[Qemu-devel] [Bug 604872] Re: qemu-system-arm segfaults emulating versatile machine after running debootstrap --second-stage inside vm
The commit in qemu-linaro is: http://git.linaro.org/gitweb?p=qemu/qemu-linaro.git;a=commit;h=98eac7cab4392ab28fa22265e27906f5b9c6c9da I asked you to undo the status change just because I don't own qemu- linaro (Ubuntu) and don't know what counts as fix released (eg maybe that only happens when it goes into a stable ubuntu release?). It's fix released as far as Linaro QEMU is concerned, though. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/604872 Title: qemu-system-arm segfaults emulating versatile machine after running debootstrap --second-stage inside vm Status in QEMU: Fix Committed Status in “qemu-linaro” package in Ubuntu: Triaged Bug description: Binary package hint: qemu-kvm As I'm now implementing the support for creating a rootstock rootfs without requiring root, I need to run the deboostrap' second stage inside a VM, to correctly install the packages into the rootfs. qemu-system-arm fails right after debootstrap finish the second stage, giving a segmentation fault. Command: qemu-system-arm -M versatilepb -cpu cortex-a8 -kernel vmlinuz -no-reboot -nographic -drive file=qemu-armel-201007122016.img,aio=native,cache=none -m 256 -append 'console=ttyAMA0,115200n8 root=/dev/sda rw mem=256M devtmpfs.mount=0 init=/bin/installer' Uncompressing Linux. done, booting the kernel. [0.00] Initializing cgroup subsys cpuset [0.00] Initializing cgroup subsys cpu [0.00] Linux version 2.6.32-21-versatile (buildd@cushaw) (gcc version 4.4.3 (Ubuntu 4.4.3-4ubuntu5) ) #32-Ubuntu Fri Apr 16 08:14:53 UTC 2010 (Ubuntu 2.6.32-21.32-versatile 2.6.32.11+drm33.2) ... I: Base system installed successfully. I: Starting basic services in VM Segmentation fault (core dumped) [492816.197352] qemu-system-arm[16024]: segfault at cf6ba8fc ip cf6ba8fc sp 7fffd0e68680 error 14 Image: * rootfs: http://rsalveti.net/pub/ubuntu/rootstock/qemu-armel-201007122016.img (md5 1d063ac8a65c798bb004cd1c4c7970c5) * kernel: http://ports.ubuntu.com/ubuntu-ports/dists/lucid/main/installer-armel/current/images/versatile/netboot/vmlinuz I'm able to reproduce the bug on Maverick (amd64) and Lucid (x86). Maverick qemu-kvm-extras: 0.12.4+noroms-0ubuntu4 Lucid qemu-kvm-extras: 0.12.3+noroms-0ubuntu9.2 ProblemType: Bug DistroRelease: Ubuntu 10.10 Package: qemu-kvm-extras 0.12.4+noroms-0ubuntu4 ProcVersionSignature: Ubuntu 2.6.35-6.9-generic 2.6.35-rc3 Uname: Linux 2.6.35-6-generic x86_64 Architecture: amd64 Date: Mon Jul 12 18:55:35 2010 InstallationMedia: Ubuntu 10.04 LTS Lucid Lynx - Release amd64 (20100427.1) KvmCmdLine: Error: command ['ps', '-C', 'kvm', '-F'] failed with exit code 1: UIDPID PPID CSZ RSS PSR STIME TTY TIME CMD MachineType: LENOVO 2764CTO PccardctlIdent: Socket 0: no product info available PccardctlStatus: Socket 0: no card ProcCmdLine: BOOT_IMAGE=/vmlinuz-2.6.35-6-generic root=/dev/mapper/primary-root ro crashkernel=384M-2G:64M,2G-:128M quiet splash ProcEnviron: LANG=en_US.utf8 SHELL=/bin/bash SourcePackage: qemu-kvm dmi.bios.date: 04/19/2010 dmi.bios.vendor: LENOVO dmi.bios.version: 7UET86WW (3.16 ) dmi.board.name: 2764CTO dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr7UET86WW(3.16):bd04/19/2010:svnLENOVO:pn2764CTO:pvrThinkPadT400:rvnLENOVO:rn2764CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 2764CTO dmi.product.version: ThinkPad T400 dmi.sys.vendor: LENOVO
[Qemu-devel] Re: [RFC] Some more io-thread optimizations
On 2011-02-15 23:03, Marcelo Tosatti wrote: On Mon, Feb 14, 2011 at 10:50:42AM +0100, Jan Kiszka wrote: Hi, patch below further reduces the io-thread overhead in tcg mode so that specifically emulating smp boxes gets noticeably faster. Its essence: poll the file descriptors until select returns 0, keeping the global mutex locked. This reduces ping pong with the vcpu threads, most noticeably in tcg mode where we run in lock-step. Split up in two patches, I'm planning to route those changes via the kvm queue (as they collide with other patches there). Jan Not sure this makes sense for all cases. There could be scenarios where a single pass is more efficient (think latency to acquire mutex from vcpu context in kvm mode, with intensive file IO in progress). Yeah, likely true. Only TCG has these insane long lock-holding times and requires signal-based mutex handover. I will exclude KVM from this. Jan signature.asc Description: OpenPGP digital signature
[Qemu-devel] Re: [PATCH] fix halt emulation with icount and CONFIG_IOTHREAD (v2)
On 2011-02-15 21:56, Marcelo Tosatti wrote:
Note: to be applied to uq/master.
In icount mode, halt emulation should take into account the nearest event
when sleeping.
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
Reported-and-tested-by: Edgar E. Iglesias edgar.igles...@gmail.com
diff --git a/cpus.c b/cpus.c
index 468544c..21c3eba 100644
--- a/cpus.c
+++ b/cpus.c
@@ -770,7 +770,7 @@ static void qemu_tcg_wait_io_event(void)
CPUState *env;
while (all_cpu_threads_idle()) {
-qemu_cond_timedwait(tcg_halt_cond, qemu_global_mutex, 1000);
+qemu_cond_timedwait(tcg_halt_cond, qemu_global_mutex,
qemu_calculate_timeout());
}
qemu_mutex_unlock(qemu_global_mutex);
As we agree that timeouts are wrong here, let's check if Paolo's patches
make a difference.
If not, it would still be better to understand the actual issue. After
trying too many voodoo patches myself, I've finally found that mutex
ping pong between iothread and vcpus by starring at a trace in kernelshark.
Jan
signature.asc
Description: OpenPGP digital signature
Re: [Qemu-devel] Re: [RFC] qapi: events in QMP
Am 16.02.2011 01:59, schrieb Anthony Liguori:
On 02/15/2011 07:38 AM, Luiz Capitulino wrote:
On Tue, 15 Feb 2011 10:20:01 +0100
Kevin Wolfkw...@redhat.com wrote:
Am 14.02.2011 20:34, schrieb Anthony Liguori:
On 02/14/2011 12:34 PM, Luiz Capitulino wrote:
On Mon, 14 Feb 2011 08:39:11 -0600
Anthony Liguorianth...@codemonkey.ws wrote:
On 02/14/2011 06:45 AM, Luiz Capitulino wrote:
So the question is: how does the schema based design support extending
commands or events? Does it require adding new commands/events?
Well, let me ask you, how do we do that today?
Let's say that I want to add a new parameter to the `change' function so
that I can include a salt parameter as part of the password.
The way we'd do this today is by checking for the 'salt' parameter in
qdict, and if it's not present, use a random salt or something like that.
You likely want to do what you did before. Of course that you have to
consider if what you're doing is extending an existing command or badly
overloading it (like change is today), in this case you'll want to add
a new command instead.
But yes, the use-case here is extending an existing command.
However, if I'm a QMP client, how can I tell whether you're going to
ignore my salt parameter or actually use it? Nothing in QMP tells me
this today. If I set the salt parameter in the `change' command, I'll
just get a success message.
I'm sorry?
{ execute: change, arguments: { device: vnc, target:
password, arg: 1234, salt: r1 } }
{error: {class: InvalidParameter, desc: Invalid parameter
'salt', data: {name: salt}}}
So I'm supposed to execute the command, and if execution fails, drop the
new parameter? If we add a few optional parameters, does that mean I
have to try every possible combination of parameters?
How is that different from trying out multiple commands? In the end, you
always need some meta information like a schema in order to avoid trying
out which parameters the server supports.
Anyway, I think there's a second interesting point: Adding parameters
does cause these problems, but it's different for data sent from qemu to
the client (return values and events). If we add more information there,
an older client can just ignore it, without even looking at a schema.
So I think we should consider this for return values and definitely do
it for events. Sending out five different messages for a single event
that are completely redundant and only differ in the number of fields is
just insane (okay, they wouldn't actually get on the wire because a
client registers only for one of them, but the code for generating them
must exist).
That's my point when I asked about events in the other thread.
Okay, I had confused myself about this. It's not quite as bad as I had
been saying.
One of the reasons to have generated allocation function is so that we
can make sure to always pad structures. Since all optional fields has a
bool to indicate the fields presence, by setting the allocated structure
to zero, we can support forwards compatibility for structures.
I think in most cases we would even get away with a default value
instead of the bool. For example for strings, NULL would be a very clear
indication that the field wasn't there in the JSON message. I think it
works also for most (if not all) integer fields, but maybe having a bool
has_* field is safer there.
Or maybe we can add an indication to the schema that specifies if a
default value should be generated or (for the rare cases where it's
needed) a has_* field is added.
So we can add new members to structures with no libqmp compatibility
problem. It's only if we add new arguments to signals or commands that
we will break the ABI.
Yeah, that makes sense.
If we expect to add fields later, we just have to make sure we use a
structure to encapsulate things.
As stated before, I think we should use structures for all events. I
still don't understand why we should have an exception for events. Any
other command returns structures, too, and you don't automagically pull
their fields up one level anywhere except for events.
Kevin
[Qemu-devel] Re: qemu compiling error on ppc64: kvm.c:81: error: 'struct kvm_sregs' has no member named 'pvr'
On 02/15/2011 05:59 PM, Dushyant Bansal wrote: 2. How to configure makefiles to get output of printk statements inside kvm/arch/powerpc/kvm/trace.h Better don't make them printks - just use the tracing framework. I'd write up a small howto here myself, but I'm pretty much on the jump to my plane for vacation. Avi, could you please guide him a bit on how to get data out of tracepoints? Thanks for the quick reply :) I have added some more trace parameters in the tracing framework and currently, it is working fine. 1. Add new field in struct kvm_vcpu_stat (kvm_host.h) 2. Add corresponding entry in struct kvm_stats_debugfs_item debugfs_entries[] (book3s.c) 3. Increment or Decrement that field where ever necessary. Those aren't tracepoints; they're deprecated debug statistics. For tracepoints, see include/trace/events/kvm.h (general kvm tracepoints) arch/powerpc/kvm/trace.h (ppc specific tracepoints) arch/powerpc/kvm/book3s_mmu_hpte.c (examples of use, look for trace_kvm_*) Documentation/trace/tracepoints.txt (documentation, likely outdated) -- error compiling committee.c: too many arguments to function
[Qemu-devel] Oferta do dia: Maior segurança e conforto com 70% OFF em Balanceamento e Alinhamento no Venancio Centro Automotivo (de R$40,00 por R$12,00)
Não consegue visualizar a newsletter? Click aqui ( http://shoppingdopovo.com.br/site/index.php?option=com_acymailingctrl=archivetask=viewmailid=39key=e917fb84d1ba64e267277cdc9bde4ee8subid=117104-9a9cec8a6fdd74f317649577265edc31 ) para abrir no navegador. Oferta do dia: Maior segurança e conforto com 70% OFF em Balanceamento e Alinhamento no Venancio Centro Automotivo (de R$40,00 por R$12,00) Compartilhe com seus amigos: Maior segurança e conforto com 70% OFF em Balanceamento e Alinhamento no Venancio Centro Automotivo (de R$40,00 por R$12,00). 70% de desconto em Balanceamento e Alinhamento no Venancio Centro Automotivo (de R$40,00 por R$12,00). Alinhamento: evita o desgaste dos pneus, proporciona conforto na direção e aumenta a vida útil da suspensão. Balanceamento: prolonga a vida útil dos rolamentos de roda e dos pneus. Mais segurança para seu veículo em viagens, passeios e no seu dia a dia. Equipamentos de alta tecnologia. Mecânicos experientes nas áreas de suspensão, alinhamento e balanceamento. NOSSAS COMUNIDADES Ganhe Indicando o Site Cadastre-se grátis no Clube de Associados e comece a ganhar dinheiro cada vez que seus amigos fizerem uma compra Espalhe a Nóticia Convide amigos do Orkut, Facebook, Twitter, MSN, Yahoo, Gmail, Hotmail, e onde mais estiverem. Email: cont...@shoppingdopovo.com.br Click em Alterar cidade ( http://shoppingdopovo.com.br/site/index.php?option=com_acymailingctrl=usertask=modifysubid=117104key=9a9cec8a6fdd74f317649577265edc31 ), para receber email de outra cidade ou parar de receber nossos emails. Copyright © 2010 Shopping do Povo. Todos os Direitos Reservados
[Qemu-devel] q: vgabios broken for older qemu[-kvm]
I noticed that current vgabios (as shipped with 0.14.0-rc) does not work well with qemu-kvm-0.12, despite very small changes in the source. cirrus emulation works just fine. But with stdvga (which uses vgabios.bin file in 0.12), X does not start with the following message in X.org: (WW) VESA(0): Unable to estimate virtual size after which it assumes that all available video modes does not work and finally fails. I see Gerd (Cc'd) touched vgabios during 0.14 lifecycle -- can you take a look please? It is not terrible important for 0.14 itself, but it'd be very nice to have nice upgrade/rollback path for distributions who has vgabios in separate package(s). Thank you! /mjt
[Qemu-devel] Re: q: vgabios broken for older qemu[-kvm]
16.02.2011 12:25, Michael Tokarev wrote: I noticed that current vgabios (as shipped with 0.14.0-rc) does not work well with qemu-kvm-0.12, despite very small changes in the source. cirrus emulation works just fine. But with stdvga (which uses vgabios.bin file in 0.12), X does not start [...] This is a false alarm. qemu-kvm 0.12 uses older vgabios (0.6b), it fails with 0.6c, and this is a well-known issue, I just forgot about it. Please excuse me for this. /mjt
[Qemu-devel] [Bug 604872] Re: qemu-system-arm segfaults emulating versatile machine after running debootstrap --second-stage inside vm
Ok; the commit you point at is in the current qemu-linaro package Fix released in Ubuntu is when we upload a fixed source package to the Ubuntu development release The usual way to close Ubuntu bugs fixed with an upload is via the debian/changelog, when Launchpad processes the .changes file with the list of fixed bugs, it marks these fix released If we need to track status in stable releases of Ubuntu, we use Target to series to flag the ones where we need a different bug state ** Changed in: qemu-linaro (Ubuntu) Status: Triaged = Fix Released -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/604872 Title: qemu-system-arm segfaults emulating versatile machine after running debootstrap --second-stage inside vm Status in QEMU: Fix Committed Status in “qemu-linaro” package in Ubuntu: Fix Released Bug description: Binary package hint: qemu-kvm As I'm now implementing the support for creating a rootstock rootfs without requiring root, I need to run the deboostrap' second stage inside a VM, to correctly install the packages into the rootfs. qemu-system-arm fails right after debootstrap finish the second stage, giving a segmentation fault. Command: qemu-system-arm -M versatilepb -cpu cortex-a8 -kernel vmlinuz -no-reboot -nographic -drive file=qemu-armel-201007122016.img,aio=native,cache=none -m 256 -append 'console=ttyAMA0,115200n8 root=/dev/sda rw mem=256M devtmpfs.mount=0 init=/bin/installer' Uncompressing Linux. done, booting the kernel. [0.00] Initializing cgroup subsys cpuset [0.00] Initializing cgroup subsys cpu [0.00] Linux version 2.6.32-21-versatile (buildd@cushaw) (gcc version 4.4.3 (Ubuntu 4.4.3-4ubuntu5) ) #32-Ubuntu Fri Apr 16 08:14:53 UTC 2010 (Ubuntu 2.6.32-21.32-versatile 2.6.32.11+drm33.2) ... I: Base system installed successfully. I: Starting basic services in VM Segmentation fault (core dumped) [492816.197352] qemu-system-arm[16024]: segfault at cf6ba8fc ip cf6ba8fc sp 7fffd0e68680 error 14 Image: * rootfs: http://rsalveti.net/pub/ubuntu/rootstock/qemu-armel-201007122016.img (md5 1d063ac8a65c798bb004cd1c4c7970c5) * kernel: http://ports.ubuntu.com/ubuntu-ports/dists/lucid/main/installer-armel/current/images/versatile/netboot/vmlinuz I'm able to reproduce the bug on Maverick (amd64) and Lucid (x86). Maverick qemu-kvm-extras: 0.12.4+noroms-0ubuntu4 Lucid qemu-kvm-extras: 0.12.3+noroms-0ubuntu9.2 ProblemType: Bug DistroRelease: Ubuntu 10.10 Package: qemu-kvm-extras 0.12.4+noroms-0ubuntu4 ProcVersionSignature: Ubuntu 2.6.35-6.9-generic 2.6.35-rc3 Uname: Linux 2.6.35-6-generic x86_64 Architecture: amd64 Date: Mon Jul 12 18:55:35 2010 InstallationMedia: Ubuntu 10.04 LTS Lucid Lynx - Release amd64 (20100427.1) KvmCmdLine: Error: command ['ps', '-C', 'kvm', '-F'] failed with exit code 1: UIDPID PPID CSZ RSS PSR STIME TTY TIME CMD MachineType: LENOVO 2764CTO PccardctlIdent: Socket 0: no product info available PccardctlStatus: Socket 0: no card ProcCmdLine: BOOT_IMAGE=/vmlinuz-2.6.35-6-generic root=/dev/mapper/primary-root ro crashkernel=384M-2G:64M,2G-:128M quiet splash ProcEnviron: LANG=en_US.utf8 SHELL=/bin/bash SourcePackage: qemu-kvm dmi.bios.date: 04/19/2010 dmi.bios.vendor: LENOVO dmi.bios.version: 7UET86WW (3.16 ) dmi.board.name: 2764CTO dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr7UET86WW(3.16):bd04/19/2010:svnLENOVO:pn2764CTO:pvrThinkPadT400:rvnLENOVO:rn2764CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 2764CTO dmi.product.version: ThinkPad T400 dmi.sys.vendor: LENOVO
[Qemu-devel] Re: [PATCH] fix halt emulation with icount and CONFIG_IOTHREAD (v2)
On 02/15/2011 09:56 PM, Marcelo Tosatti wrote:
Note: to be applied to uq/master.
In icount mode, halt emulation should take into account the nearest
event when sleeping.
I agree with Jan that this patch is not the best solution, if not incorrect.
However, in the iothread, the main loop can kick the VCPU thread instead
of running cpu_exec_all like it does in non-iothread mode. Something
like this:
diff --git a/vl.c b/vl.c
index b436952..7835317 100644
--- a/vl.c
+++ b/vl.c
@@ -1425,7 +1425,9 @@ static void main_loop(void)
qemu_main_loop_start();
for (;;) {
-#ifndef CONFIG_IOTHREAD
+#ifdef CONFIG_IOTHREAD
+qemu_cpu_kick(first_cpu);
+#else
nonblocking = cpu_exec_all();
if (vm_request_pending()) {
nonblocking = true;
I don't like this 100% because it relies on the fact that there is only
one TCG execution thread. In a multithreaded world you would:
1) have each CPU register its own instruction counter;
2) have each CPU register its own QEMU_CLOCK_REALTIME timer based on
qemu_icount_delta() and arm it just before going to sleep; the timer
kicks the CPU.
3) remove all icount business from qemu_calculate_timeout.
Item (3) is what makes me prefer my patch above (if it works) to
Marcelo's. Marcelo's patch is tying even more qemu_calculate_timeout to
the icount. So if anything, a patch tweaking the timedwait like
Marcelo's should use something based on qemu_icount_delta().
Paolo
Re: [Qemu-devel] [PATCH] fix memory leak when we uninit a drive
Wen Congyang we...@cn.fujitsu.com writes: We alloc memory for dinfo-id, so we should free it in the function drive_uninit(). Already fixed in Kevin's block tree and 0.14-rc2 (commit e5f1c196), although not yet in stable. Thanks anyway!
Re: [Qemu-devel] [PATCH] uninit drive if drive_init failed
Wen Congyang we...@cn.fujitsu.com writes: steps to reproduce this bug: 1. virsh attach-disk domain --source imagefile --target sdb --sourcetype file --driver qemu --subdriver qcow2 error: Failed to attach disk error: operation failed: adding scsi-disk,bus=scsi0.0,scsi-id=1,drive=drive-scsi0-0-1,id=scsi0-0-1 device failed: Property 'scsi-disk.drive' can't find value 'drive-scsi0-0-1' 2. virsh attach-disk domain --source imagefile --target sdb --sourcetype file --driver qemu --subdriver raw error: Failed to attach disk error: operation failed: adding scsi-disk,bus=scsi0.0,scsi-id=1,drive=drive-scsi0-0-1,id=scsi0-0-1 device failed: Property 'scsi-disk.drive' can't find value 'drive-scsi0-0-1' The format of disk image file is raw. If we run comand 2 only, we will attach the disk successfully. The reason of this bug is that: we do not remove dinfo from drives and dinfo-bdrv from bdrv_states if we open the disk image file failed. Signed-off-by: Wen Congyang we...@cn.fujitsu.com Already fixed in Kevin's block tree and 0.14-rc2 (commit 08931947), although not yet in stable. Thanks anyway!
[Qemu-devel] Re: [PATCH] fix halt emulation with icount and CONFIG_IOTHREAD (v2)
On 2011-02-16 10:32, Paolo Bonzini wrote:
On 02/15/2011 09:56 PM, Marcelo Tosatti wrote:
Note: to be applied to uq/master.
In icount mode, halt emulation should take into account the nearest
event when sleeping.
I agree with Jan that this patch is not the best solution, if not
incorrect.
However, in the iothread, the main loop can kick the VCPU thread instead
of running cpu_exec_all like it does in non-iothread mode. Something
like this:
diff --git a/vl.c b/vl.c
index b436952..7835317 100644
--- a/vl.c
+++ b/vl.c
@@ -1425,7 +1425,9 @@ static void main_loop(void)
qemu_main_loop_start();
for (;;) {
-#ifndef CONFIG_IOTHREAD
+#ifdef CONFIG_IOTHREAD
+qemu_cpu_kick(first_cpu);
+#else
nonblocking = cpu_exec_all();
if (vm_request_pending()) {
nonblocking = true;
What should this be good for? The iothread already kicks the vcpu if it
wants to acquire the contended global mutex. And when the vcpu thread is
in halt state, kicking it should change no other state.
I don't like this 100% because it relies on the fact that there is only
one TCG execution thread. In a multithreaded world you would:
1) have each CPU register its own instruction counter;
2) have each CPU register its own QEMU_CLOCK_REALTIME timer based on
qemu_icount_delta() and arm it just before going to sleep; the timer
kicks the CPU.
3) remove all icount business from qemu_calculate_timeout.
Item (3) is what makes me prefer my patch above (if it works) to
Marcelo's. Marcelo's patch is tying even more qemu_calculate_timeout to
the icount. So if anything, a patch tweaking the timedwait like
Marcelo's should use something based on qemu_icount_delta().
Really, that idle loop apparently does _nothing_ while
all_cpu_threads_idle is true. Or does the IPI signal handler apply some
magic? I still don't get what is supposed to be fixed in
qemu_tcg_wait_io_event.
Jan
--
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [PATCH 06/10] vmmouse: convert to qdev
Blue Swirl blauwir...@gmail.com writes: On Tue, Feb 15, 2011 at 12:07 PM, Markus Armbruster arm...@redhat.com wrote: Anthony Liguori anth...@codemonkey.ws writes: On 02/12/2011 11:03 AM, Markus Armbruster wrote: Blue Swirlblauwir...@gmail.com writes: Convert to qdev, also add a proper reset function. [...] Pointer properties are for dirty hacks only. Is there really no better solution? Why does it have to be a property? vmmouse is really just an extension to the PS2 Mouse. It's definitely not an ISA device. In terms of qdev enablement, I would just make it a boolean option to the PS2Mouse and not expose it as a top level device at all. It cannot exist without a PS2Mouse. Which means making it a separate qdev is wrong. That wrongness gave rise to the dirty pointer property. Pointer property serves as canary again. What now? I don't find pointer property use so dirty, See commit 036f7166. but I'll try to combine the devices to see whether that makes sense. Appreciated. PS: Grumpy reviewer venting: review can keep such mistakes out of the code, but it got committed less than two days after it was posted. Did not: http://lists.nongnu.org/archive/html/qemu-devel/2011-02/msg00396.html http://git.qemu.org/qemu.git/commit/?id=91c9e09147ba1f3604a3d5d29b4de7702082a33f I must have misread the commit log. Mea culpa, my sincere apologies. Thank you for reviewing.
