from /lib64/libc.so.6
#3  0x71e8d5e2 in __assert_fail () from /lib64/libc.so.6
#4  0x559660f5 in qemu_opt_get_bool_helper (opts=0x562b51f0, 
name=0x5598a4af "usb", defval=false, del=false) at util/qemu-option.c:387
#5  0x5596614d in qemu_opt_get_bool (opts=0x562b51f0, name=0x5598a4af 
"usb", defval=false) at util/qemu-option.c:397
#6  0x55715d23 in usb_enabled (default_usb=false) at vl.c:1002
#7  0x5568d7bc in pc_init1 (machine=0x562c22f0, pci_enabled=1, 
kvmclock_enabled=1) at hw/i386/pc_piix.c:277
#8  0x5568d94e in pc_init_pci (machine=0x562c22f0) at 
hw/i386/pc_piix.c:308
#9  0x5571e8d4 in main (argc=2, argv=0x7fffd1d8, 
envp=0x7fffd1f0) at vl.c:4217

Bisection fingers 49d2e648.

This is very visible with libvirt.

Thanks
Laszlo

[Qemu-devel] [PULL 0/8] pc: resizeable ROM blocks

[Michael S. Tsirkin]

The following changes since commit d86fb03469e016af4e54f04efccbc20a8afa3e19:

  Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20141216-1' into 
staging (2014-12-16 16:52:42 +)

are available in the git repository at:

  git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream

for you to fetch changes up to de101bf0e5b1f2bb7759074021f1e082752428ef:

  acpi-build: make ROMs RAM blocks resizeable (2014-12-16 22:14:11 +0200)


pc: resizeable ROM blocks

This makes ROM blocks resizeable.  This infrastructure is required for other
functionality we have queued.

Signed-off-by: Michael S. Tsirkin 


Michael S. Tsirkin (8):
  cpu: add cpu_physical_memory_clear_dirty_range_nocode
  memory: add memory_region_set_size
  exec: cpu_physical_memory_set/clear_dirty_range
  exec: split length -> used_length/max_length
  exec: qemu_ram_alloc_resizeable, qemu_ram_resize
  arch_init: support resizing on incoming migration
  memory: API to allocate resizeable RAM MR
  acpi-build: make ROMs RAM blocks resizeable

 hw/lm32/lm32_hwsetup.h  |   3 +-
 include/exec/cpu-all.h  |  12 +++--
 include/exec/memory.h   |  34 +
 include/exec/ram_addr.h |  22 +++--
 include/hw/loader.h |   4 +-
 arch_init.c |  28 ++-
 exec.c  | 129 +---
 hw/core/loader.c|  18 +--
 hw/i386/acpi-build.c|  19 +--
 memory.c|  33 +
 10 files changed, 242 insertions(+), 60 deletions(-)

[Qemu-devel] [PULL 7/8] memory: API to allocate resizeable RAM MR

[Michael S. Tsirkin]

Add API to allocate resizeable RAM MR.

This looks just like regular RAM generally, but
has a special property that only a portion of it
(used_length) is actually used, and migrated.

This used_length size can change across reboots.

Follow up patches will change used_length for such blocks at migration,
making it easier to extend devices using such RAM (notably ACPI,
but in the future thinkably other ROMs) without breaking migration
compatibility or wasting ROM (guest) memory.

Device is notified on resize, so it can adjust if necessary.

Note: nothing prevents making all RAM resizeable in this way.
However, reviewers felt that only enabling this selectively will
make some class of errors easier to detect.

Signed-off-by: Michael S. Tsirkin 
---
 include/exec/memory.h | 24 
 memory.c  | 17 +
 2 files changed, 41 insertions(+)

diff --git a/include/exec/memory.h b/include/exec/memory.h
index 0882221..0cd96b1 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -321,6 +321,30 @@ void memory_region_init_ram(MemoryRegion *mr,
 uint64_t size,
 Error **errp);
 
+/**
+ * memory_region_init_resizeable_ram:  Initialize memory region with resizeable
+ * RAM.  Accesses into the region will
+ * modify memory directly.  Only an initial
+ * portion of this RAM is actually used.
+ * The used size can change across reboots.
+ *
+ * @mr: the #MemoryRegion to be initialized.
+ * @owner: the object that tracks the region's reference count
+ * @name: the name of the region.
+ * @size: used size of the region.
+ * @max_size: max size of the region.
+ * @resized: callback to notify owner about used size change.
+ * @errp: pointer to Error*, to store an error if it happens.
+ */
+void memory_region_init_resizeable_ram(MemoryRegion *mr,
+   struct Object *owner,
+   const char *name,
+   uint64_t size,
+   uint64_t max_size,
+   void (*resized)(const char*,
+   uint64_t length,
+   void *host),
+   Error **errp);
 #ifdef __linux__
 /**
  * memory_region_init_ram_from_file:  Initialize RAM memory region with a
diff --git a/memory.c b/memory.c
index 618470b..c343bf3 100644
--- a/memory.c
+++ b/memory.c
@@ -1152,6 +1152,23 @@ void memory_region_init_ram(MemoryRegion *mr,
 mr->ram_addr = qemu_ram_alloc(size, mr, errp);
 }
 
+void memory_region_init_resizeable_ram(MemoryRegion *mr,
+   Object *owner,
+   const char *name,
+   uint64_t size,
+   uint64_t max_size,
+   void (*resized)(const char*,
+   uint64_t length,
+   void *host),
+   Error **errp)
+{
+memory_region_init(mr, owner, name, size);
+mr->ram = true;
+mr->terminates = true;
+mr->destructor = memory_region_destructor_ram;
+mr->ram_addr = qemu_ram_alloc_resizeable(size, max_size, resized, mr, 
errp);
+}
+
 #ifdef __linux__
 void memory_region_init_ram_from_file(MemoryRegion *mr,
   struct Object *owner,
-- 
MST

[Qemu-devel] [PULL 2/8] memory: add memory_region_set_size

[Michael S. Tsirkin]

Add API to change MR size.
Will be used internally for RAM resize.

Signed-off-by: Michael S. Tsirkin 
---
 include/exec/memory.h | 10 ++
 memory.c  | 16 
 2 files changed, 26 insertions(+)

diff --git a/include/exec/memory.h b/include/exec/memory.h
index f64ab5e..0882221 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -878,6 +878,16 @@ void memory_region_set_enabled(MemoryRegion *mr, bool 
enabled);
 void memory_region_set_address(MemoryRegion *mr, hwaddr addr);
 
 /*
+ * memory_region_set_size: dynamically update the size of a region.
+ *
+ * Dynamically updates the size of a region.
+ *
+ * @mr: the region to be updated
+ * @size: used size of the region.
+ */
+void memory_region_set_size(MemoryRegion *mr, uint64_t size);
+
+/*
  * memory_region_set_alias_offset: dynamically update a memory alias's offset
  *
  * Dynamically updates the offset into the target region that an alias points
diff --git a/memory.c b/memory.c
index 15cf9eb..618470b 100644
--- a/memory.c
+++ b/memory.c
@@ -1707,6 +1707,22 @@ void memory_region_set_enabled(MemoryRegion *mr, bool 
enabled)
 memory_region_transaction_commit();
 }
 
+void memory_region_set_size(MemoryRegion *mr, uint64_t size)
+{
+Int128 s = int128_make64(size);
+
+if (size == UINT64_MAX) {
+s = int128_2_64();
+}
+if (int128_eq(s, mr->size)) {
+return;
+}
+memory_region_transaction_begin();
+mr->size = s;
+memory_region_update_pending = true;
+memory_region_transaction_commit();
+}
+
 static void memory_region_readd_subregion(MemoryRegion *mr)
 {
 MemoryRegion *container = mr->container;
-- 
MST

[Qemu-devel] [PULL 8/8] acpi-build: make ROMs RAM blocks resizeable

[Michael S. Tsirkin]

Use resizeable ram API so we can painlessly extend ROMs in the
future.  Note: migration is not affected, as we are
not actually changing the used length for RAM, which
is the part that's migrated.

Use this in acpi: reserve x16 more RAM space.

Signed-off-by: Michael S. Tsirkin 
---
 hw/lm32/lm32_hwsetup.h |  3 ++-
 include/hw/loader.h|  4 ++--
 hw/core/loader.c   | 18 ++
 hw/i386/acpi-build.c   | 19 ++-
 4 files changed, 32 insertions(+), 12 deletions(-)

diff --git a/hw/lm32/lm32_hwsetup.h b/hw/lm32/lm32_hwsetup.h
index 9fd5e69..838754d 100644
--- a/hw/lm32/lm32_hwsetup.h
+++ b/hw/lm32/lm32_hwsetup.h
@@ -73,7 +73,8 @@ static inline void hwsetup_free(HWSetup *hw)
 static inline void hwsetup_create_rom(HWSetup *hw,
 hwaddr base)
 {
-rom_add_blob("hwsetup", hw->data, TARGET_PAGE_SIZE, base, NULL, NULL, 
NULL);
+rom_add_blob("hwsetup", hw->data, TARGET_PAGE_SIZE,
+ TARGET_PAGE_SIZE, base, NULL, NULL, NULL);
 }
 
 static inline void hwsetup_add_u8(HWSetup *hw, uint8_t u)
diff --git a/include/hw/loader.h b/include/hw/loader.h
index 6481639..1d76108 100644
--- a/include/hw/loader.h
+++ b/include/hw/loader.h
@@ -60,7 +60,7 @@ int rom_add_file(const char *file, const char *fw_dir,
  hwaddr addr, int32_t bootindex,
  bool option_rom);
 ram_addr_t rom_add_blob(const char *name, const void *blob, size_t len,
-   hwaddr addr, const char *fw_file_name,
+   size_t max_len, hwaddr addr, const char *fw_file_name,
FWCfgReadCallback fw_callback, void *callback_opaque);
 int rom_add_elf_program(const char *name, void *data, size_t datasize,
 size_t romsize, hwaddr addr);
@@ -74,7 +74,7 @@ void do_info_roms(Monitor *mon, const QDict *qdict);
 #define rom_add_file_fixed(_f, _a, _i)  \
 rom_add_file(_f, NULL, _a, _i, false)
 #define rom_add_blob_fixed(_f, _b, _l, _a)  \
-rom_add_blob(_f, _b, _l, _a, NULL, NULL, NULL)
+rom_add_blob(_f, _b, _l, _l, _a, NULL, NULL, NULL)
 
 #define PC_ROM_MIN_VGA 0xc
 #define PC_ROM_MIN_OPTION  0xc8000
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 7527fd3..d3f8501 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -712,12 +712,22 @@ static void rom_insert(Rom *rom)
 QTAILQ_INSERT_TAIL(&roms, rom, next);
 }
 
+static void fw_cfg_resized(const char *id, uint64_t length, void *host)
+{
+if (fw_cfg) {
+fw_cfg_modify_file(fw_cfg, id + strlen("/rom@"), host, length);
+}
+}
+
 static void *rom_set_mr(Rom *rom, Object *owner, const char *name)
 {
 void *data;
 
 rom->mr = g_malloc(sizeof(*rom->mr));
-memory_region_init_ram(rom->mr, owner, name, rom->datasize, &error_abort);
+memory_region_init_resizeable_ram(rom->mr, owner, name,
+  rom->datasize, rom->romsize,
+  fw_cfg_resized,
+  &error_abort);
 memory_region_set_readonly(rom->mr, true);
 vmstate_register_ram_global(rom->mr);
 
@@ -812,7 +822,7 @@ err:
 }
 
 ram_addr_t rom_add_blob(const char *name, const void *blob, size_t len,
-   hwaddr addr, const char *fw_file_name,
+   size_t max_len, hwaddr addr, const char *fw_file_name,
FWCfgReadCallback fw_callback, void *callback_opaque)
 {
 Rom *rom;
@@ -821,7 +831,7 @@ ram_addr_t rom_add_blob(const char *name, const void *blob, 
size_t len,
 rom   = g_malloc0(sizeof(*rom));
 rom->name = g_strdup(name);
 rom->addr = addr;
-rom->romsize  = len;
+rom->romsize  = max_len ? max_len : len;
 rom->datasize = len;
 rom->data = g_malloc0(rom->datasize);
 memcpy(rom->data, blob, len);
@@ -841,7 +851,7 @@ ram_addr_t rom_add_blob(const char *name, const void *blob, 
size_t len,
 
 fw_cfg_add_file_callback(fw_cfg, fw_file_name,
  fw_callback, callback_opaque,
- data, rom->romsize);
+ data, rom->datasize);
 }
 return ret;
 }
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index a4d0c0c..6a2e9c5 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -68,6 +68,9 @@
 
 #define ACPI_BUILD_TABLE_SIZE 0x2
 
+/* Reserve RAM space for tables: add another order of magnitude. */
+#define ACPI_BUILD_TABLE_MAX_SIZE 0x20
+
 /* #define DEBUG_ACPI_BUILD */
 #ifdef DEBUG_ACPI_BUILD
 #define ACPI_BUILD_DPRINTF(fmt, ...)\
@@ -1718,6 +1721,11 @@ static void acpi_build_update(void *build_opaque, 
uint32_t offset)
 acpi_build(build_state->guest_info, &tables);
 
 assert(acpi_data_len(tables.table_data) == build_state->table_size);
+
+/* Make sure RAM size is correct - in case it got changed by migration */
+qemu_ram_resize(build_state->table_ram, build_state->table_size,
+ 

[Qemu-devel] [PULL 1/8] cpu: add cpu_physical_memory_clear_dirty_range_nocode

[Michael S. Tsirkin]

simple wrapper so callers don't need to know about
dirty bitmap clients.

Signed-off-by: Michael S. Tsirkin 
---
 include/exec/ram_addr.h | 8 
 1 file changed, 8 insertions(+)

diff --git a/include/exec/ram_addr.h b/include/exec/ram_addr.h
index 8fc75cd..18ec092 100644
--- a/include/exec/ram_addr.h
+++ b/include/exec/ram_addr.h
@@ -184,6 +184,14 @@ static inline void 
cpu_physical_memory_clear_dirty_range(ram_addr_t start,
 bitmap_clear(ram_list.dirty_memory[client], page, end - page);
 }
 
+static inline void cpu_physical_memory_clear_dirty_range_nocode(ram_addr_t 
start,
+ram_addr_t 
length)
+{
+cpu_physical_memory_clear_dirty_range(start, length, 
DIRTY_MEMORY_MIGRATION);
+cpu_physical_memory_clear_dirty_range(start, length, DIRTY_MEMORY_VGA);
+}
+
+
 void cpu_physical_memory_reset_dirty(ram_addr_t start, ram_addr_t length,
  unsigned client);
 
-- 
MST

[Qemu-devel] [PULL 3/8] exec: cpu_physical_memory_set/clear_dirty_range

[Michael S. Tsirkin]

Make cpu_physical_memory_set/clear_dirty_range
behave symmetrically.

To clear range for a given client type only, add
cpu_physical_memory_clear_dirty_range_type.

Signed-off-by: Michael S. Tsirkin 
---
 include/exec/ram_addr.h | 15 ---
 exec.c  |  2 +-
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/include/exec/ram_addr.h b/include/exec/ram_addr.h
index 18ec092..254931c 100644
--- a/include/exec/ram_addr.h
+++ b/include/exec/ram_addr.h
@@ -172,9 +172,9 @@ static inline void 
cpu_physical_memory_set_dirty_lebitmap(unsigned long *bitmap,
 }
 #endif /* not _WIN32 */
 
-static inline void cpu_physical_memory_clear_dirty_range(ram_addr_t start,
- ram_addr_t length,
- unsigned client)
+static inline void cpu_physical_memory_clear_dirty_range_type(ram_addr_t start,
+  ram_addr_t 
length,
+  unsigned client)
 {
 unsigned long end, page;
 
@@ -184,11 +184,12 @@ static inline void 
cpu_physical_memory_clear_dirty_range(ram_addr_t start,
 bitmap_clear(ram_list.dirty_memory[client], page, end - page);
 }
 
-static inline void cpu_physical_memory_clear_dirty_range_nocode(ram_addr_t 
start,
-ram_addr_t 
length)
+static inline void cpu_physical_memory_clear_dirty_range(ram_addr_t start,
+ ram_addr_t length)
 {
-cpu_physical_memory_clear_dirty_range(start, length, 
DIRTY_MEMORY_MIGRATION);
-cpu_physical_memory_clear_dirty_range(start, length, DIRTY_MEMORY_VGA);
+cpu_physical_memory_clear_dirty_range_type(start, length, 
DIRTY_MEMORY_MIGRATION);
+cpu_physical_memory_clear_dirty_range_type(start, length, 
DIRTY_MEMORY_VGA);
+cpu_physical_memory_clear_dirty_range_type(start, length, 
DIRTY_MEMORY_CODE);
 }
 
 
diff --git a/exec.c b/exec.c
index 963481a..a89aa6c 100644
--- a/exec.c
+++ b/exec.c
@@ -850,7 +850,7 @@ void cpu_physical_memory_reset_dirty(ram_addr_t start, 
ram_addr_t length,
 {
 if (length == 0)
 return;
-cpu_physical_memory_clear_dirty_range(start, length, client);
+cpu_physical_memory_clear_dirty_range_type(start, length, client);
 
 if (tcg_enabled()) {
 tlb_reset_dirty_range_all(start, length);
-- 
MST

[Qemu-devel] [PULL 4/8] exec: split length -> used_length/max_length

[Michael S. Tsirkin]

This patch allows us to distinguish between two
length values for each block:
max_length - length of memory block that was allocated
used_length - length of block used by QEMU/guest

Currently, we set used_length - max_length, unconditionally.
Follow-up patches allow used_length <= max_length.

Signed-off-by: Michael S. Tsirkin 
---
 include/exec/cpu-all.h |  3 ++-
 arch_init.c| 19 +-
 exec.c | 52 +++---
 3 files changed, 40 insertions(+), 34 deletions(-)

diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
index 62f5581..6f2130e 100644
--- a/include/exec/cpu-all.h
+++ b/include/exec/cpu-all.h
@@ -303,7 +303,8 @@ typedef struct RAMBlock {
 struct MemoryRegion *mr;
 uint8_t *host;
 ram_addr_t offset;
-ram_addr_t length;
+ram_addr_t used_length;
+ram_addr_t max_length;
 uint32_t flags;
 char idstr[256];
 /* Reads can take either the iothread or the ramlist lock.
diff --git a/arch_init.c b/arch_init.c
index 7680d28..106f46e 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -522,7 +522,7 @@ static void migration_bitmap_sync(void)
 address_space_sync_dirty_bitmap(&address_space_memory);
 
 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
-migration_bitmap_sync_range(block->mr->ram_addr, block->length);
+migration_bitmap_sync_range(block->mr->ram_addr, block->used_length);
 }
 trace_migration_bitmap_sync_end(migration_dirty_pages
 - num_dirty_pages_init);
@@ -668,7 +668,7 @@ static int ram_find_and_save_block(QEMUFile *f, bool 
last_stage)
 offset >= last_offset) {
 break;
 }
-if (offset >= block->length) {
+if (offset >= block->used_length) {
 offset = 0;
 block = QTAILQ_NEXT(block, next);
 if (!block) {
@@ -727,7 +727,7 @@ uint64_t ram_bytes_total(void)
 uint64_t total = 0;
 
 QTAILQ_FOREACH(block, &ram_list.blocks, next)
-total += block->length;
+total += block->used_length;
 
 return total;
 }
@@ -831,7 +831,7 @@ static int ram_save_setup(QEMUFile *f, void *opaque)
 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
 uint64_t block_pages;
 
-block_pages = block->length >> TARGET_PAGE_BITS;
+block_pages = block->used_length >> TARGET_PAGE_BITS;
 migration_dirty_pages += block_pages;
 }
 
@@ -844,7 +844,7 @@ static int ram_save_setup(QEMUFile *f, void *opaque)
 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
 qemu_put_byte(f, strlen(block->idstr));
 qemu_put_buffer(f, (uint8_t *)block->idstr, strlen(block->idstr));
-qemu_put_be64(f, block->length);
+qemu_put_be64(f, block->used_length);
 }
 
 qemu_mutex_unlock_ramlist();
@@ -1015,7 +1015,7 @@ static inline void *host_from_stream_offset(QEMUFile *f,
 uint8_t len;
 
 if (flags & RAM_SAVE_FLAG_CONTINUE) {
-if (!block || block->length <= offset) {
+if (!block || block->max_length <= offset) {
 error_report("Ack, bad migration stream!");
 return NULL;
 }
@@ -1028,7 +1028,8 @@ static inline void *host_from_stream_offset(QEMUFile *f,
 id[len] = 0;
 
 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
-if (!strncmp(id, block->idstr, sizeof(id)) && block->length > offset) {
+if (!strncmp(id, block->idstr, sizeof(id)) &&
+block->max_length > offset) {
 return memory_region_get_ram_ptr(block->mr) + offset;
 }
 }
@@ -1085,10 +1086,10 @@ static int ram_load(QEMUFile *f, void *opaque, int 
version_id)
 
 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
 if (!strncmp(id, block->idstr, sizeof(id))) {
-if (block->length != length) {
+if (block->used_length != length) {
 error_report("Length mismatch: %s: 0x" RAM_ADDR_FMT
  " in != 0x" RAM_ADDR_FMT, id, length,
- block->length);
+ block->used_length);
 ret =  -EINVAL;
 }
 break;
diff --git a/exec.c b/exec.c
index a89aa6c..b69216a 100644
--- a/exec.c
+++ b/exec.c
@@ -812,11 +812,11 @@ static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
 
 /* The list is protected by the iothread lock here.  */
 block = ram_list.mru_block;
-if (block && addr - block->offset < block->length) {
+if (block && addr - block->offset < block->max_length) {
 goto found;
 }
 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
-if (addr - block->offset < block->length) {
+if (addr - block->offset < block->max_length) {
 goto found;
 }
 }
@@ -1305,13 +1305,14 @@ static ram_addr_t ram_bloc

[Qemu-devel] [PULL 6/8] arch_init: support resizing on incoming migration

[Michael S. Tsirkin]

If block used_length does not match, try to resize it.

