[Qemu-devel] [PATCH 14/21] qemu-char: convert braille backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 backends/baum.c   | 13 -
 include/sysemu/char.h |  3 ---
 qemu-char.c   |  4 +---
 stubs/Makefile.objs   |  1 -
 stubs/chr-baum-init.c |  7 ---
 5 files changed, 9 insertions(+), 19 deletions(-)
 delete mode 100644 stubs/chr-baum-init.c

diff --git a/backends/baum.c b/backends/baum.c
index e86a019..281be30 100644
--- a/backends/baum.c
+++ b/backends/baum.c
@@ -561,7 +561,10 @@ static void baum_close(struct CharDriverState *chr)
 g_free(baum);
 }
 
-CharDriverState *chr_baum_init(void)
+static CharDriverState *chr_baum_init(const char *id,
+  ChardevBackend *backend,
+  ChardevReturn *ret,
+  Error **errp)
 {
 BaumDriverState *baum;
 CharDriverState *chr;
@@ -586,14 +589,14 @@ CharDriverState *chr_baum_init(void)
 
 baum->brlapi_fd = brlapi__openConnection(handle, NULL, NULL);
 if (baum->brlapi_fd == -1) {
-brlapi_perror("baum_init: brlapi_openConnection");
+error_setg(errp, "baum_init: brlapi_openConnection");
 goto fail_handle;
 }
 
 baum->cellCount_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 
baum_cellCount_timer_cb, baum);
 
 if (brlapi__getDisplaySize(handle, >x, >y) == -1) {
-brlapi_perror("baum_init: brlapi_getDisplaySize");
+error_setg(errp, "baum_init: brlapi_getDisplaySize");
 goto fail;
 }
 
@@ -609,7 +612,7 @@ CharDriverState *chr_baum_init(void)
 tty = BRLAPI_TTY_DEFAULT;
 
 if (brlapi__enterTtyMode(handle, tty, NULL) == -1) {
-brlapi_perror("baum_init: brlapi_enterTtyMode");
+error_setg(errp, "baum_init: brlapi_enterTtyMode");
 goto fail;
 }
 
@@ -630,7 +633,7 @@ fail_handle:
 static void register_types(void)
 {
 register_char_driver("braille", CHARDEV_BACKEND_KIND_BRAILLE, NULL,
- NULL);
+ chr_baum_init);
 }
 
 type_init(register_types);
diff --git a/include/sysemu/char.h b/include/sysemu/char.h
index 2fe8275..77415ec 100644
--- a/include/sysemu/char.h
+++ b/include/sysemu/char.h
@@ -359,9 +359,6 @@ CharDriverState *qemu_char_get_next_serial(void);
 /* testdev.c */
 CharDriverState *chr_testdev_init(void);
 
-/* baum.c */
-CharDriverState *chr_baum_init(void);
-
 /* console.c */
 typedef CharDriverState *(VcHandler)(ChardevVC *vc);
 
diff --git a/qemu-char.c b/qemu-char.c
index 8425891..96f40f3 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4323,11 +4323,9 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 case CHARDEV_BACKEND_KIND_MSMOUSE:
 abort();
 break;
-#ifdef CONFIG_BRLAPI
 case CHARDEV_BACKEND_KIND_BRAILLE:
-chr = chr_baum_init();
+abort();
 break;
-#endif
 case CHARDEV_BACKEND_KIND_TESTDEV:
 chr = chr_testdev_init();
 break;
diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 63988ca..8cfa5a2 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -1,6 +1,5 @@
 stub-obj-y += arch-query-cpu-def.o
 stub-obj-y += bdrv-commit-all.o
-stub-obj-y += chr-baum-init.o
 stub-obj-y += chr-testdev.o
 stub-obj-y += clock-warp.o
 stub-obj-y += cpu-get-clock.o
diff --git a/stubs/chr-baum-init.c b/stubs/chr-baum-init.c
deleted file mode 100644
index f5cc6ce..000
--- a/stubs/chr-baum-init.c
+++ /dev/null
@@ -1,7 +0,0 @@
-#include "qemu-common.h"
-#include "sysemu/char.h"
-
-CharDriverState *chr_baum_init(void)
-{
-return NULL;
-}
-- 
2.5.0

[Qemu-devel] [PATCH 06/21] qemu-char: convert parallel backend to data-driven creation

[Paolo Bonzini]

Conversion to Error * brings better error messages; before:

qemu-system-x86_64: -chardev id=serial,backend=parallel,path=vl.c: Failed 
to create chardev

After:

qemu-system-x86_64: -chardev id=serial,backend=parallel,path=vl.c: not a 
parallel port: Inappropriate ioctl for device

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 28 ++--
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 8567580..84cb8d0 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1753,13 +1753,14 @@ static void pp_close(CharDriverState *chr)
 qemu_chr_be_event(chr, CHR_EVENT_CLOSED);
 }
 
-static CharDriverState *qemu_chr_open_pp_fd(int fd)
+static CharDriverState *qemu_chr_open_pp_fd(int fd, Error **errp)
 {
 CharDriverState *chr;
 ParallelCharDriver *drv;
 
 if (ioctl(fd, PPCLAIM) < 0) {
 close(fd);
+error_setg_errno(errp, errno, "not a parallel port");
 return NULL;
 }
 
@@ -1818,7 +1819,7 @@ static int pp_ioctl(CharDriverState *chr, int cmd, void 
*arg)
 return 0;
 }
 
-static CharDriverState *qemu_chr_open_pp_fd(int fd)
+static CharDriverState *qemu_chr_open_pp_fd(int fd, Error **errp)
 {
 CharDriverState *chr;
 
@@ -3481,6 +3482,7 @@ static void qemu_chr_parse_serial(QemuOpts *opts, 
ChardevBackend *backend,
 }
 #endif
 
+#ifdef HAVE_CHARDEV_PARPORT
 static void qemu_chr_parse_parallel(QemuOpts *opts, ChardevBackend *backend,
 Error **errp)
 {
@@ -3493,6 +3495,7 @@ static void qemu_chr_parse_parallel(QemuOpts *opts, 
ChardevBackend *backend,
 backend->parallel = g_new0(ChardevHostdev, 1);
 backend->parallel->device = g_strdup(device);
 }
+#endif
 
 static void qemu_chr_parse_pipe(QemuOpts *opts, ChardevBackend *backend,
 Error **errp)
@@ -4044,7 +4047,9 @@ static CharDriverState *qmp_chardev_open_serial(const 
char *id,
 return qemu_chr_open_win_path(serial->device, errp);
 }
 
-static CharDriverState *qmp_chardev_open_parallel(ChardevHostdev *parallel,
+static CharDriverState *qmp_chardev_open_parallel(const char *id,
+  ChardevBackend *backend,
+  ChardevReturn *ret,
   Error **errp)
 {
 error_setg(errp, "character device backend type 'parallel' not supported");
@@ -4110,16 +4115,19 @@ static CharDriverState *qmp_chardev_open_serial(const 
char *id,
 #endif
 
 #ifdef HAVE_CHARDEV_PARPORT
-static CharDriverState *qmp_chardev_open_parallel(ChardevHostdev *parallel,
+static CharDriverState *qmp_chardev_open_parallel(const char *id,
+  ChardevBackend *backend,
+  ChardevReturn *ret,
   Error **errp)
 {
+ChardevHostdev *parallel = backend->parallel;
 int fd;
 
 fd = qmp_chardev_open_file_source(parallel->device, O_RDWR, errp);
 if (fd < 0) {
 return NULL;
 }
-return qemu_chr_open_pp_fd(fd);
+return qemu_chr_open_pp_fd(fd, errp);
 }
 #endif
 
@@ -4265,11 +4273,9 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 case CHARDEV_BACKEND_KIND_SERIAL:
 abort();
 break;
-#ifdef HAVE_CHARDEV_PARPORT
 case CHARDEV_BACKEND_KIND_PARALLEL:
-chr = qmp_chardev_open_parallel(backend->parallel, _err);
+abort();
 break;
-#endif
 case CHARDEV_BACKEND_KIND_PIPE:
 chr = qemu_chr_open_pipe(backend->pipe);
 break;
@@ -4405,10 +4411,12 @@ static void register_types(void)
 register_char_driver("tty", CHARDEV_BACKEND_KIND_SERIAL,
  qemu_chr_parse_serial, qmp_chardev_open_serial);
 #endif
+#ifdef HAVE_CHARDEV_PARPORT
 register_char_driver("parallel", CHARDEV_BACKEND_KIND_PARALLEL,
- qemu_chr_parse_parallel, NULL);
+ qemu_chr_parse_parallel, qmp_chardev_open_parallel);
 register_char_driver("parport", CHARDEV_BACKEND_KIND_PARALLEL,
- qemu_chr_parse_parallel, NULL);
+ qemu_chr_parse_parallel, qmp_chardev_open_parallel);
+#endif
 register_char_driver("pty", CHARDEV_BACKEND_KIND_PTY, NULL,
  NULL);
 register_char_driver("console", CHARDEV_BACKEND_KIND_CONSOLE, NULL,
-- 
2.5.0

[Qemu-devel] [PATCH 07/21] qemu-char: convert pipe backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 37 +
 1 file changed, 21 insertions(+), 16 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 84cb8d0..3545cd8 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1078,18 +1078,17 @@ static CharDriverState *qemu_chr_open_fd(int fd_in, int 
fd_out)
 return chr;
 }
 
-static CharDriverState *qemu_chr_open_pipe(ChardevHostdev *opts)
+static CharDriverState *qemu_chr_open_pipe(const char *id,
+   ChardevBackend *backend,
+   ChardevReturn *ret,
+   Error **errp)
 {
+ChardevHostdev *opts = backend->pipe;
 int fd_in, fd_out;
 char filename_in[CHR_MAX_FILENAME_SIZE];
 char filename_out[CHR_MAX_FILENAME_SIZE];
 const char *filename = opts->device;
 
-if (filename == NULL) {
-fprintf(stderr, "chardev: pipe: no filename given\n");
-return NULL;
-}
-
 snprintf(filename_in, CHR_MAX_FILENAME_SIZE, "%s.in", filename);
 snprintf(filename_out, CHR_MAX_FILENAME_SIZE, "%s.out", filename);
 TFR(fd_in = qemu_open(filename_in, O_RDWR | O_BINARY));
@@ -1101,6 +1100,7 @@ static CharDriverState *qemu_chr_open_pipe(ChardevHostdev 
*opts)
close(fd_out);
 TFR(fd_in = fd_out = qemu_open(filename, O_RDWR | O_BINARY));
 if (fd_in < 0) {
+error_setg_file_open(errp, errno, filename);
 return NULL;
 }
 }
@@ -2084,7 +2084,8 @@ static int win_chr_pipe_poll(void *opaque)
 return 0;
 }
 
-static int win_chr_pipe_init(CharDriverState *chr, const char *filename)
+static int win_chr_pipe_init(CharDriverState *chr, const char *filename,
+ Error **errp)
 {
 WinCharState *s = chr->opaque;
 OVERLAPPED ov;
@@ -2096,12 +2097,12 @@ static int win_chr_pipe_init(CharDriverState *chr, 
const char *filename)
 
 s->hsend = CreateEvent(NULL, TRUE, FALSE, NULL);
 if (!s->hsend) {
-fprintf(stderr, "Failed CreateEvent\n");
+error_setg(errp, "Failed CreateEvent\n");
 goto fail;
 }
 s->hrecv = CreateEvent(NULL, TRUE, FALSE, NULL);
 if (!s->hrecv) {
-fprintf(stderr, "Failed CreateEvent\n");
+error_setg(errp, "Failed CreateEvent\n");
 goto fail;
 }
 
@@ -2111,7 +2112,7 @@ static int win_chr_pipe_init(CharDriverState *chr, const 
char *filename)
   PIPE_WAIT,
   MAXCONNECT, NSENDBUF, NRECVBUF, NTIMEOUT, NULL);
 if (s->hcom == INVALID_HANDLE_VALUE) {
-fprintf(stderr, "Failed CreateNamedPipe (%lu)\n", GetLastError());
+error_setg(errp, "Failed CreateNamedPipe (%lu)\n", GetLastError());
 s->hcom = NULL;
 goto fail;
 }
@@ -2120,13 +2121,13 @@ static int win_chr_pipe_init(CharDriverState *chr, 
const char *filename)
 ov.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
 ret = ConnectNamedPipe(s->hcom, );
 if (ret) {
-fprintf(stderr, "Failed ConnectNamedPipe\n");
+error_setg(errp, "Failed ConnectNamedPipe\n");
 goto fail;
 }
 
 ret = GetOverlappedResult(s->hcom, , , TRUE);
 if (!ret) {
-fprintf(stderr, "Failed GetOverlappedResult\n");
+error_setg(errp, "Failed GetOverlappedResult\n");
 if (ov.hEvent) {
 CloseHandle(ov.hEvent);
 ov.hEvent = NULL;
@@ -2147,8 +2148,12 @@ static int win_chr_pipe_init(CharDriverState *chr, const 
char *filename)
 }
 
 
-static CharDriverState *qemu_chr_open_pipe(ChardevHostdev *opts)
+static CharDriverState *qemu_chr_open_pipe(const char *id,
+   ChardevBackend *backend,
+   ChardevReturn *ret,
+   Error **errp)
 {
+ChardevHostdev *opts = backend->pipe;
 const char *filename = opts->device;
 CharDriverState *chr;
 WinCharState *s;
@@ -2159,7 +2164,7 @@ static CharDriverState *qemu_chr_open_pipe(ChardevHostdev 
*opts)
 chr->chr_write = win_chr_write;
 chr->chr_close = win_chr_close;
 
-if (win_chr_pipe_init(chr, filename) < 0) {
+if (win_chr_pipe_init(chr, filename, errp) < 0) {
 g_free(s);
 g_free(chr);
 return NULL;
@@ -4277,7 +4282,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 abort();
 break;
 case CHARDEV_BACKEND_KIND_PIPE:
-chr = qemu_chr_open_pipe(backend->pipe);
+abort();
 break;
 case CHARDEV_BACKEND_KIND_SOCKET:
 chr = qmp_chardev_open_socket(backend->socket, _err);
@@ -4422,7 +4427,7 @@ static void register_types(void)
 register_char_driver("console", CHARDEV_BACKEND_KIND_CONSOLE, NULL,
  NULL);
 register_char_driver("pipe", CHARDEV_BACKEND_KIND_PIPE,
- 

[Qemu-devel] [PATCH 3/3] qemu-gdb: add $qemu_coroutine_sp and $qemu_coroutine_pc

[Paolo Bonzini]

These can be useful to manually get a stack trace of a coroutine inside
a core dump.

Signed-off-by: Paolo Bonzini 
---
 scripts/qemu-gdb.py  |  3 +++
 scripts/qemugdb/coroutine.py | 16 
 2 files changed, 19 insertions(+)

diff --git a/scripts/qemu-gdb.py b/scripts/qemu-gdb.py
index d6f2e5a..ef2fd19 100644
--- a/scripts/qemu-gdb.py
+++ b/scripts/qemu-gdb.py
@@ -38,6 +38,9 @@ QemuCommand()
 coroutine.CoroutineCommand()
 mtree.MtreeCommand()
 
+coroutine.CoroutineSPFunction()
+coroutine.CoroutinePCFunction()
+
 # Default to silently passing through SIGUSR1, because QEMU sends it
 # to itself a lot.
 gdb.execute('handle SIGUSR1 pass noprint nostop')
diff --git a/scripts/qemugdb/coroutine.py b/scripts/qemugdb/coroutine.py
index b5c8678..ab69979 100644
--- a/scripts/qemugdb/coroutine.py
+++ b/scripts/qemugdb/coroutine.py
@@ -15,6 +15,8 @@
 
 import gdb
 
+VOID_PTR = gdb.lookup_type('void').pointer()
+
 def get_fs_base():
 '''Fetch %fs base value using arch_prctl(ARCH_GET_FS).  This is
pthread_self().'''
@@ -101,3 +103,17 @@ class CoroutineCommand(gdb.Command):
 return
 
 bt_jmpbuf(coroutine_to_jmpbuf(gdb.parse_and_eval(argv[0])))
+
+class CoroutineSPFunction(gdb.Function):
+def __init__(self):
+gdb.Function.__init__(self, 'qemu_coroutine_sp')
+
+def invoke(self, addr):
+return get_jmpbuf_regs(coroutine_to_jmpbuf(addr))['rsp'].cast(VOID_PTR)
+
+class CoroutinePCFunction(gdb.Function):
+def __init__(self):
+gdb.Function.__init__(self, 'qemu_coroutine_pc')
+
+def invoke(self, addr):
+return get_jmpbuf_regs(coroutine_to_jmpbuf(addr))['rip'].cast(VOID_PTR)
-- 
2.5.0

[Qemu-devel] [PATCH 10/21] qemu-char: convert pty backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 13 -
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 79c0c05..c36cbf0 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1390,7 +1390,9 @@ static void pty_chr_close(struct CharDriverState *chr)
 }
 
 static CharDriverState *qemu_chr_open_pty(const char *id,
-  ChardevReturn *ret)
+  ChardevBackend *backend,
+  ChardevReturn *ret,
+  Error **errp)
 {
 CharDriverState *chr;
 PtyCharDriver *s;
@@ -1399,6 +1401,7 @@ static CharDriverState *qemu_chr_open_pty(const char *id,
 
 master_fd = qemu_openpty_raw(_fd, pty_name);
 if (master_fd < 0) {
+error_setg_errno(errp, errno, "Failed to create PTY");
 return NULL;
 }
 
@@ -4296,11 +4299,9 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 case CHARDEV_BACKEND_KIND_UDP:
 abort();
 break;
-#ifdef HAVE_CHARDEV_PTY
 case CHARDEV_BACKEND_KIND_PTY:
-chr = qemu_chr_open_pty(id, ret);
+abort();
 break;
-#endif
 case CHARDEV_BACKEND_KIND_NULL:
 chr = qemu_chr_open_null();
 break;
@@ -4428,8 +4429,10 @@ static void register_types(void)
 register_char_driver("parport", CHARDEV_BACKEND_KIND_PARALLEL,
  qemu_chr_parse_parallel, qmp_chardev_open_parallel);
 #endif
+#ifdef HAVE_CHARDEV_PTY
 register_char_driver("pty", CHARDEV_BACKEND_KIND_PTY, NULL,
- NULL);
+ qemu_chr_open_pty);
+#endif
 register_char_driver("console", CHARDEV_BACKEND_KIND_CONSOLE, NULL,
  NULL);
 register_char_driver("pipe", CHARDEV_BACKEND_KIND_PIPE,
-- 
2.5.0

[Qemu-devel] [PATCH 09/21] qemu-char: convert UDP backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 9 ++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 459ed5c..79c0c05 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4232,9 +4232,12 @@ static CharDriverState *qmp_chardev_open_socket(const 
char *id,
 return chr;
 }
 
-static CharDriverState *qmp_chardev_open_udp(ChardevUdp *udp,
+static CharDriverState *qmp_chardev_open_udp(const char *id,
+ ChardevBackend *backend,
+ ChardevReturn *ret,
  Error **errp)
 {
+ChardevUdp *udp = backend->udp;
 int fd;
 
 fd = socket_dgram(udp->remote, udp->local, errp);
@@ -4291,7 +4294,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 abort();
 break;
 case CHARDEV_BACKEND_KIND_UDP:
-chr = qmp_chardev_open_udp(backend->udp, _err);
+abort();
 break;
 #ifdef HAVE_CHARDEV_PTY
 case CHARDEV_BACKEND_KIND_PTY:
@@ -4406,7 +4409,7 @@ static void register_types(void)
 register_char_driver("socket", CHARDEV_BACKEND_KIND_SOCKET,
  qemu_chr_parse_socket, qmp_chardev_open_socket);
 register_char_driver("udp", CHARDEV_BACKEND_KIND_UDP, qemu_chr_parse_udp,
- NULL);
+ qmp_chardev_open_udp);
 register_char_driver("ringbuf", CHARDEV_BACKEND_KIND_RINGBUF,
  qemu_chr_parse_ringbuf, NULL);
 register_char_driver("file", CHARDEV_BACKEND_KIND_FILE,
-- 
2.5.0

[Qemu-devel] [PATCH 20/21] qemu-char: convert ringbuf backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 11 +++
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 7ef1293..e0faeb7 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -3222,9 +3222,12 @@ static void ringbuf_chr_close(struct CharDriverState 
*chr)
 chr->opaque = NULL;
 }
 
-static CharDriverState *qemu_chr_open_ringbuf(ChardevRingbuf *opts,
+static CharDriverState *qemu_chr_open_ringbuf(const char *id,
+  ChardevBackend *backend,
+  ChardevReturn *ret,
   Error **errp)
 {
+ChardevRingbuf *opts = backend->ringbuf;
 CharDriverState *chr;
 RingBufCharDriver *d;
 
@@ -4370,7 +4373,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 break;
 case CHARDEV_BACKEND_KIND_RINGBUF:
 case CHARDEV_BACKEND_KIND_MEMORY:
-chr = qemu_chr_open_ringbuf(backend->ringbuf, _err);
+abort();
 break;
 default:
 error_setg(errp, "unknown chardev backend (%d)", backend->kind);
@@ -4436,7 +4439,7 @@ static void register_types(void)
 register_char_driver("udp", CHARDEV_BACKEND_KIND_UDP, qemu_chr_parse_udp,
  qmp_chardev_open_udp);
 register_char_driver("ringbuf", CHARDEV_BACKEND_KIND_RINGBUF,
- qemu_chr_parse_ringbuf, NULL);
+ qemu_chr_parse_ringbuf, qemu_chr_open_ringbuf);
 register_char_driver("file", CHARDEV_BACKEND_KIND_FILE,
  qemu_chr_parse_file_out, qmp_chardev_open_file);
 register_char_driver("stdio", CHARDEV_BACKEND_KIND_STDIO,
@@ -4467,7 +4470,7 @@ static void register_types(void)
  qemu_chr_open_mux);
 /* Bug-compatibility: */
 register_char_driver("memory", CHARDEV_BACKEND_KIND_MEMORY,
- qemu_chr_parse_ringbuf, NULL);
+ qemu_chr_parse_ringbuf, qemu_chr_open_ringbuf);
 /* this must be done after machine init, since we register FEs with muxes
  * as part of realize functions like serial_isa_realizefn when -nographic
  * is specified
-- 
2.5.0

[Qemu-devel] [PATCH 05/21] qemu-char: convert serial backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 48 +---
 1 file changed, 29 insertions(+), 19 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 13fd394..8567580 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1886,7 +1886,7 @@ static void win_chr_close(CharDriverState *chr)
 qemu_chr_be_event(chr, CHR_EVENT_CLOSED);
 }
 
-static int win_chr_init(CharDriverState *chr, const char *filename)
+static int win_chr_init(CharDriverState *chr, const char *filename, Error 
**errp)
 {
 WinCharState *s = chr->opaque;
 COMMCONFIG comcfg;
@@ -1897,25 +1897,25 @@ static int win_chr_init(CharDriverState *chr, const 
char *filename)
 
 s->hsend = CreateEvent(NULL, TRUE, FALSE, NULL);
 if (!s->hsend) {
-fprintf(stderr, "Failed CreateEvent\n");
+error_setg(errp, "Failed CreateEvent");
 goto fail;
 }
 s->hrecv = CreateEvent(NULL, TRUE, FALSE, NULL);
 if (!s->hrecv) {
-fprintf(stderr, "Failed CreateEvent\n");
+error_setg(errp, "Failed CreateEvent");
 goto fail;
 }
 
 s->hcom = CreateFile(filename, GENERIC_READ|GENERIC_WRITE, 0, NULL,
   OPEN_EXISTING, FILE_FLAG_OVERLAPPED, 0);
 if (s->hcom == INVALID_HANDLE_VALUE) {
-fprintf(stderr, "Failed CreateFile (%lu)\n", GetLastError());
+error_setg(errp, "Failed CreateFile (%lu)", GetLastError());
 s->hcom = NULL;
 goto fail;
 }
 
 if (!SetupComm(s->hcom, NRECVBUF, NSENDBUF)) {
-fprintf(stderr, "Failed SetupComm\n");
+error_setg(errp, "Failed SetupComm");
 goto fail;
 }
 
@@ -1926,23 +1926,23 @@ static int win_chr_init(CharDriverState *chr, const 
char *filename)
 CommConfigDialog(filename, NULL, );
 
 if (!SetCommState(s->hcom, )) {
-fprintf(stderr, "Failed SetCommState\n");
+error_setg(errp, "Failed SetCommState");
 goto fail;
 }
 
 if (!SetCommMask(s->hcom, EV_ERR)) {
-fprintf(stderr, "Failed SetCommMask\n");
+error_setg(errp, "Failed SetCommMask");
 goto fail;
 }
 
 cto.ReadIntervalTimeout = MAXDWORD;
 if (!SetCommTimeouts(s->hcom, )) {
-fprintf(stderr, "Failed SetCommTimeouts\n");
+error_setg(errp, "Failed SetCommTimeouts");
 goto fail;
 }
 
 if (!ClearCommError(s->hcom, , )) {
-fprintf(stderr, "Failed ClearCommError\n");
+error_setg(errp, "Failed ClearCommError");
 goto fail;
 }
 qemu_add_polling_cb(win_chr_poll, chr);
@@ -2047,7 +2047,8 @@ static int win_chr_poll(void *opaque)
 return 0;
 }
 
-static CharDriverState *qemu_chr_open_win_path(const char *filename)
+static CharDriverState *qemu_chr_open_win_path(const char *filename,
+   Error **errp)
 {
 CharDriverState *chr;
 WinCharState *s;
@@ -2058,7 +2059,7 @@ static CharDriverState *qemu_chr_open_win_path(const char 
*filename)
 chr->chr_write = win_chr_write;
 chr->chr_close = win_chr_close;
 
-if (win_chr_init(chr, filename) < 0) {
+if (win_chr_init(chr, filename, errp) < 0) {
 g_free(s);
 g_free(chr);
 return NULL;
@@ -3465,6 +3466,7 @@ static void qemu_chr_parse_stdio(QemuOpts *opts, 
ChardevBackend *backend,
 backend->stdio->signal = qemu_opt_get_bool(opts, "signal", true);
 }
 
+#ifdef HAVE_CHARDEV_SERIAL
 static void qemu_chr_parse_serial(QemuOpts *opts, ChardevBackend *backend,
   Error **errp)
 {
@@ -3477,6 +3479,7 @@ static void qemu_chr_parse_serial(QemuOpts *opts, 
ChardevBackend *backend,
 backend->serial = g_new0(ChardevHostdev, 1);
 backend->serial->device = g_strdup(device);
 }
+#endif
 
 static void qemu_chr_parse_parallel(QemuOpts *opts, ChardevBackend *backend,
 Error **errp)
@@ -4032,10 +4035,13 @@ static CharDriverState *qmp_chardev_open_file(const 
char *id,
 return qemu_chr_open_win_file(out);
 }
 
-static CharDriverState *qmp_chardev_open_serial(ChardevHostdev *serial,
+static CharDriverState *qmp_chardev_open_serial(const char *id,
+ChardevBackend *backend,
+ChardevReturn *ret,
 Error **errp)
 {
-return qemu_chr_open_win_path(serial->device);
+ChardevHostdev *serial = backend->serial;
+return qemu_chr_open_win_path(serial->device, errp);
 }
 
 static CharDriverState *qmp_chardev_open_parallel(ChardevHostdev *parallel,
@@ -4086,9 +4092,12 @@ static CharDriverState *qmp_chardev_open_file(const char 
*id,
 }
 
 #ifdef HAVE_CHARDEV_SERIAL
-static CharDriverState *qmp_chardev_open_serial(ChardevHostdev *serial,
+static CharDriverState *qmp_chardev_open_serial(const char *id,
+ChardevBackend *backend,
+  

[Qemu-devel] [PULL 13/14] netfilter: add a netbuffer filter

[Jason Wang]

From: Yang Hongyang 

This filter is to buffer/release packets. Can be used when using
MicroCheckpointing or other Remus like VM FT solutions.
You can also use it to crudely simulate network delay.  Doesn't
actually delay individual packets, but batches them together, which is
a delay of sorts.

Usage:
 -netdev tap,id=bn0
 -object filter-buffer,id=f0,netdev=bn0,queue=rx,interval=1000

NOTE:
 Interval is in microseconds, it can't be omitted currently, and can't be 0.

Signed-off-by: Yang Hongyang 
Reviewed-by: Markus Armbruster 
Signed-off-by: Jason Wang 
---
 net/Makefile.objs   |   1 +
 net/filter-buffer.c | 186 
 qemu-options.hx |  17 +
 vl.c|   6 +-
 4 files changed, 209 insertions(+), 1 deletion(-)
 create mode 100644 net/filter-buffer.c

diff --git a/net/Makefile.objs b/net/Makefile.objs
index 914aec0..5fa2f97 100644
--- a/net/Makefile.objs
+++ b/net/Makefile.objs
@@ -14,3 +14,4 @@ common-obj-$(CONFIG_SLIRP) += slirp.o
 common-obj-$(CONFIG_VDE) += vde.o
 common-obj-$(CONFIG_NETMAP) += netmap.o
 common-obj-y += filter.o
+common-obj-y += filter-buffer.o
diff --git a/net/filter-buffer.c b/net/filter-buffer.c
new file mode 100644
index 000..57be149
--- /dev/null
+++ b/net/filter-buffer.c
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) 2015 FUJITSU LIMITED
+ * Author: Yang Hongyang 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later.  See the COPYING file in the top-level directory.
+ */
+
+#include "net/filter.h"
+#include "net/queue.h"
+#include "qemu-common.h"
+#include "qemu/timer.h"
+#include "qemu/iov.h"
+#include "qapi/qmp/qerror.h"
+#include "qapi-visit.h"
+#include "qom/object.h"
+
+#define TYPE_FILTER_BUFFER "filter-buffer"
+
+#define FILTER_BUFFER(obj) \
+OBJECT_CHECK(FilterBufferState, (obj), TYPE_FILTER_BUFFER)
+
+typedef struct FilterBufferState {
+NetFilterState parent_obj;
+
+NetQueue *incoming_queue;
+uint32_t interval;
+QEMUTimer release_timer;
+} FilterBufferState;
+
+static void filter_buffer_flush(NetFilterState *nf)
+{
+FilterBufferState *s = FILTER_BUFFER(nf);
+
+if (!qemu_net_queue_flush(s->incoming_queue)) {
+/* Unable to empty the queue, purge remaining packets */
+qemu_net_queue_purge(s->incoming_queue, nf->netdev);
+}
+}
+
+static void filter_buffer_release_timer(void *opaque)
+{
+NetFilterState *nf = opaque;
+FilterBufferState *s = FILTER_BUFFER(nf);
+
+/*
+ * Note: filter_buffer_flush() drops packets that can't be sent
+ * TODO: We should leave them queued.  But currently there's no way
+ * for the next filter or receiver to notify us that it can receive
+ * more packets.
+ */
+filter_buffer_flush(nf);
+/* Timer rearmed to fire again in s->interval microseconds. */
+timer_mod(>release_timer,
+  qemu_clock_get_us(QEMU_CLOCK_VIRTUAL) + s->interval);
+}
+
+/* filter APIs */
+static ssize_t filter_buffer_receive_iov(NetFilterState *nf,
+ NetClientState *sender,
+ unsigned flags,
+ const struct iovec *iov,
+ int iovcnt,
+ NetPacketSent *sent_cb)
+{
+FilterBufferState *s = FILTER_BUFFER(nf);
+
+/*
+ * We return size when buffer a packet, the sender will take it as
+ * a already sent packet, so sent_cb should not be called later.
+ *
+ * FIXME: Even if the guest can't receive packets for some reasons,
+ * the filter can still accept packets until its internal queue is full.
+ * For example:
+ *   For some reason, receiver could not receive more packets
+ * (.can_receive() returns zero). Without a filter, at most one packet
+ * will be queued in incoming queue and sender's poll will be disabled
+ * unit its sent_cb() was called. With a filter, it will keep receiving
+ * the packets without caring about the receiver. This is suboptimal.
+ * May need more thoughts (e.g keeping sent_cb).
+ */
+qemu_net_queue_append_iov(s->incoming_queue, sender, flags,
+  iov, iovcnt, NULL);
+return iov_size(iov, iovcnt);
+}
+
+static void filter_buffer_cleanup(NetFilterState *nf)
+{
+FilterBufferState *s = FILTER_BUFFER(nf);
+
+if (s->interval) {
+timer_del(>release_timer);
+}
+
+/* flush packets */
+if (s->incoming_queue) {
+filter_buffer_flush(nf);
+g_free(s->incoming_queue);
+}
+}
+
+static void filter_buffer_setup(NetFilterState *nf, Error **errp)
+{
+FilterBufferState *s = FILTER_BUFFER(nf);
+
+/*
+ * We may want to accept zero interval when VM FT solutions like MC
+ * or COLO use this filter to release packets on demand.
+ */

[Qemu-devel] [PULL 03/14] e1000: use alias for default model

[Jason Wang]

Instead of duplicating the "e1000-82540em" device model as "e1000",
make the latter an alias for the former.

Cc: Markus Armbruster 
Reviewed-by: Markus Armbruster 
Signed-off-by: Jason Wang 
---
 hw/net/e1000.c | 8 +---
 qdev-monitor.c | 1 +
 2 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index 09c9e9d..910de3a 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -1647,7 +1647,7 @@ static const TypeInfo e1000_base_info = {
 
 static const E1000Info e1000_devices[] = {
 {
-.name  = "e1000-82540em",
+.name  = "e1000",
 .device_id = E1000_DEV_ID_82540EM,
 .revision  = 0x03,
 .phy_id2   = E1000_PHY_ID2_8254xx_DEFAULT,
@@ -1666,11 +1666,6 @@ static const E1000Info e1000_devices[] = {
 },
 };
 
-static const TypeInfo e1000_default_info = {
-.name  = "e1000",
-.parent= "e1000-82540em",
-};
-
 static void e1000_register_types(void)
 {
 int i;
@@ -1688,7 +1683,6 @@ static void e1000_register_types(void)
 
 type_register(_info);
 }
-type_register_static(_default_info);
 }
 
 type_init(e1000_register_types)
diff --git a/qdev-monitor.c b/qdev-monitor.c
index eb7aef2..00f6303 100644
--- a/qdev-monitor.c
+++ b/qdev-monitor.c
@@ -50,6 +50,7 @@ static const QDevAlias qdev_alias_table[] = {
 { "lsi53c895a", "lsi" },
 { "ich9-ahci", "ahci" },
 { "kvm-pci-assign", "pci-assign" },
+{ "e1000", "e1000-82540em" },
 { }
 };
 
-- 
2.1.4

[Qemu-devel] [PULL 00/14] Net patches

[Jason Wang]

The following changes since commit 5fdb4671b08e0d1631447e81348b2b50a6b85bf7:

  Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into 
staging (2015-10-06 13:42:33 +0100)

are available in the git repository at:

  https://github.com/jasowang/qemu.git tags/net-pull-request

for you to fetch changes up to 89b1273742f45c30927df203532fca0d9a3e1af7:

  tests: add test cases for netfilter object (2015-10-12 13:34:32 +0800)




Dana Rubin (1):
  net/vmxnet3: Refine l2 header validation

Jason Wang (1):
  e1000: use alias for default model

Shmulik Ladkani (2):
  vmxnet3: Support reading IMR registers on bar0
  vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command

Yang Hongyang (10):
  vl.c: init delayed object after net_init_clients
  init/cleanup of netfilter object
  netfilter: hook packets before net queue send
  net: merge qemu_deliver_packet and qemu_deliver_packet_iov
  net/queue: introduce NetQueueDeliverFunc
  netfilter: add an API to pass the packet to next filter
  netfilter: print filter info associate with the netdev
  net/queue: export qemu_net_queue_append_iov
  netfilter: add a netbuffer filter
  tests: add test cases for netfilter object

 hw/net/e1000.c  |   8 +-
 hw/net/vmxnet3.c|  19 +++-
 hw/net/vmxnet3.h|   6 +-
 hw/net/vmxnet_tx_pkt.c  |  19 +++-
 include/net/filter.h|  77 
 include/net/net.h   |   6 +-
 include/net/queue.h |  20 -
 include/qemu/typedefs.h |   1 +
 net/Makefile.objs   |   2 +
 net/filter-buffer.c | 186 ++
 net/filter.c| 233 
 net/net.c   | 121 +++--
 net/queue.c |  24 +++--
 qapi-schema.json|  20 +
 qdev-monitor.c  |   1 +
 qemu-options.hx |  17 
 tests/.gitignore|   1 +
 tests/Makefile  |   2 +
 tests/test-netfilter.c  | 200 +
 vl.c|  19 ++--
 20 files changed, 917 insertions(+), 65 deletions(-)
 create mode 100644 include/net/filter.h
 create mode 100644 net/filter-buffer.c
 create mode 100644 net/filter.c
 create mode 100644 tests/test-netfilter.c

-- 
2.1.4

Re: [Qemu-devel] [PATCH 2/2] hw/arm/virt: don't use a15memmap directly

[Pavel Fedin]

 Hello!