Re: [Qemu-devel] KVM call minutes for Feb 8
On Tue, Feb 15, 2011 at 05:07:07PM -0600, Anthony Liguori wrote:
On 02/15/2011 11:11 AM, Blue Swirl wrote:
On Mon, Feb 14, 2011 at 11:47 PM, Anthony Liguorianth...@codemonkey.ws
wrote:
Any device we expose to the user through -device needs to maintain a
compatible interface forever. For our own sanity, I think we should try to
expose as little as possible.
Restricting the users from adding arbitrary devices is a different
issue. Dropping qdev support to prevent user from adding the device
seems draconian, what's wrong with no_user flag?
I think you're missing my point.
It should be possible to make a device qdev without exposing it
via a factory interface. Today it's all or nothing and that's the
part I dislike.
I think you are mixing too different thing here. The purpose of qdev (or
other device tree implementation) should be 1. to provide factory
interface. 2 to keep track on how devices are interconnected (or in
other words to keep track of device tree). But you are constantly
talking about how qdev should be object oriented way to build devices
themselves and I think this shouldn't be part of qdev at all.
no_user is a hack. We can do better.
A good example of a device that we should model through qdev but not expose
via -device is actually SerialState.
You wouldn't want users to add any serial ports? What should be do
with serial ports then, always enable a full set of ports? How would
the user use them?
No, users should be able to create ISASerialDevice,
MMIOSerialDevice, but not UART16650A. Here's what I'm talking
about:
class ISASerialDevice : public ISADevice
{
UART16650A uart;
};
class MMIOSerialDevice : public PlatformDevice
{
UART16650A uart;
};
There should be factory interfaces for ISASeriaDevice and
MMIOSerialDevice but not UART16650A.
This is OK and I do not disagree with this, but this is not what qdev
should be about. Qdev should be about allowing user to specify how and
which classes (read devices) should be instantiated at how they should
be interconnected. Taking yous example above qdev should allow to say: I
want to instantiate ISASerialDevice on bus object isabus0 (which was
instantiated before). It should claim resources A, B and C from that
bus. I also what instantiate MMIOSerialDevice on bus object systembus
claiming resource Z.
--
Gleb.
[Qemu-devel] Re: [PATCH] fix halt emulation with icount and CONFIG_IOTHREAD (v2)
On 02/16/2011 10:46 AM, Jan Kiszka wrote: What should this be good for? The iothread already kicks the vcpu if it wants to acquire the contended global mutex. Assuming the VCPU is in the timedwait that Marcelo changed, the global mutex is free and the iothread will not kick the VCPU. And when the vcpu thread is in halt state, kicking it should change no other state. Kicking the VCPU will start running it, if an interrupt request from the devices caused cpu_has_work to become true (and hence all_cpu_threads_idle to become false). So, perhaps the correct fix is to kick the cpu in cpu_interrupt, and all I wrote about timeouts and timers is wrong. My patch would band-aid it. Paolo
Re: [Qemu-devel] [PATCH 05/10] vmport: convert to qdev
Blue Swirl blauwir...@gmail.com writes: On Tue, Feb 15, 2011 at 12:22 PM, Markus Armbruster arm...@redhat.com wrote: Blue Swirl blauwir...@gmail.com writes: On Sat, Feb 12, 2011 at 6:57 PM, Markus Armbruster arm...@redhat.com wrote: [...] Old code has pc_init1() call vmport_init(). Where does your code create qdev vmport? And what's happening with port_state? It's still used by vmport_register(), but no longer connected to the I/O ports. Can't see how vmport_register() has any effect anymore. I fixed it in the committed version. Did you post v2 to the list for review? No, since v1 got no review. *Please* don't do that. Have you tested this? Sure. Here's how your v2 creates and initializes the qdev: [...] Maybe I'm dense, but I can't see how this can work. Good catch, it doesn't. Probably vmport_register() should take ISADevice* parameter to provide the state, instead of using static state (which would be easy one-line change). But if all this is going to be thrown into ps2.c, it may not be necessary. The whole concept of registration may become useless. Yes.
Re: [Qemu-devel] [PATCH] uninit drive if drive_init failed
At 02/16/2011 05:45 PM, Markus Armbruster Write: Wen Congyang we...@cn.fujitsu.com writes: steps to reproduce this bug: 1. virsh attach-disk domain --source imagefile --target sdb --sourcetype file --driver qemu --subdriver qcow2 error: Failed to attach disk error: operation failed: adding scsi-disk,bus=scsi0.0,scsi-id=1,drive=drive-scsi0-0-1,id=scsi0-0-1 device failed: Property 'scsi-disk.drive' can't find value 'drive-scsi0-0-1' 2. virsh attach-disk domain --source imagefile --target sdb --sourcetype file --driver qemu --subdriver raw error: Failed to attach disk error: operation failed: adding scsi-disk,bus=scsi0.0,scsi-id=1,drive=drive-scsi0-0-1,id=scsi0-0-1 device failed: Property 'scsi-disk.drive' can't find value 'drive-scsi0-0-1' The format of disk image file is raw. If we run comand 2 only, we will attach the disk successfully. The reason of this bug is that: we do not remove dinfo from drives and dinfo-bdrv from bdrv_states if we open the disk image file failed. Signed-off-by: Wen Congyang we...@cn.fujitsu.com Already fixed in Kevin's block tree and 0.14-rc2 (commit 08931947), although not yet in stable. I only use master tree and do not notice that this bug has been fixed. Thank you for pointing it out. Thanks anyway!
[Qemu-devel] Re: [PATCH] fix halt emulation with icount and CONFIG_IOTHREAD (v2)
On 2011-02-16 10:57, Paolo Bonzini wrote: On 02/16/2011 10:46 AM, Jan Kiszka wrote: What should this be good for? The iothread already kicks the vcpu if it wants to acquire the contended global mutex. Assuming the VCPU is in the timedwait that Marcelo changed, the global mutex is free and the iothread will not kick the VCPU. Then why should it kick it at all? And when the vcpu thread is in halt state, kicking it should change no other state. Kicking the VCPU will start running it, if an interrupt request from the devices caused cpu_has_work to become true (and hence all_cpu_threads_idle to become false). If we change the halt condition, we should not kick the vcpus but only signal the condition variable. Actually, I've a patch queued that skips pointless qemu_thread_signal in qemu_cpu_kick for TCG. So, perhaps the correct fix is to kick the cpu in cpu_interrupt, and all I wrote about timeouts and timers is wrong. My patch would band-aid it. That's my strong suspect. We really need to understand what goes wrong. Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
Re: [Qemu-devel] KVM call minutes for Feb 15
On 02/16/2011 01:13 AM, Anthony Liguori wrote:
On 02/15/2011 10:26 AM, Chris Wright wrote:
QAPI and QMP
- Anthony adding a new wiki page to describe all of this
http://wiki.qemu.org/Features/QAPI
[ 'change', {'device': 'str', 'target': 'str'}, {'arg': 'str'}, 'none' ]
-
void qmp_change(const char *device, const char *target, bool has_arg,
const char *arg, Error **errp);
AFAICT a json-string allows embedded NULs ('\'). There translate to
UTF-8 as '\0', terminating your char *s. Either we use some
length/pointer structure, or the parser has to look for them and kill
them, and we have to specify them as verboten.
BlockDeviceInfo *qmp_query_block_device_info(const char *device, Error **errp)
{
BlockDeviceInfo *info;
BlockDriverState *bs;
Error *local_err = NULL;
bs = bdrv_find(device,local_err);
if (local_err) {
error_propagate(errp, local_err);
return NULL;
}
info-file = qemu_strdup(bs-filename);
info-ro = bs-readonly;
info-drv = qemu_strdup(bs-drv);
info-encrypted = bs-encrypted;
if (bs-backing_file[0]) {
info-has_backing_file = true;
info-backing_file = qemu_strdup(info-backing_file);
}
return info;
}
So, info and all its pointer-typed members are required to be
qemu_free() compatible, with just a single pointer pointing to an
object, and generated code will qemu_free() everything?
Recommend translating '-' in identifiers to '_' so we can use '-' in the
schema as a word separator.
--
error compiling committee.c: too many arguments to function
Re: [Qemu-devel] [PATCH 1/2] linux-user: add rmdir() strace
On Tue, Feb 15, 2011 at 09:10:43PM +0100, Laurent Vivier wrote:
Signed-off-by: Laurent Vivier laur...@vivier.eu
---
linux-user/strace.c| 12
linux-user/strace.list |3 +++
2 files changed, 15 insertions(+), 0 deletions(-)
Applied to que.
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 183..05277c0 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -876,6 +876,18 @@ print_mkdirat(const struct syscallname *name,
}
#endif
+#ifdef TARGET_NR_rmdir
+static void
+print_rmdir(const struct syscallname *name,
+abi_long arg0, abi_long arg1, abi_long arg2,
+abi_long arg3, abi_long arg4, abi_long arg5)
+{
+print_syscall_prologue(name);
+print_string(arg0, 0);
+print_syscall_epilogue(name);
+}
+#endif
+
#ifdef TARGET_NR_mknod
static void
print_mknod(const struct syscallname *name,
diff --git a/linux-user/strace.list b/linux-user/strace.list
index d7be0e7..563a67f 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -495,6 +495,9 @@
#ifdef TARGET_NR_mkdirat
{ TARGET_NR_mkdirat, mkdirat , NULL, print_mkdirat, NULL },
#endif
+#ifdef TARGET_NR_rmdir
+{ TARGET_NR_rmdir, rmdir , NULL, print_rmdir, NULL },
+#endif
#ifdef TARGET_NR_mknod
{ TARGET_NR_mknod, mknod , NULL, print_mknod, NULL },
#endif
--
1.7.1
[Qemu-devel] Re: [PATCH] fix halt emulation with icount and CONFIG_IOTHREAD (v2)
On 02/16/2011 11:04 AM, Jan Kiszka wrote: On 2011-02-16 10:57, Paolo Bonzini wrote: On 02/16/2011 10:46 AM, Jan Kiszka wrote: What should this be good for? The iothread already kicks the vcpu if it wants to acquire the contended global mutex. Assuming the VCPU is in the timedwait that Marcelo changed, the global mutex is free and the iothread will not kick the VCPU. Then why should it kick it at all? To make it notice something changed in all_cpu_threads_idle---but that's wrong, it should have been kicked in cpu_interrupt. If we change the halt condition, we should not kick the vcpus but only signal the condition variable. Actually, I've a patch queued that skips pointless qemu_thread_signal in qemu_cpu_kick for TCG. Yes, I was kicking just because that's the wrapper that is used to signal the condition variable---just like I was kicking in my patches to eliminate timedwait. So, perhaps the correct fix is to kick the cpu in cpu_interrupt, and all I wrote about timeouts and timers is wrong. My patch would band-aid it. That's my strong suspect. We really need to understand what goes wrong. I agree on both counts. Paolo
Re: [Qemu-devel] [PATCH 2/2] linux-user: in linux-user/strace.c, tswap() is useless
Hi,
On Tue, Feb 15, 2011 at 09:10:44PM +0100, Laurent Vivier wrote:
Syscall parameters are already swapped by the caller.
This patch removes useless tswap() from strace.c
Thanks. Added to next linux-user que.
I modified your patch to have casts to the given printf format
specifiers, so we don't get compiler warnings.
$ QEMU_STRACE=1 chroot /m68k mknod myramdisk b 1 1
with tswap()
...
29944 mknod(myramdisk,02663020) = 0
...
without tswap()
...
30042 mknod(myramdisk,S_IFBLK|0666,makedev(1,1)) = 0
...
natively:
$ strace touch mytouch
...
open(mytouch, O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = 3
...
$ QEMU_STRACE=1 chroot /m68k touch mytouch
with tswap()
...
30368 open(/usr/share/locale/locale.alias,O_RDONLY) = 3
30368 fstat64(50331648,0x4080032c) = 0
...
30368 open(mytouch,O_RDONLY|O_CREAT|O_LARGEFILE|O_NOCTTY|O_NONBLOCK|0x1) = 0
...
without tswap()
...
30572 open(/usr/share/locale/locale.alias,O_RDONLY) = 3
30572 fstat64(3,0x4080032c) = 0
...
30572 open(mytouch,O_WRONLY|O_CREAT|O_LARGEFILE|O_NOCTTY|O_NONBLOCK,0666) = 0
Signed-off-by: Laurent Vivier laur...@vivier.eu
---
linux-user/strace.c | 71
+--
1 files changed, 29 insertions(+), 42 deletions(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 05277c0..86ad5aa 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -441,14 +441,11 @@ get_comma(int last)
}
static void
-print_flags(const struct flags *f, abi_long tflags, int last)
+print_flags(const struct flags *f, abi_long flags, int last)
{
const char *sep = ;
-int flags;
int n;
-flags = (int)tswap32(tflags);
-
if ((flags == 0) (f-f_value == 0)) {
gemu_log(%s%s, f-f_string, get_comma(last));
return;
@@ -476,10 +473,8 @@ print_flags(const struct flags *f, abi_long tflags, int
last)
}
static void
-print_at_dirfd(abi_long tdirfd, int last)
+print_at_dirfd(abi_long dirfd, int last)
{
-int dirfd = tswap32(tdirfd);
-
#ifdef AT_FDCWD
if (dirfd == AT_FDCWD) {
gemu_log(AT_FDCWD%s, get_comma(last));
@@ -490,11 +485,10 @@ print_at_dirfd(abi_long tdirfd, int last)
}
static void
-print_file_mode(abi_long tmode, int last)
+print_file_mode(abi_long mode, int last)
{
const char *sep = ;
const struct flags *m;
-mode_t mode = (mode_t)tswap32(tmode);
for (m = mode_flags[0]; m-f_string != NULL; m++) {
if ((m-f_value mode) == m-f_value) {
@@ -514,10 +508,8 @@ print_file_mode(abi_long tmode, int last)
}
static void
-print_open_flags(abi_long tflags, int last)
+print_open_flags(abi_long flags, int last)
{
-int flags = tswap32(tflags);
-
print_flags(open_access_flags, flags TARGET_O_ACCMODE, 1);
flags = ~TARGET_O_ACCMODE;
if (flags == 0) {
@@ -620,7 +612,7 @@ print_accept(const struct syscallname *name,
abi_long arg3, abi_long arg4, abi_long arg5)
{
print_syscall_prologue(name);
-print_raw_param(%d, tswap32(arg0), 0);
+print_raw_param(%d, arg0, 0);
print_pointer(arg1, 0);
print_number(arg2, 1);
print_syscall_epilogue(name);
@@ -698,7 +690,7 @@ print_execv(const struct syscallname *name,
{
print_syscall_prologue(name);
print_string(arg0, 0);
-print_raw_param(0x TARGET_ABI_FMT_lx, tswapl(arg1), 1);
+print_raw_param(0x TARGET_ABI_FMT_lx, arg1, 1);
print_syscall_epilogue(name);
}
#endif
@@ -742,13 +734,8 @@ print_fchownat(const struct syscallname *name,
print_syscall_prologue(name);
print_at_dirfd(arg0, 0);
print_string(arg1, 0);
-#ifdef USE_UID16
-print_raw_param(%d, tswap16(arg2), 0);
-print_raw_param(%d, tswap16(arg3), 0);
-#else
-print_raw_param(%d, tswap32(arg2), 0);
-print_raw_param(%d, tswap32(arg3), 0);
-#endif
+print_raw_param(%d, arg2, 0);
+print_raw_param(%d, arg3, 0);
print_flags(at_file_flags, arg4, 1);
print_syscall_epilogue(name);
}
@@ -761,7 +748,7 @@ print_fcntl(const struct syscallname *name,
abi_long arg3, abi_long arg4, abi_long arg5)
{
print_syscall_prologue(name);
-print_raw_param(%d, tswap32(arg0), 0);
+print_raw_param(%d, arg0, 0);
print_flags(fcntl_flags, arg1, 0);
/*
* TODO: check flags and print following argument only
@@ -842,7 +829,7 @@ print_fstat(const struct syscallname *name,
abi_long arg3, abi_long arg4, abi_long arg5)
{
print_syscall_prologue(name);
-print_raw_param(%d, tswap32(arg0), 0);
+print_raw_param(%d, arg0, 0);
print_pointer(arg1, 1);
print_syscall_epilogue(name);
}
@@ -894,14 +881,14 @@ print_mknod(const struct syscallname *name,
abi_long arg0, abi_long arg1, abi_long arg2,
abi_long arg3, abi_long arg4, abi_long arg5)
{
-int hasdev = (tswapl(arg1) (S_IFCHR|S_IFBLK));
+int hasdev = (arg1 (S_IFCHR|S_IFBLK));
[Qemu-devel] Re: [PATCH 0/2][v4] correct core dump format
On Sun, Feb 13, 2011 at 11:37:33PM +0100, Laurent Vivier wrote: This is the v4 of my patch correcting the core dump format. (3 versions for patch 2, 3 versions for patch 1 starting at version 2 of patch 2...) Thanks, tested to work and added to que. v4 adds some long alignments for 64bit targets, renames target_long_long to target_llong, and so on... v3 introduces a new parameter of the target: the datatype alignment size. Targets like i386, mips or ppc align (short, int, long, long long) on (2, 4, 4, 8), target like x86_64 aligns on (2, 4, 8, 8) but arm aligns on (2, 4, 4, 4) and m68k (680x0) on (2, 2, 2, 2). And this knowledge is needed to correctly generate a core dump. For other targets, please update the patch with your favorite one. V2 introduces target_elf_prstatus alignment (to manage arm and m68k) v1 corrects core dump for m68k [PATCH 1/2][v3] linux-user: Define target alignment size [PATCH 2/2][v3] linux-user: correct core dump format
[Qemu-devel] Re: [PATCH] fix halt emulation with icount and CONFIG_IOTHREAD (v2)
On 2011-02-16 11:27, Paolo Bonzini wrote: On 02/16/2011 11:04 AM, Jan Kiszka wrote: On 2011-02-16 10:57, Paolo Bonzini wrote: On 02/16/2011 10:46 AM, Jan Kiszka wrote: What should this be good for? The iothread already kicks the vcpu if it wants to acquire the contended global mutex. Assuming the VCPU is in the timedwait that Marcelo changed, the global mutex is free and the iothread will not kick the VCPU. Then why should it kick it at all? To make it notice something changed in all_cpu_threads_idle---but that's wrong, it should have been kicked in cpu_interrupt. If we change the halt condition, we should not kick the vcpus but only signal the condition variable. Actually, I've a patch queued that skips pointless qemu_thread_signal in qemu_cpu_kick for TCG. Yes, I was kicking just because that's the wrapper that is used to signal the condition variable---just like I was kicking in my patches to eliminate timedwait. So, perhaps the correct fix is to kick the cpu in cpu_interrupt, and all I wrote about timeouts and timers is wrong. My patch would band-aid it. That's my strong suspect. We really need to understand what goes wrong. I agree on both counts. FWIW, I've rebased most of your patches on top of my outstanding ones and pushed them to git://git.kiszka.org/qemu-kvm.git queues/kvm-upstream Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [PATCH] linux-user: Support the epoll syscalls
On 15 February 2011 18:35, Peter Maydell peter.mayd...@linaro.org wrote: Support the epoll family of syscalls: epoll_create(), epoll_create1(), epoll_ctl(), epoll_wait() and epoll_pwait(). Note that epoll_create1() and epoll_pwait() are later additions, so we have to test separately in configure for their presence. Signed-off-by: Peter Maydell peter.mayd...@linaro.org PS: the real life motivation for this addition is https://bugs.launchpad.net/qemu-linaro/+bug/644961 and there's also a useful noddy test program attached to this random openwrt bug: https://dev.openwrt.org/ticket/1815 -- PMM
Re: [Qemu-devel] [PATCH] linux-user: Support the epoll syscalls
On Wed, Feb 16, 2011 at 10:37:51AM +, Peter Maydell wrote: On 15 February 2011 18:35, Peter Maydell peter.mayd...@linaro.org wrote: Support the epoll family of syscalls: epoll_create(), epoll_create1(), epoll_ctl(), epoll_wait() and epoll_pwait(). Note that epoll_create1() and epoll_pwait() are later additions, so we have to test separately in configure for their presence. Signed-off-by: Peter Maydell peter.mayd...@linaro.org I tested it and applied to que. PS: the real life motivation for this addition is https://bugs.launchpad.net/qemu-linaro/+bug/644961 and there's also a useful noddy test program attached to this random openwrt bug: https://dev.openwrt.org/ticket/1815 ltp has also testcases for epoll which I used.
