Re: [Qemu-devel] [PATCH] i386: fix breakpoints handling in icount mode
From: Jan Kiszka [mailto:jan.kis...@siemens.com]
On 2014-10-22 13:38, Pavel Dovgalyuk wrote:
This patch fixes instructions counting when execution is stopped on
breakpoint (e.g. set from gdb). Without a patch extra instruction is
translated
and icount is incremented by invalid value (which equals to number of
executed instructions + 1).
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
target-i386/translate.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 1284173..193cf9f 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -8000,7 +8000,7 @@ static inline void
gen_intermediate_code_internal(X86CPU *cpu,
if (bp-pc == pc_ptr
!((bp-flags BP_CPU) (tb-flags HF_RF_MASK))) {
gen_debug(dc, pc_ptr - dc-cs_base);
-break;
+goto done_generating;
}
}
}
@@ -8049,6 +8049,7 @@ static inline void
gen_intermediate_code_internal(X86CPU *cpu,
break;
}
}
+done_generating:
if (tb-cflags CF_LAST_IO)
gen_io_end();
gen_tb_end(tb, num_insns);
Didn't looked into why, just bisected that this patch breaks at least
certain guest-originated break- or watchpoints in TCG mode. Can be
triggered by booting a Linux kernel with kgdb self-tests enabled. The
result is some false reporting of a host-originated debug stop to
gdb_set_stop_cpu while gdbserver_state is NULL - SEGV.
It seems that kernel sets some hardware breakpoints and QEMU tries to process
them with GDB stub. Modifying gdb_set_stop_cpu should help:
diff --git a/gdbstub.c b/gdbstub.c
index e4a1a79..e8ef546 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1202,8 +1202,10 @@ static int gdb_handle_packet(GDBState *s, const char
*line_buf)
void gdb_set_stop_cpu(CPUState *cpu)
{
-gdbserver_state-c_cpu = cpu;
-gdbserver_state-g_cpu = cpu;
+if (gdbserver_state) {
+gdbserver_state-c_cpu = cpu;
+gdbserver_state-g_cpu = cpu;
+}
}
#ifndef CONFIG_USER_ONLY
Pavel Dovgalyuk
Re: [Qemu-devel] [PATCH 1/1] Do not hang on full PTY
Applied to -trivial, thank you! /mjt
Re: [Qemu-devel] [Qemu-trivial] [PATCH v2] vl.c: fix some alignment issues
11.01.2015 13:56, Marcel Apfelbaum wrote: The misalignment was caused by tabs which were used instead of spaces. Applied to -trivial, thank you! /mjt
[Qemu-devel] Missing Diag/Debug Registers in lsi53c895a emulation
Hi, while trying to run an ASA1000V appliance I found that registers 0x09 and 0x3c-3f are read during boot up. Which currently results in an exit(1). The appliance uses an quite ancient 2.6.29.6 Linux kernel. These registers are mainly for diag and debug purposes so I came up with the following patch. The system works with the following patch, but I wonder if this is a correct workaround: diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c index ec92048..bce1135 100644 --- a/hw/scsi/lsi53c895a.c +++ b/hw/scsi/lsi53c895a.c @@ -1513,6 +1513,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset) return 0x7f; case 0x08: /* Revision ID */ return 0x00; +case 0x09: /* SOCL */ +return 0x00; case 0xa: /* SSID */ return s-ssid; case 0xb: /* SBCL */ @@ -1577,6 +1579,11 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset) return s-sbr; case 0x3b: /* DCNTL */ return s-dcntl; +case 0x3c: /* ADDER Output (Debug purpose only) */ +case 0x3d: +case 0x3e: +case 0x3f: +return 0x00; case 0x40: /* SIEN0 */ return s-sien0; case 0x41: /* SIEN1 */ Peter
[Qemu-devel] [PATCH] pci: add diagnostics for invalid BAR addresses
From: Claudio Fontana claudio.font...@huawei.com
show diagnostics when the reprogrammed BAR addresses are invalid,
either because of a guest mistake or because of QEMU limitations.
Signed-off-by: Claudio Fontana claudio.font...@huawei.com
---
hw/pci/pci.c | 42 +++---
1 file changed, 31 insertions(+), 11 deletions(-)
diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index 371699c..b2c02be 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -1027,6 +1027,8 @@ static pcibus_t pci_bar_address(PCIDevice *d,
if (type PCI_BASE_ADDRESS_SPACE_IO) {
if (!(cmd PCI_COMMAND_IO)) {
+PCI_DPRINTF(%s: I/O space not enabled, ignoring request.\n,
+__func__);
return PCI_BAR_UNMAPPED;
}
new_addr = pci_get_long(d-config + bar) ~(size - 1);
@@ -1034,13 +1036,25 @@ static pcibus_t pci_bar_address(PCIDevice *d,
/* Check if 32 bit BAR wraps around explicitly.
* TODO: make priorities correct and remove this work around.
*/
-if (last_addr = new_addr || new_addr == 0 || last_addr = UINT32_MAX)
{
+if (last_addr = new_addr || last_addr = UINT32_MAX) {
+PCI_DPRINTF(%s: 32bit I/O address would wrap around, ignoring
request.\n,
+__func__);
+return PCI_BAR_UNMAPPED;
+}
+/* NB: the refusal to accept new_addr == 0 is not mandated by PCI,
+ * but this check is there for legacy reasons for some platforms.
+ */
+if (new_addr == 0) {
+PCI_DPRINTF(%s: I/O address is zero, ignoring request.\n,
+__func__);
return PCI_BAR_UNMAPPED;
}
return new_addr;
}
if (!(cmd PCI_COMMAND_MEMORY)) {
+PCI_DPRINTF(%s: memory space not enabled, ignoring request.\n,
+__func__);
return PCI_BAR_UNMAPPED;
}
if (type PCI_BASE_ADDRESS_MEM_TYPE_64) {
@@ -1050,28 +1064,32 @@ static pcibus_t pci_bar_address(PCIDevice *d,
}
/* the ROM slot has a specific enable bit */
if (reg == PCI_ROM_SLOT !(new_addr PCI_ROM_ADDRESS_ENABLE)) {
+PCI_DPRINTF(%s: ROM slot not enabled, ignoring request.\n,
+__func__);
return PCI_BAR_UNMAPPED;
}
new_addr = ~(size - 1);
last_addr = new_addr + size - 1;
/* NOTE: we do not support wrapping */
-/* XXX: as we cannot support really dynamic
- mappings, we handle specific values as invalid
- mappings. */
-if (last_addr = new_addr || new_addr == 0 ||
-last_addr == PCI_BAR_UNMAPPED) {
-return PCI_BAR_UNMAPPED;
-}
-
/* Now pcibus_t is 64bit.
* Check if 32 bit BAR wraps around explicitly.
* Without this, PC ide doesn't work well.
* TODO: remove this work around.
*/
-if (!(type PCI_BASE_ADDRESS_MEM_TYPE_64) last_addr = UINT32_MAX) {
+/* XXX: as we cannot support really dynamic
+ mappings, we handle specific values as invalid
+ mappings. */
+if (last_addr = new_addr || last_addr == PCI_BAR_UNMAPPED ||
+(!(type PCI_BASE_ADDRESS_MEM_TYPE_64) last_addr = UINT32_MAX)) {
+PCI_DPRINTF(%s: memory address would wrap around, ignoring
request.\n,
+__func__);
+return PCI_BAR_UNMAPPED;
+}
+if (new_addr == 0) {
+PCI_DPRINTF(%s: memory address is zero, ignoring request.\n,
+__func__);
return PCI_BAR_UNMAPPED;
}
-
/*
* OS is allowed to set BAR beyond its addressable
* bits. For example, 32 bit OS can set 64bit bar
@@ -1079,6 +1097,8 @@ static pcibus_t pci_bar_address(PCIDevice *d,
* it in the future for e.g. PAE.
*/
if (last_addr = HWADDR_MAX) {
+PCI_DPRINTF(%s: bar address beyond max addressable, ignoring
request.\n,
+__func__);
return PCI_BAR_UNMAPPED;
}
--
1.8.5.3
Re: [Qemu-devel] [Qemu-trivial] [PATCH v2] target-openrisc: bugfix for dec_sys to decode instructions correctly
06.01.2015 20:06, David Morrison wrote: Fixed the decoding of system instructions (starting with 0x2) in dec_sys() in translate.c. In particular, the l.trap instruction is now correctly decoded, which enables for singlestepping and breakpoints to be set in GDB. Applied to -trivial, thank you! /mjt
Re: [Qemu-devel] How to clone a running vm?
On 2015-01-12 15:50:13, Zhang Haoyu wrote: Hi, I want to clone a running vm without shutoff, can below method work? 1) create a snapshot for the vm 2) create a new qcow2 image from the snapshot, but how? 3) use the new qcow2 image as backing image to clone vms Can drive_mirror clone a running vm without guest service disruption? Any ideas? Thanks, Zhang Haoyu
Re: [Qemu-devel] [PATCH] i386: fix breakpoints handling in icount mode
On 2014-10-22 13:38, Pavel Dovgalyuk wrote:
This patch fixes instructions counting when execution is stopped on
breakpoint (e.g. set from gdb). Without a patch extra instruction is
translated
and icount is incremented by invalid value (which equals to number of
executed instructions + 1).
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
target-i386/translate.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 1284173..193cf9f 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -8000,7 +8000,7 @@ static inline void
gen_intermediate_code_internal(X86CPU *cpu,
if (bp-pc == pc_ptr
!((bp-flags BP_CPU) (tb-flags HF_RF_MASK))) {
gen_debug(dc, pc_ptr - dc-cs_base);
-break;
+goto done_generating;
}
}
}
@@ -8049,6 +8049,7 @@ static inline void
gen_intermediate_code_internal(X86CPU *cpu,
break;
}
}
+done_generating:
if (tb-cflags CF_LAST_IO)
gen_io_end();
gen_tb_end(tb, num_insns);
Didn't looked into why, just bisected that this patch breaks at least
certain guest-originated break- or watchpoints in TCG mode. Can be
triggered by booting a Linux kernel with kgdb self-tests enabled. The
result is some false reporting of a host-originated debug stop to
gdb_set_stop_cpu while gdbserver_state is NULL - SEGV.
Jan
--
Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [PATCH 0/3] miscellaneous minor clang fixes
24.12.2014 01:26, Peter Maydell wrote: This is a collection of three miscellaneous minor fixes for clang compile warnings, which I think could reasonably go via the -trivial tree. The map_exec patch has been on list and reviewed before; the other two are new. Peter Maydell (2): tests/hd-geo-test.c: Remove unused test_image variable migration/qemu-file.c: Don't shift left into sign bit SeokYeon Hwang (1): translate-all: Mark map_exec() with the 'unused' attribute Applied all to -trivial, thank you! /mjt
Re: [Qemu-devel] [PATCH 0/3] Fix new typos found by codespell
03.01.2015 16:41, Stefan Weil wrote: [PATCH 1/3] target-tricore: Fix new typos [PATCH 2/3] target-arm: Fix typo in comment (seperately - separately) [PATCH 3/3] misc: Fix new typos in comments Applied all to -trivial, thank you! /mjt
Re: [Qemu-devel] [PULL 00/26] Block patches
On Sat, 01/10 19:10, Peter Maydell wrote: On 10 January 2015 at 19:05, Peter Maydell peter.mayd...@linaro.org wrote: On 9 January 2015 at 10:16, Stefan Hajnoczi stefa...@redhat.com wrote: This pull request depends on the previous block pull request which has not been merged yet. It was sent on Monday, 5th of January (Message-id: 1420458696-1885-1-git-send-email-stefa...@redhat.com). The following changes since commit 3bd54e576f40f1d5bf45b4828c7316efd76a4db6: migration/block: fix pending() return value (2015-01-05 11:34:52 +) are available in the git repository at: git://github.com/stefanha/qemu.git tags/block-pull-request for you to fetch changes up to 4cba4284918145de66e27959725559f8aaf764ef: NVMe: Set correct VS Value for 1.1 Compliant Controllers (2015-01-09 10:12:23 +) I'm confused. You say this pull depends on the other one, but the emails give the same tag name for both, so I can't pull the other one first. (In fact, if not for this one failing I would have applied it under the assumption that it *was* the previous pullreq...) In any case, this one fails 'make check': Failed also and differently on my 32 bit ARM board, though that may just be because I run this set with V=1; last part of the log below. Looks like something is trying to run qemu-system-arm without specifying a machine to use... Ouch! This is something that proves really hard to do. Stefan, please drop the make check-block series in next revision. Fam === Testing plain filename for blkdebug === -blkdebug:TEST_DIR/blkdebug.conf:TEST_DIR/t.IMGFMT === Testing plain filename for blkdebug without configuration file === -blkdebug::TEST_DIR/t.IMGFMT *** done 100[20:40:41] [20:40:45] 101[20:40:45] [20:40:45] [not run] 101 -- not suitable for this image format: qcow2 102[20:40:45] [20:40:46] [failed, exit status 141] - output mismatch (see 102.out.bad) --- /root/qemu/tests/qemu-iotests/102.out 2014-11-03 18:34:23.0 + +++ 102.out.bad 2015-01-09 20:40:46.0 + @@ -15,7 +15,6 @@ wrote 65536/65536 bytes at offset 0 64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) Image resized. -QEMU X.Y.Z monitor - type 'help' for more information -(qemu) qemu-io drv0 map -[ 0] 128/ 128 sectors allocated at offset 0 bytes (1) -*** done +No machine specified, and there is no default. +Use -machine help to list supported machines! +Timeout waiting for allocated on handle 0 103[20:40:46] [20:40:47] 105[20:40:47] [20:40:48] 107[20:40:48] [20:40:49] 108[20:40:49] [20:40:52] 110[20:40:52] [20:40:53] 111[20:40:53] [20:40:53] 113[20:40:53] [20:40:53] [not run] 113 -- not suitable for this image format: qcow2 114[20:40:53] [20:40:54] Not run: 016 045 059 064 065 070 075 077 078 081 084 088 092 101 113 Failures: 028 067 068 071 087 095 099 102 Failed 8 of 65 tests make: *** [check-tests/qemu-iotests-quick.sh] Error 1 -- PMM
Re: [Qemu-devel] [PATCH] i386: fix breakpoints handling in icount mode
On 2015-01-12 09:26, Pavel Dovgaluk wrote:
From: Jan Kiszka [mailto:jan.kis...@siemens.com]
On 2014-10-22 13:38, Pavel Dovgalyuk wrote:
This patch fixes instructions counting when execution is stopped on
breakpoint (e.g. set from gdb). Without a patch extra instruction is
translated
and icount is incremented by invalid value (which equals to number of
executed instructions + 1).
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
target-i386/translate.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 1284173..193cf9f 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -8000,7 +8000,7 @@ static inline void
gen_intermediate_code_internal(X86CPU *cpu,
if (bp-pc == pc_ptr
!((bp-flags BP_CPU) (tb-flags HF_RF_MASK))) {
gen_debug(dc, pc_ptr - dc-cs_base);
-break;
+goto done_generating;
}
}
}
@@ -8049,6 +8049,7 @@ static inline void
gen_intermediate_code_internal(X86CPU *cpu,
break;
}
}
+done_generating:
if (tb-cflags CF_LAST_IO)
gen_io_end();
gen_tb_end(tb, num_insns);
Didn't looked into why, just bisected that this patch breaks at least
certain guest-originated break- or watchpoints in TCG mode. Can be
triggered by booting a Linux kernel with kgdb self-tests enabled. The
result is some false reporting of a host-originated debug stop to
gdb_set_stop_cpu while gdbserver_state is NULL - SEGV.
It seems that kernel sets some hardware breakpoints and QEMU tries to process
them with GDB stub. Modifying gdb_set_stop_cpu should help:
diff --git a/gdbstub.c b/gdbstub.c
index e4a1a79..e8ef546 100644
--- a/gdbstub.c
+++ b/gdbstub.c
@@ -1202,8 +1202,10 @@ static int gdb_handle_packet(GDBState *s, const char
*line_buf)
void gdb_set_stop_cpu(CPUState *cpu)
{
-gdbserver_state-c_cpu = cpu;
-gdbserver_state-g_cpu = cpu;
+if (gdbserver_state) {
+gdbserver_state-c_cpu = cpu;
+gdbserver_state-g_cpu = cpu;
+}
}
#ifndef CONFIG_USER_ONLY
I think this would only cure a symptom, but it doesn't explain why we
now hit cpu_handle_guest_debug which we do not before the patch:
(gdb) bt
#0 gdb_set_stop_cpu (cpu=cpu@entry=0x5663ac40) at /data/qemu/gdbstub.c:1193
#1 0x5562dfdf in cpu_handle_guest_debug (cpu=0x5663ac40) at
/data/qemu/cpus.c:636
#2 tcg_exec_all () at /data/qemu/cpus.c:1389
#3 qemu_tcg_cpu_thread_fn (arg=optimized out) at /data/qemu/cpus.c:1033
#4 0x72c3d0a4 in start_thread () from /lib64/libpthread.so.0
#5 0x7fffeea4a7fd in clone () from /lib64/libc.so.6
Jan
--
Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux
Re: [Qemu-devel] [Qemu-trivial] [PATCH] vt82c686: avoid out-of-bounds read
10.12.2014 12:17, Paolo Bonzini wrote: superio_ioport_readb can read the 256th element of the array. Coverity reports an out-of-bounds write in superio_ioport_writeb, but it does not show the corresponding out-of-bounds read because it cannot prove that it can happen. Fix the root cause of the problem (zhanghailang's patch instead fixes the logic in superio_ioport_writeb). (Finally) applied to -trivial, thanks! /mjt
Re: [Qemu-devel] Missing Diag/Debug Registers in lsi53c895a emulation
On 12/01/2015 10:39, Peter Lieven wrote:
On 12.01.2015 10:28, Peter Lieven wrote:
Hi,
while trying to run an ASA1000V appliance I found that registers 0x09
and 0x3c-3f are read during boot up. Which
currently results in an exit(1). The appliance uses an quite ancient
2.6.29.6 Linux kernel.
These registers are mainly for diag and debug purposes so I came up
with the following patch. The system works
with the following patch, but I wonder if this is a correct workaround:
Maybe this is better:
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index ec92048..db7d4b8 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -277,6 +277,7 @@ typedef struct {
uint32_t csbc;
uint32_t scratch[18]; /* SCRATCHA-SCRATCHR */
uint8_t sbr;
+uint32_t adder;
/* Script ram is stored as 32-bit words in host byteorder. */
uint32_t script_ram[2048];
@@ -1389,6 +1390,7 @@ again:
switch ((insn 27) 7) {
case 0: /* Jump */
DPRINTF(Jump to 0x%08x\n, addr);
+s-adder = addr;
s-dsp = addr;
break;
case 1: /* Call */
@@ -1513,6 +1515,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return 0x7f;
case 0x08: /* Revision ID */
return 0x00;
+case 0x09: /* SOCL */
+return s-socl;
case 0xa: /* SSID */
return s-ssid;
case 0xb: /* SBCL */
@@ -1577,6 +1581,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return s-sbr;
case 0x3b: /* DCNTL */
return s-dcntl;
+/* ADDER Output (Debug of relative jump address) */
+CASE_GET_REG32(adder, 0x3c)
case 0x40: /* SIEN0 */
return s-sien0;
case 0x41: /* SIEN1 */
This looks good. Can you send it with SoB and git-format-patch?
Paolo
Re: [Qemu-devel] [PATCH v2] Gives user ability to select endian format for video display - fixes Mac OS X guest color issue.
Hi,
+/* Determines the pixel format of the frame buffer */
+if (surface-format == PIXMAN_b8g8r8x8) {
+bitmap_info = kCGBitmapByteOrder32Big | kCGImageAlphaNoneSkipFirst;
+}
That certainly goes into the right direction.
PIXMAN_* is native endian though, so I expect this will work on the
intel macos host you are testing on but will fail on powerpc macos
hosts.
I suggest to add fixed endian defines for 32bpp to
include/ui/qemu-pixman.h (there already is one for 24bpp), then use
these to avoid cluttering the cocoa code with HOST_WORDS_BIGENDIAN
#defines.
The colorspace bits look sane to me, I'm not macos x expert enough to
really justify.
cheers,
Gerd
Re: [Qemu-devel] How to clone a running vm?
On 12/01/2015 09:15, Zhang Haoyu wrote: I want to clone a running vm without shutoff, can below method work? 1) create a snapshot for the vm 2) create a new qcow2 image from the snapshot, but how? 3) use the new qcow2 image as backing image to clone vms Can drive_mirror clone a running vm without guest service disruption? Yes. Paolo
Re: [Qemu-devel] Missing Diag/Debug Registers in lsi53c895a emulation
On 12.01.2015 10:42, Paolo Bonzini wrote:
On 12/01/2015 10:39, Peter Lieven wrote:
On 12.01.2015 10:28, Peter Lieven wrote:
Hi,
while trying to run an ASA1000V appliance I found that registers 0x09
and 0x3c-3f are read during boot up. Which
currently results in an exit(1). The appliance uses an quite ancient
2.6.29.6 Linux kernel.
These registers are mainly for diag and debug purposes so I came up
with the following patch. The system works
with the following patch, but I wonder if this is a correct workaround:
Maybe this is better:
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index ec92048..db7d4b8 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -277,6 +277,7 @@ typedef struct {
uint32_t csbc;
uint32_t scratch[18]; /* SCRATCHA-SCRATCHR */
uint8_t sbr;
+uint32_t adder;
/* Script ram is stored as 32-bit words in host byteorder. */
uint32_t script_ram[2048];
@@ -1389,6 +1390,7 @@ again:
switch ((insn 27) 7) {
case 0: /* Jump */
DPRINTF(Jump to 0x%08x\n, addr);
+s-adder = addr;
s-dsp = addr;
break;
case 1: /* Call */
@@ -1513,6 +1515,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return 0x7f;
case 0x08: /* Revision ID */
return 0x00;
+case 0x09: /* SOCL */
+return s-socl;
case 0xa: /* SSID */
return s-ssid;
case 0xb: /* SBCL */
@@ -1577,6 +1581,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return s-sbr;
case 0x3b: /* DCNTL */
return s-dcntl;
+/* ADDER Output (Debug of relative jump address) */
+CASE_GET_REG32(adder, 0x3c)
case 0x40: /* SIEN0 */
return s-sien0;
case 0x41: /* SIEN1 */
This looks good. Can you send it with SoB and git-format-patch?
Sure. I think full support of the adder debug register would be more
complicated,
but as the spec says its main purpose is debugging of relative jump address
calculation
it should be fine. In fact if anything had read from this register before qemu
would
have aborted ;-)
Peter
Paolo
--
Mit freundlichen Grüßen
Peter Lieven
...
KAMP Netzwerkdienste GmbH
Vestische Str. 89-91 | 46117 Oberhausen
Tel: +49 (0) 208.89 402-50 | Fax: +49 (0) 208.89 402-40
p...@kamp.de | http://www.kamp.de
Geschäftsführer: Heiner Lante | Michael Lante
Amtsgericht Duisburg | HRB Nr. 12154
USt-Id-Nr.: DE 120607556
...
Re: [Qemu-devel] [PATCH] i386: fix breakpoints handling in icount mode
On 12/01/2015 09:30, Jan Kiszka wrote:
I think this would only cure a symptom, but it doesn't explain why we
now hit cpu_handle_guest_debug which we do not before the patch:
That means we now exit with EXCP_DEBUG and we didn't before?
Something like this would be a more complete fix (it works if you have
both gdb and CPU breakpoints), but I'm not sure if it's also a band-aid
for the symptoms.
diff --git a/cpu-exec.c b/cpu-exec.c
index a4f0eff..56139ac 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -302,7 +302,7 @@ static inline TranslationBlock *tb_find_fast(CPUArchState
*env)
return tb;
}
-static void cpu_handle_debug_exception(CPUArchState *env)
+static int cpu_handle_debug_exception(CPUArchState *env)
{
CPUState *cpu = ENV_GET_CPU(env);
CPUClass *cc = CPU_GET_CLASS(cpu);
@@ -314,7 +314,7 @@ static void cpu_handle_debug_exception(CPUArchState *env)
}
}
-cc-debug_excp_handler(cpu);
+return cc-debug_excp_handler(cpu);
}
/* main execution loop */
@@ -375,12 +375,15 @@ int cpu_exec(CPUArchState *env)
if (cpu-exception_index = 0) {
if (cpu-exception_index = EXCP_INTERRUPT) {
/* exit request from the cpu execution loop */
-ret = cpu-exception_index;
-if (ret == EXCP_DEBUG) {
-cpu_handle_debug_exception(env);
+if (cpu-exception_index == EXCP_DEBUG) {
+ret = cpu_handle_debug_exception(env);
+} else {
+ret = cpu-exception_index;
+}
+if (ret = 0) {
+cpu-exception_index = -1;
+break;
}
-cpu-exception_index = -1;
-break;
} else {
#if defined(CONFIG_USER_ONLY)
/* if user mode only, we simulate a fake exception
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index 2098f1c..c1d6c20 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -95,7 +95,8 @@ struct TranslationBlock;
* @get_phys_page_debug: Callback for obtaining a physical address.
* @gdb_read_register: Callback for letting GDB read a register.
* @gdb_write_register: Callback for letting GDB write a register.
- * @debug_excp_handler: Callback for handling debug exceptions.
+ * @debug_excp_handler: Callback for handling debug exceptions. Should
+ * return either #EXCP_DEBUG or zero.
* @vmsd: State description for migration.
* @gdb_num_core_regs: Number of core registers accessible to GDB.
* @gdb_core_xml_file: File name for core registers GDB XML description.
@@ -140,7 +141,7 @@ typedef struct CPUClass {
hwaddr (*get_phys_page_debug)(CPUState *cpu, vaddr addr);
int (*gdb_read_register)(CPUState *cpu, uint8_t *buf, int reg);
int (*gdb_write_register)(CPUState *cpu, uint8_t *buf, int reg);
-void (*debug_excp_handler)(CPUState *cpu);
+int (*debug_excp_handler)(CPUState *cpu);
int (*write_elf64_note)(WriteCoreDumpFunction f, CPUState *cpu,
int cpuid, void *opaque);
diff --git a/qom/cpu.c b/qom/cpu.c
index 9c68fa4..e86fec5 100644
--- a/qom/cpu.c
+++ b/qom/cpu.c
@@ -193,6 +193,11 @@ static bool cpu_common_virtio_is_big_endian(CPUState *cpu)
return target_words_bigendian();
}
+static int cpu_common_debug_excp_handler(CPUState *cpu)
+{
+return EXCP_DEBUG;
+}
+
static void cpu_common_noop(CPUState *cpu)
{
}
@@ -340,7 +345,7 @@ static void cpu_class_init(ObjectClass *klass, void *data)
k-gdb_read_register = cpu_common_gdb_read_register;
k-gdb_write_register = cpu_common_gdb_write_register;
k-virtio_is_big_endian = cpu_common_virtio_is_big_endian;
-k-debug_excp_handler = cpu_common_noop;
+k-debug_excp_handler = cpu_common_debug_excp_handler;
k-cpu_exec_enter = cpu_common_noop;
k-cpu_exec_exit = cpu_common_noop;
k-cpu_exec_interrupt = cpu_common_exec_interrupt;
diff --git a/target-arm/op_helper.c b/target-arm/op_helper.c
index 2bed914..40b7f79 100644
--- a/target-arm/op_helper.c
+++ b/target-arm/op_helper.c
@@ -732,7 +732,7 @@ static bool check_breakpoints(ARMCPU *cpu)
return false;
}
-void arm_debug_excp_handler(CPUState *cs)
+int arm_debug_excp_handler(CPUState *cs)
{
/* Called by core code when a watchpoint or breakpoint fires;
* need to check which one and raise the appropriate exception.
@@ -756,9 +756,9 @@ void arm_debug_excp_handler(CPUState *cs)
}
env-exception.vaddress = wp_hit-hitaddr;
raise_exception(env, EXCP_DATA_ABORT);
-} else {
-cpu_resume_from_signal(cs, NULL);
+return 0;
}
+cpu_resume_from_signal(cs, NULL);
}
} else {
if (check_breakpoints(cpu)) {
@@ -771,8 +771,10 @@ void arm_debug_excp_handler(CPUState *cs)
}
Re: [Qemu-devel] [Qemu-trivial] [PATCH] Makefile: Remove config.status and common.env during 'make distclean'
15.12.2014 13:19, Thomas Huth wrote: config.status and tests/qemu-iotests/common.env are generated files that should be deleted during 'make distclean'. Somehow I missed this one previously. Applied to -trivial now, thank you! (I'm not sure why did you combine po/*.mo and .../common.env into one line but that's not a problem really). /mjt
Re: [Qemu-devel] [PATCH] blizzard: do not depend on VGA internals
09.01.2015 12:59, Paolo Bonzini wrote: There is nothing that is used by this ARM-specific device. Indeed. Applied to -trivial, thank you! /mjt
Re: [Qemu-devel] Missing Diag/Debug Registers in lsi53c895a emulation
On 12.01.2015 10:28, Peter Lieven wrote:
Hi,
while trying to run an ASA1000V appliance I found that registers 0x09 and
0x3c-3f are read during boot up. Which
currently results in an exit(1). The appliance uses an quite ancient 2.6.29.6
Linux kernel.