Signed-off-by: Michael S. Tsirkin 
---
 arch_init.c | 13 -
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/arch_init.c b/arch_init.c
index 106f46e..cfedbf0 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -1086,11 +1086,14 @@ static int ram_load(QEMUFile *f, void *opaque, int 
version_id)
 
 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
 if (!strncmp(id, block->idstr, sizeof(id))) {
-if (block->used_length != length) {
-error_report("Length mismatch: %s: 0x" RAM_ADDR_FMT
- " in != 0x" RAM_ADDR_FMT, id, length,
- block->used_length);
-ret =  -EINVAL;
+if (length != block->used_length) {
+Error *local_err = NULL;
+
+ret = qemu_ram_resize(block->offset, length, 
&local_err);
+if (local_err) {
+error_report("%s", 
error_get_pretty(local_err));
+error_free(local_err);
+}
 }
 break;
 }
-- 
MST

Re: [Qemu-devel] '-usb' regressed by 49d2e648 ("machine: remove qemu_machine_opts global list")

[Paolo Bonzini]

On 24/12/2014 12:03, Laszlo Ersek wrote:
> On 12/24/14 10:30, Paolo Bonzini wrote:
>>
>>
>> On 23/12/2014 23:12, Laszlo Ersek wrote:
>>> Apologies if this problem is known. After building qemu at ab0302ee:
>>>
>>> $ qemu-system-x86_64 -usb
>>>
>>> qemu-system-x86_64: util/qemu-option.c:387: qemu_opt_get_bool_helper: 
>>> Assertion `opt->desc && opt->desc->type == QEMU_OPT_BOOL' failed.
>>
>> Does this work?
>>
>> diff --git a/util/qemu-option.c b/util/qemu-option.c
>> index a708241..4f1f86a 100644
>> --- a/util/qemu-option.c
>> +++ b/util/qemu-option.c
>> @@ -384,7 +384,7 @@ static bool qemu_opt_get_bool_helper(QemuOpts *opts,
>> const char *name,
>>  }
>>  return ret;
>>  }
>> -assert(opt->desc && opt->desc->type == QEMU_OPT_BOOL);
>> +assert(!opt->desc || opt->desc->type == QEMU_OPT_BOOL);
>>  ret = opt->value.boolean;
>>  if (del) {
>>  qemu_opt_del_all(opts, name);
>> @@ -420,7 +420,7 @@ static uint64_t qemu_opt_get_number_helper(QemuOpts
>> *opts, const char *name,
>>  }
>>  return ret;
>>  }
>> -assert(opt->desc && opt->desc->type == QEMU_OPT_NUMBER);
>> +assert(!opt->desc || opt->desc->type == QEMU_OPT_NUMBER);
>>  ret = opt->value.uint;
>>  if (del) {
>>  qemu_opt_del_all(opts, name);
>> @@ -457,7 +457,7 @@ static uint64_t qemu_opt_get_size_helper(QemuOpts
>> *opts, const char *name,
>>  }
>>  return ret;
>>  }
>> -assert(opt->desc && opt->desc->type == QEMU_OPT_SIZE);
>> +assert(!opt->desc || opt->desc->type == QEMU_OPT_SIZE);
>>  ret = opt->value.uint;
>>  if (del) {
>>  qemu_opt_del_all(opts, name);
> 
> Tested-by: Laszlo Ersek 

Hmm, it doesn't work though.  parse_option_bool is not called.
Something for new year I guess.

Paolo

[Qemu-devel] [PULL 5/8] exec: qemu_ram_alloc_resizeable, qemu_ram_resize

[Michael S. Tsirkin]

Add API to allocate "resizeable" RAM.
This looks just like regular RAM generally, but
has a special property that only a portion of it
(used_length) is actually used, and migrated.

This used_length size can change across reboots.

Follow up patches will change used_length for such blocks at migration,
making it easier to extend devices using such RAM (notably ACPI,
but in the future thinkably other ROMs) without breaking migration
compatibility or wasting ROM (guest) memory.

Device is notified on resize, so it can adjust if necessary.

qemu_ram_alloc_resizeable allocates this memory, qemu_ram_resize resizes
it.

Note: nothing prevents making all RAM resizeable in this way.
However, reviewers felt that only enabling this selectively will
make some class of errors easier to detect.

Signed-off-by: Michael S. Tsirkin 
---
 include/exec/cpu-all.h  |  9 --
 include/exec/ram_addr.h |  7 +
 exec.c  | 75 ++---
 3 files changed, 84 insertions(+), 7 deletions(-)

diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
index 6f2130e..7ced147 100644
--- a/include/exec/cpu-all.h
+++ b/include/exec/cpu-all.h
@@ -299,12 +299,15 @@ CPUArchState *cpu_copy(CPUArchState *env);
 
 /* memory API */
 
-typedef struct RAMBlock {
+typedef struct RAMBlock RAMBlock;
+
+struct RAMBlock {
 struct MemoryRegion *mr;
 uint8_t *host;
 ram_addr_t offset;
 ram_addr_t used_length;
 ram_addr_t max_length;
+void (*resized)(const char*, uint64_t length, void *host);
 uint32_t flags;
 char idstr[256];
 /* Reads can take either the iothread or the ramlist lock.
@@ -312,11 +315,11 @@ typedef struct RAMBlock {
  */
 QTAILQ_ENTRY(RAMBlock) next;
 int fd;
-} RAMBlock;
+};
 
 static inline void *ramblock_ptr(RAMBlock *block, ram_addr_t offset)
 {
-assert(offset < block->length);
+assert(offset < block->used_length);
 assert(block->host);
 return (char *)block->host + offset;
 }
diff --git a/include/exec/ram_addr.h b/include/exec/ram_addr.h
index 254931c..ff558a4 100644
--- a/include/exec/ram_addr.h
+++ b/include/exec/ram_addr.h
@@ -28,12 +28,19 @@ ram_addr_t qemu_ram_alloc_from_file(ram_addr_t size, 
MemoryRegion *mr,
 ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
MemoryRegion *mr, Error **errp);
 ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr, Error **errp);
+ram_addr_t qemu_ram_alloc_resizeable(ram_addr_t size, ram_addr_t max_size,
+ void (*resized)(const char*,
+ uint64_t length,
+ void *host),
+ MemoryRegion *mr, Error **errp);
 int qemu_get_ram_fd(ram_addr_t addr);
 void *qemu_get_ram_block_host_ptr(ram_addr_t addr);
 void *qemu_get_ram_ptr(ram_addr_t addr);
 void qemu_ram_free(ram_addr_t addr);
 void qemu_ram_free_from_ptr(ram_addr_t addr);
 
+int qemu_ram_resize(ram_addr_t base, ram_addr_t newsize, Error **errp);
+
 static inline bool cpu_physical_memory_get_dirty(ram_addr_t start,
  ram_addr_t length,
  unsigned client)
diff --git a/exec.c b/exec.c
index b69216a..2427319 100644
--- a/exec.c
+++ b/exec.c
@@ -75,6 +75,11 @@ static MemoryRegion io_mem_unassigned;
 /* RAM is mmap-ed with MAP_SHARED */
 #define RAM_SHARED (1 << 1)
 
+/* On-device RAM allocated with g_malloc: supports realloc,
+ * not accessible to vcpu on kvm.
+ */
+#define RAM_RESIZEABLE (1 << 2)
+
 #endif
 
 struct CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
@@ -1186,7 +1191,7 @@ static ram_addr_t find_ram_offset(ram_addr_t size)
 QTAILQ_FOREACH(block, &ram_list.blocks, next) {
 ram_addr_t end, next = RAM_ADDR_MAX;
 
-end = block->offset + block->length;
+end = block->offset + block->max_length;
 
 QTAILQ_FOREACH(next_block, &ram_list.blocks, next) {
 if (next_block->offset >= end) {
@@ -1214,7 +1219,7 @@ ram_addr_t last_ram_offset(void)
 ram_addr_t last = 0;
 
 QTAILQ_FOREACH(block, &ram_list.blocks, next)
-last = MAX(last, block->offset + block->length);
+last = MAX(last, block->offset + block->max_length);
 
 return last;
 }
@@ -1296,6 +1301,42 @@ static int memory_try_enable_merging(void *addr, size_t 
len)
 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
 }
 
+int qemu_ram_resize(ram_addr_t base, ram_addr_t newsize, Error **errp)
+{
+RAMBlock *block = find_ram_block(base);
+
+assert(block);
+
+if (block->used_length == newsize) {
+return 0;
+}
+
+if (!(block->flags & RAM_RESIZEABLE)) {
+error_setg_errno(errp, EINVAL,
+ "Length mismatch: %s: 0x" RAM_ADDR_FMT
+ " in != 0x" RAM_ADDR_FMT, block->idstr,
+ news

Re: [Qemu-devel] [PATCH] qemu_ram_resize: document assumptions

[Michael S. Tsirkin]

On Wed, Dec 24, 2014 at 12:45:47PM +0100, Paolo Bonzini wrote:
> 
> 
> On 24/12/2014 12:43, Michael S. Tsirkin wrote:
> > Document that when using qemu_ram_resize for anything mapped into guest
> > address space, it's the job of the resize function to update guest
> > visible state.
> > 
> > Signed-off-by: Michael S. Tsirkin 
> > ---
> > 
> > Adding a comment at dgilbert's request.
> > This is a separate patch to avoid deferring merging the
> > code itself.
> 
> Wait, I thought the agreement was to first merge Igor's patches to
> generate the SSDT from C code, and then see if this was still necessary?
> 
> Paolo

To first *review* Igor's patches.

I can't merge more ACPI code until I know how we are
handling cross-version migration.

-- 
MST

Re: [Qemu-devel] [PATCH] qemu_ram_resize: document assumptions

[Paolo Bonzini]

On 24/12/2014 13:21, Michael S. Tsirkin wrote:
> > Wait, I thought the agreement was to first merge Igor's patches to
> > generate the SSDT from C code, and then see if this was still necessary?
> 
> To first *review* Igor's patches.
> 
> I can't merge more ACPI code until I know how we are
> handling cross-version migration.

We are "handling" it just by putting a limit of 64K above which things
are not guaranteed to work.

Paolo

Re: [Qemu-devel] [PULL 0/8] pc: resizeable ROM blocks

[Paolo Bonzini]

On 24/12/2014 12:51, Michael S. Tsirkin wrote:
> The following changes since commit d86fb03469e016af4e54f04efccbc20a8afa3e19:
> 
>   Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20141216-1' 
> into staging (2014-12-16 16:52:42 +)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream
> 
> for you to fetch changes up to de101bf0e5b1f2bb7759074021f1e082752428ef:
> 
>   acpi-build: make ROMs RAM blocks resizeable (2014-12-16 22:14:11 +0200)
> 
> 
> pc: resizeable ROM blocks
> 
> This makes ROM blocks resizeable.  This infrastructure is required for other
> functionality we have queued.
> 
> Signed-off-by: Michael S. Tsirkin 
> 
> 
> Michael S. Tsirkin (8):
>   cpu: add cpu_physical_memory_clear_dirty_range_nocode
>   memory: add memory_region_set_size
>   exec: cpu_physical_memory_set/clear_dirty_range
>   exec: split length -> used_length/max_length
>   exec: qemu_ram_alloc_resizeable, qemu_ram_resize
>   arch_init: support resizing on incoming migration
>   memory: API to allocate resizeable RAM MR
>   acpi-build: make ROMs RAM blocks resizeable
> 
>  hw/lm32/lm32_hwsetup.h  |   3 +-
>  include/exec/cpu-all.h  |  12 +++--
>  include/exec/memory.h   |  34 +
>  include/exec/ram_addr.h |  22 +++--
>  include/hw/loader.h |   4 +-
>  arch_init.c |  28 ++-
>  exec.c  | 129 
> +---
>  hw/core/loader.c|  18 +--
>  hw/i386/acpi-build.c|  19 +--
>  memory.c|  33 +
>  10 files changed, 242 insertions(+), 60 deletions(-)
> 
> 
> 

I don't think these are necessary, and I thought these were just RFC
when they were posted.  I and mst didn't really understand each other,
and I take the fault for not reviewing the submission; however, Peter,
please hold these for a little more.

Paolo

Re: [Qemu-devel] [PULL 0/8] pc: resizeable ROM blocks

[Peter Maydell]

On 24 December 2014 at 12:25, Paolo Bonzini  wrote:
> On 24/12/2014 12:51, Michael S. Tsirkin wrote:
>> 
>> pc: resizeable ROM blocks
>>
>> This makes ROM blocks resizeable.  This infrastructure is required for other
>> functionality we have queued.
>>
>> Signed-off-by: Michael S. Tsirkin 

> I don't think these are necessary, and I thought these were just RFC
> when they were posted.  I and mst didn't really understand each other,
> and I take the fault for not reviewing the submission; however, Peter,
> please hold these for a little more.

Sure, no problem.

-- PMM

Re: [Qemu-devel] [PULL 0/8] pc: resizeable ROM blocks

[Michael S. Tsirkin]

On Wed, Dec 24, 2014 at 01:25:16PM +0100, Paolo Bonzini wrote:
> On 24/12/2014 12:51, Michael S. Tsirkin wrote:
> > The following changes since commit d86fb03469e016af4e54f04efccbc20a8afa3e19:
> > 
> >   Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20141216-1' 
> > into staging (2014-12-16 16:52:42 +)
> > 
> > are available in the git repository at:
> > 
> >   git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream
> > 
> > for you to fetch changes up to de101bf0e5b1f2bb7759074021f1e082752428ef:
> > 
> >   acpi-build: make ROMs RAM blocks resizeable (2014-12-16 22:14:11 +0200)
> > 
> > 
> > pc: resizeable ROM blocks
> > 
> > This makes ROM blocks resizeable.  This infrastructure is required for other
> > functionality we have queued.
> > 
> > Signed-off-by: Michael S. Tsirkin 
> > 
> > 
> > Michael S. Tsirkin (8):
> >   cpu: add cpu_physical_memory_clear_dirty_range_nocode
> >   memory: add memory_region_set_size
> >   exec: cpu_physical_memory_set/clear_dirty_range
> >   exec: split length -> used_length/max_length
> >   exec: qemu_ram_alloc_resizeable, qemu_ram_resize
> >   arch_init: support resizing on incoming migration
> >   memory: API to allocate resizeable RAM MR
> >   acpi-build: make ROMs RAM blocks resizeable
> > 
> >  hw/lm32/lm32_hwsetup.h  |   3 +-
> >  include/exec/cpu-all.h  |  12 +++--
> >  include/exec/memory.h   |  34 +
> >  include/exec/ram_addr.h |  22 +++--
> >  include/hw/loader.h |   4 +-
> >  arch_init.c |  28 ++-
> >  exec.c  | 129 
> > +---
> >  hw/core/loader.c|  18 +--
> >  hw/i386/acpi-build.c|  19 +--
> >  memory.c|  33 +
> >  10 files changed, 242 insertions(+), 60 deletions(-)
> > 
> > 
> > 
> 
> I don't think these are necessary, and I thought these were just RFC
> when they were posted.  I and mst didn't really understand each other,
> and I take the fault for not reviewing the submission; however, Peter,
> please hold these for a little more.
> 
> Paolo

Yes, please do, I'd like Paolo to review at least the memory core
changes.

-- 
MST

[Qemu-devel] [PATCH 1/4] pc: append ssdt-misc.dsl to the DSDT

[Paolo Bonzini]

This part of the ACPI tables can vary in size across machine types, but
does not depend on the command-line.  It is an SSDT just because it is
the same for i440fx and Q35, and making it an SSDT made the code a bit
simpler.  However, it also complicates backwards compatibility, so
merge it with the DSDT.

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-build.c | 54 ++--
 1 file changed, 35 insertions(+), 19 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index a4d0c0c..c8088f1 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1061,26 +1061,17 @@ static void patch_pci_windows(PcPciInfo *pci, uint8_t 
*start, unsigned size)
 }
 }
 
-static void
-build_ssdt(GArray *table_data, GArray *linker,
-   AcpiCpuInfo *cpu, AcpiPmInfo *pm, AcpiMiscInfo *misc,
-   PcPciInfo *pci, PcGuestInfo *guest_info)
+static size_t
+append_ssdt_misc(GArray *table_data, AcpiPmInfo *pm, AcpiMiscInfo *misc,
+ PcPciInfo *pci)
 {
 MachineState *machine = MACHINE(qdev_get_machine());
 uint32_t nr_mem = machine->ram_slots;
-unsigned acpi_cpus = guest_info->apic_id_limit;
-int ssdt_start = table_data->len;
+size_t size = sizeof(ssdp_misc_aml) - sizeof(AcpiTableHeader);
 uint8_t *ssdt_ptr;
-int i;
-
-/* The current AML generator can cover the APIC ID range [0..255],
- * inclusive, for VCPU hotplug. */
-QEMU_BUILD_BUG_ON(ACPI_CPU_HOTPLUG_ID_LIMIT > 256);
-g_assert(acpi_cpus <= ACPI_CPU_HOTPLUG_ID_LIMIT);
 
 /* Copy header and patch values in the S3_ / S4_ / S5_ packages */
-ssdt_ptr = acpi_data_push(table_data, sizeof(ssdp_misc_aml));
-memcpy(ssdt_ptr, ssdp_misc_aml, sizeof(ssdp_misc_aml));
+ssdt_ptr = g_memdup(ssdp_misc_aml, sizeof(ssdp_misc_aml));
 if (pm->s3_disabled) {
 ssdt_ptr[acpi_s3_name[0]] = 'X';
 }
@@ -1099,6 +1090,29 @@ build_ssdt(GArray *table_data, GArray *linker,
 ACPI_BUILD_SET_LE(ssdt_ptr, sizeof(ssdp_misc_aml),
   ssdt_mctrl_nr_slots[0], 32, nr_mem);
 
+memcpy(acpi_data_push(table_data, size),
+   ssdt_ptr + sizeof(AcpiTableHeader), size);
+g_free(ssdt_ptr);
+return size;
+}
+
+static void
+build_ssdt(GArray *table_data, GArray *linker,
+   AcpiCpuInfo *cpu, AcpiPmInfo *pm, PcGuestInfo *guest_info)
+{
+MachineState *machine = MACHINE(qdev_get_machine());
+uint32_t nr_mem = machine->ram_slots;
+unsigned acpi_cpus = guest_info->apic_id_limit;
+int ssdt_start = table_data->len;
+int i;
+
+acpi_data_push(table_data, sizeof(AcpiTableHeader));
+
+/* The current AML generator can cover the APIC ID range [0..255],
+ * inclusive, for VCPU hotplug. */
+QEMU_BUILD_BUG_ON(ACPI_CPU_HOTPLUG_ID_LIMIT > 256);
+g_assert(acpi_cpus <= ACPI_CPU_HOTPLUG_ID_LIMIT);
+
 {
 GArray *sb_scope = build_alloc_array();
 uint8_t op = 0x10; /* ScopeOp */
@@ -1423,18 +1437,21 @@ build_dmar_q35(GArray *table_data, GArray *linker)
 }
 
 static void
-build_dsdt(GArray *table_data, GArray *linker, AcpiMiscInfo *misc)
+build_dsdt(GArray *table_data, GArray *linker, AcpiPmInfo *pm,
+   AcpiMiscInfo *misc, PcPciInfo *pci)
 {
 AcpiTableHeader *dsdt;
+size_t ssdt_misc_size;
 
 assert(misc->dsdt_code && misc->dsdt_size);
 
 dsdt = acpi_data_push(table_data, misc->dsdt_size);
 memcpy(dsdt, misc->dsdt_code, misc->dsdt_size);
+ssdt_misc_size = append_ssdt_misc(table_data, pm, misc, pci);
 
 memset(dsdt, 0, sizeof *dsdt);
 build_header(linker, table_data, dsdt, "DSDT",
- misc->dsdt_size, 1);
+ misc->dsdt_size + ssdt_misc_size, 1);
 }
 
 /* Build final rsdt table */
@@ -1591,7 +1608,7 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 
 /* DSDT is pointed to by FADT */
 dsdt = tables->table_data->len;
-build_dsdt(tables->table_data, tables->linker, &misc);
+build_dsdt(tables->table_data, tables->linker, &pm, &misc, &pci);
 
 /* Count the size of the DSDT and SSDT, we will need it for legacy
  * sizing of ACPI tables.
@@ -1604,8 +1621,7 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 
 ssdt = tables->table_data->len;
 acpi_add_table(table_offsets, tables->table_data);
-build_ssdt(tables->table_data, tables->linker, &cpu, &pm, &misc, &pci,
-   guest_info);
+build_ssdt(tables->table_data, tables->linker, &cpu, &pm, guest_info);
 aml_len += tables->table_data->len - ssdt;
 
 acpi_add_table(table_offsets, tables->table_data);
-- 
1.8.3.1

[Qemu-devel] [PATCH 0/4] acpi: move common parts of the SSDT to the DSDT (and preview of things to come)

[Paolo Bonzini]

Right now, the SSDT/DSDT is split in three parts:

- code that doesn't need patching goes in the DSDT.  Furthermore,
  code in this category that is shared between PIIX4 and Q35 is
  handled via #include.  There was one exception, the SMC._STA
  method is patched and is in the DSDT.