[Qemu-devel] Re: [PATCH] fix halt emulation with icount and CONFIG_IOTHREAD (v2)
On 02/16/2011 11:34 AM, Jan Kiszka wrote: FWIW, I've rebased most of your patches on top of my outstanding ones and pushed them to git://git.kiszka.org/qemu-kvm.git queues/kvm-upstream Yep, I am waiting for Anthony to actually push it. In the meanwhile I have it at git://github.com/bonzini/qemu, branch iothread-win32. Paolo
Re: [Qemu-devel] [PULL 00/11] Block patches for master
Am 14.02.2011 21:17, schrieb Anthony Liguori: On 02/10/2011 09:51 AM, Kevin Wolf wrote: The following changes since commit 6c5f738daec123020d32543fe90a6633a4f6643e: microblaze: Handle singlestepping over direct jmps (2011-02-10 00:46:09 +0100) are available in the git repository at: git://repo.or.cz/qemu/kevin.git for-anthony Pulled. Thanks. Are you sure? I don't see the commits in master. Kevin Chunqiang Tang (1): QCOW2: bug fix - read base image beyond its size Jes Sorensen (1): Change snapshot_blkdev hmp to use correct argument type for device Kevin Wolf (7): qcow2: Fix error handling for immediate backing file read failure qcow2: Fix error handling for reading compressed clusters qerror: Add QERR_UNKNOWN_BLOCK_FORMAT_FEATURE qcow2: Report error for version 2 qed: Report error for unsupported features qemu-img: Improve error messages for failed bdrv_open qcow2: Fix order in L2 table COW Markus Armbruster (2): blockdev: Plug memory leak in drive_uninit() blockdev: Plug memory leak in drive_init() error paths block/qcow2-cluster.c | 13 - block/qcow2.c | 26 +++--- block/qed.c |9 - blockdev.c| 12 ++-- cutils.c | 31 +++ hmp-commands.hx |2 +- qemu-common.h |2 ++ qemu-img.c| 10 +++--- qerror.c |5 + qerror.h |3 +++ 10 files changed, 94 insertions(+), 19 deletions(-)
[Qemu-devel] Re: [PATCHv2 0/3] e1000: multi-buffer packet support
On Tue, Feb 15, 2011 at 06:27:44PM +0200, Michael S. Tsirkin wrote: e1000 supports multi-buffer packets larger than rxbuf_size. This fixes the following (on linux): - in guest: ifconfig eth1 mtu 16110 - in host: ifconfig tap0 mtu 16110 ping -s 16082 guest-ip Red Hat bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=602205 Changes from v1: fix buffer overflow reported by Kevin added a patch to fix EOP spec violation reported by Juan added a patch to fix spec violation noted by myself Michael S. Tsirkin (3): e1000: multi-buffer packet support e1000: clear EOP for multi-buffer descriptors e1000: verify we have buffers, upfront hw/e1000.c | 61 +++ 1 files changed, 48 insertions(+), 13 deletions(-) Took a quick look, looks good. Stefan
[Qemu-devel] CfP 6th Workshop on Virtualization in High-Performance Cloud Computing (VHPC'11)
Apologies if you received multiple copies of this message. = CALL FOR PAPERS 6th Workshop on Virtualization in High-Performance Cloud Computing VHPC'11 as part of Euro-Par 2011, Bordeaux, France = Date: August 30, 2011 Euro-Par 2011: http://europar2011.bordeaux.inria.fr/ Workshop URL: http://vhpc.org SUBMISSION DEADLINE: Abstracts: May 2, 2011 Full Paper: June 13, 2011 Scope: Virtualization has become a common abstraction layer in modern data centers, enabling resource owners to manage complex infrastructure independently of their applications. Conjointly virtualization is becoming a driving technology for a manifold of industry grade IT services. The cloud concept includes the notion of a separation between resource owners and users, adding services such as hosted application frameworks and queuing. Utilizing the same infrastructure, clouds carry significant potential for use in high-performance scientific computing. The ability of clouds to provide for requests and releases of vast computing resource dynamically and close to the marginal cost of providing the services is unprecedented in the history of scientific and commercial computing. Distributed computing concepts that leverage federated resource access are popular within the grid community, but have not seen previously desired deployed levels so far. Also, many of the scientific datacenters have not adopted virtualization or cloud concepts yet. This workshop aims to bring together industrial providers with the scientific community in order to foster discussion, collaboration and mutual exchange of knowledge and experience. The workshop will be one day in length, composed of 20 min paper presentations, each followed by 10 min discussion sections. Presentations may be accompanied by interactive demonstrations. It concludes with a 30 min panel discussion by presenters. TOPICS Topics include, but are not limited to, the following subjects: - Virtualization in cloud, cluster and grid environments - VM-based cloud performance modeling - Workload characterizations for VM-based environments - Software as a Service (SaaS) - Cloud reliability, fault-tolerance, and security - Cloud, cluster and grid filesystems - QoS and and service levels - Cross-layer VM optimizations - Virtualized I/O and storage - Virtualization and HPC architectures including NUMA - System and process/bytecode VM convergence - Paravirtualized driver development - Research and education use cases - VM cloud, cluster distribution algorithms - MPI on virtual machines and clouds - Cloud frameworks and API sets - Checkpointing of large compute jobs - Cloud load balancing - Accelerator virtualization - Instrumentation interfaces and languages - Hardware support for virtualization - High-performance network virtualization - Auto-tuning of VMM and VM parameters - High-speed interconnects - Hypervisor extensions and tools for cluster and grid computing - VMMs/Hypervisors - Cloud use cases including optimizations - Performance modeling - Fault tolerant VM environments - VMM performance tuning on various load types - Cloud provisioning - Virtual machine monitor platforms - Pass-through VM device access - Management, deployment of VM-based environments PAPER SUBMISSION Papers submitted to the workshop will be reviewed by at least two members of the program committee and external reviewers. Submissions should include abstract, key words, the e-mail address of the corresponding author, and must not exceed 10 pages, including tables and figures at a main font size no smaller than 11 point. Submission of a paper should be regarded as a commitment that, should the paper be accepted, at least one of the authors will register and attend the conference to present the work. Accepted papers will be published in the Springer LNCS series - the format must be according to the Springer LNCS Style. Initial submissions are in PDF, accepted papers will be requested to provided source files. Format Guidelines: http://www.springer.de/comp/lncs/authors.html Submission Link: http://edas.info/newPaper.php?c=10155 CHAIR Michael Alexander (chair), IBM, Austria Gianluigi Zanetti (co-chair), CRS4, Italy PROGRAM COMMITTEE Paolo Anedda, CRS4, Italy Volker Buege, University of Karlsruhe, Germany Giovanni Busonera, CRS4, Italy Roberto Canonico, University of Napoli, Italy Tommaso Cucinotta, Scuola Superiore Sant'Anna, Italy William Gardner, University of Guelph, Canada Werner Fischer, Thomas-Krenn AG, Germany Wolfgang Gentzsch, Max Planck Gesellschaft, Germany Marcus Hardt, Forschungszentrum Karlsruhe, Germany Sverre Jarp, CERN, Switzerland Shantenu Sjha, Louisiana State University, USA Xuxian Jiang, NC State, USA Kenji Kaneda, Google, USA Simone Leo, CRS4, Italy Ignancio Llorente, Universidad Complutense de Madrid, Spain, Naoya Maruyama, Tokyo Institute of Technology,
Re: [Qemu-devel] [PATCH] softfloat: export float32_nan and float32_infinity.
On 14 February 2011 16:47, Christophe Lyon christophe.l...@st.com wrote:
These two special values are needed to implement some helper functions, which
return these values in some cases.
I assume this is for vrecpe, right? I think it would be better
to post this as part of that patchset; it's easier to see the
rationale for adding the functions when you also have the
code that's using them.
/*
+| Returns the default NaN.
+**/
+
+float32 float32_nan(void)
+{
+ return float32_default_nan;
+}
Maybe we should just expose float32_default_nan in
softfloat.h somehow; that would match float32_zero,
float32_one, etc (ie it would not be a function).
+#define float32_infinity make_float32(0x7f80)
No objection to this one.
-- PMM
Re: [Qemu-devel] NBD block device backend - 'improvements'
Hi Nick, [ Please use reply to all so that the CC list is kept intact, re-adding Stefan ] Am 15.02.2011 22:26, schrieb Nicholas Thomas: Hi Kevin, Stefan. On Tue, 2011-02-15 at 12:09 +0100, Kevin Wolf wrote: Am 14.02.2011 21:32, schrieb Stefan Hajnoczi: [...] block/nbd.c needs to be made asynchronous in order for this change to work. And even then it's not free of problem: For example qemu_aio_flush() will hang. We're having all kinds of fun with NFS servers that go away and let requests hang indefinitely. So maybe what we should add is a timeout option which defaults to 0 (fail immediately, like today) Noted, so long as we can have -1 as forever. As long as it's optional, that's fine with me. I'm currently spending time reworking block/nbd.c to be asynchronous, following the model in block/sheepdog.c There does seem to be a lot of scope for code duplication (setting up the TCP connection, taking it down, the mechanics of actually reading / writing bytes using the aio interface, etc) between the two, and presumably for rbd as well. Reading http://www.mail-archive.com/qemu-devel@nongnu.org/msg36479.html suggests it should be possible to have a tcp (+ unix) protocol / transport, which nbd+sheepdog could stack on top of (curl+rbd seem to depend on their own libraries for managing the TCP part of the connection). They would implement talking the actual protocol, while the tcp/unix transports would have the duplicatable bits. I've not investigated it in code yet - it's possible I'm just letting my appetite for abstraction get away with me. Thoughts? I'm not sure about how much duplication there actually is, but if you can take a closer look and think it's worthwhile, we should probably consider it. Unconditionally stopping the VM from a block driver sounds wrong to me. If you want to have this behaviour, the block driver should return an error and you should use werror=stop. Unconditional? - if the socket manages to re-establish, the process continues on its way (I guess we'd see the same behaviour if a send/recv happened to take an unconscionably long time with the current code). Making just the I/O hang until the network comes back, keeping guest execution and qemu monitor working, is obviously better than that (although not /strictly/ necessary for our particular use case), so I hope to be able to offer an AIO NBD patch for review soon. Maybe I wasn't very clear. I was talking about Stefan's suggestion to completely stop the VM, like we already can do for I/O errors (see the werror and rerror options for -drive). I think it's not what you're looking for, you just need the timeout=-1 thing. IPv6 would be nice and if you can consolidate that in qemu_socket.h, then that's a win for non-nbd socket users too. Agreed. We'd get it for free with a unified TCP transport, as described above (sheepdog already uses getaddrinfo and friends) - but if that's not feasible, I'll be happy to supply a patch just for this. Much easier than aio! :) Sure, I think it would be a good thing to have. And even if you implemented this unified TCP transport (I'm not sure yet what it would look like), I think the basic support could still be in qemu_socket.h, so that users outside the block layer can benefit from it, too. Kevin
[Qemu-devel] Re: [PULL 00/11] Block patches for master
On 02/16/2011 12:30 PM, Kevin Wolf wrote: Am 14.02.2011 21:17, schrieb Anthony Liguori: On 02/10/2011 09:51 AM, Kevin Wolf wrote: The following changes since commit 6c5f738daec123020d32543fe90a6633a4f6643e: microblaze: Handle singlestepping over direct jmps (2011-02-10 00:46:09 +0100) are available in the git repository at: git://repo.or.cz/qemu/kevin.git for-anthony Pulled. Thanks. Are you sure? I don't see the commits in master. The commits from the uq/master pull aren't there, either. Paolo
[Qemu-devel] [V5 PATCH 0/8] virtio-9p: Use chroot to safely access files in passthrough security model
In passthrough security model, following symbolic links in the server side could result in TOCTTOU vulnerabilities. This patchset resolves this issue by creating a dedicated process which chroots into the share path and all file object access is done in the chroot environment. This patchset implements chroot enviroment, provides necessary functions that can be used by the passthrough function calls. Changes from version V4: * Avoid using malloc/free inside chroot process * Seperate chroot server and client functions Changes from version V3 * Return EIO incase of socket read/write fail instead of exiting * Changed data types as suggested by Blue Swirl * Chroot process reports error through qemu process Changes from version V2 * Treat socket IO errors as fatal, ie qemu will exit * Split patchset based on chroot side (server) and qemu side(client) functionalities M. Mohan Kumar (8): Implement qemu_read_full virtio-9p: Provide chroot environment server side interfaces virtio-9p: Add client side interfaces for chroot environment virtio-9p: Add support to open a file in chroot environment virtio-9p: Create support in chroot environment virtio-9p: Support for creating special files virtio-9p: Move file post creation changes to none security model virtio-9p: Chroot environment for other functions Makefile.objs |1 + hw/9pfs/virtio-9p-chroot-clnt.c | 136 + hw/9pfs/virtio-9p-chroot-sv.c | 295 +++ hw/9pfs/virtio-9p-chroot.h | 60 ++ hw/9pfs/virtio-9p-local.c | 419 +++ hw/9pfs/virtio-9p.c | 32 +++ hw/file-op-9p.h |4 + osdep.c | 32 +++ qemu-common.h |2 + 9 files changed, 901 insertions(+), 80 deletions(-) create mode 100644 hw/9pfs/virtio-9p-chroot-clnt.c create mode 100644 hw/9pfs/virtio-9p-chroot-sv.c create mode 100644 hw/9pfs/virtio-9p-chroot.h -- 1.7.3.4
[Qemu-devel] [V5 PATCH 5/8] virtio-9p: Create support in chroot environment
Add both server client side interfaces to create regular files in
chroot environment
Signed-off-by: M. Mohan Kumar mo...@in.ibm.com
---
hw/9pfs/virtio-9p-chroot-sv.c | 41 +
hw/9pfs/virtio-9p-local.c | 21 +++--
2 files changed, 60 insertions(+), 2 deletions(-)
diff --git a/hw/9pfs/virtio-9p-chroot-sv.c b/hw/9pfs/virtio-9p-chroot-sv.c
index e9952b3..bab5f7c 100644
--- a/hw/9pfs/virtio-9p-chroot-sv.c
+++ b/hw/9pfs/virtio-9p-chroot-sv.c
@@ -85,6 +85,44 @@ static void chroot_do_open(V9fsFileObjectRequest *request,
FdInfo *fd_info)
}
}
+/*
+ * Helper routine to create a file and return the file descriptor and
+ * error status in FdInfo structure.
+ */
+static void chroot_do_create(V9fsFileObjectRequest *request, FdInfo *fd_info)
+{
+uid_t cur_uid;
+gid_t cur_gid;
+
+cur_uid = geteuid();
+cur_gid = getegid();
+
+fd_info-fi_fd = -1;
+
+if (setfsuid(request-data.uid) 0) {
+fd_info-fi_error = errno;
+return;
+}
+if (setfsgid(request-data.gid) 0) {
+fd_info-fi_error = errno;
+goto unset_uid;
+}
+
+fd_info-fi_fd = open(request-path.path, request-data.flags,
+request-data.mode);
+
+if (fd_info-fi_fd 0) {
+fd_info-fi_error = errno;
+} else {
+fd_info-fi_error = 0;
+fd_info-fi_flags = FI_FDVALID;
+}
+
+setfsgid(cur_gid);
+unset_uid:
+setfsuid(cur_uid);
+}
+
static int chroot_daemonize(int chroot_sock)
{
sigset_t sigset;
@@ -185,6 +223,9 @@ int v9fs_chroot(FsContext *fs_ctx)
case T_OPEN:
chroot_do_open(request, fd_info);
break;
+case T_CREATE:
+chroot_do_create(request, fd_info);
+break;
default:
fd_info.fi_fd = 0;
fd_info.fi_error = EIO;
diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c
index bef0272..51911dd 100644
--- a/hw/9pfs/virtio-9p-local.c
+++ b/hw/9pfs/virtio-9p-local.c
@@ -53,6 +53,22 @@ static int passthrough_open(FsContext *fs_ctx, const char
*path, int flags)
return fd;
}
+static int passthrough_create(FsContext *fs_ctx, const char *path, int flags,
+FsCred *credp)
+{
+V9fsFileObjectRequest request;
+int fd, error = 0;
+
+fill_request(request, path, credp);
+request.data.flags = flags;
+request.data.type = T_CREATE;
+fd = v9fs_request(fs_ctx, request, error);
+if (fd 0) {
+errno = error;
+}
+return fd;
+}
+
static int local_lstat(FsContext *fs_ctx, const char *path, struct stat *stbuf)
{
int err;
@@ -377,8 +393,7 @@ static int local_open2(FsContext *fs_ctx, const char *path,
int flags,
serrno = errno;
goto err_end;
}
-} else if ((fs_ctx-fs_sm == SM_PASSTHROUGH) ||
- (fs_ctx-fs_sm == SM_NONE)) {
+} else if (fs_ctx-fs_sm == SM_NONE) {
fd = open(rpath(fs_ctx, path), flags, credp-fc_mode);
if (fd == -1) {
return fd;
@@ -388,6 +403,8 @@ static int local_open2(FsContext *fs_ctx, const char *path,
int flags,
serrno = errno;
goto err_end;
}
+} else if (fs_ctx-fs_sm == SM_PASSTHROUGH) {
+fd = passthrough_create(fs_ctx, path, flags, credp);
}
return fd;
--
1.7.3.4
[Qemu-devel] [V5 PATCH 7/8] virtio-9p: Move file post creation changes to none security model
After creating a file object, its permission and ownership details are updated
as per client's request for both passthrough and none security model. But with
chrooted environment its not required for passthrough security model. Move all
post file creation changes to none security model
Signed-off-by: M. Mohan Kumar mo...@in.ibm.com
---
hw/9pfs/virtio-9p-local.c | 19 ++-
1 files changed, 6 insertions(+), 13 deletions(-)
diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c
index 9975ed1..9d2d31c 100644
--- a/hw/9pfs/virtio-9p-local.c
+++ b/hw/9pfs/virtio-9p-local.c
@@ -169,21 +169,14 @@ static int local_set_xattr(const char *path, FsCred
*credp)
return 0;
}
-static int local_post_create_passthrough(FsContext *fs_ctx, const char *path,
+static int local_post_create_none(FsContext *fs_ctx, const char *path,
FsCred *credp)
{
+int retval;
if (chmod(rpath(fs_ctx, path), credp-fc_mode 0) 0) {
return -1;
}
-if (lchown(rpath(fs_ctx, path), credp-fc_uid, credp-fc_gid) 0) {
-/*
- * If we fail to change ownership and if we are
- * using security model none. Ignore the error
- */
-if (fs_ctx-fs_sm != SM_NONE) {
-return -1;
-}
-}
+retval = lchown(rpath(fs_ctx, path), credp-fc_uid, credp-fc_gid);
return 0;
}
@@ -324,7 +317,7 @@ static int local_mknod(FsContext *fs_ctx, const char *path,
FsCred *credp)
if (err == -1) {
return err;
}
-err = local_post_create_passthrough(fs_ctx, path, credp);
+err = local_post_create_none(fs_ctx, path, credp);
if (err == -1) {
serrno = errno;
goto err_end;
@@ -366,7 +359,7 @@ static int local_mkdir(FsContext *fs_ctx, const char *path,
FsCred *credp)
if (err == -1) {
return err;
}
-err = local_post_create_passthrough(fs_ctx, path, credp);
+err = local_post_create_none(fs_ctx, path, credp);
if (err == -1) {
serrno = errno;
goto err_end;
@@ -441,7 +434,7 @@ static int local_open2(FsContext *fs_ctx, const char *path,
int flags,
if (fd == -1) {
return fd;
}
-err = local_post_create_passthrough(fs_ctx, path, credp);
+err = local_post_create_none(fs_ctx, path, credp);
if (err == -1) {
serrno = errno;
goto err_end;
--
1.7.3.4
[Qemu-devel] [V5 PATCH 3/8] virtio-9p: Add client side interfaces for chroot environment
Define QEMU side interfaces used for chroot environment.
Signed-off-by: M. Mohan Kumar mo...@in.ibm.com
---
Makefile.objs |2 +-
hw/9pfs/virtio-9p-chroot-clnt.c | 96 +++
hw/9pfs/virtio-9p-chroot.h |1 +
3 files changed, 98 insertions(+), 1 deletions(-)
create mode 100644 hw/9pfs/virtio-9p-chroot-clnt.c
diff --git a/Makefile.objs b/Makefile.objs
index bf8ebd9..c98cb72 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -282,7 +282,7 @@ hw-obj-$(CONFIG_SOUND) += $(sound-obj-y)
9pfs-nested-$(CONFIG_VIRTFS) = virtio-9p-debug.o
9pfs-nested-$(CONFIG_VIRTFS) += virtio-9p-local.o virtio-9p-xattr.o
9pfs-nested-$(CONFIG_VIRTFS) += virtio-9p-xattr-user.o virtio-9p-posix-acl.o
-9pfs-nested-$(CONFIG_VIRTFS) += virtio-9p-chroot-sv.o
+9pfs-nested-$(CONFIG_VIRTFS) += virtio-9p-chroot-sv.o virtio-9p-chroot-clnt.o
hw-obj-$(CONFIG_REALLY_VIRTFS) += $(addprefix 9pfs/, $(9pfs-nested-y))
$(addprefix 9pfs/, $(9pfs-nested-y)): CFLAGS += -I$(SRC_PATH)/hw/
diff --git a/hw/9pfs/virtio-9p-chroot-clnt.c b/hw/9pfs/virtio-9p-chroot-clnt.c
new file mode 100644
index 000..ac65f03
--- /dev/null
+++ b/hw/9pfs/virtio-9p-chroot-clnt.c
@@ -0,0 +1,96 @@
+/*
+ * Virtio 9p chroot environment for contained access to exported path
+ * Client code
+ * Copyright IBM, Corp. 2011
+ *
+ * Authors:
+ * M. Mohan Kumar mo...@in.ibm.com
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2. See
+ * the copying file in the top-level directory
+ *
+ */
+
+#include sys/fsuid.h
+#include sys/resource.h
+#include signal.h
+#include virtio.h
+#include qemu_socket.h
+#include qemu-thread.h
+#include qerror.h
+#include virtio-9p.h
+#include virtio-9p-chroot.h
+
+/* Receive file descriptor and error status from chroot process */
+static int v9fs_receivefd(int sockfd, int *error)
+{
+struct msghdr msg = { };
+struct iovec iov;
+union MsgControl msg_control;
+struct cmsghdr *cmsg;
+int retval, fd;
+FdInfo fd_info;
+
+iov.iov_base = fd_info;
+iov.iov_len = sizeof(fd_info);
+
+memset(msg, 0, sizeof(msg));
+msg.msg_iov = iov;
+msg.msg_iovlen = 1;
+msg.msg_control = msg_control;
+msg.msg_controllen = sizeof(msg_control);
+
+*error = 0;
+retval = recvmsg(sockfd, msg, 0);
+if (retval 0) {
+*error = EIO;
+return -EIO;
+}
+if (fd_info.fi_flags FI_SOCKERR) {
+*error = EIO;
+return -EIO;
+}
+/* If error is set, ancillary data is not present */
+if (fd_info.fi_error) {
+*error = fd_info.fi_error;
+return -1;
+}
+
+if (!fd_info.fi_flags FI_FDVALID) {
+return 0;
+}
+
+for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
+if (cmsg-cmsg_len != CMSG_LEN(sizeof(int)) ||
+cmsg-cmsg_level != SOL_SOCKET ||
+cmsg-cmsg_type != SCM_RIGHTS) {
+continue;
+}
+fd = *((int *)CMSG_DATA(cmsg));
+return fd;
+}
+
+*error = EAGAIN;
+return -1;
+}
+
+/*
+ * V9fsFileObjectRequest is written into the socket by QEMU process.
+ * Then this request is read by chroot process using read_request function
+ */
+static int v9fs_write_request(int sockfd, V9fsFileObjectRequest *request)
+{
+int retval;
+retval = qemu_write_full(sockfd, request, sizeof(*request));
+if (retval != sizeof(*request)) {
+return EIO;
+}
+return 0;
+}
+
+void chroot_dummy(void)
+{
+(void)v9fs_receivefd;
+(void)v9fs_write_request;
+}
+
diff --git a/hw/9pfs/virtio-9p-chroot.h b/hw/9pfs/virtio-9p-chroot.h
index 73cf144..9122edc 100644
--- a/hw/9pfs/virtio-9p-chroot.h
+++ b/hw/9pfs/virtio-9p-chroot.h
@@ -53,5 +53,6 @@ typedef struct V9fsFileObjectRequest
} V9fsFileObjectRequest;
int v9fs_chroot(FsContext *fs_ctx);
+void chroot_dummy(void);
#endif /* _QEMU_VIRTIO_9P_CHROOT_H */
--
1.7.3.4
[Qemu-devel] [V5 PATCH 2/8] virtio-9p: Provide chroot environment server side interfaces
Implement chroot server side interfaces like sending the file
descriptor to qemu process, reading the object request from socket etc.
Also add chroot main function and other helper routines.
Signed-off-by: M. Mohan Kumar mo...@in.ibm.com
---
Makefile.objs |1 +
hw/9pfs/virtio-9p-chroot-sv.c | 169 +
hw/9pfs/virtio-9p-chroot.h| 57 ++
hw/9pfs/virtio-9p.c | 32
hw/file-op-9p.h |4 +
5 files changed, 263 insertions(+), 0 deletions(-)
create mode 100644 hw/9pfs/virtio-9p-chroot-sv.c
create mode 100644 hw/9pfs/virtio-9p-chroot.h
diff --git a/Makefile.objs b/Makefile.objs
index f930cdd..bf8ebd9 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -282,6 +282,7 @@ hw-obj-$(CONFIG_SOUND) += $(sound-obj-y)
9pfs-nested-$(CONFIG_VIRTFS) = virtio-9p-debug.o
9pfs-nested-$(CONFIG_VIRTFS) += virtio-9p-local.o virtio-9p-xattr.o
9pfs-nested-$(CONFIG_VIRTFS) += virtio-9p-xattr-user.o virtio-9p-posix-acl.o
+9pfs-nested-$(CONFIG_VIRTFS) += virtio-9p-chroot-sv.o
hw-obj-$(CONFIG_REALLY_VIRTFS) += $(addprefix 9pfs/, $(9pfs-nested-y))
$(addprefix 9pfs/, $(9pfs-nested-y)): CFLAGS += -I$(SRC_PATH)/hw/
diff --git a/hw/9pfs/virtio-9p-chroot-sv.c b/hw/9pfs/virtio-9p-chroot-sv.c
new file mode 100644
index 000..86d10cd
--- /dev/null
+++ b/hw/9pfs/virtio-9p-chroot-sv.c
@@ -0,0 +1,169 @@
+/*
+ * Virtio 9p chroot environment for contained access to exported path
+ * Server side
+ * Copyright IBM, Corp. 2011
+ *
+ * Authors:
+ * M. Mohan Kumar mo...@in.ibm.com
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2. See
+ * the copying file in the top-level directory
+ *
+ */
+
+#include sys/fsuid.h
+#include sys/resource.h
+#include signal.h
+#include virtio.h
+#include qemu_socket.h
+#include qemu-thread.h
+#include qerror.h
+#include virtio-9p.h
+#include virtio-9p-chroot.h
+
+/* Send file descriptor and error status to qemu process */
+static void chroot_sendfd(int sockfd, const FdInfo *fd_info)
+{
+struct msghdr msg = { };
+struct iovec iov;
+struct cmsghdr *cmsg;
+int retval;
+union MsgControl msg_control;
+
+iov.iov_base = (void *)fd_info;
+iov.iov_len = sizeof(*fd_info);
+
+memset(msg, 0, sizeof(msg));
+msg.msg_iov = iov;
+msg.msg_iovlen = 1;
+/* No ancillary data on error/fd invalid flag */
+if (fd_info-fi_flags FI_FDVALID) {
+msg.msg_control = msg_control;
+msg.msg_controllen = sizeof(msg_control);
+
+cmsg = msg_control.cmsg;
+cmsg-cmsg_len = CMSG_LEN(sizeof(fd_info-fi_fd));
+cmsg-cmsg_level = SOL_SOCKET;
+cmsg-cmsg_type = SCM_RIGHTS;
+memcpy(CMSG_DATA(cmsg), fd_info-fi_fd, sizeof(fd_info-fi_fd));
+}
+retval = sendmsg(sockfd, msg, 0);
+if (retval == EPIPE || retval == EBADF) {
+_exit(1);
+}
+if (fd_info-fi_flags FI_FDVALID) {
+close(fd_info-fi_fd);
+}
+}
+
+/* Read V9fsFileObjectRequest written by QEMU process */
+static int chroot_read_request(int sockfd, V9fsFileObjectRequest *request)
+{
+int retval;
+retval = qemu_read_full(sockfd, request, sizeof(*request));
+if (retval != sizeof(*request)) {
+if (errno == EBADF) {
+_exit(1);
+}
+return EIO;
+}
+return 0;
+}
+
+static int chroot_daemonize(int chroot_sock)
+{
+sigset_t sigset;
+struct rlimit nr_fd;
+int fd;
+
+/* Block all signals for this process */
+sigprocmask(SIG_SETMASK, sigset, NULL);
+
+/* Daemonize */
+if (setsid() 0) {
+return errno;
+}
+
+/* Close other file descriptors */
+getrlimit(RLIMIT_NOFILE, nr_fd);
+for (fd = 0; fd nr_fd.rlim_cur; fd++) {
+if (fd != chroot_sock) {
+close(fd);
+}
+}
+chdir(/);
+
+/* Create files with mode as requested by client */
+umask(0);
+return 0;
+}
+
+/*
+ * Fork a process and chroot into the share path. Communication
+ * between qemu process and chroot process happens via socket.