These registers are mainly for diag and debug purposes so I came up with the
following patch. The system works
with the following patch, but I wonder if this is a correct workaround:
Maybe this is better:
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index ec92048..db7d4b8 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -277,6 +277,7 @@ typedef struct {
uint32_t csbc;
uint32_t scratch[18]; /* SCRATCHA-SCRATCHR */
uint8_t sbr;
+uint32_t adder;
/* Script ram is stored as 32-bit words in host byteorder. */
uint32_t script_ram[2048];
@@ -1389,6 +1390,7 @@ again:
switch ((insn 27) 7) {
case 0: /* Jump */
DPRINTF(Jump to 0x%08x\n, addr);
+s-adder = addr;
s-dsp = addr;
break;
case 1: /* Call */
@@ -1513,6 +1515,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return 0x7f;
case 0x08: /* Revision ID */
return 0x00;
+case 0x09: /* SOCL */
+return s-socl;
case 0xa: /* SSID */
return s-ssid;
case 0xb: /* SBCL */
@@ -1577,6 +1581,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return s-sbr;
case 0x3b: /* DCNTL */
return s-dcntl;
+/* ADDER Output (Debug of relative jump address) */
+CASE_GET_REG32(adder, 0x3c)
case 0x40: /* SIEN0 */
return s-sien0;
case 0x41: /* SIEN1 */
[Qemu-devel] [PATCH] hw/scsi/lsi53c895a: add support for additional diag / debug registers
Some ancient Linux kernels read from registers 0x09 and 0x3c-3f during
boot. According to the spec these registers are for diag and debug
purposes only. If they are absend qemu aborts on read.
Signed-off-by: Peter Lieven p...@kamp.de
---
hw/scsi/lsi53c895a.c |6 ++
1 file changed, 6 insertions(+)
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index ec92048..db7d4b8 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -277,6 +277,7 @@ typedef struct {
uint32_t csbc;
uint32_t scratch[18]; /* SCRATCHA-SCRATCHR */
uint8_t sbr;
+uint32_t adder;
/* Script ram is stored as 32-bit words in host byteorder. */
uint32_t script_ram[2048];
@@ -1389,6 +1390,7 @@ again:
switch ((insn 27) 7) {
case 0: /* Jump */
DPRINTF(Jump to 0x%08x\n, addr);
+s-adder = addr;
s-dsp = addr;
break;
case 1: /* Call */
@@ -1513,6 +1515,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return 0x7f;
case 0x08: /* Revision ID */
return 0x00;
+case 0x09: /* SOCL */
+return s-socl;
case 0xa: /* SSID */
return s-ssid;
case 0xb: /* SBCL */
@@ -1577,6 +1581,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return s-sbr;
case 0x3b: /* DCNTL */
return s-dcntl;
+/* ADDER Output (Debug of relative jump address) */
+CASE_GET_REG32(adder, 0x3c)
case 0x40: /* SIEN0 */
return s-sien0;
case 0x41: /* SIEN1 */
--
1.7.9.5
[Qemu-devel] [PULL v3 2/7] s390x/css: Clean up unnecessary CONFIG_USER_ONLY wrappers
From: Thomas Huth th...@linux.vnet.ibm.com
The css functions are only used from ioinst.c and other files that are
only built for CONFIG_SOFTMMU. So we do not need the dummy wrappers for
the CONFIG_USER_ONLY target in the cpu.h header.
Signed-off-by: Thomas Huth th...@linux.vnet.ibm.com
Signed-off-by: Jens Freimann jf...@linux.vnet.ibm.com
Reviewed-by: Jason J. Herne jjhe...@us.ibm.com
Acked-by: Cornelia Huck cornelia.h...@de.ibm.com
Signed-off-by: Cornelia Huck cornelia.h...@de.ibm.com
---
target-s390x/cpu.h | 81
1 file changed, 81 deletions(-)
diff --git a/target-s390x/cpu.h b/target-s390x/cpu.h
index fe2f95d..23ad336 100644
--- a/target-s390x/cpu.h
+++ b/target-s390x/cpu.h
@@ -457,87 +457,6 @@ int css_enable_mss(void);
int css_do_rsch(SubchDev *sch);
int css_do_rchp(uint8_t cssid, uint8_t chpid);
bool css_present(uint8_t cssid);
-#else
-static inline SubchDev *css_find_subch(uint8_t m, uint8_t cssid, uint8_t ssid,
- uint16_t schid)
-{
-return NULL;
-}
-static inline bool css_subch_visible(SubchDev *sch)
-{
-return false;
-}
-static inline void css_conditional_io_interrupt(SubchDev *sch)
-{
-}
-static inline int css_do_stsch(SubchDev *sch, SCHIB *schib)
-{
-return -ENODEV;
-}
-static inline bool css_schid_final(uint8_t cssid, uint8_t ssid, uint16_t schid)
-{
-return true;
-}
-static inline int css_do_msch(SubchDev *sch, SCHIB *schib)
-{
-return -ENODEV;
-}
-static inline int css_do_xsch(SubchDev *sch)
-{
-return -ENODEV;
-}
-static inline int css_do_csch(SubchDev *sch)
-{
-return -ENODEV;
-}
-static inline int css_do_hsch(SubchDev *sch)
-{
-return -ENODEV;
-}
-static inline int css_do_ssch(SubchDev *sch, ORB *orb)
-{
-return -ENODEV;
-}
-static inline int css_do_tsch(SubchDev *sch, IRB *irb)
-{
-return -ENODEV;
-}
-static inline int css_do_stcrw(CRW *crw)
-{
-return 1;
-}
-static inline int css_do_tpi(IOIntCode *int_code, int lowcore)
-{
-return 0;
-}
-static inline int css_collect_chp_desc(int m, uint8_t cssid, uint8_t f_chpid,
- int rfmt, uint8_t l_chpid, void *buf)
-{
-return 0;
-}
-static inline void css_do_schm(uint8_t mbk, int update, int dct, uint64_t mbo)
-{
-}
-static inline int css_enable_mss(void)
-{
-return -EINVAL;
-}
-static inline int css_enable_mcsse(void)
-{
-return -EINVAL;
-}
-static inline int css_do_rsch(SubchDev *sch)
-{
-return -ENODEV;
-}
-static inline int css_do_rchp(uint8_t cssid, uint8_t chpid)
-{
-return -ENODEV;
-}
-static inline bool css_present(uint8_t cssid)
-{
-return false;
-}
#endif
#define cpu_init(model) (cpu_s390x_init(model)-env)
--
1.7.9.5
Re: [Qemu-devel] [PATCH v4] block: add event when disk usage exceeds threshold
Hi,
thanks for the review!
- Original Message -
From: Eric Blake ebl...@redhat.com
To: Francesco Romani from...@redhat.com, qemu-devel@nongnu.org
Cc: kw...@redhat.com, mdr...@linux.vnet.ibm.com, stefa...@redhat.com,
lcapitul...@redhat.com
Sent: Friday, January 9, 2015 5:54:40 PM
Subject: Re: [Qemu-devel] [PATCH v4] block: add event when disk usage exceeds
threshold
On 12/04/2014 01:59 AM, Francesco Romani wrote:
Managing applications, like oVirt (http://www.ovirt.org), make extensive
use of thin-provisioned disk images.
To let the guest run smoothly and be not unnecessarily paused, oVirt sets
a disk usage threshold (so called 'high water mark') based on the
occupation
of the device, and automatically extends the image once the threshold
is reached or exceeded.
In order to detect the crossing of the threshold, oVirt has no choice but
aggressively polling the QEMU monitor using the query-blockstats command.
This lead to unnecessary system load, and is made even worse under scale:
deployments with hundreds of VMs are no longer rare.
To fix this, this patch adds:
* A new monitor command to set a write threshold for a given block device.
* A new event to report if a block device usage exceeds the threshold.
Please also mention the names of those two things in the commit message,
to make it easier to find them when doing 'git log' archaeology.
Sure, will do.
This will allow the managing application to use smarter and more
efficient monitoring, greatly reducing the need of polling.
A followup patch is planned to allow to add the write threshold at
device creation.
Signed-off-by: Francesco Romani from...@redhat.com
---
--- /dev/null
+++ b/block/write-threshold.c
@@ -0,0 +1,125 @@
+/*
+ * QEMU System Emulator block write threshold notification
+ *
+ * Copyright Red Hat, Inc. 2014
I've been so slow on the review that you may want to add 2015.
IANAL, but since most (~99%) of code was written in 2014, I'll just leave as
that.
+bool bdrv_write_threshold_is_set(const BlockDriverState *bs)
+{
+return !!(bs-write_threshold_offset 0);
The !! is spurious; use of already guarantees a bool result.
Will remove.
+++ b/qapi/block-core.json
@@ -239,6 +239,9 @@
#
# @iops_size: #optional an I/O size in bytes (Since 1.7)
#
+# @write_threshold: configured write threshold for the device.
+# 0 if disabled. (Since 2.3)
+#
# Since: 0.14.0
#
##
@@ -253,7 +256,7 @@
'*bps_max': 'int', '*bps_rd_max': 'int',
'*bps_wr_max': 'int', '*iops_max': 'int',
'*iops_rd_max': 'int', '*iops_wr_max': 'int',
-'*iops_size': 'int' } }
+'*iops_size': 'int', 'write_threshold': 'uint64' } }
'int' works as well as 'uint64'; since this is an output parameter, we
aren't gaining any stricter input parsing by using a more-specific type.
I found one case on which the usage 'int' vs 'uint64' made the code generator
emit different code - and the one using uint64 was more correct.
Can't recall if that is the case; I'll retry, and add a comment here
to document the behaviour if I stumble on this again.
My findings are minor, so I'm okay if you post a v5 that addresses them
and includes:
Reviewed-by: Eric Blake ebl...@redhat.com
Yep, will post ASAP.
Thanks and best regards.
--
Francesco Romani
RedHat Engineering Virtualization R D
Phone: 8261328
IRC: fromani
Re: [Qemu-devel] [PATCH 1/1] ich9: add disable_s3, disable_s4, s4_val properties
On (Mon) 12 Jan 2015 [12:26:08], Marcel Apfelbaum wrote: On 12/16/2014 01:23 PM, Amit Shah wrote: PIIX4 has disable_s3 and disable_s4 properties to enable or disable PM functions. Add such properties to the ICH9 chipset as well for the Q35 machine type. S3 / S4 are not guaranteed to always work (needs work in the guest as well as QEMU for things to work properly), and disabling advertising of these features ensures guests don't go into zombie state if something isn't working right. The defaults are kept the same as in PIIX4: both S3 and S4 are enabled by default. These can be disabled via the cmdline: ... -global ICH9-LPC,disable_s3=1 -global ICH9-LPC,disable_s4=1 ^^^ ^^^ Should be -global ICH9-LPC.disable_s3=1 -global ICH9-LPC.disable_s4=1 Indeed, thanks. Hi Amit, thanks for answering my prev question. I have one more:) I didn't see how the properties are connected to the ACPI mechanism. I tested it with your suggested command line and it didn't work from some reason. - I used ... -M Q35 -global ICH9-LPC.disable_s3=1 -global ICH9-LPC.disable_s4=1 - On guest: pm-is-supported --hibernate echo $? = 0 (enabled) - Furthermore, pm-hibernate worked Maybe I am missing something or maybe this is not in the scope of this patch. Hibernate is special for Linux guests. If acpi-based hibernate isn't available, Linux simulates it by writing a hibernate image and doing a shutdown of the guest instead of entering the S4 state. To test, there are two ways: check if s3 works after passing this parm, or check the acpi blobs inside the guest for the advertisement of the params. Amit
Re: [Qemu-devel] [PATCH 1/1] ich9: add disable_s3, disable_s4, s4_val properties
On (Mon) 12 Jan 2015 [13:01:28], Michael S. Tsirkin wrote: On Mon, Jan 12, 2015 at 04:25:01PM +0530, Amit Shah wrote: On (Mon) 12 Jan 2015 [12:26:08], Marcel Apfelbaum wrote: On 12/16/2014 01:23 PM, Amit Shah wrote: PIIX4 has disable_s3 and disable_s4 properties to enable or disable PM functions. Add such properties to the ICH9 chipset as well for the Q35 machine type. S3 / S4 are not guaranteed to always work (needs work in the guest as well as QEMU for things to work properly), and disabling advertising of these features ensures guests don't go into zombie state if something isn't working right. The defaults are kept the same as in PIIX4: both S3 and S4 are enabled by default. These can be disabled via the cmdline: ... -global ICH9-LPC,disable_s3=1 -global ICH9-LPC,disable_s4=1 ^^^ ^^^ Should be -global ICH9-LPC.disable_s3=1 -global ICH9-LPC.disable_s4=1 Indeed, thanks. Hi Amit, thanks for answering my prev question. I have one more:) I didn't see how the properties are connected to the ACPI mechanism. I tested it with your suggested command line and it didn't work from some reason. - I used ... -M Q35 -global ICH9-LPC.disable_s3=1 -global ICH9-LPC.disable_s4=1 - On guest: pm-is-supported --hibernate echo $? = 0 (enabled) - Furthermore, pm-hibernate worked Maybe I am missing something or maybe this is not in the scope of this patch. Hibernate is special for Linux guests. If acpi-based hibernate isn't available, Linux simulates it by writing a hibernate image and doing a shutdown of the guest instead of entering the S4 state. To test, there are two ways: check if s3 works after passing this parm, or check the acpi blobs inside the guest for the advertisement of the params. Amit Interesting. So this isn't for the benefit of linux guests then? Which guests do actually benefit? It might be a good idea to put this info in the commit log. No, this does disable the ACPI-based s4 advertisement, so it does affect Linux too. Linux, though, has a way of doing hibernate even when acpi-s4 isn't available. It's a convenience(?) feature offered by Linux, and isn't related to anything else. No need for mentioning it in the commit message, and this behaviour is not dependent on anything that qemu can or cannot do. (I think Windows since some version too does this, but don't remember the details..) Amit
Re: [Qemu-devel] [PATCH v3 3/9] rocker: add register programming guide
On 11/01/2015 04:57, sfel...@gmail.com wrote: From: Scott Feldman sfel...@gmail.com This is the register programming guide for the Rocker device. It's intended for driver writers and device writers. It covers the device's PCI space, the register set, DMA interface, and interrupts. Signed-off-by: Scott Feldman sfel...@gmail.com Signed-off-by: Jiri Pirko j...@resnulli.us --- hw/net/rocker/reg_guide.txt | 961 +++ 1 file changed, 961 insertions(+) create mode 100644 hw/net/rocker/reg_guide.txt This should be docs/specs/rocker.txt diff --git a/hw/net/rocker/reg_guide.txt b/hw/net/rocker/reg_guide.txt new file mode 100644 index 000..3146708 --- /dev/null +++ b/hw/net/rocker/reg_guide.txt @@ -0,0 +1,961 @@ +Rocker Network Switch Register Programming Guide +Copyright (c) Scott Feldman sfel...@gmail.com +Copyright (c) Neil Horman nhor...@tuxdriver.com +Version 0.11, 12/29/2014 + +LICENSE +=== + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +SECTION 1: Introduction +=== + +Overview + + +This document describes the hardware/software interface for the Rocker switch +device. The intended audience is authors of OS drivers and device emulation +software. + +Notations and Conventions +- + +o In register descriptions, [n:m] indicates a range from bit n to bit m, +inclusive. +o Use of leading 0x indicates a hexadecimal number. +o Use of leading 0b indicates a binary number. +o The use of RSVD or Reserved indicates that a bit or field is reserved for +future use. +o Field width is in bytes, unless otherwise noted. +o Register are (R) read-only, (R/W) read/write, (W) write-only, or (COR) clear +on read +o TLV values in network-byte-order are designated with (N). + + +SECTION 2: PCI Configuration Registers +== + +PCI Configuration Space +--- + +Each switch instance registers as a PCI device with PCI configuration space: + + offset width description value + - + 0x0 2 Vendor ID 0x1b36 + 0x2 2 Device ID 0x0006 + 0x4 4 Command/Status + 0x8 1 Revision ID 0x01 + 0x9 3 Class code 0x2800 + 0xC 1 Cache line size + 0xD 1 Latency timer + 0xE 1 Header type + 0xF 1 Built-in self test + 0x104 Base address low + 0x144 Base address high + 0x18-28 Reserved + 0x2C2 Subsystem vendor ID 0x + 0x2E2 Subsystem ID0x This should not be guaranteed to 0, should it? + 0x30-38 Reserved + 0x3C1 Interrupt line + 0x3D1 Interrupt pin 0x00 + 0x3E1 Min grant 0x00 + 0x3D1 Max latency 0x00 + 0x401 TRDY timeout + 0x411 Retry count + 0x422 Reserved + + +SECTION 3: Memory-Mapped Register Space +=== + +There are two memory-mapped BARs. BAR0 maps device register space and is +0x2000 in size. BAR1 maps MSI-X vector and PBA tables and is also 0x2000 in +size, allowing for 256 MSI-X vectors. The host BIOS will assign the base +address location. The host driver/OS will map the base address to host memory, +giving the driver mmio access to the device register space. No need for the bits after The host BIOS... since that's just normal PCI. +All registers are 4 or 8 bytes long. It is assumed host software will access 4 +byte registers with one 4-byte access, and 8 byte registers with either two +4-byte accesses or a single 8-byte access. In the case of two 4-byte accesses, +access must be lower and then upper 4-bytes, in that order. Double 4-byte accesses are not implemented, are they? +Interrupt credits +^ + +MSI-X vectors used for descriptor ring completions use a credit mechanism for +efficient device, PCIe bus, OS and driver operations. Each descriptor ring has +a credit count which represent the number of outstanding descriptors to be +processed by the driver. As the device marks descriptors complete, the credit +count is incremented. As the driver processes those outstanding descriptors, +it returns
Re: [Qemu-devel] [RFC PATCH 3/4] vfio-pci: add aer capability support
On 12/01/2015 04:04, Chen Fan wrote:
+static int vfio_add_ext_capabilities(VFIOPCIDevice *vdev)
+{
+PCIDevice *pdev = vdev-pdev;
+PCIExpressDevice *exp;
+uint32_t header;
+uint16_t next = PCI_CONFIG_SPACE_SIZE;
+
+if (pci_config_size(pdev) = PCI_CONFIG_SPACE_SIZE) {
+return 0;
+}
+
+header = pci_get_long(pdev-config + next);
+while (header) {
+switch (PCI_EXT_CAP_ID(header)) {
+case PCI_EXT_CAP_ID_ERR:
+ exp = pdev-exp;
+ exp-aer_cap = next;
+
+ /* enable the error report */
+ vfio_add_emulated_long(vdev, exp-exp_cap + PCI_EXP_DEVCTL,
+ PCI_EXP_DEVCTL_CERE | PCI_EXP_DEVCTL_NFERE |
+ PCI_EXP_DEVCTL_FERE | PCI_EXP_DEVCTL_URRE, ~0);
+ break;
+};
+
+next = PCI_EXT_CAP_NEXT(header);
+if (!next) {
+return 0;
+}
+header = pci_get_long(pdev-config + next);
+}
+
+return 0;
+}
+
Please add a property to the VFIO device, defaulting to true, and
disable it for older machine types.
Paolo
Re: [Qemu-devel] [PATCH 9/9] block-migration: add named dirty bitmaps migration
Best regards, Vladimir On 09.01.2015 01:36, Paolo Bonzini wrote: The bitmaps are transmitted many times in their entirety, but only the last copy actually means something. The others are lost. This means you should use the non-live interface (register_savevm). This will simplify the code a lot. But what if the dirty bitmap is really big? For example, for 5 Pb drive the bitmap with granularity 65536 will be of 2 Gb size. So, shouldn't it be migrated iteratively for live migration?
[Qemu-devel] [PATCH v2 0/4] relicense QEMU softfloat from 2b to to 2a
Hi; as you may be aware, we discovered some time back that the license of SoftFloat-2b is claimed to be GPLv2 incompatible by the FSF due to an indemnification clause. The previous release, SoftFloat-2a, did not contain this clause. We're therefore switching to the -2a release and relicensing (or reverting and reimplementing) all subsequent commits by QEMU contributors. Last time around we were able to collect acks for the relicensing from almost all contributors, so thanks to all of you. This patchset aims to complete the process by applying the relicensing patch and providing reimplemented code for the handful of commits that had to be reverted. The patch switching from upstream's SoftFloat-2b to -2a is constructed in the same way Anthony Liguori used in 2013: * diff commit 158142c2 against SoftFloat-2b to separate out the changes made by Fabrice as part of the import * copy over the SoftFloat-2a versions of the files instead * apply some mechanical transformations (line endings, block comment style) * re-apply Fabrice's patches * diff this endpoint against 158142c2 to give a 2b-to-2a relicensing patch * apply that to current master Following this change are a set of patches which revert and reimplement the only four commits in the tree which are still relevant and for which we could not get acks for relicensing. Finally there's a patch which adds comments to the top of each affected file clarifying the new licensing status (where the files contain portions under variously SoftFloat-2a, BSD and GPLv2+ licenses) and specifying the default license for new contributions (so we don't have to keep asking patch submitters to specify it). I've applied the Acked-by tags from the 2013 round to this patch as it seemed the most appropriate place. (Those acks should thus be taken to indicate approval for the relicensing rather than necessarily specifically for the wording choice.) I have updated the tarball at: http://people.linaro.org/~peter.maydell/softfloat-relicensing-proposed.tar.gz which describes in detail how the patchset was produced, including copies of upstream's pristine 2a and 2b tarballs, the commands for regenerating the relicense patch, and copies of the ack-emails. It also has the 'revert' and 'reimplement' patches as separate non-squashed patches. Changes v1-v2: * fixed the bad values of NaN constants in the reimplemented code * squashed the 'revert' and 'reimplement' patches together to avoid bisection breaks * use SF2a for new contributions, not GPLv2+ (as discussed in review) Peter Maydell (4): softfloat: Apply patch corresponding to rebasing to softfloat-2a softfloat: Revert and reimplement remaining portions of 75d62a5856 and 3430b0be36f softfloat: Revert and reimplement remaining parts of b645bb4885 and 5a6932d51d softfloat: Clarify license status fpu/softfloat-macros.h | 86 - fpu/softfloat-specialize.h | 135 +--- fpu/softfloat.c| 186 +++-- include/fpu/softfloat.h| 84 +++- 4 files changed, 349 insertions(+), 142 deletions(-) -- 1.9.1
[Qemu-devel] [PATCH v2 3/4] softfloat: Revert and reimplement remaining parts of b645bb4885 and 5a6932d51d
Revert the parts of commits b645bb4885 and 5a6932d51d which are still
in the codebase and under a SoftFloat-2b license.
Reimplement support for architectures where the most significant bit
in the mantissa is 1 for a signaling NaN rather than a quiet NaN,
by adding handling for SNAN_BIT_IS_ONE being set to the functions
which test values for NaN-ness.
This includes restoring the bugfixes lost in the reversion where
some of the float*_is_quiet_nan() functions were returning true
for both signaling and quiet NaNs.
[This is a mechanical squashing together of two separate revert
and reimplement patches.]
Signed-off-by: Peter Maydell peter.mayd...@linaro.org
---
fpu/softfloat-specialize.h | 57 +++---
1 file changed, 29 insertions(+), 28 deletions(-)
diff --git a/fpu/softfloat-specialize.h b/fpu/softfloat-specialize.h
index 39335b4..ef77e28 100644
--- a/fpu/softfloat-specialize.h
+++ b/fpu/softfloat-specialize.h
@@ -33,10 +33,14 @@ this code that are retained.
===
*/
+/* Does the target distinguish signaling NaNs from non-signaling NaNs
+ * by setting the most significant bit of the mantissa for a signaling NaN?
+ * (The more common choice is to have it be zero for SNaN and one for QNaN.)
+ */
#if defined(TARGET_MIPS) || defined(TARGET_SH4) || defined(TARGET_UNICORE32)
-#define SNAN_BIT_IS_ONE1
+#define SNAN_BIT_IS_ONE 1
#else
-#define SNAN_BIT_IS_ONE0
+#define SNAN_BIT_IS_ONE 0
#endif
#if defined(TARGET_XTENSA)
@@ -79,7 +83,7 @@ const float64 float64_default_nan = const_float64(LIT64(
0x7FFF ));
#elif defined(TARGET_PPC) || defined(TARGET_ARM) || defined(TARGET_ALPHA)
const float64 float64_default_nan = const_float64(LIT64( 0x7FF8 ));
#elif SNAN_BIT_IS_ONE
-const float64 float64_default_nan = const_float64(LIT64( 0x7FF7 ));
+const float64 float64_default_nan = const_float64(LIT64(0x7FF7));
#else
const float64 float64_default_nan = const_float64(LIT64( 0xFFF8 ));
#endif
@@ -89,7 +93,7 @@ const float64 float64_default_nan = const_float64(LIT64(
0xFFF8 ));
**/
#if SNAN_BIT_IS_ONE
#define floatx80_default_nan_high 0x7FFF
-#define floatx80_default_nan_low LIT64( 0xBFFF )
+#define floatx80_default_nan_low LIT64(0xBFFF)
#else
#define floatx80_default_nan_high 0x
#define floatx80_default_nan_low LIT64( 0xC000 )
@@ -103,8 +107,8 @@ const floatx80 floatx80_default_nan
| `low' values hold the most- and least-significant bits, respectively.