> Before this patch it would complain that the requested
> number of cpus was greater than 123, but for gicv2 configs, it
> should complain that the number is greater than 8.

 Actually, gicv2 code has own check, and it would complain about >8 CPU (see
arm_gic_common_realize()).

Kind regards,
Pavel Fedin
Expert Engineer
Samsung Electronics Research center Russia

[Qemu-devel] [PATCH 1/3] qemu-gdb: allow using glibc_pointer_guard() on core dumps

[Paolo Bonzini]

get_fs_base() cannot be run on a core dump, because it uses the arch_prctl
system call.  The fs base is the value that is returned by pthread_self(),
and it would be nice to just glean it from the "info threads" output:

* 1Thread 0x7f16a3fff700 (LWP 33642) pthread_cond_wait@@GLIBC_2.3.2 ()
  ^^

but unfortunately the gdb API does not provide that.  Instead, we can
look for the "arg" argument of the start_thread function if glibc debug
information are available.  If not, fall back to the old mechanism.

Signed-off-by: Paolo Bonzini 
---
 scripts/qemugdb/coroutine.py | 18 --
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/scripts/qemugdb/coroutine.py b/scripts/qemugdb/coroutine.py
index 3c54918..b1d4546 100644
--- a/scripts/qemugdb/coroutine.py
+++ b/scripts/qemugdb/coroutine.py
@@ -16,7 +16,8 @@
 import gdb
 
 def get_fs_base():
-'''Fetch %fs base value using arch_prctl(ARCH_GET_FS)'''
+'''Fetch %fs base value using arch_prctl(ARCH_GET_FS).  This is
+   pthread_self().'''
 # %rsp - 120 is scratch space according to the SystemV ABI
 old = gdb.parse_and_eval('*(uint64_t*)($rsp - 120)')
 gdb.execute('call arch_prctl(0x1003, $rsp - 120)', False, True)
@@ -24,9 +25,22 @@ def get_fs_base():
 gdb.execute('set *(uint64_t*)($rsp - 120) = %s' % old, False, True)
 return fs_base
 
+def pthread_self():
+'''Fetch pthread_self() from the glibc start_thread function.'''
+f = gdb.newest_frame()
+while f.name() != 'start_thread':
+f = f.older()
+if f is None:
+return get_fs_base()
+
+try:
+return f.read_var("arg")
+except ValueError:
+return get_fs_base()
+
 def get_glibc_pointer_guard():
 '''Fetch glibc pointer guard value'''
-fs_base = get_fs_base()
+fs_base = pthread_self()
 return gdb.parse_and_eval('*(uint64_t*)((uint64_t)%s + 0x30)' % fs_base)
 
 def glibc_ptr_demangle(val, pointer_guard):
-- 
2.5.0

[Qemu-devel] [PATCH 2/3] qemu-gdb: extract parts of "qemu coroutine" implementation

[Paolo Bonzini]

Provide useful Python functions to reach and decipher a jmpbuf.

Signed-off-by: Paolo Bonzini 
---
 scripts/qemugdb/coroutine.py | 56 +---
 1 file changed, 27 insertions(+), 29 deletions(-)

diff --git a/scripts/qemugdb/coroutine.py b/scripts/qemugdb/coroutine.py
index b1d4546..b5c8678 100644
--- a/scripts/qemugdb/coroutine.py
+++ b/scripts/qemugdb/coroutine.py
@@ -47,8 +47,7 @@ def glibc_ptr_demangle(val, pointer_guard):
 '''Undo effect of glibc's PTR_MANGLE()'''
 return gdb.parse_and_eval('(((uint64_t)%s >> 0x11) | ((uint64_t)%s << (64 
- 0x11))) ^ (uint64_t)%s' % (val, val, pointer_guard))
 
-def bt_jmpbuf(jmpbuf):
-'''Backtrace a jmpbuf'''
+def get_jmpbuf_regs(jmpbuf):
 JB_RBX  = 0
 JB_RBP  = 1
 JB_R12  = 2
@@ -58,35 +57,35 @@ def bt_jmpbuf(jmpbuf):
 JB_RSP  = 6
 JB_PC   = 7
 
-old_rbx = gdb.parse_and_eval('(uint64_t)$rbx')
-old_rbp = gdb.parse_and_eval('(uint64_t)$rbp')
-old_rsp = gdb.parse_and_eval('(uint64_t)$rsp')
-old_r12 = gdb.parse_and_eval('(uint64_t)$r12')
-old_r13 = gdb.parse_and_eval('(uint64_t)$r13')
-old_r14 = gdb.parse_and_eval('(uint64_t)$r14')
-old_r15 = gdb.parse_and_eval('(uint64_t)$r15')
-old_rip = gdb.parse_and_eval('(uint64_t)$rip')
-
 pointer_guard = get_glibc_pointer_guard()
-gdb.execute('set $rbx = %s' % jmpbuf[JB_RBX])
-gdb.execute('set $rbp = %s' % glibc_ptr_demangle(jmpbuf[JB_RBP], 
pointer_guard))
-gdb.execute('set $rsp = %s' % glibc_ptr_demangle(jmpbuf[JB_RSP], 
pointer_guard))
-gdb.execute('set $r12 = %s' % jmpbuf[JB_R12])
-gdb.execute('set $r13 = %s' % jmpbuf[JB_R13])
-gdb.execute('set $r14 = %s' % jmpbuf[JB_R14])
-gdb.execute('set $r15 = %s' % jmpbuf[JB_R15])
-gdb.execute('set $rip = %s' % glibc_ptr_demangle(jmpbuf[JB_PC], 
pointer_guard))
+return {'rbx': jmpbuf[JB_RBX],
+'rbp': glibc_ptr_demangle(jmpbuf[JB_RBP], pointer_guard),
+'rsp': glibc_ptr_demangle(jmpbuf[JB_RSP], pointer_guard),
+'r12': jmpbuf[JB_R12],
+'r13': jmpbuf[JB_R13],
+'r14': jmpbuf[JB_R14],
+'r15': jmpbuf[JB_R15],
+'rip': glibc_ptr_demangle(jmpbuf[JB_PC], pointer_guard) }
+
+def bt_jmpbuf(jmpbuf):
+'''Backtrace a jmpbuf'''
+regs = get_jmpbuf_regs(jmpbuf)
+old = dict()
+
+for i in regs:
+old[i] = gdb.parse_and_eval('(uint64_t)$%s' % i)
+
+for i in regs:
+gdb.execute('set $%s = %s' % (i, regs[i]))
 
 gdb.execute('bt')
 
-gdb.execute('set $rbx = %s' % old_rbx)
-gdb.execute('set $rbp = %s' % old_rbp)
-gdb.execute('set $rsp = %s' % old_rsp)
-gdb.execute('set $r12 = %s' % old_r12)
-gdb.execute('set $r13 = %s' % old_r13)
-gdb.execute('set $r14 = %s' % old_r14)
-gdb.execute('set $r15 = %s' % old_r15)
-gdb.execute('set $rip = %s' % old_rip)
+for i in regs:
+gdb.execute('set $%s = %s' % (i, old[i]))
+
+def coroutine_to_jmpbuf(co):
+coroutine_pointer = co.cast(gdb.lookup_type('CoroutineUContext').pointer())
+return coroutine_pointer['env']['__jmpbuf']
 
 
 class CoroutineCommand(gdb.Command):
@@ -101,5 +100,4 @@ class CoroutineCommand(gdb.Command):
 gdb.write('usage: qemu coroutine \n')
 return
 
-coroutine_pointer = 
gdb.parse_and_eval(argv[0]).cast(gdb.lookup_type('CoroutineUContext').pointer())
-bt_jmpbuf(coroutine_pointer['env']['__jmpbuf'])
+bt_jmpbuf(coroutine_to_jmpbuf(gdb.parse_and_eval(argv[0])))
-- 
2.5.0

[Qemu-devel] [PATCH 0/3] qemu-gdb: add functionality for inspecting core dumps

[Paolo Bonzini]

Currently it is very hard to inspect coroutine in core dumps, because
none of the qemu-gdb functionality works.  Fixing this is not really
possible because "bt" only works on the core dump's stack pointer and
program counter, but the situation would improve noticeably if only
a coroutine's stack pointer and program counter were accessible at all;
that would allow inspecting the coroutine's stack and building a
stack trace from the hex dump of the stack.

The main hurdle is that glibc_pointer_guard() cannot be run on a core
dump, because get_fs_base() uses the arch_prctl system call.  The first
patch modifies that to use the gdb API instead.  The second and third
patch then add the new functions.

Paolo

Paolo Bonzini (3):
  qemu-gdb: allow using glibc_pointer_guard() on core dumps
  qemu-gdb: extract parts of "qemu coroutine" implementation
  qemu-gdb: add $qemu_coroutine_sp and $qemu_coroutine_pc

 scripts/qemu-gdb.py  |  3 ++
 scripts/qemugdb/coroutine.py | 90 +---
 2 files changed, 62 insertions(+), 31 deletions(-)

-- 
2.5.0

[Qemu-devel] [PATCH 02/21] qemu-char: cleanup HAVE_CHARDEV_*

[Paolo Bonzini]

Move the #ifdef up into qmp_chardev_add, and avoid duplicating
the code that reports unavailable backends.  Split HAVE_CHARDEV_TTY
into HAVE_CHARDEV_SERIAL and HAVE_CHARDEV_PTY.

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 24 
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index f51c0aa..7219d56 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1196,7 +1196,8 @@ static CharDriverState *qemu_chr_open_stdio(ChardevStdio 
*opts)
 || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__DragonFly__) \
 || defined(__GLIBC__)
 
-#define HAVE_CHARDEV_TTY 1
+#define HAVE_CHARDEV_SERIAL 1
+#define HAVE_CHARDEV_PTY 1
 
 typedef struct {
 GIOChannel *fd;
@@ -1832,6 +1833,8 @@ static CharDriverState *qemu_chr_open_pp_fd(int fd)
 
 #else /* _WIN32 */
 
+#define HAVE_CHARDEV_SERIAL 1
+
 typedef struct {
 int max_size;
 HANDLE hcom, hrecv, hsend;
@@ -4069,10 +4072,10 @@ static CharDriverState 
*qmp_chardev_open_file(ChardevFile *file, Error **errp)
 return qemu_chr_open_fd(in, out);
 }
 
+#ifdef HAVE_CHARDEV_SERIAL
 static CharDriverState *qmp_chardev_open_serial(ChardevHostdev *serial,
 Error **errp)
 {
-#ifdef HAVE_CHARDEV_TTY
 int fd;
 
 fd = qmp_chardev_open_file_source(serial->device, O_RDWR, errp);
@@ -4081,16 +4084,12 @@ static CharDriverState 
*qmp_chardev_open_serial(ChardevHostdev *serial,
 }
 qemu_set_nonblock(fd);
 return qemu_chr_open_tty_fd(fd);
-#else
-error_setg(errp, "character device backend type 'serial' not supported");
-return NULL;
-#endif
 }
 
+#ifdef HAVE_CHARDEV_PARPORT
 static CharDriverState *qmp_chardev_open_parallel(ChardevHostdev *parallel,
   Error **errp)
 {
-#ifdef HAVE_CHARDEV_PARPORT
 int fd;
 
 fd = qmp_chardev_open_file_source(parallel->device, O_RDWR, errp);
@@ -4098,11 +4097,8 @@ static CharDriverState 
*qmp_chardev_open_parallel(ChardevHostdev *parallel,
 return NULL;
 }
 return qemu_chr_open_pp_fd(fd);
-#else
-error_setg(errp, "character device backend type 'parallel' not supported");
-return NULL;
-#endif
 }
+#endif
 
 #endif /* WIN32 */
 
@@ -4227,12 +4223,16 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 case CHARDEV_BACKEND_KIND_FILE:
 chr = qmp_chardev_open_file(backend->file, _err);
 break;
+#ifdef HAVE_CHARDEV_SERIAL
 case CHARDEV_BACKEND_KIND_SERIAL:
 chr = qmp_chardev_open_serial(backend->serial, _err);
 break;
+#endif
+#ifdef HAVE_CHARDEV_PARPORT
 case CHARDEV_BACKEND_KIND_PARALLEL:
 chr = qmp_chardev_open_parallel(backend->parallel, _err);
 break;
+#endif
 case CHARDEV_BACKEND_KIND_PIPE:
 chr = qemu_chr_open_pipe(backend->pipe);
 break;
@@ -4242,7 +4242,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 case CHARDEV_BACKEND_KIND_UDP:
 chr = qmp_chardev_open_udp(backend->udp, _err);
 break;
-#ifdef HAVE_CHARDEV_TTY
+#ifdef HAVE_CHARDEV_PTY
 case CHARDEV_BACKEND_KIND_PTY:
 chr = qemu_chr_open_pty(id, ret);
 break;
-- 
2.5.0

[Qemu-devel] [PATCH 13/21] qemu-char: convert msmouse backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 backends/msmouse.c| 7 +--
 include/sysemu/char.h | 3 ---
 qemu-char.c   | 2 +-
 stubs/Makefile.objs   | 1 -
 stubs/chr-msmouse.c   | 7 ---
 5 files changed, 6 insertions(+), 14 deletions(-)
 delete mode 100644 stubs/chr-msmouse.c

diff --git a/backends/msmouse.c b/backends/msmouse.c
index d50ed47..0126fa0 100644
--- a/backends/msmouse.c
+++ b/backends/msmouse.c
@@ -63,7 +63,10 @@ static void msmouse_chr_close (struct CharDriverState *chr)
 g_free (chr);
 }
 
-CharDriverState *qemu_chr_open_msmouse(void)
+static CharDriverState *qemu_chr_open_msmouse(const char *id,
+  ChardevBackend *backend,
+  ChardevReturn *ret,
+  Error **errp)
 {
 CharDriverState *chr;
 
@@ -80,7 +83,7 @@ CharDriverState *qemu_chr_open_msmouse(void)
 static void register_types(void)
 {
 register_char_driver("msmouse", CHARDEV_BACKEND_KIND_MSMOUSE, NULL,
- NULL);
+ qemu_chr_open_msmouse);
 }
 
 type_init(register_types);
diff --git a/include/sysemu/char.h b/include/sysemu/char.h
index 4b01a8c..2fe8275 100644
--- a/include/sysemu/char.h
+++ b/include/sysemu/char.h
@@ -356,9 +356,6 @@ extern int term_escape_char;
 
 CharDriverState *qemu_char_get_next_serial(void);
 
-/* msmouse */
-CharDriverState *qemu_chr_open_msmouse(void);
-
 /* testdev.c */
 CharDriverState *chr_testdev_init(void);
 
diff --git a/qemu-char.c b/qemu-char.c
index 8e3a79a..8425891 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4321,7 +4321,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 abort();
 break;
 case CHARDEV_BACKEND_KIND_MSMOUSE:
-chr = qemu_chr_open_msmouse();
+abort();
 break;
 #ifdef CONFIG_BRLAPI
 case CHARDEV_BACKEND_KIND_BRAILLE:
diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 85e4e81..63988ca 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -1,7 +1,6 @@
 stub-obj-y += arch-query-cpu-def.o
 stub-obj-y += bdrv-commit-all.o
 stub-obj-y += chr-baum-init.o
-stub-obj-y += chr-msmouse.o
 stub-obj-y += chr-testdev.o
 stub-obj-y += clock-warp.o
 stub-obj-y += cpu-get-clock.o
diff --git a/stubs/chr-msmouse.c b/stubs/chr-msmouse.c
deleted file mode 100644
index 812f8b0..000
--- a/stubs/chr-msmouse.c
+++ /dev/null
@@ -1,7 +0,0 @@
-#include "qemu-common.h"
-#include "sysemu/char.h"
-
-CharDriverState *qemu_chr_open_msmouse(void)
-{
-return 0;
-}
-- 
2.5.0

[Qemu-devel] [PATCH 18/21] qemu-char: convert spice backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 include/ui/qemu-spice.h |  2 --
 qemu-char.c |  6 ++
 spice-qemu-char.c   | 21 -
 stubs/Makefile.objs |  1 -
 stubs/qemu-chr-open-spice.c | 14 --
 5 files changed, 14 insertions(+), 30 deletions(-)
 delete mode 100644 stubs/qemu-chr-open-spice.c

diff --git a/include/ui/qemu-spice.h b/include/ui/qemu-spice.h
index 0dff422..f9ce357 100644
--- a/include/ui/qemu-spice.h
+++ b/include/ui/qemu-spice.h
@@ -43,9 +43,7 @@ int qemu_spice_set_pw_expire(time_t expires);
 int qemu_spice_migrate_info(const char *hostname, int port, int tls_port,
 const char *subject);
 
-CharDriverState *qemu_chr_open_spice_vmc(const char *type);
 #if SPICE_SERVER_VERSION >= 0x000c02
-CharDriverState *qemu_chr_open_spice_port(const char *name);
 void qemu_spice_register_ports(void);
 #else
 static inline CharDriverState *qemu_chr_open_spice_port(const char *name)
diff --git a/qemu-char.c b/qemu-char.c
index 535db73..43205ae 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4359,14 +4359,12 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 case CHARDEV_BACKEND_KIND_CONSOLE:
 abort();
 break;
-#ifdef CONFIG_SPICE
 case CHARDEV_BACKEND_KIND_SPICEVMC:
-chr = qemu_chr_open_spice_vmc(backend->spicevmc->type);
+abort();
 break;
 case CHARDEV_BACKEND_KIND_SPICEPORT:
-chr = qemu_chr_open_spice_port(backend->spiceport->fqdn);
+abort();
 break;
-#endif
 case CHARDEV_BACKEND_KIND_VC:
 chr = vc_init(backend->vc);
 break;
diff --git a/spice-qemu-char.c b/spice-qemu-char.c
index e4353ef..a20fb5c 100644
--- a/spice-qemu-char.c
+++ b/spice-qemu-char.c
@@ -296,15 +296,14 @@ static CharDriverState *chr_open(const char *subtype,
 return chr;
 }
 
-CharDriverState *qemu_chr_open_spice_vmc(const char *type)
+static CharDriverState *qemu_chr_open_spice_vmc(const char *id,
+ChardevBackend *backend,
+ChardevReturn *ret,
+Error **errp)
 {
+const char *type = backend->spicevmc->type;
 const char **psubtype = spice_server_char_device_recognized_subtypes();
 
-if (type == NULL) {
-fprintf(stderr, "spice-qemu-char: missing name parameter\n");
-print_allowed_subtypes();
-return NULL;
-}
 for (; *psubtype != NULL; ++psubtype) {
 if (strcmp(type, *psubtype) == 0) {
 break;
@@ -320,8 +319,12 @@ CharDriverState *qemu_chr_open_spice_vmc(const char *type)
 }
 
 #if SPICE_SERVER_VERSION >= 0x000c02
-CharDriverState *qemu_chr_open_spice_port(const char *name)
+static CharDriverState *qemu_chr_open_spice_port(const char *id,
+ ChardevBackend *backend,
+ ChardevReturn *ret,
+ Error **errp)
 {
+const char *name = backend->spiceport->fqdn;
 CharDriverState *chr;
 SpiceCharDriver *s;
 
@@ -379,9 +382,9 @@ static void qemu_chr_parse_spice_port(QemuOpts *opts, 
ChardevBackend *backend,
 static void register_types(void)
 {
 register_char_driver("spicevmc", CHARDEV_BACKEND_KIND_SPICEVMC,
- qemu_chr_parse_spice_vmc, NULL);
+ qemu_chr_parse_spice_vmc, qemu_chr_open_spice_vmc);
 register_char_driver("spiceport", CHARDEV_BACKEND_KIND_SPICEPORT,
- qemu_chr_parse_spice_port, NULL);
+ qemu_chr_parse_spice_port, qemu_chr_open_spice_port);
 }
 
 type_init(register_types);
diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index b5322a2..6d4363d 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -20,7 +20,6 @@ stub-obj-y += mon-is-qmp.o
 stub-obj-y += mon-printf.o
 stub-obj-y += monitor-init.o
 stub-obj-y += notify-event.o
-stub-obj-$(CONFIG_SPICE) += qemu-chr-open-spice.o
 stub-obj-y += qtest.o
 stub-obj-y += reset.o
 stub-obj-y += runstate-check.o
diff --git a/stubs/qemu-chr-open-spice.c b/stubs/qemu-chr-open-spice.c
deleted file mode 100644
index f1c4849..000
--- a/stubs/qemu-chr-open-spice.c
+++ /dev/null
@@ -1,14 +0,0 @@
-#include "qemu-common.h"
-#include "ui/qemu-spice.h"
-
-CharDriverState *qemu_chr_open_spice_vmc(const char *type)
-{
-return NULL;
-}
-
-#if SPICE_SERVER_VERSION >= 0x000c02
-CharDriverState *qemu_chr_open_spice_port(const char *name)
-{
-return NULL;
-}
-#endif
-- 
2.5.0

[Qemu-devel] [PATCH 11/21] qemu-char: convert null backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 9 ++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index c36cbf0..3e48a47 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -383,7 +383,10 @@ static int null_chr_write(CharDriverState *chr, const 
uint8_t *buf, int len)
 return len;
 }
 
-static CharDriverState *qemu_chr_open_null(void)
+static CharDriverState *qemu_chr_open_null(const char *id,
+   ChardevBackend *backend,
+   ChardevReturn *ret,
+   Error **errp)
 {
 CharDriverState *chr;
 
@@ -4303,7 +4306,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 abort();
 break;
 case CHARDEV_BACKEND_KIND_NULL:
-chr = qemu_chr_open_null();
+abort();
 break;
 case CHARDEV_BACKEND_KIND_MUX:
 base = qemu_chr_find(backend->mux->chardev);
@@ -4406,7 +4409,7 @@ void qmp_chardev_remove(const char *id, Error **errp)
 static void register_types(void)
 {
 register_char_driver("null", CHARDEV_BACKEND_KIND_NULL, NULL,
- NULL);
+ qemu_chr_open_null);
 register_char_driver("socket", CHARDEV_BACKEND_KIND_SOCKET,
  qemu_chr_parse_socket, qmp_chardev_open_socket);
 register_char_driver("udp", CHARDEV_BACKEND_KIND_UDP, qemu_chr_parse_udp,
-- 
2.5.0

Re: [Qemu-devel] Quick question on NVME on qemu

[Igor Mammedov]

On Sat, 10 Oct 2015 00:39:43 -0700
sahlot arvind  wrote:

> Hello,
> 
> Does qemu emulate a proper NVMe controller?  Can someone please tell me how
s far as I'm aware, QEMU doesn't emulate any NVMe controller yet.

> can I use it to emulate a proper NVMe controller? Is there some way to
> enable logging PCI accesses to NVMe controller so that I can see what
> accesses my driver or OS is doing?
> 
> Thanks in advance!
> Sahlot

Re: [Qemu-devel] [PATCH v2] spice: Allow to set password even if disable-ticketing was used

[Gerd Hoffmann]

  Hi,

> > Signed-off-by: Christophe Fergeau 
> > Reviewed-by: Daniel P. Berrange 
> 
> Any taker for that patch?

please resend, with me in cc, and add to the changelog why this is
needed.

thanks,
  Gerd

Re: [Qemu-devel] [Qemu-block] [PATCH v5 3/4] qmp: add monitor command to add/remove a child

[Markus Armbruster]

Max Reitz  writes:

> On 08.10.2015 08:15, Markus Armbruster wrote:
>> Max Reitz  writes:
>> 
>>> On 22.09.2015 09:44, Wen Congyang wrote:
 The new QMP command name is x-blockdev-child-add, and x-blockdev-child-del.
 It justs for adding/removing quorum's child now, and don't support all
 kinds of children,
>>>
>>> It does support all kinds of children for quorum, doesn't it?
>>>
nor all block drivers. So it is experimental now.
>>>
>>> Well, that is not really a reason why we would have to make it
>>> experimental. For instance, blockdev-add (although some might argue it
>>> actually is experimental...) doesn't support all block drivers either.
>> 
>> Yup, and not calling it x-blockdev-add until it's done was a mistake.
>> People tried using it, then found its current limitations the painful
>> way.  Not nice.
>
> I knew I should have written s/some might/Markus does/. ;-)

:)

>>> The reason I am hesitant of adding an experimental QMP interface that is
>>> actually visible to the user (compare x-image in blkverify and blkdebug,
>>> which are not documented and not to be used by the user) is twofold:
>>>
>>> (1) At some point we have to say "OK, this is good enough now" and make
>>> it stable. What would that point be? Who can guarantee that we
>>> wouldn't want to make any interface changes after that point?
>> 
>> Nobody can, just like for any other interface.  So?
>
> The main question is "what would that point be". As I can see you're
> arguing that that point would be "once people want to use it", but I'm
> arguing that people want to use it today or we wouldn't need this
> interface at all.
>
> I'm against adding external experimental interface because having
> external interface indicates that someone wants to use them, but making
> them experimental indicates that nobody should use them.

Make that "nobody should use them in anger just yet."

They can and should be used to develop stuff.  Developing non-trivial
interfaces without actual users is risky.  Sometimes, you can't see
shortcomings in an interface until you try to use it.  Successful actual
use can build confidence the experimental interface is in fact ready to
be cast in stone.

> This interface is added for the COLO series. The documentation added in
> patch 5 there explains usage of COLO with x-child-add. I don't think
> that should be there, because it's experimental. But why have an
> external interface if nobody should use it anyway?
>
>> The x- prefix enables work spanning multiple releases.  Until the
>> feature is complete, we have a hard time seeing the whole picture, and
>> therefore the risk of interface mistakes is higher than normal.  Once
>> it's complete, we drop the x-.
>
> I'm arguing the feature is complete as far as what it's supposed to do goes.

When you say "the feature is complete", you're arguing this specific
interface is ready.  When you say you're "against adding external
experimental interface", you're arguing proper use of x-.  Let's try to
keep the discussion of principles separate from the discussion of the
specific instance.

On the former: maybe the interface is ready, but I can't judge offhand.
All I can do is ask questions.

On the latter: I emphatically disagree with the idea that experimental
interfaces are to be avoided because "someone wants to use them".

>>>   Would
>>> we actually remember to revisit this function once in a while and
>>> consider making it stable?
>> 
>> Has that been a problem in the past?
>
> I don't know, because I never witnessed an external experimental
> interface, but I haven't been closely involved with qemu for too long.

QMP itself started experimental, and was declared stable after fairly
heated discussion.

I think we've been dropping x- prefixes pretty routinely.  A quick,
superficial search finds commit 41310c6 (x-rdma) and commit 467b3f3
(x-iothread).

[...]

Re: [Qemu-devel] QEMU Technical Talk: NVDIMM and persistent memory in QEMU

[Stefan Hajnoczi]

On Mon, Oct 5, 2015 at 8:52 PM, Stefan Hajnoczi  wrote:

Just a reminder that QEMU's first technical talk is today (Monday, 12
October 2015) at 14:00 UTC.  We will be using Hangouts On Air for
video/audio.  The URL is:
https://plus.google.com/events/cfssoojfogaafulssb1qeijn07k

Full details below:

> Marc Mari has volunteered to give the following online technical talk
> on Monday, 12 October at 14:00 UTC:
>
> "Marc Mari will present the new NVDIMM persistent memory device class
> and how they integrate into QEMU and SeaBIOS.  The main concepts of
> the hardware specification are covered, as well as how NVDIMMs can be
> used by virtual machines.
>
> This talk is aimed at QEMU and SeaBIOS developers."
>
> Marc has been experimenting with Guangrong Xiao's NVDIMM patches and
> is working on SeaBIOS boot-from-NVDIMM support.
>
> To join the event:
> https://plus.google.com/events/cfssoojfogaafulssb1qeijn07k
>
> This is the first QEMU technical talk and we will be using Google+'s
> Hangouts On Air feature for a live presentation.  Video will also be
> archived on YouTube for viewing at a later date.
>
> If you would like to speak on a technical topic, please contact me!  I
> hope to host talks showcasing features of interest to QEMU users as
> well as technical topics for QEMU developers.
>
> Stefan

[Qemu-devel] [PULL 01/14] net/vmxnet3: Refine l2 header validation

[Jason Wang]

From: Dana Rubin 

Validation of l2 header length assumed minimal packet size as
eth_header + 2 * vlan_header regardless of the actual protocol.

This caused crash for valid non-IP packets shorter than 22 bytes, as
'tx_pkt->packet_type' hasn't been assigned for such packets, and
'vmxnet3_on_tx_done_update_stats()' expects it to be properly set.

Refine header length validation in 'vmxnet_tx_pkt_parse_headers'.
Check its return value during packet processing flow.

As a side effect, in case IPv4 and IPv6 header validation failure,
corrupt packets will be dropped.

Signed-off-by: Dana Rubin 
Signed-off-by: Shmulik Ladkani 
Signed-off-by: Jason Wang 
---
 hw/net/vmxnet3.c   |  4 +---
 hw/net/vmxnet_tx_pkt.c | 19 ---
 2 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index 04159c8..48ced71 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -729,9 +729,7 @@ static void vmxnet3_process_tx_queue(VMXNET3State *s, int 
qidx)
 }
 
 if (txd.eop) {
-if (!s->skip_current_tx_pkt) {
-vmxnet_tx_pkt_parse(s->tx_pkt);
-
+if (!s->skip_current_tx_pkt && vmxnet_tx_pkt_parse(s->tx_pkt)) {
 if (s->needs_vlan) {
 vmxnet_tx_pkt_setup_vlan_header(s->tx_pkt, s->tci);
 }
diff --git a/hw/net/vmxnet_tx_pkt.c b/hw/net/vmxnet_tx_pkt.c
index f7344c4..eb88ddf 100644
--- a/hw/net/vmxnet_tx_pkt.c
+++ b/hw/net/vmxnet_tx_pkt.c
@@ -142,11 +142,24 @@ static bool vmxnet_tx_pkt_parse_headers(struct 
VmxnetTxPkt *pkt)
 
 bytes_read = iov_to_buf(pkt->raw, pkt->raw_frags, 0, l2_hdr->iov_base,
 ETH_MAX_L2_HDR_LEN);
-if (bytes_read < ETH_MAX_L2_HDR_LEN) {
+if (bytes_read < sizeof(struct eth_header)) {
+l2_hdr->iov_len = 0;
+return false;
+}
+
+l2_hdr->iov_len = sizeof(struct eth_header);
+switch (be16_to_cpu(PKT_GET_ETH_HDR(l2_hdr->iov_base)->h_proto)) {
+case ETH_P_VLAN:
+l2_hdr->iov_len += sizeof(struct vlan_header);
+break;
+case ETH_P_DVLAN:
+l2_hdr->iov_len += 2 * sizeof(struct vlan_header);
+break;
+}
+
+if (bytes_read < l2_hdr->iov_len) {
 l2_hdr->iov_len = 0;
 return false;
-} else {
-l2_hdr->iov_len = eth_get_l2_hdr_length(l2_hdr->iov_base);
 }
 
 l3_proto = eth_get_l3_proto(l2_hdr->iov_base, l2_hdr->iov_len);
-- 
2.1.4

[Qemu-devel] [PATCH 12/21] qemu-char: convert mux backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 25 ++---
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 3e48a47..8e3a79a 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -682,11 +682,20 @@ static GSource *mux_chr_add_watch(CharDriverState *s, 
GIOCondition cond)
 return d->drv->chr_add_watch(d->drv, cond);
 }
 
-static CharDriverState *qemu_chr_open_mux(CharDriverState *drv)
+static CharDriverState *qemu_chr_open_mux(const char *id,
+  ChardevBackend *backend,
+  ChardevReturn *ret, Error **errp)
 {
-CharDriverState *chr;
+ChardevMux *mux = backend->mux;
+CharDriverState *chr, *drv;
 MuxDriver *d;
 
+drv = qemu_chr_find(mux->chardev);
+if (drv == NULL) {
+error_setg(errp, "mux: base chardev %s not found", mux->chardev);
+return NULL;
+}
+
 chr = qemu_chr_alloc();
 d = g_new0(MuxDriver, 1);
 
@@ -4257,7 +4266,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
Error **errp)
 {
 ChardevReturn *ret = g_new0(ChardevReturn, 1);
-CharDriverState *base, *chr = NULL;
+CharDriverState *chr = NULL;
 Error *local_err = NULL;
 GSList *i;
 CharDriver *cd;
@@ -4309,13 +4318,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 abort();
 break;
 case CHARDEV_BACKEND_KIND_MUX:
-base = qemu_chr_find(backend->mux->chardev);
-if (base == NULL) {
-error_setg(_err, "mux: base chardev %s not found",
-   backend->mux->chardev);
-break;
-}
-chr = qemu_chr_open_mux(base);
+abort();
 break;
 case CHARDEV_BACKEND_KIND_MSMOUSE:
 chr = qemu_chr_open_msmouse();
@@ -4441,7 +,7 @@ static void register_types(void)
 register_char_driver("pipe", CHARDEV_BACKEND_KIND_PIPE,
  qemu_chr_parse_pipe, qemu_chr_open_pipe);
 register_char_driver("mux", CHARDEV_BACKEND_KIND_MUX, qemu_chr_parse_mux,
- NULL);
+ qemu_chr_open_mux);
 /* Bug-compatibility: */
 register_char_driver("memory", CHARDEV_BACKEND_KIND_MEMORY,
  qemu_chr_parse_ringbuf, NULL);
-- 
2.5.0

Re: [Qemu-devel] [PATCH v3 0/5] simplified QEMU guest exec

[Denis V. Lunev]

On 10/07/2015 01:32 PM, Denis V. Lunev wrote:

This patchset provides simplified guest-exec functionality. The
idea is simple. We drop original guest-pipe-open etc stuff and provides
simple and dumb API:
- spawn process (originally with stdin/stdout/stderr as /dev/null)
- later simple buffer is added for this purpose

That is all for now.