- shared code that needs patching goes in the SSDT

- template-based code that comes from command line arguments
  goes in the SSDT as well

This series changes things to:

- code that is chipset-specific goes in the DSDT first.
  Right now none of this needs patching

- code that is not chipset-specific, some of which needs
  patching, goes in the DSDT second

- template-based code that comes from command line arguments
  goes in the SSDT

Patch 1 moves ssdt-misc ("common code that needs patching")
to the DSDT.  Patches 2-4 stop using the C preprocessor
in the DSDTs.

Patches 5-7 show why this could be useful.  They add padding
in fw_cfg after the DSDT, and in exchange stop padding the ACPI
tables to 128K.  This fixes migration problems (ROM sizes, RSDP)
because the ACPI tables are split in two:

1) fixed tables and the DSDT can be changed freely;

2) tables that vary depending on the command-line arguments (SSDT,
MADT, ...) are versioned and, given a machine type, they have to be
byte-equivalent across QEMU versions >= 2.3.

Patches 5 and 6 introduce a new sizing algorithm.  Patch 7 use it
to fix the migration problems.

Only the first 4 or 6 patches are meant for inclusion.  Patch 7 should
only be committed after Igor's series that rewrites the templating
mechanism in C.  That makes it much simpler to track changes to the ACPI
tables, and removes dependencies on the IASL version that could cause
some head-scratching.

The conflicts with Igor's series are nontrivial but overall
not complicated to solve.  Igor rewrote ssdt-misc in C, but those
parts can be easily removed from his series.  He has plans to
build the DSDT from C, and if that materializes it can apply to
acpi-dsdt-common.dsl too.

Paolo

Paolo Bonzini (7):
  pc: append ssdt-misc.dsl to the DSDT
  pc: rename ssdt-misc to dsdt-common
  pc: move common parts of the DSDT to dsdt-common
  pc: merge DSDT common parts into acpi-dsdt-common.dsl
  pc: introduce new ACPI table sizing algorithm
  pc: clean up pre-2.1 compatibility code
  pc: go back to smaller ACPI tables

 hw/i386/Makefile.objs  |   2 +-
 hw/i386/acpi-build.c   | 107 +++--
 hw/i386/acpi-dsdt-common.dsl   | 467 +
 ...ex.generated => acpi-dsdt-common.hex.generated} |   4 +-
 hw/i386/acpi-dsdt-dbug.dsl |  41 --
 hw/i386/acpi-dsdt-hpet.dsl |  48 ---
 hw/i386/acpi-dsdt-isa.dsl  | 128 --
 hw/i386/acpi-dsdt-mem-hotplug.dsl  | 176 
 hw/i386/acpi-dsdt.dsl  |  12 +-
 hw/i386/pc_piix.c  |   9 +-
 hw/i386/pc_q35.c   |   6 +-
 hw/i386/q35-acpi-dsdt.dsl  |   9 +-
 hw/i386/ssdt-misc.dsl  | 122 --
 include/hw/i386/pc.h   |   2 +
 14 files changed, 550 insertions(+), 583 deletions(-)
 create mode 100644 hw/i386/acpi-dsdt-common.dsl
 rename hw/i386/{ssdt-misc.hex.generated => acpi-dsdt-common.hex.generated} 
(96%)
 delete mode 100644 hw/i386/acpi-dsdt-dbug.dsl
 delete mode 100644 hw/i386/acpi-dsdt-hpet.dsl
 delete mode 100644 hw/i386/acpi-dsdt-isa.dsl
 delete mode 100644 hw/i386/acpi-dsdt-mem-hotplug.dsl
 delete mode 100644 hw/i386/ssdt-misc.dsl

-- 
1.8.3.1

[Qemu-devel] [PATCH 7/4] pc: go back to smaller ACPI tables

[Paolo Bonzini]

The new algorithm introduced by the previous patch lets us make tables
smaller and avoid migration bugs due to large tables.

Use it for 2.3+ machine types by tweaking the default fixed_table_align
and acpi_table_align values.  At the same time, preserve backwards-compatible
logic for pc-i440fx-2.2.

Without this patch:
[0.00] BIOS-e820: [mem 0x0010-0x07fd] usable
[0.00] BIOS-e820: [mem 0x07fe-0x07ff] reserved
...
[0.00] init_memory_mapping: [mem 0x0700-0x07fd] usable
[0.00] RAMDISK: [mem 0x07112000-0x07fd]

With this patch:
[0.00] BIOS-e820: [mem 0x0010-0x07ffafff] usable
[0.00] BIOS-e820: [mem 0x07ffb000-0x07ff] reserved
...
[0.00] init_memory_mapping: [mem 0x0700-0x07ffafff]
[0.00] RAMDISK: [mem 0x07122000-0x07fe]

Thanks to the new linuxboot option ROM, the initrd is loaded 64k above.

Signed-off-by: Paolo Bonzini 
---
 hw/i386/pc_piix.c | 8 +---
 hw/i386/pc_q35.c  | 6 --
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 16de5c9..a5e36b9 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -61,8 +61,8 @@ static const int ide_irq[MAX_IDE_BUS] = { 14, 15 };
 
 static bool has_acpi_build = true;
 static int legacy_acpi_table_size;
-static int fixed_table_align = 0;
-static int acpi_table_align = 131072;
+static int fixed_table_align = 16384;
+static int acpi_table_align = 4096;
 static bool smbios_defaults = true;
 static bool smbios_legacy_mode;
 static bool smbios_uuid_encoded = true;
@@ -332,6 +332,8 @@ static void pc_compat_2_2(MachineState *machine)
 x86_cpu_compat_set_features("Haswell", FEAT_1_ECX, 0, CPUID_EXT_RDRAND);
 x86_cpu_compat_set_features("Broadwell", FEAT_1_ECX, 0, CPUID_EXT_F16C);
 x86_cpu_compat_set_features("Broadwell", FEAT_1_ECX, 0, CPUID_EXT_RDRAND);
+fixed_table_align = 0;
+acpi_table_align = 131072;
 }
 
 static void pc_compat_2_1(MachineState *machine)
@@ -348,7 +350,6 @@ static void pc_compat_2_1(MachineState *machine)
 
 static void pc_compat_2_0(MachineState *machine)
 {
-pc_compat_2_1(machine);
 /* This value depends on the actual DSDT and SSDT compiled into
  * the source QEMU; unfortunately it depends on the binary and
  * not on the machine type, so we cannot make pc-i440fx-1.7 work on
@@ -365,6 +366,7 @@ static void pc_compat_2_0(MachineState *machine)
  * 6652 is valid for QEMU 2.0, the right value for pc-i440fx-1.7 on
  * QEMU 1.7 it is 6414.  For RHEL/CentOS 7.0 it is 6418.
  */
+pc_compat_2_1(machine);
 legacy_acpi_table_size = 6652;
 acpi_table_align = 4096;
 smbios_legacy_mode = true;
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 7ba0535..4fd9527 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -155,10 +155,12 @@ static void pc_q35_init(MachineState *machine)
 guest_info->has_acpi_build = has_acpi_build;
 guest_info->has_reserved_memory = has_reserved_memory;
 
-/* Migration was not supported in 2.0 for Q35, so do not bother
- * with this hack (see hw/i386/acpi-build.c).
+/* Migration was not supported in 2.0 for Q35, so do not bother with
+ * hacks around the ACPI table size (see hw/i386/acpi-build.c).
  */
 guest_info->legacy_acpi_table_size = 0;
+guest_info->fixed_table_align = 16384;
+guest_info->acpi_table_align = 4096;
 
 if (smbios_defaults) {
 MachineClass *mc = MACHINE_GET_CLASS(machine);
-- 
1.8.3.1

[Qemu-devel] [PATCH 3/4] pc: move common parts of the DSDT to dsdt-common

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-build.c |  7 ++-
 hw/i386/acpi-dsdt-common.dsl | 14 +++---
 hw/i386/acpi-dsdt-isa.dsl|  6 +-
 hw/i386/acpi-dsdt.dsl| 10 ++
 hw/i386/q35-acpi-dsdt.dsl|  9 ++---
 5 files changed, 22 insertions(+), 24 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 0712dd3..328a108 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -53,6 +53,7 @@
 
 #include "hw/i386/q35-acpi-dsdt.hex"
 #include "hw/i386/acpi-dsdt.hex"
+#include "hw/i386/acpi-dsdt-common.hex"
 
 #include "qapi/qmp/qint.h"
 #include "qom/qom-qobject.h"
@@ -116,7 +117,6 @@ typedef struct AcpiBuildPciBusHotplugState {
 
 static void acpi_get_dsdt(AcpiMiscInfo *info)
 {
-uint16_t *applesmc_sta;
 Object *piix = piix4_pm_find();
 Object *lpc = ich9_lpc_find();
 assert(!!piix != !!lpc);
@@ -124,16 +124,14 @@ static void acpi_get_dsdt(AcpiMiscInfo *info)
 if (piix) {
 info->dsdt_code = AcpiDsdtAmlCode;
 info->dsdt_size = sizeof AcpiDsdtAmlCode;
-applesmc_sta = piix_dsdt_applesmc_sta;
 }
 if (lpc) {
 info->dsdt_code = Q35AcpiDsdtAmlCode;
 info->dsdt_size = sizeof Q35AcpiDsdtAmlCode;
-applesmc_sta = q35_dsdt_applesmc_sta;
 }
 
 /* Patch in appropriate value for AppleSMC _STA */
-*(uint8_t *)(info->dsdt_code + *applesmc_sta) =
+*(uint8_t *)(info->dsdt_code + dsdt_applesmc_sta[0]) =
 applesmc_find() ? 0x0b : 0x00;
 }
 
@@ -715,7 +713,6 @@ static inline char acpi_get_hex(uint32_t val)
 #define ACPI_SSDT_SIGNATURE 0x54445353 /* SSDT */
 #define ACPI_SSDT_HEADER_LENGTH 36
 
-#include "hw/i386/acpi-dsdt-common.hex"
 #include "hw/i386/ssdt-pcihp.hex"
 #include "hw/i386/ssdt-tpm.hex"
 
diff --git a/hw/i386/acpi-dsdt-common.dsl b/hw/i386/acpi-dsdt-common.dsl
index f7849c0..1929f8f 100644
--- a/hw/i386/acpi-dsdt-common.dsl
+++ b/hw/i386/acpi-dsdt-common.dsl
@@ -19,6 +19,17 @@ ACPI_EXTRACT_ALL_CODE dsdt_common_aml
 DefinitionBlock ("acpi-dsdt-common.aml", "SSDT", 0x01, "BXPC", "BXSSDTCOMM", 
0x1)
 {
 
+External(\_SB.PCI0, DeviceObj)
+External(\_SB.PCI0.ISA, DeviceObj)
+External(\_SB.PCI0.PCI, DeviceObj)
+
+#include "hw/acpi/pc-hotplug.h"
+#include "acpi-dsdt-dbug.dsl"
+#include "acpi-dsdt-hpet.dsl"
+#include "acpi-dsdt-isa.dsl"
+#include "acpi-dsdt-mem-hotplug.dsl"
+
+
 /
  * PCI memory ranges
  /
@@ -74,9 +85,6 @@ DefinitionBlock ("acpi-dsdt-common.aml", "SSDT", 0x01, 
"BXPC", "BXSSDTCOMM", 0x1
 })
 }
 
-External(\_SB.PCI0, DeviceObj)
-External(\_SB.PCI0.ISA, DeviceObj)
-
 Scope(\_SB.PCI0.ISA) {
 Device(PEVT) {
 Name(_HID, "QEMU0001")
diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl
index deb37de..a8851b0 100644
--- a/hw/i386/acpi-dsdt-isa.dsl
+++ b/hw/i386/acpi-dsdt-isa.dsl
@@ -19,7 +19,7 @@ Scope(\_SB.PCI0.ISA) {
 Device (SMC) {
 Name(_HID, EisaId("APP0001"))
 /* _STA will be patched to 0x0B if AppleSMC is present */
-ACPI_EXTRACT_NAME_BYTE_CONST DSDT_APPLESMC_STA
+ACPI_EXTRACT_NAME_BYTE_CONST dsdt_applesmc_sta
 Name(_STA, 0xF0)
 Name(_CRS, ResourceTemplate () {
 IO (Decode16, 0x0300, 0x0300, 0x01, 0x20)
@@ -58,6 +58,7 @@ Scope(\_SB.PCI0.ISA) {
 })
 }
 
+External(FDEN)
 Device(FDC0) {
 Name(_HID, EisaId("PNP0700"))
 Method(_STA, 0, NotSerialized) {
@@ -76,6 +77,7 @@ Scope(\_SB.PCI0.ISA) {
 })
 }
 
+External(LPEN)
 Device(LPT) {
 Name(_HID, EisaId("PNP0400"))
 Method(_STA, 0, NotSerialized) {
@@ -92,6 +94,7 @@ Scope(\_SB.PCI0.ISA) {
 })
 }
 
+External(CAEN)
 Device(COM1) {
 Name(_HID, EisaId("PNP0501"))
 Name(_UID, 0x01)
@@ -109,6 +112,7 @@ Scope(\_SB.PCI0.ISA) {
 })
 }
 
+External(CBEN)
 Device(COM2) {
 Name(_HID, EisaId("PNP0501"))
 Name(_UID, 0x02)
diff --git a/hw/i386/acpi-dsdt.dsl b/hw/i386/acpi-dsdt.dsl
index e50efeb..71d1e3f 100644
--- a/hw/i386/acpi-dsdt.dsl
+++ b/hw/i386/acpi-dsdt.dsl
@@ -29,9 +29,6 @@ DefinitionBlock (
 )
 {
 
-#include "acpi-dsdt-dbug.dsl"
-
-
 /
  * PCI Bus definition
  /
@@ -86,7 +83,6 @@ DefinitionBlock (
 }
 
 #include "acpi-dsdt-pci-crs.dsl"
-#include "acpi-dsdt-hpet.dsl"
 
 
 /
@@ -130,9 +126,6 @@ DefinitionBlock (
 }
 }
 
-#define DSDT_APPLESMC_STA piix_dsdt_applesmc_sta
-#include "acpi-dsdt-isa.dsl"
-
 
 /
  * PCI hotplug
@@ -297,7 +290,6 @@ DefinitionBlock (
 #include "hw/acpi/pc-hotplug.h"
 #define CPU_STATUS_BASE PIIX4_CPU_HOTPL

[Qemu-devel] [PATCH 4/4] pc: merge DSDT common parts into acpi-dsdt-common.dsl

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-dsdt-common.dsl  | 345 +-
 hw/i386/acpi-dsdt-dbug.dsl|  41 -
 hw/i386/acpi-dsdt-hpet.dsl|  48 --
 hw/i386/acpi-dsdt-isa.dsl | 132 ---
 hw/i386/acpi-dsdt-mem-hotplug.dsl | 176 ---
 5 files changed, 341 insertions(+), 401 deletions(-)
 delete mode 100644 hw/i386/acpi-dsdt-dbug.dsl
 delete mode 100644 hw/i386/acpi-dsdt-hpet.dsl
 delete mode 100644 hw/i386/acpi-dsdt-isa.dsl
 delete mode 100644 hw/i386/acpi-dsdt-mem-hotplug.dsl

diff --git a/hw/i386/acpi-dsdt-common.dsl b/hw/i386/acpi-dsdt-common.dsl
index 1929f8f..19e9753 100644
--- a/hw/i386/acpi-dsdt-common.dsl
+++ b/hw/i386/acpi-dsdt-common.dsl
@@ -24,10 +24,347 @@ DefinitionBlock ("acpi-dsdt-common.aml", "SSDT", 0x01, 
"BXPC", "BXSSDTCOMM", 0x1
 External(\_SB.PCI0.PCI, DeviceObj)
 
 #include "hw/acpi/pc-hotplug.h"
-#include "acpi-dsdt-dbug.dsl"
-#include "acpi-dsdt-hpet.dsl"
-#include "acpi-dsdt-isa.dsl"
-#include "acpi-dsdt-mem-hotplug.dsl"
+
+/
+ * Debugging
+ /
+
+Scope(\) {
+/* Debug Output */
+OperationRegion(DBG, SystemIO, 0x0402, 0x01)
+Field(DBG, ByteAcc, NoLock, Preserve) {
+DBGB,   8,
+}
+
+/* Debug method - use this method to send output to the QEMU
+ * BIOS debug port.  This method handles strings, integers,
+ * and buffers.  For example: DBUG("abc") DBUG(0x123) */
+Method(DBUG, 1) {
+ToHexString(Arg0, Local0)
+ToBuffer(Local0, Local0)
+Subtract(SizeOf(Local0), 1, Local1)
+Store(Zero, Local2)
+While (LLess(Local2, Local1)) {
+Store(DerefOf(Index(Local0, Local2)), DBGB)
+Increment(Local2)
+}
+Store(0x0A, DBGB)
+}
+}
+
+/
+ * HPET
+ /
+
+Scope(\_SB) {
+Device(HPET) {
+Name(_HID, EISAID("PNP0103"))
+Name(_UID, 0)
+OperationRegion(HPTM, SystemMemory, 0xFED0, 0x400)
+Field(HPTM, DWordAcc, Lock, Preserve) {
+VEND, 32,
+PRD, 32,
+}
+Method(_STA, 0, NotSerialized) {
+Store(VEND, Local0)
+Store(PRD, Local1)
+ShiftRight(Local0, 16, Local0)
+If (LOr(LEqual(Local0, 0), LEqual(Local0, 0x))) {
+Return (0x0)
+}
+If (LOr(LEqual(Local1, 0), LGreater(Local1, 1))) {
+Return (0x0)
+}
+Return (0x0F)
+}
+Name(_CRS, ResourceTemplate() {
+Memory32Fixed(ReadOnly,
+0xFED0, // Address Base
+0x0400, // Address Length
+)
+})
+}
+}
+
+/* Common legacy ISA style devices. */
+Scope(\_SB.PCI0.ISA) {
+
+Device (SMC) {
+Name(_HID, EisaId("APP0001"))
+/* _STA will be patched to 0x0B if AppleSMC is present */
+ACPI_EXTRACT_NAME_BYTE_CONST dsdt_applesmc_sta
+Name(_STA, 0xF0)
+Name(_CRS, ResourceTemplate () {
+IO (Decode16, 0x0300, 0x0300, 0x01, 0x20)
+IRQNoFlags() { 6 }
+})
+}
+
+Device(RTC) {
+Name(_HID, EisaId("PNP0B00"))
+Name(_CRS, ResourceTemplate() {
+IO(Decode16, 0x0070, 0x0070, 0x10, 0x02)
+IRQNoFlags() { 8 }
+IO(Decode16, 0x0072, 0x0072, 0x02, 0x06)
+})
+}
+
+Device(KBD) {
+Name(_HID, EisaId("PNP0303"))
+Method(_STA, 0, NotSerialized) {
+Return (0x0f)
+}
+Name(_CRS, ResourceTemplate() {
+IO(Decode16, 0x0060, 0x0060, 0x01, 0x01)
+IO(Decode16, 0x0064, 0x0064, 0x01, 0x01)
+IRQNoFlags() { 1 }
+})
+}
+
+Device(MOU) {
+Name(_HID, EisaId("PNP0F13"))
+Method(_STA, 0, NotSerialized) {
+Return (0x0f)
+}
+Name(_CRS, ResourceTemplate() {
+IRQNoFlags() { 12 }
+})
+}
+
+External(FDEN)
+Device(FDC0) {
+Name(_HID, EisaId("PNP0700"))
+Method(_STA, 0, NotSerialized) {
+Store(FDEN, Local0)
+If (LEqual(Local0, 0)) {
+Return (0x00)
+} Else {
+Return (0x0F)
+}
+}
+Name(_CRS, ResourceTemplate() {
+   

[Qemu-devel] [PATCH 5/4] pc: introduce new ACPI table sizing algorithm

[Paolo Bonzini]

Add padding after the DSDT.  Tables that vary depending on the
command-line arguments will have to be byte-equivalent across QEMU
versions >= 2.2, while fixed tables (including the DSDT) can be
changed freely.