**/
#if SNAN_BIT_IS_ONE
-#define float128_default_nan_high LIT64( 0x7FFF7FFF )
-#define float128_default_nan_low LIT64( 0x )
+#define float128_default_nan_high LIT64(0x7FFF7FFF)
+#define float128_default_nan_low LIT64(0x)
#else
#define float128_default_nan_high LIT64( 0x8000 )
#define float128_default_nan_low LIT64( 0x )
@@ -255,9 +259,9 @@ int float32_is_quiet_nan( float32 a_ )
{
uint32_t a = float32_val(a_);
#if SNAN_BIT_IS_ONE
-return ( ( ( a22 ) 0x1FF ) == 0x1FE ) ( a 0x003F );
+return (((a 22) 0x1ff) == 0x1fe) (a 0x003f);
#else
-return ( 0xFF80 = (uint32_t) ( a1 ) );
+return ((uint32_t)(a 1) = 0xff80);
#endif
}
@@ -270,7 +274,7 @@ int float32_is_signaling_nan( float32 a_ )
{
uint32_t a = float32_val(a_);
#if SNAN_BIT_IS_ONE
-return ( 0xFF80 = (uint32_t) ( a1 ) );
+return ((uint32_t)(a 1) = 0xff80);
#else
return ( ( ( a22 ) 0x1FF ) == 0x1FE ) ( a 0x003F );
#endif
@@ -663,11 +667,10 @@ int float64_is_quiet_nan( float64 a_ )
{
uint64_t a = float64_val(a_);
#if SNAN_BIT_IS_ONE
-return
- ( ( ( a51 ) 0xFFF ) == 0xFFE )
- ( a LIT64( 0x0007 ) );
+return (((a 51) 0xfff) == 0xffe)
+(a 0x0007ULL);
#else
-return ( LIT64( 0xFFF0 ) = (uint64_t) ( a1 ) );
+return ((a 1) = 0xfff0ULL);
#endif
}
@@ -680,7 +683,7 @@ int float64_is_signaling_nan( float64 a_ )
{
uint64_t a = float64_val(a_);
#if SNAN_BIT_IS_ONE
-return ( LIT64( 0xFFF0 ) = (uint64_t) ( a1 ) );
+return ((a 1) = 0xfff0ULL);
#else
return
( ( ( a51 ) 0xFFF ) == 0xFFE )
@@ -864,11 +867,10 @@ int floatx80_is_quiet_nan( floatx80 a )
#if SNAN_BIT_IS_ONE
uint64_t aLow;
-aLow = a.low ~ LIT64( 0x4000 );
-return
- ( ( a.high 0x7FFF ) == 0x7FFF )
- (uint64_t) ( aLow1 )
- ( a.low == aLow );
+aLow = a.low ~0x4000ULL;
+return ((a.high 0x7fff) == 0x7fff)
+ (aLow 1)
+ (a.low == aLow);
[Qemu-devel] [PATCH v2 4/4] softfloat: Clarify license status
The code in the softfloat source files is under a mixture of licenses: the original code and many changes from QEMU contributors are under the base SoftFloat-2a license; changes from Stefan Weil and RedHat employees are GPLv2-or-later; changes from Fabrice Bellard are under the BSD license. Clarify this in the comments at the top of each affected source file, including a statement about the assumed licensing for future contributions, so we don't need to remember to ask patch submitters explicitly to pick a license. Signed-off-by: Peter Maydell peter.mayd...@linaro.org Acked-by: Andreas Färber afaer...@suse.de Acked-by: Aurelien Jarno aurel...@aurel32.net Acked-by: Avi Kivity avi.kiv...@gmail.com Acked-by: Ben Taylor bentaylor.sol...@gmail.com Acked-by: Blue Swirl blauwir...@gmail.com Acked-by: Christophe Lyon christophe.l...@st.com Acked-by: Fabrice Bellard fabr...@bellard.org Acked-by: Guan Xuetao g...@mprc.pku.edu.cn Acked-by: Juan Quintela quint...@redhat.com Acked-by: Max Filippov jcmvb...@gmail.com Acked-by: Paul Brook p...@codesourcery.com Acked-by: Paolo Bonzini pbonz...@redhat.com Acked-by: Peter Maydell peter.mayd...@linaro.org Acked-by: Richard Henderson r...@twiddle.net Acked-by: Richard Sandiford rdsandif...@googlemail.com Acked-by: Stefan Weil s...@weilnetz.de --- fpu/softfloat-macros.h | 48 +- fpu/softfloat-specialize.h | 48 +- fpu/softfloat.c| 48 +- include/fpu/softfloat.h| 48 +- 4 files changed, 188 insertions(+), 4 deletions(-) diff --git a/fpu/softfloat-macros.h b/fpu/softfloat-macros.h index ca1d81e..5e030cd 100644 --- a/fpu/softfloat-macros.h +++ b/fpu/softfloat-macros.h @@ -1,7 +1,18 @@ /* * QEMU float support macros * - * Derived from SoftFloat. + * The code in this source file is derived from release 2a of the SoftFloat + * IEC/IEEE Floating-point Arithmetic Package. Those parts of the code (and + * some later contributions) are provided under that license, as detailed below. + * It has subsequently been modified by contributors to the QEMU Project, + * so some portions are provided under: + * the SoftFloat-2a license + * the BSD license + * GPL-v2-or-later + * + * Any future contributions to this file after December 1st 2014 will be + * taken to be licensed under the Softfloat-2a license unless specifically + * indicated otherwise. */ /* @@ -33,6 +44,41 @@ this code that are retained. === */ +/* BSD licensing: + * Copyright (c) 2006, Fabrice Bellard + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its contributors + * may be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* Portions of this work are licensed under the terms of the GNU GPL, + * version 2 or later. See the COPYING file in the top-level directory. + */ + /* | This macro tests for minimum version of the GNU C compiler. **/ diff --git a/fpu/softfloat-specialize.h b/fpu/softfloat-specialize.h index ef77e28..4b6a33b 100644 --- a/fpu/softfloat-specialize.h +++ b/fpu/softfloat-specialize.h @@ -1,7 +1,18 @@ /* * QEMU float support * - * Derived from SoftFloat. + * The code in this source file is derived from release 2a of the SoftFloat + * IEC/IEEE Floating-point
Re: [Qemu-devel] [PATCH 2/4] console: add opengl rendering helper functions
On 12/01/2015 13:35, Gerd Hoffmann wrote: +/* + * QEMU graphical console -- opengl helper bits + * + * Copyright (c) 2004 Fabrice Bellard + * Copyright Red Hat / Author you? Paolo
Re: [Qemu-devel] [PATCH 2/4] console: add opengl rendering helper functions
On Mo, 2015-01-12 at 14:04 +0100, Paolo Bonzini wrote: On 12/01/2015 13:35, Gerd Hoffmann wrote: +/* + * QEMU graphical console -- opengl helper bits + * + * Copyright (c) 2004 Fabrice Bellard + * Copyright Red Hat / Author you? Ahem, yes. Just carelessly moved over the comment from console.c, which doesn't make much sense given this is all new code ... cheers, Gerd
Re: [Qemu-devel] [Xen-devel] [PATCH] xen-pt: Fix PCI devices re-attach failed
Use the 'xl pci-attach $DomU $BDF' command to attach more than one PCI devices to the guest, then detach the devices with 'xl pci-detach $DomU $BDF', after that, re-attach these PCI devices again, an error message will be reported like following: libxl: error: libxl_qmp.c:287:qmp_handle_error_response: receive an error message from QMP server: Duplicate ID 'pci-pt-03_10.1' for device. The count of calling xen_pt_region_add and xen_pt_region_del are not the same will cause the XenPCIPassthroughState and it's related QemuOpts object not be released properly. Thanks for the patch! From this description, I don't quite understand why the memory_region_ref and memory_region_unref calls are wrong. What do you mean by The count of calling xen_pt_region_add and xen_pt_region_del are not the same? I means for some memory regions , only the xen_pt_region_add callback function was called while the xen_pt_region_del was not called. On unplug xen_pt_region_del does not get called? Or the memory region argument is not exactly the same as the one initially passed to xen_pt_region_add? agree. Liang, could you elaborate how the patch is associated with above explanation? :-) I have verified the following patch can work too: diff --git a/hw/xen/xen_pt.c b/hw/xen/xen_pt.c index c1bf357..f2893b2 100644 --- a/hw/xen/xen_pt.c +++ b/hw/xen/xen_pt.c @@ -736,7 +736,7 @@ static int xen_pt_initfn(PCIDevice *d) } out: -memory_listener_register(s-memory_listener, address_space_memory); +memory_listener_register(s-memory_listener, + s-dev.bus_master_as); memory_listener_register(s-io_listener, address_space_io); XEN_PT_LOG(d, Real physical device %02x:%02x.%d registered successfully!\n, By further debugging, I found when using 'address_space_memory', 'xen_pt_region_del' won't be called when the memory region's name is not ' xen-pci-pt-*', when using ' s-dev.bus_master_as ', there is no such issue. I think use the device related address space here is more reasonable, but I am not sure. Could you give some suggestion? Liang
Re: [Qemu-devel] [PULL 00/26] Block patches
On Sat, Jan 10, 2015 at 07:05:47PM +, Peter Maydell wrote: On 9 January 2015 at 10:16, Stefan Hajnoczi stefa...@redhat.com wrote: This pull request depends on the previous block pull request which has not been merged yet. It was sent on Monday, 5th of January (Message-id: 1420458696-1885-1-git-send-email-stefa...@redhat.com). The following changes since commit 3bd54e576f40f1d5bf45b4828c7316efd76a4db6: migration/block: fix pending() return value (2015-01-05 11:34:52 +) are available in the git repository at: git://github.com/stefanha/qemu.git tags/block-pull-request for you to fetch changes up to 4cba4284918145de66e27959725559f8aaf764ef: NVMe: Set correct VS Value for 1.1 Compliant Controllers (2015-01-09 10:12:23 +) I'm confused. You say this pull depends on the other one, but the emails give the same tag name for both, so I can't pull the other one first. (In fact, if not for this one failing I would have applied it under the assumption that it *was* the previous pullreq...) I used a script that overwrites the pull request tag. Sorry for the confusion. You can look at the for you to fetch changes up to 4cba4284918145de66e27959725559f8aaf764ef lines to identify which commits are part of each pull request. I'm resending a new (combined) revision without the make check-block commit. Stefan pgptm_qoScVm1.pgp Description: PGP signature
Re: [Qemu-devel] [PATCH 9/9] block-migration: add named dirty bitmaps migration
On 12/01/2015 15:20, Vladimir Sementsov-Ogievskiy wrote: On 09.01.2015 01:36, Paolo Bonzini wrote: The bitmaps are transmitted many times in their entirety, but only the last copy actually means something. The others are lost. This means you should use the non-live interface (register_savevm). This will simplify the code a lot. But what if the dirty bitmap is really big? For example, for 5 Pb drive the bitmap with granularity 65536 will be of 2 Gb size. So, shouldn't it be migrated iteratively for live migration? But your code is not attempting to do that. It is not attempting to track the dirtiness of the dirty bitmap, so to speak. For such a huge storage, in any case, I suspect the solution is to not use QEMU's live operations and, instead, operate at the storage level. Paolo
[Qemu-devel] [PATCH v2 2/4] softfloat: Revert and reimplement remaining portions of 75d62a5856 and 3430b0be36f
Revert the remaining portions of commits 75d62a5856 and 3430b0be36f
which are under a SoftFloat-2b license, ie the functions
uint64_to_float32() and uint64_to_float64(). (The float64_to_uint64()
and float64_to_uint64_round_to_zero() functions were completely
rewritten in commits fb3ea83aa and 0a87a3107d so can stay.)
Reimplement from scratch the uint64_to_float64() and uint64_to_float32()
conversion functions.
[This is a mechanical squashing together of two separate revert
and reimplement patches.]
Signed-off-by: Peter Maydell peter.mayd...@linaro.org
---
fpu/softfloat.c | 100 +++-
include/fpu/softfloat.h | 4 +-
2 files changed, 67 insertions(+), 37 deletions(-)
diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index 6041dbd..ad316e7 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -1302,27 +1302,6 @@ float32 int64_to_float32(int64_t a STATUS_PARAM)
}
-float32 uint64_to_float32(uint64_t a STATUS_PARAM)
-{
-int8 shiftCount;
-
-if ( a == 0 ) return float32_zero;
-shiftCount = countLeadingZeros64( a ) - 40;
-if ( 0 = shiftCount ) {
-return packFloat32(0, 0x95 - shiftCount, ashiftCount);
-}
-else {
-shiftCount += 7;
-if ( shiftCount 0 ) {
-shift64RightJamming( a, - shiftCount, a );
-}
-else {
-a = shiftCount;
-}
-return roundAndPackFloat32(0, 0x9C - shiftCount, a STATUS_VAR);
-}
-}
-
/*
| Returns the result of converting the 64-bit two's complement integer `a'
| to the double-precision floating-point format. The conversion is performed
@@ -1342,20 +1321,6 @@ float64 int64_to_float64(int64_t a STATUS_PARAM)
}
-float64 uint64_to_float64(uint64_t a STATUS_PARAM)
-{
-int exp = 0x43C;
-
-if (a == 0) {
-return float64_zero;
-}
-if ((int64_t)a 0) {
-shift64RightJamming(a, 1, a);
-exp += 1;
-}
-return normalizeRoundAndPackFloat64(0, exp, a STATUS_VAR);
-}
-
/*
| Returns the result of converting the 64-bit two's complement integer `a'
| to the extended double-precision floating-point format. The conversion
@@ -1410,6 +1375,71 @@ float128 int64_to_float128(int64_t a STATUS_PARAM)
}
+/*
+| Returns the result of converting the 64-bit unsigned integer `a'
+| to the single-precision floating-point format. The conversion is performed
+| according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
+**/
+
+float32 uint64_to_float32(uint64_t a STATUS_PARAM)
+{
+int shiftcount;
+
+if (a == 0) {
+return float32_zero;
+}
+
+/* Determine (left) shift needed to put first set bit into bit posn 23
+ * (since packFloat32() expects the binary point between bits 23 and 22);
+ * this is the fast case for smallish numbers.
+ */
+shiftcount = countLeadingZeros64(a) - 40;
+if (shiftcount = 0) {
+return packFloat32(0, 0x95 - shiftcount, a shiftcount);
+}
+/* Otherwise we need to do a round-and-pack. roundAndPackFloat32()
+ * expects the binary point between bits 30 and 29, hence the + 7.
+ */
+shiftcount += 7;
+if (shiftcount 0) {
+shift64RightJamming(a, -shiftcount, a);
+} else {
+a = shiftcount;
+}
+
+return roundAndPackFloat32(0, 0x9c - shiftcount, a STATUS_VAR);
+}
+
+/*
+| Returns the result of converting the 64-bit unsigned integer `a'
+| to the double-precision floating-point format. The conversion is performed
+| according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
+**/
+
+float64 uint64_to_float64(uint64_t a STATUS_PARAM)
+{
+int exp = 0x43C;
+int shiftcount;
+
+if (a == 0) {
+return float64_zero;
+}
+
+shiftcount = countLeadingZeros64(a) - 1;
+if (shiftcount 0) {
+shift64RightJamming(a, -shiftcount, a);
+} else {
+a = shiftcount;
+}
+return roundAndPackFloat64(0, exp - shiftcount, a STATUS_VAR);
+}
+
+/*
+| Returns the result of converting the 64-bit unsigned integer `a'
+| to the quadruple-precision floating-point format. The conversion is
performed
+| according to the IEC/IEEE Standard for Binary Floating-Point Arithmetic.
+**/
+
float128 uint64_to_float128(uint64_t a STATUS_PARAM)
{
if (a == 0) {
diff --git a/include/fpu/softfloat.h b/include/fpu/softfloat.h
index 4da5778..b3c710a
Re: [Qemu-devel] [RFC PATCH 2/4] pcie-aer: Fix command pcie_aer_inject_error is invalid
On 01/12/2015 05:04 AM, Chen Fan wrote:
in spec PCI Express 3.0 section 6.2.6 Figure 6-3 virtual bridge part,
the flowchart showing tell us SERR# enable at Bridge Control register
associate with system error at Secondary Status register can send error
message. but bridge_control from dev-config is NULL, and SERR# was set
in dev-wmask in pcie_aer_init()
wmask denotes the register bits that can be written by the guest.
If you are referring to:
pci_word_test_and_set_mask(dev-wmask + PCI_BRIDGE_CONTROL,
PCI_BRIDGE_CTL_SERR);
that means that the OS *is able* to turn on/off SERR forwarding.
which was implemented by root port and
swith devices, so we should add wmask (for w/r) bit set for bridge control.
we can user command like:
qemu_system_x86_64:
-device ioh3420,bus=pcie.0,addr=1c.0,multifunction=on,port=1,id=bridge1
-device x3130-upstream,bus=bridge1,id=up.1,addr=00.0
-device xio3130-downstream,bus=up.1,id=down.1,port=1,addr=00.0,chassis=5
(qemu) pcie_aer_inject_error net0 POISON_TLP
after that,
guest can output the error message.
Signed-off-by: Chen Fan chen.fan.f...@cn.fujitsu.com
---
hw/pci/pcie_aer.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/pci/pcie_aer.c b/hw/pci/pcie_aer.c
index 7ca077a..571dc92 100644
--- a/hw/pci/pcie_aer.c
+++ b/hw/pci/pcie_aer.c
@@ -231,7 +231,8 @@ pcie_aer_msg_alldev(PCIDevice *dev, const PCIEAERMsg *msg)
*/
static bool pcie_aer_msg_vbridge(PCIDevice *dev, const PCIEAERMsg *msg)
{
-uint16_t bridge_control = pci_get_word(dev-config + PCI_BRIDGE_CONTROL);
Here we check if the Guest OS/firmware actually turned the #SERR forwarding on.
+uint16_t bridge_control = pci_get_word(dev-config + PCI_BRIDGE_CONTROL) |
+ pci_get_word(dev-wmask + PCI_BRIDGE_CONTROL);
I don't think that this check is correct given the above comments.
Please correct me if I mislead you,
Thanks,
Marcel
if (pcie_aer_msg_is_uncor(msg)) {
/* Received System Error */
Re: [Qemu-devel] [Xen-devel] [PATCH] xen-pt: Fix PCI devices re-attach failed
On 12/01/2015 14:35, Li, Liang Z wrote: diff --git a/hw/xen/xen_pt.c b/hw/xen/xen_pt.c index c1bf357..f2893b2 100644 --- a/hw/xen/xen_pt.c +++ b/hw/xen/xen_pt.c @@ -736,7 +736,7 @@ static int xen_pt_initfn(PCIDevice *d) } out: -memory_listener_register(s-memory_listener, address_space_memory); +memory_listener_register(s-memory_listener, + s-dev.bus_master_as); memory_listener_register(s-io_listener, address_space_io); XEN_PT_LOG(d, Real physical device %02x:%02x.%d registered successfully!\n, By further debugging, I found when using 'address_space_memory', 'xen_pt_region_del' won't be called when the memory region's name is not ' xen-pci-pt-*', when using ' s-dev.bus_master_as ', there is no such issue. I think use the device related address space here is more reasonable, but I am not sure. Could you give some suggestion? Yes, this patch makes sense. The listener will be called every time the command register is written. Paolo
Re: [Qemu-devel] [PATCH v2] Gives user ability to select endian format for video display - fixes Mac OS X guest color issue.
On 12 January 2015 at 14:51, Programmingkid programmingk...@gmail.com wrote: On Jan 12, 2015, at 4:12 AM, Gerd Hoffmann wrote: I suggest to add fixed endian defines for 32bpp to include/ui/qemu-pixman.h (there already is one for 24bpp), then use these to avoid cluttering the cocoa code with HOST_WORDS_BIGENDIAN #defines. The colorspace bits look sane to me, I'm not macos x expert enough to really justify. If someone volunteered to test any code changes on their PowerPC Mac, then I would try this. It generally works the other way around -- if the documentation for something says X, then you write the code assuming that, and test it on the platforms you have access to, and trust that the others will work anyway. You don't write code that the documentation says won't work portably just because it happens to work on the platforms you have access to... [In this case X is pixman formats are host-endian.] Also, this should almost certainly be a switch (surface-format) and bail out on things we can't handle. thanks -- PMM
Re: [Qemu-devel] [PATCH v2] Gives user ability to select endian format for video display - fixes Mac OS X guest color issue.
On 12/01/2015 15:51, Programmingkid wrote:
+/* Determines the pixel format of the frame buffer */ +
if (surface-format == PIXMAN_b8g8r8x8) { +
bitmap_info = kCGBitmapByteOrder32Big |
kCGImageAlphaNoneSkipFirst; +}
That certainly goes into the right direction.
Thank you.
PIXMAN_* is native endian though, so I expect this will work on
the intel macos host you are testing on but will fail on powerpc
macos hosts.
Unfortunately there appears to be no way to know. The last PowerPC
Macs came out over 9 years ago. There probably isn't anyone on the
list who uses one.
I have one, though it does not have enough memory to run Mac OS X
guests. In any case, pixman clearly says that b8g8r8x8 is BGRA in
host-endianness, so not the same as kCGBitmapByteOrder32Big.
So your patch just needs something like this in ui/cocoa.m:
#ifdef HOST_WORDS_BIGENDIAN
#define PIXMAN_BE_b8g8r8x8 PIXMAN_b8g8r8x8
#else
#define PIXMAN_BE_b8g8r8x8 PIXMAN_x8r8g8b8
#endif
so that you can replace PIXMAN_b8g8r8x8 with PIXMAN_BE_x8r8g8b8 in your
test. (You'll also need a matching else that restores
kCGBitmapByteOrder32Little---if only for clarity: assuming little-endian
in the initializer is ugly).
Paolo
Re: [Qemu-devel] How to clone a running vm?
On 01/12/2015 12:49 AM, Zhang Haoyu wrote: Hi, I want to clone a running vm without shutoff, A number of people have expressed a desire to do this. But PLEASE consider the security implications. If you have two guests running from the same initial running state, without sanitizing at least one of the guests, then you have set yourself up for major security breaches if the two guests can be accessed on the same network. Things you need to sanitize include, but are not limited to, all guest OS random number seeding, IP addresses, UUIDs, ssh keys, etc. can below method work? 1) create a snapshot for the vm 2) create a new qcow2 image from the snapshot, but how? 3) use the new qcow2 image as backing image to clone vms While you can indeed create a qcow2 image from a running guest, I highly suggest scrubbing and sanitizing that image before cloning new VMs that use that state; and that your new guests be booted from scratch rather than attempting to live-boot the cloned guests. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature
Re: [Qemu-devel] [PATCH v2] Gives user ability to select endian format for video display - fixes Mac OS X guest color issue.
On 12 January 2015 at 15:11, Paolo Bonzini pbonz...@redhat.com wrote: So your patch just needs something like this in ui/cocoa.m: #ifdef HOST_WORDS_BIGENDIAN #define PIXMAN_BE_b8g8r8x8 PIXMAN_b8g8r8x8 #else #define PIXMAN_BE_b8g8r8x8 PIXMAN_x8r8g8b8 #endif In qemu-pixman.h, surely? (goes with the existing one we have). -- PMM
Re: [Qemu-devel] [PULL 00/10] Linked list for tcg ops
On 01/12/2015 02:09 AM, Peter Maydell wrote: On 12 January 2015 at 10:06, Peter Maydell peter.mayd...@linaro.org wrote: On 9 January 2015 at 21:23, Richard Henderson r...@twiddle.net wrote: Finally revisiting these since early November. Thanks to Bastian Koppelmann for reviewing most of these. This seems to break ppc linux-user: NB: I had to resolve what looked like some fairly trivial conflicts in gen-icount.h, but it's possible the breakage was down to my messing the resolution up. No, it's some problem in one of the last two optimization patches. I've rebased to fix the conflicts and dropped these two; the patch set is now exclusively linked list conversion. New signed tag is git://github.com/rth7680/qemu.git tcg-pull-20150112 r~
Re: [Qemu-devel] [PATCH 1/4] configure: opengl overhaul
On Mo, 2015-01-12 at 13:55 +0100, Paolo Bonzini wrote: On 12/01/2015 13:35, Gerd Hoffmann wrote: Rename config option from glx to opengl, glx will not be the only option for opengl in near future. Also switch over to pkg-config for opengl support detection. Signed-off-by: Gerd Hoffmann kra...@redhat.com Gerd, since you're working in this area, can you pick up http://article.gmane.org/gmane.comp.emulators.qemu/313402 as well? I had queued it for my next pull request, but it conflicts with your stuff. Yep, the gl bits conflict, I'll pick it up and handle the conflicts. cheers, Gerd
Re: [Qemu-devel] [PATCH 0/1] pci: allow 0 address for PCI IO/MEM regions
Quoting Michael Roth (2014-12-23 13:33:35) This patch enables the programming of address 0 for IO/MMIO BARs for PCI devices. It was originally included as part of a series implementing PCI hotplug for pseries guests, where it is needed due to the fact that pseries guests access IO space via MMIO, and that IO space is dedicated to PCI devices, with RTAS calls being used in place of common/legacy IO ports such as config-data/config-address. Thus, the entire range is unhindered by legacy IO ports, and pseries guest kernels may attempt to program an IO BAR to address 0 as a result. This has led to a conflict with the existing PCI config space emulation code, where it has been assumed that 0 address are always invalid. Some background from discussions can be viewed here: https://lists.nongnu.org/archive/html/qemu-devel/2014-08/msg03063.html The general summary from that discussion seems to be that 0-addresses are not (at least, are no longer) prohibited by current versions of the PCI spec, and that the same should apply for MMIO addresses (where allowing 0-addresses are also needed for some ARM-based PCI controllers). This patch includes support for 0-address MMIO BARs based on that discussion. One still-lingering concern is whether this change will impact compatibility with guests where 0-addresses are invalid. There was some discussion on whether this issue could be addressed using memory region priorities, but I think that's still an open question that we can hopefully address here. Ping
[Qemu-devel] [PATCH v2 1/4] softfloat: Apply patch corresponding to rebasing to softfloat-2a
This commit applies the changes to master which correspond to replacing commit 158142c2c2df with a set of changes made by: * taking the SoftFloat-2a release * mechanically transforming the block comment style * reapplying Fabrice's original changes from 158142c2c2df This commit was created by: diff -u 158142c2c2df import-sf-2a patch -p1 --fuzz 10 ../relicense-patch.txt (where import-sf-2a is the branch resulting from the changes above). Signed-off-by: Peter Maydell peter.mayd...@linaro.org --- fpu/softfloat-macros.h | 38 ++ fpu/softfloat-specialize.h | 30 ++ fpu/softfloat.c| 38 ++ include/fpu/softfloat.h| 32 +++- 4 files changed, 65 insertions(+), 73 deletions(-) diff --git a/fpu/softfloat-macros.h b/fpu/softfloat-macros.h index 0dcda93..ca1d81e 100644 --- a/fpu/softfloat-macros.h +++ b/fpu/softfloat-macros.h @@ -4,10 +4,10 @@ * Derived from SoftFloat. */ -/* - +/* +=== This C source fragment is part of the SoftFloat IEC/IEEE Floating-point -Arithmetic Package, Release 2b. +Arithmetic Package, Release 2a. Written by John R. Hauser. This work was made possible in part by the International Computer Science Institute, located at Suite 600, 1947 Center @@ -16,24 +16,22 @@ National Science Foundation under grant MIP-9311980. The original version of this code was written as part of a project to build a fixed-point vector processor in collaboration with the University of California at Berkeley, overseen by Profs. Nelson Morgan and John Wawrzynek. More information -is available through the Web page `http://www.cs.berkeley.edu/~jhauser/ +is available through the Web page `http://HTTP.CS.Berkeley.EDU/~jhauser/ arithmetic/SoftFloat.html'. -THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort has -been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT TIMES -RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO PERSONS -AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ALL LOSSES, -COSTS, OR OTHER PROBLEMS THEY INCUR DUE TO THE SOFTWARE, AND WHO FURTHERMORE -EFFECTIVELY INDEMNIFY JOHN HAUSER AND THE INTERNATIONAL COMPUTER SCIENCE -INSTITUTE (possibly via similar legal notice) AGAINST ALL LOSSES, COSTS, OR -OTHER PROBLEMS INCURRED BY THEIR CUSTOMERS AND CLIENTS DUE TO THE SOFTWARE. +THIS SOFTWARE IS DISTRIBUTED AS IS, FOR FREE. Although reasonable effort +has been made to avoid it, THIS SOFTWARE MAY CONTAIN FAULTS THAT WILL AT +TIMES RESULT IN INCORRECT BEHAVIOR. USE OF THIS SOFTWARE IS RESTRICTED TO +PERSONS AND ORGANIZATIONS WHO CAN AND WILL TAKE FULL RESPONSIBILITY FOR ANY +AND ALL LOSSES, COSTS, OR OTHER PROBLEMS ARISING FROM ITS USE. Derivative works are acceptable, even for commercial purposes, so long as -(1) the source code for the derivative work includes prominent notice that -the work is derivative, and (2) the source code includes prominent notice with -these four paragraphs for those parts of this code that are retained. +(1) they include prominent notice that the work is derivative, and (2) they +include prominent notice akin to these four paragraphs for those parts of +this code that are retained. -=*/ +=== +*/ /* | This macro tests for minimum version of the GNU C compiler. @@ -107,10 +105,10 @@ static inline void shift64RightJamming(uint64_t a, int_fast16_t count, uint64_t | 63 bits of the extra result are all zero if and only if _all_but_the_last_ | bits shifted off were all zero. This extra result is stored in the location | pointed to by `z1Ptr'. The value of `count' can be arbitrarily large. -| (This routine makes more sense if `a0' and `a1' are considered to form -| a fixed-point value with binary point between `a0' and `a1'. This fixed- -| point value is shifted right by the number of bits given in `count', and -| the integer part of the result is returned at the location pointed to by +| (This routine makes more sense if `a0' and `a1' are considered to form a +| fixed-point value with binary point between `a0' and `a1'. This fixed-point +| value is shifted right by the number of bits given in `count', and the +| integer part of the result is returned at the location pointed to by | `z0Ptr'. The fractional part of the result may be slightly corrupted as | described above, and is returned at the location pointed to by `z1Ptr'.) **/ diff --git a/fpu/softfloat-specialize.h
Re: [Qemu-devel] [PATCH v2] Gives user ability to select endian format for video display - fixes Mac OS X guest color issue.
On Jan 12, 2015, at 4:12 AM, Gerd Hoffmann wrote:
Hi,
+/* Determines the pixel format of the frame buffer */
+if (surface-format == PIXMAN_b8g8r8x8) {
+bitmap_info = kCGBitmapByteOrder32Big | kCGImageAlphaNoneSkipFirst;
+}
That certainly goes into the right direction.
Thank you.
PIXMAN_* is native endian though, so I expect this will work on the
intel macos host you are testing on but will fail on powerpc macos
hosts.
Unfortunately there appears to be no way to know. The last PowerPC Macs came
out over 9 years ago. There probably isn't anyone on the list who uses one.
I suggest to add fixed endian defines for 32bpp to
include/ui/qemu-pixman.h (there already is one for 24bpp), then use
these to avoid cluttering the cocoa code with HOST_WORDS_BIGENDIAN
#defines.
The colorspace bits look sane to me, I'm not macos x expert enough to
really justify.
If someone volunteered to test any code changes on their PowerPC Mac, then I
would try this.
[Qemu-devel] [PATCH v5] block: add event when disk usage exceeds threshold
Managing applications, like oVirt (http://www.ovirt.org), make extensive
use of thin-provisioned disk images.
To let the guest run smoothly and be not unnecessarily paused, oVirt sets
a disk usage threshold (so called 'high water mark') based on the occupation
of the device, and automatically extends the image once the threshold
is reached or exceeded.
In order to detect the crossing of the threshold, oVirt has no choice but
aggressively polling the QEMU monitor using the query-blockstats command.
This lead to unnecessary system load, and is made even worse under scale:
deployments with hundreds of VMs are no longer rare.