Changed from v2:
- fixed last minute typo in Win32 code in patch 2 (s/exiticode/exitcode/)

Changes from v1:
- use g_new0() instead of g_malloc0
- added explicit 'exited' bool to GuestExecStatus
- reworked documentation for GuestExecStatus
- added comment about platform-specific signals and exception codes
- replaces 'pid' with 'handle' in guest-exec api

Signed-off-by: Denis V. Lunev 
Signed-off-by: Yuri Pudgorodskiy 
CC: Michael Roth 

Denis V. Lunev (2):
   qga: drop guest_file_init helper and replace it with static
 initializers
   qga: handle possible SIGPIPE in guest-file-write

Yuri Pudgorodskiy (3):
   qga: guest exec functionality
   qga: handle G_IO_STATUS_AGAIN in ga_channel_write_all()
   qga: guest-exec simple stdin/stdout/stderr redirection

  qga/channel-posix.c  |  23 ++--
  qga/commands-posix.c |  10 +-
  qga/commands-win32.c |  10 +-
  qga/commands.c   | 363 +++
  qga/main.c   |   6 +
  qga/qapi-schema.json |  67 ++
  6 files changed, 453 insertions(+), 26 deletions(-)


ping

Re: [Qemu-devel] [PATCH 1/2] [RFC] arm_gic_common.h: add gicv2 aliases for defines

[Pavel Fedin]

 Hi!

> It looks like the only thing in the gicv3 code that is using
> a define from the arm_gic_common.h file is "GIC_INTERNAL",
> so we can just put a suitable define of that into the v3 header
> (maybe giving it a better name in the process).

 Yes, indeed. Actually, first versions of my GICv3 patches did use own #define, 
but i was criticized for using GICV3_INTERNAL in my code and having 
GIC_INTERNAL in kvm_arm_gic_set_irq(), which is shared by both KVM 
implementations. So, i decided to use GIC_INTERNAL everywhere and inherited it 
from v2.

Kind regards,
Pavel Fedin
Expert Engineer
Samsung Electronics Research center Russia

Re: [Qemu-devel] [Bug 1504513] [NEW] Socket leak on each call to qemu_socket()

[Markus Armbruster]

Mark Pizzolato  writes:

> Public bug reported:
>
> On any host platform where SOCK_CLOEXEC is defined (Linux at least), a
> socket is leaked on each call to qemu_socket() AND the socket returned
> hasn't been created with the desired SOCK_CLOEXEC attribute.  The
> qemu_socket routine is:
>
> Line 272 of util/osdep.c:
> /*
>  * Opens a socket with FD_CLOEXEC set
>  */
> int qemu_socket(int domain, int type, int protocol)
> {
> int ret;
>
> #ifdef SOCK_CLOEXEC
> ret = socket(domain, type | SOCK_CLOEXEC, protocol);
> if (ret != -1 || errno != EINVAL) {
> return ret;

If socket() succeeded (ret != -1), we return the socket.

If socket() failed with anything but EINVAL (ret == -1 && errno !=
EINVAL), we return -1 with errno set.

> }

Here, ret == -1 && errno == EINVAL.

> #endif
> ret = socket(domain, type, protocol);
> if (ret >= 0) {
> qemu_set_cloexec(ret);
> }
>
> return ret;
> }

How can this leak a socket?

How can this return a socket with FD_CLOEXEC not set?

[Qemu-devel] [PULL 02/14] vmxnet3: Support reading IMR registers on bar0

[Jason Wang]

From: Shmulik Ladkani 

Instead of asserting, return the actual IMR register value.
This is aligned with what's returned on ESXi.

Signed-off-by: Shmulik Ladkani 
Tested-by: Dana Rubin 
Signed-off-by: Jason Wang 
---
 hw/net/vmxnet3.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index 48ced71..057f0dc 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -1163,9 +1163,13 @@ vmxnet3_io_bar0_write(void *opaque, hwaddr addr,
 static uint64_t
 vmxnet3_io_bar0_read(void *opaque, hwaddr addr, unsigned size)
 {
+VMXNET3State *s = opaque;
+
 if (VMW_IS_MULTIREG_ADDR(addr, VMXNET3_REG_IMR,
 VMXNET3_MAX_INTRS, VMXNET3_REG_ALIGN)) {
-g_assert_not_reached();
+int l = VMW_MULTIREG_IDX_BY_ADDR(addr, VMXNET3_REG_IMR,
+ VMXNET3_REG_ALIGN);
+return s->interrupt_states[l].is_masked;
 }
 
 VMW_CBPRN("BAR0 unknown read [%" PRIx64 "], size %d", addr, size);
-- 
2.1.4

[Qemu-devel] [PATCH 08/21] qemu-char: convert socket backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 9 ++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 3545cd8..459ed5c 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4163,11 +4163,14 @@ static gboolean socket_reconnect_timeout(gpointer 
opaque)
 return false;
 }
 
-static CharDriverState *qmp_chardev_open_socket(ChardevSocket *sock,
+static CharDriverState *qmp_chardev_open_socket(const char *id,
+ChardevBackend *backend,
+ChardevReturn *ret,
 Error **errp)
 {
 CharDriverState *chr;
 TCPCharDriver *s;
+ChardevSocket *sock = backend->socket;
 SocketAddress *addr = sock->addr;
 bool do_nodelay = sock->has_nodelay ? sock->nodelay : false;
 bool is_listen  = sock->has_server  ? sock->server  : true;
@@ -4285,7 +4288,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 abort();
 break;
 case CHARDEV_BACKEND_KIND_SOCKET:
-chr = qmp_chardev_open_socket(backend->socket, _err);
+abort();
 break;
 case CHARDEV_BACKEND_KIND_UDP:
 chr = qmp_chardev_open_udp(backend->udp, _err);
@@ -4401,7 +4404,7 @@ static void register_types(void)
 register_char_driver("null", CHARDEV_BACKEND_KIND_NULL, NULL,
  NULL);
 register_char_driver("socket", CHARDEV_BACKEND_KIND_SOCKET,
- qemu_chr_parse_socket, NULL);
+ qemu_chr_parse_socket, qmp_chardev_open_socket);
 register_char_driver("udp", CHARDEV_BACKEND_KIND_UDP, qemu_chr_parse_udp,
  NULL);
 register_char_driver("ringbuf", CHARDEV_BACKEND_KIND_RINGBUF,
-- 
2.5.0

[Qemu-devel] [PATCH 00/22] qemu-char: refactoring of chardev creation

[Paolo Bonzini]

This series rewrites chardev creation to use a new ->create
member of the CharDriver struct, and to always signal errors
via Error*.

The advantage is that backend-specific creation functions need
not be exported anymore for qemu-char.c's usage, and hence do not
need stubs anymore.

Paolo Bonzini (21):
  qemu-char: cleanup qmp_chardev_add
  qemu-char: cleanup HAVE_CHARDEV_*
  qemu-char: add create to register_char_driver
  qemu-char: convert file backend to data-driven creation
  qemu-char: convert serial backend to data-driven creation
  qemu-char: convert parallel backend to data-driven creation
  qemu-char: convert pipe backend to data-driven creation
  qemu-char: convert socket backend to data-driven creation
  qemu-char: convert UDP backend to data-driven creation
  qemu-char: convert pty backend to data-driven creation
  qemu-char: convert null backend to data-driven creation
  qemu-char: convert mux backend to data-driven creation
  qemu-char: convert msmouse backend to data-driven creation
  qemu-char: convert braille backend to data-driven creation
  qemu-char: convert testdev backend to data-driven creation
  qemu-char: convert stdio backend to data-driven creation
  qemu-char: convert console backend to data-driven creation
  qemu-char: convert spice backend to data-driven creation
  qemu-char: convert vc backend to data-driven creation
  qemu-char: convert ringbuf backend to data-driven creation
  qemu-char: cleanup after completed conversion to cd->create

 backends/baum.c |  14 +-
 backends/msmouse.c  |   8 +-
 backends/testdev.c  |   8 +-
 include/sysemu/char.h   |  18 +-
 include/ui/qemu-spice.h |   2 -
 qemu-char.c | 392 
 spice-qemu-char.c   |  21 ++-
 stubs/Makefile.objs |   5 -
 stubs/chr-baum-init.c   |   7 -
 stubs/chr-msmouse.c |   7 -
 stubs/chr-testdev.c |   7 -
 stubs/qemu-chr-open-spice.c |  14 --
 stubs/vc-init.c |   7 -
 ui/console.c|  11 +-
 ui/gtk.c|   2 +-
 15 files changed, 257 insertions(+), 266 deletions(-)
 delete mode 100644 stubs/chr-baum-init.c
 delete mode 100644 stubs/chr-msmouse.c
 delete mode 100644 stubs/chr-testdev.c
 delete mode 100644 stubs/qemu-chr-open-spice.c
 delete mode 100644 stubs/vc-init.c

-- 
2.5.0

[Qemu-devel] [PATCH 15/21] qemu-char: convert testdev backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 backends/testdev.c| 7 +--
 include/sysemu/char.h | 3 ---
 qemu-char.c   | 2 +-
 stubs/Makefile.objs   | 1 -
 stubs/chr-testdev.c   | 7 ---
 5 files changed, 6 insertions(+), 14 deletions(-)
 delete mode 100644 stubs/chr-testdev.c

diff --git a/backends/testdev.c b/backends/testdev.c
index 43787f6..26d5c73 100644
--- a/backends/testdev.c
+++ b/backends/testdev.c
@@ -108,7 +108,10 @@ static void testdev_close(struct CharDriverState *chr)
 g_free(testdev);
 }
 
-CharDriverState *chr_testdev_init(void)
+static CharDriverState *chr_testdev_init(const char *id,
+ ChardevBackend *backend,
+ ChardevReturn *ret,
+ Error **errp)
 {
 TestdevCharState *testdev;
 CharDriverState *chr;
@@ -126,7 +129,7 @@ CharDriverState *chr_testdev_init(void)
 static void register_types(void)
 {
 register_char_driver("testdev", CHARDEV_BACKEND_KIND_TESTDEV, NULL,
- NULL);
+ chr_testdev_init);
 }
 
 type_init(register_types);
diff --git a/include/sysemu/char.h b/include/sysemu/char.h
index 77415ec..5c28c16 100644
--- a/include/sysemu/char.h
+++ b/include/sysemu/char.h
@@ -356,9 +356,6 @@ extern int term_escape_char;
 
 CharDriverState *qemu_char_get_next_serial(void);
 
-/* testdev.c */
-CharDriverState *chr_testdev_init(void);
-
 /* console.c */
 typedef CharDriverState *(VcHandler)(ChardevVC *vc);
 
diff --git a/qemu-char.c b/qemu-char.c
index 96f40f3..72658d2 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4327,7 +4327,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 abort();
 break;
 case CHARDEV_BACKEND_KIND_TESTDEV:
-chr = chr_testdev_init();
+abort();
 break;
 case CHARDEV_BACKEND_KIND_STDIO:
 chr = qemu_chr_open_stdio(backend->stdio);
diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 8cfa5a2..b5322a2 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -1,6 +1,5 @@
 stub-obj-y += arch-query-cpu-def.o
 stub-obj-y += bdrv-commit-all.o
-stub-obj-y += chr-testdev.o
 stub-obj-y += clock-warp.o
 stub-obj-y += cpu-get-clock.o
 stub-obj-y += cpu-get-icount.o
diff --git a/stubs/chr-testdev.c b/stubs/chr-testdev.c
deleted file mode 100644
index 23112a2..000
--- a/stubs/chr-testdev.c
+++ /dev/null
@@ -1,7 +0,0 @@
-#include "qemu-common.h"
-#include "sysemu/char.h"
-
-CharDriverState *chr_testdev_init(void)
-{
-return 0;
-}
-- 
2.5.0

[Qemu-devel] [PATCH 04/21] qemu-char: convert file backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 16 
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index a6411d6..13fd394 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4010,8 +4010,12 @@ QemuOptsList qemu_chardev_opts = {
 
 #ifdef _WIN32
 
-static CharDriverState *qmp_chardev_open_file(ChardevFile *file, Error **errp)
+static CharDriverState *qmp_chardev_open_file(const char *id,
+  ChardevBackend *backend,
+  ChardevReturn *ret,
+  Error **errp)
 {
+ChardevFile *file = backend->file;
 HANDLE out;
 
 if (file->has_in) {
@@ -4055,8 +4059,12 @@ static int qmp_chardev_open_file_source(char *src, int 
flags,
 return fd;
 }
 
-static CharDriverState *qmp_chardev_open_file(ChardevFile *file, Error **errp)
+static CharDriverState *qmp_chardev_open_file(const char *id,
+  ChardevBackend *backend,
+  ChardevReturn *ret,
+  Error **errp)
 {
+ChardevFile *file = backend->file;
 int flags, in = -1, out;
 
 flags = O_WRONLY | O_TRUNC | O_CREAT | O_BINARY;
@@ -4242,7 +4250,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 if (chr == NULL) {
 switch (backend->kind) {
 case CHARDEV_BACKEND_KIND_FILE:
-chr = qmp_chardev_open_file(backend->file, _err);
+abort();
 break;
 #ifdef HAVE_CHARDEV_SERIAL
 case CHARDEV_BACKEND_KIND_SERIAL:
@@ -4380,7 +4388,7 @@ static void register_types(void)
 register_char_driver("ringbuf", CHARDEV_BACKEND_KIND_RINGBUF,
  qemu_chr_parse_ringbuf, NULL);
 register_char_driver("file", CHARDEV_BACKEND_KIND_FILE,
- qemu_chr_parse_file_out, NULL);
+ qemu_chr_parse_file_out, qmp_chardev_open_file);
 register_char_driver("stdio", CHARDEV_BACKEND_KIND_STDIO,
  qemu_chr_parse_stdio, NULL);
 register_char_driver("serial", CHARDEV_BACKEND_KIND_SERIAL,
-- 
2.5.0

[Qemu-devel] [PATCH 16/21] qemu-char: convert stdio backend to data-driven creation

[Paolo Bonzini]

The backend now always returns errors via the Error* argument.
This avoids a double error message.  Before:

qemu-system-x86_64: -chardev stdio,id=base: cannot use stdio with -daemonize
qemu-system-x86_64: -chardev stdio,id=base: Failed to create chardev

After:

qemu-system-x86_64: -chardev stdio,id=base: cannot use stdio with -daemonize

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 57 +++--
 1 file changed, 39 insertions(+), 18 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 72658d2..74ca66d 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -1168,19 +1168,23 @@ static void qemu_chr_close_stdio(struct CharDriverState 
*chr)
 fd_chr_close(chr);
 }
 
-static CharDriverState *qemu_chr_open_stdio(ChardevStdio *opts)
+static CharDriverState *qemu_chr_open_stdio(const char *id,
+ChardevBackend *backend,
+ChardevReturn *ret,
+Error **errp)
 {
+ChardevStdio *opts = backend->stdio;
 CharDriverState *chr;
 struct sigaction act;
 
 if (is_daemonized()) {
-error_report("cannot use stdio with -daemonize");
+error_setg(errp, "cannot use stdio with -daemonize");
 return NULL;
 }
 
 if (stdio_in_use) {
-error_report("cannot use stdio by multiple character devices");
-exit(1);
+error_setg(errp, "cannot use stdio by multiple character devices");
+return NULL;
 }
 
 stdio_in_use = true;
@@ -2341,7 +2345,10 @@ static void win_stdio_close(CharDriverState *chr)
 g_free(chr);
 }
 
-static CharDriverState *qemu_chr_open_stdio(ChardevStdio *opts)
+static CharDriverState *qemu_chr_open_stdio(const char *id,
+ChardevBackend *backend,
+ChardevReturn *ret,
+Error **errp)
 {
 CharDriverState   *chr;
 WinStdioCharState *stdio;
@@ -2353,8 +2360,8 @@ static CharDriverState *qemu_chr_open_stdio(ChardevStdio 
*opts)
 
 stdio->hStdIn = GetStdHandle(STD_INPUT_HANDLE);
 if (stdio->hStdIn == INVALID_HANDLE_VALUE) {
-fprintf(stderr, "cannot open stdio: invalid handle\n");
-exit(1);
+error_setg(errp, "cannot open stdio: invalid handle");
+return NULL;
 }
 
 is_console = GetConsoleMode(stdio->hStdIn, ) != 0;
@@ -2366,25 +2373,30 @@ static CharDriverState 
*qemu_chr_open_stdio(ChardevStdio *opts)
 if (is_console) {
 if (qemu_add_wait_object(stdio->hStdIn,
  win_stdio_wait_func, chr)) {
-fprintf(stderr, "qemu_add_wait_object: failed\n");
+error_setg(errp, "qemu_add_wait_object: failed");
+goto err1;
 }
 } else {
 DWORD   dwId;
 
 stdio->hInputReadyEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
 stdio->hInputDoneEvent  = CreateEvent(NULL, FALSE, FALSE, NULL);
-stdio->hInputThread = CreateThread(NULL, 0, win_stdio_thread,
-   chr, 0, );
-
-if (stdio->hInputThread == INVALID_HANDLE_VALUE
-|| stdio->hInputReadyEvent == INVALID_HANDLE_VALUE
+if (stdio->hInputReadyEvent == INVALID_HANDLE_VALUE
 || stdio->hInputDoneEvent == INVALID_HANDLE_VALUE) {
-fprintf(stderr, "cannot create stdio thread or event\n");
-exit(1);
+error_setg(errp, "cannot create event");
+goto err2;
 }
 if (qemu_add_wait_object(stdio->hInputReadyEvent,
  win_stdio_thread_wait_func, chr)) {
-fprintf(stderr, "qemu_add_wait_object: failed\n");
+error_setg(errp, "qemu_add_wait_object: failed");
+goto err2;
+}
+stdio->hInputThread = CreateThread(NULL, 0, win_stdio_thread,
+   chr, 0, );
+
+if (stdio->hInputThread == INVALID_HANDLE_VALUE) {
+error_setg(errp, "cannot create stdio thread");
+goto err3;
 }
 }
 
@@ -2402,6 +2414,15 @@ static CharDriverState *qemu_chr_open_stdio(ChardevStdio 
*opts)
 qemu_chr_fe_set_echo(chr, false);
 
 return chr;
+
+err3:
+qemu_del_wait_object(stdio->hInputReadyEvent, NULL, NULL);
+err2:
+CloseHandle(stdio->hInputReadyEvent);
+CloseHandle(stdio->hInputDoneEvent);
+err1:
+qemu_del_wait_object(stdio->hStdIn, NULL, NULL);
+return NULL;
 }
 #endif /* !_WIN32 */
 
@@ -4330,7 +4351,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 abort();
 break;
 case CHARDEV_BACKEND_KIND_STDIO:
-chr = qemu_chr_open_stdio(backend->stdio);
+abort();
 break;
 #ifdef _WIN32
 case 

Re: [Qemu-devel] [PATCH 1/2] kvm/x86: Hyper-V synthetic interrupt controller

[Christian Borntraeger]

Am 09.10.2015 um 16:42 schrieb Paolo Bonzini:
> Christian, the question for you is towards the end...



[]
> 
>> --- a/virt/kvm/irqchip.c
>> +++ b/virt/kvm/irqchip.c
>> @@ -144,11 +144,13 @@ static int setup_routing_entry(struct 
>> kvm_irq_routing_table *rt,
>>  
>>  /*
>>   * Do not allow GSI to be mapped to the same irqchip more than once.
>> - * Allow only one to one mapping between GSI and MSI.
>> + * Allow only one to one mapping between GSI and MSI/Hyper-V SINT.
>>   */
>>  hlist_for_each_entry(ei, >map[ue->gsi], link)
>>  if (ei->type == KVM_IRQ_ROUTING_MSI ||
>>  ue->type == KVM_IRQ_ROUTING_MSI ||
>> +ei->type == KVM_IRQ_ROUTING_HV_SINT ||
>> +ue->type == KVM_IRQ_ROUTING_HV_SINT ||
>>  ue->u.irqchip.irqchip == ei->irqchip.irqchip)
>>  return r;
> 
> Christian, what's the desired behavior for s390 adapter interrupts here?
>  Should this actually become
> 
>   if (ei->type != KVM_IRQ_ROUTING_IRQCHIP ||
>   ue->type != KVM_IRQ_ROUTING_IRQCHIP ||
>   ue->u.irqchip.irqchip == ei->irqchip.irqchip)

Hmm, this is the failure path if we already have one routing entry, Right?
This will work with virtio ccw as we only setup one route, but I am not
sure about the upcoming PCI irqfd support which might add a 2nd adapter
route.

Adding Conny, Jens,Not sure about PC, 
As soon as we wire up the PCI irgfd, we want to register a 2nd route for
the same irqchip via flic, which will also be of type 
KVM_IRQ_ROUTING_S390_ADAPTER. Correct?

Re: [Qemu-devel] [Qemu-block] [PATCH v5 3/4] qmp: add monitor command to add/remove a child

[Dr. David Alan Gilbert]

* Max Reitz (mre...@redhat.com) wrote:
> On 09.10.2015 18:42, Dr. David Alan Gilbert wrote:
> > * Max Reitz (mre...@redhat.com) wrote:
> >> On 08.10.2015 08:15, Markus Armbruster wrote:
> >>> Max Reitz  writes:
> >>>
>  On 22.09.2015 09:44, Wen Congyang wrote:
> > The new QMP command name is x-blockdev-child-add, and 
> > x-blockdev-child-del.
> > It justs for adding/removing quorum's child now, and don't support all
> > kinds of children,
> 
>  It does support all kinds of children for quorum, doesn't it?
> 
> >nor all block drivers. So it is experimental now.
> 
>  Well, that is not really a reason why we would have to make it
>  experimental. For instance, blockdev-add (although some might argue it
>  actually is experimental...) doesn't support all block drivers either.
> >>>
> >>> Yup, and not calling it x-blockdev-add until it's done was a mistake.
> >>> People tried using it, then found its current limitations the painful
> >>> way.  Not nice.
> >>
> >> I knew I should have written s/some might/Markus does/. ;-)
> >>
>  The reason I am hesitant of adding an experimental QMP interface that is
>  actually visible to the user (compare x-image in blkverify and blkdebug,
>  which are not documented and not to be used by the user) is twofold:
> 
>  (1) At some point we have to say "OK, this is good enough now" and make
>  it stable. What would that point be? Who can guarantee that we
>  wouldn't want to make any interface changes after that point?
> >>>
> >>> Nobody can, just like for any other interface.  So?
> >>
> >> The main question is "what would that point be". As I can see you're
> >> arguing that that point would be "once people want to use it", but I'm
> >> arguing that people want to use it today or we wouldn't need this
> >> interface at all.
> >>
> >> I'm against adding external experimental interface because having
> >> external interface indicates that someone wants to use them, but making
> >> them experimental indicates that nobody should use them.
> >>
> >> This interface is added for the COLO series. The documentation added in
> >> patch 5 there explains usage of COLO with x-child-add. I don't think
> >> that should be there, because it's experimental. But why have an
> >> external interface if nobody should use it anyway?
> > 
> > Because it lets people move forward; the COLO series is pretty huge, there
> > already seem to be side discussions spawning off about dynamic 
> > reconfiguration
> > of stuff, who knows how long those will take to pan out.
> 
> Yes, and my point is that with these functions
> (blockdev-child-{add,del}) the result of that side discussion doesn't
> matter.
> 
> > Adding the experimental stuff makes it easier for people to try and
> > get some feedback on.
> 
> The thing is, I cannot imagine any feedback that would necessitate an
> incompatible change. “I want to change quorum's options while
> adding/removing children” can easily be accomplished with an additional
> optional parameter.
> 
> But I do know that we want to keep things experimental exactly because
> there can be feedback which I cannot imagine right now.
> 
> > If everyone turns out to love it then it only takes a trivial patch to 
> > promote
> > it; if people actually realise there is a better interface then it's
> > no problem to change it either - x- doesn't stop any one using it,
> 
> But it should, shouldn't it? No management tool should be using an x-
> command, as far as I know. And these are functions which are clearly
> designed for management tools.
> 
> If management tools are indeed free to use x- functions, then I'm
> completely fine with making these experimental for now. It's just that
> it looks to me like “Hey, look, we have these two new functions you can
> use!” and then, two versions later we remove them because we have a
> general reconfiguration option, and we'll say “It's your own fault for
> using experimental functions” if someone complains. That sounds
> hypocritical to me, but I'm probably being to “legal” here.
>
> (i.e. it's more like “Hey, look, two new cool functions! But don't use
> them.” which sounds like a contradiction to me, whereas it actually
> means “Feel free to use them but don't blame us”)
> 
> tl;dr: May management tools use x- functions? And is it actually
> conceivable for them to do so? If so, my whole argument becomes moot, so
> let's make these functions x-.

My guess is the libvirt guys wont take the code to drive the x- methods;
but it still makes it easier if someone wants to try this stuff out, they
wont need to apply 2/3 sets of COLO code and then any management tools.

> Mainly I'd like to know about some example where we had an x- function
> in the past. Markus seemed to imply that was the case.

The RDMA code used to have x- for migration protocol and some of the
capabilities; we've recently added Jason Herne's cpu 

Re: [Qemu-devel] [Qemu-block] [PATCH v5 3/4] qmp: add monitor command to add/remove a child

[Markus Armbruster]

"Dr. David Alan Gilbert"  writes:

> * Max Reitz (mre...@redhat.com) wrote:
>> On 08.10.2015 08:15, Markus Armbruster wrote:
>> > Max Reitz  writes:
>> > 
>> >> On 22.09.2015 09:44, Wen Congyang wrote:
>> >>> The new QMP command name is x-blockdev-child-add, and
>> >>> x-blockdev-child-del.
>> >>> It justs for adding/removing quorum's child now, and don't support all
>> >>> kinds of children,
>> >>
>> >> It does support all kinds of children for quorum, doesn't it?
>> >>
>> >>>nor all block drivers. So it is experimental now.
>> >>
>> >> Well, that is not really a reason why we would have to make it
>> >> experimental. For instance, blockdev-add (although some might argue it
>> >> actually is experimental...) doesn't support all block drivers either.
>> > 
>> > Yup, and not calling it x-blockdev-add until it's done was a mistake.
>> > People tried using it, then found its current limitations the painful
>> > way.  Not nice.
>> 
>> I knew I should have written s/some might/Markus does/. ;-)
>> 
>> >> The reason I am hesitant of adding an experimental QMP interface that is
>> >> actually visible to the user (compare x-image in blkverify and blkdebug,
>> >> which are not documented and not to be used by the user) is twofold:
>> >>
>> >> (1) At some point we have to say "OK, this is good enough now" and make
>> >> it stable. What would that point be? Who can guarantee that we
>> >> wouldn't want to make any interface changes after that point?
>> > 
>> > Nobody can, just like for any other interface.  So?
>> 
>> The main question is "what would that point be". As I can see you're
>> arguing that that point would be "once people want to use it", but I'm
>> arguing that people want to use it today or we wouldn't need this
>> interface at all.
>> 
>> I'm against adding external experimental interface because having
>> external interface indicates that someone wants to use them, but making
>> them experimental indicates that nobody should use them.
>> 
>> This interface is added for the COLO series. The documentation added in
>> patch 5 there explains usage of COLO with x-child-add. I don't think
>> that should be there, because it's experimental. But why have an
>> external interface if nobody should use it anyway?
>
> Because it lets people move forward; the COLO series is pretty huge, there
> already seem to be side discussions spawning off about dynamic reconfiguration
> of stuff, who knows how long those will take to pan out.
> Adding the experimental stuff makes it easier for people to try and
> get some feedback on.
> If everyone turns out to love it then it only takes a trivial patch to promote
> it; if people actually realise there is a better interface then it's
> no problem to change it either - x- doesn't stop any one using it, but it
> does remove their right to moan if it changes.

Exactly.

[Qemu-devel] [PATCH 03/21] qemu-char: add create to register_char_driver

[Paolo Bonzini]

Having creation as a member of the CharDriver struct removes the need
to export functions for qemu-char.c's usage.  After the conversion,
chardev backends implemented outside qemu-char.c will not need a stub
creation function anymore.

Ultimately all drivers will be converted.  For now, support the case
where cd->create == NULL.

Signed-off-by: Paolo Bonzini 
---
 backends/baum.c   |   3 +-
 backends/msmouse.c|   3 +-
 backends/testdev.c|   3 +-
 include/sysemu/char.h |   4 +-
 qemu-char.c   | 213 --
 spice-qemu-char.c |   4 +-
 ui/console.c  |   3 +-
 7 files changed, 133 insertions(+), 100 deletions(-)

diff --git a/backends/baum.c b/backends/baum.c
index a17f625..e86a019 100644
--- a/backends/baum.c
+++ b/backends/baum.c
@@ -629,7 +629,8 @@ fail_handle:
 
 static void register_types(void)
 {
-register_char_driver("braille", CHARDEV_BACKEND_KIND_BRAILLE, NULL);
+register_char_driver("braille", CHARDEV_BACKEND_KIND_BRAILLE, NULL,
+ NULL);
 }
 
 type_init(register_types);
diff --git a/backends/msmouse.c b/backends/msmouse.c
index 0119110..d50ed47 100644
--- a/backends/msmouse.c
+++ b/backends/msmouse.c
@@ -79,7 +79,8 @@ CharDriverState *qemu_chr_open_msmouse(void)
 
 static void register_types(void)
 {
-register_char_driver("msmouse", CHARDEV_BACKEND_KIND_MSMOUSE, NULL);
+register_char_driver("msmouse", CHARDEV_BACKEND_KIND_MSMOUSE, NULL,
+ NULL);
 }
 
 type_init(register_types);
diff --git a/backends/testdev.c b/backends/testdev.c
index 1429152..43787f6 100644
--- a/backends/testdev.c
+++ b/backends/testdev.c
@@ -125,7 +125,8 @@ CharDriverState *chr_testdev_init(void)
 
 static void register_types(void)
 {
-register_char_driver("testdev", CHARDEV_BACKEND_KIND_TESTDEV, NULL);
+register_char_driver("testdev", CHARDEV_BACKEND_KIND_TESTDEV, NULL,
+ NULL);
 }
 
 type_init(register_types);
diff --git a/include/sysemu/char.h b/include/sysemu/char.h
index 832b7fe..4b01a8c 100644
--- a/include/sysemu/char.h
+++ b/include/sysemu/char.h
@@ -345,7 +345,9 @@ bool chr_is_ringbuf(const CharDriverState *chr);
 QemuOpts *qemu_chr_parse_compat(const char *label, const char *filename);
 
 void register_char_driver(const char *name, ChardevBackendKind kind,
-void (*parse)(QemuOpts *opts, ChardevBackend *backend, Error **errp));
+void (*parse)(QemuOpts *opts, ChardevBackend *backend, Error **errp),
+CharDriverState *(*create)(const char *id, ChardevBackend *backend,
+   ChardevReturn *ret, Error **errp));
 
 /* add an eventfd to the qemu devices that are polled */
 CharDriverState *qemu_chr_open_eventfd(int eventfd);
diff --git a/qemu-char.c b/qemu-char.c
index 7219d56..a6411d6 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -3644,12 +3644,16 @@ typedef struct CharDriver {
 const char *name;
 ChardevBackendKind kind;
 void (*parse)(QemuOpts *opts, ChardevBackend *backend, Error **errp);
+CharDriverState *(*create)(const char *id, ChardevBackend *backend,
+   ChardevReturn *ret, Error **errp);
 } CharDriver;
 
 static GSList *backends;
 
 void register_char_driver(const char *name, ChardevBackendKind kind,
-void (*parse)(QemuOpts *opts, ChardevBackend *backend, Error **errp))
+void (*parse)(QemuOpts *opts, ChardevBackend *backend, Error **errp),
+CharDriverState *(*create)(const char *id, ChardevBackend *backend,
+   ChardevReturn *ret, Error **errp))
 {
 CharDriver *s;
 
@@ -3657,6 +3661,7 @@ void register_char_driver(const char *name, 
ChardevBackendKind kind,
 s->name = g_strdup(name);
 s->kind = kind;
 s->parse = parse;
+s->create = create;
 
 backends = g_slist_append(backends, s);
 }
@@ -4211,6 +4216,8 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 ChardevReturn *ret = g_new0(ChardevReturn, 1);
 CharDriverState *base, *chr = NULL;
 Error *local_err = NULL;
+GSList *i;
+CharDriver *cd;
 
 chr = qemu_chr_find(id);
 if (chr) {
@@ -4219,98 +4226,113 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 return NULL;
 }
 
-switch (backend->kind) {
-case CHARDEV_BACKEND_KIND_FILE:
-chr = qmp_chardev_open_file(backend->file, _err);
-break;
+for (i = backends; i; i = i->next) {
+cd = i->data;
+
+if (cd->kind == backend->kind && cd->create) {
+chr = cd->create(id, backend, ret, _err);
+if (local_err) {
+error_propagate(errp, local_err);
+goto out_error;
+}
+break;
+}
+}
+
+if (chr == NULL) {
+switch (backend->kind) {
+case CHARDEV_BACKEND_KIND_FILE:
+chr = qmp_chardev_open_file(backend->file, _err);
+  

[Qemu-devel] [PATCH 19/21] qemu-char: convert vc backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 include/sysemu/char.h |  5 ++---
 qemu-char.c   |  2 +-
 stubs/Makefile.objs   |  1 -
 stubs/vc-init.c   |  7 ---
 ui/console.c  | 10 ++
 ui/gtk.c  |  2 +-
 6 files changed, 10 insertions(+), 17 deletions(-)
 delete mode 100644 stubs/vc-init.c

diff --git a/include/sysemu/char.h b/include/sysemu/char.h
index 5c28c16..edf7669 100644
--- a/include/sysemu/char.h
+++ b/include/sysemu/char.h
@@ -357,8 +357,7 @@ extern int term_escape_char;
 CharDriverState *qemu_char_get_next_serial(void);
 
 /* console.c */
-typedef CharDriverState *(VcHandler)(ChardevVC *vc);
-
+typedef CharDriverState *(VcHandler)(ChardevVC *vc, Error **errp);
 void register_vc_handler(VcHandler *handler);
-CharDriverState *vc_init(ChardevVC *vc);
+
 #endif
diff --git a/qemu-char.c b/qemu-char.c
index 43205ae..7ef1293 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4366,7 +4366,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 abort();
 break;
 case CHARDEV_BACKEND_KIND_VC:
-chr = vc_init(backend->vc);
+abort();
 break;
 case CHARDEV_BACKEND_KIND_RINGBUF:
 case CHARDEV_BACKEND_KIND_MEMORY:
diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 6d4363d..1862f84 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -27,7 +27,6 @@ stub-obj-y += set-fd-handler.o
 stub-obj-y += slirp.o
 stub-obj-y += sysbus.o
 stub-obj-y += uuid.o
-stub-obj-y += vc-init.o
 stub-obj-y += vm-stop.o
 stub-obj-y += vmstate.o
 stub-obj-$(CONFIG_WIN32) += fd-register.o
diff --git a/stubs/vc-init.c b/stubs/vc-init.c
deleted file mode 100644
index 308dfa0..000
--- a/stubs/vc-init.c
+++ /dev/null
@@ -1,7 +0,0 @@
-#include "qemu-common.h"
-#include "sysemu/char.h"
-
-CharDriverState *vc_init(ChardevVC *vc)
-{
-return 0;
-}
diff --git a/ui/console.c b/ui/console.c
index 746b23a..5e94b0f 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -1899,7 +1899,7 @@ static void text_console_do_init(CharDriverState *chr, 
DisplayState *ds)
 chr->init(chr);
 }
 
-static CharDriverState *text_console_init(ChardevVC *vc)
+static CharDriverState *text_console_init(ChardevVC *vc, Error **errp)
 {
 CharDriverState *chr;
 QemuConsole *s;
@@ -1930,6 +1930,7 @@ static CharDriverState *text_console_init(ChardevVC *vc)
 
 if (!s) {
 g_free(chr);
+error_setg(errp, "cannot create text console");
 return NULL;
 }
 
@@ -1949,9 +1950,10 @@ static CharDriverState *text_console_init(ChardevVC *vc)
 
 static VcHandler *vc_handler = text_console_init;
 
-CharDriverState *vc_init(ChardevVC *vc)
+static CharDriverState *vc_init(const char *id, ChardevBackend *backend,
+ChardevReturn *ret, Error **errp)
 {
-return vc_handler(vc);
+return vc_handler(backend->vc, errp);
 }
 
 void register_vc_handler(VcHandler *handler)
@@ -2031,7 +2033,7 @@ static void register_types(void)
 {
 type_register_static(_console_info);
 register_char_driver("vc", CHARDEV_BACKEND_KIND_VC, qemu_chr_parse_vc,
- NULL);
+ vc_init);
 }
 
 type_init(register_types);
diff --git a/ui/gtk.c b/ui/gtk.c
index 3057cdc..9731761 100644
--- a/ui/gtk.c
+++ b/ui/gtk.c
@@ -1522,7 +1522,7 @@ static int gd_vc_chr_write(CharDriverState *chr, const 
uint8_t *buf, int len)
 static int nb_vcs;
 static CharDriverState *vcs[MAX_VCS];
 
-static CharDriverState *gd_vc_handler(ChardevVC *unused)
+static CharDriverState *gd_vc_handler(ChardevVC *unused, Error **errp)
 {
 CharDriverState *chr;
 
-- 
2.5.0

[Qemu-devel] [PATCH 21/21] qemu-char: cleanup after completed conversion to cd->create

[Paolo Bonzini]

All backends now return errors through Error*, so the "Failed to
create chardev" placeholder error can only be reached if the backend
is not available (and only from the chardev-add QMP command; instead,
the -chardev command line option fails earlier).

