[PULL 077/113] vl: extract machine done notifiers

[Paolo Bonzini]

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 hw/core/machine.c   | 24 
 include/sysemu/sysemu.h |  1 +
 softmmu/vl.c| 24 
 3 files changed, 25 insertions(+), 24 deletions(-)

diff --git a/hw/core/machine.c b/hw/core/machine.c
index a5cfbcc7cb..745531c9d9 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -1166,6 +1166,30 @@ void machine_run_board_init(MachineState *machine)
 machine_class->init(machine);
 }
 
+static NotifierList machine_init_done_notifiers =
+NOTIFIER_LIST_INITIALIZER(machine_init_done_notifiers);
+
+bool machine_init_done;
+
+void qemu_add_machine_init_done_notifier(Notifier *notify)
+{
+notifier_list_add(_init_done_notifiers, notify);
+if (machine_init_done) {
+notify->notify(notify, NULL);
+}
+}
+
+void qemu_remove_machine_init_done_notifier(Notifier *notify)
+{
+notifier_remove(notify);
+}
+
+void qemu_run_machine_init_done_notifiers(void)
+{
+machine_init_done = true;
+notifier_list_notify(_init_done_notifiers, NULL);
+}
+
 static const TypeInfo machine_info = {
 .name = TYPE_MACHINE,
 .parent = TYPE_OBJECT,
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index c94b2e7159..1b62deaf2b 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -18,6 +18,7 @@ void qemu_remove_exit_notifier(Notifier *notify);
 
 extern bool machine_init_done;
 
+void qemu_run_machine_init_done_notifiers(void);
 void qemu_add_machine_init_done_notifier(Notifier *notify);
 void qemu_remove_machine_init_done_notifier(Notifier *notify);
 
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 28aafc1101..852ecf08e1 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -204,9 +204,6 @@ bool qemu_uuid_set;
 static NotifierList exit_notifiers =
 NOTIFIER_LIST_INITIALIZER(exit_notifiers);
 
-static NotifierList machine_init_done_notifiers =
-NOTIFIER_LIST_INITIALIZER(machine_init_done_notifiers);
-
 uint32_t xen_domid;
 enum xen_mode xen_mode = XEN_EMULATE;
 bool xen_domid_restrict;
@@ -2451,27 +2448,6 @@ static void qemu_unlink_pidfile(Notifier *n, void *data)
 }
 }
 
-bool machine_init_done;
-
-void qemu_add_machine_init_done_notifier(Notifier *notify)
-{
-notifier_list_add(_init_done_notifiers, notify);
-if (machine_init_done) {
-notify->notify(notify, NULL);
-}
-}
-
-void qemu_remove_machine_init_done_notifier(Notifier *notify)
-{
-notifier_remove(notify);
-}
-
-static void qemu_run_machine_init_done_notifiers(void)
-{
-machine_init_done = true;
-notifier_list_notify(_init_done_notifiers, NULL);
-}
-
 static const QEMUOption *lookup_opt(int argc, char **argv,
 const char **poptarg, int *poptind)
 {
-- 
2.26.2

[PULL 052/113] vl: extract validation of -smp to machine.c

[Paolo Bonzini]

Once smp_parse is done, the validation operates on the MachineState.
There is no reason for that code to be in vl.c.

Reviewed-by: Igor Mammedov 
Tested-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 hw/core/machine.c   | 23 +++
 include/hw/boards.h |  1 +
 softmmu/vl.c| 20 ++--
 3 files changed, 26 insertions(+), 18 deletions(-)

diff --git a/hw/core/machine.c b/hw/core/machine.c
index d0408049b5..cd298fac13 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -1074,6 +1074,29 @@ MemoryRegion *machine_consume_memdev(MachineState 
*machine,
 return ret;
 }
 
+bool machine_smp_parse(MachineState *ms, QemuOpts *opts, Error **errp)
+{
+MachineClass *mc = MACHINE_GET_CLASS(ms);
+
+mc->smp_parse(ms, opts);
+
+/* sanity-check smp_cpus and max_cpus against mc */
+if (ms->smp.cpus < mc->min_cpus) {
+error_setg(errp, "Invalid SMP CPUs %d. The min CPUs "
+   "supported by machine '%s' is %d",
+   ms->smp.cpus,
+   mc->name, mc->min_cpus);
+return false;
+} else if (ms->smp.max_cpus > mc->max_cpus) {
+error_setg(errp, "Invalid SMP CPUs %d. The max CPUs "
+   "supported by machine '%s' is %d",
+   current_machine->smp.max_cpus,
+   mc->name, mc->max_cpus);
+return false;
+}
+return true;
+}
+
 void machine_run_board_init(MachineState *machine)
 {
 MachineClass *machine_class = MACHINE_GET_CLASS(machine);
diff --git a/include/hw/boards.h b/include/hw/boards.h
index a49e3a6b44..4537cfb5c6 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -26,6 +26,7 @@ OBJECT_DECLARE_TYPE(MachineState, MachineClass, MACHINE)
 extern MachineState *current_machine;
 
 void machine_run_board_init(MachineState *machine);
+bool machine_smp_parse(MachineState *ms, QemuOpts *opts, Error **errp);
 bool machine_usb(MachineState *machine);
 int machine_phandle_start(MachineState *machine);
 bool machine_dump_guest_core(MachineState *machine);
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 3819a4abf2..69d54b27b9 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -3976,24 +3976,8 @@ void qemu_init(int argc, char **argv, char **envp)
 exit(0);
 }
 
-machine_class->smp_parse(current_machine,
-qemu_opts_find(qemu_find_opts("smp-opts"), NULL));
-
-/* sanity-check smp_cpus and max_cpus against machine_class */
-if (current_machine->smp.cpus < machine_class->min_cpus) {
-error_report("Invalid SMP CPUs %d. The min CPUs "
- "supported by machine '%s' is %d",
- current_machine->smp.cpus,
- machine_class->name, machine_class->min_cpus);
-exit(1);
-}
-if (current_machine->smp.max_cpus > machine_class->max_cpus) {
-error_report("Invalid SMP CPUs %d. The max CPUs "
- "supported by machine '%s' is %d",
- current_machine->smp.max_cpus,
- machine_class->name, machine_class->max_cpus);
-exit(1);
-}
+machine_smp_parse(current_machine,
+qemu_opts_find(qemu_find_opts("smp-opts"), NULL), _fatal);
 
 if (mem_prealloc) {
 char *val;
-- 
2.26.2

[PULL 095/113] scripts: kernel-doc: add support for typedef enum

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

The PHY kernel-doc markup has gained support for documenting
a typedef enum.

However, right now the parser was not prepared for it.

So, add support for parsing it.

Fixes: 4069a572d423 ("net: phy: Document core PHY structures")
Signed-off-by: Mauro Carvalho Chehab 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-14-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 15 +++
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index c4c5640ded..073f72c7da 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1295,14 +1295,22 @@ sub show_warnings($$) {
 sub dump_enum($$) {
 my $x = shift;
 my $file = shift;
+my $members;
+
 
 $x =~ s@/\*.*?\*/@@gos;# strip comments.
 # strip #define macros inside enums
 $x =~ s@#\s*((define|ifdef)\s+|endif)[^;]*;@@gos;
 
-if ($x =~ /enum\s+(\w*)\s*\{(.*)\}/) {
+if ($x =~ /typedef\s+enum\s*\{(.*)\}\s*(\w*)\s*;/) {
+   $declaration_name = $2;
+   $members = $1;
+} elsif ($x =~ /enum\s+(\w*)\s*\{(.*)\}/) {
$declaration_name = $1;
-   my $members = $2;
+   $members = $2;
+}
+
+if ($declaration_name) {
my %_members;
 
$members =~ s/\s+$//;
@@ -1337,8 +1345,7 @@ sub dump_enum($$) {
'sections' => \%sections,
'purpose' => $declaration_purpose
   });
-}
-else {
+} else {
print STDERR "${file}:$.: error: Cannot parse enum!\n";
++$errors;
 }
-- 
2.26.2

[PATCH 02/15] vl: remove separate preconfig main_loop

[Paolo Bonzini]

Move post-preconfig initialization to the x-exit-preconfig.  If preconfig
is not requested, just exit preconfig mode immediately with the QMP
command.

As a result, the preconfig loop will run with accel_setup_post
and os_setup_post restrictions (xen_restrict, chroot, etc.)
already done.