To fix this, this patch adds:
* A new monitor command `block-set-write-threshold', to set a mark for
a given block device.
* A new event `BLOCK_WRITE_THRESHOLD', to report if a block device
usage exceeds the threshold.
* A new `write_threshold' field into the `BlockDeviceInfo' structure,
to report the configured threshold.
This will allow the managing application to use smarter and more
efficient monitoring, greatly reducing the need of polling.
Signed-off-by: Francesco Romani from...@redhat.com
Reviewed-by: Eric Blake ebl...@redhat.com
---
block/Makefile.objs | 1 +
block/qapi.c| 3 +
block/write-threshold.c | 125
include/block/block_int.h | 4 ++
include/block/write-threshold.h | 64
qapi/block-core.json| 51 +++-
qmp-commands.hx | 32 ++
tests/Makefile | 3 +
tests/test-write-threshold.c| 119 ++
9 files changed, 401 insertions(+), 1 deletion(-)
create mode 100644 block/write-threshold.c
create mode 100644 include/block/write-threshold.h
create mode 100644 tests/test-write-threshold.c
diff --git a/block/Makefile.objs b/block/Makefile.objs
index 04b0e43..010afad 100644
--- a/block/Makefile.objs
+++ b/block/Makefile.objs
@@ -20,6 +20,7 @@ block-obj-$(CONFIG_GLUSTERFS) += gluster.o
block-obj-$(CONFIG_ARCHIPELAGO) += archipelago.o
block-obj-$(CONFIG_LIBSSH2) += ssh.o
block-obj-y += accounting.o
+block-obj-y += write-threshold.o
common-obj-y += stream.o
common-obj-y += commit.o
diff --git a/block/qapi.c b/block/qapi.c
index fa68ba7..709b328 100644
--- a/block/qapi.c
+++ b/block/qapi.c
@@ -24,6 +24,7 @@
#include block/qapi.h
#include block/block_int.h
+#include block/write-threshold.h
#include qmp-commands.h
#include qapi-visit.h
#include qapi/qmp-output-visitor.h
@@ -89,6 +90,8 @@ BlockDeviceInfo *bdrv_block_device_info(BlockDriverState *bs)
info-iops_size = cfg.op_size;
}
+info-write_threshold = bdrv_write_threshold_get(bs);
+
return info;
}
diff --git a/block/write-threshold.c b/block/write-threshold.c
new file mode 100644
index 000..c2cd517
--- /dev/null
+++ b/block/write-threshold.c
@@ -0,0 +1,125 @@
+/*
+ * QEMU System Emulator block write threshold notification
+ *
+ * Copyright Red Hat, Inc. 2014
+ *
+ * Authors:
+ * Francesco Romani from...@redhat.com
+ *
+ * This work is licensed under the terms of the GNU LGPL, version 2 or later.
+ * See the COPYING.LIB file in the top-level directory.
+ */
+
+#include block/block_int.h
+#include block/coroutine.h
+#include block/write-threshold.h
+#include qemu/notify.h
+#include qapi-event.h
+#include qmp-commands.h
+
+
+uint64_t bdrv_write_threshold_get(const BlockDriverState *bs)
+{
+return bs-write_threshold_offset;
+}
+
+bool bdrv_write_threshold_is_set(const BlockDriverState *bs)
+{
+return bs-write_threshold_offset 0;
+}
+
+static void write_threshold_disable(BlockDriverState *bs)
+{
+if (bdrv_write_threshold_is_set(bs)) {
+notifier_with_return_remove(bs-write_threshold_notifier);
+bs-write_threshold_offset = 0;
+}
+}
+
+uint64_t bdrv_write_threshold_exceeded(const BlockDriverState *bs,
+ const BdrvTrackedRequest *req)
+{
+if (bdrv_write_threshold_is_set(bs)) {
+if (req-offset bs-write_threshold_offset) {
+return (req-offset - bs-write_threshold_offset) + req-bytes;
+}
+if ((req-offset + req-bytes) bs-write_threshold_offset) {
+return (req-offset + req-bytes) - bs-write_threshold_offset;
+}
+}
+return 0;
+}
+
+static int coroutine_fn before_write_notify(NotifierWithReturn *notifier,
+void *opaque)
+{
+BdrvTrackedRequest *req = opaque;
+BlockDriverState *bs = req-bs;
+uint64_t amount = 0;
+
+amount = bdrv_write_threshold_exceeded(bs, req);
+if (amount 0) {
+qapi_event_send_block_write_threshold(
+bs-node_name,
+amount,
+bs-write_threshold_offset,
+error_abort);
+
+/* autodisable to avoid flooding the monitor */
+write_threshold_disable(bs);
+}
+
+return 0; /* should always
[Qemu-devel] [PULL v3 5/7] s390: Add PCI bus support
From: Frank Blaschka frank.blasc...@de.ibm.com
This patch implements a pci bus for s390x together with infrastructure
to generate and handle hotplug events, to configure/unconfigure via
sclp instruction, to do iommu translations and provide s390 support for
MSI/MSI-X notification processing.
Signed-off-by: Frank Blaschka frank.blasc...@de.ibm.com
Signed-off-by: Cornelia Huck cornelia.h...@de.ibm.com
---
MAINTAINERS |2 +
default-configs/s390x-softmmu.mak |1 +
hw/s390x/Makefile.objs|1 +
hw/s390x/css.c|5 +
hw/s390x/css.h|1 +
hw/s390x/s390-pci-bus.c | 591 +
hw/s390x/s390-pci-bus.h | 251
hw/s390x/s390-virtio-ccw.c|7 +
hw/s390x/sclp.c | 10 +-
include/hw/s390x/sclp.h |8 +
target-s390x/ioinst.c | 52
target-s390x/ioinst.h |1 +
12 files changed, 929 insertions(+), 1 deletion(-)
create mode 100644 hw/s390x/s390-pci-bus.c
create mode 100644 hw/s390x/s390-pci-bus.h
diff --git a/MAINTAINERS b/MAINTAINERS
index 7fc3cdb..29c6834 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -538,6 +538,7 @@ S390 Virtio
M: Alexander Graf ag...@suse.de
S: Maintained
F: hw/s390x/s390-*.c
+X: hw/s390x/*pci*.[hc]
S390 Virtio-ccw
M: Cornelia Huck cornelia.h...@de.ibm.com
@@ -548,6 +549,7 @@ F: hw/s390x/s390-virtio-ccw.c
F: hw/s390x/css.[hc]
F: hw/s390x/sclp*.[hc]
F: hw/s390x/ipl*.[hc]
+F: hw/s390x/*pci*.[hc]
F: include/hw/s390x/
F: pc-bios/s390-ccw/
T: git git://github.com/cohuck/qemu virtio-ccw-upstr
diff --git a/default-configs/s390x-softmmu.mak
b/default-configs/s390x-softmmu.mak
index 126d88d..6ee2ff8 100644
--- a/default-configs/s390x-softmmu.mak
+++ b/default-configs/s390x-softmmu.mak
@@ -1,3 +1,4 @@
+include pci.mak
CONFIG_VIRTIO=y
CONFIG_SCLPCONSOLE=y
CONFIG_S390_FLIC=y
diff --git a/hw/s390x/Makefile.objs b/hw/s390x/Makefile.objs
index 1ba6c3a..428d957 100644
--- a/hw/s390x/Makefile.objs
+++ b/hw/s390x/Makefile.objs
@@ -8,3 +8,4 @@ obj-y += ipl.o
obj-y += css.o
obj-y += s390-virtio-ccw.o
obj-y += virtio-ccw.o
+obj-y += s390-pci-bus.o
diff --git a/hw/s390x/css.c b/hw/s390x/css.c
index b67c039..d0c5dde 100644
--- a/hw/s390x/css.c
+++ b/hw/s390x/css.c
@@ -1299,6 +1299,11 @@ void css_generate_chp_crws(uint8_t cssid, uint8_t chpid)
/* TODO */
}
+void css_generate_css_crws(uint8_t cssid)
+{
+css_queue_crw(CRW_RSC_CSS, 0, 0, cssid);
+}
+
int css_enable_mcsse(void)
{
trace_css_enable_facility(mcsse);
diff --git a/hw/s390x/css.h b/hw/s390x/css.h
index 33104ac..7e53148 100644
--- a/hw/s390x/css.h
+++ b/hw/s390x/css.h
@@ -101,6 +101,7 @@ void css_queue_crw(uint8_t rsc, uint8_t erc, int chain,
uint16_t rsid);
void css_generate_sch_crws(uint8_t cssid, uint8_t ssid, uint16_t schid,
int hotplugged, int add);
void css_generate_chp_crws(uint8_t cssid, uint8_t chpid);
+void css_generate_css_crws(uint8_t cssid);
void css_adapter_interrupt(uint8_t isc);
#define CSS_IO_ADAPTER_VIRTIO 1
diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
new file mode 100644
index 000..1201b8d
--- /dev/null
+++ b/hw/s390x/s390-pci-bus.c
@@ -0,0 +1,591 @@
+/*
+ * s390 PCI BUS
+ *
+ * Copyright 2014 IBM Corp.
+ * Author(s): Frank Blaschka frank.blasc...@de.ibm.com
+ *Hong Bo Li lih...@cn.ibm.com
+ *Yi Min Zhao zyi...@cn.ibm.com
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or (at
+ * your option) any later version. See the COPYING file in the top-level
+ * directory.
+ */
+
+#include s390-pci-bus.h
+#include hw/pci/pci_bus.h
+#include hw/pci/msi.h
+#include qemu/error-report.h
+
+/* #define DEBUG_S390PCI_BUS */
+#ifdef DEBUG_S390PCI_BUS
+#define DPRINTF(fmt, ...) \
+do { fprintf(stderr, S390pci-bus: fmt, ## __VA_ARGS__); } while (0)
+#else
+#define DPRINTF(fmt, ...) \
+do { } while (0)
+#endif
+
+int chsc_sei_nt2_get_event(void *res)
+{
+ChscSeiNt2Res *nt2_res = (ChscSeiNt2Res *)res;
+PciCcdfAvail *accdf;
+PciCcdfErr *eccdf;
+int rc = 1;
+SeiContainer *sei_cont;
+S390pciState *s = S390_PCI_HOST_BRIDGE(
+object_resolve_path(TYPE_S390_PCI_HOST_BRIDGE, NULL));
+
+if (!s) {
+return rc;
+}
+
+sei_cont = QTAILQ_FIRST(s-pending_sei);
+if (sei_cont) {
+QTAILQ_REMOVE(s-pending_sei, sei_cont, link);
+nt2_res-nt = 2;
+nt2_res-cc = sei_cont-cc;
+switch (sei_cont-cc) {
+case 1: /* error event */
+eccdf = (PciCcdfErr *)nt2_res-ccdf;
+eccdf-fid = cpu_to_be32(sei_cont-fid);
+eccdf-fh = cpu_to_be32(sei_cont-fh);
+eccdf-e = cpu_to_be32(sei_cont-e);
+eccdf-faddr = cpu_to_be64(sei_cont-faddr);
+eccdf-pec = cpu_to_be16(sei_cont-pec);
+break;
+case 2: /* availability event */
+accdf =
[Qemu-devel] [PULL v3 4/7] s390x/kvm: avoid syscalls by syncing registers with kvm_run
From: David Hildenbrand d...@linux.vnet.ibm.com
We can avoid loads of syscalls when dropping to user space by storing the values
of more registers directly within kvm_run.
Support is added for:
- ARCH0: CPU timer, clock comparator, TOD programmable register,
guest breaking-event register, program parameter
- PFAULT: pfault parameters (token, select, compare)
Signed-off-by: David Hildenbrand d...@linux.vnet.ibm.com
Signed-off-by: Jens Freimann jf...@linux.vnet.ibm.com
Reviewed-by: Cornelia Huck cornelia.h...@de.ibm.com
Acked-by: Christian Borntraeger borntrae...@de.ibm.com
Signed-off-by: Cornelia Huck cornelia.h...@de.ibm.com
---
target-s390x/kvm.c | 72
1 file changed, 50 insertions(+), 22 deletions(-)
diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index 1483082..d188c8b 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -252,18 +252,33 @@ int kvm_arch_put_registers(CPUState *cs, int level)
return 0;
}
-/*
- * These ONE_REGS are not protected by a capability. As they are only
- * necessary for migration we just trace a possible error, but don't
- * return with an error return code.
- */
-kvm_set_one_reg(cs, KVM_REG_S390_CPU_TIMER, env-cputm);
-kvm_set_one_reg(cs, KVM_REG_S390_CLOCK_COMP, env-ckc);
-kvm_set_one_reg(cs, KVM_REG_S390_TODPR, env-todpr);
-kvm_set_one_reg(cs, KVM_REG_S390_GBEA, env-gbea);
-kvm_set_one_reg(cs, KVM_REG_S390_PP, env-pp);
+if (can_sync_regs(cs, KVM_SYNC_ARCH0)) {
+cs-kvm_run-s.regs.cputm = env-cputm;
+cs-kvm_run-s.regs.ckc = env-ckc;
+cs-kvm_run-s.regs.todpr = env-todpr;
+cs-kvm_run-s.regs.gbea = env-gbea;
+cs-kvm_run-s.regs.pp = env-pp;
+cs-kvm_run-kvm_dirty_regs |= KVM_SYNC_ARCH0;
+} else {
+/*
+ * These ONE_REGS are not protected by a capability. As they are only
+ * necessary for migration we just trace a possible error, but don't
+ * return with an error return code.
+ */
+kvm_set_one_reg(cs, KVM_REG_S390_CPU_TIMER, env-cputm);
+kvm_set_one_reg(cs, KVM_REG_S390_CLOCK_COMP, env-ckc);
+kvm_set_one_reg(cs, KVM_REG_S390_TODPR, env-todpr);
+kvm_set_one_reg(cs, KVM_REG_S390_GBEA, env-gbea);
+kvm_set_one_reg(cs, KVM_REG_S390_PP, env-pp);
+}
-if (cap_async_pf) {
+/* pfault parameters */
+if (can_sync_regs(cs, KVM_SYNC_PFAULT)) {
+cs-kvm_run-s.regs.pft = env-pfault_token;
+cs-kvm_run-s.regs.pfs = env-pfault_select;
+cs-kvm_run-s.regs.pfc = env-pfault_compare;
+cs-kvm_run-kvm_dirty_regs |= KVM_SYNC_PFAULT;
+} else if (cap_async_pf) {
r = kvm_set_one_reg(cs, KVM_REG_S390_PFTOKEN, env-pfault_token);
if (r 0) {
return r;
@@ -367,18 +382,31 @@ int kvm_arch_get_registers(CPUState *cs)
env-psa = cs-kvm_run-s.regs.prefix;
}
-/*
- * These ONE_REGS are not protected by a capability. As they are only
- * necessary for migration we just trace a possible error, but don't
- * return with an error return code.
- */
-kvm_get_one_reg(cs, KVM_REG_S390_CPU_TIMER, env-cputm);
-kvm_get_one_reg(cs, KVM_REG_S390_CLOCK_COMP, env-ckc);
-kvm_get_one_reg(cs, KVM_REG_S390_TODPR, env-todpr);
-kvm_get_one_reg(cs, KVM_REG_S390_GBEA, env-gbea);
-kvm_get_one_reg(cs, KVM_REG_S390_PP, env-pp);
+if (can_sync_regs(cs, KVM_SYNC_ARCH0)) {
+env-cputm = cs-kvm_run-s.regs.cputm;
+env-ckc = cs-kvm_run-s.regs.ckc;
+env-todpr = cs-kvm_run-s.regs.todpr;
+env-gbea = cs-kvm_run-s.regs.gbea;
+env-pp = cs-kvm_run-s.regs.pp;
+} else {
+/*
+ * These ONE_REGS are not protected by a capability. As they are only
+ * necessary for migration we just trace a possible error, but don't
+ * return with an error return code.
+ */
+kvm_get_one_reg(cs, KVM_REG_S390_CPU_TIMER, env-cputm);
+kvm_get_one_reg(cs, KVM_REG_S390_CLOCK_COMP, env-ckc);
+kvm_get_one_reg(cs, KVM_REG_S390_TODPR, env-todpr);
+kvm_get_one_reg(cs, KVM_REG_S390_GBEA, env-gbea);
+kvm_get_one_reg(cs, KVM_REG_S390_PP, env-pp);
+}
-if (cap_async_pf) {
+/* pfault parameters */
+if (can_sync_regs(cs, KVM_SYNC_PFAULT)) {
+env-pfault_token = cs-kvm_run-s.regs.pft;
+env-pfault_select = cs-kvm_run-s.regs.pfs;
+env-pfault_compare = cs-kvm_run-s.regs.pfc;
+} else if (cap_async_pf) {
r = kvm_get_one_reg(cs, KVM_REG_S390_PFTOKEN, env-pfault_token);
if (r 0) {
return r;
--
1.7.9.5
Re: [Qemu-devel] [PULL 00/10] Linked list for tcg ops
On 9 January 2015 at 21:23, Richard Henderson r...@twiddle.net wrote: Finally revisiting these since early November. Thanks to Bastian Koppelmann for reviewing most of these. This seems to break ppc linux-user: /home/petmay01/linaro/qemu-for-merges/build/all-linux-static/ppc-linux-user/qemu-ppc -L ./gnemul/qemu-ppc ppc/ls -l dummyfile Invalid data memory access: 0x65726d6d NIP 0ff57338 LR 0ff8adb8 CTR 0ff572bc XER MSR 6040 HID0 HF 6000 idx 0 TB GPR00 45444954 f6fff4b0 f6fff72f GPR04 002f 4f523d6a f6fff5c4 100029a8 GPR08 f67fef70 0ff8ad80 0ffed06c f6fff4b0 GPR12 4204 GPR16 GPR20 f67feb58 GPR24 f6fff4b8 f6fff743 65726d69 f6fff5c4 GPR28 002f 0ffea934 0ffeb968 f6fff72f CR 4204 [ G E - - - - - G ] RES FPR00 f67d76780003 FPR04 FPR08 FPR12 014a19f0 FPR16 FPR20 FPR24 FPR28 FPSCR qemu: uncaught target signal 11 (Segmentation fault) - core dumped Segmentation fault (core dumped) make: *** [test] Error 139 make: Leaving directory `/home/petmay01/linaro/linux-user-test-0.3' (This is the linux-user-0.3 tests from the tarball on the wiki.) -- PMM
Re: [Qemu-devel] [PATCH] hw/scsi/lsi53c895a: add support for additional diag / debug registers
On 12/01/2015 10:45, Peter Lieven wrote:
Some ancient Linux kernels read from registers 0x09 and 0x3c-3f during
boot. According to the spec these registers are for diag and debug
purposes only. If they are absend qemu aborts on read.
Signed-off-by: Peter Lieven p...@kamp.de
---
hw/scsi/lsi53c895a.c |6 ++
1 file changed, 6 insertions(+)
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index ec92048..db7d4b8 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -277,6 +277,7 @@ typedef struct {
uint32_t csbc;
uint32_t scratch[18]; /* SCRATCHA-SCRATCHR */
uint8_t sbr;
+uint32_t adder;
/* Script ram is stored as 32-bit words in host byteorder. */
uint32_t script_ram[2048];
@@ -1389,6 +1390,7 @@ again:
switch ((insn 27) 7) {
case 0: /* Jump */
DPRINTF(Jump to 0x%08x\n, addr);
+s-adder = addr;
s-dsp = addr;
break;
case 1: /* Call */
@@ -1513,6 +1515,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return 0x7f;
case 0x08: /* Revision ID */
return 0x00;
+case 0x09: /* SOCL */
+return s-socl;
case 0xa: /* SSID */
return s-ssid;
case 0xb: /* SBCL */
@@ -1577,6 +1581,8 @@ static uint8_t lsi_reg_readb(LSIState *s, int offset)
return s-sbr;
case 0x3b: /* DCNTL */
return s-dcntl;
+/* ADDER Output (Debug of relative jump address) */
+CASE_GET_REG32(adder, 0x3c)
case 0x40: /* SIEN0 */
return s-sien0;
case 0x41: /* SIEN1 */
Thanks!
Paolo
[Qemu-devel] [PATCH] scsi: fix cancellation when I/O was completed but DMA was not.
Commit d577646 (scsi: Introduce scsi_req_cancel_complete, 2014-09-25)
was supposed to have no semantic change, but it missed a case. When
r-aiocb has already been NULLed, but DMA was not complete and the
SCSI layer was waiting for scsi_req_continue, after the patch the
SCSI layer will not call the .cancel callback of SCSIBusInfo.
Fixes: d5776465ee9a55815792efa34d79de240f4ffd99
Cc: qemu-sta...@nongnu.org
Reported-by: Dr. David Alan Gilbert dgilb...@redhat.com
Reviewed-by: Fam Zheng f...@redhat.com
Signed-off-by: Paolo Bonzini pbonz...@redhat.com
Signed-off-by: Paolo Bonzini pbonz...@redhat.com
---
hw/scsi/scsi-bus.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
index 24f7b74..9b740a3 100644
--- a/hw/scsi/scsi-bus.c
+++ b/hw/scsi/scsi-bus.c
@@ -1770,6 +1770,8 @@ void scsi_req_cancel(SCSIRequest *req)
req-io_canceled = true;
if (req-aiocb) {
blk_aio_cancel(req-aiocb);
+} else {
+scsi_req_cancel_complete(req);
}
}
--
1.8.3.1
Re: [Qemu-devel] [PATCH] xen-pt: Fix PCI devices re-attach failed
On Wed, 24 Dec 2014, Liang Li wrote:
Use the 'xl pci-attach $DomU $BDF' command to attach more then
one PCI devices to the guest, then detach the devices with
'xl pci-detach $DomU $BDF', after that, re-attach these PCI
devices again, an error message will be reported like following:
libxl: error: libxl_qmp.c:287:qmp_handle_error_response: receive
an error message from QMP server: Duplicate ID 'pci-pt-03_10.1'
for device.
The count of calling xen_pt_region_add and xen_pt_region_del are
not the same will cause the XenPCIPassthroughState and it's related
QemuOpts object not be released properly.
Thanks for the patch!
From this description, I don't quite understand why the
memory_region_ref and memory_region_unref calls are wrong. What do you
mean by The count of calling xen_pt_region_add and xen_pt_region_del
are not the same?
On unplug xen_pt_region_del does not get called?
Or the memory region argument is not exactly the same as the one
initially passed to xen_pt_region_add?
Signed-off-by: Liang Li liang.z...@intel.com
Reported-by: Longtao Pang longtaox.p...@intel.com
---
hw/xen/xen_pt.c | 4
1 file changed, 4 deletions(-)
diff --git a/hw/xen/xen_pt.c b/hw/xen/xen_pt.c
index c1bf357..523b8a2 100644
--- a/hw/xen/xen_pt.c
+++ b/hw/xen/xen_pt.c
@@ -588,7 +588,6 @@ static void xen_pt_region_add(MemoryListener *l,
MemoryRegionSection *sec)
XenPCIPassthroughState *s = container_of(l, XenPCIPassthroughState,
memory_listener);
-memory_region_ref(sec-mr);
xen_pt_region_update(s, sec, true);
}
@@ -598,7 +597,6 @@ static void xen_pt_region_del(MemoryListener *l,
MemoryRegionSection *sec)
memory_listener);
xen_pt_region_update(s, sec, false);
-memory_region_unref(sec-mr);
}
static void xen_pt_io_region_add(MemoryListener *l, MemoryRegionSection *sec)
@@ -606,7 +604,6 @@ static void xen_pt_io_region_add(MemoryListener *l,
MemoryRegionSection *sec)
XenPCIPassthroughState *s = container_of(l, XenPCIPassthroughState,
io_listener);
-memory_region_ref(sec-mr);
xen_pt_region_update(s, sec, true);
}
@@ -616,7 +613,6 @@ static void xen_pt_io_region_del(MemoryListener *l,
MemoryRegionSection *sec)
io_listener);
xen_pt_region_update(s, sec, false);
-memory_region_unref(sec-mr);
}
static const MemoryListener xen_pt_memory_listener = {
--
1.9.1
Re: [Qemu-devel] Fedora FC21 - Bug: 100% CPU and hangs in gettimeofday(tp, NULL); forever
On 08.01.2015 23:28, Gerhard Wiesinger wrote: On 08.01.2015 19:22, Paolo Bonzini wrote: Indeed. Can you try the 2.2.0 qemu-kvm release, available in the fedora-virt-preview repository? http://fedoraproject.org/wiki/Virtualization_Preview_Repository Updated to 2.2.0 qemu-kvm release, worked seemless so far for all VMs. I'll keep you up to date in the next days whether it happens again or not. With qemu-kvm 2.2.0 release from the above repository the 100% usage didn't happen so far (although I had to reboot after kernel update). So it looks that qemu-kvm 2.1.x has major bugs regarding timer handling. Any backporting planned? Ciao, Gerhard
[Qemu-devel] [PATCH v2 1/1] ich9: add disable_s3, disable_s4, s4_val properties
PIIX4 has disable_s3 and disable_s4 properties to enable or disable PM
functions. Add such properties to the ICH9 chipset as well for the Q35
machine type.
S3 / S4 are not guaranteed to always work (needs work in the guest as
well as QEMU for things to work properly), and disabling advertising of
these features ensures guests don't go into zombie state if something
isn't working right.
The defaults are kept the same as in PIIX4: both S3 and S4 are enabled
by default.
These can be disabled via the cmdline:
... -global ICH9-LPC.disable_s3=1 -global ICH9-LPC.disable_s4=1
Note: some guests can fake hibernation by writing a hibernate image and
doing a shutdown instead of S4 if S4 isn't available; there's nothing we
can do guests to stop doing this, and this patch can't affect that
functionality.
Signed-off-by: Amit Shah amit.s...@redhat.com
---
v2: * Use s4_val in ich9_pm_init(); else a reboot will end up using
the default value insted of the set value. (Marcel)
* Fix commit msg, add FYI note for guests faking s4.
---
hw/acpi/ich9.c | 98 +-
include/hw/acpi/ich9.h | 4 +++
2 files changed, 101 insertions(+), 1 deletion(-)
diff --git a/hw/acpi/ich9.c b/hw/acpi/ich9.c
index ea991a3..e4195ea 100644
--- a/hw/acpi/ich9.c
+++ b/hw/acpi/ich9.c
@@ -219,7 +219,7 @@ void ich9_pm_init(PCIDevice *lpc_pci, ICH9LPCPMRegs *pm,
acpi_pm_tmr_init(pm-acpi_regs, ich9_pm_update_sci_fn, pm-io);
acpi_pm1_evt_init(pm-acpi_regs, ich9_pm_update_sci_fn, pm-io);
-acpi_pm1_cnt_init(pm-acpi_regs, pm-io, 2);
+acpi_pm1_cnt_init(pm-acpi_regs, pm-io, pm-s4_val);
acpi_gpe_init(pm-acpi_regs, ICH9_PMIO_GPE0_LEN);
memory_region_init_io(pm-io_gpe, OBJECT(lpc_pci), ich9_gpe_ops, pm,
@@ -269,10 +269,94 @@ static void ich9_pm_set_memory_hotplug_support(Object
*obj, bool value,
s-pm.acpi_memory_hotplug.is_enabled = value;
}
+static void ich9_pm_get_disable_s3(Object *obj, Visitor *v,
+ void *opaque, const char *name,
+ Error **errp)
+{
+ICH9LPCPMRegs *pm = opaque;
+uint8_t value = pm-disable_s3;
+
+visit_type_uint8(v, value, name, errp);
+}
+
+static void ich9_pm_set_disable_s3(Object *obj, Visitor *v,
+ void *opaque, const char *name,
+ Error **errp)
+{
+ICH9LPCPMRegs *pm = opaque;
+Error *local_err = NULL;
+uint8_t value;
+
+visit_type_uint8(v, value, name, local_err);
+if (local_err) {
+goto out;
+}
+pm-disable_s3 = value;
+out:
+error_propagate(errp, local_err);
+}
+
+static void ich9_pm_get_disable_s4(Object *obj, Visitor *v,
+ void *opaque, const char *name,
+ Error **errp)
+{
+ICH9LPCPMRegs *pm = opaque;
+uint8_t value = pm-disable_s4;
+
+visit_type_uint8(v, value, name, errp);
+}
+
+static void ich9_pm_set_disable_s4(Object *obj, Visitor *v,
+ void *opaque, const char *name,
+ Error **errp)
+{
+ICH9LPCPMRegs *pm = opaque;
+Error *local_err = NULL;
+uint8_t value;
+
+visit_type_uint8(v, value, name, local_err);
+if (local_err) {
+goto out;
+}
+pm-disable_s4 = value;
+out:
+error_propagate(errp, local_err);
+}
+
+static void ich9_pm_get_s4_val(Object *obj, Visitor *v,
+ void *opaque, const char *name,
+ Error **errp)
+{
+ICH9LPCPMRegs *pm = opaque;
+uint8_t value = pm-s4_val;
+
+visit_type_uint8(v, value, name, errp);
+}
+
+static void ich9_pm_set_s4_val(Object *obj, Visitor *v,
+ void *opaque, const char *name,
+ Error **errp)
+{
+ICH9LPCPMRegs *pm = opaque;
+Error *local_err = NULL;
+uint8_t value;
+
+visit_type_uint8(v, value, name, local_err);
+if (local_err) {
+goto out;
+}
+pm-s4_val = value;
+out:
+error_propagate(errp, local_err);
+}
+
void ich9_pm_add_properties(Object *obj, ICH9LPCPMRegs *pm, Error **errp)
{
static const uint32_t gpe0_len = ICH9_PMIO_GPE0_LEN;
pm-acpi_memory_hotplug.is_enabled = true;
+pm-disable_s3 = 0;
+pm-disable_s4 = 0;
+pm-s4_val = 2;
object_property_add_uint32_ptr(obj, ACPI_PM_PROP_PM_IO_BASE,
pm-pm_io_base, errp);
@@ -285,6 +369,18 @@ void ich9_pm_add_properties(Object *obj, ICH9LPCPMRegs
*pm, Error **errp)
ich9_pm_get_memory_hotplug_support,
ich9_pm_set_memory_hotplug_support,
NULL);
+object_property_add(obj, ACPI_PM_PROP_S3_DISABLED, uint8,
+ich9_pm_get_disable_s3,
+ich9_pm_set_disable_s3,
+NULL, pm, NULL);
+
[Qemu-devel] [RFC PATCH v7 03/21] sysemu: system functions for replay
This patch removes static specifier from several qemu function to make
them visible to the replay module. It also invents several system functions
that will be used by replay.