+ * All file descriptors (including stdout and stderr) are closed
+ * except one socket descriptor (which is used for communicating
+ * between qemu process and chroot process).
+ * Note: To avoid errors in forked process in multi threaded environment
+ * use only async-signal safe functions only. For more information see
+ * man fork(3p), signal(7)
+ */
+int v9fs_chroot(FsContext *fs_ctx)
+{
+int fd_pair[2], chroot_sock, error;
+V9fsFileObjectRequest request;
+pid_t pid;
+uint64_t code;
+FdInfo fd_info;
+
+if (socketpair(PF_UNIX, SOCK_STREAM, 0, fd_pair) 0) {
+error_report(socketpair %s, strerror(errno));
+return -1;
+}
+
+pid = fork();
+if (pid 0) {
+error_report(fork %s, strerror(errno));
+return -1;
+}
+if (pid != 0) {
+fs_ctx-chroot_socket = fd_pair[0];
+close(fd_pair[1]);
+return 0;
+}
+
+
Re: [Qemu-devel] Re: Comparing New Image Formats: FVD vs. QED
Am 15.02.2011 20:45, schrieb Chunqiang Tang: Chunqiang Tang/Watson/IBM wrote on 01/28/2011 05:13:27 PM: As you requested, I set up a wiki page for FVD at http://wiki.qemu.org/Features/FVD . It includes a summary of FVD, a detailed specification of FVD, and a comparison of the design and performance of FVD and QED. See the figure at http://wiki.qemu.org/Features/FVD/Compare . This figure shows that the file creation throughput of NetApp's PostMark benchmark under FVD is 74.9% to 215% higher than that under QED. Hi Anthony, Please let me know if more information is needed. I would appreciate your feedback and advice on the best way to proceed with FVD. Yet another file format with yet another implementation is definitely not what we need. We should probably take some of the ideas in FVD and consider them for qcow3. However, I think some of them like the no-alloc mode aren't that useful: If I want the features and the performance of raw, I can just take raw. BTW, I recently added QCOW2 into the performance comparison figure on wiki. It's obvious why you have only one case for QED (it doesn't support anything else), but qcow2 works on block devices, too, and you can also use metadata preallocation. Are you aware of this? Kevin
[Qemu-devel] [V5 PATCH 8/8] virtio-9p: Chroot environment for other functions
Add chroot functionality for systemcalls that can operate on a file
using relative directory file descriptor.
Signed-off-by: M. Mohan Kumar mo...@in.ibm.com
---
hw/9pfs/virtio-9p-local.c | 222 +++--
1 files changed, 192 insertions(+), 30 deletions(-)
diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c
index 9d2d31c..357ad4e 100644
--- a/hw/9pfs/virtio-9p-local.c
+++ b/hw/9pfs/virtio-9p-local.c
@@ -22,6 +22,7 @@
#include sys/socket.h
#include sys/un.h
#include attr/xattr.h
+#include libgen.h
/* Helper routine to fill V9fsFileObjectRequest structure */
static void fill_request(V9fsFileObjectRequest *request, const char *path,
@@ -102,14 +103,35 @@ static int passthrough_create_special(FsContext *fs_ctx,
const char *oldpath,
return retval;
}
+/*
+ * Returns file descriptor of dirname(path)
+ * This fd can be used by *at functions
+ */
+static int get_dirfd(FsContext *fs_ctx, const char *path)
+{
+V9fsFileObjectRequest request;
+int fd, error = 0;
+char *dpath = qemu_strdup(path);
+
+fill_request(request, dirname(dpath), NULL);
+request.data.type = T_OPEN;
+fd = v9fs_request(fs_ctx, request, error);
+if (fd 0) {
+errno = error;
+}
+qemu_free(dpath);
+return fd;
+}
+
static int local_lstat(FsContext *fs_ctx, const char *path, struct stat *stbuf)
{
int err;
-err = lstat(rpath(fs_ctx, path), stbuf);
-if (err) {
-return err;
-}
+
if (fs_ctx-fs_sm == SM_MAPPED) {
+err = lstat(rpath(fs_ctx, path), stbuf);
+if (err) {
+return err;
+}
/* Actual credentials are part of extended attrs */
uid_t tmp_uid;
gid_t tmp_gid;
@@ -131,6 +153,27 @@ static int local_lstat(FsContext *fs_ctx, const char
*path, struct stat *stbuf)
sizeof(dev_t)) 0) {
stbuf-st_rdev = tmp_dev;
}
+} else if (fs_ctx-fs_sm == SM_PASSTHROUGH) {
+int pfd, serrno = 0;
+char *tmp_path;
+
+pfd = get_dirfd(fs_ctx, path);
+if (pfd 0) {
+return -1;
+}
+tmp_path = qemu_strdup(path);
+err = fstatat(pfd, basename(tmp_path), stbuf, AT_SYMLINK_NOFOLLOW);
+if (err 0) {
+serrno = errno;
+}
+close(pfd);
+qemu_free(tmp_path);
+errno = serrno;
+} else {
+err = lstat(rpath(fs_ctx, path), stbuf);
+if (err) {
+return err;
+}
}
return err;
}
@@ -195,9 +238,23 @@ static ssize_t local_readlink(FsContext *fs_ctx, const
char *path,
} while (tsize == -1 errno == EINTR);
close(fd);
return tsize;
-} else if ((fs_ctx-fs_sm == SM_PASSTHROUGH) ||
- (fs_ctx-fs_sm == SM_NONE)) {
+} else if (fs_ctx-fs_sm == SM_NONE) {
tsize = readlink(rpath(fs_ctx, path), buf, bufsz);
+} else if (fs_ctx-fs_sm == SM_PASSTHROUGH) {
+int pfd, serrno = 0;
+char *tmp_path;
+pfd = get_dirfd(fs_ctx, path);
+if (pfd 0) {
+return -1;
+}
+tmp_path = qemu_strdup(path);
+tsize = readlinkat(pfd, basename(tmp_path), buf, bufsz);
+if (tsize 0) {
+serrno = 0;
+}
+close(pfd);
+qemu_free(tmp_path);
+errno = serrno;
}
return tsize;
}
@@ -289,8 +346,23 @@ static int local_chmod(FsContext *fs_ctx, const char
*path, FsCred *credp)
{
if (fs_ctx-fs_sm == SM_MAPPED) {
return local_set_xattr(rpath(fs_ctx, path), credp);
-} else if ((fs_ctx-fs_sm == SM_PASSTHROUGH) ||
- (fs_ctx-fs_sm == SM_NONE)) {
+} else if (fs_ctx-fs_sm == SM_PASSTHROUGH) {
+int pfd, err, serrno = 0;
+char *tmp_path;
+pfd = get_dirfd(fs_ctx, path);
+if (pfd 0) {
+return -1;
+}
+tmp_path = qemu_strdup(path);
+err = fchmodat(pfd, basename(tmp_path), credp-fc_mode, 0);
+if (err == -1) {
+serrno = errno;
+}
+qemu_free(tmp_path);
+close(pfd);
+errno = serrno;
+return err;
+} else if (fs_ctx-fs_sm == SM_NONE) {
return chmod(rpath(fs_ctx, path), credp-fc_mode);
}
return -1;
@@ -538,53 +610,143 @@ static int local_link(FsContext *fs_ctx, const char
*oldpath,
static int local_truncate(FsContext *ctx, const char *path, off_t size)
{
-return truncate(rpath(ctx, path), size);
+if (ctx-fs_sm == SM_PASSTHROUGH) {
+int fd, retval;
+fd = passthrough_open(ctx, path, O_RDWR);
+if (fd 0) {
+return fd;
+}
+retval = ftruncate(fd, size);
+close(fd);
+return retval;
+} else {
+return truncate(rpath(ctx, path), size);
+}
}
static int local_rename(FsContext *ctx, const char *oldpath,
const char *newpath)
{
-char *tmp;
-int err;
-
[Qemu-devel] [V5 PATCH 4/8] virtio-9p: Add support to open a file in chroot environment
This patch adds both server and client side support to open a file
(directory) in the chroot environment
Signed-off-by: M. Mohan Kumar mo...@in.ibm.com
---
hw/9pfs/virtio-9p-chroot-clnt.c | 22 +---
hw/9pfs/virtio-9p-chroot-sv.c | 26 +++
hw/9pfs/virtio-9p-chroot.h |2 +-
hw/9pfs/virtio-9p-local.c | 53 ---
4 files changed, 94 insertions(+), 9 deletions(-)
diff --git a/hw/9pfs/virtio-9p-chroot-clnt.c b/hw/9pfs/virtio-9p-chroot-clnt.c
index ac65f03..7f72add 100644
--- a/hw/9pfs/virtio-9p-chroot-clnt.c
+++ b/hw/9pfs/virtio-9p-chroot-clnt.c
@@ -88,9 +88,23 @@ static int v9fs_write_request(int sockfd,
V9fsFileObjectRequest *request)
return 0;
}
-void chroot_dummy(void)
+/* Return opened file descriptor on success or -1 on error */
+int v9fs_request(FsContext *fs_ctx, V9fsFileObjectRequest *request,
+int *error)
{
-(void)v9fs_receivefd;
-(void)v9fs_write_request;
+int fd;
+qemu_mutex_lock(fs_ctx-chroot_mutex);
+if (fs_ctx-chroot_ioerror) {
+*error = EIO;
+fd = -1;
+goto unlock;
+}
+v9fs_write_request(fs_ctx-chroot_socket, request);
+fd = v9fs_receivefd(fs_ctx-chroot_socket, error);
+if (fd == -EIO *error == EIO) {
+fs_ctx-chroot_ioerror = 1;
+}
+unlock:
+qemu_mutex_unlock(fs_ctx-chroot_mutex);
+return fd;
}
-
diff --git a/hw/9pfs/virtio-9p-chroot-sv.c b/hw/9pfs/virtio-9p-chroot-sv.c
index 86d10cd..e9952b3 100644
--- a/hw/9pfs/virtio-9p-chroot-sv.c
+++ b/hw/9pfs/virtio-9p-chroot-sv.c
@@ -70,6 +70,21 @@ static int chroot_read_request(int sockfd,
V9fsFileObjectRequest *request)
return 0;
}
+/*
+ * Helper routine to open a file and return fd and error status in
+ * FdInfo structure
+ */
+static void chroot_do_open(V9fsFileObjectRequest *request, FdInfo *fd_info)
+{
+fd_info-fi_fd = open(request-path.path, request-data.flags);
+if (fd_info-fi_fd 0) {
+fd_info-fi_error = errno;
+} else {
+fd_info-fi_error = 0;
+fd_info-fi_flags = FI_FDVALID;
+}
+}
+
static int chroot_daemonize(int chroot_sock)
{
sigset_t sigset;
@@ -164,6 +179,17 @@ int v9fs_chroot(FsContext *fs_ctx)
fd_info.fi_error = EIO;
fd_info.fi_flags = FI_SOCKERR;
chroot_sendfd(chroot_sock, fd_info);
+continue;
+}
+switch (request.data.type) {
+case T_OPEN:
+chroot_do_open(request, fd_info);
+break;
+default:
+fd_info.fi_fd = 0;
+fd_info.fi_error = EIO;
+break;
}
+chroot_sendfd(chroot_sock, fd_info);
}
}
diff --git a/hw/9pfs/virtio-9p-chroot.h b/hw/9pfs/virtio-9p-chroot.h
index 9122edc..057dcde 100644
--- a/hw/9pfs/virtio-9p-chroot.h
+++ b/hw/9pfs/virtio-9p-chroot.h
@@ -53,6 +53,6 @@ typedef struct V9fsFileObjectRequest
} V9fsFileObjectRequest;
int v9fs_chroot(FsContext *fs_ctx);
-void chroot_dummy(void);
+int v9fs_request(FsContext *fs_ctx, V9fsFileObjectRequest *or, int *error);
#endif /* _QEMU_VIRTIO_9P_CHROOT_H */
diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c
index 0a015de..bef0272 100644
--- a/hw/9pfs/virtio-9p-local.c
+++ b/hw/9pfs/virtio-9p-local.c
@@ -13,6 +13,9 @@
#include virtio.h
#include virtio-9p.h
#include virtio-9p-xattr.h
+#include qemu_socket.h
+#include fsdev/qemu-fsdev.h
+#include virtio-9p-chroot.h
#include arpa/inet.h
#include pwd.h
#include grp.h
@@ -20,6 +23,35 @@
#include sys/un.h
#include attr/xattr.h
+/* Helper routine to fill V9fsFileObjectRequest structure */
+static void fill_request(V9fsFileObjectRequest *request, const char *path,
+FsCred *credp)
+{
+memset(request, 0, sizeof(*request));
+request-data.path_len = strlen(path);
+strcpy(request-path.path, (path));
+if (credp) {
+request-data.mode = credp-fc_mode;
+request-data.uid = credp-fc_uid;
+request-data.gid = credp-fc_gid;
+request-data.dev = credp-fc_rdev;
+}
+}
+
+static int passthrough_open(FsContext *fs_ctx, const char *path, int flags)
+{
+V9fsFileObjectRequest request;
+int fd, error = 0;
+
+fill_request(request, path, NULL);
+request.data.flags = flags;
+request.data.type = T_OPEN;
+fd = v9fs_request(fs_ctx, request, error);
+if (fd 0) {
+errno = error;
+}
+return fd;
+}
static int local_lstat(FsContext *fs_ctx, const char *path, struct stat *stbuf)
{
@@ -138,14 +170,27 @@ static int local_closedir(FsContext *ctx, DIR *dir)
return closedir(dir);
}
-static int local_open(FsContext *ctx, const char *path, int flags)
+static int local_open(FsContext *fs_ctx, const char *path, int flags)
{
-return open(rpath(ctx, path), flags);
+if (fs_ctx-fs_sm == SM_PASSTHROUGH) {
+return passthrough_open(fs_ctx, path, flags);
+} else {
+return open(rpath(fs_ctx, path), flags);
[Qemu-devel] [V5 PATCH 6/8] virtio-9p: Support for creating special files
Add both server and client side interfaces to create special files
(directory, device nodes, links and symbolic links)
Signed-off-by: M. Mohan Kumar mo...@in.ibm.com
---
hw/9pfs/virtio-9p-chroot-clnt.c | 26 ++
hw/9pfs/virtio-9p-chroot-sv.c | 59 ++
hw/9pfs/virtio-9p-chroot.h |2 +
hw/9pfs/virtio-9p-local.c | 104 +++
4 files changed, 160 insertions(+), 31 deletions(-)
diff --git a/hw/9pfs/virtio-9p-chroot-clnt.c b/hw/9pfs/virtio-9p-chroot-clnt.c
index 7f72add..30366d3 100644
--- a/hw/9pfs/virtio-9p-chroot-clnt.c
+++ b/hw/9pfs/virtio-9p-chroot-clnt.c
@@ -108,3 +108,29 @@ unlock:
qemu_mutex_unlock(fs_ctx-chroot_mutex);
return fd;
}
+
+int v9fs_create_special(FsContext *fs_ctx,
+V9fsFileObjectRequest *request, int *error)
+{
+int fd;
+qemu_mutex_lock(fs_ctx-chroot_mutex);
+if (fs_ctx-chroot_ioerror) {
+*error = EIO;
+fd = -1;
+goto unlock;
+} else {
+*error = 0;
+}
+v9fs_write_request(fs_ctx-chroot_socket, request);
+fd = v9fs_receivefd(fs_ctx-chroot_socket, error);
+if (fd == -EIO *error == EIO) {
+fs_ctx-chroot_ioerror = 1;
+}
+unlock:
+qemu_mutex_unlock(fs_ctx-chroot_mutex);
+if (*error) {
+return -1;
+} else {
+return 0;
+}
+}
diff --git a/hw/9pfs/virtio-9p-chroot-sv.c b/hw/9pfs/virtio-9p-chroot-sv.c
index bab5f7c..e3d8843 100644
--- a/hw/9pfs/virtio-9p-chroot-sv.c
+++ b/hw/9pfs/virtio-9p-chroot-sv.c
@@ -123,6 +123,59 @@ unset_uid:
setfsuid(cur_uid);
}
+/*
+ * Create directory, symbolic link, link, device node and regular files
+ * Similar to create, but it does not return the fd of created object
+ * Returns 0 on success, returns errno on failure
+ */
+static void chroot_do_create_special(V9fsFileObjectRequest *request,
+FdInfo *fd_info)
+{
+int cur_uid, cur_gid;
+
+cur_uid = geteuid();
+cur_gid = getegid();
+
+fd_info-fi_fd = -1;
+fd_info-fi_error = 0;
+
+if (setfsuid(request-data.uid) 0) {
+fd_info-fi_error = errno;
+return;
+}
+if (setfsgid(request-data.gid) 0) {
+fd_info-fi_error = errno;
+goto unset_uid;
+}
+
+switch (request-data.type) {
+case T_MKDIR:
+fd_info-fi_fd = mkdir(request-path.path, request-data.mode);
+break;
+case T_SYMLINK:
+fd_info-fi_fd = symlink(request-path.old_path, request-path.path);
+break;
+case T_LINK:
+fd_info-fi_fd = link(request-path.old_path, request-path.path);
+break;
+default:
+fd_info-fi_fd = mknod(request-path.path, request-data.mode,
+request-data.dev);
+break;
+}
+
+if (fd_info-fi_fd 0) {
+fd_info-fi_error = errno;
+} else {
+fd_info-fi_error = 0;
+fd_info-fi_fd = 0;
+}
+
+setfsgid(cur_gid);
+unset_uid:
+setfsuid(cur_uid);
+}
+
static int chroot_daemonize(int chroot_sock)
{
sigset_t sigset;
@@ -226,6 +279,12 @@ int v9fs_chroot(FsContext *fs_ctx)
case T_CREATE:
chroot_do_create(request, fd_info);
break;
+case T_MKDIR:
+case T_SYMLINK:
+case T_LINK:
+case T_MKNOD:
+chroot_do_create_special(request, fd_info);
+break;
default:
fd_info.fi_fd = 0;
fd_info.fi_error = EIO;
diff --git a/hw/9pfs/virtio-9p-chroot.h b/hw/9pfs/virtio-9p-chroot.h
index 057dcde..7ae1389 100644
--- a/hw/9pfs/virtio-9p-chroot.h
+++ b/hw/9pfs/virtio-9p-chroot.h
@@ -54,5 +54,7 @@ typedef struct V9fsFileObjectRequest
int v9fs_chroot(FsContext *fs_ctx);
int v9fs_request(FsContext *fs_ctx, V9fsFileObjectRequest *or, int *error);
+int v9fs_create_special(FsContext *fs_ctx,
+V9fsFileObjectRequest *request, int *error);
#endif /* _QEMU_VIRTIO_9P_CHROOT_H */
diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c
index 51911dd..9975ed1 100644
--- a/hw/9pfs/virtio-9p-local.c
+++ b/hw/9pfs/virtio-9p-local.c
@@ -69,6 +69,39 @@ static int passthrough_create(FsContext *fs_ctx, const char
*path, int flags,
return fd;
}
+static int passthrough_create_special(FsContext *fs_ctx, const char *oldpath,
+const char *path, FsCred *credp, int type)
+{
+V9fsFileObjectRequest request;
+int retval, error = 0;
+
+fill_request(request, path, credp);
+switch (type) {
+case T_MKNOD:
+request.data.type = T_MKNOD;
+break;
+case T_MKDIR:
+request.data.type = T_MKDIR;
+break;
+case T_SYMLINK:
+request.data.type = T_SYMLINK;
+break;
+case T_LINK:
+request.data.type = T_LINK;
+break;
+}
+if (oldpath) {
+request.data.oldpath_len = strlen(oldpath);
+strcpy(request.path.old_path, oldpath);
+}
+retval = v9fs_create_special(fs_ctx, request, error);
+if
Re: [Qemu-devel] [PATCH 1/3] mainstone: correct and simplify irq handling
Hello,
On Wed, Feb 16, 2011 at 4:13 AM, andrzej zaborowski balr...@gmail.com wrote:
On 12 February 2011 01:15, Dmitry Eremin-Solenikov dbarysh...@gmail.com
wrote:
Simplify IRQ handling to stop setting an input irq pin. As a win, also get
correct IRQ status after save/load cycle.
Thanks, I pushed the three patches from you but see a question below.
Signed-off-by: Dmitry Eremin-Solenikov dbarysh...@gmail.com
---
hw/mst_fpga.c | 29 ++---
1 files changed, 10 insertions(+), 19 deletions(-)
diff --git a/hw/mst_fpga.c b/hw/mst_fpga.c
index 93c6514..3c594b8 100644
--- a/hw/mst_fpga.c
+++ b/hw/mst_fpga.c
@@ -46,33 +46,21 @@ typedef struct mst_irq_state{
}mst_irq_state;
static void
-mst_fpga_update_gpio(mst_irq_state *s)
-{
- uint32_t level, diff;
- int bit;
- level = s-prev_level ^ s-intsetclr;
-
- for (diff = s-prev_level ^ level; diff; diff ^= 1 bit) {
- bit = ffs(diff) - 1;
- qemu_set_irq(s-pins[bit], (level bit) 1 );
- }
- s-prev_level = level;
-}
-
-static void
mst_fpga_set_irq(void *opaque, int irq, int level)
{
mst_irq_state *s = (mst_irq_state *)opaque;
+ uint32_t oldint = s-intsetclr;
if (level)
s-prev_level |= 1u irq;
else
s-prev_level = ~(1u irq);
- if(s-intmskena (1u irq)) {
- s-intsetclr = 1u irq;
- qemu_set_irq(s-parent, level);
- }
+ if ((s-intmskena (1u irq)) level)
+ s-intsetclr |= 1u irq;
+
+ if (oldint != (s-intsetclr s-intmskena))
+ qemu_set_irq(s-parent, s-intsetclr s-intmskena);
Shouldn't this looks something like:
oldint = s-intsetclr s-intmskena;
if (level)
s-intsetclr |= 1 irq;
if (oldint != (s-intsetclr s-intmskena))
qemu_set_irq(s-parent, s-intsetclr s-intmskena);
I don't know this device but this is the usual outline.
Maybe. This should not matter really hard, as we set the correct irq
level at qemu_set_irq()
}
@@ -146,10 +134,11 @@ mst_fpga_writeb(void *opaque, target_phys_addr_t addr,
uint32_t value)
break;
case MST_INTMSKENA: /* Mask interupt */
s-intmskena = (value 0xFEEFF);
- mst_fpga_update_gpio(s);
+ qemu_set_irq(s-parent, s-intsetclr s-intmskena);
break;
case MST_INTSETCLR: /* clear or set interrupt */
s-intsetclr = (value 0xFEEFF);
+ qemu_set_irq(s-parent, s-intsetclr);
Shouldn't this also be masked?
Hmmm. Looks like yes. I'll send the patch.