Signed-off-by: Paolo Bonzini 
---
 include/sysemu/runstate.h |  1 -
 monitor/qmp-cmds.c|  9 
 softmmu/vl.c  | 95 +--
 3 files changed, 41 insertions(+), 64 deletions(-)

diff --git a/include/sysemu/runstate.h b/include/sysemu/runstate.h
index f760094858..e557f470d4 100644
--- a/include/sysemu/runstate.h
+++ b/include/sysemu/runstate.h
@@ -41,7 +41,6 @@ typedef enum WakeupReason {
 QEMU_WAKEUP_REASON_OTHER,
 } WakeupReason;
 
-void qemu_exit_preconfig_request(void);
 void qemu_system_reset_request(ShutdownCause reason);
 void qemu_system_suspend_request(void);
 void qemu_register_suspend_notifier(Notifier *notifier);
diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
index 501a3024c7..7ced7eb3e8 100644
--- a/monitor/qmp-cmds.c
+++ b/monitor/qmp-cmds.c
@@ -102,15 +102,6 @@ void qmp_system_powerdown(Error **errp)
 qemu_system_powerdown_request();
 }
 
-void qmp_x_exit_preconfig(Error **errp)
-{
-if (qdev_hotplug) {
-error_setg(errp, "The command is permitted only before machine 
initialization");
-return;
-}
-qemu_exit_preconfig_request();
-}
-
 void qmp_cont(Error **errp)
 {
 BlockBackend *blk;
diff --git a/softmmu/vl.c b/softmmu/vl.c
index ab2210bc79..a83e1a 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -1151,7 +1151,6 @@ static pid_t shutdown_pid;
 static int powerdown_requested;
 static int debug_requested;
 static int suspend_requested;
-static bool preconfig_exit_requested = true;
 static WakeupReason wakeup_reason;
 static NotifierList powerdown_notifiers =
 NOTIFIER_LIST_INITIALIZER(powerdown_notifiers);
@@ -1238,11 +1237,6 @@ static int qemu_debug_requested(void)
 return r;
 }
 
-void qemu_exit_preconfig_request(void)
-{
-preconfig_exit_requested = true;
-}
-
 /*
  * Reset the VM. Issue an event unless @reason is SHUTDOWN_CAUSE_NONE.
  */
@@ -1464,10 +1458,6 @@ static bool main_loop_should_exit(void)
 RunState r;
 ShutdownCause request;
 
-if (preconfig_exit_requested) {
-preconfig_exit_requested = false;
-return true;
-}
 if (qemu_debug_requested()) {
 vm_stop(RUN_STATE_DEBUG);
 }
@@ -3283,6 +3273,43 @@ static void qemu_machine_creation_done(void)
 register_global_state();
 }
 
+void qmp_x_exit_preconfig(Error **errp)
+{
+if (qdev_hotplug) {
+error_setg(errp, "The command is permitted only before machine 
initialization");
+return;
+}
+
+qemu_init_board();
+qemu_create_cli_devices();
+qemu_machine_creation_done();
+
+if (loadvm) {
+Error *local_err = NULL;
+if (load_snapshot(loadvm, _err) < 0) {
+error_report_err(local_err);
+autostart = 0;
+exit(1);
+}
+}
+if (replay_mode != REPLAY_MODE_NONE) {
+replay_vmstate_init();
+}
+
+if (incoming) {
+Error *local_err = NULL;
+if (strcmp(incoming, "defer") != 0) {
+qmp_migrate_incoming(incoming, _err);
+if (local_err) {
+error_reportf_err(local_err, "-incoming %s: ", incoming);
+exit(1);
+}
+}
+} else if (autostart) {
+qmp_cont(NULL);
+}
+}
+
 void qemu_init(int argc, char **argv, char **envp)
 {
 QemuOpts *opts;
@@ -3847,7 +3874,6 @@ void qemu_init(int argc, char **argv, char **envp)
 }
 break;
 case QEMU_OPTION_preconfig:
-preconfig_exit_requested = false;
 preconfig_requested = true;
 break;
 case QEMU_OPTION_enable_kvm:
@@ -4272,57 +4298,18 @@ void qemu_init(int argc, char **argv, char **envp)
 qemu_resolve_machine_memdev();
 parse_numa_opts(current_machine);
 
-if (preconfig_requested) {
-qemu_init_displays();
-}
-
-/* do monitor/qmp handling at preconfig state if requested */
-qemu_main_loop();
-
-qemu_init_board();
-
-qemu_create_cli_devices();
-
-/* initialize displays after all errors have been reported */
-if (!preconfig_requested) {
-qemu_init_displays();
-}
-qemu_machine_creation_done();
-
-if (loadvm) {
-Error *local_err = NULL;
-if (load_snapshot(loadvm, _err) < 0) {
-error_report_err(local_err);
-autostart = 0;
-exit(1);
-}
-}
-if (replay_mode != REPLAY_MODE_NONE) {
-replay_vmstate_init();
-}
-
 if (vmstate_dump_file) {
 /* dump and exit */
 dump_vmstate_json_to_file(vmstate_dump_file);
 exit(0);
 }
-if (incoming) {
-Error *local_err = NULL;
-if 

RE: [PATCH 1/2] i386/cpu: Add the Intel PT capabilities checking before extend the CPUID level

[Kang, Luwei]

> -Original Message-
> From: Eduardo Habkost 
> Sent: Wednesday, December 2, 2020 5:12 AM
> To: Kang, Luwei 
> Cc: pbonz...@redhat.com; r...@twiddle.net; qemu-devel@nongnu.org
> Subject: Re: [PATCH 1/2] i386/cpu: Add the Intel PT capabilities checking 
> before
> extend the CPUID level
> 
> Hi,
> 
> Sorry for the long delay in reviewing this.  Now that 5.2 is about to be 
> released,
> we can try to merge this.
> 
> Comments below:
> 
> On Wed, Oct 14, 2020 at 04:04:42PM +0800, Luwei Kang wrote:
> > The current implementation will extend the CPUID level to 0x14 if
> > Intel PT is enabled in the guest(in x86_cpu_expand_features()) and the
> > Intel PT will be disabled if it can't pass the capabilities checking
> > later(in x86_cpu_filter_features()). In this case, the level of CPUID
> > will be still 0x14 and the CPUID values from leaf 0xe to 0x14 are all
> > zero.
> >
> > This patch moves the capabilities checking before setting the level of
> > the CPUID.
> 
> Why is this patch necessary and what problem does it fix?  Is it a nice to 
> have
> feature, or a bug fix?
> 
> If you still want to change how the x86_cpu_adjust_level() code behaves, it
> should apply to all features filtered by x86_cpu_filter_features(), not just 
> intel-
> pt, shouldn't it?

Hi Eduardo,
Let me clarify the issue. 
The cpuid level is 0xd if create a VM(cpu model qemu64) w/o intel pt 
feature on Snowridge HW.
CMD: qemu-system-x86_64 -cpu qemu64 ... (Intel PT is disabled 
by default)
The cpuid level will be extended to 0x14 if create a VM(cpu model qemu64) 
w/ intel pt feature on Snowridage.
CMD: qemu-system-x86_64 -cpu qemu64,+intel-pt ...
But the current software implementation will mask off intel pt if the host 
has LIP, and Snowridge support it. So cpuid level has been extended to 
0x14(x86_cpu_expand_features) and Intel PT is disabled 
later(x86_cpu_filter_features), and the guest CPUID will include some zero 
items like this.
   0x000e 0x00: eax=0x ebx=0x ecx=0x edx=0x
   0x000f 0x00: eax=0x ebx=0x ecx=0x edx=0x
   0x0010 0x00: eax=0x ebx=0x ecx=0x edx=0x
   0x0011 0x00: eax=0x ebx=0x ecx=0x edx=0x
   0x0012 0x00: eax=0x ebx=0x ecx=0x edx=0x
   0x0013 0x00: eax=0x ebx=0x ecx=0x edx=0x
   0x0014 0x00: eax=0x ebx=0x ecx=0x edx=0x 
  (Intel PT feature)

x86_cpu_realizefn()
|-> x86_cpu_expand_features()
|  IF has Intel PT feature
|  Then extended the cpuid level to 0x14;
|-> x86_cpu_filter_features()
   IF has Intel PT feature & has LIP
   THEN mask off the guest Intel PT feature,
 *but* the cpuid level still 0x14.

Expect result and how to:
Don't impact the cpuid level if Intel PT can't be supported in the guest. So 
this patch moves the intel PT capabilities check before extending the cpuid 
level.

Thanks,
Luwei Kang

> 
> >
> > Signed-off-by: Luwei Kang 
> > ---
> >  target/i386/cpu.c | 63
> > ---
> >  1 file changed, 32 insertions(+), 31 deletions(-)
> >
> > diff --git a/target/i386/cpu.c b/target/i386/cpu.c index
> > 9eafbe3690..24644abfd4 100644
> > --- a/target/i386/cpu.c
> > +++ b/target/i386/cpu.c
> > @@ -6401,12 +6401,40 @@ static void x86_cpu_expand_features(X86CPU
> > *cpu, Error **errp)
> >
> >  /* Intel Processor Trace requires CPUID[0x14] */
> >  if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
> > -if (cpu->intel_pt_auto_level) {
> > -x86_cpu_adjust_level(cpu, >env.cpuid_min_level, 0x14);
> > -} else if (cpu->env.cpuid_min_level < 0x14) {
> > +uint32_t eax_0, ebx_0, ecx_0, eax_1, ebx_1;
> > +
> > +eax_0 = kvm_arch_get_supported_cpuid(kvm_state, 0x14, 0, 
> > R_EAX);
> > +ebx_0 = kvm_arch_get_supported_cpuid(kvm_state, 0x14, 0, 
> > R_EBX);
> > +ecx_0 = kvm_arch_get_supported_cpuid(kvm_state, 0x14, 0, 
> > R_ECX);
> > +eax_1 = kvm_arch_get_supported_cpuid(kvm_state, 0x14, 1, 
> > R_EAX);
> > +ebx_1 = kvm_arch_get_supported_cpuid(kvm_state, 0x14, 1,
> > + R_EBX);
> > +
> > +if (eax_0 &&
> > +   ((ebx_0 & INTEL_PT_MINIMAL_EBX) == INTEL_PT_MINIMAL_EBX)
> &&
> > +   ((ecx_0 & INTEL_PT_MINIMAL_ECX) == INTEL_PT_MINIMAL_ECX)
> &&
> > +   ((eax_1 & INTEL_PT_MTC_BITMAP) == INTEL_PT_MTC_BITMAP) &&
> > +   ((eax_1 & INTEL_PT_ADDR_RANGES_NUM_MASK) >=
> > +   INTEL_PT_ADDR_RANGES_NUM) &&
> > +   ((ebx_1 & (INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) ==
> > +(INTEL_PT_PSB_BITMAP | INTEL_PT_CYCLE_BITMAP)) &&
> > +   !(ecx_0 & 

[PATCH 13/15] memory: allow creating MemoryRegions before accelerators

[Paolo Bonzini]

Compute the DIRTY_MEMORY_CODE bit in memory_region_get_dirty_log_mask
instead of memory_region_init_*.  This makes it possible to allocate
memory backend objects at any time.