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
cpus.c |4 ++--
include/exec/exec-all.h |1 +
include/qom/cpu.h | 10 ++
include/sysemu/cpus.h |1 +
translate-all.c |8
5 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/cpus.c b/cpus.c
index 2edb5cd..96580ad 100644
--- a/cpus.c
+++ b/cpus.c
@@ -88,7 +88,7 @@ static bool cpu_thread_is_idle(CPUState *cpu)
return true;
}
-static bool all_cpu_threads_idle(void)
+bool all_cpu_threads_idle(void)
{
CPUState *cpu;
@@ -1121,7 +1121,7 @@ bool qemu_cpu_is_self(CPUState *cpu)
return qemu_thread_is_self(cpu-thread);
}
-static bool qemu_in_vcpu_thread(void)
+bool qemu_in_vcpu_thread(void)
{
return current_cpu qemu_cpu_is_self(current_cpu);
}
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 4a6237f..63fb1a3 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -214,6 +214,7 @@ static inline unsigned int tb_phys_hash_func(tb_page_addr_t
pc)
void tb_free(TranslationBlock *tb);
void tb_flush(CPUArchState *env);
+void tb_flush_all(void);
void tb_phys_invalidate(TranslationBlock *tb, tb_page_addr_t page_addr);
#if defined(USE_DIRECT_JUMP)
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index 2098f1c..5afb44c 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -480,6 +480,16 @@ static inline bool cpu_has_work(CPUState *cpu)
bool qemu_cpu_is_self(CPUState *cpu);
/**
+ * qemu_in_vcpu_thread:
+ *
+ * Checks whether the caller is executing on the vCPU thread
+ * of the current vCPU.
+ *
+ * Returns: %true if called from vCPU's thread, %false otherwise.
+ */
+bool qemu_in_vcpu_thread(void);
+
+/**
* qemu_cpu_kick:
* @cpu: The vCPU to kick.
*
diff --git a/include/sysemu/cpus.h b/include/sysemu/cpus.h
index 3f162a9..86ae556 100644
--- a/include/sysemu/cpus.h
+++ b/include/sysemu/cpus.h
@@ -6,6 +6,7 @@ void qemu_init_cpu_loop(void);
void resume_all_vcpus(void);
void pause_all_vcpus(void);
void cpu_stop_current(void);
+bool all_cpu_threads_idle(void);
void cpu_synchronize_all_states(void);
void cpu_synchronize_all_post_reset(void);
diff --git a/translate-all.c b/translate-all.c
index 8fa4378..b04ada1 100644
--- a/translate-all.c
+++ b/translate-all.c
@@ -812,6 +812,14 @@ void tb_flush(CPUArchState *env1)
tcg_ctx.tb_ctx.tb_flush_count++;
}
+void tb_flush_all(void)
+{
+CPUState *cpu;
+for (cpu = first_cpu ; cpu != NULL ; cpu = CPU_NEXT(cpu)) {
+tb_flush(cpu-env_ptr);
+}
+}
+
#ifdef DEBUG_TB_CHECK
static void tb_invalidate_check(target_ulong address)
[Qemu-devel] [RFC PATCH v7 17/21] replay: replay aio requests
This patch adds identifier to aio requests. ID is used for creating bottom
halves and identifying them while replaying.
The patch also introduces several functions that make possible replaying
of the aio requests.
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
block.c| 81
block/block-backend.c | 30 ++-
block/qcow2.c |4 ++
dma-helpers.c |6 ++-
hw/block/virtio-blk.c | 10 ++---
hw/ide/atapi.c | 10 +++--
hw/ide/core.c | 14 ---
include/block/block.h | 15 +++
include/qemu-common.h |2 +
include/sysemu/block-backend.h | 10 +
qemu-io-cmds.c |2 -
stubs/replay.c |5 ++
trace-events |2 +
util/iov.c |4 ++
14 files changed, 167 insertions(+), 28 deletions(-)
diff --git a/block.c b/block.c
index 35f389d..e4cad41 100644
--- a/block.c
+++ b/block.c
@@ -83,7 +83,8 @@ static BlockAIOCB *bdrv_co_aio_rw_vector(BlockDriverState *bs,
BdrvRequestFlags flags,
BlockCompletionFunc *cb,
void *opaque,
- bool is_write);
+ bool is_write,
+ bool aio_replay);
static void coroutine_fn bdrv_co_do_rw(void *opaque);
static int coroutine_fn bdrv_co_do_write_zeroes(BlockDriverState *bs,
int64_t sector_num, int nb_sectors, BdrvRequestFlags flags);
@@ -4396,7 +4397,19 @@ BlockAIOCB *bdrv_aio_readv(BlockDriverState *bs, int64_t
sector_num,
trace_bdrv_aio_readv(bs, sector_num, nb_sectors, opaque);
return bdrv_co_aio_rw_vector(bs, sector_num, qiov, nb_sectors, 0,
- cb, opaque, false);
+ cb, opaque, false, false);
+}
+
+BlockAIOCB *bdrv_aio_readv_replay(BlockDriverState *bs,
+ int64_t sector_num,
+ QEMUIOVector *qiov, int nb_sectors,
+ BlockCompletionFunc *cb,
+ void *opaque)
+{
+trace_bdrv_aio_readv_replay(bs, sector_num, nb_sectors, opaque);
+
+return bdrv_co_aio_rw_vector(bs, sector_num, qiov, nb_sectors, 0,
+ cb, opaque, false, true);
}
BlockAIOCB *bdrv_aio_writev(BlockDriverState *bs, int64_t sector_num,
@@ -4406,7 +4419,19 @@ BlockAIOCB *bdrv_aio_writev(BlockDriverState *bs,
int64_t sector_num,
trace_bdrv_aio_writev(bs, sector_num, nb_sectors, opaque);
return bdrv_co_aio_rw_vector(bs, sector_num, qiov, nb_sectors, 0,
- cb, opaque, true);
+ cb, opaque, true, false);
+}
+
+BlockAIOCB *bdrv_aio_writev_replay(BlockDriverState *bs,
+ int64_t sector_num,
+ QEMUIOVector *qiov, int nb_sectors,
+ BlockCompletionFunc *cb,
+ void *opaque)
+{
+trace_bdrv_aio_writev_replay(bs, sector_num, nb_sectors, opaque);
+
+return bdrv_co_aio_rw_vector(bs, sector_num, qiov, nb_sectors, 0,
+ cb, opaque, true, true);
}
BlockAIOCB *bdrv_aio_write_zeroes(BlockDriverState *bs,
@@ -4417,7 +4442,7 @@ BlockAIOCB *bdrv_aio_write_zeroes(BlockDriverState *bs,
return bdrv_co_aio_rw_vector(bs, sector_num, NULL, nb_sectors,
BDRV_REQ_ZERO_WRITE | flags,
- cb, opaque, true);
+ cb, opaque, true, true);
}
@@ -4564,7 +4589,8 @@ static int multiwrite_merge(BlockDriverState *bs,
BlockRequest *reqs,
* requests. However, the fields opaque and error are left unmodified as they
* are used to signal failure for a single request to the caller.
*/
-int bdrv_aio_multiwrite(BlockDriverState *bs, BlockRequest *reqs, int num_reqs)
+int bdrv_aio_multiwrite(BlockDriverState *bs, BlockRequest *reqs, int num_reqs,
+bool replay)
{
MultiwriteCB *mcb;
int i;
@@ -4602,7 +4628,7 @@ int bdrv_aio_multiwrite(BlockDriverState *bs,
BlockRequest *reqs, int num_reqs)
bdrv_co_aio_rw_vector(bs, reqs[i].sector, reqs[i].qiov,
reqs[i].nb_sectors, reqs[i].flags,
multiwrite_cb, mcb,
- true);
+ true, replay);
}
return 0;
@@ -4747,7 +4773,12 @@ static void coroutine_fn bdrv_co_do_rw(void *opaque)
acb-req.nb_sectors, acb-req.qiov, acb-req.flags);
}
-acb-bh = aio_bh_new(bdrv_get_aio_context(bs), bdrv_co_em_bh, acb);
+if
[Qemu-devel] [RFC PATCH v7 06/21] cpu-exec: allow temporary disabling icount
This patch is required for deterministic replay to generate an exception
by trying executing an instruction without changing icount.
It adds new flag to TB for disabling icount while translating it.
Signed-off-by: Paolo Bonzini pbonz...@redhat.com
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
cpu-exec.c |7 ---
include/exec/exec-all.h |1 +
translate-all.c |2 +-
3 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/cpu-exec.c b/cpu-exec.c
index 0a485bb..49f01f5 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -200,7 +200,7 @@ static inline tcg_target_ulong cpu_tb_exec(CPUState *cpu,
uint8_t *tb_ptr)
/* Execute the code without caching the generated code. An interpreter
could be used if available. */
static void cpu_exec_nocache(CPUArchState *env, int max_cycles,
- TranslationBlock *orig_tb)
+ TranslationBlock *orig_tb, bool ignore_icount)
{
CPUState *cpu = ENV_GET_CPU(env);
TranslationBlock *tb;
@@ -216,7 +216,8 @@ static void cpu_exec_nocache(CPUArchState *env, int
max_cycles,
/* tb_gen_code can flush our orig_tb, invalidate it now */
tb_phys_invalidate(orig_tb, -1);
tb = tb_gen_code(cpu, pc, cs_base, flags,
- max_cycles | CF_NOCACHE);
+ max_cycles | CF_NOCACHE
+ | (ignore_icount ? CF_IGNORE_ICOUNT : 0));
cpu-current_tb = tb;
/* execute the generated code */
trace_exec_tb_nocache(tb, tb-pc);
@@ -525,7 +526,7 @@ int cpu_exec(CPUArchState *env)
} else {
if (insns_left 0) {
/* Execute remaining instructions. */
-cpu_exec_nocache(env, insns_left, tb);
+cpu_exec_nocache(env, insns_left, tb, false);
align_clocks(sc, cpu);
}
cpu-exception_index = EXCP_INTERRUPT;
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 63fb1a3..48a7541 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -148,6 +148,7 @@ struct TranslationBlock {
#define CF_LAST_IO 0x8000 /* Last insn may be an IO access. */
#define CF_NOCACHE 0x1 /* To be freed after execution */
#define CF_USE_ICOUNT 0x2
+#define CF_IGNORE_ICOUNT 0x4 /* Do not generate icount code */
void *tc_ptr;/* pointer to the translated code */
/* next matching tb for physical address. */
diff --git a/translate-all.c b/translate-all.c
index b04ada1..c9abb55 100644
--- a/translate-all.c
+++ b/translate-all.c
@@ -1053,7 +1053,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
int code_gen_size;
phys_pc = get_page_addr_code(env, pc);
-if (use_icount) {
+if (use_icount !(cflags CF_IGNORE_ICOUNT)) {
cflags |= CF_USE_ICOUNT;
}
tb = tb_alloc(pc);
Re: [Qemu-devel] [RFC PATCH v7 21/21] replay: recording of the user input
On 12/01/2015 13:01, Pavel Dovgalyuk wrote:
+void qemu_input_event_send(QemuConsole *src, InputEvent *evt)
{
-QemuInputHandlerState *s;
-
if (!runstate_is_running() !runstate_check(RUN_STATE_SUSPENDED)) {
return;
}
+if (replay_mode == REPLAY_MODE_PLAY) {
+/* Nothing */
+} else if (replay_mode == REPLAY_MODE_RECORD) {
+replay_add_input_event(evt);
+} else {
+qemu_input_event_send_impl(src, evt);
+}
Similar to other cases, please wrap this into a single function,
something like
if (replay_handle_input_event(evt)) {
return;
}
/* ... original contents of qemu_input_event_send ... */
Paolo
Re: [Qemu-devel] [RFC PATCH v7 20/21] replay: command line options
On 12/01/2015 13:23, Pavel Dovgaluk wrote: What about just using -icount, since it requires that? You mean adding more attributes to -icount option? Or implicitly enabling -icount with -record/replay? Adding more suboptions to -icount (e.g. rr=record|replay,rrfile=NAME). Paolo
Re: [Qemu-devel] [RFC PATCH v7 02/21] replay: global variables and function stubs
On 12/01/2015 13:21, Pavel Dovgaluk wrote:
+{ 'enum': 'ReplaySubmode',
+ 'data': [ 'unknown', 'normal' ] }
What is a submode? Can you just check if replay_file is NULL?
Submode is not very useful for these core patches.
More submodes will be introduces in reverse debugging patches.
I see. For now, can you replace it with just a replay_file check, and
move this definition to the reverse debugging patches?
Paolo
Re: [Qemu-devel] [RFC PATCH v7 08/21] replay: interrupts and exceptions
On 12/01/2015 13:00, Pavel Dovgalyuk wrote:
+if (replay_exception()) {
+cc-do_interrupt(cpu);
+cpu-exception_index = -1;
I cannot see replay_exception() in the series?
@@ -419,21 +434,24 @@ int cpu_exec(CPUArchState *env)
cpu-exception_index = EXCP_DEBUG;
cpu_loop_exit(cpu);
Why not for EXCP_DEBUG?
}
-if (interrupt_request CPU_INTERRUPT_HALT) {
+if ((interrupt_request CPU_INTERRUPT_HALT)
+ replay_interrupt()) {
cpu-interrupt_request = ~CPU_INTERRUPT_HALT;
cpu-halted = 1;
cpu-exception_index = EXCP_HLT;
cpu_loop_exit(cpu);
}
#if defined(TARGET_I386)
-if (interrupt_request CPU_INTERRUPT_INIT) {
+if ((interrupt_request CPU_INTERRUPT_INIT)
+ replay_interrupt()) {
cpu_svm_check_intercept_param(env, SVM_EXIT_INIT, 0);
do_cpu_init(x86_cpu);
cpu-exception_index = EXCP_HALTED;
cpu_loop_exit(cpu);
}
#else
-if (interrupt_request CPU_INTERRUPT_RESET) {
+if ((interrupt_request CPU_INTERRUPT_RESET)
+ replay_interrupt()) {
cpu_reset(cpu);
}
#endif
Perhaps check the replay_interrupt() outside, in an with if
(unlikely(interrupt_request))?
@@ -441,7 +459,10 @@ int cpu_exec(CPUArchState *env)
False when the interrupt isn't processed,
True when it is, and we should restart on a new TB,
and via longjmp via cpu_loop_exit. */
-if (cc-cpu_exec_interrupt(cpu, interrupt_request)) {
+if ((replay_mode != REPLAY_MODE_PLAY
+|| replay_has_interrupt())
+ cc-cpu_exec_interrupt(cpu, interrupt_request)) {
+replay_interrupt();
Please put this in a separate function like:
if (replay_mode == REPLAY_MODE_PLAY !replay_has_interrupt()) {
return false;
}
ret = cc-cpu_exec_interrupt(cpu, interrupt_request);
if (ret) {
replay_interrupt();
}
return ret;
Paolo
next_tb = 0;
}
/* Don't use the cached interrupt_request value,
@@ -453,7 +474,8 @@ int cpu_exec(CPUArchState *env)
[Qemu-devel] [PATCH 0/4] sdl2: add opengl rendering support
Hi,
Next round of the opengl rendering support patches.
Changes from RfC:
* new patch #2, adding helper functions to render display surfaces
as opengl texture.
* sdl2 opengl code just carries the sdl2-specific bits and calls
the opengl console helpers added by patch #2.
* Addressing most (but not yet all) review comments from Max.
* opengl support is runtime-switchable via '-display sdl,gl={on,off}'.
Defaults to off atm.
please review,
Gerd
Gerd Hoffmann (4):
configure: opengl overhaul
console: add opengl rendering helper functions
sdl2: add support for display rendering using opengl.
sdl2: move SDL_* includes to sdl2.h
configure| 39 ++--
default-configs/lm32-softmmu.mak | 2 +-
hw/display/Makefile.objs | 2 +-
hw/lm32/milkymist-hw.h | 4 +-
include/sysemu/sysemu.h | 1 +
include/ui/console.h | 24
include/ui/sdl2.h| 17 ++
ui/Makefile.objs | 9 +++
ui/console-gl.c | 127 +++
ui/sdl.c | 11
ui/sdl2-2d.c | 13 ++--
ui/sdl2-gl.c | 107 +
ui/sdl2-input.c | 6 --
ui/sdl2.c| 73 ++
vl.c | 12
15 files changed, 396 insertions(+), 51 deletions(-)
create mode 100644 ui/console-gl.c
create mode 100644 ui/sdl2-gl.c
--
1.8.3.1
[Qemu-devel] [PATCH 1/4] configure: opengl overhaul
Rename config option from glx to opengl, glx will not be the only
option for opengl in near future. Also switch over to pkg-config for
opengl support detection.
Signed-off-by: Gerd Hoffmann kra...@redhat.com
---
configure| 39 +--
default-configs/lm32-softmmu.mak | 2 +-
hw/display/Makefile.objs | 2 +-
hw/lm32/milkymist-hw.h | 4 ++--
include/sysemu/sysemu.h | 1 +
vl.c | 1 +
6 files changed, 23 insertions(+), 26 deletions(-)
diff --git a/configure b/configure
index cae588c..ee1693b 100755
--- a/configure
+++ b/configure
@@ -309,7 +309,7 @@ rbd=
smartcard_nss=
libusb=
usb_redir=
-glx=
+opengl=
zlib=yes
lzo=
snappy=
@@ -1026,9 +1026,9 @@ for opt do
;;
--enable-vhost-scsi) vhost_scsi=yes
;;
- --disable-glx) glx=no
+ --disable-opengl) opengl=no
;;
- --enable-glx) glx=yes
+ --enable-opengl) opengl=yes
;;
--disable-rbd) rbd=no
;;
@@ -3056,23 +3056,18 @@ fi
libs_softmmu=$libs_softmmu $fdt_libs
##
-# GLX probe, used by milkymist-tmu2
-if test $glx != no ; then
- glx_libs=-lGL -lX11
- cat $TMPC EOF
-#include X11/Xlib.h
-#include GL/gl.h
-#include GL/glx.h
-int main(void) { glBegin(0); glXQueryVersion(0,0,0); return 0; }
-EOF
- if compile_prog -lGL -lX11 ; then
-glx=yes
+# opengl probe, used by milkymist-tmu2
+if test $opengl != no ; then
+ opengl_pkgs=gl
+ if $pkg_config $opengl_pkgs; then
+opengl_libs=$($pkg_config --libs $opengl_pkgs) -lX11
+opengl=yes
else
-if test $glx = yes ; then
- feature_not_found glx Install GL devel (e.g. MESA)
+if test $opengl = yes ; then
+ feature_not_found opengl Install GL devel (e.g. MESA)
fi
-glx_libs=
-glx=no
+opengl_libs=
+opengl=no
fi
fi
@@ -4320,7 +4315,7 @@ echo xfsctl support$xfs
echo nss used $smartcard_nss
echo libusb$libusb
echo usb net redir $usb_redir
-echo GLX support $glx
+echo OpenGL support$opengl
echo libiscsi support $libiscsi
echo libnfs support$libnfs
echo build guest agent $guest_agent
@@ -4682,9 +4677,9 @@ if test $usb_redir = yes ; then
echo CONFIG_USB_REDIR=y $config_host_mak
fi
-if test $glx = yes ; then
- echo CONFIG_GLX=y $config_host_mak
- echo GLX_LIBS=$glx_libs $config_host_mak
+if test $opengl = yes ; then
+ echo CONFIG_OPENGL=y $config_host_mak
+ echo OPENGL_LIBS=$opengl_libs $config_host_mak
fi
if test $lzo = yes ; then
diff --git a/default-configs/lm32-softmmu.mak b/default-configs/lm32-softmmu.mak
index 7df58c8..4889348 100644
--- a/default-configs/lm32-softmmu.mak
+++ b/default-configs/lm32-softmmu.mak
@@ -2,7 +2,7 @@
CONFIG_LM32=y
CONFIG_MILKYMIST=y
-CONFIG_MILKYMIST_TMU2=$(CONFIG_GLX)
+CONFIG_MILKYMIST_TMU2=$(CONFIG_OPENGL)
CONFIG_FRAMEBUFFER=y
CONFIG_PTIMER=y
CONFIG_PFLASH_CFI01=y
diff --git a/hw/display/Makefile.objs b/hw/display/Makefile.objs
index 7ed76a9..e18ea57 100644
--- a/hw/display/Makefile.objs
+++ b/hw/display/Makefile.objs
@@ -20,7 +20,7 @@ common-obj-$(CONFIG_ZAURUS) += tc6393xb.o
ifeq ($(CONFIG_MILKYMIST_TMU2),y)
common-obj-y += milkymist-tmu2.o
-libs_softmmu += $(GLX_LIBS)
+libs_softmmu += $(OPENGL_LIBS)
endif
obj-$(CONFIG_OMAP) += omap_dss.o
diff --git a/hw/lm32/milkymist-hw.h b/hw/lm32/milkymist-hw.h
index 5317ce6..8d20cac 100644
--- a/hw/lm32/milkymist-hw.h
+++ b/hw/lm32/milkymist-hw.h
@@ -86,7 +86,7 @@ static inline DeviceState *milkymist_pfpu_create(hwaddr base,
return dev;
}
-#ifdef CONFIG_GLX
+#ifdef CONFIG_OPENGL
#include X11/Xlib.h
#include GL/glx.h
static const int glx_fbconfig_attr[] = {
@@ -100,7 +100,7 @@ static const int glx_fbconfig_attr[] = {
static inline DeviceState *milkymist_tmu2_create(hwaddr base,
qemu_irq irq)
{
-#ifdef CONFIG_GLX
+#ifdef CONFIG_OPENGL
DeviceState *dev;
Display *d;
GLXFBConfig *configs;
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index 503e5a4..e5c91eb 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -117,6 +117,7 @@ extern int graphic_width;
extern int graphic_height;
extern int graphic_depth;
extern DisplayType display_type;
+extern int display_opengl;
extern const char *keyboard_layout;
extern int win2k_install_hack;
extern int alt_grab;
diff --git a/vl.c b/vl.c
index bea9656..06e8f44 100644
--- a/vl.c
+++ b/vl.c
@@ -129,6 +129,7 @@ static int data_dir_idx;
const char *bios_name = NULL;
enum vga_retrace_method vga_retrace_method = VGA_RETRACE_DUMB;
DisplayType display_type = DT_DEFAULT;
+int display_opengl;
static int display_remote;
const char* keyboard_layout = NULL;
ram_addr_t ram_size;
--
1.8.3.1
[Qemu-devel] [PATCH 2/4] console: add opengl rendering helper functions
Signed-off-by: Gerd Hoffmann kra...@redhat.com
---
include/ui/console.h | 23 ++
ui/Makefile.objs | 5 ++
ui/console-gl.c | 127 +++
3 files changed, 155 insertions(+)
create mode 100644 ui/console-gl.c
diff --git a/include/ui/console.h b/include/ui/console.h
index 22ef8ca..5cb169c 100644
--- a/include/ui/console.h
+++ b/include/ui/console.h
@@ -9,6 +9,11 @@
#include qapi-types.h
#include qapi/error.h
+#ifdef CONFIG_OPENGL
+#include GL/gl.h
+#include GL/glext.h
+#endif
+
/* keyboard/mouse support */
#define MOUSE_EVENT_LBUTTON 0x01
@@ -118,6 +123,11 @@ struct DisplaySurface {
pixman_format_code_t format;
pixman_image_t *image;
uint8_t flags;
+#ifdef CONFIG_OPENGL
+GLenum glformat;
+GLenum gltype;
+GLuint texture;
+#endif
};
typedef struct QemuUIInfo {
@@ -320,6 +330,19 @@ void qemu_console_copy(QemuConsole *con, int src_x, int
src_y,
DisplaySurface *qemu_console_surface(QemuConsole *con);
DisplayState *qemu_console_displaystate(QemuConsole *console);
+#ifdef CONFIG_OPENGL
+/* console-gl.c */
+bool console_gl_check_format(DisplayChangeListener *dcl,
+ pixman_format_code_t format);
+void surface_gl_create_texture(DisplaySurface *surface);
+void surface_gl_update_texture(DisplaySurface *surface,
+ int x, int y, int w, int h);
+void surface_gl_render_texture(DisplaySurface *surface);
+void surface_gl_destroy_texture(DisplaySurface *surface);
+void surface_gl_setup_viewport(DisplaySurface *surface,
+ int ww, int wh);
+#endif
+
/* sdl.c */
void sdl_display_init(DisplayState *ds, int full_screen, int no_frame);
diff --git a/ui/Makefile.objs b/ui/Makefile.objs
index 13b5cfb..3173778 100644
--- a/ui/Makefile.objs
+++ b/ui/Makefile.objs
@@ -24,4 +24,9 @@ sdl.mo-objs := sdl2.o sdl2-input.o sdl2-2d.o
endif
sdl.mo-cflags := $(SDL_CFLAGS)
+ifeq ($(CONFIG_OPENGL),y)
+common-obj-y += console-gl.o
+libs_softmmu += $(OPENGL_LIBS)
+endif
+
gtk.o-cflags := $(GTK_CFLAGS) $(VTE_CFLAGS)
diff --git a/ui/console-gl.c b/ui/console-gl.c
new file mode 100644
index 000..470dd61
--- /dev/null
+++ b/ui/console-gl.c
@@ -0,0 +1,127 @@
+/*
+ * QEMU graphical console -- opengl helper bits
+ *
+ * Copyright (c) 2004 Fabrice Bellard
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the Software), to
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+#include qemu-common.h
+#include ui/console.h
+
+bool console_gl_check_format(DisplayChangeListener *dcl,
+ pixman_format_code_t format)
+{
+switch (format) {
+case PIXMAN_x8r8g8b8:
+case PIXMAN_a8r8g8b8:
+case PIXMAN_r5g6b5:
+return true;
+default:
+return false;
+}
+}
+
+void surface_gl_create_texture(DisplaySurface *surface)
+{
+switch (surface-format) {
+case PIXMAN_x8r8g8b8:
+case PIXMAN_a8r8g8b8:
+surface-glformat = GL_BGRA;
+surface-gltype = GL_UNSIGNED_BYTE;
+break;
+case PIXMAN_r5g6b5:
+surface-glformat = GL_RGB;
+surface-gltype = GL_UNSIGNED_SHORT_5_6_5;
+break;
+default:
+g_assert_not_reached();
+}
+
+glGenTextures(1, surface-texture);
+glEnable(GL_TEXTURE_2D);
+glBindTexture(GL_TEXTURE_2D, surface-texture);
+glTexImage2D(GL_TEXTURE_2D, 0, GL_RGB,
+ surface_width(surface),
+ surface_height(surface),
+ 0, surface-glformat, surface-gltype,
+ surface_data(surface));
+
+glTexParameteri(GL_TEXTURE_2D, GL_TEXTURE_MAG_FILTER, GL_LINEAR);
+glTexParameteri(GL_TEXTURE_2D, GL_TEXTURE_MIN_FILTER, GL_LINEAR);
+}
+
+void surface_gl_update_texture(DisplaySurface *surface,
+ int x, int y, int w, int h)
+{
+uint8_t *data = (void *)surface_data(surface);
+
+glTexSubImage2D(GL_TEXTURE_2D, 0,
+0, y,
+surface_width(surface), h,
[Qemu-devel] [PATCH v2] tcg-arm: more instruction execution control
Cleanup XN/PXN handling in get_phys_addr_lpae, and implement all but
EL2 support of the following ARMv8 sections
D4.5.1 Memory access control: Access permissions for instruction
execution
G4.7.2 Execute-never restrictions on instruction fetching
G4.7.2 matches the ARMv7 section B3.7.2 when long-descriptors are used.