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-build.c | 19 +++
 hw/i386/pc_piix.c|  5 +
 include/hw/i386/pc.h |  2 ++
 3 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 328a108..0729aa8 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -67,8 +67,6 @@
 #define ACPI_BUILD_LEGACY_CPU_AML_SIZE97
 #define ACPI_BUILD_ALIGN_SIZE 0x1000
 
-#define ACPI_BUILD_TABLE_SIZE 0x2
-
 /* #define DEBUG_ACPI_BUILD */
 #ifdef DEBUG_ACPI_BUILD
 #define ACPI_BUILD_DPRINTF(fmt, ...)\
@@ -1616,6 +1614,10 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 acpi_add_table(table_offsets, tables->table_data);
 build_fadt(tables->table_data, tables->linker, &pm, facs, dsdt);
 
+if (guest_info->fixed_table_align) {
+acpi_align_size(tables->table_data, guest_info->fixed_table_align);
+}
+
 ssdt = tables->table_data->len;
 acpi_add_table(table_offsets, tables->table_data);
 build_ssdt(tables->table_data, tables->linker, &cpu, &pm, guest_info);
@@ -1698,15 +1700,16 @@ void acpi_build(PcGuestInfo *guest_info, 
AcpiBuildTables *tables)
 }
 g_array_set_size(tables->table_data, legacy_table_size);
 } else {
-/* Make sure we have a buffer in case we need to resize the tables. */
-if (tables->table_data->len > ACPI_BUILD_TABLE_SIZE / 2) {
-/* As of QEMU 2.1, this fires with 160 VCPUs and 255 memory slots. 
 */
+/* Suggest upgrading to the newer algorithm if close to the limit.
+ * As of QEMU 2.1, this fired with 160 VCPUs and 255 memory slots.
+ */
+if (!guest_info->fixed_table_align &&
+tables->table_data->len > guest_info->acpi_table_align / 2) {
 error_report("Warning: ACPI tables are larger than 64k.");
 error_report("Warning: migration may not work.");
-error_report("Warning: please remove CPUs, NUMA nodes, "
- "memory slots or PCI bridges.");
+error_report("Warning: please upgrade to a newer machine type.");
 }
-acpi_align_size(tables->table_data, ACPI_BUILD_TABLE_SIZE);
+acpi_align_size(tables->table_data, guest_info->acpi_table_align);
 }
 
 acpi_align_size(tables->linker, ACPI_BUILD_ALIGN_SIZE);
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 220f741..16de5c9 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -61,6 +61,8 @@ static const int ide_irq[MAX_IDE_BUS] = { 14, 15 };
 
 static bool has_acpi_build = true;
 static int legacy_acpi_table_size;
+static int fixed_table_align = 0;
+static int acpi_table_align = 131072;
 static bool smbios_defaults = true;
 static bool smbios_legacy_mode;
 static bool smbios_uuid_encoded = true;
@@ -165,6 +167,8 @@ static void pc_init1(MachineState *machine,
 
 guest_info->has_acpi_build = has_acpi_build;
 guest_info->legacy_acpi_table_size = legacy_acpi_table_size;
+guest_info->fixed_table_align = fixed_table_align;
+guest_info->acpi_table_align = acpi_table_align;
 
 guest_info->isapc_ram_fw = !pci_enabled;
 guest_info->has_reserved_memory = has_reserved_memory;
@@ -362,6 +366,7 @@ static void pc_compat_2_0(MachineState *machine)
  * QEMU 1.7 it is 6414.  For RHEL/CentOS 7.0 it is 6418.
  */
 legacy_acpi_table_size = 6652;
+acpi_table_align = 4096;
 smbios_legacy_mode = true;
 has_reserved_memory = false;
 pc_set_legacy_acpi_data_size();
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index 69d9cf8..236f285 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -102,6 +102,8 @@ struct PcGuestInfo {
 uint64_t *node_cpu;
 FWCfgState *fw_cfg;
 int legacy_acpi_table_size;
+int fixed_table_align;
+int acpi_table_align;
 bool has_acpi_build;
 bool has_reserved_memory;
 };
-- 
1.8.3.1

[Qemu-devel] [PATCH 2/4] pc: rename ssdt-misc to dsdt-common

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 hw/i386/Makefile.objs  |  2 +-
 hw/i386/acpi-build.c   | 38 +++---
 hw/i386/{ssdt-misc.dsl => acpi-dsdt-common.dsl}|  8 ++---
 ...ex.generated => acpi-dsdt-common.hex.generated} |  4 +--
 hw/i386/acpi-dsdt.dsl  |  2 +-
 5 files changed, 27 insertions(+), 27 deletions(-)
 rename hw/i386/{ssdt-misc.dsl => acpi-dsdt-common.dsl} (94%)
 rename hw/i386/{ssdt-misc.hex.generated => acpi-dsdt-common.hex.generated} 
(96%)

diff --git a/hw/i386/Makefile.objs b/hw/i386/Makefile.objs
index 9d419ad..fe6b846 100644
--- a/hw/i386/Makefile.objs
+++ b/hw/i386/Makefile.objs
@@ -9,7 +9,7 @@ obj-y += kvmvapic.o
 obj-y += acpi-build.o
 obj-y += bios-linker-loader.o
 hw/i386/acpi-build.o: hw/i386/acpi-build.c hw/i386/acpi-dsdt.hex \
-   hw/i386/ssdt-proc.hex hw/i386/ssdt-pcihp.hex hw/i386/ssdt-misc.hex \
+   hw/i386/ssdt-proc.hex hw/i386/ssdt-pcihp.hex 
hw/i386/acpi-dsdt-common.hex \
hw/i386/acpi-dsdt.hex hw/i386/q35-acpi-dsdt.hex \
hw/i386/q35-acpi-dsdt.hex hw/i386/ssdt-mem.hex \
hw/i386/ssdt-tpm.hex
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index c8088f1..0712dd3 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -715,7 +715,7 @@ static inline char acpi_get_hex(uint32_t val)
 #define ACPI_SSDT_SIGNATURE 0x54445353 /* SSDT */
 #define ACPI_SSDT_HEADER_LENGTH 36
 
-#include "hw/i386/ssdt-misc.hex"
+#include "hw/i386/acpi-dsdt-common.hex"
 #include "hw/i386/ssdt-pcihp.hex"
 #include "hw/i386/ssdt-tpm.hex"
 
@@ -1062,37 +1062,37 @@ static void patch_pci_windows(PcPciInfo *pci, uint8_t 
*start, unsigned size)
 }
 
 static size_t
-append_ssdt_misc(GArray *table_data, AcpiPmInfo *pm, AcpiMiscInfo *misc,
- PcPciInfo *pci)
+append_dsdt_common(GArray *table_data, AcpiPmInfo *pm, AcpiMiscInfo *misc,
+   PcPciInfo *pci)
 {
 MachineState *machine = MACHINE(qdev_get_machine());
 uint32_t nr_mem = machine->ram_slots;
-size_t size = sizeof(ssdp_misc_aml) - sizeof(AcpiTableHeader);
-uint8_t *ssdt_ptr;
+size_t size = sizeof(dsdt_common_aml) - sizeof(AcpiTableHeader);
+uint8_t *dsdt_ptr;
 
 /* Copy header and patch values in the S3_ / S4_ / S5_ packages */
-ssdt_ptr = g_memdup(ssdp_misc_aml, sizeof(ssdp_misc_aml));
+dsdt_ptr = g_memdup(dsdt_common_aml, sizeof(dsdt_common_aml));
 if (pm->s3_disabled) {
-ssdt_ptr[acpi_s3_name[0]] = 'X';
+dsdt_ptr[acpi_s3_name[0]] = 'X';
 }
 if (pm->s4_disabled) {
-ssdt_ptr[acpi_s4_name[0]] = 'X';
+dsdt_ptr[acpi_s4_name[0]] = 'X';
 } else {
-ssdt_ptr[acpi_s4_pkg[0] + 1] = ssdt_ptr[acpi_s4_pkg[0] + 3] =
+dsdt_ptr[acpi_s4_pkg[0] + 1] = dsdt_ptr[acpi_s4_pkg[0] + 3] =
 pm->s4_val;
 }
 
-patch_pci_windows(pci, ssdt_ptr, sizeof(ssdp_misc_aml));
+patch_pci_windows(pci, dsdt_ptr, sizeof(dsdt_common_aml));
 
-ACPI_BUILD_SET_LE(ssdt_ptr, sizeof(ssdp_misc_aml),
-  ssdt_isa_pest[0], 16, misc->pvpanic_port);
+ACPI_BUILD_SET_LE(dsdt_ptr, sizeof(dsdt_common_aml),
+  dsdt_isa_pest[0], 16, misc->pvpanic_port);
 
-ACPI_BUILD_SET_LE(ssdt_ptr, sizeof(ssdp_misc_aml),
-  ssdt_mctrl_nr_slots[0], 32, nr_mem);
+ACPI_BUILD_SET_LE(dsdt_ptr, sizeof(dsdt_common_aml),
+  dsdt_mctrl_nr_slots[0], 32, nr_mem);
 
 memcpy(acpi_data_push(table_data, size),
-   ssdt_ptr + sizeof(AcpiTableHeader), size);
-g_free(ssdt_ptr);
+   dsdt_ptr + sizeof(AcpiTableHeader), size);
+g_free(dsdt_ptr);
 return size;
 }
 
@@ -1441,17 +1441,17 @@ build_dsdt(GArray *table_data, GArray *linker, 
AcpiPmInfo *pm,
AcpiMiscInfo *misc, PcPciInfo *pci)
 {
 AcpiTableHeader *dsdt;
-size_t ssdt_misc_size;
+size_t dsdt_common_size;
 
 assert(misc->dsdt_code && misc->dsdt_size);
 
 dsdt = acpi_data_push(table_data, misc->dsdt_size);
 memcpy(dsdt, misc->dsdt_code, misc->dsdt_size);
-ssdt_misc_size = append_ssdt_misc(table_data, pm, misc, pci);
+dsdt_common_size = append_dsdt_common(table_data, pm, misc, pci);
 
 memset(dsdt, 0, sizeof *dsdt);
 build_header(linker, table_data, dsdt, "DSDT",
- misc->dsdt_size + ssdt_misc_size, 1);
+ misc->dsdt_size + dsdt_common_size, 1);
 }
 
 /* Build final rsdt table */
diff --git a/hw/i386/ssdt-misc.dsl b/hw/i386/acpi-dsdt-common.dsl
similarity index 94%
rename from hw/i386/ssdt-misc.dsl
rename to hw/i386/acpi-dsdt-common.dsl
index 1e3baae..f7849c0 100644
--- a/hw/i386/ssdt-misc.dsl
+++ b/hw/i386/acpi-dsdt-common.dsl
@@ -14,9 +14,9 @@
  */
 #include "hw/acpi/pc-hotplug.h"
 
-ACPI_EXTRACT_ALL_CODE ssdp_misc_aml
+ACPI_EXTRACT_ALL_CODE dsdt_common_aml
 
-DefinitionBlock ("ssdt-misc.aml", "SSDT", 0x01, "BXPC", "BXSSDTSUSP", 0x1)
+DefinitionBlock ("acpi-dsdt-common.aml", "SSDT", 0x01, "BXPC", "BX

[Qemu-devel] [PATCH 6/4] pc: clean up pre-2.1 compatibility code

[Paolo Bonzini]

Now that the alignment is parameterized, we can share the call to
acpi_align_size between all three (1.7-2.0/2.1/2.2+) sizing algorithms.

Also, with the new rule that SSDT cannot change except with
machine-type compat code, the magic 97 constant for a CPU's
AML size is not anymore "legacy", so rename it.

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-build.c | 11 +--
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 0729aa8..8c32bb9 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -64,8 +64,8 @@
  * a little bit, there should be plenty of free space since the DSDT
  * shrunk by ~1.5k between QEMU 2.0 and QEMU 2.1.
  */
-#define ACPI_BUILD_LEGACY_CPU_AML_SIZE97
-#define ACPI_BUILD_ALIGN_SIZE 0x1000
+#define ACPI_BUILD_CPU_AML_SIZE97
+#define ACPI_BUILD_ALIGN_SIZE  0x1000
 
 /* #define DEBUG_ACPI_BUILD */
 #ifdef DEBUG_ACPI_BUILD
@@ -1690,10 +1690,9 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
  */
 int legacy_aml_len =
 guest_info->legacy_acpi_table_size +
-ACPI_BUILD_LEGACY_CPU_AML_SIZE * max_cpus;
+ACPI_BUILD_CPU_AML_SIZE * max_cpus;
 int legacy_table_size =
-ROUND_UP(tables->table_data->len - aml_len + legacy_aml_len,
- ACPI_BUILD_ALIGN_SIZE);
+tables->table_data->len - aml_len + legacy_aml_len;
 if (tables->table_data->len > legacy_table_size) {
 /* Should happen only with PCI bridges and -M pc-i440fx-2.0.  */
 error_report("Warning: migration may not work.");
@@ -1709,8 +1708,8 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 error_report("Warning: migration may not work.");
 error_report("Warning: please upgrade to a newer machine type.");
 }
-acpi_align_size(tables->table_data, guest_info->acpi_table_align);
 }
+acpi_align_size(tables->table_data, guest_info->acpi_table_align);
 
 acpi_align_size(tables->linker, ACPI_BUILD_ALIGN_SIZE);
 
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH 0/4] acpi: move common parts of the SSDT to the DSDT (and preview of things to come)

[Paolo Bonzini]

On 24/12/2014 14:12, Paolo Bonzini wrote:
> Right now, the SSDT/DSDT is split in three parts:
> 
> - code that doesn't need patching goes in the DSDT.  Furthermore,
>   code in this category that is shared between PIIX4 and Q35 is
>   handled via #include.  There was one exception, the SMC._STA
>   method is patched and is in the DSDT.
> 
> - shared code that needs patching goes in the SSDT
> 
> - template-based code that comes from command line arguments
>   goes in the SSDT as well
> 
> This series changes things to:
> 
> - code that is chipset-specific goes in the DSDT first.
>   Right now none of this needs patching
> 
> - code that is not chipset-specific, some of which needs
>   patching, goes in the DSDT second
> 
> - template-based code that comes from command line arguments
>   goes in the SSDT
> 
> Patch 1 moves ssdt-misc ("common code that needs patching")
> to the DSDT.  Patches 2-4 stop using the C preprocessor
> in the DSDTs.
> 
> Patches 5-7 show why this could be useful.  They add padding
> in fw_cfg after the DSDT, and in exchange stop padding the ACPI
> tables to 128K.  This fixes migration problems (ROM sizes, RSDP)
> because the ACPI tables are split in two:
> 
> 1) fixed tables and the DSDT can be changed freely;
> 
> 2) tables that vary depending on the command-line arguments (SSDT,
> MADT, ...) are versioned and, given a machine type, they have to be
> byte-equivalent across QEMU versions >= 2.3.
> 
> Patches 5 and 6 introduce a new sizing algorithm.  Patch 7 use it
> to fix the migration problems.
> 
> Only the first 4 or 6 patches are meant for inclusion.  Patch 7 should
> only be committed after Igor's series that rewrites the templating
> mechanism in C.  That makes it much simpler to track changes to the ACPI
> tables, and removes dependencies on the IASL version that could cause
> some head-scratching.
> 
> The conflicts with Igor's series are nontrivial but overall
> not complicated to solve.  Igor rewrote ssdt-misc in C, but those
> parts can be easily removed from his series.  He has plans to
> build the DSDT from C, and if that materializes it can apply to
> acpi-dsdt-common.dsl too.

Oops, this does not update the bios-tables-test.  v2 next week or after
New Year.

Paolo

Re: [Qemu-devel] [PATCH 0/4] acpi: move common parts of the SSDT to the DSDT (and preview of things to come)

[Michael S. Tsirkin]

On Wed, Dec 24, 2014 at 02:12:39PM +0100, Paolo Bonzini wrote:
> Right now, the SSDT/DSDT is split in three parts:
> 
> - code that doesn't need patching goes in the DSDT.  Furthermore,
>   code in this category that is shared between PIIX4 and Q35 is
>   handled via #include.  There was one exception, the SMC._STA
>   method is patched and is in the DSDT.
> 
> - shared code that needs patching goes in the SSDT
> 
> - template-based code that comes from command line arguments
>   goes in the SSDT as well
> 
> This series changes things to:
> 
> - code that is chipset-specific goes in the DSDT first.
>   Right now none of this needs patching
> 
> - code that is not chipset-specific, some of which needs
>   patching, goes in the DSDT second
> 
> - template-based code that comes from command line arguments
>   goes in the SSDT
> 
> Patch 1 moves ssdt-misc ("common code that needs patching")
> to the DSDT.  Patches 2-4 stop using the C preprocessor
> in the DSDTs.
> 
> Patches 5-7 show why this could be useful.  They add padding
> in fw_cfg after the DSDT, and in exchange stop padding the ACPI
> tables to 128K.  This fixes migration problems (ROM sizes, RSDP)
> because the ACPI tables are split in two:
> 
> 1) fixed tables and the DSDT can be changed freely;
> 
> 2) tables that vary depending on the command-line arguments (SSDT,
> MADT, ...) are versioned and, given a machine type, they have to be
> byte-equivalent across QEMU versions >= 2.3.
> 
> Patches 5 and 6 introduce a new sizing algorithm.  Patch 7 use it
> to fix the migration problems.
> 
> Only the first 4 or 6 patches are meant for inclusion.  Patch 7 should
> only be committed after Igor's series that rewrites the templating
> mechanism in C.  That makes it much simpler to track changes to the ACPI
> tables, and removes dependencies on the IASL version that could cause
> some head-scratching.
> 
> The conflicts with Igor's series are nontrivial but overall
> not complicated to solve.  Igor rewrote ssdt-misc in C, but those
> parts can be easily removed from his series.  He has plans to
> build the DSDT from C, and if that materializes it can apply to
> acpi-dsdt-common.dsl too.
> 
> Paolo

So I'll have to review in detail, overall the patches
do look pretty clean.

Given the amount of pain caused by cross version migration
issues, I am inclined to do both: arrange code in a way
that makes keeping things constant easier, and have
some solutions for the inevitable time when we'll find we
have to change things we didn't expect.
Defense in depth, if you like.
Makes sense?