Signed-off-by: Paolo Bonzini 
---
 softmmu/memory.c | 12 ++--
 softmmu/vl.c |  6 +-
 2 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/softmmu/memory.c b/softmmu/memory.c
index 11ca94d037..89a4723fe5 100644
--- a/softmmu/memory.c
+++ b/softmmu/memory.c
@@ -1548,7 +1548,6 @@ void memory_region_init_ram_shared_nomigrate(MemoryRegion 
*mr,
 mr->terminates = true;
 mr->destructor = memory_region_destructor_ram;
 mr->ram_block = qemu_ram_alloc(size, share, mr, );
-mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
 if (err) {
 mr->size = int128_zero();
 object_unparent(OBJECT(mr));
@@ -1573,7 +1572,6 @@ void memory_region_init_resizeable_ram(MemoryRegion *mr,
 mr->destructor = memory_region_destructor_ram;
 mr->ram_block = qemu_ram_alloc_resizeable(size, max_size, resized,
   mr, );
-mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
 if (err) {
 mr->size = int128_zero();
 object_unparent(OBJECT(mr));
@@ -1598,7 +1596,6 @@ void memory_region_init_ram_from_file(MemoryRegion *mr,
 mr->destructor = memory_region_destructor_ram;
 mr->align = align;
 mr->ram_block = qemu_ram_alloc_from_file(size, mr, ram_flags, path, );
-mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
 if (err) {
 mr->size = int128_zero();
 object_unparent(OBJECT(mr));
@@ -1622,7 +1619,6 @@ void memory_region_init_ram_from_fd(MemoryRegion *mr,
 mr->ram_block = qemu_ram_alloc_from_fd(size, mr,
share ? RAM_SHARED : 0,
fd, );
-mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
 if (err) {
 mr->size = int128_zero();
 object_unparent(OBJECT(mr));
@@ -1641,7 +1637,6 @@ void memory_region_init_ram_ptr(MemoryRegion *mr,
 mr->ram = true;
 mr->terminates = true;
 mr->destructor = memory_region_destructor_ram;
-mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
 
 /* qemu_ram_alloc_from_ptr cannot fail with ptr != NULL.  */
 assert(ptr != NULL);
@@ -1661,7 +1656,7 @@ void memory_region_init_ram_device_ptr(MemoryRegion *mr,
 mr->ops = _device_mem_ops;
 mr->opaque = mr;
 mr->destructor = memory_region_destructor_ram;
-mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
+
 /* qemu_ram_alloc_from_ptr cannot fail with ptr != NULL.  */
 assert(ptr != NULL);
 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, _fatal);
@@ -1819,6 +1814,11 @@ uint8_t memory_region_get_dirty_log_mask(MemoryRegion 
*mr)
  memory_region_is_iommu(mr))) {
 mask |= (1 << DIRTY_MEMORY_MIGRATION);
 }
+
+if (tcg_enabled() && rb) {
+/* TCG only cares about dirty memory logging for RAM, not IOMMU.  */
+mask |= (1 << DIRTY_MEMORY_CODE);
+}
 return mask;
 }
 
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 0f63d80472..023c16245b 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -1715,11 +1715,7 @@ static bool object_create_early(const char *type, 
QemuOpts *opts)
 return false;
 }
 
-/* Memory allocation by backends needs to be done
- * after configure_accelerator() (due to the tcg_enabled()
- * checks at memory_region_init_*()).
- *
- * Also, allocation of large amounts of memory may delay
+/* Allocation of large amounts of memory may delay
  * chardev initialization for too long, and trigger timeouts
  * on software that waits for a monitor socket to be created
  * (e.g. libvirt).
-- 
2.26.2

[PATCH 28/28] vl: switch -accel parsing to keyval

[Paolo Bonzini]

Switch from QemuOpts to keyval.  This enables compound options
for accelerators.

Signed-off-by: Paolo Bonzini 
---
 accel/accel.c  |   6 ++
 include/sysemu/accel.h |   1 +
 softmmu/vl.c   | 134 ++---
 3 files changed, 67 insertions(+), 74 deletions(-)

diff --git a/accel/accel.c b/accel/accel.c
index cb555e3b06..f7fdc2f5a8 100644
--- a/accel/accel.c
+++ b/accel/accel.c
@@ -46,6 +46,12 @@ AccelClass *accel_find(const char *opt_name)
 return ac;
 }
 
+bool accel_print_class_properties(const char *opt_name)
+{
+g_autofree char *class_name = g_strdup_printf(ACCEL_CLASS_NAME("%s"), 
opt_name);
+return type_print_class_properties(class_name);
+}
+
 int accel_init_machine(AccelState *accel, MachineState *ms)
 {
 AccelClass *acc = ACCEL_GET_CLASS(accel);
diff --git a/include/sysemu/accel.h b/include/sysemu/accel.h
index e08b8ab8fa..737db49d21 100644
--- a/include/sysemu/accel.h
+++ b/include/sysemu/accel.h
@@ -67,6 +67,7 @@ typedef struct AccelClass {
 OBJECT_GET_CLASS(AccelClass, (obj), TYPE_ACCEL)
 
 AccelClass *accel_find(const char *opt_name);
+bool accel_print_class_properties(const char *opt_name);
 int accel_init_machine(AccelState *accel, MachineState *ms);
 
 /* Called just before os_setup_post (ie just before drop OS privs) */
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 5ade1cf6c5..88738a9f5a 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -137,6 +137,7 @@ static const char *loadvm;
 static const char *accelerators;
 static QDict *machine_opts_dict;
 static GSList *object_opts_list = NULL;
+static GSList *accel_opts_list = NULL;
 static ram_addr_t maxram_size;
 static uint64_t ram_slots;
 static int display_remote;
@@ -227,20 +228,6 @@ static QemuOptsList qemu_option_rom_opts = {
 },
 };
 
-static QemuOptsList qemu_accel_opts = {
-.name = "accel",
-.implied_opt_name = "accel",
-.head = QTAILQ_HEAD_INITIALIZER(qemu_accel_opts.head),
-.desc = {
-/*
- * no elements => accept any
- * sanity checking will happen later
- * when setting accelerator properties
- */
-{ }
-},
-};
-
 static QemuOptsList qemu_boot_opts = {
 .name = "boot-opts",
 .implied_opt_name = "order",
@@ -1555,21 +1542,6 @@ static MachineClass *select_machine(QDict *qdict, Error 
**errp)
 return machine_class;
 }
 
-static int object_parse_property_opt(Object *obj,
- const char *name, const char *value,
- const char *skip, Error **errp)
-{
-if (g_str_equal(name, skip)) {
-return 0;
-}
-
-if (!object_property_parse(obj, name, value, errp)) {
-return -1;
-}
-
-return 0;
-}
-
 /* *Non*recursively replace underscores with dashes in QDict keys.  */
 static void keyval_dashify(QDict *qdict, Error **errp)
 {
@@ -2025,7 +1997,8 @@ static int global_init_func(void *opaque, QemuOpts *opts, 
Error **errp)
 static bool is_qemuopts_group(const char *group)
 {
 if (g_str_equal(group, "object") ||
-g_str_equal(group, "machine")) {
+g_str_equal(group, "machine") ||
+g_str_equal(group, "accel")) {
 return false;
 }
 return true;
@@ -2039,6 +2012,8 @@ static GSList **qemu_config_list(const char *group)
 {
 if (g_str_equal(group, "object")) {
 return _opts_list;
+} else if (g_str_equal(group, "accel")) {
+return _opts_list;
 }
 return NULL;
 }
@@ -2177,22 +2152,20 @@ static int do_configure_icount(void *opaque, QemuOpts 
*opts, Error **errp)
 return 0;
 }
 
-static int accelerator_set_property(void *opaque,
-const char *name, const char *value,
-Error **errp)
-{
-return object_parse_property_opt(opaque, name, value, "accel", errp);
-}
-
-static int do_configure_accelerator(void *opaque, QemuOpts *opts, Error **errp)
+static void do_configure_accelerator(void *data, void *opaque)
 {
 bool *p_init_failed = opaque;
-const char *acc = qemu_opt_get(opts, "accel");
+QDict *qdict = data;
+const char *acc = qdict_get_try_str(qdict, "accel");
 AccelClass *ac = accel_find(acc);
 AccelState *accel;
 int ret;
 bool qtest_with_kvm;
 
+if (current_accel()) {
+return;
+}
+
 qtest_with_kvm = g_str_equal(acc, "kvm") && qtest_chrdev != NULL;
 
 if (!ac) {
@@ -2200,24 +2173,20 @@ static int do_configure_accelerator(void *opaque, 
QemuOpts *opts, Error **errp)
 if (!qtest_with_kvm) {
 error_report("invalid accelerator %s", acc);
 }
-return 0;
+return;
 }
 accel = ACCEL(object_new_with_class(OBJECT_CLASS(ac)));
 object_apply_compat_props(OBJECT(accel));
-qemu_opt_foreach(opts, accelerator_set_property,
- accel,
- _fatal);
+qdict_del(qdict, "accel");
+object_set_properties_from_keyval(OBJECT(accel), qdict, 

[PATCH 06/28] keyval: accept escaped commas in implied option

[Paolo Bonzini]

This is used with the weirdly-named device "SUNFD,fdtwo":

  $ qemu-system-sparc -device SUNW,,fdtwo,help
  SUNW,fdtwo options:
drive=- Node name or ID of a block device to use as a 
backend
fallback= - FDC drive type, 144/288/120/none/auto (default: 
"144")
...