Signed-off-by: Andrew Jones drjo...@redhat.com
---
I didn't test this with secure mode (I didn't even check if that's
currently possible), but I did test all other EL10 XN controls with
both tcg-arm (cortex-a15) and tcg-aarch64 (cortex-a57) by hacking up
some tests with kvm-unit-tests/arm[64]. I also booted Linux (just
up to looking for a rootfs) with both.
---
target-arm/helper.c | 99 ++---
1 file changed, 79 insertions(+), 20 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 3ef0f1f38eda5..94f7631f0a125 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -4516,6 +4516,69 @@ static inline int check_ap(CPUARMState *env, int ap, int
domain_prot,
}
}
+/* Check section/page execution permission.
+ *
+ * Returns PAGE_EXEC if execution is permitted, otherwise zero.
+ *
+ * Supports AArch64, AArch32, and v7-LPAE. Doesn't yet support
+ * EL2. Actually, for v7-LPAE, we'd also need to emulate Virt
+ * Extensions to truly have WXN/UWXN. We don't support checking
+ * for that yet, so we just assume we have them.
+ *
+ * @env : CPUARMState
+ * @is_user : 0 for privileged access, 1 for user
+ * @ap : Access permissions (AP[2:1]) from descriptor
+ * @ns : (NSTable || NS) from descriptors
+ * @xn : ([U]XNTable || [U]XN) from descriptors
+ * @pxn : (PXNTable || PXN) from descriptors
+ */
+static int check_xn_lpae(CPUARMState *env, int is_user, int ap,
+ int ns, int xn, int pxn)
+{
+int wxn;
+
+switch (arm_current_el(env)) {
+case 0:
+case 1:
+if (is_user !(ap 1)) {
+return 0;
+}
+wxn = env-cp15.sctlr_el[1] SCTLR_WXN;
+if (arm_el_is_aa64(env, 1)) {
+pxn = pxn || ((ap 1) !(ap 2));
+xn = is_user ? xn : pxn;
+} else {
+int uwxn = env-cp15.sctlr_el[1] SCTLR_UWXN;
+pxn = pxn || (uwxn (ap 1) !(ap 2));
+xn = xn || (!is_user pxn);
+}
+if (arm_is_secure(env)) {
+xn = xn || (ns (env-cp15.scr_el3 SCR_SIF));
+}
+break;
+case 2:
+/* TODO actually support EL2 */
+assert(false);
+
+if (arm_el_is_aa64(env, 2)) {
+wxn = env-cp15.sctlr_el[2] SCTLR_WXN;
+} else {
+/* wxn = HSCTLR.WXN */
+}
+break;
+case 3:
+if (arm_el_is_aa64(env, 3)) {
+wxn = env-cp15.sctlr_el[3] SCTLR_WXN;
+} else {
+wxn = 0;
+}
+xn = xn || (ns (env-cp15.scr_el3 SCR_SIF));
+break;
+}
+
+return xn || (!(ap 2) wxn) ? 0 : PAGE_EXEC;
+}
+
static bool get_level1_table_address(CPUARMState *env, uint32_t *table,
uint32_t address)
{
@@ -4787,7 +4850,7 @@ static int get_phys_addr_lpae(CPUARMState *env,
target_ulong address,
hwaddr descaddr, descmask;
uint32_t tableattrs;
target_ulong page_size;
-uint32_t attrs;
+uint32_t attrs, ap;
int32_t granule_sz = 9;
int32_t va_size = 32;
int32_t tbi = 0;
@@ -4941,7 +5004,7 @@ static int get_phys_addr_lpae(CPUARMState *env,
target_ulong address,
if (extract32(tableattrs, 2, 1)) {
attrs = ~(1 4);
}
-/* Since we're always in the Non-secure state, NSTable is ignored. */
+attrs |= extract32(tableattrs, 4, 1) 3; /* NS */
break;
}
/* Here descaddr is the final physical address, and attributes
@@ -4952,29 +5015,25 @@ static int get_phys_addr_lpae(CPUARMState *env,
target_ulong address,
/* Access flag */
goto do_fault;
}
+
fault_type = permission_fault;
-if (is_user !(attrs (1 4))) {
+ap = extract32(attrs, 4, 2); /* AP[2:1] */
+
+if (is_user !(ap 1)) {
/* Unprivileged access not enabled */
goto do_fault;
}
-*prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
-if ((arm_feature(env, ARM_FEATURE_V8) is_user (attrs (1 12))) ||
-(!arm_feature(env, ARM_FEATURE_V8) (attrs (1 12))) ||
-(!is_user (attrs (1 11 {
-/* XN/UXN or PXN. Since we only implement EL0/EL1 we unconditionally
- * treat XN/UXN as UXN for v8.
- */
-if (access_type == 2) {
-goto do_fault;
-}
-*prot = ~PAGE_EXEC;
+
+*prot = PAGE_READ;
+*prot |= check_xn_lpae(env, is_user, ap, extract32(attrs, 3, 1),
+ extract32(attrs, 12, 1), extract32(attrs, 11, 1));
+if (!(*prot PAGE_EXEC) access_type == 2) {
+goto do_fault;
Re: [Qemu-devel] [RfC PATCH 2/3] sdl2: add support for display rendering using opengl.
Hi, +glBegin(GL_QUADS); +glTexCoord2f(0, 1); glVertex3f(-1, -1, 0); +glTexCoord2f(0, 0); glVertex3f(-1, 1, 0); +glTexCoord2f(1, 0); glVertex3f(1, 1, 0); +glTexCoord2f(1, 1); glVertex3f(1, -1, 0); +glEnd(); I've been trained to hate direct mode, but it should be fine for just this quad. --verbose please. Guess for longer sequences it would be much more efficient to compile this into a shader program? Well, again, I'm used to OpenGL 3/4 Core now which doesn't have the immediate mode any more. [ ... ] [ ... ] and maybe for some reason there are people which want to use qemu with OpenGL acceleration on a pre OpenGL 2 machine. For virtio-gpu we'll need OPENGL 3 anyway, so I don't feel like caring too much about old opengl versions. How would the opengl 3/4 version of the above would look like? Using glTexSubImage2D() would give us the advantage of being able to perform partial updates on the texture; but it seems to fit pretty bad into the existing code. To make it fit, I'd call glTexSubImage2D() directly in sdl2_gl_update() and just draw the quad here. Yes, that should work. Done, also factoring this into helper functions so gtk can use this too some day, new series sent out, please have a look. thanks, Gerd
[Qemu-devel] [PATCH 02/10] vnc: remove unused DisplayState parameter, add id instead.
DisplayState isn't used anywhere, drop it. Add the vnc server ID as
parameter instead, so it is possible to specify the server instance.
Signed-off-by: Gerd Hoffmann kra...@redhat.com
Reviewed-by: Gonglei arei.gong...@huawei.com
---
include/ui/console.h | 16
ui/vnc.c | 29 ++---
vl.c | 7 ---
3 files changed, 26 insertions(+), 26 deletions(-)
diff --git a/include/ui/console.h b/include/ui/console.h
index 22ef8ca..5ff2e27 100644
--- a/include/ui/console.h
+++ b/include/ui/console.h
@@ -327,19 +327,19 @@ void sdl_display_init(DisplayState *ds, int full_screen,
int no_frame);
void cocoa_display_init(DisplayState *ds, int full_screen);
/* vnc.c */
-void vnc_display_init(DisplayState *ds);
-void vnc_display_open(DisplayState *ds, const char *display, Error **errp);
-void vnc_display_add_client(DisplayState *ds, int csock, bool skipauth);
-char *vnc_display_local_addr(DisplayState *ds);
+void vnc_display_init(const char *id);
+void vnc_display_open(const char *id, const char *display, Error **errp);
+void vnc_display_add_client(const char *id, int csock, bool skipauth);
+char *vnc_display_local_addr(const char *id);
#ifdef CONFIG_VNC
-int vnc_display_password(DisplayState *ds, const char *password);
-int vnc_display_pw_expire(DisplayState *ds, time_t expires);
+int vnc_display_password(const char *id, const char *password);
+int vnc_display_pw_expire(const char *id, time_t expires);
#else
-static inline int vnc_display_password(DisplayState *ds, const char *password)
+static inline int vnc_display_password(const char *id, const char *password)
{
return -ENODEV;
}
-static inline int vnc_display_pw_expire(DisplayState *ds, time_t expires)
+static inline int vnc_display_pw_expire(const char *id, time_t expires)
{
return -ENODEV;
};
diff --git a/ui/vnc.c b/ui/vnc.c
index a6549c8..fce4861 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -2967,10 +2967,11 @@ static const DisplayChangeListenerOps dcl_ops = {
.dpy_cursor_define = vnc_dpy_cursor_define,
};
-void vnc_display_init(DisplayState *ds)
+void vnc_display_init(const char *id)
{
VncDisplay *vs = g_malloc0(sizeof(*vs));
+vs-id = strdup(id);
QTAILQ_INSERT_TAIL(vnc_displays, vs, next);
vs-lsock = -1;
@@ -2999,10 +3000,8 @@ void vnc_display_init(DisplayState *ds)
}
-static void vnc_display_close(DisplayState *ds)
+static void vnc_display_close(VncDisplay *vs)
{
-VncDisplay *vs = vnc_display_find(NULL);
-
if (!vs)
return;
g_free(vs-display);
@@ -3028,9 +3027,9 @@ static void vnc_display_close(DisplayState *ds)
#endif
}
-int vnc_display_password(DisplayState *ds, const char *password)
+int vnc_display_password(const char *id, const char *password)
{
-VncDisplay *vs = vnc_display_find(NULL);
+VncDisplay *vs = vnc_display_find(id);
if (!vs) {
return -EINVAL;
@@ -3047,9 +3046,9 @@ int vnc_display_password(DisplayState *ds, const char
*password)
return 0;
}
-int vnc_display_pw_expire(DisplayState *ds, time_t expires)
+int vnc_display_pw_expire(const char *id, time_t expires)
{
-VncDisplay *vs = vnc_display_find(NULL);
+VncDisplay *vs = vnc_display_find(id);
if (!vs) {
return -EINVAL;
@@ -3059,16 +3058,16 @@ int vnc_display_pw_expire(DisplayState *ds, time_t
expires)
return 0;
}
-char *vnc_display_local_addr(DisplayState *ds)
+char *vnc_display_local_addr(const char *id)
{
-VncDisplay *vs = vnc_display_find(NULL);
+VncDisplay *vs = vnc_display_find(id);
return vnc_socket_local_addr(%s:%s, vs-lsock);
}
-void vnc_display_open(DisplayState *ds, const char *display, Error **errp)
+void vnc_display_open(const char *id, const char *display, Error **errp)
{
-VncDisplay *vs = vnc_display_find(NULL);
+VncDisplay *vs = vnc_display_find(id);
const char *options;
int password = 0;
int reverse = 0;
@@ -3088,7 +3087,7 @@ void vnc_display_open(DisplayState *ds, const char
*display, Error **errp)
error_setg(errp, VNC display not active);
return;
}
-vnc_display_close(ds);
+vnc_display_close(vs);
if (strcmp(display, none) == 0)
return;
@@ -3381,9 +3380,9 @@ fail:
#endif /* CONFIG_VNC_WS */
}
-void vnc_display_add_client(DisplayState *ds, int csock, bool skipauth)
+void vnc_display_add_client(const char *id, int csock, bool skipauth)
{
-VncDisplay *vs = vnc_display_find(NULL);
+VncDisplay *vs = vnc_display_find(id);
if (!vs) {
return;
diff --git a/vl.c b/vl.c
index bea9656..f29f04f 100644
--- a/vl.c
+++ b/vl.c
@@ -4276,8 +4276,9 @@ int main(int argc, char **argv, char **envp)
/* init remote displays */
if (vnc_display) {
Error *local_err = NULL;
-vnc_display_init(ds);
-vnc_display_open(ds, vnc_display, local_err);
+const char *id = default;
+vnc_display_init(id);
+vnc_display_open(id,
[Qemu-devel] [PATCH 05/10] vnc: allow binding servers to qemu consoles
This patch adds a display= parameter to the vnc options. This allows to
bind a vnc server instance to a specific display, allowing to create a
multiseat setup with a vnc server for each seat.
Signed-off-by: Gerd Hoffmann kra...@redhat.com
---
ui/vnc.c | 50 +++---
1 file changed, 43 insertions(+), 7 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index ce1dd59..dd09fc1 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -27,6 +27,7 @@
#include vnc.h
#include vnc-jobs.h
#include trace.h
+#include hw/qdev.h
#include sysemu/sysemu.h
#include qemu/sockets.h
#include qemu/timer.h
@@ -1665,7 +1666,8 @@ static void do_key_event(VncState *vs, int down, int
keycode, int sym)
vs-modifiers_state[keycode] = 0;
break;
case 0x02 ... 0x0a: /* '1' to '9' keys */
-if (down vs-modifiers_state[0x1d] vs-modifiers_state[0x38]) {
+if (vs-vd-dcl.con == NULL
+down vs-modifiers_state[0x1d] vs-modifiers_state[0x38]) {
/* Reset the modifiers sent to the current console */
reset_keys(vs);
console_select(keycode - 0x02);
@@ -2073,8 +2075,8 @@ static void set_pixel_format(VncState *vs,
set_pixel_conversion(vs);
-graphic_hw_invalidate(NULL);
-graphic_hw_update(NULL);
+graphic_hw_invalidate(vs-vd-dcl.con);
+graphic_hw_update(vs-vd-dcl.con);
}
static void pixel_format_message (VncState *vs) {
@@ -2801,7 +2803,7 @@ static void vnc_refresh(DisplayChangeListener *dcl)
return;
}
-graphic_hw_update(NULL);
+graphic_hw_update(vd-dcl.con);
if (vnc_trylock_display(vd)) {
update_displaychangelistener(vd-dcl, VNC_REFRESH_INTERVAL_BASE);
@@ -2907,7 +2909,7 @@ void vnc_init_state(VncState *vs)
QTAILQ_INSERT_HEAD(vd-clients, vs, next);
-graphic_hw_update(NULL);
+graphic_hw_update(vd-dcl.con);
vnc_write(vs, RFB 003.008\n, 12);
vnc_flush(vs);
@@ -2930,7 +2932,7 @@ static void vnc_listen_read(void *opaque, bool websocket)
int csock;
/* Catch-up */
-graphic_hw_update(NULL);
+graphic_hw_update(vs-dcl.con);
#ifdef CONFIG_VNC_WS
if (websocket) {
csock = qemu_accept(vs-lwebsock, (struct sockaddr *)addr, addrlen);
@@ -3089,6 +3091,12 @@ static QemuOptsList qemu_vnc_opts = {
.name = share,
.type = QEMU_OPT_STRING,
},{
+.name = display,
+.type = QEMU_OPT_STRING,
+},{
+.name = head,
+.type = QEMU_OPT_NUMBER,
+},{
.name = password,
.type = QEMU_OPT_BOOL,
},{
@@ -3124,7 +3132,8 @@ void vnc_display_open(const char *id, Error **errp)
{
VncDisplay *vs = vnc_display_find(id);
QemuOpts *opts = qemu_opts_find(qemu_vnc_opts, id);
-const char *display, *websocket, *share;
+const char *display, *websocket, *share, *device_id;
+QemuConsole *con;
int password = 0;
int reverse = 0;
#ifdef CONFIG_VNC_TLS
@@ -3353,6 +3362,33 @@ void vnc_display_open(const char *id, Error **errp)
#endif
vs-lock_key_sync = lock_key_sync;
+device_id = qemu_opt_get(opts, display);
+if (device_id) {
+DeviceState *dev;
+int head = qemu_opt_get_number(opts, head, 0);
+
+dev = qdev_find_recursive(sysbus_get_default(), device_id);
+if (dev == NULL) {
+error_set(errp, QERR_DEVICE_NOT_FOUND, device_id);
+goto fail;
+}
+
+con = qemu_console_lookup_by_device(dev, head);
+if (con == NULL) {
+error_setg(errp, Device %s is not bound to a QemuConsole,
+ device_id);
+goto fail;
+}
+} else {
+con = NULL;
+}
+
+if (con != vs-dcl.con) {
+unregister_displaychangelistener(vs-dcl);
+vs-dcl.con = con;
+register_displaychangelistener(vs-dcl);
+}
+
if (reverse) {
/* connect to viewer */
int csock;
--
1.8.3.1
Re: [Qemu-devel] [PATCH 2/3] configure: Default to enable module build
Am 12.01.2015 um 05:43 schrieb Fam Zheng:
We have module build support around for a while, but also had it bitrot
several times. It probably makes sense to enable it by default so that
people can notice and use it.
Counterpart to --enable-modules, which is turned as default,
--disable-modules is added to suppress it. If both are omitted, the
support is guesses as usual.
Signed-off-by: Fam Zheng f...@redhat.com
General idea seems okay, however an error handling nit below.
---
configure | 96
---
1 file changed, 67 insertions(+), 29 deletions(-)
diff --git a/configure b/configure
index 7539645..2015179 100755
--- a/configure
+++ b/configure
@@ -271,7 +271,7 @@ gcov_tool=gcov
EXESUF=
DSOSUF=.so
LDFLAGS_SHARED=-shared
-modules=no
+modules=
prefix=/usr/local
mandir=\${prefix}/share/man
datadir=\${prefix}/share
@@ -768,6 +768,9 @@ for opt do
--enable-modules)
modules=yes
;;
+ --disable-modules)
+ modules=no
+ ;;
--cpu=*)
;;
--target-list=*) target_list=$optarg
@@ -1259,7 +1262,8 @@ Advanced options (experts only):
--sysconfdir=PATHinstall config in PATH$confsuffix
--localstatedir=PATH install local state in PATH (set at runtime on
win32)
--with-confsuffix=SUFFIX suffix for QEMU data inside
datadir/libdir/sysconfdir [$confsuffix]
- --enable-modules enable modules support
+ --enable-modules enable modules support (default)
+ --disable-modulesenable modules support
--enable-debug-tcg enable TCG debugging
--disable-debug-tcg disable TCG debugging (default)
--enable-debug-info enable debugging information (default)
@@ -2699,22 +2703,26 @@ if test $mingw32 = yes; then
else
glib_req_ver=2.12
fi
-glib_modules=gthread-2.0
-if test $modules = yes; then
-glib_modules=$glib_modules gmodule-2.0
-fi
-for i in $glib_modules; do
-if $pkg_config --atleast-version=$glib_req_ver $i; then
-glib_cflags=`$pkg_config --cflags $i`
-glib_libs=`$pkg_config --libs $i`
-CFLAGS=$glib_cflags $CFLAGS
-LIBS=$glib_libs $LIBS
-libs_qga=$glib_libs $libs_qga
-else
-error_exit glib-$glib_req_ver $i is required to compile QEMU
-fi
-done
+glib_module_try_config()
+{
+ if $pkg_config --atleast-version=$glib_req_ver $1; then
+local probe_cflags=$($pkg_config --cflags $1)
+local probe_libs=$($pkg_config --libs $1)
+CFLAGS=$probe_cflags $CFLAGS
+LIBS=$probe_libs $LIBS
+libs_qga=$probe_libs $libs_qga
+glib_cflags=$probe_cflags $glib_cflags
+glib_libs=$probe_libs $glib_libs
+return 0
+ else
+return 1
+error_exit glib-$glib_req_ver $i is required to compile QEMU
Is this error_exit ever executed? I.e., shouldn't the two lines be
reordered?
+ fi
+}
+
+glib_module_try_config gthread-2.0 || \
+ error_exit glib-$glib_req_ver gthread-2.0 is required to compile QEMU
Depending on the above, we might drop this error_exit duplication?
Regards,
Andreas
# g_test_trap_subprocess added in 2.38. Used by some tests.
glib_subprocess=yes
@@ -2723,19 +2731,49 @@ if ! $pkg_config --atleast-version=2.38 glib-2.0; then
fi
##
-# SHA command probe for modules
-if test $modules = yes; then
-shacmd_probe=sha1sum sha1 shasum
-for c in $shacmd_probe; do
-if has $c; then
-shacmd=$c
-break
-fi
-done
-if test $shacmd = ; then
-error_exit one of the checksum commands is required to enable
modules: $shacmd_probe
+# SHA command and gmodule-2.0 probe for modules
+# return 0 if probe succeeds
+# $1: true - force mode, exit if probe fail
+# false - optoinal mode, return 1 if probe fail
+module_try_enable()
+{
+ force=$1
+ shacmd_probe=sha1sum sha1 shasum
+ for c in $shacmd_probe; do
+if has $c; then
+ shacmd=$c
+ break
fi
-fi
+ done
+ if test $shacmd = ; then
+if $force; then
+ error_exit one of the checksum commands is required to enable
modules: $shacmd_probe
+else
+ modules=no
+ return
+fi
+ fi
+ if ! glib_module_try_config gmodule-2.0; then
+if $force; then
+ error_exit glib-$glib_req_ver gthread-2.0 is required to compile QEMU
+else
+ modules=no
+ return
+fi
+ fi
+ modules=yes
+}
+
+case $modules in
+ yes)
+module_try_enable true
+;;
+ )
+module_try_enable false
+;;
+ no)
+;;
+esac
##
# pixman support probe
--
SUSE Linux GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Felix Imendörffer, Jane Smithard, Jennifer Guild, Dilip Upmanyu,
Graham Norton; HRB 21284 (AG Nürnberg)
Re: [Qemu-devel] [PATCH 1/1] ich9: add disable_s3, disable_s4, s4_val properties
On Mon, Jan 12, 2015 at 04:25:01PM +0530, Amit Shah wrote: On (Mon) 12 Jan 2015 [12:26:08], Marcel Apfelbaum wrote: On 12/16/2014 01:23 PM, Amit Shah wrote: PIIX4 has disable_s3 and disable_s4 properties to enable or disable PM functions. Add such properties to the ICH9 chipset as well for the Q35 machine type. S3 / S4 are not guaranteed to always work (needs work in the guest as well as QEMU for things to work properly), and disabling advertising of these features ensures guests don't go into zombie state if something isn't working right. The defaults are kept the same as in PIIX4: both S3 and S4 are enabled by default. These can be disabled via the cmdline: ... -global ICH9-LPC,disable_s3=1 -global ICH9-LPC,disable_s4=1 ^^^ ^^^ Should be -global ICH9-LPC.disable_s3=1 -global ICH9-LPC.disable_s4=1 Indeed, thanks. Hi Amit, thanks for answering my prev question. I have one more:) I didn't see how the properties are connected to the ACPI mechanism. I tested it with your suggested command line and it didn't work from some reason. - I used ... -M Q35 -global ICH9-LPC.disable_s3=1 -global ICH9-LPC.disable_s4=1 - On guest: pm-is-supported --hibernate echo $? = 0 (enabled) - Furthermore, pm-hibernate worked Maybe I am missing something or maybe this is not in the scope of this patch. Hibernate is special for Linux guests. If acpi-based hibernate isn't available, Linux simulates it by writing a hibernate image and doing a shutdown of the guest instead of entering the S4 state. To test, there are two ways: check if s3 works after passing this parm, or check the acpi blobs inside the guest for the advertisement of the params. Amit Interesting. So this isn't for the benefit of linux guests then? Which guests do actually benefit? It might be a good idea to put this info in the commit log.
Re: [Qemu-devel] [PULL v3 0/7] s390x patches for 2.3
On 12 January 2015 at 10:04, Cornelia Huck cornelia.h...@de.ibm.com wrote: Third time's the charm? I've verified that this builds with mingw32 (and nothing else that worked before broke). The following changes since commit 64ea8038ffbf703dcd438a108d2d5499c8ff95d9: Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150109.0' into staging (2015-01-10 22:29:09 +) are available in the git repository at: git://github.com/cohuck/qemu tags/s390x-20150112-v3 for you to fetch changes up to 9e03a0405d56b4af8952b794d0e5dd9206ee7329: kvm: extend kvm_irqchip_add_msi_route to work on s390 (2015-01-12 10:14:04 +0100) s390x patches for 2.3. Highlight is support for PCI devices on s390x. Otherwise, performance improvements (register sync) and small cleanups. Applied, thanks. -- PMM
Re: [Qemu-devel] Fedora FC21 - Bug: 100% CPU and hangs in gettimeofday(tp, NULL); forever
On 12/01/2015 12:53, Gerhard Wiesinger wrote: That's difficult without bisection pointing out where the bugs were fixed. 2.1.3 is scheduled real soon now and it will be the last release from the 2.1.x branch. So no security updates planned for 2.1.x afterwards? Distros usually take care of them, except for really egregious vulnerabilities. Paolo For Fedora: Update for 2.2.x for the regulary update repo planned? Will updated for 2.2.x also be released in the preview repos? http://fedoraproject.org/wiki/Virtualization_Preview_Repository
[Qemu-devel] [RFC PATCH v7 07/21] cpu: replay instructions sequence
This patch adds calls to replay functions into the icount setup block.
In record mode number of executed instructions is written to the log.
In replay mode number of istructions to execute is taken from the replay log.
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
cpu-exec.c |1 +
cpus.c | 28 ++--
replay/replay.c | 21 +
replay/replay.h |4
4 files changed, 44 insertions(+), 10 deletions(-)
diff --git a/cpu-exec.c b/cpu-exec.c
index 49f01f5..99a0993 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -531,6 +531,7 @@ int cpu_exec(CPUArchState *env)
}
cpu-exception_index = EXCP_INTERRUPT;
next_tb = 0;
+qemu_notify_event();
cpu_loop_exit(cpu);
}
break;
diff --git a/cpus.c b/cpus.c
index 96580ad..0c368f2 100644
--- a/cpus.c
+++ b/cpus.c
@@ -41,6 +41,7 @@
#include qemu/seqlock.h
#include qapi-event.h
#include hw/nmi.h
+#include replay/replay.h
#ifndef _WIN32
#include qemu/compatfd.h
@@ -1342,18 +1343,22 @@ static int tcg_cpu_exec(CPUArchState *env)
+ cpu-icount_extra);
cpu-icount_decr.u16.low = 0;
cpu-icount_extra = 0;
-deadline = qemu_clock_deadline_ns_all(QEMU_CLOCK_VIRTUAL);
+if (replay_mode != REPLAY_MODE_PLAY) {
+deadline = qemu_clock_deadline_ns_all(QEMU_CLOCK_VIRTUAL);
-/* Maintain prior (possibly buggy) behaviour where if no deadline
- * was set (as there is no QEMU_CLOCK_VIRTUAL timer) or it is more than
- * INT32_MAX nanoseconds ahead, we still use INT32_MAX
- * nanoseconds.
- */
-if ((deadline 0) || (deadline INT32_MAX)) {
-deadline = INT32_MAX;
-}
+/* Maintain prior (possibly buggy) behaviour where if no deadline
+ * was set (as there is no QEMU_CLOCK_VIRTUAL timer) or it is more
than
+ * INT32_MAX nanoseconds ahead, we still use INT32_MAX
+ * nanoseconds.
+ */
+if ((deadline 0) || (deadline INT32_MAX)) {
+deadline = INT32_MAX;
+}
-count = qemu_icount_round(deadline);
+count = qemu_icount_round(deadline);
+} else {
+count = replay_get_instructions();
+}
timers_state.qemu_icount += count;
decr = (count 0x) ? 0x : count;
count -= decr;
@@ -1371,6 +1376,9 @@ static int tcg_cpu_exec(CPUArchState *env)
+ cpu-icount_extra);
cpu-icount_decr.u32 = 0;
cpu-icount_extra = 0;
+if (replay_mode == REPLAY_MODE_PLAY) {
+replay_exec_instructions();
+}
}
return ret;
}
diff --git a/replay/replay.c b/replay/replay.c
index 4b09685..8e391da 100755
--- a/replay/replay.c
+++ b/replay/replay.c
@@ -69,3 +69,24 @@ uint64_t replay_get_current_step(void)
{
return cpu_get_icount_raw();
}
+
+int replay_get_instructions(void)
+{
+if (skip_async_events(EVENT_INSTRUCTION)) {
+return replay_state.instructions_count;
+}
+return 0;
+}
+
+void replay_exec_instructions(void)
+{
+if (replay_state.instructions_count 0) {
+int count = (int)(replay_get_current_step()
+ - replay_state.current_step);
+replay_state.instructions_count -= count;
+replay_state.current_step += count;
+if (replay_state.instructions_count == 0 count != 0) {
+replay_has_unread_data = 0;
+}
+}
+}
diff --git a/replay/replay.h b/replay/replay.h
index e40daf5..382dc7b 100755
--- a/replay/replay.h
+++ b/replay/replay.h
@@ -26,5 +26,9 @@ ReplaySubmode replay_get_play_submode(void);
/*! Returns number of executed instructions. */
uint64_t replay_get_current_step(void);
+/*! Returns number of instructions to execute in replay mode. */
+int replay_get_instructions(void);
+/*! Updates instructions counter in replay mode. */
+void replay_exec_instructions(void);
#endif
[Qemu-devel] [RFC PATCH v7 10/21] cpus: make icount warp deterministic in replay mode
This patch fixes icount warp rt timer. It should be based on virtual_rt
clock to be deterministic.