> Paolo Bonzini (7):
>   pc: append ssdt-misc.dsl to the DSDT
>   pc: rename ssdt-misc to dsdt-common
>   pc: move common parts of the DSDT to dsdt-common
>   pc: merge DSDT common parts into acpi-dsdt-common.dsl
>   pc: introduce new ACPI table sizing algorithm
>   pc: clean up pre-2.1 compatibility code
>   pc: go back to smaller ACPI tables
> 
>  hw/i386/Makefile.objs  |   2 +-
>  hw/i386/acpi-build.c   | 107 +++--
>  hw/i386/acpi-dsdt-common.dsl   | 467 
> +
>  ...ex.generated => acpi-dsdt-common.hex.generated} |   4 +-
>  hw/i386/acpi-dsdt-dbug.dsl |  41 --
>  hw/i386/acpi-dsdt-hpet.dsl |  48 ---
>  hw/i386/acpi-dsdt-isa.dsl  | 128 --
>  hw/i386/acpi-dsdt-mem-hotplug.dsl  | 176 
>  hw/i386/acpi-dsdt.dsl  |  12 +-
>  hw/i386/pc_piix.c  |   9 +-
>  hw/i386/pc_q35.c   |   6 +-
>  hw/i386/q35-acpi-dsdt.dsl  |   9 +-
>  hw/i386/ssdt-misc.dsl  | 122 --
>  include/hw/i386/pc.h   |   2 +
>  14 files changed, 550 insertions(+), 583 deletions(-)
>  create mode 100644 hw/i386/acpi-dsdt-common.dsl
>  rename hw/i386/{ssdt-misc.hex.generated => acpi-dsdt-common.hex.generated} 
> (96%)
>  delete mode 100644 hw/i386/acpi-dsdt-dbug.dsl
>  delete mode 100644 hw/i386/acpi-dsdt-hpet.dsl
>  delete mode 100644 hw/i386/acpi-dsdt-isa.dsl
>  delete mode 100644 hw/i386/acpi-dsdt-mem-hotplug.dsl
>  delete mode 100644 hw/i386/ssdt-misc.dsl
> 
> -- 
> 1.8.3.1

Re: [Qemu-devel] [PATCH v3 4/5] Split the QEMU buffered file code out

[David Gibson]

On Fri, Dec 19, 2014 at 11:27:57AM -0200, Eduardo Habkost wrote:
> On Thu, Dec 18, 2014 at 09:24:11AM +, Dr. David Alan Gilbert wrote:
> > * David Gibson (da...@gibson.dropbear.id.au) wrote:
> > > On Fri, Dec 12, 2014 at 11:13:41AM +, Dr. David Alan Gilbert (git) 
> > > wrote:
> > > > From: "Dr. David Alan Gilbert" 
> > > > 
> > > > The splitting of qemu-file and addition of the buffered file landed
> > > > at the same time; so now split the buffered file code out.
> > > > 
> > > > Signed-off-by: Dr. David Alan Gilbert 
> > > > ---
> > > >  migration/Makefile.objs   |   2 +-
> > > >  migration/qemu-file-buf.c | 486 
> > > > ++
> > > >  migration/qemu-file.c | 455 
> > > > ---
> > > >  tests/Makefile|   3 +-
> > > >  4 files changed, 489 insertions(+), 457 deletions(-)
> > > >  create mode 100644 migration/qemu-file-buf.c
> > > > 
> > > > diff --git a/migration/Makefile.objs b/migration/Makefile.objs
> > > > index ce1e3c7..d929e96 100644
> > > > --- a/migration/Makefile.objs
> > > > +++ b/migration/Makefile.objs
> > > > @@ -1,6 +1,6 @@
> > > >  common-obj-y += migration.o tcp.o
> > > >  common-obj-y += vmstate.o
> > > > -common-obj-y += qemu-file.o qemu-file-unix.o qemu-file-stdio.o
> > > > +common-obj-y += qemu-file.o qemu-file-buf.o qemu-file-unix.o 
> > > > qemu-file-stdio.o
> > > >  common-obj-y += xbzrle.o
> > > >  
> > > >  common-obj-$(CONFIG_RDMA) += rdma.o
> > > > diff --git a/migration/qemu-file-buf.c b/migration/qemu-file-buf.c
> > > > new file mode 100644
> > > > index 000..d33dd44
> > > > --- /dev/null
> > > > +++ b/migration/qemu-file-buf.c
> > > > @@ -0,0 +1,486 @@
> > > > +/*
> > > > + * QEMU System Emulator
> > > > + *
> > > > + * Copyright (c) 2003-2008 Fabrice Bellard
> > > 
> > > Bit hard to believe that only Fabrice listed on this file is correct,
> > > given the buffered file stuff is fairly new.
> > 
> > Yes, I'd be happy to add Stefan and Joel's name to that, although
> > they never added it in their original patch, and when splitting files
> > we do normally take the copyright header from what we split out of;
> > but you are right it's misleading.
> 
> This is often a problem when we split source files, as the copyright
> notices are rarely updated when people add new code. IANAL, but copying
> the existing copyright header from the original file seems to be the
> most reasonable thing to do. If people are unhappy with the existing
> copyright header, they can submit patches for it.

Yeah, good point.

> Perhaps we could add a note just below the copyright info, indicating
> that the code was originally in ${ORIGINAL_FILE}.c, to help copyright
> archaeologists from the future.

That sounds like a good idea to me.

-- 
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au  | minimalist, thank you.  NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson


pgpvPVfCzd0LR.pgp
Description: PGP signature

Re: [Qemu-devel] [PATCH 0/4] acpi: move common parts of the SSDT to the DSDT (and preview of things to come)

[Paolo Bonzini]

On 24/12/2014 15:19, Michael S. Tsirkin wrote:
> So I'll have to review in detail, overall the patches
> do look pretty clean.

Q35 is broken though (GArray resizing messes up the tables, fixed
locally and caught by bios-tables-test even before trying it out!).  I
hope to send out the fixed version on Saturday (time ticking before
vacation).

> Given the amount of pain caused by cross version migration
> issues, I am inclined to do both: arrange code in a way
> that makes keeping things constant easier, and have
> some solutions for the inevitable time when we'll find we
> have to change things we didn't expect.
> Defense in depth, if you like.
> Makes sense?

It certainly does.  I am only a bit wary because your patches are
basically a workaround (as hinted by the fact that the resulting RSDP is
corrupted---which doesn't matter much in practice, but it's still a red
flashing light!).

So I still would like to see how stuff looks like after Igor's code is
merged.  Until we actually trim the size of the ACPI tables (patch 7),
we do no better / no worse than released versions of QEMU.

And once Igor's code is merged, we actually have an idea of what is left
in the SSDT, and how tricky that code is.  "Not tricky at all" is
perhaps a bit optimistic, a more realistic hope is "not any more tricky
than what we do for devices".

In other words, it's only tricky now because it's new.  We had all sorts
of false starts, but the my patches and Igor's provide enough separation
(mine: fixed vs. variable; Igor's: ASL vs. C) that the future should
reserve less surprises.

I will still review your patches, of course.

Paolo

Re: [Qemu-devel] qemu-img:the sheepdog snapshot vdi's lock will not be released when use qemu-img to create a snapshot vdi

[Hitoshi Mitake]

At Mon, 22 Dec 2014 17:41:33 +0800,
$B=y>.$AAz(B wrote:
> 
> [1  ]
> hi,all,
>  when i use `qemu-img snapshot -c test-s sheepdog:test` to create a
> snapshot of sheepdog vdi,the snapshot's lock not be released.
> 
> root@hty-compute1:~/qemu# ./qemu-img create sheepdog:test 1G
> Formatting 'sheepdog:test', fmt=raw size=1073741824
> 
> root@hty-compute1:~/qemu# dog vdi list
>   NameIdSizeUsed  SharedCreation time   VDI id  Copies
>  Tag
>   test 0  1.0 GB  0.0 MB  0.0 MB 2014-12-22 17:10   7c2b25  3
> 
> root@hty-compute1:~/qemu# ./qemu-img snapshot -c test-s sheepdog:test
> WARNING: Image format was not specified for 'sheepdog:test' and probing
> guessed raw.
>  Automatically detecting the format is dangerous for raw images,
> write operations on block 0 will be restricted.
>  Specify the 'raw' format explicitly to remove the restrictions.
> 
> root@hty-compute1:~/qemu# dog vdi lock list
> VDI | Owner node | Tag
> s test | IPv4 ip:172.16.17.200 port:7000 test-s
> 
> when i create a snapshot ,the src vdi will be open and locked,in the
> function `sd_open` read the vdi inode info saved in the struct
> BDRVSheepdogState ,and in the function `sd_snapshot_create` the vdi inode
> information in the struct BDRVSheepdogState will point to an new vdi ,so
> when the function `sd_close` be called,the `sd_close` will try to released
> the lock of new vdi.In conclusion,the snapshot vdi will lock forever , so
> it's will be failed when i try to create a new vdi base on the snapshot.
> 
> root@hty-compute1:~/qemu# ./qemu-img create -b sheepdog:test:test-s
> sheepdog:new-vdi
> qemu-img: sheepdog:new-vdi: cannot get vdi info, VDI is already locked,
> test 0 test-s
> 
> There may be some wrong in the function`sd_snapshot_create`.but I'm not
> sure the root cause.
> 
> Thanks,
> Xiaolong Xu

Xiaolong, thanks for your report. I'll fix it ASAP.

Could you use the dog command as a walkaround?

Thanks,
Hitoshi

[Qemu-devel] [Bug 491345] Re: remote migration fails with message "load of migration failed"

[Dr. David Alan Gilbert]

Can you try this again on a more recent QEMU please; a lot has happened
in the last 5 years.

** Changed in: qemu
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/491345

Title:
  remote migration fails with message "load of migration failed"

Status in QEMU:
  Incomplete

Bug description:
  Remote migration fails with message  "load of migration failed" on the
  destination after migration

  
  Steps to recreate:
  1) install qemu frm git clone git://git.savannah.nongnu.org/qemu.git
  2)The VM image was shared using nfs
  3)qemu cmdline used:
   Source:
  /usr/local/bin/qemu-system-x86_64 -name 'vm1'   -drive 
file=win2k3sp2-32.qcow2   -m 6144 --enable-kvm-usbdevice tablet -vnc :0 
-monitor stdio 
   Destination:
  /usr/local/bin/qemu-system-x86_64 -name 'vm1'   -drive 
file=win2k3sp2-32.qcow2   -m 6144 --enable-kvm-usbdevice tablet -vnc :0 
-monitor stdio --incoming tcp:0:
  5)migrate tcp:destination:

  uname -a
  Linux  2.6.30.9-96.fc11.x86_64 #1 SMP Wed Nov 4 00:02:04 EST 2009 x86_64 
x86_64 x86_64 GNU/Linux

  Distro: fedora 11

  Thx
  yogi

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/491345/+subscriptions

[Qemu-devel] [PATCH v2 1/4] pc: append ssdt-misc.dsl to the DSDT

[Paolo Bonzini]

This part of the ACPI tables can vary in size across machine types, but
does not depend on the command-line.  It is an SSDT just because it is
the same for i440fx and Q35, and making it an SSDT made the code a bit
simpler.  However, it also complicates backwards compatibility, so
merge it with the DSDT.

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-build.c  |  55 +++---
 tests/acpi-test-data/pc/DSDT  | Bin 3592 -> 3920 bytes
 tests/acpi-test-data/pc/SSDT  | Bin 2279 -> 1951 bytes
 tests/acpi-test-data/q35/DSDT | Bin 8182 -> 8510 bytes
 tests/acpi-test-data/q35/SSDT | Bin 560 -> 232 bytes
 5 files changed, 35 insertions(+), 20 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index a4d0c0c..e723fe1 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -1061,26 +1061,18 @@ static void patch_pci_windows(PcPciInfo *pci, uint8_t 
*start, unsigned size)
 }
 }
 
+#define SSDT_MISC_SIZE (sizeof(ssdt_misc_aml) - sizeof(AcpiTableHeader))
+
 static void
-build_ssdt(GArray *table_data, GArray *linker,
-   AcpiCpuInfo *cpu, AcpiPmInfo *pm, AcpiMiscInfo *misc,
-   PcPciInfo *pci, PcGuestInfo *guest_info)
+fill_ssdt_misc(uint8_t *dest, AcpiPmInfo *pm, AcpiMiscInfo *misc,
+   PcPciInfo *pci)
 {
 MachineState *machine = MACHINE(qdev_get_machine());
 uint32_t nr_mem = machine->ram_slots;
-unsigned acpi_cpus = guest_info->apic_id_limit;
-int ssdt_start = table_data->len;
 uint8_t *ssdt_ptr;
-int i;
-
-/* The current AML generator can cover the APIC ID range [0..255],
- * inclusive, for VCPU hotplug. */
-QEMU_BUILD_BUG_ON(ACPI_CPU_HOTPLUG_ID_LIMIT > 256);
-g_assert(acpi_cpus <= ACPI_CPU_HOTPLUG_ID_LIMIT);
 
 /* Copy header and patch values in the S3_ / S4_ / S5_ packages */
-ssdt_ptr = acpi_data_push(table_data, sizeof(ssdp_misc_aml));
-memcpy(ssdt_ptr, ssdp_misc_aml, sizeof(ssdp_misc_aml));
+ssdt_ptr = g_memdup(ssdp_misc_aml, sizeof(ssdp_misc_aml));
 if (pm->s3_disabled) {
 ssdt_ptr[acpi_s3_name[0]] = 'X';
 }
@@ -1099,6 +1091,27 @@ build_ssdt(GArray *table_data, GArray *linker,
 ACPI_BUILD_SET_LE(ssdt_ptr, sizeof(ssdp_misc_aml),
   ssdt_mctrl_nr_slots[0], 32, nr_mem);
 
+memcpy(dest, ssdt_ptr + sizeof(AcpiTableHeader), SSDT_MISC_SIZE);
+g_free(ssdt_ptr);
+}
+
+static void
+build_ssdt(GArray *table_data, GArray *linker,
+   AcpiCpuInfo *cpu, AcpiPmInfo *pm, PcGuestInfo *guest_info)
+{
+MachineState *machine = MACHINE(qdev_get_machine());
+uint32_t nr_mem = machine->ram_slots;
+unsigned acpi_cpus = guest_info->apic_id_limit;
+int ssdt_start = table_data->len;
+int i;
+
+acpi_data_push(table_data, sizeof(AcpiTableHeader));
+
+/* The current AML generator can cover the APIC ID range [0..255],
+ * inclusive, for VCPU hotplug. */
+QEMU_BUILD_BUG_ON(ACPI_CPU_HOTPLUG_ID_LIMIT > 256);
+g_assert(acpi_cpus <= ACPI_CPU_HOTPLUG_ID_LIMIT);
+
 {
 GArray *sb_scope = build_alloc_array();
 uint8_t op = 0x10; /* ScopeOp */
@@ -1423,18 +1436,21 @@ build_dmar_q35(GArray *table_data, GArray *linker)
 }
 
 static void
-build_dsdt(GArray *table_data, GArray *linker, AcpiMiscInfo *misc)
+build_dsdt(GArray *table_data, GArray *linker, AcpiPmInfo *pm,
+   AcpiMiscInfo *misc, PcPciInfo *pci)
 {
 AcpiTableHeader *dsdt;
+size_t size;
 
 assert(misc->dsdt_code && misc->dsdt_size);
 
-dsdt = acpi_data_push(table_data, misc->dsdt_size);
+size = misc->dsdt_size + SSDT_MISC_SIZE;
+dsdt = acpi_data_push(table_data, size);
 memcpy(dsdt, misc->dsdt_code, misc->dsdt_size);
+fill_ssdt_misc(((uint8_t *)dsdt) + misc->dsdt_size, pm, misc, pci);
 
 memset(dsdt, 0, sizeof *dsdt);
-build_header(linker, table_data, dsdt, "DSDT",
- misc->dsdt_size, 1);
+build_header(linker, table_data, dsdt, "DSDT", size, 1);
 }
 
 /* Build final rsdt table */
@@ -1591,7 +1607,7 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 
 /* DSDT is pointed to by FADT */
 dsdt = tables->table_data->len;
-build_dsdt(tables->table_data, tables->linker, &misc);
+build_dsdt(tables->table_data, tables->linker, &pm, &misc, &pci);
 
 /* Count the size of the DSDT and SSDT, we will need it for legacy
  * sizing of ACPI tables.
@@ -1604,8 +1620,7 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 
 ssdt = tables->table_data->len;
 acpi_add_table(table_offsets, tables->table_data);
-build_ssdt(tables->table_data, tables->linker, &cpu, &pm, &misc, &pci,
-   guest_info);
+build_ssdt(tables->table_data, tables->linker, &cpu, &pm, guest_info);
 aml_len += tables->table_data->len - ssdt;
 
 acpi_add_table(table_offsets, tables->table_data);
diff --git a/tests/acpi-test-data/pc/DSDT b/tests/acpi-test-data/pc/DSDT
index 
ee9cc6781cea3a9515b9a176eea3459f8e4d8655..9bcc9ba95

[Qemu-devel] [PATCH v2 0/4] acpi: move common parts of the SSDT to the DSDT (and preview of things to come)

[Paolo Bonzini]

Right now, the SSDT/DSDT is split in three parts:

- code that doesn't need patching goes in the DSDT.  Furthermore,
  code in this category that is shared between PIIX4 and Q35 is
  handled via #include.  There was one exception, the SMC._STA
  method is patched and is in the DSDT.

- shared code that needs patching goes in the SSDT

- template-based code that comes from command line arguments
  goes in the SSDT as well

This series changes things to:

- code that is chipset-specific goes in the DSDT first.
  Right now none of this needs patching

- code that is not chipset-specific, some of which needs
  patching, goes in the DSDT second

- template-based code that comes from command line arguments
  goes in the SSDT

Patch 1 moves ssdt-misc ("common code that needs patching")
to the DSDT.  Patches 2-4 stop using the C preprocessor
in the DSDTs, except for parameterized code (CPU hotplug,
PCI CRS).

Patches 5-7 show why this could be useful.  They add padding
in fw_cfg after the DSDT, and in exchange stop padding the ACPI
tables to 128K.  This fixes migration problems (ROM sizes, RSDP)
because the ACPI tables are split in two:

1) fixed tables and the DSDT can be changed freely;

2) tables that vary depending on the command-line arguments (SSDT,
MADT, ...) are versioned and, given a machine type, they have to be
byte-equivalent across QEMU versions >= 2.3.

Patches 5 and 6 introduce a new sizing algorithm.  Patch 7 use it
to fix the migration problems.

Only the first 4 or 6 patches are meant for inclusion.  Patch 7 should
only be committed after Igor's series that rewrites the templating
mechanism in C.  That makes it much simpler to track changes to the ACPI
tables, and removes dependencies on the IASL version that could cause
some head-scratching.

The conflicts with Igor's series are nontrivial but overall
not complicated to solve.  Igor rewrote ssdt-misc in C, but those
parts can be easily removed from his series.  He has plans to
build the DSDT from C, and if that materializes it can apply to
acpi-dsdt-common.dsl too.

v1->v2 fixes problems due to GArray resizing and updates test data.
Now passes make check.

Paolo

Paolo Bonzini (7):
  pc: append ssdt-misc.dsl to the DSDT
  pc: rename ssdt-misc to dsdt-common
  pc: move common parts of the DSDT to dsdt-common
  pc: merge DSDT common parts into acpi-dsdt-common.dsl
  pc: introduce new ACPI table sizing algorithm
  pc: clean up pre-2.1 compatibility code
  pc: go back to smaller ACPI tables

 hw/i386/Makefile.objs  |2 +-
 hw/i386/acpi-build.c   |  113 +-
 hw/i386/acpi-dsdt-common.dsl   |  467 +
 hw/i386/acpi-dsdt-common.hex.generated | 1897 +++
 hw/i386/acpi-dsdt-dbug.dsl |   41 -
 hw/i386/acpi-dsdt-hpet.dsl |   48 -
 hw/i386/acpi-dsdt-isa.dsl  |  128 --
 hw/i386/acpi-dsdt-mem-hotplug.dsl  |  176 --
 hw/i386/acpi-dsdt.dsl  |   12 +-
 hw/i386/acpi-dsdt.hex.generated| 3119 +---
 hw/i386/pc_piix.c  |9 +-
 hw/i386/pc_q35.c   |6 +-
 hw/i386/q35-acpi-dsdt.dsl  |9 +-
 hw/i386/q35-acpi-dsdt.hex.generated| 2787 +++-
 hw/i386/ssdt-misc.dsl  |  122 --
 hw/i386/ssdt-misc.hex.generated|  399 
 include/hw/i386/pc.h   |2 +
 tests/acpi-test-data/pc/DSDT   |  Bin 3592 -> 3923 bytes
 tests/acpi-test-data/pc/SSDT   |  Bin 2279 -> 1951 bytes
 tests/acpi-test-data/q35/DSDT  |  Bin 8182 -> 8513 bytes
 tests/acpi-test-data/q35/SSDT  |  Bin 560 -> 232 bytes
 21 files changed, 3905 insertions(+), 5432 deletions(-)
 create mode 100644 hw/i386/acpi-dsdt-common.dsl
 create mode 100644 hw/i386/acpi-dsdt-common.hex.generated
 delete mode 100644 hw/i386/acpi-dsdt-dbug.dsl
 delete mode 100644 hw/i386/acpi-dsdt-hpet.dsl
 delete mode 100644 hw/i386/acpi-dsdt-isa.dsl
 delete mode 100644 hw/i386/acpi-dsdt-mem-hotplug.dsl
 delete mode 100644 hw/i386/ssdt-misc.dsl
 delete mode 100644 hw/i386/ssdt-misc.hex.generated

-- 
1.8.3.1

[Qemu-devel] [PATCH v2 6/4] pc: clean up pre-2.1 compatibility code

[Paolo Bonzini]

Now that the alignment is parameterized, we can share the call to
acpi_align_size between all three (1.7-2.0/2.1/2.2+) sizing algorithms.