Therefore, accepting it is a preparatory step towards keyval-ifying
-device and the device_add monitor command.  In general, however, this
unexpected wart of the keyval syntax leads to suboptimal errors compared
to QemuOpts:

  $ ./qemu-system-x86_64 -object foo,,bar,id=obj
  qemu-system-x86_64: -object foo,,bar,id=obj: invalid object type: foo,bar
  $ storage-daemon/qemu-storage-daemon --object foo,,bar,id=obj
  qemu-storage-daemon: Invalid parameter ''

To implement this, the flow of the parser is changed to first unescape
everything up to the next comma or equal sign.  This is done in a
new function keyval_fetch_string for both the key and value part.
Keys therefore are now parsed in unescaped form, but this makes no
difference in practice because a comma is an invalid character for a
QAPI name.  Thus keys with a comma in them are rejected anyway, as
demonstrated by the new testcase.

As a side effect of the new code, parse errors are slightly improved as
well: "Invalid parameter ''" becomes "Expected parameter before '='"
when keyval is fed a string starting with an equal sign.

The slightly baroque interface of keyval_fetch_string lets me keep the
key parsing loop mostly untouched.  It is simplified in the next patch,
however.

Signed-off-by: Paolo Bonzini 
---
 include/qemu/help_option.h |  11 ---
 tests/test-keyval.c|  21 +++---
 util/keyval.c  | 142 -
 3 files changed, 91 insertions(+), 83 deletions(-)

diff --git a/include/qemu/help_option.h b/include/qemu/help_option.h
index ca6389a154..328d2a89fd 100644
--- a/include/qemu/help_option.h
+++ b/include/qemu/help_option.h
@@ -19,15 +19,4 @@ static inline bool is_help_option(const char *s)
 return !strcmp(s, "?") || !strcmp(s, "help");
 }
 
-static inline int starts_with_help_option(const char *s)
-{
-if (*s == '?') {
-return 1;
-}
-if (g_str_has_prefix(s, "help")) {
-return 4;
-}
-return 0;
-}
-
 #endif
diff --git a/tests/test-keyval.c b/tests/test-keyval.c
index ee927fe4e4..19f664f535 100644
--- a/tests/test-keyval.c
+++ b/tests/test-keyval.c
@@ -89,6 +89,11 @@ static void test_keyval_parse(void)
 error_free_or_abort();
 g_assert(!qdict);
 
+/* Keys must be QAPI identifiers */
+qdict = keyval_parse("weird,,=key", NULL, NULL, );
+error_free_or_abort();
+g_assert(!qdict);
+
 /* Multiple keys, last one wins */
 qdict = keyval_parse("a=1,b=2,,x,a=3", NULL, NULL, _abort);
 g_assert_cmpuint(qdict_size(qdict), ==, 2);
@@ -178,15 +183,15 @@ static void test_keyval_parse(void)
 error_free_or_abort();
 g_assert(!qdict);
 
-/* Likewise (qemu_opts_parse(): implied key with comma value) */
-qdict = keyval_parse(",,,a=1", "implied", NULL, );
-error_free_or_abort();
-g_assert(!qdict);
+/* Implied key's value can have a comma */
+qdict = keyval_parse(",,,a=1", "implied", NULL, _abort);
+g_assert_cmpstr(qdict_get_try_str(qdict, "implied"), ==, ",");
+g_assert_cmpstr(qdict_get_try_str(qdict, "a"), ==, "1");
+qobject_unref(qdict);
 
-/* Implied key's value can't have comma (qemu_opts_parse(): it can) */
-qdict = keyval_parse("val,,ue", "implied", NULL, );
-error_free_or_abort();
-g_assert(!qdict);
+qdict = keyval_parse("val,,ue", "implied", NULL, _abort);
+g_assert_cmpstr(qdict_get_try_str(qdict, "implied"), ==, "val,ue");
+qobject_unref(qdict);
 
 /* Empty key is not an implied key */
 qdict = keyval_parse("=val", "implied", NULL, );
diff --git a/util/keyval.c b/util/keyval.c
index 7f625ad33c..eb9b9c55ec 100644
--- a/util/keyval.c
+++ b/util/keyval.c
@@ -16,8 +16,8 @@
  *   key-vals = [ key-val { ',' key-val } [ ',' ] ]
  *   key-val  = key '=' val | help
  *   key  = key-fragment { '.' key-fragment }
- *   key-fragment = / [^=,.]+ /
- *   val  = { / [^,]+ / | ',,' }
+ *   key-fragment = { / [^=,.] / | ',,' }
+ *   val  = { / [^,] / | ',,' }
  *   help = 'help' | '?'
  *
  * Semantics defined by reduction to JSON:
@@ -78,13 +78,13 @@
  * Alternative syntax for use with an implied key:
  *
  *   key-vals = [ key-val-1st { ',' key-val } [ ',' ] ]
- *   key-val-1st  = val-no-key | key-val
- *   val-no-key   = / [^=,]+ / - help
+ *   key-val-1st  = (val-no-key - help) | key-val
+ *   val-no-key   = { / [^=,] / | ',,' }
  *
  * where val-no-key is syntactic sugar for implied-key=val-no-key.
  *
- * Note that you can't use the sugared form when the value contains
- * '=' or ','.
+ * Note that you can't use the sugared form when the value is empty
+ * or contains '='.
  */
 
 #include "qemu/osdep.h"
@@ -141,7 +141,7 @@ static int 

[PATCH 11/15] qtest: add a QOM object for qtest

[Paolo Bonzini]

The qtest server right now can only be created using the -qtest
and -qtest-log options.  Allow an alternative way to create it
using "-object qtest,chardev=...,log=...".

Signed-off-by: Paolo Bonzini 
---
 softmmu/qtest.c | 144 
 softmmu/vl.c|   5 +-
 2 files changed, 135 insertions(+), 14 deletions(-)

diff --git a/softmmu/qtest.c b/softmmu/qtest.c
index 7965dc9a16..d255c9681a 100644
--- a/softmmu/qtest.c
+++ b/softmmu/qtest.c
@@ -27,6 +27,8 @@
 #include "qemu/error-report.h"
 #include "qemu/module.h"
 #include "qemu/cutils.h"
+#include "qapi/qmp/qerror.h"
+#include "qom/object_interfaces.h"
 #include CONFIG_DEVICES
 #ifdef CONFIG_PSERIES
 #include "hw/ppc/spapr_rtas.h"
@@ -849,18 +851,9 @@ static void qtest_event(void *opaque, QEMUChrEvent event)
 break;
 }
 }
-void qtest_server_init(const char *qtest_chrdev, const char *qtest_log, Error 
**errp)
-{
-Chardev *chr;
-
-chr = qemu_chr_new("qtest", qtest_chrdev, NULL);
-
-if (chr == NULL) {
-error_setg(errp, "Failed to initialize device for qtest: \"%s\"",
-   qtest_chrdev);
-return;
-}
 
+static bool qtest_server_start(Chardev *chr, const char *qtest_log, Error 
**errp)
+{
 if (qtest_log) {
 if (strcmp(qtest_log, "none") != 0) {
 qtest_log_fp = fopen(qtest_log, "w+");
@@ -869,7 +862,9 @@ void qtest_server_init(const char *qtest_chrdev, const char 
*qtest_log, Error **
 qtest_log_fp = stderr;
 }
 
-qemu_chr_fe_init(_chr, chr, errp);
+if (!qemu_chr_fe_init(_chr, chr, errp)) {
+return false;
+}
 qemu_chr_fe_set_handlers(_chr, qtest_can_read, qtest_read,
  qtest_event, NULL, _chr, NULL, true);
 qemu_chr_fe_set_echo(_chr, true);
@@ -879,8 +874,25 @@ void qtest_server_init(const char *qtest_chrdev, const 
char *qtest_log, Error **
 if (!qtest_server_send) {
 qtest_server_set_send_handler(qtest_server_char_be_send, _chr);
 }
+return true;
+}
+
+void qtest_server_init(const char *qtest_chrdev, const char *qtest_log, Error 
**errp)
+{
+Chardev *chr;
+
+chr = qemu_chr_new("qtest", qtest_chrdev, NULL);
+
+if (chr == NULL) {
+error_setg(errp, "Failed to initialize device for qtest: \"%s\"",
+   qtest_chrdev);
+return;
+}
+
+qtest_server_start(chr, qtest_log, errp);
 }
 