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 80 -
 1 file changed, 4 insertions(+), 76 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index e0faeb7..8d48e35 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4308,7 +4308,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 for (i = backends; i; i = i->next) {
 cd = i->data;
 
-if (cd->kind == backend->kind && cd->create) {
+if (cd->kind == backend->kind) {
 chr = cd->create(id, backend, ret, _err);
 if (local_err) {
 error_propagate(errp, local_err);
@@ -4319,81 +4319,9 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 }
 
 if (chr == NULL) {
-switch (backend->kind) {
-case CHARDEV_BACKEND_KIND_FILE:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_SERIAL:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_PARALLEL:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_PIPE:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_SOCKET:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_UDP:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_PTY:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_NULL:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_MUX:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_MSMOUSE:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_BRAILLE:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_TESTDEV:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_STDIO:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_CONSOLE:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_SPICEVMC:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_SPICEPORT:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_VC:
-abort();
-break;
-case CHARDEV_BACKEND_KIND_RINGBUF:
-case CHARDEV_BACKEND_KIND_MEMORY:
-abort();
-break;
-default:
-error_setg(errp, "unknown chardev backend (%d)", backend->kind);
-goto out_error;
-}
-
-/*
- * Character backend open hasn't been fully converted to the Error
- * API.  Some opens fail without setting an error.  Set a generic
- * error then.
- * TODO full conversion to Error API
- */
-if (chr == NULL) {
-if (local_err) {
-error_propagate(errp, local_err);
-} else {
-error_setg(errp, "Failed to create chardev");
-}
-goto out_error;
-}
+assert(!i);
+error_setg(errp, "chardev backend not available");
+goto out_error;
 }
 
 chr->label = g_strdup(id);
-- 
2.5.0

[Qemu-devel] [PULL 07/14] netfilter: hook packets before net queue send

[Jason Wang]

From: Yang Hongyang 

Capture packets that will be sent.

Signed-off-by: Yang Hongyang 
Reviewed-by: Thomas Huth 
Signed-off-by: Jason Wang 
---
 include/net/filter.h |  8 +++
 net/filter.c | 17 ++
 net/net.c| 66 
 3 files changed, 91 insertions(+)

diff --git a/include/net/filter.h b/include/net/filter.h
index be27dee..db035b6 100644
--- a/include/net/filter.h
+++ b/include/net/filter.h
@@ -58,4 +58,12 @@ struct NetFilterState {
 QTAILQ_ENTRY(NetFilterState) next;
 };
 
+ssize_t qemu_netfilter_receive(NetFilterState *nf,
+   NetFilterDirection direction,
+   NetClientState *sender,
+   unsigned flags,
+   const struct iovec *iov,
+   int iovcnt,
+   NetPacketSent *sent_cb);
+
 #endif /* QEMU_NET_FILTER_H */
diff --git a/net/filter.c b/net/filter.c
index d406259..147c57f 100644
--- a/net/filter.c
+++ b/net/filter.c
@@ -15,6 +15,23 @@
 #include "net/vhost_net.h"
 #include "qom/object_interfaces.h"
 
+ssize_t qemu_netfilter_receive(NetFilterState *nf,
+   NetFilterDirection direction,
+   NetClientState *sender,
+   unsigned flags,
+   const struct iovec *iov,
+   int iovcnt,
+   NetPacketSent *sent_cb)
+{
+if (nf->direction == direction ||
+nf->direction == NET_FILTER_DIRECTION_ALL) {
+return NETFILTER_GET_CLASS(OBJECT(nf))->receive_iov(
+   nf, sender, flags, iov, iovcnt, sent_cb);
+}
+
+return 0;
+}
+
 static char *netfilter_get_netdev_id(Object *obj, Error **errp)
 {
 NetFilterState *nf = NETFILTER(obj);
diff --git a/net/net.c b/net/net.c
index 033f4f3..e27643d 100644
--- a/net/net.c
+++ b/net/net.c
@@ -561,6 +561,44 @@ int qemu_can_send_packet(NetClientState *sender)
 return 1;
 }
 
+static ssize_t filter_receive_iov(NetClientState *nc,
+  NetFilterDirection direction,
+  NetClientState *sender,
+  unsigned flags,
+  const struct iovec *iov,
+  int iovcnt,
+  NetPacketSent *sent_cb)
+{
+ssize_t ret = 0;
+NetFilterState *nf = NULL;
+
+QTAILQ_FOREACH(nf, >filters, next) {
+ret = qemu_netfilter_receive(nf, direction, sender, flags, iov,
+ iovcnt, sent_cb);
+if (ret) {
+return ret;
+}
+}
+
+return ret;
+}
+
+static ssize_t filter_receive(NetClientState *nc,
+  NetFilterDirection direction,
+  NetClientState *sender,
+  unsigned flags,
+  const uint8_t *data,
+  size_t size,
+  NetPacketSent *sent_cb)
+{
+struct iovec iov = {
+.iov_base = (void *)data,
+.iov_len = size
+};
+
+return filter_receive_iov(nc, direction, sender, flags, , 1, sent_cb);
+}
+
 ssize_t qemu_deliver_packet(NetClientState *sender,
 unsigned flags,
 const uint8_t *data,
@@ -632,6 +670,7 @@ static ssize_t 
qemu_send_packet_async_with_flags(NetClientState *sender,
  NetPacketSent *sent_cb)
 {
 NetQueue *queue;
+int ret;
 
 #ifdef DEBUG_NET
 printf("qemu_send_packet_async:\n");
@@ -642,6 +681,19 @@ static ssize_t 
qemu_send_packet_async_with_flags(NetClientState *sender,
 return size;
 }
 
+/* Let filters handle the packet first */
+ret = filter_receive(sender, NET_FILTER_DIRECTION_TX,
+ sender, flags, buf, size, sent_cb);
+if (ret) {
+return ret;
+}
+
+ret = filter_receive(sender->peer, NET_FILTER_DIRECTION_RX,
+ sender, flags, buf, size, sent_cb);
+if (ret) {
+return ret;
+}
+
 queue = sender->peer->incoming_queue;
 
 return qemu_net_queue_send(queue, sender, flags, buf, size, sent_cb);
@@ -712,11 +764,25 @@ ssize_t qemu_sendv_packet_async(NetClientState *sender,
 NetPacketSent *sent_cb)
 {
 NetQueue *queue;
+int ret;
 
 if (sender->link_down || !sender->peer) {
 return iov_size(iov, iovcnt);
 }
 
+/* Let filters handle the packet first */
+ret = filter_receive_iov(sender, NET_FILTER_DIRECTION_TX, sender,
+ QEMU_NET_PACKET_FLAG_NONE, iov, iovcnt, sent_cb);
+if (ret) {
+

[Qemu-devel] [PULL 12/14] net/queue: export qemu_net_queue_append_iov

[Jason Wang]

From: Yang Hongyang 

This will be used by buffer filter implementation later to
queue packets.

Signed-off-by: Yang Hongyang 
Reviewed-by: Thomas Huth 
Signed-off-by: Jason Wang 
---
 include/net/queue.h |  7 +++
 net/queue.c | 12 ++--
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/include/net/queue.h b/include/net/queue.h
index b4a7183..5469fdb 100644
--- a/include/net/queue.h
+++ b/include/net/queue.h
@@ -47,6 +47,13 @@ typedef ssize_t (NetQueueDeliverFunc)(NetClientState *sender,
 
 NetQueue *qemu_new_net_queue(NetQueueDeliverFunc *deliver, void *opaque);
 
+void qemu_net_queue_append_iov(NetQueue *queue,
+   NetClientState *sender,
+   unsigned flags,
+   const struct iovec *iov,
+   int iovcnt,
+   NetPacketSent *sent_cb);
+
 void qemu_del_net_queue(NetQueue *queue);
 
 ssize_t qemu_net_queue_send(NetQueue *queue,
diff --git a/net/queue.c b/net/queue.c
index 16dddf0..de8b9d3 100644
--- a/net/queue.c
+++ b/net/queue.c
@@ -112,12 +112,12 @@ static void qemu_net_queue_append(NetQueue *queue,
 QTAILQ_INSERT_TAIL(>packets, packet, entry);
 }
 
-static void qemu_net_queue_append_iov(NetQueue *queue,
-  NetClientState *sender,
-  unsigned flags,
-  const struct iovec *iov,
-  int iovcnt,
-  NetPacketSent *sent_cb)
+void qemu_net_queue_append_iov(NetQueue *queue,
+   NetClientState *sender,
+   unsigned flags,
+   const struct iovec *iov,
+   int iovcnt,
+   NetPacketSent *sent_cb)
 {
 NetPacket *packet;
 size_t max_len = 0;
-- 
2.1.4

Re: [Qemu-devel] [PATCH v7 10/14] qapi: Detect collisions in C member names

[Markus Armbruster]

Eric Blake  writes:

> On 10/09/2015 08:11 AM, Markus Armbruster wrote:
>> Eric Blake  writes:
>> 
>>> Detect attempts to declare two object members that would result
>>> in the same C member name, by keying the 'seen' dictionary off
>>> of the C name rather than the qapi name.  It also requires passing
>>> info through some of the check() methods.
>>>
>>> This fixes two previously-broken tests, and the resulting error
>>> messages demonstrate the utility of the .describe() method added
>>> previously.  No change to generated code.
>>>
>>> Signed-off-by: Eric Blake 
>>>
>
>>> +++ b/tests/qapi-schema/args-name-clash.err
>>> @@ -0,0 +1 @@
>>> +tests/qapi-schema/args-name-clash.json:5: 'a_b' (member of oops
>>> arguments) collides with 'a-b' (member of oops arguments)
>> 
>> "(argument of oops)" would be better, but "(member of oops arguments)"
>> will do.
>
> May be possible to tweak the describe() function in the previous commit
> along those lines, especially since I'm already tweaking it to not have
> space in the generated name.  I'll have to play with it.

At some point, implementation simplicity trumps error message polish.
Use your judgement.

Re: [Qemu-devel] [PATCH v3 00/32] implement vNVDIMM

[Xiao Guangrong]

On 10/12/2015 04:20 PM, Igor Mammedov wrote:

On Mon, 12 Oct 2015 11:06:20 +0800
Xiao Guangrong  wrote:




On 10/12/2015 10:59 AM, Bharata B Rao wrote:

Xiao,

Are these patches present in any git tree so that they can be easily tried out.



Sorry, currently no git tree out of my workspace is available :(

Is it possible for you to put working tree on github?


Yes. I am planning do this. Hopefully, i will publish the git repo alone with 
the
new version patchset.

Re: [Qemu-devel] Stick to loops

[Paolo Bonzini]

On 12/10/2015 12:00, Daniel P. Berrange wrote:
> I don't think your example here is a reasonable comparison when you consider
> the full extent of this patch series. You are only having to iterate over a
> single data structure here. At the end of this patch series we have to
> iterate over multiple data structures spread across the object instance
> and class hierarchy, so writing a 'next' like method is not as trivial
> as you suggest with this comparison.
> 
> > Higher-order functions are a wonderful tool if the language is equipped
> > for them.  In Lisp, for instance, you'd have everything in one place and
> > no need for the awkward marshalling and unmarshalling of arguments,
> > thanks to nested functions.
> > 
> > In C, stick to loops.  That's what the language supports.
> 
> You're really arguing against use of function callbacks in general with
> this comparison to LISP. I don't think that's really practical in the
> real world, as any integration with event loop needs callbacks, which
> share al the same limitations as callbacks used with this foreach()
> style iterator. Given this I don't think banning use of callbacks in
> one specific scenario is really beneficial in general - its really
> just a personal style choice.

I agree with Eric that in general loops are better than callbacks.
However, there are cases where iterators are just as awkward to write.
Considering that we have very few iterations on properties, I think your
patches are fine.

Paolo

Re: [Qemu-devel] [PATCH] qmp-commands.hx: Update the supported 'transaction' operations

[Kashyap Chamarthy]

[Sorry, I noticed your question only just now, as I was briefly away
from this list.]

On Fri, Oct 02, 2015 at 07:59:48PM +0200, Max Reitz wrote:
> On 02.10.2015 14:12, Kashyap Chamarthy wrote:
> > Although the canonical source of reference for QMP commands is
> > qapi-schema.json, for consistency's sake, update qmp-commands.hx to
> > state the list of supported transactionable operations, namely:
> > 
> > drive-backup
> > blockdev-backup
> > blockdev-snapshot-internal-sync
> > abort
> > block-dirty-bitmap-add
> > block-dirty-bitmap-clear
> > 
> > Also update the possible values for the "type" action array.
> > 
> > Signed-off-by: Kashyap Chamarthy 
> > Reviewed-by: Eric Blake 
> > ---
> > In v8 ("v8" because Fam included this as part of a series that is
> > in its "v7" edition):
> >  - Update the possible values for supported 'type' of operation
> > ---
> >  qmp-commands.hx | 29 ++---
> >  1 file changed, 22 insertions(+), 7 deletions(-)
> > 
> > diff --git a/qmp-commands.hx b/qmp-commands.hx
> > index 
> > d2ba800d5effaddcae4c437452ef1f67c0a9..2b52980cfc2f80904a3c7375a382b638e8a51161
> >  100644
> > --- a/qmp-commands.hx
> > +++ b/qmp-commands.hx
> > @@ -1270,11 +1270,22 @@ SQMP
> >  transaction
> >  ---
> >  
> > -Atomically operate on one or more block devices.  The only supported 
> > operations
> > -for now are drive-backup, internal and external snapshotting.  A list of
> > -dictionaries is accepted, that contains the actions to be performed.
> > -If there is any failure performing any of the operations, all operations
> > -for the group are abandoned.
> > +Atomically operate on one or more block devices.  Operations that are
> > +currently supported:
> > +
> > +- drive-backup
> > +- blockdev-backup
> > +- blockdev-snapshot-sync
> > +- blockdev-snapshot-internal-sync
> > +- abort
> > +- block-dirty-bitmap-add
> > +- block-dirty-bitmap-clear
> > +
> > +Refer to the qemu/qapi-schema.json file for minimum required QEMU
> > +versions for these operations.  A list of dictionaries is accepted,
> > +that contains the actions to be performed.  If there is any failure
> > +performing any of the operations, all operations for the group are
> > +abandoned.
> >  
> >  For external snapshots, the dictionary contains the device, the file to 
> > use for
> >  the new snapshot, and the format.  The default format, if not specified, is
> > @@ -1301,8 +1312,12 @@ it later with qemu-img or other command.
> >  Arguments:
> >  
> >  actions array:
> > -- "type": the operation to perform.  The only supported
> > -  value is "blockdev-snapshot-sync". (json-string)
> > +- "type": the operation to perform (json-string).  Possible
> > +  values: "drive-backup", "blockdev-backup",
> > +  "blockdev-snapshot-sync",
> > +  "blockdev-snapshot-internal-sync",
> > +  "abort", "block-dirty-bitmap-add",
> > +  "block-dirty-bitmap-clear"
> >  - "data": a dictionary.  The contents depend on the value
> >of "type".  When "type" is "blockdev-snapshot-sync":
> >- "device": device name to snapshot (json-string)
> > 
> 
> Do you want to extend this list, too? Right now it only contains
> parameter information for blockdev-snapshot-sync and
> blockdev-snapshot-internal-sync.

You mean, all the parameters for rest of the transactionable commands
that one can possibly add (taking block-core.json)?

E.g. for 'drive-backup' command, all the possible data ('device',
target', 'format', 'sync', etc) one can provide (which are enumerated in
the DriveBackup struct):


$ less qapi/block-core.json
[...]
{ 'struct': 'DriveBackup',
  'data': { 'device': 'str', 'target': 'str', '*format': 'str',
'sync': 'MirrorSyncMode', '*mode': 'NewImageMode',
'*speed': 'int', '*bitmap': 'str',
'*on-source-error': 'BlockdevOnError',
'*on-target-error': 'BlockdevOnError' } }
[...]

And, data provided by 'BlockdevBackup' struct for 'blockdev-backup', so
on.

If so, I can do try that if that's the preferred way, but maybe it can
be done as a separate commit, since it's been that way for a while?  


-- 
/kashyap

Re: [Qemu-devel] [PATCH 0/3] Use glib 2.26 version macros

[Cornelia Huck]

On Mon, 12 Oct 2015 12:54:56 +0200
marcandre.lur...@redhat.com wrote:

> From: Marc-André Lureau 
> 
> Bump glib requirement to be able to use the GLIB_VERSION macros.
> 
> Marc-André Lureau (3):
>   hw/acpi/aml-build: remove useless glib version check
>   configure: require glib 2.26
>   Remove glib < 2.26 compatibility code
> 
>  configure   | 5 +++--
>  hw/acpi/aml-build.c | 2 --
>  include/glib-compat.h   | 4 
>  tests/vhost-user-test.c | 4 
>  4 files changed, 3 insertions(+), 12 deletions(-)
> 

Apologies if I missed some discussions, but isn't SLES 11 still at
2.22? (The SLES 11 system I used has been upgraded to SLES 12, so I
can't check myself.)

Do we still aim to be able to build on any still-supported enterprise
distro?

[Qemu-devel] [PATCH v2 09/16] io: add helper module for creating watches on FDs

[Daniel P. Berrange]

A number of the channel implementations will require the
ability to create watches on file descriptors / sockets.
To avoid duplicating this code in each channel, provide a
helper API for dealing with file descriptor watches.

There are two watch implementations provided. The first
is useful for bi-directional file descriptors such as
sockets, regular files, character devices, etc. The
second works with a pair of unidirectional file descriptors
such as pipes.

Signed-off-by: Daniel P. Berrange 
---
 include/io/channel-watch.h |  72 
 io/Makefile.objs   |   1 +
 io/channel-watch.c | 200 +
 3 files changed, 273 insertions(+)
 create mode 100644 include/io/channel-watch.h
 create mode 100644 io/channel-watch.c

diff --git a/include/io/channel-watch.h b/include/io/channel-watch.h
new file mode 100644
index 000..656358a
--- /dev/null
+++ b/include/io/channel-watch.h
@@ -0,0 +1,72 @@
+/*
+ * QEMU I/O channels watch helper APIs
+ *
+ * Copyright (c) 2015 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ *
+ */
+
+#ifndef QIO_CHANNEL_WATCH_H__
+#define QIO_CHANNEL_WATCH_H__
+
+#include "io/channel.h"
+
+/*
+ * This module provides helper functions that will be needed by
+ * the various QIOChannel implementations, for creating watches
+ * on file descriptors / sockets
+ */
+
+/**
+ * qio_channel_create_fd_watch:
+ * @ioc: the channel object
+ * @fd: the file descriptor
+ * @condition: the I/O condition
+ *
+ * Create a new main loop source that is able to
+ * monitor the file descriptor @fd for the
+ * I/O conditions in @condition. This is able
+ * monitor block devices, character devices,
+ * sockets, pipes but not plain files.
+ *
+ * Returns: the new main loop source
+ */
+GSource *qio_channel_create_fd_watch(QIOChannel *ioc,
+ int fd,
+ GIOCondition condition);
+
+/**
+ * qio_channel_create_fd_pair_watch:
+ * @ioc: the channel object
+ * @fdread: the file descriptor for reading
+ * @fdwrite: the file descriptor for writing
+ * @condition: the I/O condition
+ *
+ * Create a new main loop source that is able to
+ * monitor the pair of file descriptors @fdread
+ * and @fdwrite for the I/O conditions in @condition.
+ * This is intended for monitoring unidirectional
+ * file descriptors such as pipes, where a pair
+ * of descriptors is required for bidirectional
+ * I/O
+ *
+ * Returns: the new main loop source
+ */
+GSource *qio_channel_create_fd_pair_watch(QIOChannel *ioc,
+  int fdread,
+  int fdwrite,
+  GIOCondition condition);
+
+#endif /* QIO_CHANNEL_WATCH_H__ */
diff --git a/io/Makefile.objs b/io/Makefile.objs
index a6ed361..b02ea90 100644
--- a/io/Makefile.objs
+++ b/io/Makefile.objs
@@ -1 +1,2 @@
 io-obj-y = channel.o
+io-obj-y += channel-watch.o
diff --git a/io/channel-watch.c b/io/channel-watch.c
new file mode 100644
index 000..9564605
--- /dev/null
+++ b/io/channel-watch.c
@@ -0,0 +1,200 @@
+/*
+ * QEMU I/O channels watch helper APIs
+ *
+ * Copyright (c) 2015 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ *
+ */
+
+#include "io/channel-watch.h"
+
+typedef struct QIOChannelFDSource QIOChannelFDSource;
+struct QIOChannelFDSource {
+GSource parent;
+GPollFD fd;
+QIOChannel *ioc;
+GIOCondition condition;
+};
+
+
+typedef struct QIOChannelFDPairSource QIOChannelFDPairSource;
+struct QIOChannelFDPairSource {
+GSource parent;
+GPollFD fdread;
+GPollFD fdwrite;
+QIOChannel *ioc;
+GIOCondition condition;
+};
+

[Qemu-devel] [PATCH v2 06/16] coroutine: move into libqemuutil.a library

[Daniel P. Berrange]

The coroutine files are currently referenced by the block-obj-y
variable. The coroutine functionality though is already used by
more than just the block code. eg migration code uses coroutine
yield. In the future the I/O channel code will also use the
coroutine yield functionality. Since the coroutine code is nicely
self-contained it can be easily built as part of the libqemuutil.a
library, making it widely available.

The headers are also moved into include/qemu, instead of the
include/block directory, since they are now part of the util
codebase, and the impl was never in the block/ directory
either.

Signed-off-by: Daniel P. Berrange 
---
 MAINTAINERS | 7 +++
 Makefile.objs   | 4 
 block.c | 2 +-
 block/qcow2.h   | 2 +-
 block/vdi.c | 2 +-
 block/write-threshold.c | 2 +-
 blockjob.c  | 2 +-
 hw/9pfs/codir.c | 2 +-
 hw/9pfs/cofile.c| 2 +-
 hw/9pfs/cofs.c  | 2 +-
 hw/9pfs/coxattr.c   | 2 +-
 hw/9pfs/virtio-9p-coth.c| 2 +-
 hw/9pfs/virtio-9p-coth.h| 2 +-
 hw/9pfs/virtio-9p.h | 2 +-
 include/block/block.h   | 2 +-
 include/block/block_int.h   | 2 +-
 include/{block => qemu}/coroutine.h | 0
 include/{block => qemu}/coroutine_int.h | 2 +-
 migration/qemu-file-buf.c   | 2 +-
 migration/qemu-file-stdio.c | 2 +-
 migration/qemu-file-unix.c  | 2 +-
 migration/qemu-file.c   | 2 +-
 migration/rdma.c| 2 +-
 nbd.c   | 2 +-
 tests/test-coroutine.c  | 4 ++--
 tests/test-vmstate.c| 2 +-
 thread-pool.c   | 2 +-
 util/Makefile.objs  | 3 +++
 coroutine-gthread.c => util/coroutine-gthread.c | 2 +-
 coroutine-sigaltstack.c => util/coroutine-sigaltstack.c | 2 +-
 coroutine-ucontext.c => util/coroutine-ucontext.c   | 2 +-
 coroutine-win32.c => util/coroutine-win32.c | 2 +-
 qemu-coroutine-io.c => util/qemu-coroutine-io.c | 2 +-
 qemu-coroutine-lock.c => util/qemu-coroutine-lock.c | 4 ++--
 qemu-coroutine-sleep.c => util/qemu-coroutine-sleep.c   | 2 +-
 qemu-coroutine.c => util/qemu-coroutine.c   | 4 ++--
 36 files changed, 45 insertions(+), 39 deletions(-)
 rename include/{block => qemu}/coroutine.h (100%)
 rename include/{block => qemu}/coroutine_int.h (98%)
 rename coroutine-gthread.c => util/coroutine-gthread.c (99%)
 rename coroutine-sigaltstack.c => util/coroutine-sigaltstack.c (99%)
 rename coroutine-ucontext.c => util/coroutine-ucontext.c (99%)
 rename coroutine-win32.c => util/coroutine-win32.c (98%)
 rename qemu-coroutine-io.c => util/qemu-coroutine-io.c (99%)
 rename qemu-coroutine-lock.c => util/qemu-coroutine-lock.c (98%)
 rename qemu-coroutine-sleep.c => util/qemu-coroutine-sleep.c (96%)
 rename qemu-coroutine.c => util/qemu-coroutine.c (98%)

diff --git a/MAINTAINERS b/MAINTAINERS
index 9bde832..426d0ba 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1141,6 +1141,13 @@ F: crypto/
 F: include/crypto/
 F: tests/test-crypto-*
 
+Coroutines
+M: Stefan Hajnoczi 
+M: Kevin Wolf 
+F: util/*coroutine*
+F: include/qemu/coroutine*
+F: tests/test-coroutine.c
+
 Usermode Emulation
 --
 Overall
diff --git a/Makefile.objs b/Makefile.objs
index bc43e5c..ecfe03c 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -15,10 +15,6 @@ block-obj-$(CONFIG_WIN32) += aio-win32.o
 block-obj-y += block/
 block-obj-y += qemu-io-cmds.o
 
-block-obj-y += qemu-coroutine.o qemu-coroutine-lock.o qemu-coroutine-io.o
-block-obj-y += qemu-coroutine-sleep.o
-block-obj-y += coroutine-$(CONFIG_COROUTINE_BACKEND).o
-
 block-obj-m = block/
 
 ###
diff --git a/block.c b/block.c
index 1f90b47..dfbee19 100644
--- a/block.c
+++ b/block.c
@@ -33,7 +33,7 @@
 #include "sysemu/block-backend.h"
 #include "sysemu/sysemu.h"
 #include "qemu/notify.h"
-#include "block/coroutine.h"
+#include "qemu/coroutine.h"
 #include "block/qapi.h"
 #include "qmp-commands.h"
 #include "qemu/timer.h"
diff --git a/block/qcow2.h b/block/qcow2.h
index d700bf1..27b919c 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ 

[Qemu-devel] [PATCH v2 07/16] util: pull Buffer code out of VNC module

[Daniel P. Berrange]

The Buffer code in the VNC server is useful for the IO channel
code, so pull it out into a shared module, QIOBuffer.

Signed-off-by: Daniel P. Berrange 
---
 MAINTAINERS   |   6 +++
 include/qemu/buffer.h | 118 ++
 ui/vnc.c  |  43 --
 ui/vnc.h  |  16 +--
 util/Makefile.objs|   1 +
 util/buffer.c |  65 +++
 6 files changed, 191 insertions(+), 58 deletions(-)
 create mode 100644 include/qemu/buffer.h
 create mode 100644 util/buffer.c

diff --git a/MAINTAINERS b/MAINTAINERS
index 426d0ba..0bcf85b 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1148,6 +1148,12 @@ F: util/*coroutine*
 F: include/qemu/coroutine*
 F: tests/test-coroutine.c
 
+Buffers
+M: Daniel P. Berrange 
+S: Odd fixes
+F: util/buffer.c
+F: include/qemu/buffer.h
+
 Usermode Emulation
 --
 Overall
diff --git a/include/qemu/buffer.h b/include/qemu/buffer.h
new file mode 100644
index 000..b380cec
--- /dev/null
+++ b/include/qemu/buffer.h
@@ -0,0 +1,118 @@
+/*
+ * QEMU generic buffers
+ *
+ * Copyright (c) 2015 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see .
+ *
+ */
+
+#ifndef QEMU_BUFFER_H__
+#define QEMU_BUFFER_H__
+
+#include "qemu-common.h"
+
+typedef struct Buffer Buffer;
+
+/**
+ * Buffer:
+ *
+ * The Buffer object provides a simple dynamically resizing
+ * array, with separate tracking of capacity and usage. This
+ * is typically useful when buffering I/O or processing data.
+ */
+
+struct Buffer {
+size_t capacity;
+size_t offset;
+uint8_t *buffer;
+};
+
+/**
+ * buffer_reserve:
+ * @buffer: the buffer object
+ * @len: the minimum required free space
+ *
+ * Ensure that the buffer has space allocated for at least
+ * @len bytes. If the current buffer is too small, it will
+ * be reallocated, possibly to a larger size than requested.
+ */
+void buffer_reserve(Buffer *buffer, size_t len);
+
+/**
+ * buffer_reset:
+ * @buffer: the buffer object
+ *
+ * Reset the length of the stored data to zero, but do
+ * not free / reallocate the memory buffer
+ */
+void buffer_reset(Buffer *buffer);
+
+/**
+ * buffer_free:
+ * @buffer: the buffer object
+ *
+ * Reset the length of the stored data to zero and also
+ * free the internal memory buffer
+ */
+void buffer_free(Buffer *buffer);
+
+/**
+ * buffer_append:
+ * @buffer: the buffer object
+ * @data: the data block to append
+ * @len: the length of @data in bytes
+ *
+ * Append the contents of @data to the end of the buffer.
+ * The caller must ensure that the buffer has sufficient
+ * free space for @len bytes, typically by calling the
+ * buffer_reserve() method prior to appending.
+ */
+void buffer_append(Buffer *buffer, const void *data, size_t len);
+
+/**
+ * buffer_advance:
+ * @buffer: the buffer object
+ * @len: the number of bytes to skip
+ *
+ * Remove @len bytes of data from the head of the buffer.
+ * The internal buffer will not be reallocated, so will
+ * have at least @len bytes of free space after this
+ * call completes
+ */
+void buffer_advance(Buffer *buffer, size_t len);
+
+/**
+ * buffer_end:
+ * @buffer: the buffer object
+ *
+ * Get a pointer to the tail end of the internal buffer
+ * The returned pointer is only valid until the next
+ * call to buffer_reserve().
+ *
+ * Returns: the tail of the buffer
+ */
+uint8_t *buffer_end(Buffer *buffer);
+
+/**
+ * buffer_empty:
+ * @buffer: the buffer object
+ *
+ * Determine if the buffer contains any current data
+ *
+ * Returns: true if the buffer holds data, false otherwise
+ */
+gboolean buffer_empty(Buffer *buffer);
+
+#endif /* QEMU_BUFFER_H__ */
diff --git a/ui/vnc.c b/ui/vnc.c
index 952e551..e8c8dc0 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -647,49 +647,6 @@ void vnc_framebuffer_update(VncState *vs, int x, int y, 
int w, int h,
 vnc_write_s32(vs, encoding);
 }
 
-void buffer_reserve(Buffer *buffer, size_t len)
-{
-if ((buffer->capacity - buffer->offset) < len) {
-buffer->capacity += (len + 1024);
-buffer->buffer = g_realloc(buffer->buffer, buffer->capacity);
-}
-}
-
-static int buffer_empty(Buffer *buffer)
-{
-return buffer->offset == 0;
-}
-
-uint8_t *buffer_end(Buffer *buffer)
-{
-return buffer->buffer + buffer->offset;
-}
-
-void buffer_reset(Buffer 

Re: [Qemu-devel] [Qemu-block] [PATCH v5 3/4] qmp: add monitor command to add/remove a child

[Kevin Wolf]

Am 09.10.2015 um 20:24 hat Max Reitz geschrieben:
> On 09.10.2015 18:42, Dr. David Alan Gilbert wrote:
> > * Max Reitz (mre...@redhat.com) wrote:
> >> On 08.10.2015 08:15, Markus Armbruster wrote:
> >>> Max Reitz  writes:
> >>>
>  On 22.09.2015 09:44, Wen Congyang wrote:
> > The new QMP command name is x-blockdev-child-add, and 
> > x-blockdev-child-del.
> > It justs for adding/removing quorum's child now, and don't support all
> > kinds of children,
> 
>  It does support all kinds of children for quorum, doesn't it?
> 
> >nor all block drivers. So it is experimental now.
> 
>  Well, that is not really a reason why we would have to make it
>  experimental. For instance, blockdev-add (although some might argue it
>  actually is experimental...) doesn't support all block drivers either.
> >>>
> >>> Yup, and not calling it x-blockdev-add until it's done was a mistake.
> >>> People tried using it, then found its current limitations the painful
> >>> way.  Not nice.
> >>
> >> I knew I should have written s/some might/Markus does/. ;-)
> >>
>  The reason I am hesitant of adding an experimental QMP interface that is
>  actually visible to the user (compare x-image in blkverify and blkdebug,
>  which are not documented and not to be used by the user) is twofold:
> 
>  (1) At some point we have to say "OK, this is good enough now" and make
>  it stable. What would that point be? Who can guarantee that we
>  wouldn't want to make any interface changes after that point?
> >>>
> >>> Nobody can, just like for any other interface.  So?
> >>
> >> The main question is "what would that point be". As I can see you're
> >> arguing that that point would be "once people want to use it", but I'm
> >> arguing that people want to use it today or we wouldn't need this
> >> interface at all.
> >>
> >> I'm against adding external experimental interface because having
> >> external interface indicates that someone wants to use them, but making
> >> them experimental indicates that nobody should use them.
> >>
> >> This interface is added for the COLO series. The documentation added in
> >> patch 5 there explains usage of COLO with x-child-add. I don't think
> >> that should be there, because it's experimental. But why have an
> >> external interface if nobody should use it anyway?
> > 
> > Because it lets people move forward; the COLO series is pretty huge, there
> > already seem to be side discussions spawning off about dynamic 
> > reconfiguration
> > of stuff, who knows how long those will take to pan out.
> 
> Yes, and my point is that with these functions
> (blockdev-child-{add,del}) the result of that side discussion doesn't
> matter.
> 
> > Adding the experimental stuff makes it easier for people to try and
> > get some feedback on.
> 
> The thing is, I cannot imagine any feedback that would necessitate an
> incompatible change. “I want to change quorum's options while
> adding/removing children” can easily be accomplished with an additional
> optional parameter.
> 
> But I do know that we want to keep things experimental exactly because
> there can be feedback which I cannot imagine right now.
> 
> > If everyone turns out to love it then it only takes a trivial patch to 
> > promote
> > it; if people actually realise there is a better interface then it's
> > no problem to change it either - x- doesn't stop any one using it,
> 
> But it should, shouldn't it? No management tool should be using an x-
> command, as far as I know. And these are functions which are clearly
> designed for management tools.