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
cpus.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/cpus.c b/cpus.c
index 0c368f2..8787277 100644
--- a/cpus.c
+++ b/cpus.c
@@ -325,7 +325,7 @@ static void icount_adjust(void)
static void icount_adjust_rt(void *opaque)
{
timer_mod(icount_rt_timer,
- qemu_clock_get_ms(QEMU_CLOCK_REALTIME) + 1000);
+ qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL_RT) + 1000);
icount_adjust();
}
[Qemu-devel] [RFC PATCH v7 18/21] replay: thread pool
This patch modifies thread pool to allow replaying asynchronous thread tasks
synchronously in replay mode.
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
block/raw-posix.c |6 -
block/raw-win32.c |4 +++-
include/block/thread-pool.h |4 +++-
replay/replay-events.c | 11 ++
replay/replay-internal.h|3 ++-
replay/replay.h |2 ++
stubs/replay.c |4
tests/test-thread-pool.c|7 --
thread-pool.c | 49 ++-
9 files changed, 67 insertions(+), 23 deletions(-)
diff --git a/block/raw-posix.c b/block/raw-posix.c
index e51293a..f878e06 100644
--- a/block/raw-posix.c
+++ b/block/raw-posix.c
@@ -1073,7 +1073,9 @@ static BlockAIOCB *paio_submit(BlockDriverState *bs, int
fd,
trace_paio_submit(acb, opaque, sector_num, nb_sectors, type);
pool = aio_get_thread_pool(bdrv_get_aio_context(bs));
-return thread_pool_submit_aio(pool, aio_worker, acb, cb, opaque);
+return thread_pool_submit_aio(pool, aio_worker, acb, cb, opaque,
+ qiov ? qiov-replay : false,
+ qiov ? qiov-replay_step : 0);
}
static BlockAIOCB *raw_aio_submit(BlockDriverState *bs,
@@ -1986,7 +1988,7 @@ static BlockAIOCB *hdev_aio_ioctl(BlockDriverState *bs,
acb-aio_ioctl_buf = buf;
acb-aio_ioctl_cmd = req;
pool = aio_get_thread_pool(bdrv_get_aio_context(bs));
-return thread_pool_submit_aio(pool, aio_worker, acb, cb, opaque);
+return thread_pool_submit_aio(pool, aio_worker, acb, cb, opaque, false, 0);
}
#elif defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
diff --git a/block/raw-win32.c b/block/raw-win32.c
index 06243d7..7ac693b 100644
--- a/block/raw-win32.c
+++ b/block/raw-win32.c
@@ -158,7 +158,9 @@ static BlockAIOCB *paio_submit(BlockDriverState *bs, HANDLE
hfile,
trace_paio_submit(acb, opaque, sector_num, nb_sectors, type);
pool = aio_get_thread_pool(bdrv_get_aio_context(bs));
-return thread_pool_submit_aio(pool, aio_worker, acb, cb, opaque);
+return thread_pool_submit_aio(pool, aio_worker, acb, cb, opaque,
+ qiov ? qiov-replay : false,
+ qiov ? qiov-replay_step : 0);
}
int qemu_ftruncate64(int fd, int64_t length)
diff --git a/include/block/thread-pool.h b/include/block/thread-pool.h
index 42eb5e8..801ac00 100644
--- a/include/block/thread-pool.h
+++ b/include/block/thread-pool.h
@@ -29,9 +29,11 @@ void thread_pool_free(ThreadPool *pool);
BlockAIOCB *thread_pool_submit_aio(ThreadPool *pool,
ThreadPoolFunc *func, void *arg,
-BlockCompletionFunc *cb, void *opaque);
+BlockCompletionFunc *cb, void *opaque,
+bool replay, uint64_t replay_step);
int coroutine_fn thread_pool_submit_co(ThreadPool *pool,
ThreadPoolFunc *func, void *arg);
void thread_pool_submit(ThreadPool *pool, ThreadPoolFunc *func, void *arg);
+void thread_pool_work(ThreadPool *pool, void *r);
#endif
diff --git a/replay/replay-events.c b/replay/replay-events.c
index 1aee0a4..4da5de0 100755
--- a/replay/replay-events.c
+++ b/replay/replay-events.c
@@ -12,6 +12,7 @@
#include qemu-common.h
#include replay.h
#include replay-internal.h
+#include block/thread-pool.h
typedef struct Event {
int event_kind;
@@ -39,6 +40,9 @@ static void replay_run_event(Event *event)
case REPLAY_ASYNC_EVENT_BH:
aio_bh_call(event-opaque);
break;
+case REPLAY_ASYNC_EVENT_THREAD:
+thread_pool_work((ThreadPool *)event-opaque, event-opaque2);
+break;
default:
fprintf(stderr, Replay: invalid async event ID (%d) in the queue\n,
event-event_kind);
@@ -127,6 +131,11 @@ void replay_add_bh_event(void *bh, uint64_t id)
replay_add_event_internal(REPLAY_ASYNC_EVENT_BH, bh, NULL, id);
}
+void replay_add_thread_event(void *opaque, void *opaque2, uint64_t id)
+{
+replay_add_event_internal(REPLAY_ASYNC_EVENT_THREAD, opaque, opaque2, id);
+}
+
void replay_save_events(int opt)
{
qemu_mutex_lock(lock);
@@ -141,6 +150,7 @@ void replay_save_events(int opt)
/* save event-specific data */
switch (event-event_kind) {
case REPLAY_ASYNC_EVENT_BH:
+case REPLAY_ASYNC_EVENT_THREAD:
replay_put_qword(event-id);
break;
}
@@ -170,6 +180,7 @@ void replay_read_events(int opt)
/* Execute some events without searching them in the queue */
switch (read_event_kind) {
case REPLAY_ASYNC_EVENT_BH:
+case REPLAY_ASYNC_EVENT_THREAD:
if (read_id == -1) {
read_id = replay_get_qword();
}
diff --git a/replay/replay-internal.h b/replay/replay-internal.h
index 6e0c2e9..c32bd9c 100755
--- a/replay/replay-internal.h
+++ b/replay/replay-internal.h
@@ -38,7 +38,8 @@
/*
Re: [Qemu-devel] [RFC PATCH v7 20/21] replay: command line options
From: Paolo Bonzini [mailto:pbonz...@redhat.com] On 12/01/2015 13:01, Pavel Dovgalyuk wrote: This patch introduces command line options for enabling recording or replaying virtual machine behavior. -record option starts recording of the execution and saves it into the log, specified with fname parameter. -replay option is intended for replaying previously saved log. What about just using -icount, since it requires that? You mean adding more attributes to -icount option? Or implicitly enabling -icount with -record/replay? Pavel Dovgalyuk
[Qemu-devel] [PATCH 0/2] qed: additional input validation
These patches add an overflow check and a test case for invalid QED headers. Note that this has no security impact because reading the backing filename is limited to sizeof(bs-backing_file). Stefan Hajnoczi (2): qed: check for header size overflow qemu-iotests: add 116 invalid QED input file tests block/qed.c| 6 +++ tests/qemu-iotests/116 | 96 ++ tests/qemu-iotests/116.out | 37 ++ tests/qemu-iotests/group | 1 + 4 files changed, 140 insertions(+) create mode 100755 tests/qemu-iotests/116 create mode 100644 tests/qemu-iotests/116.out -- 2.1.0
[Qemu-devel] [PATCH 1/2] qed: check for header size overflow
Header size is denoted in clusters. The maximum cluster size is 64 MB
but there is no limit on header size. Check for uint32_t overflow in
case the header size field has a whacky value.
Signed-off-by: Stefan Hajnoczi stefa...@redhat.com
---
block/qed.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/block/qed.c b/block/qed.c
index 80f18d8..d2c6045 100644
--- a/block/qed.c
+++ b/block/qed.c
@@ -440,6 +440,12 @@ static int bdrv_qed_open(BlockDriverState *bs, QDict
*options, int flags,
s-l2_mask = s-table_nelems - 1;
s-l1_shift = s-l2_shift + ffs(s-table_nelems) - 1;
+/* Header size calculation must not overflow uint32_t */
+if ((uint64_t)s-header.cluster_size * s-header.header_size !=
+s-header.cluster_size * s-header.header_size) {
+return -EINVAL;
+}
+
if ((s-header.features QED_F_BACKING_FILE)) {
if ((uint64_t)s-header.backing_filename_offset +
s-header.backing_filename_size
--
2.1.0
Re: [Qemu-devel] [RFC PATCH v7 00/21] Deterministic replay core
On 12/01/2015 12:59, Pavel Dovgalyuk wrote:
This set of patches is related to the reverse execution and deterministic
replay of qemu execution This implementation of deterministic replay can
be used for deterministic debugging of guest code through gdb remote
interface.
These patches include only core function of the replay,
excluding the support for replaying serial, audio, network, and USB devices'
operations. Reverse debugging and monitor commands were also excluded to
be submitted later as separate patches.
Execution recording writes non-deterministic events log, which can be later
used for replaying the execution anywhere and for unlimited number of times.
It also supports checkpointing for faster rewinding during reverse debugging.
Execution replaying reads the log and replays all non-deterministic events
including external input, hardware clocks, and interrupts.
So it's good that all the generic migration stuff went in, and also some
of the RR infrastructure. v8 should be below 20 patches, which is
pretty good.
I made some generic comments:
1) thread-safety unfortunately looks a bit iffy. The RR QemuMutex
should be the deepest lock in the hierarchy, which basically means that
replay/ should never call anything outside it while taking the lock.
2) your code generally looks like:
-void foo(void)
+void foo_impl(void)
{
...
}
+void foo(void)
+{
+if (replay_mode) ...
+foo_impl();
+}
Instead, please use
void foo(void)
{
+replay_foo();
...
}
and possibly put replay_foo() in the replay/ subdirectory.
3) Inline functions are better than macros. enums are better than #defines.
4) I've applied patch 10.
Paolo
Re: [Qemu-devel] [RFC PATCH v7 12/21] replay: recording and replaying clock ticks
From: Paolo Bonzini [mailto:pbonz...@redhat.com] On 12/01/2015 13:00, Pavel Dovgalyuk wrote: diff --git a/replay/replay.h b/replay/replay.h index 90a949b..1c18c0e 100755 --- a/replay/replay.h +++ b/replay/replay.h @@ -16,6 +16,16 @@ #include stdint.h #include qapi-types.h +/* replay clock kinds */ +/* rdtsc */ +#define REPLAY_CLOCK_REAL_TICKS 0 +/* host_clock */ +#define REPLAY_CLOCK_HOST 1 +/* virtual_rt_clock */ +#define REPLAY_CLOCK_VIRTUAL_RT 2 + +#define REPLAY_CLOCK_COUNT 3 + extern ReplayMode replay_mode; extern char *replay_image_suffix; @@ -47,6 +57,19 @@ bool replay_interrupt(void); Returns true, when interrupt request is pending */ bool replay_has_interrupt(void); +/* Processing clocks and other time sources */ + +/*! Save the specified clock */ +int64_t replay_save_clock(unsigned int kind, int64_t clock); +/*! Read the specified clock from the log or return cached data */ +int64_t replay_read_clock(unsigned int kind); +/*! Saves or reads the clock depending on the current replay mode. */ +#define REPLAY_CLOCK(clock, value) \ +(replay_mode == REPLAY_MODE_PLAY ? replay_read_clock((clock)) \ +: replay_mode == REPLAY_MODE_RECORD \ +? replay_save_clock((clock), (value)) \ +: (value)) + Inline functions please, not macros. Macro is required here, because I do not want the value to be computed in replay mode at all. Pavel Dovgalyuk
Re: [Qemu-devel] [PATCH 1/4] configure: opengl overhaul
On 12/01/2015 13:35, Gerd Hoffmann wrote:
Rename config option from glx to opengl, glx will not be the only
option for opengl in near future. Also switch over to pkg-config for
opengl support detection.
Signed-off-by: Gerd Hoffmann kra...@redhat.com
Gerd, since you're working in this area, can you pick up
http://article.gmane.org/gmane.comp.emulators.qemu/313402 as well? I
had queued it for my next pull request, but it conflicts with your stuff.
Paolo
---
configure| 39 +--
default-configs/lm32-softmmu.mak | 2 +-
hw/display/Makefile.objs | 2 +-
hw/lm32/milkymist-hw.h | 4 ++--
include/sysemu/sysemu.h | 1 +
vl.c | 1 +
6 files changed, 23 insertions(+), 26 deletions(-)
diff --git a/configure b/configure
index cae588c..ee1693b 100755
--- a/configure
+++ b/configure
@@ -309,7 +309,7 @@ rbd=
smartcard_nss=
libusb=
usb_redir=
-glx=
+opengl=
zlib=yes
lzo=
snappy=
@@ -1026,9 +1026,9 @@ for opt do
;;
--enable-vhost-scsi) vhost_scsi=yes
;;
- --disable-glx) glx=no
+ --disable-opengl) opengl=no
;;
- --enable-glx) glx=yes
+ --enable-opengl) opengl=yes
;;
--disable-rbd) rbd=no
;;
@@ -3056,23 +3056,18 @@ fi
libs_softmmu=$libs_softmmu $fdt_libs
##
-# GLX probe, used by milkymist-tmu2
-if test $glx != no ; then
- glx_libs=-lGL -lX11
- cat $TMPC EOF
-#include X11/Xlib.h
-#include GL/gl.h
-#include GL/glx.h
-int main(void) { glBegin(0); glXQueryVersion(0,0,0); return 0; }
-EOF
- if compile_prog -lGL -lX11 ; then
-glx=yes
+# opengl probe, used by milkymist-tmu2
+if test $opengl != no ; then
+ opengl_pkgs=gl
+ if $pkg_config $opengl_pkgs; then
+opengl_libs=$($pkg_config --libs $opengl_pkgs) -lX11
+opengl=yes
else
-if test $glx = yes ; then
- feature_not_found glx Install GL devel (e.g. MESA)
+if test $opengl = yes ; then
+ feature_not_found opengl Install GL devel (e.g. MESA)
fi
-glx_libs=
-glx=no
+opengl_libs=
+opengl=no
fi
fi
@@ -4320,7 +4315,7 @@ echo xfsctl support$xfs
echo nss used $smartcard_nss
echo libusb$libusb
echo usb net redir $usb_redir
-echo GLX support $glx
+echo OpenGL support$opengl
echo libiscsi support $libiscsi
echo libnfs support$libnfs
echo build guest agent $guest_agent
@@ -4682,9 +4677,9 @@ if test $usb_redir = yes ; then
echo CONFIG_USB_REDIR=y $config_host_mak
fi
-if test $glx = yes ; then
- echo CONFIG_GLX=y $config_host_mak
- echo GLX_LIBS=$glx_libs $config_host_mak
+if test $opengl = yes ; then
+ echo CONFIG_OPENGL=y $config_host_mak
+ echo OPENGL_LIBS=$opengl_libs $config_host_mak
fi
if test $lzo = yes ; then
diff --git a/default-configs/lm32-softmmu.mak
b/default-configs/lm32-softmmu.mak
index 7df58c8..4889348 100644
--- a/default-configs/lm32-softmmu.mak
+++ b/default-configs/lm32-softmmu.mak
@@ -2,7 +2,7 @@
CONFIG_LM32=y
CONFIG_MILKYMIST=y
-CONFIG_MILKYMIST_TMU2=$(CONFIG_GLX)
+CONFIG_MILKYMIST_TMU2=$(CONFIG_OPENGL)
CONFIG_FRAMEBUFFER=y
CONFIG_PTIMER=y
CONFIG_PFLASH_CFI01=y
diff --git a/hw/display/Makefile.objs b/hw/display/Makefile.objs
index 7ed76a9..e18ea57 100644
--- a/hw/display/Makefile.objs
+++ b/hw/display/Makefile.objs
@@ -20,7 +20,7 @@ common-obj-$(CONFIG_ZAURUS) += tc6393xb.o
ifeq ($(CONFIG_MILKYMIST_TMU2),y)
common-obj-y += milkymist-tmu2.o
-libs_softmmu += $(GLX_LIBS)
+libs_softmmu += $(OPENGL_LIBS)
endif
obj-$(CONFIG_OMAP) += omap_dss.o
diff --git a/hw/lm32/milkymist-hw.h b/hw/lm32/milkymist-hw.h
index 5317ce6..8d20cac 100644
--- a/hw/lm32/milkymist-hw.h
+++ b/hw/lm32/milkymist-hw.h
@@ -86,7 +86,7 @@ static inline DeviceState *milkymist_pfpu_create(hwaddr
base,
return dev;
}
-#ifdef CONFIG_GLX
+#ifdef CONFIG_OPENGL
#include X11/Xlib.h
#include GL/glx.h
static const int glx_fbconfig_attr[] = {
@@ -100,7 +100,7 @@ static const int glx_fbconfig_attr[] = {
static inline DeviceState *milkymist_tmu2_create(hwaddr base,
qemu_irq irq)
{
-#ifdef CONFIG_GLX
+#ifdef CONFIG_OPENGL
DeviceState *dev;
Display *d;
GLXFBConfig *configs;
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index 503e5a4..e5c91eb 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -117,6 +117,7 @@ extern int graphic_width;
extern int graphic_height;
extern int graphic_depth;
extern DisplayType display_type;
+extern int display_opengl;
extern const char *keyboard_layout;
extern int win2k_install_hack;
extern int alt_grab;
diff --git a/vl.c b/vl.c
index bea9656..06e8f44 100644
--- a/vl.c
+++ b/vl.c
@@ -129,6 +129,7 @@ static int data_dir_idx;
const char *bios_name = NULL;
enum vga_retrace_method vga_retrace_method =
[Qemu-devel] [PATCH 06/10] vnc: update docs/multiseat.txt
vnc joins the party ;) Also some s/head/seat/ to clarify. Signed-off-by: Gerd Hoffmann kra...@redhat.com --- docs/multiseat.txt | 18 ++ 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/docs/multiseat.txt b/docs/multiseat.txt index 67151e0..b963665 100644 --- a/docs/multiseat.txt +++ b/docs/multiseat.txt @@ -7,7 +7,7 @@ host side First you must compile qemu with a user interface supporting multihead/multiseat and input event routing. Right now this -list includes sdl2 and gtk (both 2+3): +list includes sdl2, gtk (both 2+3) and vnc: ./configure --enable-sdl --with-sdlabi=2.0 @@ -16,16 +16,16 @@ or ./configure --enable-gtk -Next put together the qemu command line: +Next put together the qemu command line (sdk/gtk): qemu -enable-kvm -usb $memory $disk $whatever \ -display [ sdl | gtk ] \ -vga std \ -device usb-tablet -That is it for the first head, which will use the standard vga, the +That is it for the first seat, which will use the standard vga, the standard ps/2 keyboard (implicitly there) and the usb-tablet. Now the -additional switches for the second head: +additional switches for the second seat: -device pci-bridge,addr=12.0,chassis_nr=2,id=head.2 \ -device secondary-vga,bus=head.2,addr=02.0,id=video.2 \ @@ -47,6 +47,16 @@ in a separate tab. You can either simply switch tabs to switch heads, or use the View / Detach tab menu item to move one of the displays to its own window so you can see both display devices side-by-side. +For vnc some additional configuration on the command line is needed. +We'll create two vnc server instances, and bind the second one to the +second seat, simliar to input devices: + + -display vnc=:1,id=primary \ + -display vnc=:2,id=secondary,display=video.2 + +Connecting to vnc display :1 gives you access to the first seat, and +likewise connecting to vnc display :2 shows the second seat. + Note on spice: Spice handles multihead just fine. But it can't do multiseat. For tablet events the event source is sent to the spice agent. But qemu can't figure it, so it can't do input routing. -- 1.8.3.1
Re: [Qemu-devel] [PATCH v3 6/9] rocker: add new rocker switch device
On 11/01/2015 04:57, sfel...@gmail.com wrote:
+static const MemoryRegionOps rocker_mmio_ops = {
+.read = rocker_mmio_read,
+.write = rocker_mmio_write,
+.endianness = DEVICE_LITTLE_ENDIAN,
+.valid = {
+.min_access_size = 4,
+.max_access_size = 8,
+},
+.impl = {
+.min_access_size = 4,
+.max_access_size = 8,
+},
+};
I suggest that you only use 32-bit registers in the internal
implementation, where writing to the low part of a 64-bit register only
writes to a latch. You can then use .impl.max_access_size == 4 but keep
.valid.max_access_size == 8.
QEMU will then take care of passing 64-bit writes down as two 32-bit
writes, in increasing address.
Paolo
[Qemu-devel] [PATCH 08/10] vnc: factor out qmp_query_client_list
so we can reuse it for the new vnc query command.
Signed-off-by: Gerd Hoffmann kra...@redhat.com
---
ui/vnc.c | 30 +++---
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 2ed16dc..d7c7865 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -385,6 +385,20 @@ static VncDisplay *vnc_display_find(const char *id)
return NULL;
}
+static VncClientInfoList *qmp_query_client_list(VncDisplay *vd)
+{
+VncClientInfoList *cinfo, *prev = NULL;
+VncState *client;
+
+QTAILQ_FOREACH(client, vd-clients, next) {
+cinfo = g_new0(VncClientInfoList, 1);
+cinfo-value = qmp_query_vnc_client(client);
+cinfo-next = prev;
+prev = cinfo;
+}
+return prev;
+}
+
VncInfo *qmp_query_vnc(Error **errp)
{
VncInfo *info = g_malloc0(sizeof(*info));
@@ -393,30 +407,16 @@ VncInfo *qmp_query_vnc(Error **errp)
if (vd == NULL || vd-display == NULL) {
info-enabled = false;
} else {
-VncClientInfoList *cur_item = NULL;
struct sockaddr_storage sa;
socklen_t salen = sizeof(sa);
char host[NI_MAXHOST];
char serv[NI_MAXSERV];
-VncState *client;
info-enabled = true;
/* for compatibility with the original command */
info-has_clients = true;
-
-QTAILQ_FOREACH(client, vd-clients, next) {
-VncClientInfoList *cinfo = g_malloc0(sizeof(*info));
-cinfo-value = qmp_query_vnc_client(client);
-
-/* XXX: waiting for the qapi to support GSList */
-if (!cur_item) {
-info-clients = cur_item = cinfo;
-} else {
-cur_item-next = cinfo;
-cur_item = cinfo;
-}
-}
+info-clients = qmp_query_client_list(vd);
if (vd-lsock == -1) {
return info;
--
1.8.3.1
[Qemu-devel] [PULL v3 1/7] s390x/ccw: fix oddity in machine class init
ccw_machine_class_init() uses ',' instead of ';' while initializing the class' fields. This is almost certainly a copy/paste error and, while legal C, rather on the unusual side. Just use ';' everywhere. Reviewed-by: Thomas Huth th...@linux.vnet.ibm.com Signed-off-by: Cornelia Huck cornelia.h...@de.ibm.com Signed-off-by: Jens Freimann jf...@linux.vnet.ibm.com Signed-off-by: Cornelia Huck cornelia.h...@de.ibm.com --- hw/s390x/s390-virtio-ccw.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index bc4dc2a..f7b750d 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -181,7 +181,7 @@ static void ccw_machine_class_init(ObjectClass *oc, void *data) mc-no_serial = 1; mc-no_parallel = 1; mc-no_sdcard = 1; -mc-use_sclp = 1, +mc-use_sclp = 1; mc-max_cpus = 255; nc-nmi_monitor_handler = s390_nmi; } -- 1.7.9.5
[Qemu-devel] [PULL v3 3/7] s390x/kvm: sync register support helper function
From: David Hildenbrand d...@linux.vnet.ibm.com
Let's unify the code to sync registers by moving the checks into a helper
function can_sync_regs().
Signed-off-by: David Hildenbrand d...@linux.vnet.ibm.com
Signed-off-by: Jens Freimann jf...@linux.vnet.ibm.com
Reviewed-by: Cornelia Huck cornelia.h...@de.ibm.com
Signed-off-by: Cornelia Huck cornelia.h...@de.ibm.com
---
target-s390x/kvm.c | 22 --
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index f3f8f2c..1483082 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -202,6 +202,11 @@ void kvm_s390_reset_vcpu(S390CPU *cpu)
}
}
+static int can_sync_regs(CPUState *cs, int regs)
+{
+return cap_sync_regs (cs-kvm_run-kvm_valid_regs regs) == regs;
+}
+
int kvm_arch_put_registers(CPUState *cs, int level)
{
S390CPU *cpu = S390_CPU(cs);
@@ -216,7 +221,7 @@ int kvm_arch_put_registers(CPUState *cs, int level)
cs-kvm_run-psw_addr = env-psw.addr;
cs-kvm_run-psw_mask = env-psw.mask;
-if (cap_sync_regs cs-kvm_run-kvm_valid_regs KVM_SYNC_GPRS) {
+if (can_sync_regs(cs, KVM_SYNC_GPRS)) {
for (i = 0; i 16; i++) {
cs-kvm_run-s.regs.gprs[i] = env-regs[i];
cs-kvm_run-kvm_dirty_regs |= KVM_SYNC_GPRS;
@@ -273,9 +278,8 @@ int kvm_arch_put_registers(CPUState *cs, int level)
}
}
-if (cap_sync_regs
-cs-kvm_run-kvm_valid_regs KVM_SYNC_ACRS
-cs-kvm_run-kvm_valid_regs KVM_SYNC_CRS) {
+/* access registers and control registers*/
+if (can_sync_regs(cs, KVM_SYNC_ACRS | KVM_SYNC_CRS)) {
for (i = 0; i 16; i++) {
cs-kvm_run-s.regs.acrs[i] = env-aregs[i];
cs-kvm_run-s.regs.crs[i] = env-cregs[i];
@@ -294,7 +298,7 @@ int kvm_arch_put_registers(CPUState *cs, int level)
}
/* Finally the prefix */
-if (cap_sync_regs cs-kvm_run-kvm_valid_regs KVM_SYNC_PREFIX) {
+if (can_sync_regs(cs, KVM_SYNC_PREFIX)) {
cs-kvm_run-s.regs.prefix = env-psa;
cs-kvm_run-kvm_dirty_regs |= KVM_SYNC_PREFIX;
} else {
@@ -317,7 +321,7 @@ int kvm_arch_get_registers(CPUState *cs)
env-psw.mask = cs-kvm_run-psw_mask;
/* the GPRS */
-if (cap_sync_regs cs-kvm_run-kvm_valid_regs KVM_SYNC_GPRS) {
+if (can_sync_regs(cs, KVM_SYNC_GPRS)) {
for (i = 0; i 16; i++) {
env-regs[i] = cs-kvm_run-s.regs.gprs[i];
}
@@ -332,9 +336,7 @@ int kvm_arch_get_registers(CPUState *cs)
}
/* The ACRS and CRS */
-if (cap_sync_regs
-cs-kvm_run-kvm_valid_regs KVM_SYNC_ACRS
-cs-kvm_run-kvm_valid_regs KVM_SYNC_CRS) {
+if (can_sync_regs(cs, KVM_SYNC_ACRS | KVM_SYNC_CRS)) {
for (i = 0; i 16; i++) {
env-aregs[i] = cs-kvm_run-s.regs.acrs[i];
env-cregs[i] = cs-kvm_run-s.regs.crs[i];
@@ -361,7 +363,7 @@ int kvm_arch_get_registers(CPUState *cs)
env-fpc = fpu.fpc;
/* The prefix */
-if (cap_sync_regs cs-kvm_run-kvm_valid_regs KVM_SYNC_PREFIX) {
+if (can_sync_regs(cs, KVM_SYNC_PREFIX)) {
env-psa = cs-kvm_run-s.regs.prefix;
}
--
1.7.9.5
[Qemu-devel] [PULL v3 0/7] s390x patches for 2.3
Third time's the charm? I've verified that this builds with mingw32 (and nothing else that worked before broke). The following changes since commit 64ea8038ffbf703dcd438a108d2d5499c8ff95d9: Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150109.0' into staging (2015-01-10 22:29:09 +) are available in the git repository at: git://github.com/cohuck/qemu tags/s390x-20150112-v3 for you to fetch changes up to 9e03a0405d56b4af8952b794d0e5dd9206ee7329: kvm: extend kvm_irqchip_add_msi_route to work on s390 (2015-01-12 10:14:04 +0100) s390x patches for 2.3. Highlight is support for PCI devices on s390x. Otherwise, performance improvements (register sync) and small cleanups. Cornelia Huck (1): s390x/ccw: fix oddity in machine class init David Hildenbrand (2): s390x/kvm: sync register support helper function s390x/kvm: avoid syscalls by syncing registers with kvm_run Frank Blaschka (3): s390: Add PCI bus support s390: implement pci instructions kvm: extend kvm_irqchip_add_msi_route to work on s390 Thomas Huth (1): s390x/css: Clean up unnecessary CONFIG_USER_ONLY wrappers MAINTAINERS |2 + default-configs/s390x-softmmu.mak |1 + hw/s390x/Makefile.objs|1 + hw/s390x/css.c|5 + hw/s390x/css.h|1 + hw/s390x/s390-pci-bus.c | 591 +++ hw/s390x/s390-pci-bus.h | 251 hw/s390x/s390-pci-inst.c | 811 + hw/s390x/s390-pci-inst.h | 288 + hw/s390x/s390-virtio-ccw.c|9 +- hw/s390x/sclp.c | 10 +- include/hw/s390x/sclp.h |8 + include/sysemu/kvm.h |4 + kvm-all.c |7 + target-arm/kvm.c |6 + target-i386/kvm.c |6 + target-mips/kvm.c |6 + target-ppc/kvm.c |6 + target-s390x/cpu.h| 81 target-s390x/ioinst.c | 52 +++ target-s390x/ioinst.h |1 + target-s390x/kvm.c| 273 +++-- 22 files changed, 2305 insertions(+), 115 deletions(-) create mode 100644 hw/s390x/s390-pci-bus.c create mode 100644 hw/s390x/s390-pci-bus.h create mode 100644 hw/s390x/s390-pci-inst.c create mode 100644 hw/s390x/s390-pci-inst.h -- 1.7.9.5
[Qemu-devel] [PULL 1/4] net: remove all cleanup methods from NIC NetClientInfos
From: Paolo Bonzini pbonz...@redhat.com
All NICs have a cleanup function that, in most cases, zeroes the pointer
to the NICState. In some cases, it frees data belonging to the NIC.