+
 void qtest_server_set_send_handler(void (*send)(void*, const char*),
void *opaque)
 {
@@ -905,3 +917,111 @@ void qtest_server_inproc_recv(void *dummy, const char 
*buf)
 g_string_truncate(gstr, 0);
 }
 }
+
+#define TYPE_QTEST "qtest"
+
+OBJECT_DECLARE_SIMPLE_TYPE(QTest, QTEST)
+
+struct QTest {
+Object parent;
+
+bool complete;
+char *chr_name;
+Chardev *chr;
+char *log;
+};
+
+static void qtest_complete(UserCreatable *uc, Error **errp)
+{
+QTest *q = QTEST(uc);
+if (qtest_driver()) {
+error_setg(errp, "Only one instance of qtest can be created");
+return;
+}
+if (!q->chr_name) {
+error_setg(errp, "No backend specified");
+return;
+}
+
+if (!qtest_server_start(q->chr, q->log, errp)) {
+return;
+}
+q->complete = true;
+}
+
+static void qtest_set_log(Object *obj, const char *value, Error **errp)
+{
+QTest *q = QTEST(obj);
+
+if (q->complete) {
+error_setg(errp, QERR_PERMISSION_DENIED);
+} else {
+g_free(q->log);
+q->log = g_strdup(value);
+}
+}
+
+static char *qtest_get_log(Object *obj, Error **errp)
+{
+QTest *q = QTEST(obj);
+
+return g_strdup(q->log);
+}
+
+static void qtest_set_chardev(Object *obj, const char *value, Error **errp)
+{
+QTest *q = QTEST(obj);
+Chardev *chr;
+
+if (q->complete) {
+error_setg(errp, QERR_PERMISSION_DENIED);
+return;
+}
+
+chr = qemu_chr_find(value);
+if (!chr) {
+error_setg(errp, "Cannot find character device '%s'", value);
+return;
+}
+
+g_free(q->chr_name);
+q->chr_name = g_strdup(value);
+q->chr = chr;
+}
+
+static char *qtest_get_chardev(Object *obj, Error **errp)
+{
+QTest *q = QTEST(obj);
+
+return g_strdup(q->chr_name);
+}
+
+static void qtest_class_init(ObjectClass *oc, void *data)
+{
+UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+
+ucc->complete = qtest_complete;
+
+object_class_property_add_str(oc, "chardev",
+  qtest_get_chardev, qtest_set_chardev);
+object_class_property_add_str(oc, "log",
+  qtest_get_log, qtest_set_log);
+}
+
+static const TypeInfo qtest_info = {
+.name = TYPE_QTEST,
+.parent = TYPE_OBJECT,
+.class_init = qtest_class_init,
+.instance_size = sizeof(QTest),
+.interfaces = (InterfaceInfo[]) {
+{ TYPE_USER_CREATABLE },
+{ }
+}
+};
+
+static void register_types(void)
+{
+

[PATCH 24/28] qom: export more functions for use with non-UserCreatable objects

[Paolo Bonzini]

Machines and accelerators are not user-creatable but they share
similar parsing machinery.  Export functions that will be used
with -machine and -accel in softmmu/vl.c.

Signed-off-by: Paolo Bonzini 
---
 include/qom/object.h| 21 +
 qom/object_interfaces.c | 51 +
 2 files changed, 57 insertions(+), 15 deletions(-)

diff --git a/include/qom/object.h b/include/qom/object.h
index d378f13a11..cd27facd8a 100644
--- a/include/qom/object.h
+++ b/include/qom/object.h
@@ -860,6 +860,27 @@ static void do_qemu_init_ ## type_array(void)  
 \
 }   \
 type_init(do_qemu_init_ ## type_array)
 
+/**
+ * type_print_class_properties:
+ * @type: a QOM class name
+ *
+ * Print the object's class properties to stdout or the monitor.
+ * Return whether an object was found.
+ */
+bool type_print_class_properties(const char *type);
+
+/**
+ * object_set_properties_from_keyval:
+ * @obj: a QOM object
+ * @qdict: a dictionary whose leaf values are strings
+ * @errp: pointer to error object
+ *
+ * For each key in the dictionary, parse the value string and set the
+ * corresponding property in @obj.
+ */
+void object_set_properties_from_keyval(Object *obj, const QDict *qdict,
+  Error **errp);
+
 /**
  * object_class_dynamic_cast_assert:
  * @klass: The #ObjectClass to attempt to cast.
diff --git a/qom/object_interfaces.c b/qom/object_interfaces.c
index 107c378c27..7c6d591731 100644
--- a/qom/object_interfaces.c
+++ b/qom/object_interfaces.c
@@ -39,13 +39,45 @@ bool user_creatable_can_be_deleted(UserCreatable *uc)
 }
 }
 
+static void object_set_properties_from_qdict(Object *obj, const QDict *qdict,
+ Visitor *v, Error **errp)
+{
+const QDictEntry *e;
+Error *local_err = NULL;
+
+if (!visit_start_struct(v, NULL, NULL, 0, _err)) {
+goto out;
+}
+for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) {
+if (!object_property_set(obj, e->key, v, _err)) {
+break;
+}
+}
+if (!local_err) {
+visit_check_struct(v, _err);
+}
+visit_end_struct(v, NULL);
+
+out:
+if (local_err) {
+error_propagate(errp, local_err);
+}
+}
+
+void object_set_properties_from_keyval(Object *obj, const QDict *qdict,
+   Error **errp)
+{
+Visitor *v = qobject_input_visitor_new_keyval(QOBJECT(qdict));
+object_set_properties_from_qdict(obj, qdict, v, errp);
+visit_free(v);
+}
+
 Object *user_creatable_add_type(const char *type, const char *id,
 const QDict *qdict,
 Visitor *v, Error **errp)
 {
 Object *obj;
 ObjectClass *klass;
-const QDictEntry *e;
 Error *local_err = NULL;
 
 klass = object_class_by_name(type);
@@ -67,18 +99,7 @@ Object *user_creatable_add_type(const char *type, const char 
*id,
 
 assert(qdict);
 obj = object_new(type);
-if (!visit_start_struct(v, NULL, NULL, 0, _err)) {
-goto out;
-}
-for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) {
-if (!object_property_set(obj, e->key, v, _err)) {
-break;
-}
-}
-if (!local_err) {
-visit_check_struct(v, _err);
-}
-visit_end_struct(v, NULL);
+object_set_properties_from_qdict(obj, qdict, v, _err);
 if (local_err) {
 goto out;
 }
@@ -177,7 +198,7 @@ void user_creatable_print_types(void)
 g_slist_free(list);
 }
 
-static bool user_creatable_print_type_properites(const char *type)
+bool type_print_class_properties(const char *type)
 {
 ObjectClass *klass;
 ObjectPropertyIterator iter;
@@ -219,7 +240,7 @@ void user_creatable_print_help_from_qdict(const QDict *args)
 {
 const char *type = qdict_get_try_str(args, "qom-type");
 
-if (!type || !user_creatable_print_type_properites(type)) {
+if (!type || !type_print_class_properties(type)) {
 user_creatable_print_types();
 }
 }
-- 
2.26.2

Re: [PATCH 00/18] qapi/qom: QAPIfy object-add

[Paolo Bonzini]

On 01/12/20 23:08, Eduardo Habkost wrote:

Properties are only a useful concept if they have a use.  If
-object/object_add/object-add can do the same job without properties,
properties are not needed anymore.


Do you mean "not needed for -object anymore"?  Properties are
still used by internal C code (esp. board code),
-device/device_add, -machine, -cpu, and debugging commands (like
"info qtree" and qom-list/qom-get/qom-set).


Yes.


Right now QOM is all about exposing properties, and having multiple
interfaces to set them (by picking a different visitor).  But in practice
most QOM objects have a lifetime that consists of 1) set properties 2) flip
a switch (realized/complete/open) 3) let the object live on its own.  1+2
are a single monitor command or CLI option; during 3 you access the object
through monitor commands, not properties.


I agree with this, except for the word "all" in "QOM is all
about".  QOM is also an extensively used internal QEMU API,
including internal usage of the QOM property system.


Yeah, "all about exposing properties" includes internal usage.  And 
you're right that some "phase 3" monitor commands do work at the 
property level (mostly "info qtree", but also "qom-get" because there 
are some cases of public run-time properties).



I'm liking the direction this is taking.  However, I would still
like to have a clearer and feasible plan that would work for
-device, -machine, and -cpu.


-cpu is not a problem since it's generally created with a static 
configuration (now done with global properties, in the future it could 
be a struct).


-machine and -device in principle could be done the same way as -object, 
just through a different registry (_not_ a huge struct; that's an 
acceptable stopgap for -object but that's it).  The static aka field 
properties would remain as read-only, with defaults moved to 
instance_init or realize.  But there would be again "triplication" with 
a trivial conversion:


1) in the QAPI schema, e.g. 'num_queues': 'int16'

2) in the struct, "int16_t num_queues;"

3) in the realize function,

s->num_queues = cfg->has_num_queues ? cfg->num_queues : 8;

So having a mechanism for defaults in the QAPI schema would be good. 
Maybe 'num_queues': { 'type': 'int16', 'default': '8' }?


I also need to review more the part of this code with respect to the 
application of global properties.  I wonder if there are visitor tricks 
that we can do, so that global properties keep working but correspond to 
QAPI fields instead of QOM properties.


Paolo

[PATCH 15/28] qemu-option: support accept-any QemuOptsList in qemu_opts_absorb_qdict

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 util/qemu-option.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/util/qemu-option.c b/util/qemu-option.c
index 40564a12eb..afba08d92e 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -1052,7 +1052,8 @@ bool qemu_opts_absorb_qdict(QemuOpts *opts, QDict *qdict, 
Error **errp)
 while (entry != NULL) {
 next = qdict_next(qdict, entry);
 
-if (find_desc_by_name(opts->list->desc, entry->key)) {
+if (opts_accepts_any(opts->list) ||
+find_desc_by_name(opts->list->desc, entry->key)) {
 if (!qemu_opts_from_qdict_entry(opts, entry, errp)) {
 return false;
 }
-- 
2.26.2

Re: [PATCH] virtio: reset device on bad guest index in virtio_load()

[Michael S. Tsirkin]

On Fri, Nov 20, 2020 at 06:51:07PM +, John Levon wrote:
> 
> If we find a queue with an inconsistent guest index value, explicitly mark the
> device as needing a reset - and broken - via virtio_error().
> 
> There's at least one driver implementation - the virtio-win NetKVM driver - 
> that
> is able to handle a VIRTIO_CONFIG_S_NEEDS_RESET notification and successfully
> restore the device to a working state. Other implementations do not correctly
> handle this, but as the VQ is not in a functional state anyway, this is still
> worth doing.
> 
> Signed-off-by: John Levon 

I tagged this for after the release. pls ping me after the release
to help make sure it does not get lost.