It should stop people from using it in production, but it shouldn't stop
them from using it for development and testing.

We know that child-add/del is probably not the interface that we want to
have in the end (and I would like to avoid accumulating tons of
compatibility commands once we have what we want).

If the COLO people say that they need an experimental command in order
to make progress, that's fine with me. I think we'll all agree that
while 'blockdev-add' can't reasonably be used in production yet, without
it we couldn't have made much of the progress in the block layer that we
made in the past year. If COLO people are in the same situation, let's
give them what they need, without setting an unwanted interface in
stone.

> If management tools are indeed free to use x- functions, then I'm
> completely fine with making these experimental for now. It's just that
> it looks to me like “Hey, look, we have these two new functions you can
> use!” and then, two versions later we remove them because we have a
> general reconfiguration option, and we'll say “It's your own fault for
> using experimental functions” if someone complains. That sounds
> hypocritical to me, but I'm probably being to “legal” here.

Experimental features in management tools (e.g. in some feature branch)
can use them, they just 

Re: [Qemu-devel] [PATCH 05/12] aio: introduce aio_{disable, enable}_clients

[Kevin Wolf]

Am 09.10.2015 um 18:27 hat Fam Zheng geschrieben:
> On Fri, 10/09 16:31, Kevin Wolf wrote:
> > Am 09.10.2015 um 07:45 hat Fam Zheng geschrieben:
> > > Signed-off-by: Fam Zheng 
> > > ---
> > >  aio-posix.c |  3 ++-
> > >  aio-win32.c |  3 ++-
> > >  async.c | 42 ++
> > >  include/block/aio.h | 30 ++
> > >  4 files changed, 76 insertions(+), 2 deletions(-)
> > > 
> > > diff --git a/aio-posix.c b/aio-posix.c
> > > index d25fcfc..a261892 100644
> > > --- a/aio-posix.c
> > > +++ b/aio-posix.c
> > > @@ -261,7 +261,8 @@ bool aio_poll(AioContext *ctx, bool blocking)
> > >  
> > >  /* fill pollfds */
> > >  QLIST_FOREACH(node, >aio_handlers, node) {
> > > -if (!node->deleted && node->pfd.events) {
> > > +if (!node->deleted && node->pfd.events
> > > +&& !aio_type_disabled(ctx, node->type)) {
> > >  add_pollfd(node);
> > >  }
> > >  }
> > > diff --git a/aio-win32.c b/aio-win32.c
> > > index f5ecf57..66cff60 100644
> > > --- a/aio-win32.c
> > > +++ b/aio-win32.c
> > > @@ -309,7 +309,8 @@ bool aio_poll(AioContext *ctx, bool blocking)
> > >  /* fill fd sets */
> > >  count = 0;
> > >  QLIST_FOREACH(node, >aio_handlers, node) {
> > > -if (!node->deleted && node->io_notify) {
> > > +if (!node->deleted && node->io_notify
> > > +&& !aio_type_disabled(ctx, node->type)) {
> > >  events[count++] = event_notifier_get_handle(node->e);
> > >  }
> > >  }
> > > diff --git a/async.c b/async.c
> > > index 244bf79..855b9d5 100644
> > > --- a/async.c
> > > +++ b/async.c
> > > @@ -361,3 +361,45 @@ void aio_context_release(AioContext *ctx)
> > >  {
> > >  rfifolock_unlock(>lock);
> > >  }
> > > +
> > > +bool aio_type_disabled(AioContext *ctx, int type)
> > > +{
> > > +int i = 1;
> > > +int n = 0;
> > > +
> > > +while (type) {
> > > +bool b = type & 0x1;
> > > +type >>= 1;
> > > +n++;
> > 
> > Any specific reason for leaving client_disable_counters[0] unused?
> 
> No, I should have started from 0.
> 
> > 
> > > +i <<= 1;
> > 
> > i is never read.
> > 
> > > +if (!b) {
> > > +continue;
> > > +}
> > > +if (ctx->client_disable_counters[n]) {
> > > +return true;
> > > +}
> > > +}
> > > +return false;
> > > +}
> > 
> > In general I wonder whether this function really needs to take a mask
> > with possibly multiple set bits instead of just a single type.
> 
> Previous versions used to have more types than "internal" and "external", so 
> it
> has been a mask. So yes, I think a single type will be better now.
> 
> > 
> > > +void aio_disable_enable_clients(AioContext *ctx, int clients_mask,
> > > +bool is_disable)
> > > +{
> > > +int i = 1;
> > > +int n = 0;
> > > +aio_context_acquire(ctx);
> > > +
> > > +while (clients_mask) {
> > > +bool b = clients_mask & 0x1;
> > > +clients_mask >>= 1;
> > > +n++;
> > > +i <<= 1;
> > 
> > This i isn't used either.
> > 
> > > +if (!b) {
> > > +continue;
> > > +}
> > > +if (ctx->client_disable_counters[n]) {
> > > +return true;
> > > +}
> > 
> > Wait, why are you checking the state instead of setting it?
> 
> Oops, apparent I screwed my workspaces as I do remember coding this 
> assignment.
> And I must have used a wrong command when building the tree so that I don't
> even catch the compiling error. :(
> 
> > 
> > How did you test this series?
> 
> So far only smoke testing and qemu-iotests, because I don't have a good idea 
> of
> testifying the transaction's atomicity. Any suggestions?

Perhaps you could use blkdebug to delay something in the middle of the
transaction while your guest keeps writing stuff? That should result in
100% reproducability.

I guess you actually need to make sure that your guest doesn't do any
I/O, then set the blkdebug breakpoint, send the transaction, and once a
request is stopped, you start some I/O in the guest. Resume as soon as
you know that something bad happened.

Possibly you need to add a new blkdebug event to find a good place to
suspend a transaction request.

Kevin

[Qemu-devel] [PATCH 1/1] log hmp/qmp command

[Denis V. Lunev]

From: Pavel Butsykin 

This log would be very welcome for long-term diagnostics of the system
in the production. This log is at least necessary to understand what
has been happened on the system and to identify issues at higher-level
subsystems (libvirt, etc).

Signed-off-by: Pavel Butsykin 
Signed-off-by: Denis V. Lunev 
CC: Markus Armbruster 
CC: Luiz Capitulino 
CC: Eric Blake 
---
 include/qemu/log.h | 1 +
 monitor.c  | 4 
 qemu-log.c | 1 +
 3 files changed, 6 insertions(+)

diff --git a/include/qemu/log.h b/include/qemu/log.h
index f880e66..dfb587e 100644
--- a/include/qemu/log.h
+++ b/include/qemu/log.h
@@ -41,6 +41,7 @@ static inline bool qemu_log_enabled(void)
 #define LOG_UNIMP  (1 << 10)
 #define LOG_GUEST_ERROR(1 << 11)
 #define CPU_LOG_MMU(1 << 12)
+#define LOG_CMD(1 << 13)
 
 /* Returns true if a bit is set in the current loglevel mask
  */
diff --git a/monitor.c b/monitor.c
index 4f1ba2f..a22a798 100644
--- a/monitor.c
+++ b/monitor.c
@@ -2848,6 +2848,8 @@ static void handle_hmp_command(Monitor *mon, const char 
*cmdline)
 QDict *qdict;
 const mon_cmd_t *cmd;
 
+qemu_log_mask(LOG_CMD, "hmp \"%s\" requested\n", cmdline);
+
 cmd = monitor_parse_command(mon, , mon->cmd_table);
 if (!cmd) {
 return;
@@ -3822,6 +3824,8 @@ static void handle_qmp_command(JSONMessageParser *parser, 
QList *tokens)
 error_setg(_err, QERR_JSON_PARSING);
 goto err_out;
 }
+qemu_log_mask(LOG_CMD, "qmp \"%s\" requested\n",
+  qobject_to_json(obj)->string);
 
 input = qmp_check_input_obj(obj, _err);
 if (!input) {
diff --git a/qemu-log.c b/qemu-log.c
index 13f3813..66b15ec 100644
--- a/qemu-log.c
+++ b/qemu-log.c
@@ -119,6 +119,7 @@ const QEMULogItem qemu_log_items[] = {
 { LOG_GUEST_ERROR, "guest_errors",
   "log when the guest OS does something invalid (eg accessing a\n"
   "non-existent register)" },
+{ LOG_CMD, "cmd", "log the hmp/qmp commands execution" },
 { 0, NULL, NULL },
 };
 
-- 
2.1.4

[Qemu-devel] [PATCH 01/21] qemu-char: cleanup qmp_chardev_add

[Paolo Bonzini]

Use the usual idioms for error propagation.

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 56 +++-
 1 file changed, 31 insertions(+), 25 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 653ea10..f51c0aa 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -4214,6 +4214,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 {
 ChardevReturn *ret = g_new0(ChardevReturn, 1);
 CharDriverState *base, *chr = NULL;
+Error *local_err = NULL;
 
 chr = qemu_chr_find(id);
 if (chr) {
@@ -4224,22 +4225,22 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 
 switch (backend->kind) {
 case CHARDEV_BACKEND_KIND_FILE:
-chr = qmp_chardev_open_file(backend->file, errp);
+chr = qmp_chardev_open_file(backend->file, _err);
 break;
 case CHARDEV_BACKEND_KIND_SERIAL:
-chr = qmp_chardev_open_serial(backend->serial, errp);
+chr = qmp_chardev_open_serial(backend->serial, _err);
 break;
 case CHARDEV_BACKEND_KIND_PARALLEL:
-chr = qmp_chardev_open_parallel(backend->parallel, errp);
+chr = qmp_chardev_open_parallel(backend->parallel, _err);
 break;
 case CHARDEV_BACKEND_KIND_PIPE:
 chr = qemu_chr_open_pipe(backend->pipe);
 break;
 case CHARDEV_BACKEND_KIND_SOCKET:
-chr = qmp_chardev_open_socket(backend->socket, errp);
+chr = qmp_chardev_open_socket(backend->socket, _err);
 break;
 case CHARDEV_BACKEND_KIND_UDP:
-chr = qmp_chardev_open_udp(backend->udp, errp);
+chr = qmp_chardev_open_udp(backend->udp, _err);
 break;
 #ifdef HAVE_CHARDEV_TTY
 case CHARDEV_BACKEND_KIND_PTY:
@@ -4252,7 +4253,7 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 case CHARDEV_BACKEND_KIND_MUX:
 base = qemu_chr_find(backend->mux->chardev);
 if (base == NULL) {
-error_setg(errp, "mux: base chardev %s not found",
+error_setg(_err, "mux: base chardev %s not found",
backend->mux->chardev);
 break;
 }
@@ -4290,11 +4291,11 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 break;
 case CHARDEV_BACKEND_KIND_RINGBUF:
 case CHARDEV_BACKEND_KIND_MEMORY:
-chr = qemu_chr_open_ringbuf(backend->ringbuf, errp);
+chr = qemu_chr_open_ringbuf(backend->ringbuf, _err);
 break;
 default:
 error_setg(errp, "unknown chardev backend (%d)", backend->kind);
-break;
+goto out_error;
 }
 
 /*
@@ -4303,25 +4304,30 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
  * error then.
  * TODO full conversion to Error API
  */
-if (chr == NULL && errp && !*errp) {
-error_setg(errp, "Failed to create chardev");
-}
-if (chr) {
-chr->label = g_strdup(id);
-chr->avail_connections =
-(backend->kind == CHARDEV_BACKEND_KIND_MUX) ? MAX_MUX : 1;
-if (!chr->filename) {
-chr->filename = g_strdup(ChardevBackendKind_lookup[backend->kind]);
-}
-if (!chr->explicit_be_open) {
-qemu_chr_be_event(chr, CHR_EVENT_OPENED);
+if (chr == NULL) {
+if (local_err) {
+error_propagate(errp, local_err);
+} else {
+error_setg(errp, "Failed to create chardev");
 }
-QTAILQ_INSERT_TAIL(, chr, next);
-return ret;
-} else {
-g_free(ret);
-return NULL;
+goto out_error;
+}
+
+chr->label = g_strdup(id);
+chr->avail_connections =
+(backend->kind == CHARDEV_BACKEND_KIND_MUX) ? MAX_MUX : 1;
+if (!chr->filename) {
+chr->filename = g_strdup(ChardevBackendKind_lookup[backend->kind]);
 }
+if (!chr->explicit_be_open) {
+qemu_chr_be_event(chr, CHR_EVENT_OPENED);
+}
+QTAILQ_INSERT_TAIL(, chr, next);
+return ret;
+
+out_error:
+g_free(ret);
+return NULL;
 }
 
 void qmp_chardev_remove(const char *id, Error **errp)
-- 
2.5.0

[Qemu-devel] [Bug 1505041] Re: Live snapshot revert times increases linearly with snapshot age

[Daniel Berrange]

I'm unsure why clock time would affect snapshot revert, but one thing to
note is that the general recommended timer settings for guest OS are
different from what you have. virt-manager/oVirt/OpenStack would all
set:


  
  
  


in general for all guest OS, and if they have new enough QEMU (>= 2.0.0)
+ libvirt (>= 1.2.2), they'd go further and for Windows guests would set
this



  
  
  
  


   
 
   
   
   
 
   

This is fairly important to ensure reliable guest OS clock operation. It
also avoids random BSOD on SMP guests from Windows 7 onwards.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1505041

Title:
  Live snapshot revert times increases linearly with snapshot age

Status in QEMU:
  New

Bug description:
  The WineTestBot (https://testbot.winehq.org/) uses QEmu live snapshots
  to ensure the Wine tests are always run in a pristine Windows
  environment. However the revert times keep increasing linearly with
  the age of the snapshot, going from tens of seconds to thousands.
  While the revert takes place the qemu process takes 100% of a core and
  there is no disk activity. Obviously waiting over 20 minutes before
  being able to run a 10 second test is not viable.

  Only some VMs are impacted. Based on libvirt's XML files the common
  point appears to be the presence of the following  tags:

  



  

  Where the unaffected VMs have the following clock definition instead:

  

  Yet shutting down the affected VMs, changing the clock definition,
  creating a live snapshot and trying to revert to it 6 months later
  results in slow revert times (>400 seconds).

  Changing the tickpolicy to catchup for rtc and/or pit has no effect on
  the revert time (and unsurprisingly causes the clock to run fast in
  the guest).

  
  To reproduce this problem do the following:
  * Create a Windows VM (either 32 or 64 bits). This is known to happen with at 
least Windows 2000, XP, 2003, 2008 and 10.
  * That VM will have the  tags shown above, with the possible addition 
of an hypervclock timer.
  * Shut down the VM.
  * date -s "2014/04/01"
  * Start the VM.
  * Take a live snapshot.
  * Shut down the VM.
  * date -s ""
  * Revert to the live snapshot.

  If the revert takes more than 2 minutes then there is a problem.

  
  A workaround is to set track='guest' on the rtc timer. This makes the revert 
fast and may even be the correct solution. But why is it not the default or 
better documented?
   * It setting track='wall' or omitting track, then the revert is slow and the 
clock in the guest is not updated.
   * It setting track='guest' the revert is fast and the clock in the guest is 
not updated.

  
  I found three past mentions of this issue but as far as I can tell none of 
them got anywhere:

  * [Qemu-discuss] massive slowdown for reverts after given amount of time on 
any newer versions
 https://lists.gnu.org/archive/html/qemu-discuss/2013-02/msg0.html

  * The above post references another one from 2011 wrt qemu 0.14:
 https://lists.gnu.org/archive/html/qemu-devel/2011-03/msg02645.html

  * Comment #9 of Launchpad bug 1174654 matches this slow revert issue. However
 the bug was really about another issue so this was not followed on.
 https://bugs.launchpad.net/qemu/+bug/1174654/comments/9

  
  I'm currently running into this issue with QEmu 2.1 but it looks like this 
bug has been there all along.
  1:2.1+dfsg-12+deb8u2 qemu-kvm
  1:2.1+dfsg-12+deb8u2 qemu-system-common
  1:2.1+dfsg-12+deb8u2 qemu-system-x86

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1505041/+subscriptions

[Qemu-devel] [PATCH v7 1/5] block: check for existing device IDs in external_snapshot_prepare()

[Alberto Garcia]

The 'snapshot-node-name' parameter of blockdev-snapshot-sync allows
setting the node name of the image that is going to be created.

Before creating the image, external_snapshot_prepare() checks that the
name is not already being used. The check is however incomplete since
it only considers existing node names, but node names must not clash
with device IDs either because they share the same namespace.

If the user attempts to create a snapshot using the name of an
existing device for the 'snapshot-node-name' parameter the operation
will eventually fail, but only after the new image has been created.

This patch replaces bdrv_find_node() with bdrv_lookup_bs() to extend
the check to existing device IDs, and thus detect possible name
clashes before the new image is created.

Signed-off-by: Alberto Garcia 
---
 blockdev.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/blockdev.c b/blockdev.c
index 4731843..0898d1f 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1570,8 +1570,9 @@ static void external_snapshot_prepare(BlkTransactionState 
*common,
 return;
 }
 
-if (has_snapshot_node_name && bdrv_find_node(snapshot_node_name)) {
-error_setg(errp, "New snapshot node name already existing");
+if (has_snapshot_node_name &&
+bdrv_lookup_bs(snapshot_node_name, snapshot_node_name, NULL)) {
+error_setg(errp, "New snapshot node name already in use");
 return;
 }
 
-- 
2.6.1

[Qemu-devel] [PATCH 0/3] aio: Use epoll in aio_poll()

[Fam Zheng]

This series adds the ability to use epoll in aio_poll() on Linux. It's switched
on in a dynamic way rather than static for two reasons: 1) when the number of
fds is not high enough, using epoll has little advantage; 2) when an epoll
incompatible fd needs to be handled, we need to fall back.  The epoll is
enabled when a fd number threshold is met.



Fam Zheng (3):
  aio: Move AioHandler struct to header
  aio: Introduce aio_context_setup
  aio: Introduce aio-epoll.c

 Makefile.objs|   1 +
 aio-epoll.c  | 150 +++
 aio-posix.c  |  31 +
 aio-win32.c  |  16 ++---
 async.c  |  14 +++-
 include/block/aio-internal.h |  47 ++
 include/block/aio.h  |   5 ++
 stubs/Makefile.objs  |   1 +
 stubs/aio-epoll.c|  37 +++
 9 files changed, 277 insertions(+), 25 deletions(-)
 create mode 100644 aio-epoll.c
 create mode 100644 include/block/aio-internal.h
 create mode 100644 stubs/aio-epoll.c

-- 
2.6.1

[Qemu-devel] [PATCH 1/3] aio: Move AioHandler struct to header

[Fam Zheng]

AioHandler for win32 is a superset of the counterpart in aio-posix, move that
to a new header "aio-internal.h" and drop the posix variation.

Signed-off-by: Fam Zheng 
---
 aio-posix.c  | 11 +--
 aio-win32.c  | 12 +---
 include/block/aio-internal.h | 30 ++
 3 files changed, 32 insertions(+), 21 deletions(-)
 create mode 100644 include/block/aio-internal.h

diff --git a/aio-posix.c b/aio-posix.c
index d477033..7ae54fc 100644
--- a/aio-posix.c
+++ b/aio-posix.c
@@ -17,16 +17,7 @@
 #include "block/block.h"
 #include "qemu/queue.h"
 #include "qemu/sockets.h"
-
-struct AioHandler
-{
-GPollFD pfd;
-IOHandler *io_read;
-IOHandler *io_write;
-int deleted;
-void *opaque;
-QLIST_ENTRY(AioHandler) node;
-};
+#include "block/aio-internal.h"
 
 static AioHandler *find_aio_handler(AioContext *ctx, int fd)
 {
diff --git a/aio-win32.c b/aio-win32.c
index 50a6867..f018934 100644
--- a/aio-win32.c
+++ b/aio-win32.c
@@ -19,17 +19,7 @@
 #include "block/block.h"
 #include "qemu/queue.h"
 #include "qemu/sockets.h"
-
-struct AioHandler {
-EventNotifier *e;
-IOHandler *io_read;
-IOHandler *io_write;
-EventNotifierHandler *io_notify;
-GPollFD pfd;
-int deleted;
-void *opaque;
-QLIST_ENTRY(AioHandler) node;
-};
+#include "block/aio-internal.h"
 
 void aio_set_fd_handler(AioContext *ctx,
 int fd,
diff --git a/include/block/aio-internal.h b/include/block/aio-internal.h
new file mode 100644
index 000..2ffbcdc
--- /dev/null
+++ b/include/block/aio-internal.h
@@ -0,0 +1,30 @@
+/*
+ * QEMU aio internal interface
+ *
+ * Copyright Red Hat, Inc. 2015
+ *
+ * Authors:
+ *  Fam Zheng 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef QEMU_AIO_INTERNAL_H
+#define QEMU_AIO_INTERNAL_H
+
+#include "block/aio.h"
+
+struct AioHandler {
+EventNotifier *e;
+IOHandler *io_read;
+IOHandler *io_write;
+EventNotifierHandler *io_notify;
+GPollFD pfd;
+int deleted;
+void *opaque;
+QLIST_ENTRY(AioHandler) node;
+};
+
+#endif
-- 
2.6.1

Re: [Qemu-devel] [PATCH 3/3] aio: Introduce aio-epoll.c

[Paolo Bonzini]

On 12/10/2015 11:55, Fam Zheng wrote:
> Signed-off-by: Fam Zheng 
> ---
>  Makefile.objs|   1 +
>  aio-epoll.c  | 150 
> +++
>  aio-posix.c  |  16 -
>  include/block/aio-internal.h |  15 +
>  include/block/aio.h  |   5 ++
>  stubs/Makefile.objs  |   1 +
>  stubs/aio-epoll.c|  37 +++
>  7 files changed, 223 insertions(+), 2 deletions(-)
>  create mode 100644 aio-epoll.c
>  create mode 100644 stubs/aio-epoll.c

aio-epoll.c seems small enough that you can just include everything in
aio-posix.c.  This should simplify everything and make patch 1
unnecessary, too.

Paolo

Re: [Qemu-devel] [PULL 00/11] virtio-gpu+gtk: add 3d rendering support

[Peter Maydell]

On 9 October 2015 at 09:18, Gerd Hoffmann  wrote:
>   Hi,
>
> Here comes the 3d rendering support for virtio-gpu, together with the
> support bits in the gtk ui.  There are also some ui bugfixes.
>
> sdl2 is expected to follow shortly, once we've pinned down one remaining
> display issue, so it'll be there for 2.5 too.  spice support is next in
> the queue, but as this needs some cross-project coordination it isn't
> sure it'll be ready in time for 2.5.
>
> please pull,
>   Gerd
>
> The following changes since commit 5fdb4671b08e0d1631447e81348b2b50a6b85bf7:
>
>   Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into 
> staging (2015-10-06 13:42:33 +0100)
>
> are available in the git repository at:
>
>
>   git://git.kraxel.org/qemu tags/pull-virgl-20151008-1
>
> for you to fetch changes up to 925a04000231ad865770ba227876ba518ac3e479:
>
>   gtk/opengl: add opengl context and scanout support (GtkGLArea) (2015-10-08 
> 10:34:53 +0200)
>
> 
> virtio-gpu: add 3d rendering support using virgl, misc fixes.
> ui/gtk: add opengl context and scanout support (for virtio-gpu).
>
> 

Applied, thanks.

-- PMM

[Qemu-devel] [PULL v2 0/5] Block patches

[Stefan Hajnoczi]

The following changes since commit b37686f7e84b22cfaf7fd01ac5133f2617cc3027:

  Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' 
into staging (2015-10-09 12:18:14 +0100)

are available in the git repository at:

  git://github.com/stefanha/qemu.git tags/block-pull-request

for you to fetch changes up to 9201bb9a8c7cd3ba2382b7db5b2e40f603e61528:

  sdhci.c: Limit the maximum block size (2015-10-12 11:17:45 +0100)


Pull request

v2:
 * Fix virtio 16lx -> HWADDR_PRIx format specifier [Peter]



Alistair Francis (1):
  sdhci.c: Limit the maximum block size

Kevin O'Connor (1):
  sdhci: Pass drive parameter to sdhci-pci via qdev property

Paolo Bonzini (1):
  block: switch from g_slice allocator to malloc

Pierre Morel (1):
  virtio dataplane: adapt dataplane for virtio Version 1

Stefan Hajnoczi (1):
  virtio-blk: use blk_io_plug/unplug for Linux AIO batching

 block/io.c  |  4 +--
 block/mirror.c  |  4 +--
 block/raw-posix.c   |  8 ++---
 block/raw-win32.c   |  4 +--
 hw/block/virtio-blk.c   |  8 +++--
 hw/sd/sd.c  |  4 ++-
 hw/sd/sdhci.c   | 42 
 hw/sd/sdhci.h   |  2 ++
 hw/virtio/dataplane/vring.c | 65 ++---
 include/hw/virtio/dataplane/vring.h |  4 ++-
 10 files changed, 106 insertions(+), 39 deletions(-)

-- 
2.4.3

[Qemu-devel] [PATCH 17/21] qemu-char: convert console backend to data-driven creation

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 qemu-char.c | 13 -
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index 74ca66d..535db73 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2204,7 +2204,10 @@ static CharDriverState *qemu_chr_open_win_file(HANDLE 
fd_out)
 return chr;
 }
 
-static CharDriverState *qemu_chr_open_win_con(void)
+static CharDriverState *qemu_chr_open_win_con(const char *id,
+  ChardevBackend *backend,
+  ChardevReturn *ret,
+  Error **errp)
 {
 return qemu_chr_open_win_file(GetStdHandle(STD_OUTPUT_HANDLE));
 }
@@ -4353,11 +4356,9 @@ ChardevReturn *qmp_chardev_add(const char *id, 
ChardevBackend *backend,
 case CHARDEV_BACKEND_KIND_STDIO:
 abort();
 break;
-#ifdef _WIN32
 case CHARDEV_BACKEND_KIND_CONSOLE:
-chr = qemu_chr_open_win_con();
+abort();
 break;
-#endif
 #ifdef CONFIG_SPICE
 case CHARDEV_BACKEND_KIND_SPICEVMC:
 chr = qemu_chr_open_spice_vmc(backend->spicevmc->type);
@@ -4458,8 +4459,10 @@ static void register_types(void)
 register_char_driver("pty", CHARDEV_BACKEND_KIND_PTY, NULL,
  qemu_chr_open_pty);
 #endif
+#ifdef _WIN32
 register_char_driver("console", CHARDEV_BACKEND_KIND_CONSOLE, NULL,
- NULL);
+ qemu_chr_open_win_con);
+#endif
 register_char_driver("pipe", CHARDEV_BACKEND_KIND_PIPE,
  qemu_chr_parse_pipe, qemu_chr_open_pipe);
 register_char_driver("mux", CHARDEV_BACKEND_KIND_MUX, qemu_chr_parse_mux,
-- 
2.5.0

[Qemu-devel] [PULL 05/14] vl.c: init delayed object after net_init_clients

[Jason Wang]

From: Yang Hongyang 

Init delayed object after net_init_clients, because netfilters need
to be initialized after net clients initialized.

Signed-off-by: Yang Hongyang 
Signed-off-by: Jason Wang 
---
 vl.c | 15 ---
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/vl.c b/vl.c
index f2bd8d2..17ae26c 100644
--- a/vl.c
+++ b/vl.c
@@ -2767,13 +2767,14 @@ static bool object_create_initial(const char *type)
 if (g_str_equal(type, "rng-egd")) {
 return false;
 }
+/* TODO: implement netfilters */
 return true;
 }
 
 
 /*
  * The remainder of object creation happens after the
- * creation of chardev, fsdev and device data types.
+ * creation of chardev, fsdev, net clients and device data types.
  */
 static bool object_create_delayed(const char *type)
 {
@@ -4286,12 +4287,6 @@ int main(int argc, char **argv, char **envp)
 exit(0);
 }
 
-if (qemu_opts_foreach(qemu_find_opts("object"),
-  object_create,
-  object_create_delayed, NULL)) {
-exit(1);
-}
-
 machine_opts = qemu_get_machine_opts();
 if (qemu_opt_foreach(machine_opts, machine_set_property, current_machine,
  NULL)) {
@@ -4397,6 +4392,12 @@ int main(int argc, char **argv, char **envp)
 exit(1);
 }
 
+if (qemu_opts_foreach(qemu_find_opts("object"),
+  object_create,
+  object_create_delayed, NULL)) {
+exit(1);
+}
+
 #ifdef CONFIG_TPM
 if (tpm_init() < 0) {
 exit(1);
-- 
2.1.4

[Qemu-devel] [PULL 11/14] netfilter: print filter info associate with the netdev

[Jason Wang]

From: Yang Hongyang 

When execute "info network", print filter info also.
add a info_str member to NetFilterState, store specific filters
info.

Signed-off-by: Yang Hongyang 
Signed-off-by: Jason Wang 
---
 include/net/filter.h |  1 +
 net/filter.c | 20 
 net/net.c| 11 +++
 3 files changed, 32 insertions(+)

diff --git a/include/net/filter.h b/include/net/filter.h
index 5639976..2deda36 100644
--- a/include/net/filter.h
+++ b/include/net/filter.h
@@ -55,6 +55,7 @@ struct NetFilterState {
 char *netdev_id;
 NetClientState *netdev;
 NetFilterDirection direction;
+char info_str[256];
 QTAILQ_ENTRY(NetFilterState) next;
 };
 
diff --git a/net/filter.c b/net/filter.c
index 5d5022f..326f2b5 100644
--- a/net/filter.c
+++ b/net/filter.c
@@ -15,6 +15,7 @@
 #include "net/vhost_net.h"
 #include "qom/object_interfaces.h"
 #include "qemu/iov.h"
+#include "qapi/string-output-visitor.h"
 
 ssize_t qemu_netfilter_receive(NetFilterState *nf,
NetFilterDirection direction,
@@ -134,6 +135,9 @@ static void netfilter_complete(UserCreatable *uc, Error 
**errp)
 NetFilterClass *nfc = NETFILTER_GET_CLASS(uc);
 int queues;
 Error *local_err = NULL;
+char *str, *info;
+ObjectProperty *prop;
+StringOutputVisitor *ov;
 
 if (!nf->netdev_id) {
 error_setg(errp, "Parameter 'netdev' is required");
@@ -167,6 +171,22 @@ static void netfilter_complete(UserCreatable *uc, Error 
**errp)
 }
 }
 QTAILQ_INSERT_TAIL(>netdev->filters, nf, next);
+
+/* generate info str */
+QTAILQ_FOREACH(prop, (nf)->properties, node) {
+if (!strcmp(prop->name, "type")) {
+continue;
+}
+ov = string_output_visitor_new(false);
+object_property_get(OBJECT(nf), string_output_get_visitor(ov),
+prop->name, errp);
+str = string_output_get_string(ov);
+string_output_visitor_cleanup(ov);
+info = g_strdup_printf(",%s=%s", prop->name, str);
+g_strlcat(nf->info_str, info, sizeof(nf->info_str));
+g_free(str);
+g_free(info);
+}
 }
 
 static void netfilter_finalize(Object *obj)
diff --git a/net/net.c b/net/net.c
index c0ebb13..39af893 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1179,10 +1179,21 @@ void qmp_netdev_del(const char *id, Error **errp)
 
 void print_net_client(Monitor *mon, NetClientState *nc)
 {
+NetFilterState *nf;
+
 monitor_printf(mon, "%s: index=%d,type=%s,%s\n", nc->name,
nc->queue_index,
NetClientOptionsKind_lookup[nc->info->type],
nc->info_str);
+if (!QTAILQ_EMPTY(>filters)) {
+monitor_printf(mon, "filters:\n");
+}
+QTAILQ_FOREACH(nf, >filters, next) {
+monitor_printf(mon, "  - %s: type=%s%s\n",
+   object_get_canonical_path_component(OBJECT(nf)),
+   object_get_typename(OBJECT(nf)),
+   nf->info_str);
+}
 }
 
 RxFilterInfoList *qmp_query_rx_filter(bool has_name, const char *name,
-- 
2.1.4

[Qemu-devel] [PULL 06/14] init/cleanup of netfilter object

[Jason Wang]

From: Yang Hongyang 

Add a netfilter object based on QOM.

A netfilter is attached to a netdev, captures all network packets
that pass through the netdev. When we delete the netdev, we also
delete the netfilter object attached to it, because if the netdev is
removed, the filter which attached to it is useless.