Also, with the new rule that SSDT cannot change except with
machine-type compat code, the magic 97 constant for a CPU's
AML size is not anymore "legacy", so rename it.

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-build.c | 11 +--
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 1bb3222..df930b7 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -64,8 +64,8 @@
  * a little bit, there should be plenty of free space since the DSDT
  * shrunk by ~1.5k between QEMU 2.0 and QEMU 2.1.
  */
-#define ACPI_BUILD_LEGACY_CPU_AML_SIZE97
-#define ACPI_BUILD_ALIGN_SIZE 0x1000
+#define ACPI_BUILD_CPU_AML_SIZE97
+#define ACPI_BUILD_ALIGN_SIZE  0x1000
 
 /* #define DEBUG_ACPI_BUILD */
 #ifdef DEBUG_ACPI_BUILD
@@ -1688,10 +1688,9 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
  */
 int legacy_aml_len =
 guest_info->legacy_acpi_table_size +
-ACPI_BUILD_LEGACY_CPU_AML_SIZE * max_cpus;
+ACPI_BUILD_CPU_AML_SIZE * max_cpus;
 int legacy_table_size =
-ROUND_UP(tables->table_data->len - aml_len + legacy_aml_len,
- ACPI_BUILD_ALIGN_SIZE);
+tables->table_data->len - aml_len + legacy_aml_len;
 if (tables->table_data->len > legacy_table_size) {
 /* Should happen only with PCI bridges and -M pc-i440fx-2.0.  */
 error_report("Warning: migration may not work.");
@@ -1707,8 +1706,8 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 error_report("Warning: migration may not work.");
 error_report("Warning: please upgrade to a newer machine type.");
 }
-acpi_align_size(tables->table_data, guest_info->acpi_table_align);
 }
+acpi_align_size(tables->table_data, guest_info->acpi_table_align);
 
 acpi_align_size(tables->linker, ACPI_BUILD_ALIGN_SIZE);
 
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 4/4] pc: merge DSDT common parts into acpi-dsdt-common.dsl

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-dsdt-common.dsl  | 345 +-
 hw/i386/acpi-dsdt-dbug.dsl|  41 -
 hw/i386/acpi-dsdt-hpet.dsl|  48 --
 hw/i386/acpi-dsdt-isa.dsl | 132 ---
 hw/i386/acpi-dsdt-mem-hotplug.dsl | 176 ---
 5 files changed, 341 insertions(+), 401 deletions(-)
 delete mode 100644 hw/i386/acpi-dsdt-dbug.dsl
 delete mode 100644 hw/i386/acpi-dsdt-hpet.dsl
 delete mode 100644 hw/i386/acpi-dsdt-isa.dsl
 delete mode 100644 hw/i386/acpi-dsdt-mem-hotplug.dsl

diff --git a/hw/i386/acpi-dsdt-common.dsl b/hw/i386/acpi-dsdt-common.dsl
index 1929f8f..19e9753 100644
--- a/hw/i386/acpi-dsdt-common.dsl
+++ b/hw/i386/acpi-dsdt-common.dsl
@@ -24,10 +24,347 @@ DefinitionBlock ("acpi-dsdt-common.aml", "SSDT", 0x01, 
"BXPC", "BXSSDTCOMM", 0x1
 External(\_SB.PCI0.PCI, DeviceObj)
 
 #include "hw/acpi/pc-hotplug.h"
-#include "acpi-dsdt-dbug.dsl"
-#include "acpi-dsdt-hpet.dsl"
-#include "acpi-dsdt-isa.dsl"
-#include "acpi-dsdt-mem-hotplug.dsl"
+
+/
+ * Debugging
+ /
+
+Scope(\) {
+/* Debug Output */
+OperationRegion(DBG, SystemIO, 0x0402, 0x01)
+Field(DBG, ByteAcc, NoLock, Preserve) {
+DBGB,   8,
+}
+
+/* Debug method - use this method to send output to the QEMU
+ * BIOS debug port.  This method handles strings, integers,
+ * and buffers.  For example: DBUG("abc") DBUG(0x123) */
+Method(DBUG, 1) {
+ToHexString(Arg0, Local0)
+ToBuffer(Local0, Local0)
+Subtract(SizeOf(Local0), 1, Local1)
+Store(Zero, Local2)
+While (LLess(Local2, Local1)) {
+Store(DerefOf(Index(Local0, Local2)), DBGB)
+Increment(Local2)
+}
+Store(0x0A, DBGB)
+}
+}
+
+/
+ * HPET
+ /
+
+Scope(\_SB) {
+Device(HPET) {
+Name(_HID, EISAID("PNP0103"))
+Name(_UID, 0)
+OperationRegion(HPTM, SystemMemory, 0xFED0, 0x400)
+Field(HPTM, DWordAcc, Lock, Preserve) {
+VEND, 32,
+PRD, 32,
+}
+Method(_STA, 0, NotSerialized) {
+Store(VEND, Local0)
+Store(PRD, Local1)
+ShiftRight(Local0, 16, Local0)
+If (LOr(LEqual(Local0, 0), LEqual(Local0, 0x))) {
+Return (0x0)
+}
+If (LOr(LEqual(Local1, 0), LGreater(Local1, 1))) {
+Return (0x0)
+}
+Return (0x0F)
+}
+Name(_CRS, ResourceTemplate() {
+Memory32Fixed(ReadOnly,
+0xFED0, // Address Base
+0x0400, // Address Length
+)
+})
+}
+}
+
+/* Common legacy ISA style devices. */
+Scope(\_SB.PCI0.ISA) {
+
+Device (SMC) {
+Name(_HID, EisaId("APP0001"))
+/* _STA will be patched to 0x0B if AppleSMC is present */
+ACPI_EXTRACT_NAME_BYTE_CONST dsdt_applesmc_sta
+Name(_STA, 0xF0)
+Name(_CRS, ResourceTemplate () {
+IO (Decode16, 0x0300, 0x0300, 0x01, 0x20)
+IRQNoFlags() { 6 }
+})
+}
+
+Device(RTC) {
+Name(_HID, EisaId("PNP0B00"))
+Name(_CRS, ResourceTemplate() {
+IO(Decode16, 0x0070, 0x0070, 0x10, 0x02)
+IRQNoFlags() { 8 }
+IO(Decode16, 0x0072, 0x0072, 0x02, 0x06)
+})
+}
+
+Device(KBD) {
+Name(_HID, EisaId("PNP0303"))
+Method(_STA, 0, NotSerialized) {
+Return (0x0f)
+}
+Name(_CRS, ResourceTemplate() {
+IO(Decode16, 0x0060, 0x0060, 0x01, 0x01)
+IO(Decode16, 0x0064, 0x0064, 0x01, 0x01)
+IRQNoFlags() { 1 }
+})
+}
+
+Device(MOU) {
+Name(_HID, EisaId("PNP0F13"))
+Method(_STA, 0, NotSerialized) {
+Return (0x0f)
+}
+Name(_CRS, ResourceTemplate() {
+IRQNoFlags() { 12 }
+})
+}
+
+External(FDEN)
+Device(FDC0) {
+Name(_HID, EisaId("PNP0700"))
+Method(_STA, 0, NotSerialized) {
+Store(FDEN, Local0)
+If (LEqual(Local0, 0)) {
+Return (0x00)
+} Else {
+Return (0x0F)
+}
+}
+Name(_CRS, ResourceTemplate() {
+   

[Qemu-devel] [PATCH v2 2/4] pc: rename ssdt-misc to dsdt-common

[Paolo Bonzini]

All the changes to generated files are in the header, so there is
no need to rebuild test data.

Signed-off-by: Paolo Bonzini 
---
 hw/i386/Makefile.objs  |  2 +-
 hw/i386/acpi-build.c   | 36 +++---
 hw/i386/{ssdt-misc.dsl => acpi-dsdt-common.dsl}|  8 ++---
 ...ex.generated => acpi-dsdt-common.hex.generated} | 30 +-
 hw/i386/acpi-dsdt.dsl  |  2 +-
 5 files changed, 39 insertions(+), 39 deletions(-)
 rename hw/i386/{ssdt-misc.dsl => acpi-dsdt-common.dsl} (94%)
 rename hw/i386/{ssdt-misc.hex.generated => acpi-dsdt-common.hex.generated} 
(93%)

diff --git a/hw/i386/Makefile.objs b/hw/i386/Makefile.objs
index 9d419ad..fe6b846 100644
--- a/hw/i386/Makefile.objs
+++ b/hw/i386/Makefile.objs
@@ -9,7 +9,7 @@ obj-y += kvmvapic.o
 obj-y += acpi-build.o
 obj-y += bios-linker-loader.o
 hw/i386/acpi-build.o: hw/i386/acpi-build.c hw/i386/acpi-dsdt.hex \
-   hw/i386/ssdt-proc.hex hw/i386/ssdt-pcihp.hex hw/i386/ssdt-misc.hex \
+   hw/i386/ssdt-proc.hex hw/i386/ssdt-pcihp.hex 
hw/i386/acpi-dsdt-common.hex \
hw/i386/acpi-dsdt.hex hw/i386/q35-acpi-dsdt.hex \
hw/i386/q35-acpi-dsdt.hex hw/i386/ssdt-mem.hex \
hw/i386/ssdt-tpm.hex
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index e723fe1..c0b3c04 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -715,7 +715,7 @@ static inline char acpi_get_hex(uint32_t val)
 #define ACPI_SSDT_SIGNATURE 0x54445353 /* SSDT */
 #define ACPI_SSDT_HEADER_LENGTH 36
 
-#include "hw/i386/ssdt-misc.hex"
+#include "hw/i386/acpi-dsdt-common.hex"
 #include "hw/i386/ssdt-pcihp.hex"
 #include "hw/i386/ssdt-tpm.hex"
 
@@ -1061,38 +1061,38 @@ static void patch_pci_windows(PcPciInfo *pci, uint8_t 
*start, unsigned size)
 }
 }
 
-#define SSDT_MISC_SIZE (sizeof(ssdt_misc_aml) - sizeof(AcpiTableHeader))
+#define DSDT_COMMON_SIZE (sizeof(dsdt_common_aml) - sizeof(AcpiTableHeader))
 
 static void
-fill_ssdt_misc(uint8_t *dest, AcpiPmInfo *pm, AcpiMiscInfo *misc,
-   PcPciInfo *pci)
+fill_dsdt_common(uint8_t *dest, AcpiPmInfo *pm, AcpiMiscInfo *misc,
+ PcPciInfo *pci)
 {
 MachineState *machine = MACHINE(qdev_get_machine());
 uint32_t nr_mem = machine->ram_slots;
-uint8_t *ssdt_ptr;
+uint8_t *dsdt_ptr;
 
 /* Copy header and patch values in the S3_ / S4_ / S5_ packages */
-ssdt_ptr = g_memdup(ssdp_misc_aml, sizeof(ssdp_misc_aml));
+dsdt_ptr = g_memdup(dsdt_common_aml, sizeof(dsdt_common_aml));
 if (pm->s3_disabled) {
-ssdt_ptr[acpi_s3_name[0]] = 'X';
+dsdt_ptr[acpi_s3_name[0]] = 'X';
 }
 if (pm->s4_disabled) {
-ssdt_ptr[acpi_s4_name[0]] = 'X';
+dsdt_ptr[acpi_s4_name[0]] = 'X';
 } else {
-ssdt_ptr[acpi_s4_pkg[0] + 1] = ssdt_ptr[acpi_s4_pkg[0] + 3] =
+dsdt_ptr[acpi_s4_pkg[0] + 1] = dsdt_ptr[acpi_s4_pkg[0] + 3] =
 pm->s4_val;
 }
 
-patch_pci_windows(pci, ssdt_ptr, sizeof(ssdp_misc_aml));
+patch_pci_windows(pci, dsdt_ptr, sizeof(dsdt_common_aml));
 
-ACPI_BUILD_SET_LE(ssdt_ptr, sizeof(ssdp_misc_aml),
-  ssdt_isa_pest[0], 16, misc->pvpanic_port);
+ACPI_BUILD_SET_LE(dsdt_ptr, sizeof(dsdt_common_aml),
+  dsdt_isa_pest[0], 16, misc->pvpanic_port);
 
-ACPI_BUILD_SET_LE(ssdt_ptr, sizeof(ssdp_misc_aml),
-  ssdt_mctrl_nr_slots[0], 32, nr_mem);
+ACPI_BUILD_SET_LE(dsdt_ptr, sizeof(dsdt_common_aml),
+  dsdt_mctrl_nr_slots[0], 32, nr_mem);
 
-memcpy(dest, ssdt_ptr + sizeof(AcpiTableHeader), SSDT_MISC_SIZE);
-g_free(ssdt_ptr);
+memcpy(dest, dsdt_ptr + sizeof(AcpiTableHeader), DSDT_COMMON_SIZE);
+g_free(dsdt_ptr);
 }
 
 static void
@@ -1444,10 +1444,10 @@ build_dsdt(GArray *table_data, GArray *linker, 
AcpiPmInfo *pm,
 
 assert(misc->dsdt_code && misc->dsdt_size);
 
-size = misc->dsdt_size + SSDT_MISC_SIZE;
+size = misc->dsdt_size + DSDT_COMMON_SIZE;
 dsdt = acpi_data_push(table_data, size);
 memcpy(dsdt, misc->dsdt_code, misc->dsdt_size);
-fill_ssdt_misc(((uint8_t *)dsdt) + misc->dsdt_size, pm, misc, pci);
+fill_dsdt_common(((uint8_t *)dsdt) + misc->dsdt_size, pm, misc, pci);
 
 memset(dsdt, 0, sizeof *dsdt);
 build_header(linker, table_data, dsdt, "DSDT", size, 1);
diff --git a/hw/i386/ssdt-misc.dsl b/hw/i386/acpi-dsdt-common.dsl
similarity index 94%
rename from hw/i386/ssdt-misc.dsl
rename to hw/i386/acpi-dsdt-common.dsl
index 1e3baae..f7849c0 100644
--- a/hw/i386/ssdt-misc.dsl
+++ b/hw/i386/acpi-dsdt-common.dsl
@@ -14,9 +14,9 @@
  */
 #include "hw/acpi/pc-hotplug.h"
 
-ACPI_EXTRACT_ALL_CODE ssdp_misc_aml
+ACPI_EXTRACT_ALL_CODE dsdt_common_aml
 
-DefinitionBlock ("ssdt-misc.aml", "SSDT", 0x01, "BXPC", "BXSSDTSUSP", 0x1)
+DefinitionBlock ("acpi-dsdt-common.aml", "SSDT", 0x01, "BXPC", "BXSSDTCOMM", 
0x1)
 {
 
 /*

[Qemu-devel] [PATCH v2 7/4] pc: go back to smaller ACPI tables

[Paolo Bonzini]

The new algorithm introduced by the previous patch lets us make tables
smaller and avoid migration bugs due to large tables.

Use it for 2.3+ machine types by tweaking the default fixed_table_align
and acpi_table_align values.  At the same time, preserve backwards-compatible
logic for pc-i440fx-2.2.

Without this patch:
[0.00] BIOS-e820: [mem 0x0010-0x07fd] usable
[0.00] BIOS-e820: [mem 0x07fe-0x07ff] reserved
...
[0.00] init_memory_mapping: [mem 0x0700-0x07fd] usable
[0.00] RAMDISK: [mem 0x07112000-0x07fd]

With this patch:
[0.00] BIOS-e820: [mem 0x0010-0x07ffafff] usable
[0.00] BIOS-e820: [mem 0x07ffb000-0x07ff] reserved
...
[0.00] init_memory_mapping: [mem 0x0700-0x07ffafff]
[0.00] RAMDISK: [mem 0x07122000-0x07fe]

Signed-off-by: Paolo Bonzini 
---
 hw/i386/pc_piix.c | 6 --
 hw/i386/pc_q35.c  | 6 --
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 16de5c9..a5e36b9 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -61,8 +61,8 @@ static const int ide_irq[MAX_IDE_BUS] = { 14, 15 };
 
 static bool has_acpi_build = true;
 static int legacy_acpi_table_size;
-static int fixed_table_align = 0;
-static int acpi_table_align = 131072;
+static int fixed_table_align = 16384;
+static int acpi_table_align = 4096;
 static bool smbios_defaults = true;
 static bool smbios_legacy_mode;
 static bool smbios_uuid_encoded = true;
@@ -332,6 +332,8 @@ static void pc_compat_2_2(MachineState *machine)
 x86_cpu_compat_set_features("Haswell", FEAT_1_ECX, 0, CPUID_EXT_RDRAND);
 x86_cpu_compat_set_features("Broadwell", FEAT_1_ECX, 0, CPUID_EXT_F16C);
 x86_cpu_compat_set_features("Broadwell", FEAT_1_ECX, 0, CPUID_EXT_RDRAND);
+fixed_table_align = 0;
+acpi_table_align = 131072;
 }
 
 static void pc_compat_2_1(MachineState *machine)
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 7ba0535..4fd9527 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -155,10 +155,12 @@ static void pc_q35_init(MachineState *machine)
 guest_info->has_acpi_build = has_acpi_build;
 guest_info->has_reserved_memory = has_reserved_memory;
 
-/* Migration was not supported in 2.0 for Q35, so do not bother
- * with this hack (see hw/i386/acpi-build.c).
+/* Migration was not supported in 2.0 for Q35, so do not bother with
+ * hacks around the ACPI table size (see hw/i386/acpi-build.c).
  */
 guest_info->legacy_acpi_table_size = 0;
+guest_info->fixed_table_align = 16384;
+guest_info->acpi_table_align = 4096;
 
 if (smbios_defaults) {
 MachineClass *mc = MACHINE_GET_CLASS(machine);
-- 
1.8.3.1

[Qemu-devel] [PATCH v2 3/4] pc: move common parts of the DSDT to dsdt-common

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-build.c   |   12 +-
 hw/i386/acpi-dsdt-common.dsl   |   14 +-
 hw/i386/acpi-dsdt-common.hex.generated | 1578 +++-
 hw/i386/acpi-dsdt-isa.dsl  |6 +-
 hw/i386/acpi-dsdt.dsl  |   10 +-
 hw/i386/acpi-dsdt.hex.generated| 3119 +---
 hw/i386/q35-acpi-dsdt.dsl  |9 +-
 hw/i386/q35-acpi-dsdt.hex.generated| 2787 +++-
 tests/acpi-test-data/pc/DSDT   |  Bin 3920 -> 3923 bytes
 tests/acpi-test-data/q35/DSDT  |  Bin 8510 -> 8513 bytes
 10 files changed, 3020 insertions(+), 4515 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index c0b3c04..63f3d80 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -53,6 +53,7 @@
 
 #include "hw/i386/q35-acpi-dsdt.hex"
 #include "hw/i386/acpi-dsdt.hex"
+#include "hw/i386/acpi-dsdt-common.hex"
 