> ---
>  hw/virtio/virtio.c | 15 +--
>  1 file changed, 9 insertions(+), 6 deletions(-)
> 
> diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
> index ceb58fda6c..eff35fab7c 100644
> --- a/hw/virtio/virtio.c
> +++ b/hw/virtio/virtio.c
> @@ -3161,12 +3161,15 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f, int 
> version_id)
>  nheads = vring_avail_idx(>vq[i]) - 
> vdev->vq[i].last_avail_idx;
>  /* Check it isn't doing strange things with descriptor numbers. 
> */
>  if (nheads > vdev->vq[i].vring.num) {
> -qemu_log_mask(LOG_GUEST_ERROR,
> -  "VQ %d size 0x%x Guest index 0x%x "
> -  "inconsistent with Host index 0x%x: delta 
> 0x%x",
> -  i, vdev->vq[i].vring.num,
> -  vring_avail_idx(>vq[i]),
> -  vdev->vq[i].last_avail_idx, nheads);
> +virtio_error(vdev, "VQ %d size 0x%x Guest index 0x%x "
> + "inconsistent with Host index 0x%x: delta 0x%x",
> + i, vdev->vq[i].vring.num,
> + vring_avail_idx(>vq[i]),
> + vdev->vq[i].last_avail_idx, nheads);
> +vdev->vq[i].used_idx = 0;
> +vdev->vq[i].shadow_avail_idx = 0;
> +vdev->vq[i].inuse = 0;
> +continue;
>  }
>  vdev->vq[i].used_idx = vring_used_idx(>vq[i]);
>  vdev->vq[i].shadow_avail_idx = vring_avail_idx(>vq[i]);
> -- 
> 2.22.3
> 

Re: [PATCH 1/1] qemu vhost scsi: add VHOST_SET_VRING_ENABLE support

[Michael S. Tsirkin]

On Thu, Nov 12, 2020 at 05:19:00PM -0600, Mike Christie wrote:
> diff --git a/linux-headers/linux/vhost.h b/linux-headers/linux/vhost.h
> index 7523218..98dd919 100644
> --- a/linux-headers/linux/vhost.h
> +++ b/linux-headers/linux/vhost.h
> @@ -70,6 +70,7 @@
>  #define VHOST_VRING_BIG_ENDIAN 1
>  #define VHOST_SET_VRING_ENDIAN _IOW(VHOST_VIRTIO, 0x13, struct 
> vhost_vring_state)
>  #define VHOST_GET_VRING_ENDIAN _IOW(VHOST_VIRTIO, 0x14, struct 
> vhost_vring_state)
> +#define VHOST_SET_VRING_ENABLE _IOW(VHOST_VIRTIO, 0x15, struct 
> vhost_vring_state)

OK so first we need the kernel patches, then update the header, then
we can apply the qemu patch.

>  /* The following ioctls use eventfd file descriptors to signal and poll
>   * for events. */
> -- 
> 1.8.3.1

Re: [PATCH v10 0/9] pci_expander_brdige:acpi: Support pxb-pcie for ARM

[Michael S. Tsirkin]

On Thu, Nov 19, 2020 at 09:48:32AM +0800, Jiahui Cen wrote:
> Changes with v9
> v9->v10:
> Refactor patch2 to drop useless macros and variables.
> Split patch2 into two patches.

I tagged this for after the release. To help make sure this is
not lost pls ping me after the release.

Thanks!

> Changes with v8
> v8->v9:
> Rebase to master
> 
> Changes with v7
> v7->v8:
> Fix the error:no member named 'fw_cfg' in 'struct PCMachineState'
> 
> Changes with v6
> v6->v7:
> Refactor fw_cfg_write_extra_pci_roots
> Add API PCI_GET_PCIE_HOST_STATE
> Fix typos
> 
> Changes with v5
> v5->v6: stat crs_range_insert in aml_build.h
> 
> Changes with v4
> v4->v5: Not using specific resources for PXB.
> Instead, the resources for pxb are composed of the bar space of the
> pci-bridge/pcie-root-port behined it and the config space of devices
> behind it.
> 
> Only if the bios(uefi for arm) support multiple roots,
> configure space of devices behind pxbs could be obtained.
> The newest uefi work is updated for discussion by the following link:
> https://edk2.groups.io/g/devel/topic/78135572#67173
> [PATCH v2 0/4] Add extra pci roots support for Arm
> 
> Currently pxb-pcie is not supported by arm,
> the reason for it is pxb-pcie is not described in DSDT table
> and only one main host bridge is described in acpi tables,
> which means it is not impossible to present different io numas
> for different devices.
> 
> This series of patches make arm to support PXB-PCIE.
> 
> Users can configure pxb-pcie with certain numa, Example command
> is:
> 
>-device pxb-pcie,id=pci.7,bus_nr=128,numa_node=0,bus=pcie.0,addr=0x9
> 
> Jiahui Cen (2):
>   fw_cfg: Refactor extra pci roots addition
>   hw/arm/virt: Write extra pci roots into fw_cfg
> 
> Yubo Miao (7):
>   acpi/gpex: Extract two APIs from acpi_dsdt_add_pci
>   acpi: Extract crs build form acpi_build.c
>   acpi/gpex: Build tables for pxb
>   acpi: Align the size to 128k
>   unit-test: The files changed.
>   unit-test: Add testcase for pxb
>   unit-test: Add the binary file and clear diff.h
> 
>  hw/acpi/aml-build.c| 285 +++
>  hw/arm/virt-acpi-build.c   |  31 ++-
>  hw/arm/virt.c  |   7 +-
>  hw/i386/acpi-build.c   | 293 
>  hw/i386/pc.c   |  18 +-
>  hw/nvram/fw_cfg.c  |  23 ++
>  hw/pci-host/gpex-acpi.c| 166 +++
>  include/hw/acpi/aml-build.h|  22 ++
>  include/hw/arm/virt.h  |   1 +
>  include/hw/nvram/fw_cfg.h  |   9 +
>  include/hw/pci-host/gpex.h |   1 +
>  tests/data/acpi/virt/DSDT.pxb  | Bin 0 -> 7802 bytes
>  tests/qtest/bios-tables-test.c |  58 +++-
>  13 files changed, 545 insertions(+), 369 deletions(-)
>  create mode 100644 tests/data/acpi/virt/DSDT.pxb
> 
> -- 
> 2.28.0

[PULL 2/6] memory: Rename memory_region_notify_one to memory_region_notify_iommu_one

[Michael S. Tsirkin]

From: Eugenio Pérez 

Previous name didn't reflect the iommu operation.

Signed-off-by: Eugenio Pérez 
Reviewed-by: Peter Xu 
Reviewed-by: David Gibson 
Reviewed-by: Juan Quintela 
Reviewed-by: Eric Auger 
Acked-by: Jason Wang 
Message-Id: <20201116165506.31315-2-epere...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 include/exec/memory.h | 6 +++---
 hw/arm/smmu-common.c  | 2 +-
 hw/arm/smmuv3.c   | 2 +-
 hw/i386/intel_iommu.c | 4 ++--
 softmmu/memory.c  | 6 +++---
 5 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/include/exec/memory.h b/include/exec/memory.h
index 0f3e6bcd5e..d8456ccf52 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -236,7 +236,7 @@ enum IOMMUMemoryRegionAttr {
  * The IOMMU implementation must use the IOMMU notifier infrastructure
  * to report whenever mappings are changed, by calling
  * memory_region_notify_iommu() (or, if necessary, by calling
- * memory_region_notify_one() for each registered notifier).
+ * memory_region_notify_iommu_one() for each registered notifier).
  *
  * Conceptually an IOMMU provides a mapping from input address
  * to an output TLB entry. If the IOMMU is aware of memory transaction
@@ -1346,7 +1346,7 @@ void memory_region_notify_iommu(IOMMUMemoryRegion 
*iommu_mr,
 IOMMUTLBEntry entry);
 
 /**
- * memory_region_notify_one: notify a change in an IOMMU translation
+ * memory_region_notify_iommu_one: notify a change in an IOMMU translation
  *   entry to a single notifier
  *
  * This works just like memory_region_notify_iommu(), but it only
@@ -1357,7 +1357,7 @@ void memory_region_notify_iommu(IOMMUMemoryRegion 
*iommu_mr,
  * replaces all old entries for the same virtual I/O address range.
  * Deleted entries have .@perm == 0.
  */
-void memory_region_notify_one(IOMMUNotifier *notifier,
+void memory_region_notify_iommu_one(IOMMUNotifier *notifier,
   IOMMUTLBEntry *entry);
 
 /**
diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
index 3838db1395..88d2c454f0 100644
--- a/hw/arm/smmu-common.c
+++ b/hw/arm/smmu-common.c
@@ -472,7 +472,7 @@ static void smmu_unmap_notifier_range(IOMMUNotifier *n)
 entry.perm = IOMMU_NONE;
 entry.addr_mask = n->end - n->start;
 
-memory_region_notify_one(n, );
+memory_region_notify_iommu_one(n, );
 }
 
 /* Unmap all notifiers attached to @mr */
diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
index 22607c3784..273f5f7dce 100644
--- a/hw/arm/smmuv3.c
+++ b/hw/arm/smmuv3.c
@@ -828,7 +828,7 @@ static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
 entry.addr_mask = num_pages * (1 << granule) - 1;
 entry.perm = IOMMU_NONE;
 