Signed-off-by: Yang Hongyang 
Reviewed-by: Markus Armbruster 
Signed-off-by: Jason Wang 
---
 include/net/filter.h|  61 +
 include/net/net.h   |   1 +
 include/qemu/typedefs.h |   1 +
 net/Makefile.objs   |   1 +
 net/filter.c| 138 
 net/net.c   |   7 +++
 qapi-schema.json|  20 +++
 7 files changed, 229 insertions(+)
 create mode 100644 include/net/filter.h
 create mode 100644 net/filter.c

diff --git a/include/net/filter.h b/include/net/filter.h
new file mode 100644
index 000..be27dee
--- /dev/null
+++ b/include/net/filter.h
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2015 FUJITSU LIMITED
+ * Author: Yang Hongyang 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later.  See the COPYING file in the top-level directory.
+ */
+
+#ifndef QEMU_NET_FILTER_H
+#define QEMU_NET_FILTER_H
+
+#include "qom/object.h"
+#include "qemu-common.h"
+#include "qemu/typedefs.h"
+#include "net/queue.h"
+
+#define TYPE_NETFILTER "netfilter"
+#define NETFILTER(obj) \
+OBJECT_CHECK(NetFilterState, (obj), TYPE_NETFILTER)
+#define NETFILTER_GET_CLASS(obj) \
+OBJECT_GET_CLASS(NetFilterClass, (obj), TYPE_NETFILTER)
+#define NETFILTER_CLASS(klass) \
+OBJECT_CLASS_CHECK(NetFilterClass, (klass), TYPE_NETFILTER)
+
+typedef void (FilterSetup) (NetFilterState *nf, Error **errp);
+typedef void (FilterCleanup) (NetFilterState *nf);
+/*
+ * Return:
+ *   0: finished handling the packet, we should continue
+ *   size: filter stolen this packet, we stop pass this packet further
+ */
+typedef ssize_t (FilterReceiveIOV)(NetFilterState *nc,
+   NetClientState *sender,
+   unsigned flags,
+   const struct iovec *iov,
+   int iovcnt,
+   NetPacketSent *sent_cb);
+
+typedef struct NetFilterClass {
+ObjectClass parent_class;
+
+/* optional */
+FilterSetup *setup;
+FilterCleanup *cleanup;
+/* mandatory */
+FilterReceiveIOV *receive_iov;
+} NetFilterClass;
+
+
+struct NetFilterState {
+/* private */
+Object parent;
+
+/* protected */
+char *netdev_id;
+NetClientState *netdev;
+NetFilterDirection direction;
+QTAILQ_ENTRY(NetFilterState) next;
+};
+
+#endif /* QEMU_NET_FILTER_H */
diff --git a/include/net/net.h b/include/net/net.h
index 6a6cbef..36e5fab 100644
--- a/include/net/net.h
+++ b/include/net/net.h
@@ -92,6 +92,7 @@ struct NetClientState {
 NetClientDestructor *destructor;
 unsigned int queue_index;
 unsigned rxfilter_notify_enabled:1;
+QTAILQ_HEAD(, NetFilterState) filters;
 };
 
 typedef struct NICState {
diff --git a/include/qemu/typedefs.h b/include/qemu/typedefs.h
index 3a835ff..ee1ce1d 100644
--- a/include/qemu/typedefs.h
+++ b/include/qemu/typedefs.h
@@ -45,6 +45,7 @@ typedef struct Monitor Monitor;
 typedef struct MouseTransformInfo MouseTransformInfo;
 typedef struct MSIMessage MSIMessage;
 typedef struct NetClientState NetClientState;
+typedef struct NetFilterState NetFilterState;
 typedef struct NICInfo NICInfo;
 typedef struct PcGuestInfo PcGuestInfo;
 typedef struct PCIBridge PCIBridge;
diff --git a/net/Makefile.objs b/net/Makefile.objs
index ec19cb3..914aec0 100644
--- a/net/Makefile.objs
+++ b/net/Makefile.objs
@@ -13,3 +13,4 @@ common-obj-$(CONFIG_HAIKU) += tap-haiku.o
 common-obj-$(CONFIG_SLIRP) += slirp.o
 common-obj-$(CONFIG_VDE) += vde.o
 common-obj-$(CONFIG_NETMAP) += netmap.o
+common-obj-y += filter.o
diff --git a/net/filter.c b/net/filter.c
new file mode 100644
index 000..d406259
--- /dev/null
+++ b/net/filter.c
@@ -0,0 +1,138 @@
+/*
+ * Copyright (c) 2015 FUJITSU LIMITED
+ * Author: Yang Hongyang 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later.  See the COPYING file in the top-level directory.
+ */
+
+#include "qemu-common.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
+
+#include "net/filter.h"
+#include "net/net.h"
+#include "net/vhost_net.h"
+#include "qom/object_interfaces.h"
+
+static char *netfilter_get_netdev_id(Object *obj, Error **errp)
+{
+NetFilterState *nf = NETFILTER(obj);
+
+return g_strdup(nf->netdev_id);
+}
+
+static void netfilter_set_netdev_id(Object *obj, const char *str, Error **errp)
+{
+NetFilterState *nf = NETFILTER(obj);
+
+nf->netdev_id = g_strdup(str);
+}
+
+static int netfilter_get_direction(Object *obj, 

[Qemu-devel] [PULL 04/14] vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command

[Jason Wang]

From: Shmulik Ladkani 

Some drivers (e.g. vmware-tools) issue the VMXNET3_CMD_GET_ADAPTIVE_RING_INFO
command.

Currently, due to lack of support, a bogus value (-1) is returned.

Support this command, returning the "adaptive-ring disabled" flag.

Signed-off-by: Shmulik Ladkani 
Signed-off-by: Jason Wang 
---
 hw/net/vmxnet3.c | 9 +
 hw/net/vmxnet3.h | 6 +-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c
index 057f0dc..3c5e10d 100644
--- a/hw/net/vmxnet3.c
+++ b/hw/net/vmxnet3.c
@@ -1631,6 +1631,11 @@ static void vmxnet3_handle_command(VMXNET3State *s, 
uint64_t cmd)
 VMW_CBPRN("Set: VMXNET3_CMD_GET_CONF_INTR - interrupt configuration");
 break;
 
+case VMXNET3_CMD_GET_ADAPTIVE_RING_INFO:
+VMW_CBPRN("Set: VMXNET3_CMD_GET_ADAPTIVE_RING_INFO - "
+  "adaptive ring info flags");
+break;
+
 default:
 VMW_CBPRN("Received unknown command: %" PRIx64, cmd);
 break;
@@ -1670,6 +1675,10 @@ static uint64_t vmxnet3_get_command_status(VMXNET3State 
*s)
 ret = vmxnet3_get_interrupt_config(s);
 break;
 
+case VMXNET3_CMD_GET_ADAPTIVE_RING_INFO:
+ret = VMXNET3_DISABLE_ADAPTIVE_RING;
+break;
+
 default:
 VMW_WRPRN("Received request for unknown command: %x", s->last_command);
 ret = -1;
diff --git a/hw/net/vmxnet3.h b/hw/net/vmxnet3.h
index f987d71..f7006af 100644
--- a/hw/net/vmxnet3.h
+++ b/hw/net/vmxnet3.h
@@ -198,9 +198,13 @@ enum {
 VMXNET3_CMD_GET_DID_LO,   /* 0xF00D0005 */
 VMXNET3_CMD_GET_DID_HI,   /* 0xF00D0006 */
 VMXNET3_CMD_GET_DEV_EXTRA_INFO,   /* 0xF00D0007 */
-VMXNET3_CMD_GET_CONF_INTR /* 0xF00D0008 */
+VMXNET3_CMD_GET_CONF_INTR,/* 0xF00D0008 */
+VMXNET3_CMD_GET_ADAPTIVE_RING_INFO/* 0xF00D0009 */
 };
 
+/* Adaptive Ring Info Flags */
+#define VMXNET3_DISABLE_ADAPTIVE_RING 1
+
 /*
  *Little Endian layout of bitfields -
  *Byte 0 :7.len.0
-- 
2.1.4

[Qemu-devel] [PATCH v2 0/5] virtio-9p: hotplug and migration support

[Greg Kurz]

Hi,

We already have a blocker to prevent migration of an active virtio-9p device.
But in fact, there is no migration support at all for 9p, even if the device
is considered to be quiescent (when the VirtFS share is not mounted): migration
succeeds but the device is lost in the restarted guest.
Hotunplug of a virtio-9p device is not supported either (no unrealize handler)
and leads to a QEMU crash on the source node, if one unplugs and migrates.

This series tries to fix that and brings hotplug and migration support of
*quiescent* virtio-9p devices.

The most notable change since my previous post is the introduction of an unplug
blocker (patch 2/5 and 3/5). I also reworked the series so that some fixes
appear in more appropriate patches (see individual changelogs).

Please comment.

--
Greg

---

Greg Kurz (5):
  virtio-9p-coth: fix init function
  qdev: add the HotUnpluggable handler
  virtio-9p: block hot-unplug when device is active
  virtio-9p: add unrealize handler
  virtio-9p: add savem handlers


 hw/9pfs/virtio-9p-coth.c   |   22 ++
 hw/9pfs/virtio-9p-coth.h   |2 ++
 hw/9pfs/virtio-9p-device.c |   24 
 hw/9pfs/virtio-9p.c|   14 ++
 hw/9pfs/virtio-9p.h|2 ++
 hw/core/qdev.c |4 
 hw/s390x/virtio-ccw.c  |8 
 hw/virtio/virtio-pci.c |8 
 include/hw/qdev-core.h |4 
 9 files changed, 84 insertions(+), 4 deletions(-)

[Qemu-devel] [PATCH v7 3/5] block: support passing 'backing': '' to 'blockdev-add'

[Alberto Garcia]

Passing an empty string allows opening an image but not its backing
file. This was already described in the API documentation, only the
implementation was missing.

This is useful for creating snapshots using images opened with
blockdev-add, since they are not supposed to have a backing image
before the operation.

Signed-off-by: Alberto Garcia 
Reviewed-by: Max Reitz 
Reviewed-by: Eric Blake 
Reviewed-by: Kevin Wolf 
---
 block.c | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/block.c b/block.c
index c9e3c6c..31d1b6e 100644
--- a/block.c
+++ b/block.c
@@ -1406,6 +1406,7 @@ static int bdrv_open_inherit(BlockDriverState **pbs, 
const char *filename,
 BlockDriverState *file = NULL, *bs;
 BlockDriver *drv = NULL;
 const char *drvname;
+const char *backing;
 Error *local_err = NULL;
 int snapshot_flags = 0;
 
@@ -1473,6 +1474,12 @@ static int bdrv_open_inherit(BlockDriverState **pbs, 
const char *filename,
 
 assert(drvname || !(flags & BDRV_O_PROTOCOL));
 
+backing = qdict_get_try_str(options, "backing");
+if (backing && *backing == '\0') {
+flags |= BDRV_O_NO_BACKING;
+qdict_del(options, "backing");
+}
+
 bs->open_flags = flags;
 bs->options = options;
 options = qdict_clone_shallow(options);
-- 
2.6.1

[Qemu-devel] [PATCH v7 5/5] block: add tests for the 'blockdev-snapshot' command

[Alberto Garcia]

Signed-off-by: Alberto Garcia 
Reviewed-by: Max Reitz 
---
 tests/qemu-iotests/085 | 102 ++---
 tests/qemu-iotests/085.out |  34 ++-
 2 files changed, 128 insertions(+), 8 deletions(-)

diff --git a/tests/qemu-iotests/085 b/tests/qemu-iotests/085
index 56cd6f8..9484117 100755
--- a/tests/qemu-iotests/085
+++ b/tests/qemu-iotests/085
@@ -7,6 +7,7 @@
 # snapshots are performed.
 #
 # Copyright (C) 2014 Red Hat, Inc.
+# Copyright (C) 2015 Igalia, S.L.
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -34,17 +35,17 @@ status=1# failure is the default!
 snapshot_virt0="snapshot-v0.qcow2"
 snapshot_virt1="snapshot-v1.qcow2"
 
-MAX_SNAPSHOTS=10
+SNAPSHOTS=10
 
 _cleanup()
 {
 _cleanup_qemu
-for i in $(seq 1 ${MAX_SNAPSHOTS})
+for i in $(seq 1 ${SNAPSHOTS})
 do
 rm -f "${TEST_DIR}/${i}-${snapshot_virt0}"
 rm -f "${TEST_DIR}/${i}-${snapshot_virt1}"
 done
-   _cleanup_test_img
+rm -f "${TEST_IMG}.1" "${TEST_IMG}.2"
 
 }
 trap "_cleanup; exit \$status" 0 1 2 3 15
@@ -85,18 +86,50 @@ function create_group_snapshot()
 _send_qemu_cmd $h "${cmd}" "return"
 }
 
+# ${1}: unique identifier for the snapshot filename
+# ${2}: true: open backing images; false: don't open them (default)
+function add_snapshot_image()
+{
+if [ "${2}" = "true" ]; then
+extra_params=""
+else
+extra_params="'backing': '', "
+fi
+base_image="${TEST_DIR}/$((${1}-1))-${snapshot_virt0}"
+snapshot_file="${TEST_DIR}/${1}-${snapshot_virt0}"
+_make_test_img -b "${base_image}" "$size"
+mv "${TEST_IMG}" "${snapshot_file}"
+cmd="{ 'execute': 'blockdev-add', 'arguments':
+   { 'options':
+ { 'driver': 'qcow2', 'node-name': 'snap_"${1}"', "${extra_params}"
+   'file':
+   { 'driver': 'file', 'filename': '"${snapshot_file}"' } } } }"
+_send_qemu_cmd $h "${cmd}" "return"
+}
+
+# ${1}: unique identifier for the snapshot filename
+# ${2}: expected response, defaults to 'return'
+function blockdev_snapshot()
+{
+cmd="{ 'execute': 'blockdev-snapshot',
+  'arguments': { 'node': 'virtio0',
+ 'overlay':'snap_"${1}"' } }"
+_send_qemu_cmd $h "${cmd}" "${2:-return}"
+}
+
 size=128M
 
 _make_test_img $size
-mv "${TEST_IMG}" "${TEST_IMG}.orig"
+mv "${TEST_IMG}" "${TEST_IMG}.1"
 _make_test_img $size
+mv "${TEST_IMG}" "${TEST_IMG}.2"
 
 echo
 echo === Running QEMU ===
 echo
 
 qemu_comm_method="qmp"
-_launch_qemu -drive file="${TEST_IMG}.orig",if=virtio -drive 
file="${TEST_IMG}",if=virtio
+_launch_qemu -drive file="${TEST_IMG}.1",if=virtio -drive 
file="${TEST_IMG}.2",if=virtio
 h=$QEMU_HANDLE
 
 echo
@@ -105,6 +138,8 @@ echo
 
 _send_qemu_cmd $h "{ 'execute': 'qmp_capabilities' }" "return"
 
+# Tests for the blockdev-snapshot-sync command
+
 echo
 echo === Create a single snapshot on virtio0 ===
 echo
@@ -132,11 +167,66 @@ echo
 echo === Create several transactional group snapshots ===
 echo
 
-for i in $(seq 2 ${MAX_SNAPSHOTS})
+for i in $(seq 2 ${SNAPSHOTS})
 do
 create_group_snapshot ${i}
 done
 
+# Tests for the blockdev-snapshot command
+
+echo
+echo === Create a couple of snapshots using blockdev-snapshot ===
+echo
+
+SNAPSHOTS=$((${SNAPSHOTS}+1))
+add_snapshot_image ${SNAPSHOTS}
+blockdev_snapshot ${SNAPSHOTS}
+
+SNAPSHOTS=$((${SNAPSHOTS}+1))
+add_snapshot_image ${SNAPSHOTS}
+blockdev_snapshot ${SNAPSHOTS}
+
+echo
+echo === Invalid command - snapshot node used as active layer ===
+echo
+
+blockdev_snapshot ${SNAPSHOTS} error
+
+_send_qemu_cmd $h "{ 'execute': 'blockdev-snapshot',
+ 'arguments': { 'node':'virtio0',
+'overlay':'virtio0' }
+   }" "error"
+
+_send_qemu_cmd $h "{ 'execute': 'blockdev-snapshot',
+ 'arguments': { 'node':'virtio0',
+'overlay':'virtio1' }
+   }" "error"
+
+echo
+echo === Invalid command - snapshot node used as backing hd ===
+echo
+
+blockdev_snapshot $((${SNAPSHOTS}-1)) error
+
+echo
+echo === Invalid command - snapshot node has a backing image ===
+echo
+
+SNAPSHOTS=$((${SNAPSHOTS}+1))
+add_snapshot_image ${SNAPSHOTS} true
+blockdev_snapshot ${SNAPSHOTS} error
+
+echo
+echo === Invalid command - The node does not exist ===
+echo
+
+blockdev_snapshot $((${SNAPSHOTS}+1)) error
+
+_send_qemu_cmd $h "{ 'execute': 'blockdev-snapshot',
+ 'arguments': { 'node':'nodevice',
+'overlay':'snap_"${SNAPSHOTS}"' }
+   }" "error"
+
 # success, all done
 echo "*** done"
 rm -f $seq.full
diff --git a/tests/qemu-iotests/085.out b/tests/qemu-iotests/085.out
index a6cf19e..52292ea 100644
--- a/tests/qemu-iotests/085.out
+++ 

[Qemu-devel] [PATCH v7 4/5] block: add a 'blockdev-snapshot' QMP command

[Alberto Garcia]

One of the limitations of the 'blockdev-snapshot-sync' command is that
it does not allow passing BlockdevOptions to the newly created
snapshots, so they are always opened using the default values.

Extending the command to allow passing options is not a practical
solution because there is overlap between those options and some of
the existing parameters of the command.

This patch introduces a new 'blockdev-snapshot' command with a simpler
interface: it just takes two references to existing block devices that
will be used as the source and target for the snapshot.

Since the main difference between the two commands is that one of them
creates and opens the target image, while the other uses an already
opened one, the bulk of the implementation is shared.

Signed-off-by: Alberto Garcia 
Cc: Eric Blake 
Reviewed-by: Max Reitz 
---
 blockdev.c   | 165 ---
 qapi-schema.json |   2 +
 qapi/block-core.json |  28 +
 qmp-commands.hx  |  38 
 4 files changed, 172 insertions(+), 61 deletions(-)

diff --git a/blockdev.c b/blockdev.c
index 12741a0..b5470c9 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1183,6 +1183,18 @@ void qmp_blockdev_snapshot_sync(bool has_device, const 
char *device,
, errp);
 }
 
+void qmp_blockdev_snapshot(const char *node, const char *overlay,
+   Error **errp)
+{
+BlockdevSnapshot snapshot_data = {
+.node = (char *) node,
+.overlay = (char *) overlay
+};
+
+blockdev_do_action(TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT,
+   _data, errp);
+}
+
 void qmp_blockdev_snapshot_internal_sync(const char *device,
  const char *name,
  Error **errp)
@@ -1521,58 +1533,48 @@ typedef struct ExternalSnapshotState {
 static void external_snapshot_prepare(BlkTransactionState *common,
   Error **errp)
 {
-int flags, ret;
-QDict *options;
+int flags = 0, ret;
+QDict *options = NULL;
 Error *local_err = NULL;
-bool has_device = false;
+/* Device and node name of the image to generate the snapshot from */
 const char *device;
-bool has_node_name = false;
 const char *node_name;
-bool has_snapshot_node_name = false;
-const char *snapshot_node_name;
+/* Reference to the new image (for 'blockdev-snapshot') */
+const char *snapshot_ref;
+/* File name of the new image (for 'blockdev-snapshot-sync') */
 const char *new_image_file;
-const char *format = "qcow2";
-enum NewImageMode mode = NEW_IMAGE_MODE_ABSOLUTE_PATHS;
 ExternalSnapshotState *state =
  DO_UPCAST(ExternalSnapshotState, common, common);
 TransactionAction *action = common->action;
 
-/* get parameters */
-g_assert(action->kind == TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT_SYNC);
-
-has_device = action->blockdev_snapshot_sync->has_device;
-device = action->blockdev_snapshot_sync->device;
-has_node_name = action->blockdev_snapshot_sync->has_node_name;
-node_name = action->blockdev_snapshot_sync->node_name;
-has_snapshot_node_name =
-action->blockdev_snapshot_sync->has_snapshot_node_name;
-snapshot_node_name = action->blockdev_snapshot_sync->snapshot_node_name;
-
-new_image_file = action->blockdev_snapshot_sync->snapshot_file;
-if (action->blockdev_snapshot_sync->has_format) {
-format = action->blockdev_snapshot_sync->format;
-}
-if (action->blockdev_snapshot_sync->has_mode) {
-mode = action->blockdev_snapshot_sync->mode;
+/* 'blockdev-snapshot' and 'blockdev-snapshot-sync' have similar
+ * purpose but a different set of parameters */
+switch (action->kind) {
+case TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT:
+{
+BlockdevSnapshot *s = action->blockdev_snapshot;
+device = s->node;
+node_name = s->node;
+new_image_file = NULL;
+snapshot_ref = s->overlay;
+}
+break;
+case TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT_SYNC:
+{
+BlockdevSnapshotSync *s = action->blockdev_snapshot_sync;
+device = s->has_device ? s->device : NULL;
+node_name = s->has_node_name ? s->node_name : NULL;
+new_image_file = s->snapshot_file;
+snapshot_ref = NULL;
+}
+break;
+default:
+g_assert_not_reached();
 }
 
 /* start processing */
-state->old_bs = bdrv_lookup_bs(has_device ? device : NULL,
-   has_node_name ? node_name : NULL,
-   _err);
-if (local_err) {
-error_propagate(errp, local_err);
-return;
-}
-
-if (has_node_name && !has_snapshot_node_name) {
-

[Qemu-devel] [PATCH 3/3] aio: Introduce aio-epoll.c

[Fam Zheng]

To minimize code duplication, epoll is hooked into aio-posix's
aio_poll() instead of rolling its own. This approach also has the
advantage that both compile time and run time ability to switch from
between the two:

1) If configure script didn't find epoll, the libqemustub.a nop
functions will be used, which selects the usual ppoll.

2) When QEMU starts with a small number of fds in the event loop, ppoll
is used.

3) When QEMU starts with a big number of fds, or when more devices are
hot plugged after starting up, epoll automatically kicks in after the
number of fds hits the threshold.

4) Some fds may not support epoll, such as tty based stdio. In this
case, we can fall back to ppoll.

Signed-off-by: Fam Zheng 
---
 Makefile.objs|   1 +
 aio-epoll.c  | 150 +++
 aio-posix.c  |  16 -
 include/block/aio-internal.h |  15 +
 include/block/aio.h  |   5 ++
 stubs/Makefile.objs  |   1 +
 stubs/aio-epoll.c|  37 +++
 7 files changed, 223 insertions(+), 2 deletions(-)
 create mode 100644 aio-epoll.c
 create mode 100644 stubs/aio-epoll.c

diff --git a/Makefile.objs b/Makefile.objs
index bc43e5c..8f401b7 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -10,6 +10,7 @@ util-obj-y += qmp-introspect.o qapi-types.o qapi-visit.o 
qapi-event.o
 block-obj-y = async.o thread-pool.o
 block-obj-y += nbd.o block.o blockjob.o
 block-obj-y += main-loop.o iohandler.o qemu-timer.o
+block-obj-$(CONFIG_EPOLL) += aio-epoll.o
 block-obj-$(CONFIG_POSIX) += aio-posix.o
 block-obj-$(CONFIG_WIN32) += aio-win32.o
 block-obj-y += block/
diff --git a/aio-epoll.c b/aio-epoll.c
new file mode 100644
index 000..4557dcb
--- /dev/null
+++ b/aio-epoll.c
@@ -0,0 +1,150 @@
+/*
+ * QEMU aio implementation
+ *
+ * Copyright Red Hat, Inc, 2015
+ *
+ * Authors:
+ *  Fam Zheng 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ *
+ * Contributions after 2012-01-13 are licensed under the terms of the
+ * GNU GPL, version 2 or (at your option) any later version.
+ */
+
+#include "qemu-common.h"
+#include "block/block.h"
+#include "qemu/queue.h"
+#include "block/aio-internal.h"
+#include 
+
+/* The fd number threashold to switch to epoll */
+#define EPOLL_ENABLE_THRESHOLD 64
+
+static void aio_epoll_disable(AioContext *ctx)
+{
+ctx->epoll_available = false;
+if (!ctx->epoll_enabled) {
+return;
+}
+ctx->epoll_enabled = false;
+close(ctx->epollfd);
+}
+
+static inline int epoll_events_from_pfd(int pfd_events)
+{
+return (pfd_events & G_IO_IN ? EPOLLIN : 0) |
+   (pfd_events & G_IO_OUT ? EPOLLOUT : 0) |
+   (pfd_events & G_IO_HUP ? EPOLLHUP : 0) |
+   (pfd_events & G_IO_ERR ? EPOLLERR : 0);
+}
+
+static bool aio_epoll_try_enable(AioContext *ctx)
+{
+AioHandler *node;
+struct epoll_event event;
+if (!ctx->epoll_available) {
+return false;
+}
+
+QLIST_FOREACH(node, >aio_handlers, node) {
+int r;
+if (node->deleted || !node->pfd.events) {
+continue;
+}
+event.events = epoll_events_from_pfd(node->pfd.events);
+event.data.ptr = node;
+r = epoll_ctl(ctx->epollfd, EPOLL_CTL_ADD, node->pfd.fd, );
+if (r) {
+return false;
+}
+}
+ctx->epoll_enabled = true;
+return true;
+}
+
+void aio_epoll_update(AioContext *ctx, AioHandler *node, bool is_new)
+{
+struct epoll_event event;
+int r;
+
+if (!ctx->epoll_enabled) {
+return;
+}
+if (!node->pfd.events) {
+r = epoll_ctl(ctx->epollfd, EPOLL_CTL_DEL, node->pfd.fd, );
+assert(!r);
+} else {
+event.data.ptr = node;
+event.events = epoll_events_from_pfd(node->pfd.events);
+if (is_new) {
+r = epoll_ctl(ctx->epollfd, EPOLL_CTL_ADD, node->pfd.fd, );
+if (r) {
+aio_epoll_disable(ctx);
+}
+} else {
+r = epoll_ctl(ctx->epollfd, EPOLL_CTL_MOD, node->pfd.fd, );
+assert(!r);
+}
+}
+}
+
+int aio_epoll(AioContext *ctx, GPollFD *pfds, unsigned npfd, int64_t timeout)
+{
+AioHandler *node;
+int i, ret = 0;
+struct epoll_event events[128];
+
+assert(npfd == 1);
+assert(pfds[0].fd == ctx->epollfd);
+if (timeout > 0) {
+ret = qemu_poll_ns(pfds, npfd, timeout);
+}
+if (timeout <= 0 || ret > 0) {
+ret = epoll_wait(ctx->epollfd, events,
+ sizeof(events) / sizeof(events[0]),
+ timeout);
+if (ret <= 0) {
+goto out;
+}
+for (i = 0; i < ret; i++) {
+int ev = events[i].events;
+node = events[i].data.ptr;
+node->pfd.revents = (ev & EPOLLIN ? G_IO_IN : 0) |
+(ev & EPOLLOUT ? G_IO_OUT : 0) |

[Qemu-devel] [PATCH 2/3] aio: Introduce aio_context_setup

[Fam Zheng]

This is the place to initialize platform specific bits of AioContext.

Signed-off-by: Fam Zheng 
---
 aio-posix.c  |  4 
 aio-win32.c  |  4 
 async.c  | 14 --
 include/block/aio-internal.h |  2 ++
 4 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/aio-posix.c b/aio-posix.c
index 7ae54fc..4fd2383 100644
--- a/aio-posix.c
+++ b/aio-posix.c
@@ -288,3 +288,7 @@ bool aio_poll(AioContext *ctx, bool blocking)
 
 return progress;
 }
+
+void aio_context_setup(AioContext *ctx, Error **errp)
+{
+}
diff --git a/aio-win32.c b/aio-win32.c
index f018934..7873141 100644
--- a/aio-win32.c
+++ b/aio-win32.c
@@ -353,3 +353,7 @@ bool aio_poll(AioContext *ctx, bool blocking)
 aio_context_release(ctx);
 return progress;
 }
+
+void aio_context_setup(AioContext *ctx, Error **errp)
+{
+}
diff --git a/async.c b/async.c
index efce14b..72cdc9b 100644
--- a/async.c
+++ b/async.c
@@ -27,6 +27,7 @@
 #include "block/thread-pool.h"
 #include "qemu/main-loop.h"
 #include "qemu/atomic.h"
+#include "block/aio-internal.h"
 
 /***/
 /* bottom halves (can be seen as timers which expire ASAP) */
@@ -320,12 +321,18 @@ AioContext *aio_context_new(Error **errp)
 {
 int ret;
 AioContext *ctx;
+Error *local_err = NULL;
+
 ctx = (AioContext *) g_source_new(_source_funcs, sizeof(AioContext));
+aio_context_setup(ctx, _err);
+if (local_err) {
+error_propagate(errp, local_err);
+goto fail;
+}
 ret = event_notifier_init(>notifier, false);
 if (ret < 0) {
-g_source_destroy(>source);
 error_setg_errno(errp, -ret, "Failed to initialize event notifier");
-return NULL;
+goto fail;
 }
 g_source_set_can_recurse(>source, true);
 aio_set_event_notifier(ctx, >notifier,
@@ -339,6 +346,9 @@ AioContext *aio_context_new(Error **errp)
 ctx->notify_dummy_bh = aio_bh_new(ctx, notify_dummy_bh, NULL);
 
 return ctx;
+fail:
+g_source_destroy(>source);
+return NULL;
 }
 
 void aio_context_ref(AioContext *ctx)
diff --git a/include/block/aio-internal.h b/include/block/aio-internal.h
index 2ffbcdc..f50a37c 100644
--- a/include/block/aio-internal.h
+++ b/include/block/aio-internal.h
@@ -27,4 +27,6 @@ struct AioHandler {
 QLIST_ENTRY(AioHandler) node;
 };
 
+void aio_context_setup(AioContext *ctx, Error **errp);
+
 #endif
-- 
2.6.1

[Qemu-devel] [PATCH V2] hw/pxb: add chassis_nr property

[Marcel Apfelbaum]

Add a chassis_nr property instead of using PXB bus number
as internal bridge's chassis nr.

Suggested-by: Michael S. Tsirkin 
Signed-off-by: Marcel Apfelbaum 
---
v1->v2:
 - Rebased on master

 docs/pci_expander_bridge.txt| 7 +++
 hw/pci-bridge/pci_expander_bridge.c | 5 -
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/docs/pci_expander_bridge.txt b/docs/pci_expander_bridge.txt
index d7913fb..fed2bbe 100644
--- a/docs/pci_expander_bridge.txt
+++ b/docs/pci_expander_bridge.txt
@@ -23,9 +23,9 @@ A detailed command line would be:
 -m 2G
 -object memory-backend-ram,size=1024M,policy=bind,host-nodes=0,id=ram-node0 
-numa node,nodeid=0,cpus=0,memdev=ram-node0
 -object memory-backend-ram,size=1024M,policy=bind,host-nodes=1,id=ram-node1 
-numa node,nodeid=1,cpus=1,memdev=ram-node1
--device pxb,id=bridge1,bus=pci.0,numa_node=1,bus_nr=4 -netdev 
user,id=nd-device e1000,bus=bridge1,addr=0x4,netdev=nd
--device pxb,id=bridge2,bus=pci.0,numa_node=0,bus_nr=8,bus=pci.0 -device 
e1000,bus=bridge2,addr=0x3
--device pxb,id=bridge3,bus=pci.0,bus_nr=40,bus=pci.0 -drive 
if=none,id=drive0,file=[img] -device 
virtio-blk-pci,drive=drive0,scsi=off,bus=bridge3,addr=1
+-device pxb,id=bridge1,bus=pci.0,numa_node=1,bus_nr=4,chassis_nr=1 -netdev 
user,id=nd-device e1000,bus=bridge1,addr=0x4,netdev=nd
+-device pxb,id=bridge2,bus=pci.0,numa_node=0,bus_nr=8,bus=pci.0,chassis_nr=2 
-device e1000,bus=bridge2,addr=0x3
+-device pxb,id=bridge3,bus=pci.0,bus_nr=40,bus=pci.0,chassis_nr=3 -drive 
if=none,id=drive0,file=[img] -device 
virtio-blk-pci,drive=drive0,scsi=off,bus=bridge3,addr=1
 
 Here you have:
  - 2 NUMA nodes for the guest, 0 and 1. (both mapped to the same NUMA node in 
host, but you can and should put it in different host NUMA nodes)
@@ -55,4 +55,3 @@ The PXB is composed by:
   - Using the bridge will enable hotplug support
   - All the devices behind the bridge will use bridge's IO/MEM windows 
compacting
 the PCI address space.
-
diff --git a/hw/pci-bridge/pci_expander_bridge.c 
b/hw/pci-bridge/pci_expander_bridge.c
index 57f8a37..8645650 100644
--- a/hw/pci-bridge/pci_expander_bridge.c
+++ b/hw/pci-bridge/pci_expander_bridge.c
@@ -39,6 +39,7 @@ typedef struct PXBDev {
 PCIDevice parent_obj;
 /*< public >*/
 
+uint8_t chassis_nr;
 uint8_t bus_nr;
 uint16_t numa_node;
 } PXBDev;
@@ -220,7 +221,7 @@ static int pxb_dev_initfn(PCIDevice *dev)
 
 bds = qdev_create(BUS(bus), "pci-bridge");
 bds->id = dev_name;
-qdev_prop_set_uint8(bds, PCI_BRIDGE_DEV_PROP_CHASSIS_NR, pxb->bus_nr);
+qdev_prop_set_uint8(bds, PCI_BRIDGE_DEV_PROP_CHASSIS_NR, pxb->chassis_nr);
 qdev_prop_set_bit(bds, PCI_BRIDGE_DEV_PROP_SHPC, false);
 
 PCI_HOST_BRIDGE(ds)->bus = bus;
@@ -248,6 +249,8 @@ static void pxb_dev_exitfn(PCIDevice *pci_dev)
 }
 
 static Property pxb_dev_properties[] = {
+/* Note: 0 is not a legal chassis number. */
+DEFINE_PROP_UINT8("chassis_nr", PXBDev, chassis_nr, 0),
 /* Note: 0 is not a legal a PXB bus number. */
 DEFINE_PROP_UINT8("bus_nr", PXBDev, bus_nr, 0),
 DEFINE_PROP_UINT16("numa_node", PXBDev, numa_node, NUMA_NODE_UNASSIGNED),
-- 
2.1.0

Re: [Qemu-devel] [PATCH v3 08/32] exec: allow memory to be allocated from any kind of path

[Michael S. Tsirkin]

On Sun, Oct 11, 2015 at 11:52:40AM +0800, Xiao Guangrong wrote:
> Currently file_ram_alloc() is designed for hugetlbfs, however, the memory
> of nvdimm can come from either raw pmem device eg, /dev/pmem, or the file
> locates at DAX enabled filesystem
> 
> So this patch let it work on any kind of path
> 
> Signed-off-by: Xiao Guangrong 

This conflicts with map alloc rework.
Please rebase this on top of my tree.


> ---
>  exec.c | 55 ++-
>  1 file changed, 14 insertions(+), 41 deletions(-)
> 
> diff --git a/exec.c b/exec.c
> index 7d90a52..70cb0ef 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -1154,32 +1154,6 @@ void qemu_mutex_unlock_ramlist(void)
>  }
>  
>  #ifdef __linux__
> -
> -#include 
> -
> -#define HUGETLBFS_MAGIC   0x958458f6
> -
> -static long gethugepagesize(const char *path, Error **errp)
> -{
> -struct statfs fs;
> -int ret;
> -
> -do {
> -ret = statfs(path, );
> -} while (ret != 0 && errno == EINTR);
> -
> -if (ret != 0) {
> -error_setg_errno(errp, errno, "failed to get page size of file %s",
> - path);
> -return 0;
> -}
> -
> -if (fs.f_type != HUGETLBFS_MAGIC)
> -fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
> -
> -return fs.f_bsize;

What this *actually* is trying to warn against is that
mapping a regular file (as opposed to hugetlbfs)
means transparent huge pages don't work.

So I don't think we should drop this warning completely.
Either let's add the nvdimm magic, or simply check the
page size.