--
With best wishes
Dmitry
[Qemu-devel] Possible race condition when using TUN/TAP devices
Hi, I noticed the following error when trying to run multiple Qemu/KVM instances: warning: could not open /dev/net/tun: no virtual network emulation qemu-kvm: -netdev tap,id=hostnet0: Device 'tap' could not be initialized Tracing the error showed that returned errno is 16 (EBUSY) and happens only when launching multiple instances in parallel. In net/tap-linux.c line 40, qemu attempts to open /dev/net/tun (rw mode). Then line 78, fcntl is called to set current file descriptor in non blocking mode. IMHO, the problem is there, isn't it ? Qemu/KVM version: 0.12.1.2 (also tested with 0.13.0) System: RHEL6 GA (2.6.32-71) Qemu command line: /usr/libexec/qemu-kvm -M rhel6.0.0 -enable-kvm -m 2048 -smp 8,sockets=8,cores=1,threads=1 -name vm5 -uuid dbcc794b-cda6-44cb-b9f1-5a2024a4281d -rtc base=utc -boot order=cn -chardev socket,id=monitor,port=15006,host=127.0.0.1,server,nowait -mon chardev=monitor,mode=control -pidfile /var/run/vm5.pid -drive file=/var/lib/libvirt/images/vm5.img,if=none,id=drive-ide0-0-0,boot=on -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -netdev tap,ifname=tap5,id=hostnet0 -device virtio-net-pci,netdev=hostnet0,mac=52:54:99:12:34:45,bus=pci.0,addr=0x04 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -vnc 127.0.0.1:5 -vga cirrus -device virtio-balloon-pci,bus=pci.0,addr=0x03 more instances are run using a similar command line (only name, uuid, mac address, etc. changes) -- Thomas
Re: [Qemu-devel] [PATCH] softfloat: export float32_nan and float32_infinity.
On 16.02.2011 12:53, Peter Maydell wrote:
On 14 February 2011 16:47, Christophe Lyon christophe.l...@st.com wrote:
These two special values are needed to implement some helper functions,
which return these values in some cases.
I assume this is for vrecpe, right? I think it would be better
to post this as part of that patchset; it's easier to see the
rationale for adding the functions when you also have the
code that's using them.
Indeed. I'll post the bigger patch.
/*
+| Returns the default NaN.
+**/
+
+float32 float32_nan(void)
+{
+return float32_default_nan;
+}
Maybe we should just expose float32_default_nan in
softfloat.h somehow; that would match float32_zero,
float32_one, etc (ie it would not be a function).
It was my initial intention, but it implies adding a #if defined(TARGET_XXX)
block in softfloat.h, and I feared this was not desirable.
Thanks.
[Qemu-devel] [V5 PATCH 1/8] Implement qemu_read_full
Add qemu_read_full function
Signed-off-by: M. Mohan Kumar mo...@in.ibm.com
---
osdep.c | 32
qemu-common.h |2 ++
2 files changed, 34 insertions(+), 0 deletions(-)
diff --git a/osdep.c b/osdep.c
index 327583b..8d84a88 100644
--- a/osdep.c
+++ b/osdep.c
@@ -127,6 +127,38 @@ ssize_t qemu_write_full(int fd, const void *buf, size_t
count)
}
/*
+ * A variant of read(2) which handles interrupted read.
+ * Simlar to qemu_write_full function
+ *
+ * Return the number of bytes read.
+ *
+ * This function does not work with non-blocking fd's.
+ * errno is set if fewer than `count' bytes are read because of any
+ * error
+ */
+ssize_t qemu_read_full(int fd, void *buf, size_t count)
+{
+ssize_t ret = 0;
+ssize_t total = 0;
+
+while (count) {
+ret = read(fd, buf, count);
+if (ret = 0) {
+if (errno == EINTR) {
+continue;
+}
+break;
+}
+
+count -= ret;
+buf += ret;
+total += ret;
+}
+
+return total;
+}
+
+/*
* Opens a socket with FD_CLOEXEC set
*/
int qemu_socket(int domain, int type, int protocol)
diff --git a/qemu-common.h b/qemu-common.h
index c7ff280..83786d7 100644
--- a/qemu-common.h
+++ b/qemu-common.h
@@ -207,6 +207,8 @@ void qemu_mutex_unlock_iothread(void);
int qemu_open(const char *name, int flags, ...);
ssize_t qemu_write_full(int fd, const void *buf, size_t count)
QEMU_WARN_UNUSED_RESULT;
+ssize_t qemu_read_full(int fd, void *buf, size_t count)
+QEMU_WARN_UNUSED_RESULT;
void qemu_set_cloexec(int fd);
#ifndef _WIN32
--
1.7.3.4
Re: [Qemu-devel] Re: Comparing New Image Formats: FVD vs. QED
On Tue, Feb 15, 2011 at 7:45 PM, Chunqiang Tang ct...@us.ibm.com wrote: Chunqiang Tang/Watson/IBM wrote on 01/28/2011 05:13:27 PM: As you requested, I set up a wiki page for FVD at http://wiki.qemu.org/Features/FVD . It includes a summary of FVD, a detailed specification of FVD, and a comparison of the design and performance of FVD and QED. See the figure at http://wiki.qemu.org/Features/FVD/Compare . This figure shows that the file creation throughput of NetApp's PostMark benchmark under FVD is 74.9% to 215% higher than that under QED. File creation on a sparse image is currently limited by the fact that the QED implementation serializes allocating writes. In earlier QED patch series I had fine-grained metadata locking so allocating writes scale better but that lead a regression on another benchmark. I have this on my todo list. This is an implementation-specific limitation and is unrelated to the file format. It doesn't tell us about a difference between formats. Stefan
[Qemu-devel] [PATCH] mst_fpga: correct irq level settings
Final corrections for IRQ levels that are set by mst_fpga:
* Don't retranslate IRQ if previously IRQ was masked.
* After setting or clearing IRQs through register, apply mask
before setting parent IRQ level.
Signed-off-by: Dmitry Eremin-Solenikov dbarysh...@gmail.com
---
hw/mst_fpga.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/mst_fpga.c b/hw/mst_fpga.c
index afed2ac..407bac9 100644
--- a/hw/mst_fpga.c
+++ b/hw/mst_fpga.c
@@ -50,7 +50,7 @@ static void
mst_fpga_set_irq(void *opaque, int irq, int level)
{
mst_irq_state *s = (mst_irq_state *)opaque;
- uint32_t oldint = s-intsetclr;
+ uint32_t oldint = s-intsetclr s-intmskena;
if (level)
s-prev_level |= 1u irq;
@@ -139,7 +139,7 @@ mst_fpga_writeb(void *opaque, target_phys_addr_t addr,
uint32_t value)
break;
case MST_INTSETCLR: /* clear or set interrupt */
s-intsetclr = (value 0xFEEFF);
- qemu_set_irq(s-parent, s-intsetclr);
+ qemu_set_irq(s-parent, s-intsetclr s-intmskena);
break;
case MST_PCMCIA0:
s-pcmcia0 = value;
--
1.7.2.3
Re: [Qemu-devel] KVM call minutes for Feb 15
On 02/16/2011 04:24 AM, Avi Kivity wrote:
On 02/16/2011 01:13 AM, Anthony Liguori wrote:
On 02/15/2011 10:26 AM, Chris Wright wrote:
QAPI and QMP
- Anthony adding a new wiki page to describe all of this
http://wiki.qemu.org/Features/QAPI
[ 'change', {'device': 'str', 'target': 'str'}, {'arg': 'str'},
'none' ]
-
void qmp_change(const char *device, const char *target, bool
has_arg, const char *arg, Error **errp);
AFAICT a json-string allows embedded NULs ('\'). There translate
to UTF-8 as '\0', terminating your char *s. Either we use some
length/pointer structure, or the parser has to look for them and kill
them, and we have to specify them as verboten.
I feel like it would be safer for us to not accept strings with embedded
NULs. There's no way we're going to consistently handle this correctly
in QEMU since we expect NUL terminated strings. They won't work for any
of the standard C functions either.
BlockDeviceInfo *qmp_query_block_device_info(const char *device, Error
**errp)
{
BlockDeviceInfo *info;
BlockDriverState *bs;
Error *local_err = NULL;
bs = bdrv_find(device,local_err);
if (local_err) {
error_propagate(errp, local_err);
return NULL;
}
info-file = qemu_strdup(bs-filename);
info-ro = bs-readonly;
info-drv = qemu_strdup(bs-drv);
info-encrypted = bs-encrypted;
if (bs-backing_file[0]) {
info-has_backing_file = true;
info-backing_file = qemu_strdup(info-backing_file);
}
return info;
}
So, info and all its pointer-typed members are required to be
qemu_free() compatible, with just a single pointer pointing to an
object, and generated code will qemu_free() everything?
Yes.
Recommend translating '-' in identifiers to '_' so we can use '-' in
the schema as a word separator.
Already do that and we make extensive use of that in the schema.
Regards,
Anthony Liguori
Re: [Qemu-devel] Re: [RFC] qapi: events in QMP
On 02/16/2011 02:50 AM, Kevin Wolf wrote:
Am 16.02.2011 01:59, schrieb Anthony Liguori:
On 02/15/2011 07:38 AM, Luiz Capitulino wrote:
On Tue, 15 Feb 2011 10:20:01 +0100
Kevin Wolfkw...@redhat.com wrote:
Am 14.02.2011 20:34, schrieb Anthony Liguori:
On 02/14/2011 12:34 PM, Luiz Capitulino wrote:
On Mon, 14 Feb 2011 08:39:11 -0600
Anthony Liguorianth...@codemonkey.wswrote:
On 02/14/2011 06:45 AM, Luiz Capitulino wrote:
So the question is: how does the schema based design support extending
commands or events? Does it require adding new commands/events?
Well, let me ask you, how do we do that today?
Let's say that I want to add a new parameter to the `change' function so
that I can include a salt parameter as part of the password.
The way we'd do this today is by checking for the 'salt' parameter in
qdict, and if it's not present, use a random salt or something like that.
You likely want to do what you did before. Of course that you have to
consider if what you're doing is extending an existing command or badly
overloading it (like change is today), in this case you'll want to add
a new command instead.
But yes, the use-case here is extending an existing command.
However, if I'm a QMP client, how can I tell whether you're going to
ignore my salt parameter or actually use it? Nothing in QMP tells me
this today. If I set the salt parameter in the `change' command, I'll
just get a success message.
I'm sorry?
{ execute: change, arguments: { device: vnc, target: password, arg: 1234,
salt: r1 } }
{error: {class: InvalidParameter, desc: Invalid parameter 'salt', data:
{name: salt}}}
So I'm supposed to execute the command, and if execution fails, drop the
new parameter? If we add a few optional parameters, does that mean I
have to try every possible combination of parameters?
How is that different from trying out multiple commands? In the end, you
always need some meta information like a schema in order to avoid trying
out which parameters the server supports.
Anyway, I think there's a second interesting point: Adding parameters
does cause these problems, but it's different for data sent from qemu to
the client (return values and events). If we add more information there,
an older client can just ignore it, without even looking at a schema.
So I think we should consider this for return values and definitely do
it for events. Sending out five different messages for a single event
that are completely redundant and only differ in the number of fields is
just insane (okay, they wouldn't actually get on the wire because a
client registers only for one of them, but the code for generating them
must exist).
That's my point when I asked about events in the other thread.
Okay, I had confused myself about this. It's not quite as bad as I had
been saying.
One of the reasons to have generated allocation function is so that we
can make sure to always pad structures. Since all optional fields has a
bool to indicate the fields presence, by setting the allocated structure
to zero, we can support forwards compatibility for structures.
I think in most cases we would even get away with a default value
instead of the bool. For example for strings, NULL would be a very clear
indication that the field wasn't there in the JSON message.
In order to support forwards compatibility, we need to have a zero-value
for non-presence. For strings or pointers, NULL would work very well.
But for integers, I'm not sure we can reasonably use 0 as a universal
default value. We could just use has_ fields for non-pointers but I
figured consistency would make the code more robust since it's hard to
tell that a field is really optional vs. required. For instance:
typedef struct BlockInfo {
const char *device_name;
bool has_backing_file;
const char *backing_file;
} BlockInfo;
It's very obvious that backing_file is optional. If you don't set
has_backing_file (because you're incorrectly treating backing_file is
required), it will fail immediately as the field won't be marshalled.
OTOH:
typedef struct BlockInfo {
const char *device_name;
// optional
const char *backing_file;
} BlockInfo;
Is a bit easier to screw up. If you happen to not do the NULL check and
work with a client that's sending it, you can end up with a NULL pointer
dereference pretty easily.
If we expect to add fields later, we just have to make sure we use a
structure to encapsulate things.
As stated before, I think we should use structures for all events. I
still don't understand why we should have an exception for events. Any
other command returns structures, too, and you don't automagically pull
their fields up one level anywhere except for events.
That's not entirely true. For
Re: [Qemu-devel] [PATCH 2/3] target-arm: Fix soft interrupt in GIC distributor
On 15 February 2011 10:49, Adam Lackorzynski a...@os.inf.tu-dresden.de wrote: Fix selection of target list filter mode. Signed-off-by: Adam Lackorzynski a...@os.inf.tu-dresden.de --- hw/arm_gic.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/arm_gic.c b/hw/arm_gic.c index e6b1953..0e934ec 100644 --- a/hw/arm_gic.c +++ b/hw/arm_gic.c @@ -549,10 +549,10 @@ static void gic_dist_writel(void *opaque, target_phys_addr_t offset, mask = (value 16) ALL_CPU_MASK; break; case 1: - mask = 1 cpu; + mask = ALL_CPU_MASK ^ (1 cpu); break; case 2: - mask = ALL_CPU_MASK ^ (1 cpu); + mask = 1 cpu; break; default: DPRINTF(Bad Soft Int target filter\n); This looks like a good fix based on the TRM; however I don't have an A9-based image to hand to test with so I've asked a colleague to give it a quick smoke test before I formally mark it as reviewed-by me (probably some time next week). thanks -- PMM
Re: [Qemu-devel] Re: [RFC] qapi: events in QMP
Am 16.02.2011 14:43, schrieb Anthony Liguori:
On 02/16/2011 02:50 AM, Kevin Wolf wrote:
Am 16.02.2011 01:59, schrieb Anthony Liguori:
On 02/15/2011 07:38 AM, Luiz Capitulino wrote:
On Tue, 15 Feb 2011 10:20:01 +0100
Kevin Wolfkw...@redhat.com wrote:
Am 14.02.2011 20:34, schrieb Anthony Liguori:
On 02/14/2011 12:34 PM, Luiz Capitulino wrote:
On Mon, 14 Feb 2011 08:39:11 -0600
Anthony Liguorianth...@codemonkey.wswrote:
On 02/14/2011 06:45 AM, Luiz Capitulino wrote:
So the question is: how does the schema based design support extending
commands or events? Does it require adding new commands/events?
Well, let me ask you, how do we do that today?
Let's say that I want to add a new parameter to the `change' function
so
that I can include a salt parameter as part of the password.
The way we'd do this today is by checking for the 'salt' parameter in
qdict, and if it's not present, use a random salt or something like
that.
You likely want to do what you did before. Of course that you have to
consider if what you're doing is extending an existing command or badly
overloading it (like change is today), in this case you'll want to add
a new command instead.
But yes, the use-case here is extending an existing command.
However, if I'm a QMP client, how can I tell whether you're going to
ignore my salt parameter or actually use it? Nothing in QMP tells me
this today. If I set the salt parameter in the `change' command, I'll
just get a success message.
I'm sorry?
{ execute: change, arguments: { device: vnc, target:
password, arg: 1234, salt: r1 } }
{error: {class: InvalidParameter, desc: Invalid parameter
'salt', data: {name: salt}}}
So I'm supposed to execute the command, and if execution fails, drop the
new parameter? If we add a few optional parameters, does that mean I
have to try every possible combination of parameters?
How is that different from trying out multiple commands? In the end, you
always need some meta information like a schema in order to avoid trying
out which parameters the server supports.
Anyway, I think there's a second interesting point: Adding parameters
does cause these problems, but it's different for data sent from qemu to
the client (return values and events). If we add more information there,
an older client can just ignore it, without even looking at a schema.
So I think we should consider this for return values and definitely do
it for events. Sending out five different messages for a single event
that are completely redundant and only differ in the number of fields is
just insane (okay, they wouldn't actually get on the wire because a
client registers only for one of them, but the code for generating them
must exist).
That's my point when I asked about events in the other thread.
Okay, I had confused myself about this. It's not quite as bad as I had
been saying.
One of the reasons to have generated allocation function is so that we
can make sure to always pad structures. Since all optional fields has a
bool to indicate the fields presence, by setting the allocated structure
to zero, we can support forwards compatibility for structures.
I think in most cases we would even get away with a default value
instead of the bool. For example for strings, NULL would be a very clear
indication that the field wasn't there in the JSON message.
In order to support forwards compatibility, we need to have a zero-value
for non-presence. For strings or pointers, NULL would work very well.
What's the kind of compatibility you're concerned about? I was mainly
considering older clients communicating with newer qemu, i.e.
compatibility on the protocol level. The library can set default values
for fields that are not present in JSON messages it receives.
Your point is older applications using a newer library? Or newer ones
using an older lib (this one doesn't make sense, imho)? Or something
entirely different?
For older applications the exact value shouldn't matter, because they
don't know the field and don't even look at it.
But for integers, I'm not sure we can reasonably use 0 as a universal
default value. We could just use has_ fields for non-pointers but I
figured consistency would make the code more robust since it's hard to
tell that a field is really optional vs. required. For instance:
typedef struct BlockInfo {
const char *device_name;
bool has_backing_file;
const char *backing_file;
} BlockInfo;
It's very obvious that backing_file is optional. If you don't set
has_backing_file (because you're incorrectly treating backing_file is
required), it will fail immediately as the field won't be marshalled.
OTOH:
typedef struct BlockInfo {
const char
Re: [Qemu-devel] Re: [RFC] qapi: events in QMP
On 02/16/2011 08:15 AM, Kevin Wolf wrote:
Am 16.02.2011 14:43, schrieb Anthony Liguori:
On 02/16/2011 02:50 AM, Kevin Wolf wrote:
Am 16.02.2011 01:59, schrieb Anthony Liguori:
On 02/15/2011 07:38 AM, Luiz Capitulino wrote:
On Tue, 15 Feb 2011 10:20:01 +0100
Kevin Wolfkw...@redhat.comwrote:
Am 14.02.2011 20:34, schrieb Anthony Liguori:
On 02/14/2011 12:34 PM, Luiz Capitulino wrote:
On Mon, 14 Feb 2011 08:39:11 -0600
Anthony Liguorianth...@codemonkey.ws wrote:
On 02/14/2011 06:45 AM, Luiz Capitulino wrote:
So the question is: how does the schema based design support extending
commands or events? Does it require adding new commands/events?
Well, let me ask you, how do we do that today?
Let's say that I want to add a new parameter to the `change' function so
that I can include a salt parameter as part of the password.
The way we'd do this today is by checking for the 'salt' parameter in
qdict, and if it's not present, use a random salt or something like that.
You likely want to do what you did before. Of course that you have to
consider if what you're doing is extending an existing command or badly
overloading it (like change is today), in this case you'll want to add
a new command instead.
But yes, the use-case here is extending an existing command.
However, if I'm a QMP client, how can I tell whether you're going to
ignore my salt parameter or actually use it? Nothing in QMP tells me
this today. If I set the salt parameter in the `change' command, I'll
just get a success message.
I'm sorry?
{ execute: change, arguments: { device: vnc, target: password, arg: 1234,
salt: r1 } }
{error: {class: InvalidParameter, desc: Invalid parameter 'salt', data:
{name: salt}}}
So I'm supposed to execute the command, and if execution fails, drop the
new parameter? If we add a few optional parameters, does that mean I
have to try every possible combination of parameters?
How is that different from trying out multiple commands? In the end, you
always need some meta information like a schema in order to avoid trying
out which parameters the server supports.
Anyway, I think there's a second interesting point: Adding parameters
does cause these problems, but it's different for data sent from qemu to
the client (return values and events). If we add more information there,
an older client can just ignore it, without even looking at a schema.
So I think we should consider this for return values and definitely do
it for events. Sending out five different messages for a single event
that are completely redundant and only differ in the number of fields is
just insane (okay, they wouldn't actually get on the wire because a
client registers only for one of them, but the code for generating them
must exist).
That's my point when I asked about events in the other thread.
Okay, I had confused myself about this. It's not quite as bad as I had
been saying.
One of the reasons to have generated allocation function is so that we
can make sure to always pad structures. Since all optional fields has a
bool to indicate the fields presence, by setting the allocated structure
to zero, we can support forwards compatibility for structures.
I think in most cases we would even get away with a default value
instead of the bool. For example for strings, NULL would be a very clear
indication that the field wasn't there in the JSON message.
In order to support forwards compatibility, we need to have a zero-value
for non-presence. For strings or pointers, NULL would work very well.
What's the kind of compatibility you're concerned about? I was mainly
considering older clients communicating with newer qemu, i.e.
compatibility on the protocol level.
The has_XX fields are not sent over the wire.
The library can set default values
for fields that are not present in JSON messages it receives.
Your point is older applications using a newer library?
Compiled against a new library, but running against an old library.
This has to be supported in order to avoid bumping the library version.
That's not entirely true. For human-monitor-command, we return a bare
string. For all other commands, we return structures specifically to
enable better forwards compatibility.
I do agree that for most of our events, we should be using a structure
for passing information. That's not what we're doing today but there's
only a couple events that are even doing that so fixing it won't be that
bad.
Right, you could still have something like this (although I'm not sure
if it's very useful):
[ 'block-io-event', {}, {}, 'string' ]
What I think isn't a good idea is that the following definition doesn't
generate a
Re: [Qemu-devel] Re: [RFC] qapi: events in QMP
On 02/16/2011 08:15 AM, Kevin Wolf wrote:
Am 16.02.2011 14:43, schrieb Anthony Liguori:
On 02/16/2011 02:50 AM, Kevin Wolf wrote:
Am 16.02.2011 01:59, schrieb Anthony Liguori:
On 02/15/2011 07:38 AM, Luiz Capitulino wrote:
On Tue, 15 Feb 2011 10:20:01 +0100
Kevin Wolfkw...@redhat.comwrote:
Am 14.02.2011 20:34, schrieb Anthony Liguori:
On 02/14/2011 12:34 PM, Luiz Capitulino wrote:
On Mon, 14 Feb 2011 08:39:11 -0600
Anthony Liguorianth...@codemonkey.ws wrote:
On 02/14/2011 06:45 AM, Luiz Capitulino wrote:
So the question is: how does the schema based design support extending
commands or events? Does it require adding new commands/events?
Well, let me ask you, how do we do that today?
Let's say that I want to add a new parameter to the `change' function so
that I can include a salt parameter as part of the password.
The way we'd do this today is by checking for the 'salt' parameter in
qdict, and if it's not present, use a random salt or something like that.
You likely want to do what you did before. Of course that you have to
consider if what you're doing is extending an existing command or badly
overloading it (like change is today), in this case you'll want to add
a new command instead.
But yes, the use-case here is extending an existing command.
However, if I'm a QMP client, how can I tell whether you're going to
ignore my salt parameter or actually use it? Nothing in QMP tells me
this today. If I set the salt parameter in the `change' command, I'll
just get a success message.
I'm sorry?
{ execute: change, arguments: { device: vnc, target: password, arg: 1234,
salt: r1 } }
{error: {class: InvalidParameter, desc: Invalid parameter 'salt', data:
{name: salt}}}
So I'm supposed to execute the command, and if execution fails, drop the
new parameter? If we add a few optional parameters, does that mean I
have to try every possible combination of parameters?
How is that different from trying out multiple commands? In the end, you
always need some meta information like a schema in order to avoid trying
out which parameters the server supports.
Anyway, I think there's a second interesting point: Adding parameters
does cause these problems, but it's different for data sent from qemu to
the client (return values and events). If we add more information there,
an older client can just ignore it, without even looking at a schema.
So I think we should consider this for return values and definitely do
it for events. Sending out five different messages for a single event
that are completely redundant and only differ in the number of fields is
just insane (okay, they wouldn't actually get on the wire because a
client registers only for one of them, but the code for generating them
must exist).
That's my point when I asked about events in the other thread.
Okay, I had confused myself about this. It's not quite as bad as I had
been saying.
One of the reasons to have generated allocation function is so that we
can make sure to always pad structures. Since all optional fields has a
bool to indicate the fields presence, by setting the allocated structure
to zero, we can support forwards compatibility for structures.
I think in most cases we would even get away with a default value
instead of the bool. For example for strings, NULL would be a very clear
indication that the field wasn't there in the JSON message.
In order to support forwards compatibility, we need to have a zero-value
for non-presence. For strings or pointers, NULL would work very well.