 #include "qapi/qmp/qint.h"
 #include "qom/qom-qobject.h"
@@ -116,7 +117,6 @@ typedef struct AcpiBuildPciBusHotplugState {
 
 static void acpi_get_dsdt(AcpiMiscInfo *info)
 {
-uint16_t *applesmc_sta;
 Object *piix = piix4_pm_find();
 Object *lpc = ich9_lpc_find();
 assert(!!piix != !!lpc);
@@ -124,17 +124,11 @@ static void acpi_get_dsdt(AcpiMiscInfo *info)
 if (piix) {
 info->dsdt_code = AcpiDsdtAmlCode;
 info->dsdt_size = sizeof AcpiDsdtAmlCode;
-applesmc_sta = piix_dsdt_applesmc_sta;
 }
 if (lpc) {
 info->dsdt_code = Q35AcpiDsdtAmlCode;
 info->dsdt_size = sizeof Q35AcpiDsdtAmlCode;
-applesmc_sta = q35_dsdt_applesmc_sta;
 }
-
-/* Patch in appropriate value for AppleSMC _STA */
-*(uint8_t *)(info->dsdt_code + *applesmc_sta) =
-applesmc_find() ? 0x0b : 0x00;
 }
 
 static
@@ -715,7 +709,6 @@ static inline char acpi_get_hex(uint32_t val)
 #define ACPI_SSDT_SIGNATURE 0x54445353 /* SSDT */
 #define ACPI_SSDT_HEADER_LENGTH 36
 
-#include "hw/i386/acpi-dsdt-common.hex"
 #include "hw/i386/ssdt-pcihp.hex"
 #include "hw/i386/ssdt-tpm.hex"
 
@@ -1091,6 +1084,9 @@ fill_dsdt_common(uint8_t *dest, AcpiPmInfo *pm, 
AcpiMiscInfo *misc,
 ACPI_BUILD_SET_LE(dsdt_ptr, sizeof(dsdt_common_aml),
   dsdt_mctrl_nr_slots[0], 32, nr_mem);
 
+/* Patch in appropriate value for AppleSMC _STA */
+dsdt_ptr[dsdt_applesmc_sta[0]]= applesmc_find() ? 0x0b : 0x00;
+
 memcpy(dest, dsdt_ptr + sizeof(AcpiTableHeader), DSDT_COMMON_SIZE);
 g_free(dsdt_ptr);
 }
diff --git a/hw/i386/acpi-dsdt-common.dsl b/hw/i386/acpi-dsdt-common.dsl
index f7849c0..1929f8f 100644
--- a/hw/i386/acpi-dsdt-common.dsl
+++ b/hw/i386/acpi-dsdt-common.dsl
@@ -19,6 +19,17 @@ ACPI_EXTRACT_ALL_CODE dsdt_common_aml
 DefinitionBlock ("acpi-dsdt-common.aml", "SSDT", 0x01, "BXPC", "BXSSDTCOMM", 
0x1)
 {
 
+External(\_SB.PCI0, DeviceObj)
+External(\_SB.PCI0.ISA, DeviceObj)
+External(\_SB.PCI0.PCI, DeviceObj)
+
+#include "hw/acpi/pc-hotplug.h"
+#include "acpi-dsdt-dbug.dsl"
+#include "acpi-dsdt-hpet.dsl"
+#include "acpi-dsdt-isa.dsl"
+#include "acpi-dsdt-mem-hotplug.dsl"
+
+
 /
  * PCI memory ranges
  /
@@ -74,9 +85,6 @@ DefinitionBlock ("acpi-dsdt-common.aml", "SSDT", 0x01, 
"BXPC", "BXSSDTCOMM", 0x1
 })
 }
 
-External(\_SB.PCI0, DeviceObj)
-External(\_SB.PCI0.ISA, DeviceObj)
-
 Scope(\_SB.PCI0.ISA) {
 Device(PEVT) {
 Name(_HID, "QEMU0001")
diff --git a/hw/i386/acpi-dsdt-common.hex.generated 
b/hw/i386/acpi-dsdt-common.hex.generated
index 5127845..00ad9c3 100644
--- a/hw/i386/acpi-dsdt-common.hex.generated
+++ b/hw/i386/acpi-dsdt-common.hex.generated
@@ -1,61 +1,1556 @@
-static unsigned char acpi_pci64_length[] = {
-0x6f
+static unsigned short acpi_pci64_length[] = {
+0x646
 };
-static unsigned char acpi_s4_pkg[] = {
-0x99
+static unsigned short acpi_s4_pkg[] = {
+0x670
 };
-static unsigned char acpi_s4_name[] = {
-0x92
+static unsigned short acpi_s4_name[] = {
+0x669
 };
-static unsigned char acpi_s3_name[] = {
-0x86
+static unsigned short acpi_s3_name[] = {
+0x65d
 };
-static unsigned char acpi_pci32_start[] = {
-0x2f
+static unsigned short acpi_pci32_start[] = {
+0x606
 };
-static unsigned char acpi_pci64_valid[] = {
-0x43
+static unsigned short acpi_pci64_valid[] = {
+0x61a
 };
-static unsigned char dsdt_isa_pest[] = {
-0xda
+static unsigned short dsdt_isa_pest[] = {
+0x6b1
 };
 static unsigned char dsdt_common_aml[] = {
 0x53,
 0x53,
 0x44,
 0x54,
+0x43,
+0x7,
+0x0,
+0x0,
+0x1,
+0x1,
+0x42,
+0x58,
+0x50,
+0x43,
+0x0,
+0x0,
+0x42,
+0x58,
+0x53,
+0x53,
+0x44,
+0x54,
+0x43,
+0x4f,
+0x1,
+0x0,
+0x0,
+0x0,
+0x49,
+0x4e,
+0x54,
+0x4c,
+0x13,
+0x9,
+0x12,
+0x20,
+0x10,
+0x49,
+0x4,
+0x5c,
+0x0,
+0x5b,
+0x80,
+0x44,
+0x42,
+0x47,
+0x5f,
+0x1,
+0xb,
+0x2,
+0x4,
+0x1,
+0x5b,
+0x81,
+0xb,
+0x44,
+0x42,
+0x47,
+0x5f,
+0x1,

[Qemu-devel] [PATCH v2 5/4] pc: introduce new ACPI table sizing algorithm

[Paolo Bonzini]

Add padding after the DSDT.  Tables that vary depending on the
command-line arguments will have to be byte-equivalent across QEMU
versions >= 2.2, while fixed tables (including the DSDT) can be
changed freely.

Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-build.c | 19 +++
 hw/i386/pc_piix.c|  5 +
 include/hw/i386/pc.h |  2 ++
 3 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 63f3d80..1bb3222 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -67,8 +67,6 @@
 #define ACPI_BUILD_LEGACY_CPU_AML_SIZE97
 #define ACPI_BUILD_ALIGN_SIZE 0x1000
 
-#define ACPI_BUILD_TABLE_SIZE 0x2
-
 /* #define DEBUG_ACPI_BUILD */
 #ifdef DEBUG_ACPI_BUILD
 #define ACPI_BUILD_DPRINTF(fmt, ...)\
@@ -1614,6 +1612,10 @@ void acpi_build(PcGuestInfo *guest_info, AcpiBuildTables 
*tables)
 acpi_add_table(table_offsets, tables->table_data);
 build_fadt(tables->table_data, tables->linker, &pm, facs, dsdt);
 
+if (guest_info->fixed_table_align) {
+acpi_align_size(tables->table_data, guest_info->fixed_table_align);
+}
+
 ssdt = tables->table_data->len;
 acpi_add_table(table_offsets, tables->table_data);
 build_ssdt(tables->table_data, tables->linker, &cpu, &pm, guest_info);
@@ -1696,15 +1698,16 @@ void acpi_build(PcGuestInfo *guest_info, 
AcpiBuildTables *tables)
 }
 g_array_set_size(tables->table_data, legacy_table_size);
 } else {
-/* Make sure we have a buffer in case we need to resize the tables. */
-if (tables->table_data->len > ACPI_BUILD_TABLE_SIZE / 2) {
-/* As of QEMU 2.1, this fires with 160 VCPUs and 255 memory slots. 
 */
+/* Suggest upgrading to the newer algorithm if close to the limit.
+ * As of QEMU 2.1, this fired with 160 VCPUs and 255 memory slots.
+ */
+if (!guest_info->fixed_table_align &&
+tables->table_data->len > guest_info->acpi_table_align / 2) {
 error_report("Warning: ACPI tables are larger than 64k.");
 error_report("Warning: migration may not work.");
-error_report("Warning: please remove CPUs, NUMA nodes, "
- "memory slots or PCI bridges.");
+error_report("Warning: please upgrade to a newer machine type.");
 }
-acpi_align_size(tables->table_data, ACPI_BUILD_TABLE_SIZE);
+acpi_align_size(tables->table_data, guest_info->acpi_table_align);
 }
 
 acpi_align_size(tables->linker, ACPI_BUILD_ALIGN_SIZE);
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 220f741..16de5c9 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -61,6 +61,8 @@ static const int ide_irq[MAX_IDE_BUS] = { 14, 15 };
 
 static bool has_acpi_build = true;
 static int legacy_acpi_table_size;
+static int fixed_table_align = 0;
+static int acpi_table_align = 131072;
 static bool smbios_defaults = true;
 static bool smbios_legacy_mode;
 static bool smbios_uuid_encoded = true;
@@ -165,6 +167,8 @@ static void pc_init1(MachineState *machine,
 
 guest_info->has_acpi_build = has_acpi_build;
 guest_info->legacy_acpi_table_size = legacy_acpi_table_size;
+guest_info->fixed_table_align = fixed_table_align;
+guest_info->acpi_table_align = acpi_table_align;
 
 guest_info->isapc_ram_fw = !pci_enabled;
 guest_info->has_reserved_memory = has_reserved_memory;
@@ -362,6 +366,7 @@ static void pc_compat_2_0(MachineState *machine)
  * QEMU 1.7 it is 6414.  For RHEL/CentOS 7.0 it is 6418.
  */
 legacy_acpi_table_size = 6652;
+acpi_table_align = 4096;
 smbios_legacy_mode = true;
 has_reserved_memory = false;
 pc_set_legacy_acpi_data_size();
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
index e475b92..70fb47c 100644
--- a/include/hw/i386/pc.h
+++ b/include/hw/i386/pc.h
@@ -102,6 +102,8 @@ struct PcGuestInfo {
 uint64_t *node_cpu;
 FWCfgState *fw_cfg;
 int legacy_acpi_table_size;
+int fixed_table_align;
+int acpi_table_align;
 bool has_acpi_build;
 bool has_reserved_memory;
 };
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH 0/4] acpi: move common parts of the SSDT to the DSDT (and preview of things to come)

[Michael S. Tsirkin]

On Wed, Dec 24, 2014 at 03:43:41PM +0100, Paolo Bonzini wrote:
> 
> 
> On 24/12/2014 15:19, Michael S. Tsirkin wrote:
> > So I'll have to review in detail, overall the patches
> > do look pretty clean.
> 
> Q35 is broken though (GArray resizing messes up the tables, fixed
> locally and caught by bios-tables-test even before trying it out!).  I
> hope to send out the fixed version on Saturday (time ticking before
> vacation).
> 
> > Given the amount of pain caused by cross version migration
> > issues, I am inclined to do both: arrange code in a way
> > that makes keeping things constant easier, and have
> > some solutions for the inevitable time when we'll find we
> > have to change things we didn't expect.
> > Defense in depth, if you like.
> > Makes sense?
> 
> It certainly does.  I am only a bit wary because your patches are
> basically a workaround (as hinted by the fact that the resulting RSDP is
> corrupted---which doesn't matter much in practice, but it's still a red
> flashing light!).

Well seen in that light, your patches are also basically a work-around :)


> So I still would like to see how stuff looks like after Igor's code is
> merged.

Hmm apply them to you tree and see? Do you need my help to put them
on a temporary branch?

>  Until we actually trim the size of the ACPI tables (patch 7),
> we do no better / no worse than released versions of QEMU.

Right, and actually trimming them seems much safer to me if
we can actually guarantee that possible need to increase them
back in the future will not break things.


> And once Igor's code is merged, we actually have an idea of what is left
> in the SSDT, and how tricky that code is.  "Not tricky at all" is
> perhaps a bit optimistic, a more realistic hope is "not any more tricky
> than what we do for devices".
> 
> In other words, it's only tricky now because it's new.  We had all sorts
> of false starts, but the my patches and Igor's provide enough separation
> (mine: fixed vs. variable; Igor's: ASL vs. C) that the future should
> reserve less surprises.
> 
> I will still review your patches, of course.
> 
> Paolo

As the one who has to maintain this mess, I think my peace of mind has
some value :) So from the PC side of things I'm inclined to merge this
even if it proves to be not useful - it's there if we need it, and at
least it does not break things.

But I do want your review of the core bits, since these things
are tricky to stress-test properly.

-- 
MST

Re: [Qemu-devel] [PATCH] target-arm: add dump-guest-memory support

[Rabin Vincent]

On Tue, Dec 23, 2014 at 11:45:00PM +, Peter Maydell wrote:
> On 23 December 2014 at 23:29, Rabin Vincent  wrote:
> > +static size_t round4(size_t size)
> > +{
> > +return ((size + 3) / 4) * 4;
> > +}
> 
> Is this different from ROUND_UP(size, 4) ?
> If we can use the standard macro from the headers we should;
> if there's a real difference we should comment about what it is.

No, I'll use ROUND_UP.

> > +int arm_cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cs,
> > + int cpuid, void *opaque)
> > +{
> > +aarch64_elf_prstatus prstatus = {.pid = cpuid};
> > +ARMCPU *cpu = ARM_CPU(cs);
> > +
> > +memcpy(&(prstatus.regs), cpu->env.xregs, sizeof(cpu->env.xregs));
> > +prstatus.pc = cpu->env.pc;
> > +prstatus.pstate = cpu->env.pstate;
> 
> You need to use the correct accessor function for pstate, not
> all the bits are kept in env.pstate. Call pstate_read().

OK.

> Can we get here when a 64-bit CPU is in AArch32 mode? (eg,
> 64 bit guest OS running a 32 bit compat process at the
> point of taking the memory dump). If so, what sort of
> core file should we be writing?

I'd say still 64-bit.

> Assuming the answer is "still 64 bit core dump" you need
> to do something here to sync the 32 bit TCG state into the
> 64 bit xregs array. (KVM can take care of itself.)

I have now tested this by triggering a dump while a 32-bit process is
incrementing a register in a tight loop, and the following, which I
lifted off the exception handling code, appears to work:

if (!is_a64(&cpu->env)) {   
int i;

for (i = 0; i < 15; i++) {
prstatus.regs[i] = cpu->env.regs[i];
}
}

> > +int cpu_get_dump_info(ArchDumpInfo *info,
> > +  const struct GuestPhysBlockList *guest_phys_blocks)
> > +{
> > +info->d_machine = ELF_MACHINE;
> > +info->d_class = (info->d_machine == EM_ARM) ? ELFCLASS32 : ELFCLASS64;
> > +
> > +#ifdef TARGET_WORDS_BIGENDIAN
> > +info->d_endian = ELFDATA2MSB;
> > +#else
> > +info->d_endian = ELFDATA2LSB;
> > +#endif
> 
> Note that in fact ARM is never going to be TARGET_WORDS_BIGENDIAN,
> even if the guest is big-endian, because the #define represents
> the bus endianness, not whether the CPU happens to currently be
> doing byte-swizzling. Do you need to key d_endian off the CPU's
> current endianness setting? The current endianness of EL1?
> Something else?

IIUC we don't currently support anything other than little endian in
system emulation?  Attempting to boot a BE ARMv7 vexpress kernel hits
the unimplementation of setend pretty quickly, and I don't see any
machine initializing the bswap_code to big endian.

According the the ELF specification for ARM, the choice between
ELFDATA2LSB and ELFDATA2MSB "will be governed by the default data order
in the execution environment".  Since we dump the full system memory I
would interpret this to be the "lowest" execution environment.  So I
guess for ARM this would mean setting big endian if (SCTLR.EE ||
SCTLR.B) and for AArch64 if SCTLR_EL1.E0E is set?

(I had assumed that post-analysis tools would refuse to open a dump if
the endianness does not match but this does not seem to be the case.  I
tested by generating dumps with this d_endian hardcoded to both
ELFDATA2LSB and ELFDATA2MSB and gdb appears to open them and show the
registers and memory without complaining.)

Re: [Qemu-devel] [PATCH] target-arm: add dump-guest-memory support

[Peter Maydell]

On 24 December 2014 at 16:54, Rabin Vincent  wrote:
> On Tue, Dec 23, 2014 at 11:45:00PM +, Peter Maydell wrote:
>> Assuming the answer is "still 64 bit core dump" you need
>> to do something here to sync the 32 bit TCG state into the
>> 64 bit xregs array. (KVM can take care of itself.)
>
> I have now tested this by triggering a dump while a 32-bit process is
> incrementing a register in a tight loop, and the following, which I
> lifted off the exception handling code, appears to work:
>
> if (!is_a64(&cpu->env)) {
> int i;
>
> for (i = 0; i < 15; i++) {
> prstatus.regs[i] = cpu->env.regs[i];
> }
> }

Yes, that looks OK, but can you factor it out to a function
in target-arm/, please? When we add support for 32-bit EL1
in 64-bit EL2/EL3 it'll need to get more complicated.

Also you need to use the read_cpsr() value for pstate.

>> Note that in fact ARM is never going to be TARGET_WORDS_BIGENDIAN,
>> even if the guest is big-endian, because the #define represents
>> the bus endianness, not whether the CPU happens to currently be
>> doing byte-swizzling. Do you need to key d_endian off the CPU's
>> current endianness setting? The current endianness of EL1?
>> Something else?
>
> IIUC we don't currently support anything other than little endian in
> system emulation?  Attempting to boot a BE ARMv7 vexpress kernel hits
> the unimplementation of setend pretty quickly, and I don't see any
> machine initializing the bswap_code to big endian.

We don't currently in emulation; there are patches on-list to
support it for KVM, though, which I expect we'll be merging
shortly.

(I really should resurrect that patchseries Paolo sent out to
add BE support, it was pretty close but I think needed a few
more tweaks.)

> According the the ELF specification for ARM, the choice between
> ELFDATA2LSB and ELFDATA2MSB "will be governed by the default data order
> in the execution environment".  Since we dump the full system memory I
> would interpret this to be the "lowest" execution environment.  So I
> guess for ARM this would mean setting big endian if (SCTLR.EE ||
> SCTLR.B) and for AArch64 if SCTLR_EL1.E0E is set?

I think AArch64 should be SCTLR_EL1.EE, shouldn't it?

What are the semantics of the dump if we support EL2/EL3?
Do we still just dump from the perspective of EL1? That's
probably the best approximation to useful for a user I guess.

-- PMM

[Qemu-devel] [Bug 1404690] Re: Qemu crashes with chrooted m68k

[Michel Boaventura]

Hi Peter,

Thank you very much for your help, I really appreciate it. I've tested
both your patch and your workaround to make ls work (I've created a xfs
partition to put my image) and everything works greatly.

Merry Xmas.

Michel

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1404690

Title:
  Qemu crashes with chrooted m68k

Status in QEMU:
  New

Bug description:
  I'm using qemu-m68k 2.2.0 to chroot into a m68k coldfire linux, which
  works fine on the coldfire machine.

  I've been able to use binfmt_msc and used the above code to use qemu
  with strace:

  #include 
  #include 

  int main(int argc, char **argv, char **envp) {
  char *newargv[argc + 4];

  newargv[0] = argv[0];
  newargv[1] = "-cpu";
  newargv[2] = "cfv4e";
  newargv[3] = "-strace";

  memcpy(&newargv[4], &argv[1], sizeof(*argv) * (argc - 1));
  newargv[argc + 3] = NULL;
  return execve("/usr/bin/qemu-m68k", newargv, envp);
  }

  Everything works fine. I can run bash, busybox, ash, but when I try to
  run a ls or just type an invalid command, I got the attached sequence
  of messages, which end like so:

  11351 waitpid(-1,0xf6fffa00,0x3) = -1 errno=10 (No child processes)
  qemu: fatal: Illegal instruction:  @ f6fffa30
  D0 =    A0 = f67dcf50   F0 =  (   0)
  D1 = 000a   A1 = f66e0898   F1 =  (   0)
  D2 = f6fffaa8   A2 = f67df268   F2 =  (   0)
  D3 =    A3 =    F3 =  (   0)
  D4 = 0008   A4 = 800026c4   F4 =  (   0)
  D5 =    A5 = f67d98e0   F5 =  (   0)
  D6 = f6fffaa8   A6 = f6fffa7c   F6 =  (   0)
  D7 = 0002   A7 = f6fffa24   F7 =  (   0)
  PC = f6fffa30   SR =  - FPRESULT =0
  Aborted

  How can I debug it further to try to figure out if this is a qemu
  issue or not? Thanks

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1404690/+subscriptions

[Qemu-devel] [Bug 1405385] Re: QEMU crashes when virtio network cards are used together with e1000 network cards

[Dr. David Alan Gilbert]

a backtrace from a coredump or gdb would be better; it'll tell us the line the 
abort is on and the state at that point.
Run it under gdb and do

bt full

and paste the result.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1405385

Title:
  QEMU crashes when virtio network cards are used together with e1000
  network cards

Status in QEMU:
  New

Bug description:
  QEMU version: QEMU emulator version 2.2.50, Copyright (c) 2003-2008 Fabrice 
Bellard
  QEMU GIT version: ab0302ee764fd702465aef6d88612cdff4302809
  Configure flags: ./configure --enable-kvm --prefix=/opt/qemu-devel
  Linux version: Ubuntu 14.04.1 LTS
  Kernel version: 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux

  Problem:

  QEMU crashes when using one (or more) virtio network cards
  together with one (or more) e1000 (and possibly others) network cards
  when those cards are bound to a linux bridge. When the cards are *not*
  bound to a bridge QEMU does not crash.