-memory_region_notify_one(n, );
+memory_region_notify_iommu_one(n, );
 }
 
 /* invalidate an asid/iova range tuple in all mr's */
diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index 70ac837733..067593b9e4 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -3497,7 +3497,7 @@ static void vtd_address_space_unmap(VTDAddressSpace *as, 
IOMMUNotifier *n)
 /* This field is meaningless for unmap */
 entry.translated_addr = 0;
 
-memory_region_notify_one(n, );
+memory_region_notify_iommu_one(n, );
 
 start += mask;
 remain -= mask;
@@ -3535,7 +3535,7 @@ static void vtd_address_space_refresh_all(IntelIOMMUState 
*s)
 
 static int vtd_replay_hook(IOMMUTLBEntry *entry, void *private)
 {
-memory_region_notify_one((IOMMUNotifier *)private, entry);
+memory_region_notify_iommu_one((IOMMUNotifier *)private, entry);
 return 0;
 }
 
diff --git a/softmmu/memory.c b/softmmu/memory.c
index 11ca94d037..44de610c72 100644
--- a/softmmu/memory.c
+++ b/softmmu/memory.c
@@ -1942,8 +1942,8 @@ void memory_region_unregister_iommu_notifier(MemoryRegion 
*mr,
 memory_region_update_iommu_notify_flags(iommu_mr, NULL);
 }
 
-void memory_region_notify_one(IOMMUNotifier *notifier,
-  IOMMUTLBEntry *entry)
+void memory_region_notify_iommu_one(IOMMUNotifier *notifier,
+IOMMUTLBEntry *entry)
 {
 IOMMUNotifierFlag request_flags;
 hwaddr entry_end = entry->iova + entry->addr_mask;
@@ -1979,7 +1979,7 @@ void memory_region_notify_iommu(IOMMUMemoryRegion 
*iommu_mr,
 
 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) {
 if (iommu_notifier->iommu_idx == iommu_idx) {
-memory_region_notify_one(iommu_notifier, );
+memory_region_notify_iommu_one(iommu_notifier, );
 }
 }
 }
-- 
MST

Re: [PATCH] accel/tcg: Remove deprecated '-tb-size' option

[Thomas Huth]

On 02/12/2020 12.27, Philippe Mathieu-Daudé wrote:
> The '-tb-size' option (replaced by '-accel tcg,tb-size') is
> deprecated since 5.0 (commit fe174132478). Remove it.
> 
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
>  docs/system/deprecated.rst | 12 +---
>  accel/tcg/translate-all.c  |  2 +-
>  softmmu/vl.c   |  8 
>  qemu-options.hx|  8 
>  4 files changed, 6 insertions(+), 24 deletions(-)
> 
> diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst
> index 565389697e8..70bdb62a6d6 100644
> --- a/docs/system/deprecated.rst
> +++ b/docs/system/deprecated.rst
> @@ -100,13 +100,6 @@ QEMU 5.1 has three options:
>to the user to load all the images they need.
>   3. ``-bios `` - Tells QEMU to load the specified file as the firmwrae.
>  
> -``-tb-size`` option (since 5.0)
> -'''
> -
> -QEMU 5.0 introduced an alternative syntax to specify the size of the 
> translation
> -block cache, ``-accel tcg,tb-size=``.  The new syntax deprecates the
> -previously available ``-tb-size`` option.
> -
>  ``-show-cursor`` option (since 5.0)
>  '''
>  
> @@ -523,6 +516,11 @@ for the ``id`` parameter, which should now be used 
> instead.
>  
>  The ``-no-kvm`` argument was a synonym for setting ``-machine accel=tcg``.
>  
> +``-tb-size`` option (removed in 6.0)
> +'''
> +
> +QEMU 5.0 introduced an alternative syntax to specify the size of the 
> translation
> +block cache, ``-accel tcg,tb-size=``.
>  
>  QEMU Machine Protocol (QMP) commands
>  
> diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
> index 4572b4901fb..b7d50a73d44 100644
> --- a/accel/tcg/translate-all.c
> +++ b/accel/tcg/translate-all.c
> @@ -2379,7 +2379,7 @@ void dump_exec_info(void)
>  qemu_printf("Translation buffer state:\n");
>  /*
>   * Report total code size including the padding and TB structs;
> - * otherwise users might think "-tb-size" is not honoured.
> + * otherwise users might think "-accel tcg,tb-size" is not honoured.
>   * For avg host size we use the precise numbers from tb_tree_stats 
> though.
>   */
>  qemu_printf("gen code size   %zu/%zu\n",
> diff --git a/softmmu/vl.c b/softmmu/vl.c
> index e6e0ad5a925..3f052849d8c 100644
> --- a/softmmu/vl.c
> +++ b/softmmu/vl.c
> @@ -3639,14 +3639,6 @@ void qemu_init(int argc, char **argv, char **envp)
>  exit(1);
>  }
>  break;
> -case QEMU_OPTION_tb_size:
> -#ifndef CONFIG_TCG
> -error_report("TCG is disabled");
> -exit(1);
> -#endif
> -warn_report("The -tb-size option is deprecated, use -accel 
> tcg,tb-size instead");
> -object_register_sugar_prop(ACCEL_CLASS_NAME("tcg"), 
> "tb-size", optarg);
> -break;
>  case QEMU_OPTION_icount:
>  icount_opts = 
> qemu_opts_parse_noisily(qemu_find_opts("icount"),
>optarg, true);
> diff --git a/qemu-options.hx b/qemu-options.hx
> index 104632ea343..7ce06290b68 100644
> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -4080,14 +4080,6 @@ SRST
>  Show cursor.
>  ERST
>  
> -DEF("tb-size", HAS_ARG, QEMU_OPTION_tb_size, \
> -"-tb-size n  set TB size\n", QEMU_ARCH_ALL)
> -SRST
> -``-tb-size n``
> -Set TCG translation block cache size. Deprecated, use
> -'\ ``-accel tcg,tb-size=n``\ ' instead.
> -ERST
> -
>  DEF("incoming", HAS_ARG, QEMU_OPTION_incoming, \
>  "-incoming tcp:[host]:port[,to=maxport][,ipv4][,ipv6]\n" \
>  "-incoming rdma:host:port[,ipv4][,ipv6]\n" \
> 

Reviewed-by: Thomas Huth 

Re: [PATCH 03/23] tests/docker: use project specific container registries

[Gerd Hoffmann]

> --- a/tests/docker/dockerfiles/centos8.docker
> +++ b/tests/docker/dockerfiles/centos8.docker
> @@ -1,4 +1,4 @@
> -FROM centos:8.1.1911
> +FROM registry.centos.org/centos:8

At least for centos-8 I've noticed the docker.io containters are
multiarch whereas registry.centos.org has x86_64 only.

I think right now we don't use any !x86_64 containers due to gitlab
having only x86_64 shared runners.  So this isn't a blocker.  Wanted
to note that nevertheless ;)

take care,
  Gerd

[PULL 072/113] vl: move -global check earlier

[Paolo Bonzini]

The check has the same effect here, it only matters that it is performed
once all devices, both builtin and user-specified, have been created.

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 softmmu/vl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index 6a2972938d..e65eb0c9f2 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -3490,6 +3490,8 @@ static void qemu_machine_creation_done(void)
 net_check_clients();
 }
 
+qdev_prop_check_globals();
+
 if (boot_once) {
 qemu_boot_set(boot_once, _fatal);
 qemu_register_reset(restore_boot_order, g_strdup(boot_order));
@@ -4547,7 +4549,6 @@ void qemu_init(int argc, char **argv, char **envp)
 replay_vmstate_init();
 }
 
-qdev_prop_check_globals();
 if (vmstate_dump_file) {
 /* dump and exit */
 dump_vmstate_json_to_file(vmstate_dump_file);
-- 
2.26.2

[PULL 044/113] nios2: do not use ram_size global

[Paolo Bonzini]

Use the equivalent argument to the function instead.

Signed-off-by: Paolo Bonzini 
---
 hw/nios2/boot.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/nios2/boot.c b/hw/nios2/boot.c
index 1df3b66c29..3cb864914b 100644
--- a/hw/nios2/boot.c
+++ b/hw/nios2/boot.c
@@ -181,7 +181,7 @@ void nios2_load_kernel(Nios2CPU *cpu, hwaddr ddr_base,
 /* Not an ELF image nor an u-boot image, try a RAW image. */
 if (kernel_size < 0) {
 kernel_size = load_image_targphys(kernel_filename, ddr_base,
-  ram_size);
+  ramsize);
 boot_info.bootstrap_pc = ddr_base;
 high = ddr_base + kernel_size;
 }
@@ -198,11 +198,11 @@ void nios2_load_kernel(Nios2CPU *cpu, hwaddr ddr_base,
 
 initrd_size = load_ramdisk(initrd_filename,
boot_info.initrd_start,
-   ram_size - initrd_offset);
+   ramsize - initrd_offset);
 if (initrd_size < 0) {
 initrd_size = load_image_targphys(initrd_filename,
   boot_info.initrd_start,
-  ram_size - initrd_offset);
+  ramsize - initrd_offset);
 }
 if (initrd_size < 0) {
 error_report("could not load initrd '%s'",
@@ -216,7 +216,7 @@ void nios2_load_kernel(Nios2CPU *cpu, hwaddr ddr_base,
 
 /* Device tree must be placed right after initrd (if available) */
 boot_info.fdt = high;
-fdt_size = nios2_load_dtb(boot_info, ram_size, kernel_cmdline,
+fdt_size = nios2_load_dtb(boot_info, ramsize, kernel_cmdline,
   /* Preference a -dtb argument */
   dtb_arg ? dtb_arg : filename);
 high += fdt_size;
-- 
2.26.2

[PULL 080/113] vl: clean up -boot variables

[Paolo Bonzini]

Move more of them into MachineState, in preparation for moving initialization
of the machine out of vl.c.