> -}
> -
>  static void *file_ram_alloc(RAMBlock *block,
>  ram_addr_t memory,
>  const char *path,
> @@ -1191,22 +1165,21 @@ static void *file_ram_alloc(RAMBlock *block,
>  void *ptr;
>  void *area = NULL;
>  int fd;
> -uint64_t hpagesize;
> +uint64_t pagesize;
>  uint64_t total;
> -Error *local_err = NULL;
>  size_t offset;
>  
> -hpagesize = gethugepagesize(path, _err);
> -if (local_err) {
> -error_propagate(errp, local_err);
> +pagesize = qemu_file_get_page_size(path);
> +if (!pagesize) {
> +error_setg(errp, "can't get page size for %s", path);
>  goto error;
>  }
> -block->mr->align = hpagesize;
> +block->mr->align = pagesize;
>  
> -if (memory < hpagesize) {
> +if (memory < pagesize) {
>  error_setg(errp, "memory size 0x" RAM_ADDR_FMT " must be equal to "
> -   "or larger than huge page size 0x%" PRIx64,
> -   memory, hpagesize);
> +   "or larger than page size 0x%" PRIx64,
> +   memory, pagesize);
>  goto error;
>  }
>  
> @@ -1230,15 +1203,15 @@ static void *file_ram_alloc(RAMBlock *block,
>  fd = mkstemp(filename);
>  if (fd < 0) {
>  error_setg_errno(errp, errno,
> - "unable to create backing store for hugepages");
> + "unable to create backing store for path %s", path);
>  g_free(filename);
>  goto error;
>  }
>  unlink(filename);
>  g_free(filename);
>  
> -memory = ROUND_UP(memory, hpagesize);
> -total = memory + hpagesize;
> +memory = ROUND_UP(memory, pagesize);
> +total = memory + pagesize;
>  
>  /*
>   * ftruncate is not supported by hugetlbfs in older
> @@ -1254,12 +1227,12 @@ static void *file_ram_alloc(RAMBlock *block,
>  -1, 0);
>  if (ptr == MAP_FAILED) {
>  error_setg_errno(errp, errno,
> - "unable to allocate memory range for hugepages");
> + "unable to allocate memory range for path %s", 
> path);
>  close(fd);
>  goto error;
>  }
>  
> -offset = QEMU_ALIGN_UP((uintptr_t)ptr, hpagesize) - (uintptr_t)ptr;
> +offset = QEMU_ALIGN_UP((uintptr_t)ptr, pagesize) - (uintptr_t)ptr;
>  
>  area = mmap(ptr + offset, memory, PROT_READ | PROT_WRITE,
>  (block->flags & RAM_SHARED ? MAP_SHARED : MAP_PRIVATE) |
> @@ -1267,7 +1240,7 @@ static void *file_ram_alloc(RAMBlock *block,
>  fd, 0);
>  if (area == MAP_FAILED) {
>  error_setg_errno(errp, errno,
> - "unable to map backing store for hugepages");
> + "unable to map backing store for path %s", path);
>  munmap(ptr, total);
>  close(fd);
>  goto error;
> -- 
> 1.8.3.1

[Qemu-devel] [PULL v2 3/5] virtio dataplane: adapt dataplane for virtio Version 1

[Stefan Hajnoczi]

From: Pierre Morel 

Let dataplane allocate different region for the desc/avail/used
ring regions.
Take VIRTIO_RING_F_EVENT_IDX into account to increase the used/avail
rings accordingly.

[Fix 32-bit builds by changing 16lx format specifier to HWADDR_PRIx.
--Stefan]

Signed-off-by: Pierre Morel 
Tested-by: Greg Kurz 
Signed-off-by: Greg Kurz 
Message-id: 1441625636-23773-1-git-send-email-pmo...@linux.vnet.ibm.com
(changed __virtio16 into uint16_t,
 map descriptor table and available ring read-only)
Signed-off-by: Greg Kurz 
Signed-off-by: Stefan Hajnoczi 
---
 hw/virtio/dataplane/vring.c | 65 ++---
 include/hw/virtio/dataplane/vring.h |  4 ++-
 2 files changed, 56 insertions(+), 13 deletions(-)

diff --git a/hw/virtio/dataplane/vring.c b/hw/virtio/dataplane/vring.c
index fece83a..68f1994 100644
--- a/hw/virtio/dataplane/vring.c
+++ b/hw/virtio/dataplane/vring.c
@@ -67,22 +67,53 @@ static void vring_unmap(void *buffer, bool is_write)
 /* Map the guest's vring to host memory */
 bool vring_setup(Vring *vring, VirtIODevice *vdev, int n)
 {
-hwaddr vring_addr = virtio_queue_get_ring_addr(vdev, n);
-hwaddr vring_size = virtio_queue_get_ring_size(vdev, n);
-void *vring_ptr;
+struct vring *vr = >vr;
+hwaddr addr;
+hwaddr size;
+void *ptr;
 
 vring->broken = false;
+vr->num = virtio_queue_get_num(vdev, n);
 
-vring_ptr = vring_map(>mr, vring_addr, vring_size, true);
-if (!vring_ptr) {
-error_report("Failed to map vring "
- "addr %#" HWADDR_PRIx " size %" HWADDR_PRIu,
- vring_addr, vring_size);
-vring->broken = true;
-return false;
+addr = virtio_queue_get_desc_addr(vdev, n);
+size = virtio_queue_get_desc_size(vdev, n);
+/* Map the descriptor area as read only */
+ptr = vring_map(>mr_desc, addr, size, false);
+if (!ptr) {
+error_report("Failed to map 0x%" HWADDR_PRIx " byte for vring desc "
+ "at 0x%" HWADDR_PRIx,
+  size, addr);
+goto out_err_desc;
 }
+vr->desc = ptr;
 
-vring_init(>vr, virtio_queue_get_num(vdev, n), vring_ptr, 4096);
+addr = virtio_queue_get_avail_addr(vdev, n);
+size = virtio_queue_get_avail_size(vdev, n);
+/* Add the size of the used_event_idx */
+size += sizeof(uint16_t);
+/* Map the driver area as read only */
+ptr = vring_map(>mr_avail, addr, size, false);
+if (!ptr) {
+error_report("Failed to map 0x%" HWADDR_PRIx " byte for vring avail "
+ "at 0x%" HWADDR_PRIx,
+  size, addr);
+goto out_err_avail;
+}
+vr->avail = ptr;
+
+addr = virtio_queue_get_used_addr(vdev, n);
+size = virtio_queue_get_used_size(vdev, n);
+/* Add the size of the avail_event_idx */
+size += sizeof(uint16_t);
+/* Map the device area as read-write */
+ptr = vring_map(>mr_used, addr, size, true);
+if (!ptr) {
+error_report("Failed to map 0x%" HWADDR_PRIx " byte for vring used "
+ "at 0x%" HWADDR_PRIx,
+  size, addr);
+goto out_err_used;
+}
+vr->used = ptr;
 
 vring->last_avail_idx = virtio_queue_get_last_avail_idx(vdev, n);
 vring->last_used_idx = vring_get_used_idx(vdev, vring);
@@ -92,6 +123,14 @@ bool vring_setup(Vring *vring, VirtIODevice *vdev, int n)
 trace_vring_setup(virtio_queue_get_ring_addr(vdev, n),
   vring->vr.desc, vring->vr.avail, vring->vr.used);
 return true;
+
+out_err_used:
+memory_region_unref(vring->mr_avail);
+out_err_avail:
+memory_region_unref(vring->mr_desc);
+out_err_desc:
+vring->broken = true;
+return false;
 }
 
 void vring_teardown(Vring *vring, VirtIODevice *vdev, int n)
@@ -99,7 +138,9 @@ void vring_teardown(Vring *vring, VirtIODevice *vdev, int n)
 virtio_queue_set_last_avail_idx(vdev, n, vring->last_avail_idx);
 virtio_queue_invalidate_signalled_used(vdev, n);
 
-memory_region_unref(vring->mr);
+memory_region_unref(vring->mr_desc);
+memory_region_unref(vring->mr_avail);
+memory_region_unref(vring->mr_used);
 }
 
 /* Disable guest->host notifies */
diff --git a/include/hw/virtio/dataplane/vring.h 
b/include/hw/virtio/dataplane/vring.h
index 8d97db9..a596e4c 100644
--- a/include/hw/virtio/dataplane/vring.h
+++ b/include/hw/virtio/dataplane/vring.h
@@ -22,7 +22,9 @@
 #include "hw/virtio/virtio.h"
 
 typedef struct {
-MemoryRegion *mr;   /* memory region containing the vring */
+MemoryRegion *mr_desc;  /* memory region for the vring desc */
+MemoryRegion *mr_avail; /* memory region for the vring avail */
+MemoryRegion *mr_used;  /* memory region for the vring used */
 struct vring vr;/* 

[Qemu-devel] [PULL v2 4/5] block: switch from g_slice allocator to malloc

[Stefan Hajnoczi]

From: Paolo Bonzini 

Simplify memory allocation by sticking with a single API.  GSlice
is not that fast anyway (tcmalloc/jemalloc are better).

Signed-off-by: Paolo Bonzini 
Signed-off-by: Stefan Hajnoczi 
---
 block/io.c| 4 ++--
 block/mirror.c| 4 ++--
 block/raw-posix.c | 8 
 block/raw-win32.c | 4 ++--
 hw/block/virtio-blk.c | 4 ++--
 5 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/block/io.c b/block/io.c
index 94e18e6..17293c3 100644
--- a/block/io.c
+++ b/block/io.c
@@ -2218,7 +2218,7 @@ void *qemu_aio_get(const AIOCBInfo *aiocb_info, 
BlockDriverState *bs,
 {
 BlockAIOCB *acb;
 
-acb = g_slice_alloc(aiocb_info->aiocb_size);
+acb = g_malloc(aiocb_info->aiocb_size);
 acb->aiocb_info = aiocb_info;
 acb->bs = bs;
 acb->cb = cb;
@@ -2238,7 +2238,7 @@ void qemu_aio_unref(void *p)
 BlockAIOCB *acb = p;
 assert(acb->refcnt > 0);
 if (--acb->refcnt == 0) {
-g_slice_free1(acb->aiocb_info->aiocb_size, acb);
+g_free(acb);
 }
 }
 
diff --git a/block/mirror.c b/block/mirror.c
index 87928ab..1ca4aa0 100644
--- a/block/mirror.c
+++ b/block/mirror.c
@@ -113,7 +113,7 @@ static void mirror_iteration_done(MirrorOp *op, int ret)
 }
 
 qemu_iovec_destroy(>qiov);
-g_slice_free(MirrorOp, op);
+g_free(op);
 
 if (s->waiting_for_io) {
 qemu_coroutine_enter(s->common.co, NULL);
@@ -264,7 +264,7 @@ static uint64_t coroutine_fn 
mirror_iteration(MirrorBlockJob *s)
 } while (delay_ns == 0 && next_sector < end);
 
 /* Allocate a MirrorOp that is used as an AIO callback.  */
-op = g_slice_new(MirrorOp);
+op = g_new(MirrorOp, 1);
 op->s = s;
 op->sector_num = sector_num;
 op->nb_sectors = nb_sectors;
diff --git a/block/raw-posix.c b/block/raw-posix.c
index 86f8562..cc1b874 100644
--- a/block/raw-posix.c
+++ b/block/raw-posix.c
@@ -1259,7 +1259,7 @@ static int aio_worker(void *arg)
 break;
 }
 
-g_slice_free(RawPosixAIOData, aiocb);
+g_free(aiocb);
 return ret;
 }
 
@@ -1267,7 +1267,7 @@ static int paio_submit_co(BlockDriverState *bs, int fd,
 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
 int type)
 {
-RawPosixAIOData *acb = g_slice_new(RawPosixAIOData);
+RawPosixAIOData *acb = g_new(RawPosixAIOData, 1);
 ThreadPool *pool;
 
 acb->bs = bs;
@@ -1292,7 +1292,7 @@ static BlockAIOCB *paio_submit(BlockDriverState *bs, int 
fd,
 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
 BlockCompletionFunc *cb, void *opaque, int type)
 {
-RawPosixAIOData *acb = g_slice_new(RawPosixAIOData);
+RawPosixAIOData *acb = g_new(RawPosixAIOData, 1);
 ThreadPool *pool;
 
 acb->bs = bs;
@@ -2237,7 +2237,7 @@ static BlockAIOCB *hdev_aio_ioctl(BlockDriverState *bs,
 if (fd_open(bs) < 0)
 return NULL;
 
-acb = g_slice_new(RawPosixAIOData);
+acb = g_new(RawPosixAIOData, 1);
 acb->bs = bs;
 acb->aio_type = QEMU_AIO_IOCTL;
 acb->aio_fildes = s->fd;
diff --git a/block/raw-win32.c b/block/raw-win32.c
index b562c94..2d0907a 100644
--- a/block/raw-win32.c
+++ b/block/raw-win32.c
@@ -135,7 +135,7 @@ static int aio_worker(void *arg)
 break;
 }
 
-g_slice_free(RawWin32AIOData, aiocb);
+g_free(aiocb);
 return ret;
 }
 
@@ -143,7 +143,7 @@ static BlockAIOCB *paio_submit(BlockDriverState *bs, HANDLE 
hfile,
 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
 BlockCompletionFunc *cb, void *opaque, int type)
 {
-RawWin32AIOData *acb = g_slice_new(RawWin32AIOData);
+RawWin32AIOData *acb = g_new(RawWin32AIOData, 1);
 ThreadPool *pool;
 
 acb->bs = bs;
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index 76d27f9..8beb26b 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -30,7 +30,7 @@
 
 VirtIOBlockReq *virtio_blk_alloc_request(VirtIOBlock *s)
 {
-VirtIOBlockReq *req = g_slice_new(VirtIOBlockReq);
+VirtIOBlockReq *req = g_new(VirtIOBlockReq, 1);
 req->dev = s;
 req->qiov.size = 0;
 req->in_len = 0;
@@ -42,7 +42,7 @@ VirtIOBlockReq *virtio_blk_alloc_request(VirtIOBlock *s)
 void virtio_blk_free_request(VirtIOBlockReq *req)
 {
 if (req) {
-g_slice_free(VirtIOBlockReq, req);
+g_free(req);
 }
 }
 
-- 
2.4.3

[Qemu-devel] [PULL v2 5/5] sdhci.c: Limit the maximum block size

[Stefan Hajnoczi]

From: Alistair Francis 

It is possible for the guest to set an invalid block
size which is larger then the fifo_buffer[] array. This
could cause a buffer overflow.

To avoid this limit the maximum size of the blksize variable.

Signed-off-by: Alistair Francis 
Reported-by: Intel Security ATR 
Reviewed-by: Stefan Hajnoczi 
Reviewed-by: Peter Crosthwaite 
Message-id: 
abe4c51f513290bbb85d1ee271cb1a3d463d7561.1444067470.git.alistair.fran...@xilinx.com
Suggested-by: Igor Mitsyanko 
Reported-by: Intel Security ATR 
Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Stefan Hajnoczi 
---
 hw/sd/sdhci.c | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
index 7f9d814..7f73527 100644
--- a/hw/sd/sdhci.c
+++ b/hw/sd/sdhci.c
@@ -1009,6 +1009,16 @@ sdhci_write(void *opaque, hwaddr offset, uint64_t val, 
unsigned size)
 MASKED_WRITE(s->blksize, mask, value);
 MASKED_WRITE(s->blkcnt, mask >> 16, value >> 16);
 }
+
+/* Limit block size to the maximum buffer size */
+if (extract32(s->blksize, 0, 12) > s->buf_maxsz) {
+qemu_log_mask(LOG_GUEST_ERROR, "%s: Size 0x%x is larger than " \
+  "the maximum buffer 0x%x", __func__, s->blksize,
+  s->buf_maxsz);
+
+s->blksize = deposit32(s->blksize, 0, 12, s->buf_maxsz);
+}
+
 break;
 case SDHC_ARGUMENT:
 MASKED_WRITE(s->argument, mask, value);
-- 
2.4.3

[Qemu-devel] [PATCH 2/3] configure: require glib 2.26

[marcandre . lureau]

From: Marc-André Lureau 

This allows to use the GLIB_VERSION macros that will help to ensure the
newer symbols are not being used (or with compatibility code).

Signed-off-by: Marc-André Lureau 
---
 configure | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index f08327e..1bc832f 100755
--- a/configure
+++ b/configure
@@ -2843,7 +2843,8 @@ fi
 ##
 # glib support probe
 
-glib_req_ver=2.22
+glib_req_ver=2.26
+glib_ver=GLIB_VERSION_2_26
 glib_modules=gthread-2.0
 if test "$modules" = yes; then
 glib_modules="$glib_modules gmodule-2.0"
@@ -2853,7 +2854,7 @@ for i in $glib_modules; do
 if $pkg_config --atleast-version=$glib_req_ver $i; then
 glib_cflags=`$pkg_config --cflags $i`
 glib_libs=`$pkg_config --libs $i`
-CFLAGS="$glib_cflags $CFLAGS"
+CFLAGS="$glib_cflags $CFLAGS -DGLIB_VERSION_MIN_REQUIRED=$glib_ver 
-DGLIB_VERSION_MAX_ALLOWED=$glib_ver"
 LIBS="$glib_libs $LIBS"
 libs_qga="$glib_libs $libs_qga"
 else
-- 
2.4.3

[Qemu-devel] [PATCH 3/3] Remove glib < 2.26 compatibility code

[marcandre . lureau]

From: Marc-André Lureau 

Since 2.26 is now the minimum.

Signed-off-by: Marc-André Lureau 
---
 include/glib-compat.h   | 4 
 tests/vhost-user-test.c | 4 
 2 files changed, 8 deletions(-)

diff --git a/include/glib-compat.h b/include/glib-compat.h
index 318e000..46a2bc5 100644
--- a/include/glib-compat.h
+++ b/include/glib-compat.h
@@ -19,10 +19,6 @@
 #include 
 
 /* GLIB version compatibility flags */
-#if !GLIB_CHECK_VERSION(2, 26, 0)
-#define G_TIME_SPAN_SECOND  (G_GINT64_CONSTANT(100))
-#endif
-
 #if !GLIB_CHECK_VERSION(2, 28, 0)
 static inline gint64 qemu_g_get_monotonic_time(void)
 {
diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index 56df5cc..9f2254d 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -21,10 +21,6 @@
 #include 
 
 /* GLIB version compatibility flags */
-#if !GLIB_CHECK_VERSION(2, 26, 0)
-#define G_TIME_SPAN_SECOND  (G_GINT64_CONSTANT(100))
-#endif
-
 #if GLIB_CHECK_VERSION(2, 28, 0)
 #define HAVE_MONOTONIC_TIME
 #endif
-- 
2.4.3

Re: [Qemu-devel] [PATCH v7 05/14] qapi: Lazy creation of array types

[Markus Armbruster]

Eric Blake  writes:

> On 10/07/2015 10:38 AM, Markus Armbruster wrote:
>> Eric Blake  writes:
>> 
>>> Commit ac88219a had several TODO markers about whether we needed
>>> to automatically create the corresponding array type alongside
>>> any other type.  It turns out that most of the time, we don't!
>>>
>
>>> +def _make_simple_variant(self, case, typ, info):
>>>  if isinstance(typ, list):
>>>  assert len(typ) == 1
>>> -typ = self._make_array_type(typ[0])
>>> -typ = self._make_implicit_object_type(typ, 'wrapper',
>>> -  [self._make_member('data', 
>>> typ)])
>>> +typ = self._make_array_type(typ[0], info)
>>> +typ = self._make_implicit_object_type(
>>> +typ, 'wrapper', [self._make_member('data', typ, info)])
>> 
>> I'd indent the hanging intent a bit more, to make the = stand out.
>
> pep8 doesn't like it:
>
> scripts/qapi.py:1299:17: E126 continuation line over-indented for
> hanging indent

Meh.

See also https://github.com/PyCQA/pep8/issues/167

> but it was okay with:
>
> type = (self._make_implicit_object_type(
> type, ...))
>
> and that does look a little better.

I find it a bit stilted.  Let's stick with your first version.

[Qemu-devel] [PULL 10/14] netfilter: add an API to pass the packet to next filter

[Jason Wang]

From: Yang Hongyang 

add an API qemu_netfilter_pass_to_next() to pass the packet
to next filter.

Signed-off-by: Yang Hongyang 
Reviewed-by: Thomas Huth 
Signed-off-by: Jason Wang 
---
 include/net/filter.h |  7 +++
 net/filter.c | 58 
 2 files changed, 65 insertions(+)

diff --git a/include/net/filter.h b/include/net/filter.h
index db035b6..5639976 100644
--- a/include/net/filter.h
+++ b/include/net/filter.h
@@ -66,4 +66,11 @@ ssize_t qemu_netfilter_receive(NetFilterState *nf,
int iovcnt,
NetPacketSent *sent_cb);
 
+/* pass the packet to the next filter */
+ssize_t qemu_netfilter_pass_to_next(NetClientState *sender,
+unsigned flags,
+const struct iovec *iov,
+int iovcnt,
+void *opaque);
+
 #endif /* QEMU_NET_FILTER_H */
diff --git a/net/filter.c b/net/filter.c
index 147c57f..5d5022f 100644
--- a/net/filter.c
+++ b/net/filter.c
@@ -14,6 +14,7 @@
 #include "net/net.h"
 #include "net/vhost_net.h"
 #include "qom/object_interfaces.h"
+#include "qemu/iov.h"
 
 ssize_t qemu_netfilter_receive(NetFilterState *nf,
NetFilterDirection direction,
@@ -32,6 +33,63 @@ ssize_t qemu_netfilter_receive(NetFilterState *nf,
 return 0;
 }
 
+ssize_t qemu_netfilter_pass_to_next(NetClientState *sender,
+unsigned flags,
+const struct iovec *iov,
+int iovcnt,
+void *opaque)
+{
+int ret = 0;
+int direction;
+NetFilterState *nf = opaque;
+NetFilterState *next = QTAILQ_NEXT(nf, next);
+
+if (!sender || !sender->peer) {
+/* no receiver, or sender been deleted, no need to pass it further */
+goto out;
+}
+
+if (nf->direction == NET_FILTER_DIRECTION_ALL) {
+if (sender == nf->netdev) {
+/* This packet is sent by netdev itself */
+direction = NET_FILTER_DIRECTION_TX;
+} else {
+direction = NET_FILTER_DIRECTION_RX;
+}
+} else {
+direction = nf->direction;
+}
+
+while (next) {
+/*
+ * if qemu_netfilter_pass_to_next been called, means that
+ * the packet has been hold by filter and has already retured size
+ * to the sender, so sent_cb shouldn't be called later, just
+ * pass NULL to next.
+ */
+ret = qemu_netfilter_receive(next, direction, sender, flags, iov,
+ iovcnt, NULL);
+if (ret) {
+return ret;
+}
+next = QTAILQ_NEXT(next, next);
+}
+
+/*
+ * We have gone through all filters, pass it to receiver.
+ * Do the valid check again incase sender or receiver been
+ * deleted while we go through filters.
+ */
+if (sender && sender->peer) {
+qemu_net_queue_send_iov(sender->peer->incoming_queue,
+sender, flags, iov, iovcnt, NULL);
+}
+
+out:
+/* no receiver, or sender been deleted */
+return iov_size(iov, iovcnt);
+}
+
 static char *netfilter_get_netdev_id(Object *obj, Error **errp)
 {
 NetFilterState *nf = NETFILTER(obj);
-- 
2.1.4

Re: [Qemu-devel] Quick question on NVME on qemu

[Kevin Wolf]

Am 12.10.2015 um 10:05 hat Igor Mammedov geschrieben:
> On Sat, 10 Oct 2015 00:39:43 -0700
> sahlot arvind  wrote:
> 
> > Hello,
> > 
> > Does qemu emulate a proper NVMe controller?  Can someone please tell me how
> s far as I'm aware, QEMU doesn't emulate any NVMe controller yet.

It does, though I'm not sure how complete it is. You can use it with
-drive file=...,if=none,id=some_id -device nvme,drive=some_id

Kevin

> > can I use it to emulate a proper NVMe controller? Is there some way to
> > enable logging PCI accesses to NVMe controller so that I can see what
> > accesses my driver or OS is doing?
> > 
> > Thanks in advance!
> > Sahlot
> 
> 

Re: [Qemu-devel] [PATCH 1/2] kvm/x86: Hyper-V synthetic interrupt controller

[Paolo Bonzini]

On 12/10/2015 10:48, Cornelia Huck wrote:
> Going back to Paolo's original question, I think changing the check
> to !KVM_IRQ_ROUTING_IRQCHIP makes sense, if I understand the code
> correctly. They seem to be the only special one.

Great.  Roman, Denis, can you do this then?

Thanks,

Paolo

[Qemu-devel] [PATCH v2 4/5] virtio-9p: add unrealize handler

[Greg Kurz]

This patch allows to hot-unplug a quiescent virtio-9p device, and free its
allocated resources. A refcount is added to the v9fs thread pool, so that
its resources are freed as well when the last virtio-9p device is unplugged.

Note that we have an unplug blocker which prevents this code to be reached
if the 9p share is mounted in the guest. No need to bother about in-flight
I/O requests in this case.

This patch fixes a QEMU crash on the source node if the user device_add
a virtio-9p device and then migrate.

Signed-off-by: Greg Kurz 
---
V2:
- now introduces v9fs_release_worker_threads() (was in patch 1)
- adds a refcount to the v9fs thread pool
---
 hw/9pfs/virtio-9p-coth.c   |   15 ++-
 hw/9pfs/virtio-9p-coth.h   |2 ++
 hw/9pfs/virtio-9p-device.c |   12 
 3 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/hw/9pfs/virtio-9p-coth.c b/hw/9pfs/virtio-9p-coth.c
index 1d832ede1ebf..27ccc66c91d8 100644
--- a/hw/9pfs/virtio-9p-coth.c
+++ b/hw/9pfs/virtio-9p-coth.c
@@ -55,7 +55,7 @@ int v9fs_init_worker_threads(void)
 V9fsThPool *p = _pool;
 sigset_t set, oldset;
 
-if (p->pool) {
+if (p->refcount++) {
 return 0;
 }
 
@@ -81,3 +81,16 @@ err_out:
 pthread_sigmask(SIG_SETMASK, , NULL);
 return ret;
 }
+
+void v9fs_release_worker_threads(void)
+{
+V9fsThPool *p = _pool;
+
+if (--p->refcount) {
+return;
+}
+
+g_thread_pool_free(p->pool, TRUE, TRUE);
+g_async_queue_unref(p->completed);
+event_notifier_set_handler(>e, NULL);
+}
diff --git a/hw/9pfs/virtio-9p-coth.h b/hw/9pfs/virtio-9p-coth.h
index 4f51b250d1d4..2a2617e670a5 100644
--- a/hw/9pfs/virtio-9p-coth.h
+++ b/hw/9pfs/virtio-9p-coth.h
@@ -25,6 +25,7 @@ typedef struct V9fsThPool {
 
 GThreadPool *pool;
 GAsyncQueue *completed;
+unsigned refcount;
 } V9fsThPool;
 
 /*
@@ -56,6 +57,7 @@ typedef struct V9fsThPool {
 
 extern void co_run_in_worker_bh(void *);
 extern int v9fs_init_worker_threads(void);
+extern void v9fs_release_worker_threads(void);
 extern int v9fs_co_readlink(V9fsPDU *, V9fsPath *, V9fsString *);
 extern int v9fs_co_readdir_r(V9fsPDU *, V9fsFidState *,
struct dirent *, struct dirent **result);
diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c
index 93a407c45926..ed133c40493a 100644
--- a/hw/9pfs/virtio-9p-device.c
+++ b/hw/9pfs/virtio-9p-device.c
@@ -138,6 +138,17 @@ out:
 v9fs_path_free();
 }
 
+static void virtio_9p_device_unrealize(DeviceState *dev, Error **errp)
+{
+VirtIODevice *vdev = VIRTIO_DEVICE(dev);
+V9fsState *s = VIRTIO_9P(dev);
+
+v9fs_release_worker_threads();
+g_free(s->ctx.fs_root);
+g_free(s->tag);
+virtio_cleanup(vdev);
+}
+
 /* virtio-9p device */
 
 static Property virtio_9p_properties[] = {
@@ -154,6 +165,7 @@ static void virtio_9p_class_init(ObjectClass *klass, void 
*data)
 dc->props = virtio_9p_properties;
 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
 vdc->realize = virtio_9p_device_realize;
+vdc->unrealize = virtio_9p_device_unrealize;
 vdc->get_features = virtio_9p_get_features;
 vdc->get_config = virtio_9p_get_config;
 }

[Qemu-devel] [PATCH v2 5/5] virtio-9p: add savem handlers

[Greg Kurz]

We don't support migration of mounted 9p shares. This is handled by a
migration blocker.

One would expect, however, to be able to migrate if the share is unmounted.
Unfortunately virtio-9p-device does not register savevm handlers at all !
Migration succeeds and leaves the guest with a dangling device...

This patch simply registers migration handlers for virtio-9p-device. Whether
migration is possible or not still depends on the migration blocker.

Signed-off-by: Greg Kurz 
---
 hw/9pfs/virtio-9p-device.c |   12 
 1 file changed, 12 insertions(+)

diff --git a/hw/9pfs/virtio-9p-device.c b/hw/9pfs/virtio-9p-device.c
index ed133c40493a..bd7f10a0a902 100644
--- a/hw/9pfs/virtio-9p-device.c
+++ b/hw/9pfs/virtio-9p-device.c
@@ -43,6 +43,16 @@ static void virtio_9p_get_config(VirtIODevice *vdev, uint8_t 
*config)
 g_free(cfg);
 }
 
+static void virtio_9p_save(QEMUFile *f, void *opaque)
+{
+virtio_save(VIRTIO_DEVICE(opaque), f);
+}
+
+static int virtio_9p_load(QEMUFile *f, void *opaque, int version_id)
+{
+return virtio_load(VIRTIO_DEVICE(opaque), f, version_id);
+}
+
 static void virtio_9p_device_realize(DeviceState *dev, Error **errp)
 {
 VirtIODevice *vdev = VIRTIO_DEVICE(dev);
@@ -130,6 +140,7 @@ static void virtio_9p_device_realize(DeviceState *dev, 
Error **errp)
 }
 v9fs_path_free();
 
+register_savevm(dev, "virtio-9p", -1, 1, virtio_9p_save, virtio_9p_load, 
s);
 return;
 out:
 g_free(s->ctx.fs_root);
@@ -146,6 +157,7 @@ static void virtio_9p_device_unrealize(DeviceState *dev, 
Error **errp)
 v9fs_release_worker_threads();
 g_free(s->ctx.fs_root);
 g_free(s->tag);
+unregister_savevm(dev, "virtio-9p", s);
 virtio_cleanup(vdev);
 }
 

Re: [Qemu-devel] simple qmp core dump

[Markus Armbruster]

Eric Blake  writes:

> Just noticed this core dump (I was actually trying to exceed the 1024
> hard-baked limit in qmp-input-visitor.c which tries to set an Error
> object, but it looks like that limit was unreachable due to this earlier
> assertion):
>
> $ printf '{"execute":"qmp_capabilities","id":%1025s' " " | tr ' ' { |
> ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -qmp stdio
> {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2},
> "package": ""}, "capabilities": []}}
> main-loop: WARNING: I/O thread spun for 1000 iterations
> **
> ERROR:qobject/json-parser.c:294:parser_context_peek_token: assertion
> failed: (ctxt->tokens.pos < ctxt->tokens.count)
> Aborted (core dumped)
>
> I don't know the best way to deal with a client that abuses QMP
> protocol, but it would at least be nice to not abort.

Handwritten parser crashes, surprise, surprise.

1023 works, 1024 crashes.  Need to dig to find out why.

Re: [Qemu-devel] i386: SSE 4 implementation does not match bare metal

[Paolo Bonzini]

On 12/10/2015 10:21, Florian Weimer wrote:
> We received a bug report that the SSE-4.2-based strstr in glibc 2.17 was
> misbehaving and returned NULL for certain inputs, even though the search
> pattern is clearly present in the subject string.  I'm attaching a test
> case.  You can run it as "./tst-strstr 3" to directly go to one failing
> case.
> 
> I'm not sure how to debug this further, except by running the program
> under GDB, single-step through it, dump registers, and compare the
> results with a bare-metal implement after each instruction executed.

Headscratching and reading the Intel SDM is usually the best way if you
can reduce it to a single instruction (and in this case pcmpXstrX was
obviously the most likely culprit).

> Downstream bug: https://bugzilla.redhat.com/show_bug.cgi?id=1270703
> There is also an attachment with a pre-compiled binary.

Patch sent, thanks for the report.

Paolo

[Qemu-devel] [PULL v2 1/5] sdhci: Pass drive parameter to sdhci-pci via qdev property

[Stefan Hajnoczi]

From: Kevin O'Connor 

Commit 19109131 disabled the sdhci-pci support because it used
drive_get_next().  This patch reenables sdhci-pci and changes it to
pass the drive via a qdev property - for example:
 -device sdhci-pci,drive=drive0 -drive id=drive0,if=sd,file=myimage

Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Kevin O'Connor 
Signed-off-by: Stefan Hajnoczi 
---
 hw/sd/sd.c|  4 +++-
 hw/sd/sdhci.c | 32 +++-
 hw/sd/sdhci.h |  2 ++
 3 files changed, 24 insertions(+), 14 deletions(-)

diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index 3e2a451..393a75c 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -492,7 +492,9 @@ SDState *sd_init(BlockBackend *blk, bool is_spi)
 sd->blk = blk;
 sd_reset(sd);
 if (sd->blk) {
-blk_attach_dev_nofail(sd->blk, sd);
+/* Attach dev if not already attached.  (This call ignores an
+ * error return code if sd->blk is already attached.) */
+blk_attach_dev(sd->blk, sd);
 blk_set_dev_ops(sd->blk, _block_ops, sd);
 }
 vmstate_register(NULL, -1, _vmstate, sd);
diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
index 8b0f9f0..7f9d814 100644
--- a/hw/sd/sdhci.c
+++ b/hw/sd/sdhci.c
@@ -1145,13 +1145,9 @@ static inline unsigned int sdhci_get_fifolen(SDHCIState 
*s)
 }
 }
 
-static void sdhci_initfn(SDHCIState *s)
+static void sdhci_initfn(SDHCIState *s, BlockBackend *blk)
 {
-DriveInfo *di;
-
-/* FIXME use a qdev drive property instead of drive_get_next() */
-di = drive_get_next(IF_SD);
-s->card = sd_init(di ? blk_by_legacy_dinfo(di) : NULL, false);
+s->card = sd_init(blk, false);
 if (s->card == NULL) {
 exit(1);
 }
@@ -1215,7 +1211,8 @@ const VMStateDescription sdhci_vmstate = {
 
 /* Capabilities registers provide information on supported features of this
  * specific host controller implementation */
-static Property sdhci_properties[] = {
+static Property sdhci_pci_properties[] = {
+DEFINE_BLOCK_PROPERTIES(SDHCIState, conf),
 DEFINE_PROP_UINT32("capareg", SDHCIState, capareg,
 SDHC_CAPAB_REG_DEFAULT),
 DEFINE_PROP_UINT32("maxcurr", SDHCIState, maxcurr, 0),
@@ -1227,7 +1224,7 @@ static void sdhci_pci_realize(PCIDevice *dev, Error 
**errp)
 SDHCIState *s = PCI_SDHCI(dev);
 dev->config[PCI_CLASS_PROG] = 0x01; /* Standard Host supported DMA */
 dev->config[PCI_INTERRUPT_PIN] = 0x01; /* interrupt pin A */
-sdhci_initfn(s);
+sdhci_initfn(s, s->conf.blk);
 s->buf_maxsz = sdhci_get_fifolen(s);
 s->fifo_buffer = g_malloc0(s->buf_maxsz);
 s->irq = pci_allocate_irq(dev);
@@ -1254,9 +1251,7 @@ static void sdhci_pci_class_init(ObjectClass *klass, void 
*data)
 k->class_id = PCI_CLASS_SYSTEM_SDHCI;
 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
 dc->vmsd = _vmstate;
-dc->props = sdhci_properties;
-/* Reason: realize() method uses drive_get_next() */
-dc->cannot_instantiate_with_device_add_yet = true;
+dc->props = sdhci_pci_properties;
 }
 
 static const TypeInfo sdhci_pci_info = {
@@ -1266,10 +1261,21 @@ static const TypeInfo sdhci_pci_info = {
 .class_init = sdhci_pci_class_init,
 };
 
+static Property sdhci_sysbus_properties[] = {
+DEFINE_PROP_UINT32("capareg", SDHCIState, capareg,
+SDHC_CAPAB_REG_DEFAULT),
+DEFINE_PROP_UINT32("maxcurr", SDHCIState, maxcurr, 0),
+DEFINE_PROP_END_OF_LIST(),
+};
+
 static void sdhci_sysbus_init(Object *obj)
 {
 SDHCIState *s = SYSBUS_SDHCI(obj);
-sdhci_initfn(s);
+DriveInfo *di;
+
+/* FIXME use a qdev drive property instead of drive_get_next() */
+di = drive_get_next(IF_SD);
+sdhci_initfn(s, di ? blk_by_legacy_dinfo(di) : NULL);
 }
 
 static void sdhci_sysbus_finalize(Object *obj)
@@ -1296,7 +1302,7 @@ static void sdhci_sysbus_class_init(ObjectClass *klass, 
void *data)
 DeviceClass *dc = DEVICE_CLASS(klass);
 
 dc->vmsd = _vmstate;
-dc->props = sdhci_properties;
+dc->props = sdhci_sysbus_properties;
 dc->realize = sdhci_sysbus_realize;
 /* Reason: instance_init() method uses drive_get_next() */
 dc->cannot_instantiate_with_device_add_yet = true;
diff --git a/hw/sd/sdhci.h b/hw/sd/sdhci.h
index 3352d23..e2de92d 100644
--- a/hw/sd/sdhci.h
+++ b/hw/sd/sdhci.h
@@ -26,6 +26,7 @@
 #define SDHCI_H
 
 #include "qemu-common.h"
+#include "hw/block/block.h"
 #include "hw/pci/pci.h"
 #include "hw/sysbus.h"
 #include "hw/sd.h"
@@ -239,6 +240,7 @@ typedef struct SDHCIState {
 };
 SDState *card;
 MemoryRegion iomem;
+BlockConf conf;
 
 QEMUTimer *insert_timer;   /* timer for 'changing' sd card. */
 QEMUTimer *transfer_timer;
-- 
2.4.3

[Qemu-devel] [PATCH 0/3] Use glib 2.26 version macros

[marcandre . lureau]

From: Marc-André Lureau 

Bump glib requirement to be able to use the GLIB_VERSION macros.