What's the kind of compatibility you're concerned about? I was mainly
considering older clients communicating with newer qemu, i.e.
compatibility on the protocol level.
The has_XX fields are not sent over the wire.
The library can set default values
for fields that are not present in JSON messages it receives.
Your point is older applications using a newer library?
Compiled against a new library, but running against an old library.
This has to be supported in order to avoid bumping the library version.
That's not entirely true. For human-monitor-command, we return a bare
string. For all other commands, we return structures specifically to
enable better forwards compatibility.
I do agree that for most of our events, we should be using a structure
for passing information. That's not what we're doing today but there's
only a couple events that are even doing that so fixing it won't be that
bad.
Right, you could still have something like this (although I'm not sure
if it's very useful):
[ 'block-io-event', {}, {}, 'string' ]
What I think isn't a good idea is that the following definition doesn't
generate a
Re: [Qemu-devel] KVM call minutes for Feb 15
On (Tue) 15 Feb 2011 [17:13:13], Anthony Liguori wrote: On 02/15/2011 10:26 AM, Chris Wright wrote: revisit new - old migration - Amit offers virtio-serial patches and some legwork So, to me, migration correctness trumps compatibility. I don't think compatibility is useful if it means that a guest may fail during migration. We have subsections as a way to support the cases where it's safe to migrate to an old version only if a feature is not being used or a corner case is not currently happening. This is the best way to approach the problem. If a subsection won't work, that means you want to migrate when you're completely sure that migrating will break a guest. That doesn't seem reasonable at all to me. I think in the last discussion on Amit's patches, I had suggested that subsections could be used to allow migration when there wasn't any queued data. I think this is the best we can do while preserving correctness. The only problem is that virtio hasn't been converted over to vmstate, which is necessary for subsections. Amit
Re: [Qemu-devel] KVM call minutes for Feb 15
On 02/16/2011 08:39 AM, Amit Shah wrote: On (Tue) 15 Feb 2011 [17:13:13], Anthony Liguori wrote: On 02/15/2011 10:26 AM, Chris Wright wrote: revisit new - old migration - Amit offers virtio-serial patches and some legwork So, to me, migration correctness trumps compatibility. I don't think compatibility is useful if it means that a guest may fail during migration. We have subsections as a way to support the cases where it's safe to migrate to an old version only if a feature is not being used or a corner case is not currently happening. This is the best way to approach the problem. If a subsection won't work, that means you want to migrate when you're completely sure that migrating will break a guest. That doesn't seem reasonable at all to me. I think in the last discussion on Amit's patches, I had suggested that subsections could be used to allow migration when there wasn't any queued data. I think this is the best we can do while preserving correctness. The only problem is that virtio hasn't been converted over to vmstate, which is necessary for subsections. Then it needs to be converted. Regards, Anthony Liguori Amit
[Qemu-devel] Re: [PATCHv2] Handle icount for powerpc tbl/tbu/decr load and store.
On Tue, Feb 15, 2011 at 09:39:54AM +0100, Tristan Gingold wrote:
Handle option '-icount X' on powerpc targets.
I've applied this one, thanks.
Signed-off-by: Tristan Gingold ging...@adacore.com
---
target-ppc/translate_init.c | 42 ++
1 files changed, 42 insertions(+), 0 deletions(-)
diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
index 907535e..27aff74 100644
--- a/target-ppc/translate_init.c
+++ b/target-ppc/translate_init.c
@@ -154,12 +154,26 @@ static void spr_read_ureg (void *opaque, int gprn, int
sprn)
#if !defined(CONFIG_USER_ONLY)
static void spr_read_decr (void *opaque, int gprn, int sprn)
{
+if (use_icount) {
+gen_io_start();
+}
gen_helper_load_decr(cpu_gpr[gprn]);
+if (use_icount) {
+gen_io_end();
+gen_stop_exception(opaque);
+}
}
static void spr_write_decr (void *opaque, int sprn, int gprn)
{
+if (use_icount) {
+gen_io_start();
+}
gen_helper_store_decr(cpu_gpr[gprn]);
+if (use_icount) {
+gen_io_end();
+gen_stop_exception(opaque);
+}
}
#endif
@@ -167,12 +181,26 @@ static void spr_write_decr (void *opaque, int sprn, int
gprn)
/* Time base */
static void spr_read_tbl (void *opaque, int gprn, int sprn)
{
+if (use_icount) {
+gen_io_start();
+}
gen_helper_load_tbl(cpu_gpr[gprn]);
+if (use_icount) {
+gen_io_end();
+gen_stop_exception(opaque);
+}
}
static void spr_read_tbu (void *opaque, int gprn, int sprn)
{
+if (use_icount) {
+gen_io_start();
+}
gen_helper_load_tbu(cpu_gpr[gprn]);
+if (use_icount) {
+gen_io_end();
+gen_stop_exception(opaque);
+}
}
__attribute__ (( unused ))
@@ -190,12 +218,26 @@ static void spr_read_atbu (void *opaque, int gprn, int
sprn)
#if !defined(CONFIG_USER_ONLY)
static void spr_write_tbl (void *opaque, int sprn, int gprn)
{
+if (use_icount) {
+gen_io_start();
+}
gen_helper_store_tbl(cpu_gpr[gprn]);
+if (use_icount) {
+gen_io_end();
+gen_stop_exception(opaque);
+}
}
static void spr_write_tbu (void *opaque, int sprn, int gprn)
{
+if (use_icount) {
+gen_io_start();
+}
gen_helper_store_tbu(cpu_gpr[gprn]);
+if (use_icount) {
+gen_io_end();
+gen_stop_exception(opaque);
+}
}
__attribute__ (( unused ))
--
1.7.3.GIT
Re: [Qemu-devel] Re: [PULL 00/11] Block patches for master
On 02/16/2011 06:00 AM, Paolo Bonzini wrote: On 02/16/2011 12:30 PM, Kevin Wolf wrote: Am 14.02.2011 21:17, schrieb Anthony Liguori: On 02/10/2011 09:51 AM, Kevin Wolf wrote: The following changes since commit 6c5f738daec123020d32543fe90a6633a4f6643e: microblaze: Handle singlestepping over direct jmps (2011-02-10 00:46:09 +0100) are available in the git repository at: git://repo.or.cz/qemu/kevin.git for-anthony Pulled. Thanks. Are you sure? I don't see the commits in master. The commits from the uq/master pull aren't there, either. Yeah, I messed up locally and pushed the wrong branch. Fixed now. Regards, Anthony Liguori Paolo
[Qemu-devel] [PATCH v2 0/2] ARM: fix Neon vrecpe instruction.
From: Christophe Lyon christophe.l...@st.com These 2 patches fix the ARM Neon vrecpe instruction by matching the algorithm descibed in the ARM ARM. With these patches, qemu passes my ARM/Neon tests. Patch #1 modifies softfloat by exporting float32_nan and float32_infinity. For consistency, I have also moved all the target-dependent definitions of floatXX_default_nan to softfloat.h (ie the 16, 64, x80 and 128 bits versions in addition to the 32 bits ones). Patch #2 uses these newly exported values and uses the vrecpe algorithm described in the ARM ARM. Christophe Lyon (2): softfloat: export float32_nan and float32_infinity. target-arm: fix support for vrecpe. fpu/softfloat-specialize.h | 68 --- fpu/softfloat.h| 71 + target-arm/helper.c| 84 +-- 3 files changed, 143 insertions(+), 80 deletions(-) -- 1.7.2.3
[Qemu-devel] [PATCH 1/2] softfloat: export float32_nan and float32_infinity.
From: Christophe Lyon christophe.l...@st.com
These two special values are needed to implement some helper
functions, which return these values in some cases.
This patch also moves the definitions of default_nan for 16, 64, x80
and 128 bits floats for consistency with float32.
Signed-off-by: Christophe Lyon christophe.l...@st.com
---
fpu/softfloat-specialize.h | 68 --
fpu/softfloat.h| 71
2 files changed, 71 insertions(+), 68 deletions(-)
diff --git a/fpu/softfloat-specialize.h b/fpu/softfloat-specialize.h
index 2d025bf..adc5ada 100644
--- a/fpu/softfloat-specialize.h
+++ b/fpu/softfloat-specialize.h
@@ -30,12 +30,6 @@ these four paragraphs for those parts of this code that are
retained.
=*/
-#if defined(TARGET_MIPS) || defined(TARGET_SH4)
-#define SNAN_BIT_IS_ONE1
-#else
-#define SNAN_BIT_IS_ONE0
-#endif
-
/*
| Raises the exceptions specified by `flags'. Floating-point traps can be
| defined here if desired. It is currently not possible for such a trap
@@ -57,17 +51,6 @@ typedef struct {
} commonNaNT;
/*
-| The pattern for a default generated half-precision NaN.
-**/
-#if defined(TARGET_ARM)
-#define float16_default_nan make_float16(0x7E00)
-#elif SNAN_BIT_IS_ONE
-#define float16_default_nan make_float16(0x7DFF)
-#else
-#define float16_default_nan make_float16(0xFE00)
-#endif
-
-/*
| Returns 1 if the half-precision floating-point value `a' is a quiet
| NaN; otherwise returns 0.
**/
@@ -158,19 +141,6 @@ static float16 commonNaNToFloat16(commonNaNT a
STATUS_PARAM)
}
/*
-| The pattern for a default generated single-precision NaN.
-**/
-#if defined(TARGET_SPARC)
-#define float32_default_nan make_float32(0x7FFF)
-#elif defined(TARGET_PPC) || defined(TARGET_ARM) || defined(TARGET_ALPHA)
-#define float32_default_nan make_float32(0x7FC0)
-#elif SNAN_BIT_IS_ONE
-#define float32_default_nan make_float32(0x7FBF)
-#else
-#define float32_default_nan make_float32(0xFFC0)
-#endif
-
-/*
| Returns 1 if the single-precision floating-point value `a' is a quiet
| NaN; otherwise returns 0.
**/
@@ -413,19 +383,6 @@ static float32 propagateFloat32NaN( float32 a, float32 b
STATUS_PARAM)
}
/*
-| The pattern for a default generated double-precision NaN.
-**/
-#if defined(TARGET_SPARC)
-#define float64_default_nan make_float64(LIT64( 0x7FFF ))
-#elif defined(TARGET_PPC) || defined(TARGET_ARM) || defined(TARGET_ALPHA)
-#define float64_default_nan make_float64(LIT64( 0x7FF8 ))
-#elif SNAN_BIT_IS_ONE
-#define float64_default_nan make_float64(LIT64( 0x7FF7 ))
-#else
-#define float64_default_nan make_float64(LIT64( 0xFFF8 ))
-#endif
-
-/*
| Returns 1 if the double-precision floating-point value `a' is a quiet
| NaN; otherwise returns 0.
**/
@@ -564,19 +521,6 @@ static float64 propagateFloat64NaN( float64 a, float64 b
STATUS_PARAM)
#ifdef FLOATX80
/*
-| The pattern for a default generated extended double-precision NaN. The
-| `high' and `low' values hold the most- and least-significant bits,
-| respectively.
-**/
-#if SNAN_BIT_IS_ONE
-#define floatx80_default_nan_high 0x7FFF
-#define floatx80_default_nan_low LIT64( 0xBFFF )
-#else
-#define floatx80_default_nan_high 0x
-#define floatx80_default_nan_low LIT64( 0xC000 )
-#endif
-
-/*
| Returns 1 if the extended double-precision floating-point value `a' is a
| quiet NaN; otherwise returns 0. This slightly differs from the same
| function for other types as floatx80 has an explicit bit.
@@ -728,18 +672,6 @@ static floatx80 propagateFloatx80NaN( floatx80
[Qemu-devel] [PATCH 2/2] target-arm: fix support for vrecpe.
From: Christophe Lyon christophe.l...@st.com
Now use the same algorithm as described in the ARM ARM.
Signed-off-by: Christophe Lyon christophe.l...@st.com
---
target-arm/helper.c | 84 +++---
1 files changed, 72 insertions(+), 12 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 7f63a28..a17df42 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2687,13 +2687,68 @@ float32 HELPER(rsqrts_f32)(float32 a, float32 b,
CPUState *env)
/* NEON helpers. */
-/* TODO: The architecture specifies the value that the estimate functions
- should return. We return the exact reciprocal/root instead. */
+/* The algorithm that must be used to calculate the estimate
+ * is specified by the ARM ARM.
+ */
+static float64 recip_estimate(float64 a, CPUState *env)
+{
+float_status *s = env-vfp.standard_fp_status;
+float64 one = int64_to_float64(1, s);
+/* q = (int)(a * 512.0) */
+float64 x512 = int64_to_float64(512, s);
+float64 q = float64_mul(x512, a, s);
+int64_t q_int = float64_to_int64_round_to_zero(q, s);
+
+/* r = 1.0 / (((double)q + 0.5) / 512.0) */
+q = int64_to_float64(q_int, s);
+float64 half = float64_div(one, int64_to_float64(2, s), s);
+q = float64_add(q, half, s);
+q = float64_div(q, x512, s);
+q = float64_div(one, q, s);
+
+/* s = (int)(256.0 * r + 0.5) */
+float64 x256 = int64_to_float64(256, s);
+q = float64_mul(q, x256, s);
+q = float64_add(q, half, s);
+q_int = float64_to_int64_round_to_zero(q, s);
+
+/* return (double)s / 256.0 */
+return float64_div(int64_to_float64(q_int, s), x256, s);
+}
+
float32 HELPER(recpe_f32)(float32 a, CPUState *env)
{
-float_status *s = env-vfp.fp_status;
-float32 one = int32_to_float32(1, s);
-return float32_div(one, a, s);
+float_status *s = env-vfp.standard_fp_status;
+float64 f64;
+uint32_t val32 = float32_val(a);
+
+int result_exp;
+int a_exp = (val32 0x7F80) 23;
+int sign = val32 0x8000;
+
+if (float32_is_any_nan(a)) {
+return float32_maybe_silence_nan(a);
+} else if (float32_is_infinity(a)) {
+return float32_zero;
+} else if (float32_is_zero(a)) {
+float_raise(float_flag_divbyzero, s);
+return float32_infinity;
+} else if (a_exp = 253) {
+float_raise(float_flag_underflow, s);
+return float32_zero;
+}
+
+f64 = make_float64((0x3FEULL 52)
+ | ((int64_t)(val32 0x7F) 29));
+
+result_exp = 253 - a_exp;
+
+f64 = recip_estimate(f64, env);
+
+val32 = sign
+| ((result_exp 0xFF) 23)
+| ((float64_val(f64) 29) 0x7F);
+return make_float32(val32);
}
float32 HELPER(rsqrte_f32)(float32 a, CPUState *env)
@@ -2705,13 +2760,18 @@ float32 HELPER(rsqrte_f32)(float32 a, CPUState *env)
uint32_t HELPER(recpe_u32)(uint32_t a, CPUState *env)
{
-float_status *s = env-vfp.fp_status;
-float32 tmp;
-tmp = int32_to_float32(a, s);
-tmp = float32_scalbn(tmp, -32, s);
-tmp = helper_recpe_f32(tmp, env);
-tmp = float32_scalbn(tmp, 31, s);
-return float32_to_int32(tmp, s);
+float64 f64;
+
+if ((a 0x8000) == 0) {
+return 0x;
+}
+
+f64 = make_float64((0x3FEULL 52)
+ | ((int64_t)(a 0x7FFF) 21));
+
+f64 = recip_estimate (f64, env);
+
+return 0x8000 | ((float64_val(f64) 21) 0x7FFF);
}
uint32_t HELPER(rsqrte_u32)(uint32_t a, CPUState *env)
--
1.7.2.3
[Qemu-devel] [Bug 688085] Re: Guest kernel hang during boot when KVM is active on i386 host
** Changed in: linux (Ubuntu) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/688085 Title: Guest kernel hang during boot when KVM is active on i386 host Status in meego project: In Progress Status in QEMU: Fix Released Status in qemu-kvm: Fix Released Status in “kvm” package in Ubuntu: Invalid Status in “linux” package in Ubuntu: Fix Released Status in “qemu” package in Ubuntu: Invalid Status in “qemu-kvm” package in Ubuntu: Invalid Status in “kvm” source package in Maverick: New Status in “linux” source package in Maverick: New Status in “qemu” source package in Maverick: New Status in “qemu-kvm” source package in Maverick: New Bug description: Binary package hint: qemu Guest kernel hang during boot when KVM is active on i386 host See the patch. http://www.spinics.net/lists/kvm/msg40800.html How to reproduce: 1. install Maversick x86 (not amd64) 2. ensure you have kvm support in processor 3. kvm -kernel /boot/initrd.img-2.6.35-24-generic-pae 4. kvm -no-kvm -kernel /boot/initrd.img-2.6.35-24-generic-pae works OK. SRU Justification: Impact: Users cannot boot KVM guests on i386 hosts 2. How bug addressed: The upstream commit at http://www.spinics.net/lists/kvm/msg40800.html fixed it 3. Patch: A kernel patch is attached to this bug. 4. Reproduce: boot an i386 kernel on a kvm-capable host. Try to boot a kvm guest. 5. Regression potential: since this is cherrypicking a commit from a future upstream which had already been changed, regression is possible. However if there is a regression, it should only affect users of KVM on i386 hosts, which currently fail anyway.
Re: [Qemu-devel] [PATCH 3/3] target-arm: Implement cp15 VA-PA translation
On 15 February 2011 10:49, Adam Lackorzynski a...@os.inf.tu-dresden.de wrote:
Implement VA-PA translations by cp15-c7 that went through unchanged
previously.
+ uint32_t c7_par; /* Translation result. */
I think this new env field needs extra code so it is saved
and loaded by machine.c:cpu_save() and cpu_load().
case 7: /* Cache control. */
We should be insisting that op1 == 0 (otherwise bad_reg).
env-cp15.c15_i_max = 0x000;
env-cp15.c15_i_min = 0xff0;
- /* No cache, so nothing to do. */
- /* ??? MPCore has VA to PA translation functions. */
+ /* No cache, so nothing to do except VA-PA translations. */
+ if (arm_feature(env, ARM_FEATURE_V6)) {
This is the wrong feature switch. The VA-PA translation registers
are only architectural in v7. Before that, they exist in 11MPcore
and 1176 but not 1136. So we should be testing for v7 or
11MPcore (since we don't model 1176).
Also, the format of the PAR is different in 1176/11MPcore!
(in the comments below I'm generally talking about the v7
format, not 1176/mpcore).
+ switch (crm) {
+ case 4:
+ env-cp15.c7_par = val;
We shouldn't be allowing the reserved and impdef bits
to be set here.
+ break;
+ case 8: {
+ uint32_t phys_addr;
+ target_ulong page_size;
+ int prot;
+ int ret, is_user;
+ int access_type;
+
+ switch (op2) {
+ case 0: /* priv read */
+ is_user = 0;
+ access_type = 0;
+ break;
+ case 1: /* priv write */
+ is_user = 0;
+ access_type = 1;
+ break;
+ case 2: /* user read */
+ is_user = 1;
+ access_type = 0;
+ break;
+ case 3: /* user write */
+ is_user = 1;
+ access_type = 1;
+ break;
+ default: /* 4-7 are only available with TZ */
+ goto bad_reg;
+ }
I think it would be cleaner to write:
access_type = op2 1;
is_user = op2 2;
other_sec_state = op2 4;
if (other_sec_state) {
/* Only supported with TrustZone */
goto bad_reg;
}
rather than have this big switch statement.
+ ret = get_phys_addr_v6(env, val, access_type, is_user,
+ phys_addr, prot, page_size);
This will do the wrong thing when the MMU is disabled,
and it doesn't account for the FSCE either. I think that
just using get_phys_addr() will fix both of these.
+ if (ret == 0) {
+ env-cp15.c7_par = phys_addr;
You need to mask out bits [11..0] of phys_addr here:
if the caller passed in a VA with them set then
get_phys_addr* will pass them back out to you again.
Also we ought ideally to be setting the various
attributes bits based on the TLB entry, although
I appreciate that since qemu doesn't currently do
any of that decoding it would be a bit tedious to
have to add it just for the benefit of VA-PA translation.
+ if (page_size TARGET_PAGE_SIZE)
+ env-cp15.c7_par |= 1 1;
This isn't correct: the SS bit should only be set if this
was a SuperSection, not for anything larger than a page.
(And if it is a SuperSection then the meaning of the
PAR PA field changes, which for us means that we
need to zero bits [23:12] since we don't support
32bit physaddrs.)
Also, coding style mandates braces.
+ } else {
+ env-cp15.c7_par = ret | 1;
This isn't quite right -- the return value from
get_phys_addr*() is in the same format as the
DFSR (eg with the domain in bits [7:4]), and
the PAR bits [6:1] should be the equivalent
of DFSR bits [12,10,3:0]. So you need a bit
of shifting and masking here.
@@ -1789,6 +1833,9 @@ uint32_t HELPER(get_cp15)(CPUState *env, uint32_t insn)
}
}
case 7: /* Cache control. */
+ if (crm == 4 op2 == 0) {
+ return env-cp15.c7_par;
+ }
Again, we want op1 == 0 as well.
-- PMM
Re: [Qemu-devel] [RFC][PATCH v6 00/23] virtagent: host/guest RPC communication agent
On 01/17/11 14:14, Michael Roth wrote: These patches apply to master (1-14-2011), and can also be obtained from: git://repo.or.cz/qemu/mdroth.git virtagent_v6 CHANGES IN V6: - Added a sentinel value to reliably detect the start of an http hdr. Used to skip past partially sent http content from previous sessions - Added http hdr tag (currently hardcoded for testing, will switch to uuid) to filter out valid-but-unexpected content in channel from previous sessions - Added timeout mechanism to avoid hanging monitor when agent isn't running - Added timed back-off on read's from a virtio-serial that result in ret=0 to avoid spinning if host isn't connected. - Added daemonize flags to qemu-va - Added sane defaults for channel type and virtio-serial port path - Various bug fixes for state machine/job handling logic Hi Michael, I was running some testing here of virtagent and demoing it to some of my colleagues and ran into a problem that raised an interesting question. My test system was an older Fedora 11 system, which meant I had to rebuild qemu, while I kept my test image and the qemu-va binary that I had built on a Fedora 14 system. What happened was that either due to the differences in platform, or maybe due to lag in updating the windows over vnc, agent commands would end up crashing qemu on the host. I am not sure whether this was due to timeouts or incompatibility of the libraries, however the question raised is whether it is good security wise to pull XMLRPC processing into QEMU this way? Instead maybe it would be better to move it out into it's own process that uses virtio-serial through QEMU for it's communication? In addition I think we need to consider a mechanism to make sure that the host and guest side are really compatible. Just a few things to consider. Cheers, Jes
Re: [Qemu-devel] [ANNOUNCE] QEMU 0.14.0-rc2 is available
Using 0.14.0-rc2 it looks like a SPICE pid file is left over in /dev/shm, ie spice.10005, after qemu closes.
Re: [Qemu-devel] [ANNOUNCE] QEMU 0.14.0-rc2 is available
On 02/16/2011 10:28 AM, Rick Vernam wrote: Using 0.14.0-rc2 it looks like a SPICE pid file is left over in /dev/shm, ie spice.10005, after qemu closes. I think that's coming from libspice, not QEMU. Regards, Anthony Liguori
Re: [Qemu-devel] [PATCH 2/2] target-arm: fix support for vrecpe.
On 16 February 2011 14:51, christophe.l...@st.com wrote:
Your corner case handling isn't quite right, I'm afraid.
float32 HELPER(recpe_f32)(float32 a, CPUState *env)
{
- float_status *s = env-vfp.fp_status;
- float32 one = int32_to_float32(1, s);
- return float32_div(one, a, s);
+ float_status *s = env-vfp.standard_fp_status;
+ float64 f64;
+ uint32_t val32 = float32_val(a);
+
+ int result_exp;
+ int a_exp = (val32 0x7F80) 23;
+ int sign = val32 0x8000;
+
+ if (float32_is_any_nan(a)) {
+ return float32_maybe_silence_nan(a);
This won't give the right answer for NaNs: we should be
returning the default NaN (since this is a Neon op
and uses the standard FPSCR value), but
maybe_silence_nan() will return the input NaN
with the QNaN bit set.
+ } else if (float32_is_infinity(a)) {
+ return float32_zero;
This will return +0 for an input of -inf, when
it should be -0.
+ } else if (float32_is_zero(a)) {
+ float_raise(float_flag_divbyzero, s);
+ return float32_infinity;
Return value for -0 should be -inf, not +inf.