  Bridge configuration:

iface bridge0 inet dhcp
bridge_ports eth1
bridge_stp off
bridge_fd 0

  Start-up command (including binding the network cards to the bridge +
  strace logging):

  ./qemu-system-x86_64 -daemonize -smp 1 -m 128 -vnc 0.0.0.0:0 \
  -netdev tap,id=tap_1,script=no,downscript=no,ifname=net_1_1,vhost=on \
  -device 
virtio-net-pci,bootindex=1,id=nic_1,netdev=tap_1,mac=02:16:3F:00:00:FA \
  -netdev tap,id=tap_2,script=no,downscript=no,ifname=net_1_2 \
  -device e1000,bootindex=2,id=nic_2,netdev=tap_2,mac=02:16:3F:00:00:FB; \
  brctl addif bridge0 net_1_1; \
  brctl addif bridge0 net_1_2; \
  ifconfig net_1_1 0.0.0.0 up; \
  ifconfig net_1_2 0.0.0.0 up; \
  sleep 2; \
  strace -p `ps x |grep qemu-system-x86_64 |grep -v grep|awk '{print $1}'` -o 
/tmp/qemu-devel-trace.txt 

  Kernel log:

  Dec 24 11:12:08 bramws kernel: [12466.885581] device net_1_1 entered 
promiscuous mode
  Dec 24 11:12:08 bramws kernel: [12466.886238] device net_1_2 entered 
promiscuous mode
  Dec 24 11:12:08 bramws kernel: [12466.887084] bridge0: port 2(net_1_1) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.887089] bridge0: port 2(net_1_1) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.888940] bridge0: port 3(net_1_2) 
entered forwarding state
  Dec 24 11:12:08 bramws kernel: [12466.888947] bridge0: port 3(net_1_2) 
entered forwarding state
  Dec 24 11:12:29 bramws kernel: [12488.026376] bridge0: port 2(net_1_1) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.026820] device net_1_1 left promiscuous 
mode
  Dec 24 11:12:29 bramws kernel: [12488.026832] bridge0: port 2(net_1_1) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.049636] bridge0: port 3(net_1_2) 
entered disabled state
  Dec 24 11:12:29 bramws kernel: [12488.050058] device net_1_2 left promiscuous 
mode
  Dec 24 11:12:29 bramws kernel: [12488.050074] bridge0: port 3(net_1_2) 
entered disabled state

  Strace log: (full log attached)

  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 28646613}, NULL, 8) = 0 (Timeout)
  write(5, "\1\0\0\0\0\0\0\0", 8) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 10899760}, NULL, 8) = 1 ([{fd=5, revents=POLLIN}], left {0, 10895457})
  write(6, "\1\0\0\0\0\0\0\0", 8) = 8
  read(5, "\1\0\0\0\0\0\0\0", 512)= 8
  write(6, "\1\0\0\0\0\0\0\0", 8) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 1 ([{fd=6, revents=POLLIN}], left {0, 0})
  read(6, "\2\0\0\0\0\0\0\0", 16) = 8
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 
6, {0, 0}, NULL, 8) = 0 (Timeout)
  read(6, 0x7fff697320e0, 16) = -1 EAGAIN (Resource temporarily 
unavailable)
  ppoll([{fd=13, events=POLLIN|POLLERR|POLLHUP}, {fd=7, 
events=POLLIN|POLLERR|POLLHUP}, {fd=12, events=POLLIN|POLLERR|POLLHUP}, {fd=3, 
events=POLLIN|POLLERR|POLLHUP}, {fd=6, events=POLLIN}, {fd=5,

[Qemu-devel] [question] block: do we have any consideration about adding retry support in error handling?

[Bin Wu]

Hi,

When IO error happens in physical device, qemu block layer supports error
reporting, error ignoring and error stoping(for example, virtio-blk). Can we
have any way to resend the error IO?

thanks
-- 
Bin Wu

Re: [Qemu-devel] [question] block: do we have any consideration about adding retry support in error handling?

[Fam Zheng]

On Thu, 12/25 09:57, Bin Wu wrote:
> Hi,
> 
> When IO error happens in physical device, qemu block layer supports error
> reporting, error ignoring and error stoping(for example, virtio-blk). Can we
> have any way to resend the error IO?

With error stop, the request is retried after resume.

Fam

Re: [Qemu-devel] [PATCH v13 2/3] sPAPR: Implement EEH RTAS calls

[Gavin Shan]

On Tue, Dec 23, 2014 at 03:22:06PM +1100, David Gibson wrote:
>On Mon, Dec 15, 2014 at 11:15:07AM +1100, Gavin Shan wrote:
>> The emulation for EEH RTAS requests from guest isn't covered
>> by QEMU yet and the patch implements them.
>> 
>> The patch defines constants used by EEH RTAS calls and adds
>> callback sPAPRPHBClass::eeh_handler, which is going to be used
>> this way:
>> 
>>   * RTAS calls are received in spapr_pci.c, sanity check is done
>> there.
>>   * RTAS handlers handle what they can. If there is something it
>> cannot handle and sPAPRPHBClass::eeh_handler callback is defined,
>> it is called.
>>   * sPAPRPHBClass::eeh_handler is only implemented for VFIO now. It
>> does ioctl() to the IOMMU container fd to complete the call. Error
>> codes from that ioctl() are transferred back to the guest.
>> 
>> [aik: defined RTAS tokens for EEH RTAS calls]
>> Signed-off-by: Gavin Shan 
>> ---
>>  hw/ppc/spapr_pci.c  | 246 
>> 
>>  include/hw/pci-host/spapr.h |   7 ++
>>  include/hw/ppc/spapr.h  |  43 +++-
>>  3 files changed, 294 insertions(+), 2 deletions(-)
>> 
>> diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c
>> index 3d70efe..3bb1971 100644
>> --- a/hw/ppc/spapr_pci.c
>> +++ b/hw/ppc/spapr_pci.c
>> @@ -406,6 +406,233 @@ static void 
>> rtas_ibm_query_interrupt_source_number(PowerPCCPU *cpu,
>>  rtas_st(rets, 2, 1);/* 0 == level; 1 == edge */
>>  }
>>  
>> +static int rtas_handle_eeh_request(sPAPREnvironment *spapr,
>> +   uint64_t buid, uint32_t req, uint32_t 
>> opt)
>> +{
>> +sPAPRPHBState *sphb = spapr_pci_find_phb(spapr, buid);
>> +sPAPRPHBClass *info = SPAPR_PCI_HOST_BRIDGE_GET_CLASS(sphb);
>> +
>> +if (!sphb || !info->eeh_handler) {
>> +return -ENOENT;
>> +}
>> +
>> +return info->eeh_handler(sphb, req, opt);
>> +}
>> +
>> +static void rtas_ibm_set_eeh_option(PowerPCCPU *cpu,
>> +sPAPREnvironment *spapr,
>> +uint32_t token, uint32_t nargs,
>> +target_ulong args, uint32_t nret,
>> +target_ulong rets)
>> +{
>> +uint32_t addr, option;
>> +uint64_t buid = ((uint64_t)rtas_ld(args, 1) << 32) | rtas_ld(args, 2);
>
>You're dereferencing RTAS parameters here before you've checked the
>number of parameters, which isn't safe.  Similar problem in the other
>entry points as well.
>

Yep, I'll fix it in next version. Thanks for review and pointing
it out.

>> +int ret;
>> +
>> +if ((nargs != 4) || (nret != 1)) {
>> +goto param_error_exit;
>> +}
>> +
>> +addr = rtas_ld(args, 0);
>> +option = rtas_ld(args, 3);
>> +switch (option) {
>> +case RTAS_EEH_ENABLE:
>> +if (!spapr_pci_find_dev(spapr, buid, addr)) {
>> +goto param_error_exit;
>> +}
>> +break;
>> +case RTAS_EEH_DISABLE:
>> +case RTAS_EEH_THAW_IO:
>> +case RTAS_EEH_THAW_DMA:
>> +break;
>> +default:
>> +goto param_error_exit;
>> +}
>> +
>> +ret = rtas_handle_eeh_request(spapr, buid,
>> +  RTAS_EEH_REQ_SET_OPTION, option);
>> +if (ret >= 0) {
>> +rtas_st(rets, 0, RTAS_OUT_SUCCESS);
>> +return;
>> +}
>
>The fall through here means that any failure in
>rtas_handle_eeh_request will be reported as RTAS_OUT_PARAM_ERROR,
>which doesn't sound like it would always be the right error code.
>Similar in the other entry points.
>

Yes, Varied error code to indicate different failure cases will
be better. I'll check PAPR spec again and return more precise
error code in next version.

Thanks,
Gavin

>-- 
>David Gibson   | I'll have my music baroque, and my code
>david AT gibson.dropbear.id.au | minimalist, thank you.  NOT _the_ _other_
>   | _way_ _around_!
>http://www.ozlabs.org/~dgibson

Re: [Qemu-devel] [PATCH v13 1/3] spapr_pci: Make find_phb()/find_dev() public

[Gavin Shan]

On Tue, Dec 23, 2014 at 03:24:58PM +1100, David Gibson wrote:
>On Mon, Dec 15, 2014 at 11:15:06AM +1100, Gavin Shan wrote:
>> From: Alexey Kardashevskiy 
>> 
>> This makes find_phb()/find_dev() public and changed its names
>> to spapr_pci_find_phb()/spapr_pci_find_dev() as they are going to
>> be used from other parts of QEMU such as VFIO DDW (dynamic DMA window)
>
>I don't actually see the other patches in this series using find_phb()
>or find_dev() outside of spapr_pci.c, so this change doesn't seem to
>be relevant to the series.
>

Yep, My patches were based on Alexey's "DDW" feature, which seems not
be merged to Alex Graf's tree yet. This patch isn't related any more
and I'll drop it in next version.

Thanks,
Gavin

>-- 
>David Gibson   | I'll have my music baroque, and my code
>david AT gibson.dropbear.id.au | minimalist, thank you.  NOT _the_ _other_
>   | _way_ _around_!
>http://www.ozlabs.org/~dgibson

Re: [Qemu-devel] [question] block: do we have any consideration about adding retry support in error handling?

[Bin Wu]

On 2014/12/25 10:42, Fam Zheng wrote:
> On Thu, 12/25 09:57, Bin Wu wrote:
>> Hi,
>>
>> When IO error happens in physical device, qemu block layer supports error
>> reporting, error ignoring and error stoping(for example, virtio-blk). Can we
>> have any way to resend the error IO?
> 
> With error stop, the request is retried after resume.
> 
> Fam
> 
> 

Thank you very much, Fam, I see. Another question: I think error stop is not the
default error handling strategy, how can we configure error stop in the VM XML
file? Can you just show me some example? Thanks again:>

-- 
Bin Wu

Re: [Qemu-devel] [PATCH] linux-user: Fix broken m68k signal handling on 64 bit hosts

[Michael Tokarev]

22.12.2014 20:47, Peter Maydell wrote:
> The m68k signal frame setup code which writes the signal return
> trampoline code to the stack was assuming that a 'long' was 32 bits;
> on 64 bit systems this meant we would end up writing the 32 bit
> (2 insn) trampoline sequence to retaddr+4,retaddr+6 instead of
> the intended retaddr+0,retaddr+2, resulting in a guest crash when
> it tried to execute the invalid zero-bytes at retaddr+0.
> Fix by using uint32_t instead; also use uint16_t rather than short
> for consistency. This fixes bug LP:1404690.

Cc: qemu-stable@ ?

Thanks,

/mjt

[Qemu-devel] [PATCH 0/2] eliminate data write in bdrv_write_zeroes on Linux

[Denis V. Lunev]

These patches eliminate data writes completely on Linux if fallocate
FALLOC_FL_ZERO_RANGE or FALLOC_FL_PUNCH_HOLE are  supported on
underlying filesystem. This should seriously increase performance in
some cases.

Signed-off-by: Denis V. Lunev 
CC: Kevin Wolf 
CC: Stefan Hajnoczi 

[Qemu-devel] [PATCH 2/2] block: use fallocate(FALLOC_FL_PUNCH_HOLE) & fallocate(0) to write zeroes

[Denis V. Lunev]

This sequence works efficiently if FALLOC_FL_ZERO_RANGE is not supported.
The idea is that FALLOC_FL_PUNCH_HOLE could not increase file size
but it cleans already allocated blocks inside the file. If we have to
create something new, simple fallocate will do the job.

This should increase performance a bit for not-so-modern kernels or for
filesystems which do not support FALLOC_FL_ZERO_RANGE.

Signed-off-by: Denis V. Lunev 
CC: Kevin Wolf 
CC: Stefan Hajnoczi 
---
 block/raw-posix.c | 12 
 1 file changed, 12 insertions(+)

diff --git a/block/raw-posix.c b/block/raw-posix.c
index 9e66cb7..60972a1 100644
--- a/block/raw-posix.c
+++ b/block/raw-posix.c
@@ -930,6 +930,18 @@ static ssize_t handle_aiocb_write_zeroes(RawPosixAIOData 
*aiocb)
 
 ret = -errno;
 #endif
+#ifdef CONFIG_FALLOCATE_PUNCH_HOLE
+do {
+if (fallocate(s->fd, FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE,
+  aiocb->aio_offset, aiocb->aio_nbytes) == 0 &&
+fallocate(s->fd, 0,
+  aiocb->aio_offset, aiocb->aio_nbytes) == 0) {
+return 0;
+}
+} while (errno == EINTR);
+
+ret = -errno;
+#endif
 }
 
 if (ret == -ENODEV || ret == -ENOSYS || ret == -EOPNOTSUPP ||
-- 
1.9.1

[Qemu-devel] [PATCH 1/2] block: use fallocate(FALLOC_FL_ZERO_RANGE) in handle_aiocb_write_zeroes

[Denis V. Lunev]

this efficiently writes zeroes in the middle of the file on Linux
systems if the kernel is capable enough.

Signed-off-by: Denis V. Lunev 
CC: Kevin Wolf 
CC: Stefan Hajnoczi 
---
 block/raw-posix.c | 11 +++
 configure | 19 +++
 2 files changed, 30 insertions(+)

diff --git a/block/raw-posix.c b/block/raw-posix.c
index e51293a..9e66cb7 100644
--- a/block/raw-posix.c
+++ b/block/raw-posix.c
@@ -919,6 +919,17 @@ static ssize_t handle_aiocb_write_zeroes(RawPosixAIOData 
*aiocb)
 return xfs_write_zeroes(s, aiocb->aio_offset, aiocb->aio_nbytes);
 }
 #endif
+
+#ifdef CONFIG_FALLOCATE_ZERO_RANGE
+do {
+if (fallocate(s->fd, CONFIG_FALLOCATE_ZERO_RANGE,
+  aiocb->aio_offset, aiocb->aio_nbytes) == 0) {
+return 0;
+}
+} while (errno == EINTR);
+
+ret = -errno;
+#endif
 }
 
 if (ret == -ENODEV || ret == -ENOSYS || ret == -EOPNOTSUPP ||
diff --git a/configure b/configure
index cae588c..dfcf7b3 100755
--- a/configure
+++ b/configure
@@ -3309,6 +3309,22 @@ if compile_prog "" "" ; then
   fallocate_punch_hole=yes
 fi
 
+# check that fallocate supports range zeroing inside the file
+fallocate_zero_range=no
+cat > $TMPC << EOF
+#include 
+#include 
+
+int main(void)
+{
+fallocate(0, FALLOC_FL_ZERO_RANGE, 0, 0);
+return 0;
+}
+EOF
+if compile_prog "" "" ; then
+  fallocate_zero_range=yes
+fi
+
 # check for posix_fallocate
 posix_fallocate=no
 cat > $TMPC << EOF
@@ -4538,6 +4554,9 @@ fi
 if test "$fallocate_punch_hole" = "yes" ; then
   echo "CONFIG_FALLOCATE_PUNCH_HOLE=y" >> $config_host_mak
 fi
+if test "$fallocate_zero_range" = "yes" ; then
+  echo "CONFIG_FALLOCATE_ZERO_RANGE=y" >> $config_host_mak
+fi
 if test "$posix_fallocate" = "yes" ; then
   echo "CONFIG_POSIX_FALLOCATE=y" >> $config_host_mak
 fi
-- 
1.9.1

[Qemu-devel] [PATCH 4/3] guest agent: ignore SIGPIPE signal

[Denis V. Lunev]

From: Simon Zolin 

If write operation fails on a pipe whose reading end is closed, qemu-ga
won't be terminated, but instead write() will fail with error EPIPE.

execve() inherits signals that are ignored, so reset SIGPIPE to its default
handler before calling execve() in a forked process.

Signed-off-by: Simon Zolin 
Signed-off-by: Denis V. Lunev 
CC: Michael Roth 
---
 qga/commands-posix.c | 16 
 qga/main.c   |  6 ++
 2 files changed, 22 insertions(+)

diff --git a/qga/commands-posix.c b/qga/commands-posix.c
index 5872196..93aed2e 100644
--- a/qga/commands-posix.c
+++ b/qga/commands-posix.c
@@ -998,6 +998,20 @@ static int guest_exec_set_std(GuestFileHandle *gfh, int 
std_fd, int fd_null)
 return 0;
 }
 
+/** Reset ignored signals back to default. */
+static void guest_exec_reset_child_sig(void)
+{
+struct sigaction sigact;
+
+memset(&sigact, 0, sizeof(struct sigaction));
+sigact.sa_handler = SIG_DFL;
+
+if (sigaction(SIGPIPE, &sigact, NULL) != 0) {
+slog("sigaction() failed to reset child process's SIGPIPE: %s",
+ strerror(errno));
+}
+}
+
 int64_t qmp_guest_exec(const char *path,
bool has_params, strList *params,
bool has_env, strList *env,
@@ -1070,6 +1084,8 @@ int64_t qmp_guest_exec(const char *path,
 /* exit(1); */
 }
 
+guest_exec_reset_child_sig();
+
 execvpe(path, (char * const *)argv, (char * const *)envp);
 slog("guest-exec child failed: %s", strerror(errno));
 exit(1);
diff --git a/qga/main.c b/qga/main.c
index 9939a2b..bc6414c 100644
--- a/qga/main.c
+++ b/qga/main.c
@@ -160,6 +160,12 @@ static gboolean register_signal_handlers(void)
 g_error("error configuring signal handler: %s", strerror(errno));
 }
 
+sigact.sa_handler = SIG_IGN;
+if (sigaction(SIGPIPE, &sigact, NULL) != 0) {
+g_error("error configuring SIGPIPE signal handler: %s",
+strerror(errno));
+}
+
 return true;
 }
 
-- 
1.9.1

Re: [Qemu-devel] [question] block: do we have any consideration about adding retry support in error handling?

[Fam Zheng]

On Thu, 12/25 11:46, Bin Wu wrote:
> On 2014/12/25 10:42, Fam Zheng wrote:
> > On Thu, 12/25 09:57, Bin Wu wrote:
> >> Hi,
> >>
> >> When IO error happens in physical device, qemu block layer supports error
> >> reporting, error ignoring and error stoping(for example, virtio-blk). Can 
> >> we
> >> have any way to resend the error IO?
> > 
> > With error stop, the request is retried after resume.
> > 
> > Fam
> > 
> > 
> 
> Thank you very much, Fam, I see. Another question: I think error stop is not 
> the
> default error handling strategy, how can we configure error stop in the VM XML
> file? Can you just show me some example? Thanks again:>

This is a question for libvirt, look for "error_policy":

https://libvirt.org/formatdomain.html

Fam