Marc-André Lureau (3):
  hw/acpi/aml-build: remove useless glib version check
  configure: require glib 2.26
  Remove glib < 2.26 compatibility code

 configure   | 5 +++--
 hw/acpi/aml-build.c | 2 --
 include/glib-compat.h   | 4 
 tests/vhost-user-test.c | 4 
 4 files changed, 3 insertions(+), 12 deletions(-)

-- 
2.4.3

[Qemu-devel] [PATCH 1/3] hw/acpi/aml-build: remove useless glib version check

[marcandre . lureau]

From: Marc-André Lureau 

2.22 is the minimum version required

Signed-off-by: Marc-André Lureau 
---
 hw/acpi/aml-build.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c
index 0d4b324..a00a0ab 100644
--- a/hw/acpi/aml-build.c
+++ b/hw/acpi/aml-build.c
@@ -1163,9 +1163,7 @@ void *acpi_data_push(GArray *table_data, unsigned size)
 
 unsigned acpi_data_len(GArray *table)
 {
-#if GLIB_CHECK_VERSION(2, 22, 0)
 assert(g_array_get_element_size(table) == 1);
-#endif
 return table->len;
 }
 
-- 
2.4.3

Re: [Qemu-devel] [PATCH 1/2] kvm/x86: Hyper-V synthetic interrupt controller

[Roman Kagan]

On Mon, Oct 12, 2015 at 10:58:36AM +0200, Paolo Bonzini wrote:
> On 12/10/2015 10:48, Cornelia Huck wrote:
> > Going back to Paolo's original question, I think changing the check
> > to !KVM_IRQ_ROUTING_IRQCHIP makes sense, if I understand the code
> > correctly. They seem to be the only special one.
> 
> Great.  Roman, Denis, can you do this then?

Sure, gonna be in the next round.

Thanks,
Roman.

[Qemu-devel] [PATCH v2 04/16] ui: convert VNC startup code to use SocketAddress

[Daniel P. Berrange]

The VNC code is currently using QemuOpts to configure the
sockets connections / listeners it needs. Convert it to
use SocketAddress to bring it in line with modern QAPI
based code elsewhere in QEMU.

Signed-off-by: Daniel P. Berrange 
---
 ui/vnc.c | 161 ---
 1 file changed, 91 insertions(+), 70 deletions(-)

diff --git a/ui/vnc.c b/ui/vnc.c
index d73966a..952e551 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3506,18 +3506,14 @@ void vnc_display_open(const char *id, Error **errp)
 {
 VncDisplay *vs = vnc_display_find(id);
 QemuOpts *opts = qemu_opts_find(_vnc_opts, id);
-QemuOpts *sopts, *wsopts;
+SocketAddress *saddr = NULL, *wsaddr = NULL;
 const char *share, *device_id;
 QemuConsole *con;
 bool password = false;
 bool reverse = false;
 const char *vnc;
-const char *has_to;
 char *h;
-bool has_ipv4 = false;
-bool has_ipv6 = false;
 const char *credid;
-const char *websocket;
 bool sasl = false;
 #ifdef CONFIG_VNC_SASL
 int saslErr;
@@ -3539,44 +3535,83 @@ void vnc_display_open(const char *id, Error **errp)
 return;
 }
 
-sopts = qemu_opts_create(_optslist, NULL, 0, _abort);
-wsopts = qemu_opts_create(_optslist, NULL, 0, _abort);
-
 h = strrchr(vnc, ':');
 if (h) {
-char *host;
 size_t hlen = h - vnc;
 
-if (vnc[0] == '[' && vnc[hlen - 1] == ']') {
-host = g_strndup(vnc + 1, hlen - 2);
+const char *websocket = qemu_opt_get(opts, "websocket");
+int to = qemu_opt_get_number(opts, "to", 0);
+bool has_ipv4 = qemu_opt_get_bool(opts, "ipv4", false);
+bool has_ipv6 = qemu_opt_get_bool(opts, "ipv6", false);
+
+saddr = g_new0(SocketAddress, 1);
+if (websocket) {
+if (!qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) {
+error_setg(errp,
+   "SHA1 hash support is required for websockets");
+goto fail;
+}
+
+wsaddr = g_new0(SocketAddress, 1);
+vs->ws_enabled = true;
+}
+
+if (strncmp(vnc, "unix:", 5) == 0) {
+saddr->kind = SOCKET_ADDRESS_KIND_UNIX;
+saddr->q_unix = g_new0(UnixSocketAddress, 1);
+saddr->q_unix->path = g_strdup(vnc + 5);
+
+if (vs->ws_enabled) {
+error_setg(errp, "UNIX sockets not supported with websock");
+goto fail;
+}
 } else {
-host = g_strndup(vnc, hlen);
+unsigned long long baseport;
+saddr->kind = SOCKET_ADDRESS_KIND_INET;
+saddr->inet = g_new0(InetSocketAddress, 1);
+if (vnc[0] == '[' && vnc[hlen - 1] == ']') {
+saddr->inet->host = g_strndup(vnc + 1, hlen - 2);
+} else {
+saddr->inet->host = g_strndup(vnc, hlen);
+}
+if (parse_uint_full(h + 1, , 10) < 0) {
+error_setg(errp, "can't convert to a number: %s", h + 1);
+goto fail;
+}
+if (baseport > 65535 ||
+baseport + 5900 > 65535) {
+error_setg(errp, "port %s out of range", h + 1);
+goto fail;
+}
+saddr->inet->port = g_strdup_printf(
+"%d", (int)baseport + 5900);
+
+if (to) {
+saddr->inet->has_to = true;
+saddr->inet->to = to;
+}
+saddr->inet->ipv4 = saddr->inet->has_ipv4 = has_ipv4;
+saddr->inet->ipv6 = saddr->inet->has_ipv6 = has_ipv6;
+
+if (vs->ws_enabled) {
+wsaddr->kind = SOCKET_ADDRESS_KIND_INET;
+wsaddr->inet = g_new0(InetSocketAddress, 1);
+wsaddr->inet->host = g_strdup(saddr->inet->host);
+wsaddr->inet->port = g_strdup(websocket);
+
+if (to) {
+wsaddr->inet->has_to = true;
+wsaddr->inet->to = to;
+}
+wsaddr->inet->ipv4 = wsaddr->inet->has_ipv4 = has_ipv4;
+wsaddr->inet->ipv6 = wsaddr->inet->has_ipv6 = has_ipv6;
+}
 }
-qemu_opt_set(sopts, "host", host, _abort);
-qemu_opt_set(wsopts, "host", host, _abort);
-qemu_opt_set(sopts, "port", h+1, _abort);
-g_free(host);
 } else {
 error_setg(errp, "no vnc port specified");
 goto fail;
 }
 
-has_to = qemu_opt_get(opts, "to");
-has_ipv4 = qemu_opt_get_bool(opts, "ipv4", false);
-has_ipv6 = qemu_opt_get_bool(opts, "ipv6", false);
-if (has_to) {
-qemu_opt_set(sopts, "to", has_to, _abort);
-qemu_opt_set(wsopts, "to", has_to, _abort);
-}
-if (has_ipv4) {
-qemu_opt_set(sopts, "ipv4", "on", _abort);
-qemu_opt_set(wsopts, "ipv4", "on", _abort);
-}
-if (has_ipv6) {
-

[Qemu-devel] [PULL 09/14] net/queue: introduce NetQueueDeliverFunc

[Jason Wang]

From: Yang Hongyang 

net/queue.c has logic to send/queue/flush packets but a
qemu_deliver_packet_iov() call is hardcoded. Abstract this
func so that we can use our own deliver function in netfilter.

Signed-off-by: Yang Hongyang 
Cc: Stefan Hajnoczi 
Signed-off-by: Jason Wang 
---
 include/net/queue.h | 13 -
 net/net.c   |  2 +-
 net/queue.c |  8 +---
 3 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/include/net/queue.h b/include/net/queue.h
index fc02b33..b4a7183 100644
--- a/include/net/queue.h
+++ b/include/net/queue.h
@@ -34,7 +34,18 @@ typedef void (NetPacketSent) (NetClientState *sender, 
ssize_t ret);
 #define QEMU_NET_PACKET_FLAG_NONE  0
 #define QEMU_NET_PACKET_FLAG_RAW  (1<<0)
 
-NetQueue *qemu_new_net_queue(void *opaque);
+/* Returns:
+ *   >0 - success
+ *0 - queue packet for future redelivery
+ *   <0 - failure (discard packet)
+ */
+typedef ssize_t (NetQueueDeliverFunc)(NetClientState *sender,
+  unsigned flags,
+  const struct iovec *iov,
+  int iovcnt,
+  void *opaque);
+
+NetQueue *qemu_new_net_queue(NetQueueDeliverFunc *deliver, void *opaque);
 
 void qemu_del_net_queue(NetQueue *queue);
 
diff --git a/net/net.c b/net/net.c
index 2f939f9..c0ebb13 100644
--- a/net/net.c
+++ b/net/net.c
@@ -286,7 +286,7 @@ static void qemu_net_client_setup(NetClientState *nc,
 }
 QTAILQ_INSERT_TAIL(_clients, nc, next);
 
-nc->incoming_queue = qemu_new_net_queue(nc);
+nc->incoming_queue = qemu_new_net_queue(qemu_deliver_packet_iov, nc);
 nc->destructor = destructor;
 QTAILQ_INIT(>filters);
 }
diff --git a/net/queue.c b/net/queue.c
index cf8db3a..16dddf0 100644
--- a/net/queue.c
+++ b/net/queue.c
@@ -52,13 +52,14 @@ struct NetQueue {
 void *opaque;
 uint32_t nq_maxlen;
 uint32_t nq_count;
+NetQueueDeliverFunc *deliver;
 
 QTAILQ_HEAD(packets, NetPacket) packets;
 
 unsigned delivering : 1;
 };
 
-NetQueue *qemu_new_net_queue(void *opaque)
+NetQueue *qemu_new_net_queue(NetQueueDeliverFunc *deliver, void *opaque)
 {
 NetQueue *queue;
 
@@ -67,6 +68,7 @@ NetQueue *qemu_new_net_queue(void *opaque)
 queue->opaque = opaque;
 queue->nq_maxlen = 1;
 queue->nq_count = 0;
+queue->deliver = deliver;
 
 QTAILQ_INIT(>packets);
 
@@ -158,7 +160,7 @@ static ssize_t qemu_net_queue_deliver(NetQueue *queue,
 };
 
 queue->delivering = 1;
-ret = qemu_deliver_packet_iov(sender, flags, , 1, queue->opaque);
+ret = queue->deliver(sender, flags, , 1, queue->opaque);
 queue->delivering = 0;
 
 return ret;
@@ -173,7 +175,7 @@ static ssize_t qemu_net_queue_deliver_iov(NetQueue *queue,
 ssize_t ret = -1;
 
 queue->delivering = 1;
-ret = qemu_deliver_packet_iov(sender, flags, iov, iovcnt, queue->opaque);
+ret = queue->deliver(sender, flags, iov, iovcnt, queue->opaque);
 queue->delivering = 0;
 
 return ret;
-- 
2.1.4

[Qemu-devel] [PULL 14/14] tests: add test cases for netfilter object

[Jason Wang]

From: Yang Hongyang 

Using qtest qmp interface to implement following cases:
1) add/remove netfilter
2) add a netfilter then delete the netdev
3) add/remove more than one netfilters
4) add more than one netfilters and then delete the netdev

Signed-off-by: Yang Hongyang 
Signed-off-by: Jason Wang 
---
 tests/.gitignore   |   1 +
 tests/Makefile |   2 +
 tests/test-netfilter.c | 200 +
 3 files changed, 203 insertions(+)
 create mode 100644 tests/test-netfilter.c

diff --git a/tests/.gitignore b/tests/.gitignore
index a607bdd..65496aa 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -49,5 +49,6 @@ test-vmstate
 test-write-threshold
 test-x86-cpuid
 test-xbzrle
+test-netfilter
 *-test
 qapi-schema/*.test.*
diff --git a/tests/Makefile b/tests/Makefile
index e6474ba..78d5d0a 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -191,6 +191,7 @@ gcov-files-i386-y += hw/pci-host/q35.c
 ifeq ($(CONFIG_VHOST_NET),y)
 check-qtest-i386-$(CONFIG_LINUX) += tests/vhost-user-test$(EXESUF)
 endif
+check-qtest-i386-y += tests/test-netfilter$(EXESUF)
 check-qtest-x86_64-y = $(check-qtest-i386-y)
 gcov-files-i386-y += i386-softmmu/hw/timer/mc146818rtc.c
 gcov-files-x86_64-y = $(subst 
i386-softmmu/,x86_64-softmmu/,$(gcov-files-i386-y))
@@ -437,6 +438,7 @@ tests/vhost-user-test$(EXESUF): tests/vhost-user-test.o 
qemu-char.o qemu-timer.o
 tests/qemu-iotests/socket_scm_helper$(EXESUF): 
tests/qemu-iotests/socket_scm_helper.o
 tests/test-qemu-opts$(EXESUF): tests/test-qemu-opts.o $(test-util-obj-y)
 tests/test-write-threshold$(EXESUF): tests/test-write-threshold.o 
$(test-block-obj-y)
+tests/test-netfilter$(EXESUF): tests/test-netfilter.o $(qtest-obj-y)
 
 ifeq ($(CONFIG_POSIX),y)
 LIBS += -lutil
diff --git a/tests/test-netfilter.c b/tests/test-netfilter.c
new file mode 100644
index 000..303deb7
--- /dev/null
+++ b/tests/test-netfilter.c
@@ -0,0 +1,200 @@
+/*
+ * QTest testcase for netfilter
+ *
+ * Copyright (c) 2015 FUJITSU LIMITED
+ * Author: Yang Hongyang 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later.  See the COPYING file in the top-level directory.
+ */
+
+#include 
+#include "libqtest.h"
+
+/* add a netfilter to a netdev and then remove it */
+static void add_one_netfilter(void)
+{
+QDict *response;
+
+response = qmp("{'execute': 'object-add',"
+   " 'arguments': {"
+   "   'qom-type': 'filter-buffer',"
+   "   'id': 'qtest-f0',"
+   "   'props': {"
+   " 'netdev': 'qtest-bn0',"
+   " 'queue': 'rx',"
+   " 'interval': 1000"
+   "}}}");
+
+g_assert(response);
+g_assert(!qdict_haskey(response, "error"));
+QDECREF(response);
+
+response = qmp("{'execute': 'object-del',"
+   " 'arguments': {"
+   "   'id': 'qtest-f0'"
+   "}}");
+g_assert(response);
+g_assert(!qdict_haskey(response, "error"));
+QDECREF(response);
+}
+
+/* add a netfilter to a netdev and then remove the netdev */
+static void remove_netdev_with_one_netfilter(void)
+{
+QDict *response;
+
+response = qmp("{'execute': 'object-add',"
+   " 'arguments': {"
+   "   'qom-type': 'filter-buffer',"
+   "   'id': 'qtest-f0',"
+   "   'props': {"
+   " 'netdev': 'qtest-bn0',"
+   " 'queue': 'rx',"
+   " 'interval': 1000"
+   "}}}");
+
+g_assert(response);
+g_assert(!qdict_haskey(response, "error"));
+QDECREF(response);
+
+response = qmp("{'execute': 'netdev_del',"
+   " 'arguments': {"
+   "   'id': 'qtest-bn0'"
+   "}}");
+g_assert(response);
+g_assert(!qdict_haskey(response, "error"));
+QDECREF(response);
+
+/* add back the netdev */
+response = qmp("{'execute': 'netdev_add',"
+   " 'arguments': {"
+   "   'type': 'user',"
+   "   'id': 'qtest-bn0'"
+   "}}");
+g_assert(response);
+g_assert(!qdict_haskey(response, "error"));
+QDECREF(response);
+}
+
+/* add multi(2) netfilters to a netdev and then remove them */
+static void add_multi_netfilter(void)
+{
+QDict *response;
+
+response = qmp("{'execute': 'object-add',"
+   " 'arguments': {"
+   "   'qom-type': 'filter-buffer',"
+   "   'id': 'qtest-f0',"
+   "   'props': {"
+   " 'netdev': 'qtest-bn0',"
+   " 'queue': 'rx',"
+   " 'interval': 1000"
+   "}}}");
+
+g_assert(response);
+g_assert(!qdict_haskey(response, "error"));
+QDECREF(response);

Re: [Qemu-devel] [PATCH 0/2] qga: non-blocking fd cleanups

[Denis V. Lunev]

On 10/07/2015 01:59 PM, Denis V. Lunev wrote:

This patchset is reincarnation of one patch discussed in the scope of
QEMU 2.4 and rejected for that time. Actually we should use
non-blocking descriptors in QGA on Windows in guest-file-open exactly
like was done for Posix.

Signed-off-by: Denis V. Lunev 
Signed-off-by: Olga Krishtal 
Reviewed-by: Yuri Pudgorodskiy 

CC: Michael Roth 

ping

[Qemu-devel] [PATCH v7 0/5] Add 'blockdev-snapshot' command

[Alberto Garcia]

This series adds a new 'blockdev-snapshot' command, that is similar to
'blockdev-snapshot-sync' but takes references to two existing block
devices.

This depends on Max's "BlockBackend and media" series:

https://lists.gnu.org/archive/html/qemu-block/2015-09/msg00497.html

v7:
- Rebase on top of the current master.
  qmp_marshal_input_blockdev_snapshot is renamed to
  qmp_marshal_blockdev_snapshot in order to make it build.
- New patch to use bdrv_lookup_bs() instead of bdrv_find_node() in
  external_snapshot_prepare(). This way, if the user attempts to use
  blockdev-snapshot-sync using an existing device ID in the
  snapshot-node-name parameter, the code will detect the error before
  the new image is created.

v6: https://lists.gnu.org/archive/html/qemu-block/2015-09/msg00575.html
- Update documentation and parameter names following Eric's
  suggestions: 'device' -> 'node', 'snapshot' -> 'overlay'.
- Rebased on top of Max's "BlockBackend and media" v5

v5: https://lists.gnu.org/archive/html/qemu-block/2015-09/msg00483.html
- Don't delete the 'backing' option if it contains something different
  from an empty string.
- Rebase on top of the current master.

v4: https://lists.gnu.org/archive/html/qemu-block/2015-09/msg00372.html
- Implement the support for 'backing': '', drop 'ignore-backing',
  and update iotest 085 accordingly.
- Include sample 'blockdev-add' call in the 'blockdev-snapshot'
  documentation.
- Clarify that the snapshot must not have a backing file in the
  BlockdevSnapshot documentation.
- Update error message ("...node name already existing" -> "...exists").

v3: https://lists.gnu.org/archive/html/qemu-block/2015-09/msg00272.html
- Add 'ignore-backing' field to BlockdevOptionsGenericCOWFormat. This
  allows opening images but not their backing images.
- Check for op blockers in the snapshot node and make sure that it
  doesn't have any backing image.
- Remove extra check for the existence of the snapshot node:
  bdrv_open() already does that.
- Extend iotest 085 to add tests for 'blockdev-snapshot'.
- Replace local_err with errp in some places where the former is
  unnecessary.
- Update command description.
- Add 'since' tag to the 'blockdev-snapshot' field in TransactionAction.

v2: https://lists.gnu.org/archive/html/qemu-block/2015-09/msg00094.html
- Add 'blockdev-snapshot' command instead of allowing passing options
  to 'blockdev-snapshot-sync'.
- Rename BlockdevSnapshot to BlockdevSnapshotSync

v1: https://lists.gnu.org/archive/html/qemu-block/2015-08/msg00236.html

Alberto Garcia (5):
  block: check for existing device IDs in external_snapshot_prepare()
  block: rename BlockdevSnapshot to BlockdevSnapshotSync
  block: support passing 'backing': '' to 'blockdev-add'
  block: add a 'blockdev-snapshot' QMP command
  block: add tests for the 'blockdev-snapshot' command

 block.c|   7 ++
 blockdev.c | 166 -
 qapi-schema.json   |   4 +-
 qapi/block-core.json   |  34 +-
 qmp-commands.hx|  38 +++
 tests/qemu-iotests/085 | 102 ++--
 tests/qemu-iotests/085.out |  34 +-
 7 files changed, 312 insertions(+), 73 deletions(-)

-- 
2.6.1

[Qemu-devel] [PATCH v7 2/5] block: rename BlockdevSnapshot to BlockdevSnapshotSync

[Alberto Garcia]

We will introduce the 'blockdev-snapshot' command that will require
its own struct for the parameters, so we need to rename this one in
order to avoid name clashes.

Signed-off-by: Alberto Garcia 
Reviewed-by: Eric Blake 
Reviewed-by: Max Reitz 
Reviewed-by: Kevin Wolf 
---
 blockdev.c   | 2 +-
 qapi-schema.json | 2 +-
 qapi/block-core.json | 8 
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/blockdev.c b/blockdev.c
index 0898d1f..12741a0 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1166,7 +1166,7 @@ void qmp_blockdev_snapshot_sync(bool has_device, const 
char *device,
 bool has_format, const char *format,
 bool has_mode, NewImageMode mode, Error **errp)
 {
-BlockdevSnapshot snapshot = {
+BlockdevSnapshotSync snapshot = {
 .has_device = has_device,
 .device = (char *) device,
 .has_node_name = has_node_name,
diff --git a/qapi-schema.json b/qapi-schema.json
index a05794e..65701dc 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -1534,7 +1534,7 @@
 ##
 { 'union': 'TransactionAction',
   'data': {
-   'blockdev-snapshot-sync': 'BlockdevSnapshot',
+   'blockdev-snapshot-sync': 'BlockdevSnapshotSync',
'drive-backup': 'DriveBackup',
'blockdev-backup': 'BlockdevBackup',
'abort': 'Abort',
diff --git a/qapi/block-core.json b/qapi/block-core.json
index 5f12af7..6b5ac02 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -682,7 +682,7 @@
   'data': [ 'existing', 'absolute-paths' ] }
 
 ##
-# @BlockdevSnapshot
+# @BlockdevSnapshotSync
 #
 # Either @device or @node-name must be set but not both.
 #
@@ -699,7 +699,7 @@
 # @mode: #optional whether and how QEMU should create a new image, default is
 #'absolute-paths'.
 ##
-{ 'struct': 'BlockdevSnapshot',
+{ 'struct': 'BlockdevSnapshotSync',
   'data': { '*device': 'str', '*node-name': 'str',
 'snapshot-file': 'str', '*snapshot-node-name': 'str',
 '*format': 'str', '*mode': 'NewImageMode' } }
@@ -790,7 +790,7 @@
 #
 # Generates a synchronous snapshot of a block device.
 #
-# For the arguments, see the documentation of BlockdevSnapshot.
+# For the arguments, see the documentation of BlockdevSnapshotSync.
 #
 # Returns: nothing on success
 #  If @device is not a valid block device, DeviceNotFound
@@ -798,7 +798,7 @@
 # Since 0.14.0
 ##
 { 'command': 'blockdev-snapshot-sync',
-  'data': 'BlockdevSnapshot' }
+  'data': 'BlockdevSnapshotSync' }
 
 ##
 # @change-backing-file
-- 
2.6.1

[Qemu-devel] [Bug 1465935] Re: kvm_irqchip_commit_routes: Assertion `ret == 0' failed

[Launchpad Bug Tracker]

This bug was fixed in the package qemu - 1:2.3+dfsg-5ubuntu9

---
qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low

  * debian/patches/upstream-fix-irq-route-entries.patch
Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed"
(LP: #1465935)

 -- Stefan Bader   Fri, 09 Oct 2015 15:38:53
+0200

** Changed in: qemu (Ubuntu)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1465935

Title:
  kvm_irqchip_commit_routes: Assertion `ret == 0' failed

Status in QEMU:
  New
Status in qemu package in Ubuntu:
  Fix Released
Status in qemu source package in Precise:
  New
Status in qemu source package in Trusty:
  New
Status in qemu source package in Utopic:
  Won't Fix
Status in qemu source package in Vivid:
  New

Bug description:
  Several my QEMU instances crashed, and in the  qemu log, I can see
  this assertion failure,

 qemu-system-x86_64: /build/buildd/qemu-2.0.0+dfsg/kvm-all.c:984:
  kvm_irqchip_commit_routes: Assertion `ret == 0' failed.

  The QEMU version is 2.0.0, HV OS is ubuntu 12.04, kernel 3.2.0-38.
  Guest OS is RHEL 6.3.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1465935/+subscriptions

[Qemu-devel] [PATCH v2 05/16] osdep: add qemu_fork() wrapper for safely handling signals

[Daniel P. Berrange]

When using regular fork() the child process of course inherits
all the parents' signal handlers. If the child then proceeds
to close() any open file descriptors, it may break some of those
registered signal handlers. The child generally does not want to
ever run any of the signal handlers tha parent may have installed
in the short time before it exec's. The parent may also have blocked
various signals which the child process will want enabled.

This introduces a wrapper qemu_fork() that takes care to sanitize
signal handling across fork. Before forking it blocks all signals
in the parent thread. After fork returns, the parent unblocks the
signals and carries on as usual. The child, however, resets all the
signal handlers back to their defaults before it unblocks signals.
The child process can now exec the binary in a "clean" signal
environment.

Signed-off-by: Daniel P. Berrange 
---
 include/qemu/osdep.h | 16 
 util/oslib-posix.c   | 71 
 util/oslib-win32.c   |  9 +++
 3 files changed, 96 insertions(+)

diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index ef21efb..b568424 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -69,6 +69,8 @@
 #include "sysemu/os-posix.h"
 #endif
 
+#include "qapi/error.h"
+
 #if defined(CONFIG_SOLARIS) && CONFIG_SOLARIS_VERSION < 10
 /* [u]int_fast*_t not in  */
 typedef unsigned char   uint_fast8_t;
@@ -286,4 +288,18 @@ void os_mem_prealloc(int fd, char *area, size_t sz);
 
 int qemu_read_password(char *buf, int buf_size);
 
+/**
+ * qemu_fork:
+ *
+ * A version of fork that avoids signal handler race
+ * conditions that can lead to child process getting
+ * signals that are otherwise only expected by the
+ * parent. It also resets all signal handlers to the
+ * default settings.
+ *
+ * Returns 0 to child process, pid number to parent
+ * or -1 on failure.
+ */
+pid_t qemu_fork(Error **errp);
+
 #endif
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index a0fcdc2..4024918 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -490,3 +490,74 @@ int qemu_read_password(char *buf, int buf_size)
 printf("\n");
 return ret;
 }
+
+
+pid_t qemu_fork(Error **errp)
+{
+sigset_t oldmask, newmask;
+struct sigaction sig_action;
+int saved_errno;
+pid_t pid;
+
+/*
+ * Need to block signals now, so that child process can safely
+ * kill off caller's signal handlers without a race.
+ */
+sigfillset();
+if (pthread_sigmask(SIG_SETMASK, , ) != 0) {
+error_setg_errno(errp, errno,
+ "cannot block signals");
+return -1;
+}
+
+pid = fork();
+saved_errno = errno;
+
+if (pid < 0) {
+/* attempt to restore signal mask, but ignore failure, to
+ * avoid obscuring the fork failure */
+(void)pthread_sigmask(SIG_SETMASK, , NULL);
+error_setg_errno(errp, saved_errno,
+ "cannot fork child process");
+errno = saved_errno;
+return -1;
+} else if (pid) {
+/* parent process */
+
+/* Restore our original signal mask now that the child is
+ * safely running. Only documented failures are EFAULT (not
+ * possible, since we are using just-grabbed mask) or EINVAL
+ * (not possible, since we are using correct arguments).  */
+(void)pthread_sigmask(SIG_SETMASK, , NULL);
+} else {
+/* child process */
+size_t i;
+
+/* Clear out all signal handlers from parent so nothing
+ * unexpected can happen in our child once we unblock
+ * signals */
+sig_action.sa_handler = SIG_DFL;
+sig_action.sa_flags = 0;
+sigemptyset(_action.sa_mask);
+
+for (i = 1; i < NSIG; i++) {
+/* Only possible errors are EFAULT or EINVAL The former
+ * won't happen, the latter we expect, so no need to check
+ * return value */
+(void)sigaction(i, _action, NULL);
+}
+
+/* Unmask all signals in child, since we've no idea what the
+ * caller's done with their signal mask and don't want to
+ * propagate that to children */
+sigemptyset();
+if (pthread_sigmask(SIG_SETMASK, , NULL) != 0) {
+Error *local_err = NULL;
+error_setg_errno(_err, errno,
+ "cannot unblock signals");
+error_report_err(local_err);
+_exit(1);
+}
+}
+return pid;
+}
diff --git a/util/oslib-win32.c b/util/oslib-win32.c
index 08f5a9c..09f9e98 100644
--- a/util/oslib-win32.c
+++ b/util/oslib-win32.c
@@ -496,3 +496,12 @@ int qemu_read_password(char *buf, int buf_size)
 buf[i] = '\0';
 return 0;
 }
+
+
+pid_t qemu_fork(Error **errp)
+{
+errno = ENOSYS;
+error_setg_errno(errp, errno,
+ "cannot fork child process");
+return -1;
+}
-- 
2.4.3

[Qemu-devel] [PATCH v2 00/16] Introduce I/O channels framework

[Daniel P. Berrange]

This series of patches is a followup submission for review of another
chunk of my large series supporting TLS across chardevs, VNC and
migration, previously shown here:

 RFC: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg00829.html
  v1: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04853.html

In this series, I have provided only the general I/O channels
framework, which will ultimately be used by VNC, chardev and
migration code, whicih currently work as follows:

 - VNC: uses raw sockets APIs directly, layering in TLS, SASL
   and websockets where needed. This has resulted in what should
   be fairly generic code for TLS and websockets being entangled
   with the rest of the VNC server code.

 - Chardevs: uses GLib's GIOChannel framework. This only provides
   implementations for sockets and files. Its API lacks support for
   using struct iovec for read/writes, file descriptor passing,
   misc sockets ioctls/fcntls. While you can work around these
   problems by accessing the underling file descriptor directly,
   this breaks the encapsulation, requiring callers to know about
   specific implementations. It also does not have integration
   with QEMU Error reporting framework. So while the GIOChannel
   is extensible, extending it would result in throwing away
   pretty much the entire of the existing implementations

 - Migration: uses QEMUFile framework. The provides an abstract
   interface for I/O channels used during migration. It has
   impls for sockets, files, memory buffers & commands. While
   it has struct iovec support for writes, it does not have
   the same for reads. It also doesn't support file descriptor
   passing or control of the sockets ioctls/fcntls. It also
   does not have any explicit event loop integration, expecting
   the callers to directly access the underling file desctriptor
   and setup events on that. This limits its utility in cases
   where you need channels which are not backed by file
   descriptors. It has no integration with QEMU Error object
   for error reporting, has fixed semantics wrt writes
   ie must always do a full write, no partial writes, and
   most strangely forces either input or output mode, but
   refuses to allow both, so no bi-directional channels!

Out of all of these, the migration code is probably closest
to what is needed, but is still a good way off from being a
generic framework that be can reused outside of the migration
code.

There is also the GLib GIO library which provides a generic
framework, but we can't depend on that due to the minimum
GLib requirement. It also has various missing pieces such as
file descriptor passing, and no support for struct iovec
either.

Hence, this series was born, which tries to take the best of
the designs for the GIOChannel, QIO and QEMUFile code to
provide QIOChannel. Right from the start this new framework
is explicitly isolated from any other QEMU subsystem, so its
implementation will not get mixed up with specific use cases.

The QIOChannel abstract base class defines the overall API
contract

 - qio_channel_{write,writev,write_full} for writing data. The
   underling impl always uses struct iovec, but non-iov
   APIs are provided as simple wrappers for convenience

 - qio_channel_{read,readv,read_full} for reading data. The
   underling impl always uses struct iovec, but non-iov
   APIs are provided as simple wrappers for convenience

 - qio_channel_has_feature to determine which optional
   features the channel supports - eg file descriptor
   passing, nagle, etc

 - qio_channel_set_{blocking,delay,cork} for various fcntl
   and ioctl controls

 - qio_channel_{close,shutdown} for closing the I/O stream
   or individual channels

 - qio_channel_seek for random access channels

 - qio_channel_{add,create}_watch for integration into the
   main loop for event notifications

 - qio_channel_wait for blocking of execution pending an
   event notification

 - qio_channel_yield for switching coroutine until an
   event notification

All the APIs support Error ** object arguments where needed.
The object is built using QOM, in order to get reference
counting and sub-classing with type checking. They are *not*
user creatable/visible objects though - these are internal
infrastructure, so we will be free to adapt APIs/objects at
will over time.

In this series there are a variety of implementations. Some
of them provide an actual base layer data transport, while
others provide a data translation layer:

In this series there are a variety of implementations. Some
of them provide an actual base layer data transport, while
others provide a data translation layer:

 - QIOChannelSocket - for socket based I/O, IPv4, IPV6 & UNIX,
  both stream and datagram.
 - QIOChannelFile - any non-socket file, plain file, char dev,
fifo, pipe, etc
 - QIOChannelTLS - data translation layer to apply TLS protocol
 - QIOChannelWebsock - data translation layer to apply the