Also you want the float32_is_zero_or_denormal()
function, since we know that denormals must be
flushed to zero (standard FPSCR again).
+ } else if (a_exp = 253) {
+ float_raise(float_flag_underflow, s);
+ return float32_zero;
The ARM ARM says underflows to zero of correct sign,
not always +0.
-- PMM
Re: [Qemu-devel] [ANNOUNCE] QEMU 0.14.0-rc2 is available
On 02/16/11 17:37, Anthony Liguori wrote: On 02/16/2011 10:28 AM, Rick Vernam wrote: Using 0.14.0-rc2 it looks like a SPICE pid file is left over in /dev/shm, ie spice.10005, after qemu closes. I think that's coming from libspice, not QEMU. Indeed. It isn't a pidfile, it is a shared memory segment where spice stores statistics. spice registers a cleanup handler via atexit() which removes this, so you should not see this unless qemu crashes and thus the atexit() handlers are not called. cheers, Gerd
Re: [Qemu-devel] [PATCH 1/2] softfloat: export float32_nan and float32_infinity.
On 16 February 2011 14:51, christophe.l...@st.com wrote: From: Christophe Lyon christophe.l...@st.com These two special values are needed to implement some helper functions, which return these values in some cases. This patch also moves the definitions of default_nan for 16, 64, x80 and 128 bits floats for consistency with float32. Your other patch only uses float32_infinity, not float32_nan or float32_default_nan, which renders a lot of this patch moot at the moment. +#define float32_nan float32_default_nan If we do need to expose NaN, we should just have callers use float32_default_nan, there's no need for this extra #define. -- PMM
Re: [Qemu-devel] [PATCH 1/2] softfloat: export float32_nan and float32_infinity.
On 16.02.2011 17:54, Peter Maydell wrote: On 16 February 2011 14:51, christophe.l...@st.com wrote: From: Christophe Lyon christophe.l...@st.com These two special values are needed to implement some helper functions, which return these values in some cases. This patch also moves the definitions of default_nan for 16, 64, x80 and 128 bits floats for consistency with float32. Your other patch only uses float32_infinity, not float32_nan or float32_default_nan, which renders a lot of this patch moot at the moment. Indeed, I have another patch for vrsqrte which does need float32_nan. +#define float32_nan float32_default_nan If we do need to expose NaN, we should just have callers use float32_default_nan, there's no need for this extra #define.
Re: [Qemu-devel] [ANNOUNCE] QEMU 0.14.0-rc2 is available
On 02/16/2011 10:52 AM, Gerd Hoffmann wrote: On 02/16/11 17:37, Anthony Liguori wrote: On 02/16/2011 10:28 AM, Rick Vernam wrote: Using 0.14.0-rc2 it looks like a SPICE pid file is left over in /dev/shm, ie spice.10005, after qemu closes. I think that's coming from libspice, not QEMU. Indeed. It isn't a pidfile, it is a shared memory segment where spice stores statistics. spice registers a cleanup handler via atexit() which removes this fork() with an inherited pipe and then waiting for EOF on the pipe() is a bit more robust of a mechanism to handle this. Regards, Anthony Liguori , so you should not see this unless qemu crashes and thus the atexit() handlers are not called. cheers, Gerd
Re: [Qemu-devel] [ANNOUNCE] QEMU 0.14.0-rc2 is available
Hi, Indeed. It isn't a pidfile, it is a shared memory segment where spice stores statistics. spice registers a cleanup handler via atexit() which removes this fork() with an inherited pipe and then waiting for EOF on the pipe() is a bit more robust of a mechanism to handle this. Feels a bit like overkill in that case though. The extra process doesn't come for free. We are talking about a shared memory segment with a single page only. It is leaked only on crashes. It can trivially be cleaned up manually if needed, just rm the file. cheers, Gerd
Re: [Qemu-devel] [ANNOUNCE] QEMU 0.14.0-rc2 is available
On 02/16/11 17:52, Gerd Hoffmann wrote: On 02/16/11 17:37, Anthony Liguori wrote: On 02/16/2011 10:28 AM, Rick Vernam wrote: Using 0.14.0-rc2 it looks like a SPICE pid file is left over in /dev/shm, ie spice.10005, after qemu closes. I think that's coming from libspice, not QEMU. Indeed. It isn't a pidfile, it is a shared memory segment where spice stores statistics. spice registers a cleanup handler via atexit() which removes this, so you should not see this unless qemu crashes and thus the atexit() handlers are not called. Oh, and for completeness: spice client creates such files with stats too. cheers, Gerd
Re: [Qemu-devel] [RFC][PATCH v6 00/23] virtagent: host/guest RPC communication agent
On 02/16/2011 10:04 AM, Jes Sorensen wrote: On 01/17/11 14:14, Michael Roth wrote: These patches apply to master (1-14-2011), and can also be obtained from: git://repo.or.cz/qemu/mdroth.git virtagent_v6 CHANGES IN V6: - Added a sentinel value to reliably detect the start of an http hdr. Used to skip past partially sent http content from previous sessions - Added http hdr tag (currently hardcoded for testing, will switch to uuid) to filter out valid-but-unexpected content in channel from previous sessions - Added timeout mechanism to avoid hanging monitor when agent isn't running - Added timed back-off on read's from a virtio-serial that result in ret=0 to avoid spinning if host isn't connected. - Added daemonize flags to qemu-va - Added sane defaults for channel type and virtio-serial port path - Various bug fixes for state machine/job handling logic Hi Michael, I was running some testing here of virtagent and demoing it to some of my colleagues and ran into a problem that raised an interesting question. My test system was an older Fedora 11 system, which meant I had to rebuild qemu, while I kept my test image and the qemu-va binary that I had built on a Fedora 14 system. What happened was that either due to the differences in platform, or maybe due to lag in updating the windows over vnc, agent commands would end up crashing qemu on the host. I am not sure whether this was due to timeouts or incompatibility of the libraries, however the question raised is whether it is good security wise to pull XMLRPC processing into QEMU this way? Instead maybe it would be better to move it out into it's own process that uses virtio-serial through QEMU for it's communication? In addition I think we need to consider a mechanism to make sure that the host and guest side are really compatible. Just a few things to consider. Cheers, Jes Resending due to mail delivery failure: Hi Jes, We've seen similar behavior. I think it comes down to qemu-va being linked against shared objects in the host that don't necessarily coincide with what's in the guest. It's somewhat misleading that we currently build qemu-va along with the binary, since qemu-va is not meant to be used on the host, and the version built on the host is not meant to be used in the guest. Really the guest binary, qemu-va, should be built in a proper build environment for that particular guest. Long term it may make sense to have a guest-utils target that isn't part of the normal host-build process to reflect binaries with these kinds of requirements. For now I think we'll may just end up removing qemu-va from the default make target, and only build it explicitly with make qemu-va. Thanks, Mike P.S. Hoping to have the execute-RPCs-in-seperate-threads work done soon so we can get back to integrating your patches.
[Qemu-devel] [PATCH v3 0/3] ARM: fix Neon vrecpe and vrsqrte instructions.
From: Christophe Lyon christophe.l...@st.com These 3 patches fix the ARM Neon vrecpe and vrsqrte instructions by matching the algorithms descibed in the ARM ARM. With these patches, qemu passes my ARM/Neon tests. Patch #1 modifies softfloat by exporting float32_default_nan and float32_infinity. For consistency, I have also moved all the target-dependent definitions of floatXX_default_nan to softfloat.h (ie the 16, 64, x80 and 128 bits versions in addition to the 32 bits ones). It also adds float32_set_sign() to help return the right special values (-0, -infinity). Patch #2 uses these newly exported values and uses the vrecpe algorithm described in the ARM ARM. Patch #3 uses these newly exported values and uses the vrsqrte algorithm described in the ARM ARM. Christophe Lyon (3): softfloat: export float32_default_nan, and float32_infinity. Add float32_set_sign(). target-arm: fix support for vrecpe. target-arm: fix support for vrsqrte. fpu/softfloat-specialize.h | 68 --- fpu/softfloat.h| 75 target-arm/helper.c| 206 +++- 3 files changed, 259 insertions(+), 90 deletions(-) -- 1.7.2.3
[Qemu-devel] [PATCH 1/3] softfloat: export float32_default_nan, and float32_infinity. Add float32_set_sign().
From: Christophe Lyon christophe.l...@st.com
These special values are needed to implement some helper functions,
which return these values in some cases.
This patch also moves the definitions of default_nan for 16, 64, x80
and 128 bits floats for consistency with float32.
Signed-off-by: Christophe Lyon christophe.l...@st.com
---
fpu/softfloat-specialize.h | 68 ---
fpu/softfloat.h| 75
2 files changed, 75 insertions(+), 68 deletions(-)
diff --git a/fpu/softfloat-specialize.h b/fpu/softfloat-specialize.h
index 2d025bf..adc5ada 100644
--- a/fpu/softfloat-specialize.h
+++ b/fpu/softfloat-specialize.h
@@ -30,12 +30,6 @@ these four paragraphs for those parts of this code that are
retained.
=*/
-#if defined(TARGET_MIPS) || defined(TARGET_SH4)
-#define SNAN_BIT_IS_ONE1
-#else
-#define SNAN_BIT_IS_ONE0
-#endif
-
/*
| Raises the exceptions specified by `flags'. Floating-point traps can be
| defined here if desired. It is currently not possible for such a trap
@@ -57,17 +51,6 @@ typedef struct {
} commonNaNT;
/*
-| The pattern for a default generated half-precision NaN.
-**/
-#if defined(TARGET_ARM)
-#define float16_default_nan make_float16(0x7E00)
-#elif SNAN_BIT_IS_ONE
-#define float16_default_nan make_float16(0x7DFF)
-#else
-#define float16_default_nan make_float16(0xFE00)
-#endif
-
-/*
| Returns 1 if the half-precision floating-point value `a' is a quiet
| NaN; otherwise returns 0.
**/
@@ -158,19 +141,6 @@ static float16 commonNaNToFloat16(commonNaNT a
STATUS_PARAM)
}
/*
-| The pattern for a default generated single-precision NaN.
-**/
-#if defined(TARGET_SPARC)
-#define float32_default_nan make_float32(0x7FFF)
-#elif defined(TARGET_PPC) || defined(TARGET_ARM) || defined(TARGET_ALPHA)
-#define float32_default_nan make_float32(0x7FC0)
-#elif SNAN_BIT_IS_ONE
-#define float32_default_nan make_float32(0x7FBF)
-#else
-#define float32_default_nan make_float32(0xFFC0)
-#endif
-
-/*
| Returns 1 if the single-precision floating-point value `a' is a quiet
| NaN; otherwise returns 0.
**/
@@ -413,19 +383,6 @@ static float32 propagateFloat32NaN( float32 a, float32 b
STATUS_PARAM)
}
/*
-| The pattern for a default generated double-precision NaN.
-**/
-#if defined(TARGET_SPARC)
-#define float64_default_nan make_float64(LIT64( 0x7FFF ))
-#elif defined(TARGET_PPC) || defined(TARGET_ARM) || defined(TARGET_ALPHA)
-#define float64_default_nan make_float64(LIT64( 0x7FF8 ))
-#elif SNAN_BIT_IS_ONE
-#define float64_default_nan make_float64(LIT64( 0x7FF7 ))
-#else
-#define float64_default_nan make_float64(LIT64( 0xFFF8 ))
-#endif
-
-/*
| Returns 1 if the double-precision floating-point value `a' is a quiet
| NaN; otherwise returns 0.
**/
@@ -564,19 +521,6 @@ static float64 propagateFloat64NaN( float64 a, float64 b
STATUS_PARAM)
#ifdef FLOATX80
/*
-| The pattern for a default generated extended double-precision NaN. The
-| `high' and `low' values hold the most- and least-significant bits,
-| respectively.
-**/
-#if SNAN_BIT_IS_ONE
-#define floatx80_default_nan_high 0x7FFF
-#define floatx80_default_nan_low LIT64( 0xBFFF )
-#else
-#define floatx80_default_nan_high 0x
-#define floatx80_default_nan_low LIT64( 0xC000 )
-#endif
-
-/*
| Returns 1 if the extended double-precision floating-point value `a' is a
| quiet NaN; otherwise returns 0. This slightly differs from the same
| function for other types as floatx80 has an explicit bit.
@@ -728,18 +672,6 @@ static floatx80 propagateFloatx80NaN( floatx80 a,
[Qemu-devel] [PATCH 3/3] target-arm: fix support for vrsqrte.
From: Christophe Lyon christophe.l...@st.com
Now use the same algorithm as described in the ARM ARM.
Signed-off-by: Christophe Lyon christophe.l...@st.com
---
target-arm/helper.c | 122 ++
1 files changed, 112 insertions(+), 10 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 7751d21..f0f2231 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2751,11 +2751,105 @@ float32 HELPER(recpe_f32)(float32 a, CPUState *env)
return make_float32(val32);
}
+/* The algorithm that must be used to calculate the estimate
+ * is specified by the ARM ARM.
+ */
+static float64 recip_sqrt_estimate(float64 a, CPUState *env)
+{
+float_status *s = env-vfp.standard_fp_status;
+float64 one = int64_to_float64(1, s);
+float64 half = float64_div(one, int64_to_float64(2, s), s);
+float64 x256 = int64_to_float64(256, s);
+float64 q;
+int64_t q_int;
+
+if (float64_lt(a, half, s)) {
+/* range 0.25 = a 0.5 */
+
+/* a in units of 1/512 rounded down */
+/* q0 = (int)(a * 512.0); */
+float64 x512 = int64_to_float64(512, s);
+q = float64_mul(x512, a, s);
+q_int = float64_to_int64_round_to_zero(q, s);
+
+/* reciprocal root r */
+/* r = 1.0 / sqrt(((double)q0 + 0.5) / 512.0); */
+q = int64_to_float64(q_int, s);
+q = float64_add(q, half, s);
+q = float64_div(q, x512, s);
+q = float64_sqrt(q, s);
+q = float64_div(one, q, s);
+} else {
+/* range 0.5 = a 1.0 */
+
+/* a in units of 1/256 rounded down */
+/* q1 = (int)(a * 256.0); */
+q = float64_mul(x256, a, s);
+int64_t q_int = float64_to_int64_round_to_zero(q, s);
+
+/* reciprocal root r */
+/* r = 1.0 /sqrt(((double)q1 + 0.5) / 256); */
+q = int64_to_float64(q_int, s);
+q = float64_add(q, half, s);
+q = float64_div(q, x256, s);
+q = float64_sqrt(q, s);
+q = float64_div(one, q, s);
+}
+/* r in units of 1/256 rounded to nearest */
+/* s = (int)(256.0 * r + 0.5); */
+
+q = float64_mul(q, x256,s );
+q = float64_add(q, half, s);
+q_int = float64_to_int64_round_to_zero(q, s);
+
+/* return (double)s / 256.0;*/
+return float64_div(int64_to_float64(q_int, s), x256, s);
+}
+
float32 HELPER(rsqrte_f32)(float32 a, CPUState *env)
{
-float_status *s = env-vfp.fp_status;
-float32 one = int32_to_float32(1, s);
-return float32_div(one, float32_sqrt(a, s), s);
+float_status *s = env-vfp.standard_fp_status;
+int result_exp;
+float64 f64;
+int32_t val;
+int64_t val64;
+
+val = float32_val(a);
+
+if (float32_is_any_nan(a)) {
+return float32_default_nan;
+} else if (float32_is_zero(a)) {
+float_raise(float_flag_divbyzero, s);
+return float32_set_sign(float32_infinity, float32_is_neg(a));
+} else if (val 0) {
+float_raise(float_flag_invalid, s);
+return float32_default_nan;
+} else if (float32_is_infinity(a)) {
+return float32_zero;
+}
+
+/* Normalize to a double-precision value between 0.25 and 1.0,
+ * preserving the parity of the exponent. */
+if ((val 0x80) == 0) {
+f64 = make_float64(((uint64_t)(val 0x8000) 32)
+ | (0x3feULL 52)
+ | ((uint64_t)(val 0x7ff) 29));
+} else {
+f64 = make_float64(((uint64_t)(val 0x8000) 32)
+ | (0x3fdULL 52)
+ | ((uint64_t)(val 0x7ff) 29));
+}
+
+result_exp = (380 - ((val 0x7f80) 23)) / 2;
+
+f64 = recip_sqrt_estimate(f64, env);
+
+val64 = float64_val(f64);
+
+val = ((val64 63) 0x8000)
+| ((result_exp 0xff) 23)
+| ((val64 29) 0x7f);
+return make_float32(val);
}
uint32_t HELPER(recpe_u32)(uint32_t a, CPUState *env)
@@ -2776,13 +2870,21 @@ uint32_t HELPER(recpe_u32)(uint32_t a, CPUState *env)
uint32_t HELPER(rsqrte_u32)(uint32_t a, CPUState *env)
{
-float_status *s = env-vfp.fp_status;
-float32 tmp;
-tmp = int32_to_float32(a, s);
-tmp = float32_scalbn(tmp, -32, s);
-tmp = helper_rsqrte_f32(tmp, env);
-tmp = float32_scalbn(tmp, 31, s);
-return float32_to_int32(tmp, s);
+float64 f64;
+
+if ((a 0xc000) == 0) return 0x;
+
+if (a 0x8000) {
+f64 = make_float64((0x3feULL 52)
+ | ((uint64_t)(a 0x7fff) 21));
+} else { /* bits 31-30 == '01' */
+f64 = make_float64((0x3fdULL 52)
+ | ((uint64_t)(a 0x3fff) 22));
+}
+
+f64 = recip_sqrt_estimate(f64, env);
+
+return 0x8000 | ((float64_val(f64) 21) 0x7fff);
}
void HELPER(set_teecr)(CPUState *env, uint32_t val)
--
1.7.2.3
[Qemu-devel] [PATCH 2/3] target-arm: fix support for vrecpe.
From: Christophe Lyon christophe.l...@st.com
Now use the same algorithm as described in the ARM ARM.
Signed-off-by: Christophe Lyon christophe.l...@st.com
---
target-arm/helper.c | 84 +++---
1 files changed, 72 insertions(+), 12 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 7f63a28..7751d21 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2687,13 +2687,68 @@ float32 HELPER(rsqrts_f32)(float32 a, float32 b,
CPUState *env)
/* NEON helpers. */
-/* TODO: The architecture specifies the value that the estimate functions
- should return. We return the exact reciprocal/root instead. */
+/* The algorithm that must be used to calculate the estimate
+ * is specified by the ARM ARM.
+ */
+static float64 recip_estimate(float64 a, CPUState *env)
+{
+float_status *s = env-vfp.standard_fp_status;
+float64 one = int64_to_float64(1, s);
+/* q = (int)(a * 512.0) */
+float64 x512 = int64_to_float64(512, s);
+float64 q = float64_mul(x512, a, s);
+int64_t q_int = float64_to_int64_round_to_zero(q, s);
+
+/* r = 1.0 / (((double)q + 0.5) / 512.0) */
+q = int64_to_float64(q_int, s);
+float64 half = float64_div(one, int64_to_float64(2, s), s);
+q = float64_add(q, half, s);
+q = float64_div(q, x512, s);
+q = float64_div(one, q, s);
+
+/* s = (int)(256.0 * r + 0.5) */
+float64 x256 = int64_to_float64(256, s);
+q = float64_mul(q, x256, s);
+q = float64_add(q, half, s);
+q_int = float64_to_int64_round_to_zero(q, s);
+
+/* return (double)s / 256.0 */
+return float64_div(int64_to_float64(q_int, s), x256, s);
+}
+
float32 HELPER(recpe_f32)(float32 a, CPUState *env)
{
-float_status *s = env-vfp.fp_status;
-float32 one = int32_to_float32(1, s);
-return float32_div(one, a, s);
+float_status *s = env-vfp.standard_fp_status;
+float64 f64;
+uint32_t val32 = float32_val(a);
+
+int result_exp;
+int a_exp = (val32 0x7f80) 23;
+int sign = val32 0x8000;
+
+if (float32_is_any_nan(a)) {
+return float32_default_nan;
+} else if (float32_is_infinity(a)) {
+return float32_set_sign(float32_zero, float32_is_neg(a));
+} else if (float32_is_zero_or_denormal(a)) {
+float_raise(float_flag_divbyzero, s);
+return float32_set_sign(float32_infinity, float32_is_neg(a));
+} else if (a_exp = 253) {
+float_raise(float_flag_underflow, s);
+return float32_set_sign(float32_zero, float32_is_neg(a));
+}
+
+f64 = make_float64((0x3feULL 52)
+ | ((int64_t)(val32 0x7f) 29));
+
+result_exp = 253 - a_exp;
+
+f64 = recip_estimate(f64, env);
+
+val32 = sign
+| ((result_exp 0xff) 23)
+| ((float64_val(f64) 29) 0x7f);
+return make_float32(val32);
}
float32 HELPER(rsqrte_f32)(float32 a, CPUState *env)
@@ -2705,13 +2760,18 @@ float32 HELPER(rsqrte_f32)(float32 a, CPUState *env)
uint32_t HELPER(recpe_u32)(uint32_t a, CPUState *env)
{
-float_status *s = env-vfp.fp_status;
-float32 tmp;
-tmp = int32_to_float32(a, s);
-tmp = float32_scalbn(tmp, -32, s);
-tmp = helper_recpe_f32(tmp, env);
-tmp = float32_scalbn(tmp, 31, s);
-return float32_to_int32(tmp, s);
+float64 f64;
+
+if ((a 0x8000) == 0) {
+return 0x;
+}
+
+f64 = make_float64((0x3feULL 52)
+ | ((int64_t)(a 0x7fff) 21));
+
+f64 = recip_estimate (f64, env);
+
+return 0x8000 | ((float64_val(f64) 21) 0x7fff);
}
uint32_t HELPER(rsqrte_u32)(uint32_t a, CPUState *env)
--
1.7.2.3
[Qemu-devel] [PATCH] vnc: Fix fatal crash with vnc reverse mode
Reverse mode is unusable:
qemu -vnc localhost:5500,reverse
crashes in vnc_refresh_server_surface because some pointers are NULL.
Fix this by calling vnc_dpy_resize (which initializes these pointers)
before calling vnc_refresh.
Cc: Anthony Liguori aligu...@us.ibm.com
Signed-off-by: Stefan Weil w...@mail.berlios.de
---
ui/vnc.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index da83adf..096b5f3 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -2349,6 +2349,7 @@ static void vnc_init_timer(VncDisplay *vd)
vd-timer_interval = VNC_REFRESH_INTERVAL_BASE;
if (vd-timer == NULL !QTAILQ_EMPTY(vd-clients)) {
vd-timer = qemu_new_timer(rt_clock, vnc_refresh, vd);
+vnc_dpy_resize(vd-ds);
vnc_refresh(vd);
}
}
--
1.7.2.3
[Qemu-devel] Re: [PATCH] Fix trivial endianness bugs
Am 24.01.2011 19:04, schrieb Stefan Weil:
Replace endianess - endianness.