However, this function is never called except when exiting from QEMU.
It is not necessary to NULL pointers and free data here; the right place
to do that would be in the device's unrealize function, after calling
qemu_del_nic. Zeroing the NIC multiple times is also wrong for multiqueue
devices.
This cleanup function gets in the way of making the NetClientStates for
the NIC hold an object_ref reference to the object, so get rid of it.
Signed-off-by: Paolo Bonzini pbonz...@redhat.com
Signed-off-by: Stefan Hajnoczi stefa...@redhat.com
---
hw/net/allwinner_emac.c | 8
hw/net/cadence_gem.c| 9 -
hw/net/dp8393x.c| 11 ---
hw/net/e1000.c | 9 -
hw/net/eepro100.c | 8
hw/net/etraxfs_eth.c| 13 -
hw/net/fsl_etsec/etsec.c| 6 --
hw/net/lan9118.c| 8
hw/net/lance.c | 8
hw/net/mcf_fec.c| 8
hw/net/milkymist-minimac2.c | 8
hw/net/mipsnet.c| 8
hw/net/ne2000-isa.c | 8
hw/net/ne2000.c | 8
hw/net/opencores_eth.c | 5 -
hw/net/pcnet-pci.c | 8
hw/net/pcnet.c | 5 -
hw/net/pcnet.h | 1 -
hw/net/rtl8139.c| 8
hw/net/smc91c111.c | 8
hw/net/spapr_llan.c | 8
hw/net/stellaris_enet.c | 8
hw/net/virtio-net.c | 8
hw/net/vmxnet3.c| 7 ---
hw/net/xgmac.c | 8
hw/net/xilinx_axienet.c | 9 -
hw/net/xilinx_ethlite.c | 8
27 files changed, 211 deletions(-)
diff --git a/hw/net/allwinner_emac.c b/hw/net/allwinner_emac.c
index d780ba0..0407dee 100644
--- a/hw/net/allwinner_emac.c
+++ b/hw/net/allwinner_emac.c
@@ -218,13 +218,6 @@ static ssize_t aw_emac_receive(NetClientState *nc, const
uint8_t *buf,
return size;
}
-static void aw_emac_cleanup(NetClientState *nc)
-{
-AwEmacState *s = qemu_get_nic_opaque(nc);
-
-s-nic = NULL;
-}
-
static void aw_emac_reset(DeviceState *dev)
{
AwEmacState *s = AW_EMAC(dev);
@@ -433,7 +426,6 @@ static NetClientInfo net_aw_emac_info = {
.size = sizeof(NICState),
.can_receive = aw_emac_can_receive,
.receive = aw_emac_receive,
-.cleanup = aw_emac_cleanup,
.link_status_changed = aw_emac_set_link,
};
diff --git a/hw/net/cadence_gem.c b/hw/net/cadence_gem.c
index de26609..55b6293 100644
--- a/hw/net/cadence_gem.c
+++ b/hw/net/cadence_gem.c
@@ -1209,14 +1209,6 @@ static const MemoryRegionOps gem_ops = {
.endianness = DEVICE_LITTLE_ENDIAN,
};
-static void gem_cleanup(NetClientState *nc)
-{
-GemState *s = qemu_get_nic_opaque(nc);
-
-DB_PRINT(\n);
-s-nic = NULL;
-}
-
static void gem_set_link(NetClientState *nc)
{
DB_PRINT(\n);
@@ -1228,7 +1220,6 @@ static NetClientInfo net_gem_info = {
.size = sizeof(NICState),
.can_receive = gem_can_receive,
.receive = gem_receive,
-.cleanup = gem_cleanup,
.link_status_changed = gem_set_link,
};
diff --git a/hw/net/dp8393x.c b/hw/net/dp8393x.c
index 7eab7ad..7ce13d2 100644
--- a/hw/net/dp8393x.c
+++ b/hw/net/dp8393x.c
@@ -859,22 +859,11 @@ static void nic_reset(void *opaque)
dp8393x_update_irq(s);
}
-static void nic_cleanup(NetClientState *nc)
-{
-dp8393xState *s = qemu_get_nic_opaque(nc);
-
-timer_del(s-watchdog);
-timer_free(s-watchdog);
-
-g_free(s);
-}
-
static NetClientInfo net_dp83932_info = {
.type = NET_CLIENT_OPTIONS_KIND_NIC,
.size = sizeof(NICState),
.can_receive = nic_can_receive,
.receive = nic_receive,
-.cleanup = nic_cleanup,
};
void dp83932_init(NICInfo *nd, hwaddr base, int it_shift,
diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index 89c5788..a207e21 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -1503,14 +1503,6 @@ e1000_mmio_setup(E1000State *d)
}
static void
-e1000_cleanup(NetClientState *nc)
-{
-E1000State *s = qemu_get_nic_opaque(nc);
-
-s-nic = NULL;
-}
-
-static void
pci_e1000_uninit(PCIDevice *dev)
{
E1000State *d = E1000(dev);
@@ -1528,7 +1520,6 @@ static NetClientInfo net_e1000_info = {
.can_receive = e1000_can_receive,
.receive = e1000_receive,
.receive_iov = e1000_receive_iov,
-.cleanup = e1000_cleanup,
.link_status_changed = e1000_set_link_status,
};
diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c
index 4877bfd..7a4f9f8 100644
--- a/hw/net/eepro100.c
+++ b/hw/net/eepro100.c
@@ -1832,13 +1832,6 @@ static const VMStateDescription vmstate_eepro100 = {
}
};
-static void nic_cleanup(NetClientState *nc)
-{
-EEPRO100State *s = qemu_get_nic_opaque(nc);
-
-s-nic = NULL;
-}
-
Re: [Qemu-devel] [PATCH 0/3] buildsys: Fix and enable module build
On 12/01/2015 05:43, Fam Zheng wrote: The first patch fixes the module build: it doesn't fail but it links all the module objects into executables. The second patch enables modules by default. The last patch adds a non-module build in travis config. Fam Zheng (3): rules.mak: Fix module build configure: Default to enable module build .travis.yml: Add --disable-modules .travis.yml | 3 ++ configure | 96 ++--- rules.mak | 23 --- 3 files changed, 82 insertions(+), 40 deletions(-) Applied patch 1 for now. The change to default to enable modules will be in a separate pull request. Paolo
[Qemu-devel] [PULL 2/4] hw/net/xen_nic.c: Free 'netdev-txs' when map 'netdev-rxs' fails
From: Chen Gang gang.chen.5...@gmail.com
When map 'netdev-rxs' fails, need free the original resource, or will
cause resource leak.
Signed-off-by: Chen Gang gang.chen.5...@gmail.com
Signed-off-by: Stefan Hajnoczi stefa...@redhat.com
---
hw/net/xen_nic.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/hw/net/xen_nic.c b/hw/net/xen_nic.c
index 63918ae..7a57feb 100644
--- a/hw/net/xen_nic.c
+++ b/hw/net/xen_nic.c
@@ -370,11 +370,16 @@ static int net_connect(struct XenDevice *xendev)
netdev-xendev.dom,
netdev-tx_ring_ref,
PROT_READ | PROT_WRITE);
+if (!netdev-txs) {
+return -1;
+}
netdev-rxs = xc_gnttab_map_grant_ref(netdev-xendev.gnttabdev,
netdev-xendev.dom,
netdev-rx_ring_ref,
PROT_READ | PROT_WRITE);
-if (!netdev-txs || !netdev-rxs) {
+if (!netdev-rxs) {
+xc_gnttab_munmap(netdev-xendev.gnttabdev, netdev-txs, 1);
+netdev-txs = NULL;
return -1;
}
BACK_RING_INIT(netdev-tx_ring, netdev-txs, XC_PAGE_SIZE);
--
2.1.0
[Qemu-devel] [RFC PATCH v7 01/21] i386: partial revert of interrupt poll fix
Processing CPU_INTERRUPT_POLL requests in cpu_has_work functions
break the determinism of cpu_exec. This patch is required to make
interrupts processing deterministic.
Signed-off-by: Paolo Bonzini pbonz...@redhat.com
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
cpu-exec.c|6 ++
target-i386/cpu.c | 10 ++
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/cpu-exec.c b/cpu-exec.c
index a4f0eff..0a485bb 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -338,6 +338,12 @@ int cpu_exec(CPUArchState *env)
volatile bool have_tb_lock = false;
if (cpu-halted) {
+#ifdef TARGET_I386
+if (cpu-interrupt_request CPU_INTERRUPT_POLL) {
+apic_poll_irq(x86_cpu-apic_state);
+cpu_reset_interrupt(cpu, CPU_INTERRUPT_POLL);
+}
+#endif
if (!cpu_has_work(cpu)) {
return EXCP_HALTED;
}
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index b81ac5c..8f1f7aa 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -2970,14 +2970,8 @@ static bool x86_cpu_has_work(CPUState *cs)
X86CPU *cpu = X86_CPU(cs);
CPUX86State *env = cpu-env;
-#if !defined(CONFIG_USER_ONLY)
-if (cs-interrupt_request CPU_INTERRUPT_POLL) {
-apic_poll_irq(cpu-apic_state);
-cpu_reset_interrupt(cs, CPU_INTERRUPT_POLL);
-}
-#endif
-
-return ((cs-interrupt_request CPU_INTERRUPT_HARD)
+return ((cs-interrupt_request (CPU_INTERRUPT_HARD |
+ CPU_INTERRUPT_POLL))
(env-eflags IF_MASK)) ||
(cs-interrupt_request (CPU_INTERRUPT_NMI |
CPU_INTERRUPT_INIT |
Re: [Qemu-devel] [PATCH 1/1] ich9: add disable_s3, disable_s4, s4_val properties
On (Mon) 12 Jan 2015 [13:51:00], Marcel Apfelbaum wrote: On 01/12/2015 12:55 PM, Amit Shah wrote: On (Mon) 12 Jan 2015 [12:26:08], Marcel Apfelbaum wrote: On 12/16/2014 01:23 PM, Amit Shah wrote: PIIX4 has disable_s3 and disable_s4 properties to enable or disable PM functions. Add such properties to the ICH9 chipset as well for the Q35 machine type. S3 / S4 are not guaranteed to always work (needs work in the guest as well as QEMU for things to work properly), and disabling advertising of these features ensures guests don't go into zombie state if something isn't working right. The defaults are kept the same as in PIIX4: both S3 and S4 are enabled by default. These can be disabled via the cmdline: ... -global ICH9-LPC,disable_s3=1 -global ICH9-LPC,disable_s4=1 ^^^ ^^^ Should be -global ICH9-LPC.disable_s3=1 -global ICH9-LPC.disable_s4=1 Indeed, thanks. Hi Amit, thanks for answering my prev question. I have one more:) I didn't see how the properties are connected to the ACPI mechanism. I finally found it, acpi_get_pm_info in hw/i386/acpi-build.c access the object's properties for both pc/q35. [discussed off-list] Last thing that is missing is: - in ich9_pm_init we have acpi_pm1_cnt_init(pm-acpi_regs, pm-io, 2); - while in piix4_pm_initfn we have acpi_pm1_cnt_init(s-ar, s-io, s-s4_val); So ich9_pm_init can override the actual object property value, better if we update it accordingly. Thanks, v2 sent. Amit
[Qemu-devel] [RFC PATCH v7 20/21] replay: command line options
This patch introduces command line options for enabling recording or replaying
virtual machine behavior. -record option starts recording of the execution
and saves it into the log, specified with fname parameter. -replay option
is intended for replaying previously saved log.
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
cpus.c |3 +-
qemu-options.hx | 27 +++
vl.c| 79 ++-
3 files changed, 106 insertions(+), 3 deletions(-)
diff --git a/cpus.c b/cpus.c
index 907a4bb..3442af2 100644
--- a/cpus.c
+++ b/cpus.c
@@ -912,9 +912,10 @@ static void qemu_wait_io_event_common(CPUState *cpu)
static void qemu_tcg_wait_io_event(void)
{
CPUState *cpu;
+GMainContext *context = g_main_context_default();
while (all_cpu_threads_idle()) {
- /* Start accounting real time to the virtual clock if the CPUs
+/* Start accounting real time to the virtual clock if the CPUs
are idle. */
qemu_clock_warp(QEMU_CLOCK_VIRTUAL);
qemu_cond_wait(tcg_halt_cond, qemu_global_mutex);
diff --git a/qemu-options.hx b/qemu-options.hx
index 10b9568..9d28bbb 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -3395,6 +3395,33 @@ Dump json-encoded vmstate information for current
machine type to file
in @var{file}
ETEXI
+DEF(record, HAS_ARG, QEMU_OPTION_record,
+-record fname=filename[,suffix=suffix,snapshot=on/off]\n
+writes replay file for latter replaying\n,
+QEMU_ARCH_ALL)
+STEXI
+@item -record fname=@var{file}[,suffix=@var{suffix},snapshot=@var{snapshot}]
+Writes compact execution trace into @var{file}.
+Changes for disk images are written
+into separate files with @var{suffix} added. If no @var{suffix} is
+specified, replay_qcow is used as suffix.
+If @var{snapshot} parameter is set as off, then original disk image will be
+modified. Default value is on.
+ETEXI
+
+DEF(replay, HAS_ARG, QEMU_OPTION_replay,
+-replay fname=filename[,suffix=suffix,snapshot=on/off]\n
+plays saved replay file\n, QEMU_ARCH_ALL)
+STEXI
+@item -replay
fname=@var{filename}[,suffix=@var{suffix},snapshot=@var{snapshot}]
+Plays compact execution trace from @var{filename}.
+Changes for disk images and VM states are read
+from separate files with @var{suffix} added. If no @var{suffix} is
+specified, replay_qcow is used as suffix.
+If @var{snapshot} parameter is set as off, then original disk image will be
+modified. Default value is on.
+ETEXI
+
HXCOMM This is the last statement. Insert new options before this line!
STEXI
@end table
diff --git a/vl.c b/vl.c
index 8b1b793..b996908 100644
--- a/vl.c
+++ b/vl.c
@@ -496,6 +496,42 @@ static QemuOptsList qemu_semihosting_config_opts = {
},
};
+static QemuOptsList qemu_record_opts = {
+.name = record,
+.head = QTAILQ_HEAD_INITIALIZER(qemu_record_opts.head),
+.desc = {
+{
+.name = fname,
+.type = QEMU_OPT_STRING,
+},{
+.name = suffix,
+.type = QEMU_OPT_STRING,
+},{
+.name = snapshot,
+.type = QEMU_OPT_BOOL,
+},
+{ /* end of list */ }
+},
+};
+
+static QemuOptsList qemu_replay_opts = {
+.name = replay,
+.head = QTAILQ_HEAD_INITIALIZER(qemu_replay_opts.head),
+.desc = {
+{
+.name = fname,
+.type = QEMU_OPT_STRING,
+},{
+.name = suffix,
+.type = QEMU_OPT_STRING,
+},{
+.name = snapshot,
+.type = QEMU_OPT_BOOL,
+},
+{ /* end of list */ }
+},
+};
+
/**
* Get machine options
*
@@ -2665,7 +2701,9 @@ out:
int main(int argc, char **argv, char **envp)
{
int i;
-int snapshot, linux_boot;
+int snapshot, linux_boot, replay_snapshot;
+int not_compatible_replay_param = 0;
+const char *icount_option = NULL;
const char *initrd_filename;
const char *kernel_filename, *kernel_cmdline;
const char *boot_order;
@@ -2739,6 +2777,8 @@ int main(int argc, char **argv, char **envp)
qemu_add_opts(qemu_numa_opts);
qemu_add_opts(qemu_icount_opts);
qemu_add_opts(qemu_semihosting_config_opts);
+qemu_add_opts(qemu_replay_opts);
+qemu_add_opts(qemu_record_opts);
runstate_init();
@@ -2752,6 +2792,7 @@ int main(int argc, char **argv, char **envp)
cpu_model = NULL;
ram_size = default_ram_size;
snapshot = 0;
+replay_snapshot = 1;
cyls = heads = secs = 0;
translation = BIOS_ATA_TRANSLATION_AUTO;
@@ -2869,6 +2910,7 @@ int main(int argc, char **argv, char **envp)
break;
case QEMU_OPTION_pflash:
drive_add(IF_PFLASH, -1, optarg, PFLASH_OPTS);
+not_compatible_replay_param++;
break;
case QEMU_OPTION_snapshot:
snapshot = 1;
@@ -3025,6 +3067,7 @@ int main(int argc, char **argv,
[Qemu-devel] [RFC PATCH v7 21/21] replay: recording of the user input
This records user input (keyboard and mouse events) in record mode and replays
these input events in replay mode.
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
include/ui/input.h |2 +
replay/Makefile.objs |1
replay/replay-events.c | 48
replay/replay-input.c| 108 ++
replay/replay-internal.h | 11 -
replay/replay.h |5 ++
ui/input.c | 80 ++
7 files changed, 235 insertions(+), 20 deletions(-)
create mode 100755 replay/replay-input.c
diff --git a/include/ui/input.h b/include/ui/input.h
index 5d5ac00..d06a12d 100644
--- a/include/ui/input.h
+++ b/include/ui/input.h
@@ -33,7 +33,9 @@ void qemu_input_handler_bind(QemuInputHandlerState *s,
const char *device_id, int head,
Error **errp);
void qemu_input_event_send(QemuConsole *src, InputEvent *evt);
+void qemu_input_event_send_impl(QemuConsole *src, InputEvent *evt);
void qemu_input_event_sync(void);
+void qemu_input_event_sync_impl(void);
InputEvent *qemu_input_event_new_key(KeyValue *key, bool down);
void qemu_input_event_send_key(QemuConsole *src, KeyValue *key, bool down);
diff --git a/replay/Makefile.objs b/replay/Makefile.objs
index 257c320..3936296 100755
--- a/replay/Makefile.objs
+++ b/replay/Makefile.objs
@@ -2,3 +2,4 @@ obj-y += replay.o
obj-y += replay-internal.o
obj-y += replay-events.o
obj-y += replay-time.o
+obj-y += replay-input.o
diff --git a/replay/replay-events.c b/replay/replay-events.c
index 4da5de0..308186b 100755
--- a/replay/replay-events.c
+++ b/replay/replay-events.c
@@ -13,6 +13,7 @@
#include replay.h
#include replay-internal.h
#include block/thread-pool.h
+#include ui/input.h
typedef struct Event {
int event_kind;
@@ -43,6 +44,16 @@ static void replay_run_event(Event *event)
case REPLAY_ASYNC_EVENT_THREAD:
thread_pool_work((ThreadPool *)event-opaque, event-opaque2);
break;
+case REPLAY_ASYNC_EVENT_INPUT:
+qemu_input_event_send_impl(NULL, (InputEvent *)event-opaque);
+/* Using local variables, when replaying. Do not free them. */
+if (replay_mode == REPLAY_MODE_RECORD) {
+qapi_free_InputEvent((InputEvent *)event-opaque);
+}
+break;
+case REPLAY_ASYNC_EVENT_INPUT_SYNC:
+qemu_input_event_sync_impl();
+break;
default:
fprintf(stderr, Replay: invalid async event ID (%d) in the queue\n,
event-event_kind);
@@ -136,6 +147,16 @@ void replay_add_thread_event(void *opaque, void *opaque2,
uint64_t id)
replay_add_event_internal(REPLAY_ASYNC_EVENT_THREAD, opaque, opaque2, id);
}
+void replay_add_input_event(struct InputEvent *event)
+{
+replay_add_event_internal(REPLAY_ASYNC_EVENT_INPUT, event, NULL, 0);
+}
+
+void replay_add_input_sync_event(void)
+{
+replay_add_event_internal(REPLAY_ASYNC_EVENT_INPUT_SYNC, NULL, NULL, 0);
+}
+
void replay_save_events(int opt)
{
qemu_mutex_lock(lock);
@@ -153,6 +174,9 @@ void replay_save_events(int opt)
case REPLAY_ASYNC_EVENT_THREAD:
replay_put_qword(event-id);
break;
+case REPLAY_ASYNC_EVENT_INPUT:
+replay_save_input_event(event-opaque);
+break;
}
}
@@ -178,6 +202,7 @@ void replay_read_events(int opt)
break;
}
/* Execute some events without searching them in the queue */
+Event e;
switch (read_event_kind) {
case REPLAY_ASYNC_EVENT_BH:
case REPLAY_ASYNC_EVENT_THREAD:
@@ -185,6 +210,29 @@ void replay_read_events(int opt)
read_id = replay_get_qword();
}
break;
+case REPLAY_ASYNC_EVENT_INPUT:
+e.event_kind = read_event_kind;
+e.opaque = replay_read_input_event();
+
+replay_run_event(e);
+
+replay_has_unread_data = 0;
+read_event_kind = -1;
+read_opt = -1;
+replay_fetch_data_kind();
+/* continue with the next event */
+continue;
+case REPLAY_ASYNC_EVENT_INPUT_SYNC:
+e.event_kind = read_event_kind;
+e.opaque = 0;
+replay_run_event(e);
+
+replay_has_unread_data = 0;
+read_event_kind = -1;
+read_opt = -1;
+replay_fetch_data_kind();
+/* continue with the next event */
+continue;
default:
fprintf(stderr, Unknown ID %d of replay event\n,
read_event_kind);
exit(1);
diff --git a/replay/replay-input.c b/replay/replay-input.c
new file mode 100755
index 000..f5d1482
--- /dev/null
+++ b/replay/replay-input.c
@@ -0,0 +1,108 @@
+/*
+ * replay-input.c
+ *
+ * Copyright (c) 2010-2014 Institute for System Programming
+ *
[Qemu-devel] [RFC PATCH v7 12/21] replay: recording and replaying clock ticks
Clock ticks are considered as the sources of non-deterministic data for
virtual machine. This patch implements saving the clock values when they
are acquired (virtual, host clock, rdtsc, and some other timers).
When replaying the execution corresponding values are read from log and
transfered to the module, which wants to read the values.
Such a design required the clock polling to be synchronized. Sometimes
it is not true - e.g. when timeouts for timer lists are checked. In this case
we use a cached value of the clock, passing it to the client code.
Signed-off-by: Pavel Dovgalyuk pavel.dovga...@ispras.ru
---
cpus.c |3 +-
include/qemu/timer.h | 10 ++
qemu-timer.c |7 ++--
replay/Makefile.objs |1 +
replay/replay-internal.h | 11 ++
replay/replay-time.c | 79 ++
replay/replay.h | 23 +
stubs/replay.c |9 +
8 files changed, 139 insertions(+), 4 deletions(-)
create mode 100755 replay/replay-time.c
diff --git a/cpus.c b/cpus.c
index 8787277..01d89aa 100644
--- a/cpus.c
+++ b/cpus.c
@@ -353,7 +353,8 @@ static void icount_warp_rt(void *opaque)
seqlock_write_lock(timers_state.vm_clock_seqlock);
if (runstate_is_running()) {
-int64_t clock = cpu_get_clock_locked();
+int64_t clock = REPLAY_CLOCK(REPLAY_CLOCK_VIRTUAL_RT,
+ cpu_get_clock_locked());
int64_t warp_delta;
warp_delta = clock - vm_clock_warp_start;
diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index d9df094..a8bc9eb 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -4,6 +4,7 @@
#include qemu/typedefs.h
#include qemu-common.h
#include qemu/notify.h
+#include replay/replay.h
/* timers */
@@ -760,6 +761,8 @@ int64_t cpu_icount_to_ns(int64_t icount);
/***/
/* host CPU ticks (if available) */
+#define cpu_get_real_ticks cpu_get_real_ticks_impl
+
#if defined(_ARCH_PPC)
static inline int64_t cpu_get_real_ticks(void)
@@ -913,6 +916,13 @@ static inline int64_t cpu_get_real_ticks (void)
}
#endif
+#undef cpu_get_real_ticks
+
+static inline int64_t cpu_get_real_ticks(void)
+{
+return REPLAY_CLOCK(REPLAY_CLOCK_REAL_TICKS, cpu_get_real_ticks_impl());
+}
+
#ifdef CONFIG_PROFILER
static inline int64_t profile_getclock(void)
{
diff --git a/qemu-timer.c b/qemu-timer.c
index cb7d988..19b82f6 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -25,6 +25,7 @@
#include sysemu/sysemu.h
#include monitor/monitor.h
#include ui/console.h
+#include replay/replay.h
#include hw/hw.h
@@ -566,15 +567,15 @@ int64_t qemu_clock_get_ns(QEMUClockType type)
return cpu_get_clock();
}
case QEMU_CLOCK_HOST:
-now = get_clock_realtime();
+now = REPLAY_CLOCK(REPLAY_CLOCK_HOST, get_clock_realtime());
last = clock-last;
clock-last = now;
-if (now last) {
+if (now last replay_mode == REPLAY_MODE_NONE) {
notifier_list_notify(clock-reset_notifiers, now);
}
return now;
case QEMU_CLOCK_VIRTUAL_RT:
-return cpu_get_clock();
+return REPLAY_CLOCK(REPLAY_CLOCK_VIRTUAL_RT, cpu_get_clock());
}
}
diff --git a/replay/Makefile.objs b/replay/Makefile.objs
index 56da09c..257c320 100755
--- a/replay/Makefile.objs
+++ b/replay/Makefile.objs
@@ -1,3 +1,4 @@
obj-y += replay.o
obj-y += replay-internal.o
obj-y += replay-events.o
+obj-y += replay-time.o
diff --git a/replay/replay-internal.h b/replay/replay-internal.h
index fcba977..c36d7de 100755
--- a/replay/replay-internal.h
+++ b/replay/replay-internal.h
@@ -22,12 +22,17 @@
#define EVENT_ASYNC_OPT 25
/* for instruction event */
#define EVENT_INSTRUCTION 32
+/* for clock read/writes */
+#define EVENT_CLOCK 64
+/* some of grteater codes are reserved for clocks */
/* Asynchronous events IDs */
#define REPLAY_ASYNC_COUNT 0
typedef struct ReplayState {
+/*! Cached clock values. */
+int64_t cached_clock[REPLAY_CLOCK_COUNT];
/*! Current step - number of processed instructions and timer events. */
uint64_t current_step;
/*! Number of instructions to be executed before other events happen. */
@@ -75,6 +80,12 @@ bool skip_async_events(int stop_event);
reports an error and stops the execution. */
void skip_async_events_until(unsigned int kind);
+/*! Reads next clock value from the file.
+If clock kind read from the file is different from the parameter,
+the value is not used.
+If the parameter is -1, the clock value is read to the cache anyway. */
+void replay_read_next_clock(unsigned int kind);
+
/* Asynchronous events queue */
/*! Initializes events' processing internals */
diff --git a/replay/replay-time.c b/replay/replay-time.c
new file mode 100755
index 000..3f94f4e
--- /dev/null
+++
Re: [Qemu-devel] [RFC PATCH v7 20/21] replay: command line options
On 12/01/2015 13:01, Pavel Dovgalyuk wrote: This patch introduces command line options for enabling recording or replaying virtual machine behavior. -record option starts recording of the execution and saves it into the log, specified with fname parameter. -replay option is intended for replaying previously saved log. What about just using -icount, since it requires that? Paolo