Signed-off-by: Stefan Weilw...@mail.berlios.de
---
audio/sdlaudio.c | 20 ++--
block/vdi.c |4 ++--
hw/xilinx_ethlite.c |2 +-
target-microblaze/translate.c |2 +-
target-mips/cpu.h |2 +-
usb-bsd.c |2 +-
6 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/audio/sdlaudio.c b/audio/sdlaudio.c
index b74dcfa..04fb9f4 100644
--- a/audio/sdlaudio.c
+++ b/audio/sdlaudio.c
@@ -139,36 +139,36 @@ static int aud_to_sdlfmt (audfmt_e fmt)
}
}
-static int sdl_to_audfmt (int sdlfmt, audfmt_e *fmt, int *endianess)
+static int sdl_to_audfmt (int sdlfmt, audfmt_e *fmt, int *endianness)
{
switch (sdlfmt) {
case AUDIO_S8:
-*endianess = 0;
+*endianness = 0;
*fmt = AUD_FMT_S8;
break;
case AUDIO_U8:
-*endianess = 0;
+*endianness = 0;
*fmt = AUD_FMT_U8;
break;
case AUDIO_S16LSB:
-*endianess = 0;
+*endianness = 0;
*fmt = AUD_FMT_S16;
break;
case AUDIO_U16LSB:
-*endianess = 0;
+*endianness = 0;
*fmt = AUD_FMT_U16;
break;
case AUDIO_S16MSB:
-*endianess = 1;
+*endianness = 1;
*fmt = AUD_FMT_S16;
break;
case AUDIO_U16MSB:
-*endianess = 1;
+*endianness = 1;
*fmt = AUD_FMT_U16;
break;
@@ -338,7 +338,7 @@ static int sdl_init_out (HWVoiceOut *hw, struct audsettings
*as)
SDLVoiceOut *sdl = (SDLVoiceOut *) hw;
SDLAudioState *s =glob_sdl;
SDL_AudioSpec req, obt;
-int endianess;
+int endianness;
int err;
audfmt_e effective_fmt;
struct audsettings obt_as;
@@ -354,7 +354,7 @@ static int sdl_init_out (HWVoiceOut *hw, struct audsettings
*as)
return -1;
}
-err = sdl_to_audfmt (obt.format,effective_fmt,endianess);
+err = sdl_to_audfmt (obt.format,effective_fmt,endianness);
if (err) {
sdl_close (s);
return -1;
@@ -363,7 +363,7 @@ static int sdl_init_out (HWVoiceOut *hw, struct audsettings
*as)
obt_as.freq = obt.freq;
obt_as.nchannels = obt.channels;
obt_as.fmt = effective_fmt;
-obt_as.endianness = endianess;
+obt_as.endianness = endianness;
audio_pcm_init_info (hw-info,obt_as);
hw-samples = obt.samples;
diff --git a/block/vdi.c b/block/vdi.c
index ab8f70f..83b9c04 100644
--- a/block/vdi.c
+++ b/block/vdi.c
@@ -113,7 +113,7 @@ void uuid_unparse(const uuid_t uu, char *out);
*/
#define VDI_TEXT QEMU VM Virtual Disk Image\n
-/* Unallocated blocks use this index (no need to convert endianess). */
+/* Unallocated blocks use this index (no need to convert endianness). */
#define VDI_UNALLOCATED UINT32_MAX
#if !defined(CONFIG_UUID)
@@ -194,7 +194,7 @@ typedef struct {
uint32_t block_sectors;
/* First sector of block map. */
uint32_t bmap_sector;
-/* VDI header (converted to host endianess). */
+/* VDI header (converted to host endianness). */
VdiHeader header;
} BDRVVdiState;
diff --git a/hw/xilinx_ethlite.c b/hw/xilinx_ethlite.c
index 54b57d7..a6bd4e5 100644
--- a/hw/xilinx_ethlite.c
+++ b/hw/xilinx_ethlite.c
@@ -186,7 +186,7 @@ static ssize_t eth_rx(VLANClientState *nc, const uint8_t
*buf, size_t size)
D(qemu_log(%s %d rxbase=%x\n, __func__, size, rxbase));
memcpy(s-regs[rxbase + R_RX_BUF0], buf, size);
-/* Bring it into host endianess. */
+/* Bring it into host endianness. */
for (i = 0; i ((size + 3) / 4); i++) {
uint32_t d = s-regs[rxbase + R_RX_BUF0 + i];
s-regs[rxbase + R_RX_BUF0 + i] = be32_to_cpu(d);
diff --git a/target-microblaze/translate.c b/target-microblaze/translate.c
index 2207431..87d2a36 100644
--- a/target-microblaze/translate.c
+++ b/target-microblaze/translate.c
@@ -923,7 +923,7 @@ static void dec_load(DisasContext *dc)
/*
* When doing reverse accesses we need to do two things.
*
- * 1. Reverse the address wrt endianess.
+ * 1. Reverse the address wrt endianness.
* 2. Byteswap the data lanes on the way back into the CPU core.
*/
if (rev size != 4) {
diff --git a/target-mips/cpu.h b/target-mips/cpu.h
index 2419aa9..0b98d10 100644
--- a/target-mips/cpu.h
+++ b/target-mips/cpu.h
@@ -63,7 +63,7 @@ union fpr_t {
uint32_t w[2]; /* binary single fixed-point */
};
/* define FP_ENDIAN_IDX to access the same location
- * in the fpr_t union regardless of the host endianess
+ * in the fpr_t union regardless of the host endianness
*/
#if defined(HOST_WORDS_BIGENDIAN)
# define FP_ENDIAN_IDX 1
diff --git a/usb-bsd.c b/usb-bsd.c
index abcb60c..e561e1f 100644
--- a/usb-bsd.c
+++ b/usb-bsd.c
@@ -464,7 +464,7 @@ static int usb_host_scan(void *opaque, USBScanFunc *func)
[Qemu-devel] Re: [PATCH] vnc: Fix fatal crash with vnc reverse mode
On 02/16/2011 01:48 PM, Stefan Weil wrote:
Reverse mode is unusable:
qemu -vnc localhost:5500,reverse
crashes in vnc_refresh_server_surface because some pointers are NULL.
Fix this by calling vnc_dpy_resize (which initializes these pointers)
before calling vnc_refresh.
Cc: Anthony Liguorialigu...@us.ibm.com
Signed-off-by: Stefan Weilw...@mail.berlios.de
Nice catch!
Regards,
Anthony Liguori
---
ui/vnc.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index da83adf..096b5f3 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -2349,6 +2349,7 @@ static void vnc_init_timer(VncDisplay *vd)
vd-timer_interval = VNC_REFRESH_INTERVAL_BASE;
if (vd-timer == NULL !QTAILQ_EMPTY(vd-clients)) {
vd-timer = qemu_new_timer(rt_clock, vnc_refresh, vd);
+vnc_dpy_resize(vd-ds);
vnc_refresh(vd);
}
}
Re: [Qemu-devel] [PING 0.14] Missing patches (mostly fixes)
Am 04.02.2011 16:27, schrieb Markus Armbruster: Anthony Liguorianth...@codemonkey.ws writes: On 02/02/2011 01:28 PM, Stefan Weil wrote: [...] [PATCH 1/3] tests: Fix two memory leaks (http://patchwork.ozlabs.org/patch/79945/) [PATCH 2/3] check-qdict: Fix possible crash (http://patchwork.ozlabs.org/patch/79946/) Luiz I wouldn't bother with the second one for 0.14. Yes, we're reading lines from a file with %s, but it's a fixed file with known contents, no long lines, and we're reading it in a test program only developers ever use. As to the first one, Luiz has never touched that file. Neither have I, and it's not obvious to me why it should go into 0.14. [...] Ack for qemu master then?
Re: [Qemu-devel] [PING 0.14] Missing patches (mostly fixes)
Stefan Weil w...@mail.berlios.de writes: Am 04.02.2011 16:27, schrieb Markus Armbruster: Anthony Liguorianth...@codemonkey.ws writes: On 02/02/2011 01:28 PM, Stefan Weil wrote: [...] [PATCH 1/3] tests: Fix two memory leaks (http://patchwork.ozlabs.org/patch/79945/) [PATCH 2/3] check-qdict: Fix possible crash (http://patchwork.ozlabs.org/patch/79946/) Luiz I wouldn't bother with the second one for 0.14. Yes, we're reading lines from a file with %s, but it's a fixed file with known contents, no long lines, and we're reading it in a test program only developers ever use. As to the first one, Luiz has never touched that file. Neither have I, and it's not obvious to me why it should go into 0.14. [...] Ack for qemu master then? I wouldn't bother myself, but I won't object, either.
[Qemu-devel] qemu crashes since today
Qemu is crashing for me. Bisecting the code I found this here as the reason. Stepping one commit further into the past does not cause the crash. 6792a57bf19ab37f61f5acf0f8e3003cf08814af is the first bad commit commit 6792a57bf19ab37f61f5acf0f8e3003cf08814af Author: Jan Kiszka jan.kis...@siemens.com Date: Mon Feb 7 12:19:18 2011 +0100 I get crashes while booting FC14 on a FC14 host, both 64bit. Host running 2.6.35.11-83.fc14 . Crashes typically happen when udev has stared in the guest. This is the command line I was using: ./x86_64-softmmu/qemu-system-x86_64 \ -hda ~images/fc14-x86_64.img \ -m 2048 \ -enable-kvm \ -boot menu=on \ -chardev stdio,id=seabios \ -device isa-debugcon,iobase=0x402,chardev=seabios Regards, Stefan
[Qemu-devel] Re: qemu crashes since today
On 2011-02-16 23:18, Stefan Berger wrote: Qemu is crashing for me. Bisecting the code I found this here as the reason. Stepping one commit further into the past does not cause the crash. 6792a57bf19ab37f61f5acf0f8e3003cf08814af is the first bad commit commit 6792a57bf19ab37f61f5acf0f8e3003cf08814af Author: Jan Kiszka jan.kis...@siemens.com Date: Mon Feb 7 12:19:18 2011 +0100 I get crashes while booting FC14 on a FC14 host, both 64bit. Host running 2.6.35.11-83.fc14 . Crashes typically happen when udev has stared in the guest. This is the command line I was using: ./x86_64-softmmu/qemu-system-x86_64 \ -hda ~images/fc14-x86_64.img \ -m 2048 \ -enable-kvm \ -boot menu=on \ -chardev stdio,id=seabios \ -device isa-debugcon,iobase=0x402,chardev=seabios With our without --enable-io-thread? How does the crash look like, specifically when caught by gdb (backtrace, variable states)? Jan signature.asc Description: OpenPGP digital signature
Re: [Qemu-devel] [PATCHv2 0/3] e1000: multi-buffer packet support
On Tue, 2011-02-15 at 18:27 +0200, Michael S. Tsirkin wrote: e1000 supports multi-buffer packets larger than rxbuf_size. This fixes the following (on linux): - in guest: ifconfig eth1 mtu 16110 - in host: ifconfig tap0 mtu 16110 ping -s 16082 guest-ip Red Hat bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=602205 Changes from v1: fix buffer overflow reported by Kevin added a patch to fix EOP spec violation reported by Juan added a patch to fix spec violation noted by myself Michael S. Tsirkin (3): e1000: multi-buffer packet support e1000: clear EOP for multi-buffer descriptors e1000: verify we have buffers, upfront hw/e1000.c | 61 +++ 1 files changed, 48 insertions(+), 13 deletions(-) Acked-by: Alex Williamson alex.william...@redhat.com
[Qemu-devel] GSOC 2011
Hi all, I have proposed an idea of GSOC 2011 about adding KVM support to MIPS architecture. I have solid experience on MIPS architecture and familiar with qemu. I am very interested in this project. According to the GSOC, there should be a mentor to each participating project. Is there anyone interested to be the mentor of this project? I would be honored to work with you. Thanks Regards -- yajin
Re: [Qemu-devel] Re: qemu crashes since today
On 02/16/2011 05:45 PM, Jan Kiszka wrote: On 2011-02-16 23:18, Stefan Berger wrote: Qemu is crashing for me. Bisecting the code I found this here as the reason. Stepping one commit further into the past does not cause the crash. 6792a57bf19ab37f61f5acf0f8e3003cf08814af is the first bad commit commit 6792a57bf19ab37f61f5acf0f8e3003cf08814af Author: Jan Kiszkajan.kis...@siemens.com Date: Mon Feb 7 12:19:18 2011 +0100 I get crashes while booting FC14 on a FC14 host, both 64bit. Host running 2.6.35.11-83.fc14 . Crashes typically happen when udev has stared in the guest. This is the command line I was using: ./x86_64-softmmu/qemu-system-x86_64 \ -hda ~images/fc14-x86_64.img \ -m 2048 \ -enable-kvm \ -boot menu=on \ -chardev stdio,id=seabios \ -device isa-debugcon,iobase=0x402,chardev=seabios With our without --enable-io-thread? How does the crash look like, specifically when caught by gdb (backtrace, variable states)? ./configure --target-list=x86_64-softmmu --enable-kvm the backtrace: Booting from Hard Disk... Booting from :7c00 [New Thread 0x7fff51244700 (LWP 28825)] *** stack smashing detected ***: /home/stefanb/qemu/qemu-git/x86_64-softmmu/qemu -system-x86_64 terminated Program received signal SIGSEGV, Segmentation fault. 0x003883a0f09c in ?? () from /lib64/libgcc_s.so.1 (gdb) thread apply all bt Thread 2 (Thread 0x7fff51244700 (LWP 28825)): #0 0x779c571e in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 #1 0x0043b1eb in cond_timedwait (unused=value optimized out) at posix-aio-compat.c:104 #2 aio_thread (unused=value optimized out) at posix-aio-compat.c:325 #3 0x779c0ccb in start_thread () from /lib64/libpthread.so.0 #4 0x76a2cc2d in clone () from /lib64/libc.so.6 Thread 1 (Thread 0x77fc8820 (LWP 28818)): #0 0x003883a0f09c in ?? () from /lib64/libgcc_s.so.1 #1 0x003883a0fc59 in _Unwind_Backtrace () from /lib64/libgcc_s.so.1 #2 0x76a42520 in backtrace () from /lib64/libc.so.6 #3 0x769bbd0f in __libc_message () from /lib64/libc.so.6 #4 0x76a46127 in __fortify_fail () from /lib64/libc.so.6 #5 0x76a460f0 in __stack_chk_fail () from /lib64/libc.so.6 #6 0x0042c669 in kvm_cpu_exec (env=0x1179310) at /home/stefanb/qemu/qemu-git/kvm-all.c:1005 #7 0x0001 in ?? () #8 0x0040bc18 in cpu_exec_all () at /home/stefanb/qemu/qemu-git/cpus.c:1097 #9 0x0056d914 in main_loop (argc=value optimized out, argv=value optimized out, envp=value optimized out) at /home/stefanb/qemu/qemu-git/vl.c:1429 #10 main (argc=value optimized out, argv=value optimized out, envp=value optimized out) at /home/stefanb/qemu/qemu-git/vl.c:3148 I have previously seen another backtrace, but having tried this now 5 times, this one keeps on coming back. This is one that I have seen previously: Program received signal SIGSEGV, Segmentation fault. 0x01181345 in ?? () (gdb) bt #0 0x01181345 in ?? () #1 0x00564d58 in load_segment (selector1=value optimized out) at /home/stefanb/qemu/qemu-git/target-i386/op_helper.c:149 #2 helper_verw (selector1=value optimized out) at /home/stefanb/qemu/qemu-git/target-i386/op_helper.c:3411 #3 0x in ?? () I hope this helps... Regards, Stefan
[Qemu-devel] Custom bootrom support for omap platform
Good day! I'm working on support early debug of omap platform in qemu. Right now i'm succesfully added support for loading custom bootrom from file (like an -bios and -L options for PC) But i'm have problems, bcoz omap3 have bootrom at two places: at 0x40014000 and at 0x14000 So, when i'm allocating bootrom I'm also need copy it at new place. I'm using this code: http://pastebin.com/nEZEbcxB And see that 0x14000 region only filled by zeroes. see logs of qemu trace: http://pastebin.com/4GPzKXn7 and http://pastebin.com/wnZ5wMUv so bx r3 insruction jumping to 0x14748, which contain only zeroes :( Where i'm have error in the code? What i'm need to change? Best regards, Anton Kochkov.
[Qemu-devel] Custom bootrom support for omap platform
Best regards, Anton Kochkov. Good day! I'm working on support early debug of omap platform in qemu. Right now i'm succesfully added support for loading custom bootrom from file (like an -bios and -L options for PC) But i'm have problems, bcoz omap3 have bootrom at two places: at 0x40014000 and at 0x14000 So, when i'm allocating bootrom I'm also need copy it at new place. I'm using this code: http://pastebin.com/nEZEbcxB And see that 0x14000 region only filled by zeroes. see logs of qemu trace: http://pastebin.com/4GPzKXn7 and http://pastebin.com/wnZ5wMUv so bx r3 insruction jumping to 0x14748, which contain only zeroes :( Where i'm have error in the code? What i'm need to change? Best regards, Anton Kochkov.
Re: [Qemu-devel] Re: qemu crashes since today
On 02/16/2011 07:35 PM, Stefan Berger wrote: On 02/16/2011 05:45 PM, Jan Kiszka wrote: On 2011-02-16 23:18, Stefan Berger wrote: Qemu is crashing for me. Bisecting the code I found this here as the reason. Stepping one commit further into the past does not cause the crash. 6792a57bf19ab37f61f5acf0f8e3003cf08814af is the first bad commit commit 6792a57bf19ab37f61f5acf0f8e3003cf08814af Author: Jan Kiszkajan.kis...@siemens.com Date: Mon Feb 7 12:19:18 2011 +0100 I get crashes while booting FC14 on a FC14 host, both 64bit. Host running 2.6.35.11-83.fc14 . Crashes typically happen when udev has stared in the guest. This is the command line I was using: ./x86_64-softmmu/qemu-system-x86_64 \ -hda ~images/fc14-x86_64.img \ -m 2048 \ -enable-kvm \ -boot menu=on \ -chardev stdio,id=seabios \ -device isa-debugcon,iobase=0x402,chardev=seabios With our without --enable-io-thread? How does the crash look like, specifically when caught by gdb (backtrace, variable states)? ./configure --target-list=x86_64-softmmu --enable-kvm the backtrace: Booting from Hard Disk... Booting from :7c00 [New Thread 0x7fff51244700 (LWP 28825)] *** stack smashing detected ***: /home/stefanb/qemu/qemu-git/x86_64-softmmu/qemu -system-x86_64 terminated Program received signal SIGSEGV, Segmentation fault. 0x003883a0f09c in ?? () from /lib64/libgcc_s.so.1 (gdb) thread apply all bt Thread 2 (Thread 0x7fff51244700 (LWP 28825)): #0 0x779c571e in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 #1 0x0043b1eb in cond_timedwait (unused=value optimized out) at posix-aio-compat.c:104 #2 aio_thread (unused=value optimized out) at posix-aio-compat.c:325 #3 0x779c0ccb in start_thread () from /lib64/libpthread.so.0 #4 0x76a2cc2d in clone () from /lib64/libc.so.6 Thread 1 (Thread 0x77fc8820 (LWP 28818)): #0 0x003883a0f09c in ?? () from /lib64/libgcc_s.so.1 #1 0x003883a0fc59 in _Unwind_Backtrace () from /lib64/libgcc_s.so.1 #2 0x76a42520 in backtrace () from /lib64/libc.so.6 #3 0x769bbd0f in __libc_message () from /lib64/libc.so.6 #4 0x76a46127 in __fortify_fail () from /lib64/libc.so.6 #5 0x76a460f0 in __stack_chk_fail () from /lib64/libc.so.6 #6 0x0042c669 in kvm_cpu_exec (env=0x1179310) at /home/stefanb/qemu/qemu-git/kvm-all.c:1005 #7 0x0001 in ?? () #8 0x0040bc18 in cpu_exec_all () at /home/stefanb/qemu/qemu-git/cpus.c:1097 #9 0x0056d914 in main_loop (argc=value optimized out, argv=value optimized out, envp=value optimized out) at /home/stefanb/qemu/qemu-git/vl.c:1429 #10 main (argc=value optimized out, argv=value optimized out, envp=value optimized out) at /home/stefanb/qemu/qemu-git/vl.c:3148 I have previously seen another backtrace, but having tried this now 5 times, this one keeps on coming back. This is one that I have seen previously: Program received signal SIGSEGV, Segmentation fault. 0x01181345 in ?? () (gdb) bt #0 0x01181345 in ?? () #1 0x00564d58 in load_segment (selector1=value optimized out) at /home/stefanb/qemu/qemu-git/target-i386/op_helper.c:149 #2 helper_verw (selector1=value optimized out) at /home/stefanb/qemu/qemu-git/target-i386/op_helper.c:3411 #3 0x in ?? () I hope this helps... It's a 64-bit fedora 14 guest. I can't reproduce this with a grub1 or grub2 Ubuntu guest or a Fedora 13 Live CD. I haven't tried a F14 guest yet though. Regards, Anthony Liguori Regards, Stefan
[Qemu-devel] [PATCH] Fix vmport segfault
Fix regression caused by qdev conversion.
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
diff --git a/hw/vmport.c b/hw/vmport.c
index 292d78f..38ec259 100644
--- a/hw/vmport.c
+++ b/hw/vmport.c
@@ -43,15 +43,15 @@ typedef struct _VMPortState
void *opaque[VMPORT_ENTRIES];
} VMPortState;
-static VMPortState port_state;
+static VMPortState *port_state;
void vmport_register(unsigned char command, IOPortReadFunc *func, void *opaque)
{
if (command = VMPORT_ENTRIES)
return;
-port_state.func[command] = func;
-port_state.opaque[command] = opaque;
+port_state-func[command] = func;
+port_state-opaque[command] = opaque;
}
static uint32_t vmport_ioport_read(void *opaque, uint32_t addr)
@@ -128,6 +128,7 @@ static int vmport_initfn(ISADevice *dev)
register_ioport_read(0x5658, 1, 4, vmport_ioport_read, s);
register_ioport_write(0x5658, 1, 4, vmport_ioport_write, s);
isa_init_ioport(dev, 0x5658);
+port_state = s;
/* Register some generic port commands */
vmport_register(VMPORT_CMD_GETVERSION, vmport_cmd_get_version, NULL);
vmport_register(VMPORT_CMD_GETRAMSIZE, vmport_cmd_ram_size, NULL);
[Qemu-devel] [PATCH] Fix vmport segfault (v2)
Fix regression caused by qdev conversion.
Signed-off-by: Marcelo Tosatti mtosa...@redhat.com
v2: pass correct register_ioport parameter
diff --git a/hw/vmport.c b/hw/vmport.c
index 292d78f..19010e4 100644
--- a/hw/vmport.c
+++ b/hw/vmport.c
@@ -43,15 +43,15 @@ typedef struct _VMPortState
void *opaque[VMPORT_ENTRIES];
} VMPortState;
-static VMPortState port_state;
+static VMPortState *port_state;
void vmport_register(unsigned char command, IOPortReadFunc *func, void *opaque)
{
if (command = VMPORT_ENTRIES)
return;
-port_state.func[command] = func;
-port_state.opaque[command] = opaque;
+port_state-func[command] = func;
+port_state-opaque[command] = opaque;
}
static uint32_t vmport_ioport_read(void *opaque, uint32_t addr)
@@ -125,9 +125,10 @@ static int vmport_initfn(ISADevice *dev)
{
VMPortState *s = DO_UPCAST(VMPortState, dev, dev);
-register_ioport_read(0x5658, 1, 4, vmport_ioport_read, s);
-register_ioport_write(0x5658, 1, 4, vmport_ioport_write, s);
+register_ioport_read(0x5658, 1, 4, vmport_ioport_read, s);
+register_ioport_write(0x5658, 1, 4, vmport_ioport_write, s);
isa_init_ioport(dev, 0x5658);
+port_state = s;
/* Register some generic port commands */
vmport_register(VMPORT_CMD_GETVERSION, vmport_cmd_get_version, NULL);
vmport_register(VMPORT_CMD_GETRAMSIZE, vmport_cmd_ram_size, NULL);
[Qemu-devel] Re: [PATCH] fix halt emulation with icount and CONFIG_IOTHREAD (v2)
On Wed, Feb 16, 2011 at 10:32:25AM +0100, Paolo Bonzini wrote:
On 02/15/2011 09:56 PM, Marcelo Tosatti wrote:
Note: to be applied to uq/master.
In icount mode, halt emulation should take into account the nearest
event when sleeping.
I agree with Jan that this patch is not the best solution, if not incorrect.
However, in the iothread, the main loop can kick the VCPU thread
instead of running cpu_exec_all like it does in non-iothread mode.
Something like this:
diff --git a/vl.c b/vl.c
index b436952..7835317 100644
--- a/vl.c
+++ b/vl.c
@@ -1425,7 +1425,9 @@ static void main_loop(void)
qemu_main_loop_start();
for (;;) {
-#ifndef CONFIG_IOTHREAD
+#ifdef CONFIG_IOTHREAD
+qemu_cpu_kick(first_cpu);
+#else
nonblocking = cpu_exec_all();
if (vm_request_pending()) {
nonblocking = true;
I don't like this 100% because it relies on the fact that there is
only one TCG execution thread. In a multithreaded world you would:
1) have each CPU register its own instruction counter;
2) have each CPU register its own QEMU_CLOCK_REALTIME timer based on
qemu_icount_delta() and arm it just before going to sleep; the timer
kicks the CPU.
3) remove all icount business from qemu_calculate_timeout.
Item (3) is what makes me prefer my patch above (if it works) to
Marcelo's. Marcelo's patch is tying even more
qemu_calculate_timeout to the icount. So if anything, a patch
tweaking the timedwait like Marcelo's should use something based on
qemu_icount_delta().
Yes, using qemu_icount_delta directly in tcg_wait_io_event timedwait
is explicit (partially the reason for confusion with my patch).
So the reasoning for the patch is:
With icount vm_timer timers expire on virtual CPU time. If a CPU halts,
you cannot expect passage of realtime to trigger vm_timers expiration.
So instead vm_timer expiration is converted to realtime, and used as
halt timeout.