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 include/hw/boards.h |  1 +
 softmmu/vl.c| 12 ++--
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/include/hw/boards.h b/include/hw/boards.h
index 4537cfb5c6..b9233af54a 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -283,6 +283,7 @@ struct MachineState {
 ram_addr_t maxram_size;
 uint64_t   ram_slots;
 const char *boot_order;
+const char *boot_once;
 char *kernel_filename;
 char *kernel_cmdline;
 char *initrd_filename;
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 43a0a45b68..77ee044c42 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -130,8 +130,6 @@ typedef QSIMPLEQ_HEAD(, BlockdevOptionsQueueEntry) 
BlockdevOptionsQueue;
 
 static const char *cpu_option;
 static const char *mem_path;
-static const char *boot_order;
-static const char *boot_once;
 static const char *incoming;
 static const char *loadvm;
 static ram_addr_t maxram_size;
@@ -2472,6 +2470,8 @@ static void qemu_apply_machine_options(void)
 {
 MachineClass *machine_class = MACHINE_GET_CLASS(current_machine);
 QemuOpts *machine_opts = qemu_get_machine_opts();
+const char *boot_order = NULL;
+const char *boot_once = NULL;
 QemuOpts *opts;
 
 qemu_opt_foreach(machine_opts, machine_set_property, current_machine,
@@ -2501,6 +2501,7 @@ static void qemu_apply_machine_options(void)
 }
 
 current_machine->boot_order = boot_order;
+current_machine->boot_once = boot_once;
 
 if (semihosting_enabled() && !semihosting_get_argc()) {
 const char *kernel_filename = qemu_opt_get(machine_opts, "kernel");
@@ -2508,7 +2509,6 @@ static void qemu_apply_machine_options(void)
 /* fall back to the -kernel/-append */
 semihosting_arg_fallback(kernel_filename, kernel_cmdline);
 }
-
 }
 
 static void qemu_create_early_backends(void)
@@ -3220,9 +3220,9 @@ static void qemu_machine_creation_done(void)
 
 qdev_prop_check_globals();
 
-if (boot_once) {
-qemu_boot_set(boot_once, _fatal);
-qemu_register_reset(restore_boot_order, g_strdup(boot_order));
+if (current_machine->boot_once) {
+qemu_boot_set(current_machine->boot_once, _fatal);
+qemu_register_reset(restore_boot_order, 
g_strdup(current_machine->boot_order));
 }
 
 if (foreach_device_config(DEV_GDB, gdbserver_start) < 0) {
-- 
2.26.2

[PULL 067/113] vl: separate qemu_create_late_backends

[Paolo Bonzini]

"Late" backends are created after the machine.

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 softmmu/vl.c | 64 ++--
 1 file changed, 32 insertions(+), 32 deletions(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index aafcbec356..d9fe9f63c0 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -2759,11 +2759,41 @@ static void qemu_create_early_backends(void)
  * The remainder of object creation happens after the
  * creation of chardev, fsdev, net clients and device data types.
  */
-static bool object_create_delayed(const char *type, QemuOpts *opts)
+static bool object_create_late(const char *type, QemuOpts *opts)
 {
 return !object_create_early(type, opts);
 }
 
+static void qemu_create_late_backends(void)
+{
+if (qtest_chrdev) {
+qtest_server_init(qtest_chrdev, qtest_log, _fatal);
+}
+
+net_init_clients(_fatal);
+
+qemu_opts_foreach(qemu_find_opts("object"),
+  user_creatable_add_opts_foreach,
+  object_create_late, _fatal);
+
+if (tpm_init() < 0) {
+exit(1);
+}
+
+qemu_opts_foreach(qemu_find_opts("mon"),
+  mon_init_func, NULL, _fatal);
+
+if (foreach_device_config(DEV_SERIAL, serial_parse) < 0)
+exit(1);
+if (foreach_device_config(DEV_PARALLEL, parallel_parse) < 0)
+exit(1);
+if (foreach_device_config(DEV_DEBUGCON, debugcon_parse) < 0)
+exit(1);
+
+/* now chardevs have been created we may have semihosting to connect */
+qemu_semihosting_connect_chardevs();
+qemu_semihosting_console_init();
+}
 
 static bool set_memory_options(uint64_t *ram_slots, ram_addr_t *maxram_size,
MachineClass *mc)
@@ -3377,7 +3407,6 @@ void qemu_init(int argc, char **argv, char **envp)
 ram_addr_t maxram_size;
 uint64_t ram_slots = 0;
 FILE *vmstate_dump_file = NULL;
-Error *err = NULL;
 bool have_custom_ram_size;
 
 qemu_add_opts(_drive_opts);
@@ -4392,10 +4421,6 @@ void qemu_init(int argc, char **argv, char **envp)
  */
 migration_object_init();
 
-if (qtest_chrdev) {
-qtest_server_init(qtest_chrdev, qtest_log, _fatal);
-}
-
 opts = qemu_opts_find(qemu_find_opts("boot-opts"), NULL);
 if (opts) {
 boot_order = qemu_opt_get(opts, "order");
@@ -4423,32 +4448,7 @@ void qemu_init(int argc, char **argv, char **envp)
 semihosting_arg_fallback(kernel_filename, kernel_cmdline);
 }
 
-if (net_init_clients() < 0) {
-error_report_err(err);
-exit(1);
-}
-
-qemu_opts_foreach(qemu_find_opts("object"),
-  user_creatable_add_opts_foreach,
-  object_create_delayed, _fatal);
-
-if (tpm_init() < 0) {
-exit(1);
-}
-
-qemu_opts_foreach(qemu_find_opts("mon"),
-  mon_init_func, NULL, _fatal);
-
-if (foreach_device_config(DEV_SERIAL, serial_parse) < 0)
-exit(1);
-if (foreach_device_config(DEV_PARALLEL, parallel_parse) < 0)
-exit(1);
-if (foreach_device_config(DEV_DEBUGCON, debugcon_parse) < 0)
-exit(1);
-
-/* now chardevs have been created we may have semihosting to connect */
-qemu_semihosting_connect_chardevs();
-qemu_semihosting_console_init();
+qemu_create_late_backends();
 
 current_machine->boot_order = boot_order;
 
-- 
2.26.2

[PULL 084/113] kernel-doc: add support for ____cacheline_aligned_in_smp attribute

[Paolo Bonzini]

From: André Almeida 

Subroutine dump_struct uses type attributes to check if the struct
syntax is valid. Then, it removes all attributes before using it for
output. `cacheline_aligned_in_smp` is an attribute that is
not included in both steps. Add it, since it is used by kernel structs.

Signed-off-by: André Almeida 
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-3-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index d6bdb77ceb..2f421b7313 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1092,7 +1092,7 @@ sub dump_struct($$) {
 my $x = shift;
 my $file = shift;
 
-if ($x =~ 
/(struct|union)\s+(\w+)\s*\{(.*)\}(\s*(__packed|__aligned|__attribute__\s*\(\([a-z0-9,_\s\(\)]*\)\)))*/)
 {
+if ($x =~ 
/(struct|union)\s+(\w+)\s*\{(.*)\}(\s*(__packed|__aligned|cacheline_aligned_in_smp|__attribute__\s*\(\([a-z0-9,_\s\(\)]*\)\)))*/)
 {
my $decl_type = $1;
$declaration_name = $2;
my $members = $3;
@@ -1107,6 +1107,7 @@ sub dump_struct($$) {
$members =~ s/\s*__aligned\s*\([^;]*\)/ /gos;
$members =~ s/\s*__packed\s*/ /gos;
$members =~ s/\s*CRYPTO_MINALIGN_ATTR/ /gos;
+   $members =~ s/\s*cacheline_aligned_in_smp/ /gos;
# replace DECLARE_BITMAP
$members =~ s/DECLARE_BITMAP\s*\(([^,)]+),\s*([^,)]+)\)/unsigned long 
$1\[BITS_TO_LONGS($2)\]/gos;
# replace DECLARE_HASHTABLE
-- 
2.26.2

[PULL 069/113] vl: separate qemu_apply_machine_options

[Paolo Bonzini]

Signed-off-by: Paolo Bonzini 
---
 softmmu/vl.c | 81 +---
 1 file changed, 45 insertions(+), 36 deletions(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index 5af52454ee..acf09b2040 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -2704,6 +2704,49 @@ static bool object_create_early(const char *type, 
QemuOpts *opts)
 return true;
 }
 
+static void qemu_apply_machine_options(void)
+{
+MachineClass *machine_class = MACHINE_GET_CLASS(current_machine);
+QemuOpts *machine_opts = qemu_get_machine_opts();
+QemuOpts *opts;
+
+qemu_opt_foreach(machine_opts, machine_set_property, current_machine,
+ _fatal);
+current_machine->ram_size = ram_size;
+current_machine->maxram_size = maxram_size;
+current_machine->ram_slots = ram_slots;
+
+opts = qemu_opts_find(qemu_find_opts("boot-opts"), NULL);
+if (opts) {
+boot_order = qemu_opt_get(opts, "order");
+if (boot_order) {
+validate_bootdevices(boot_order, _fatal);
+}
+
+boot_once = qemu_opt_get(opts, "once");
+if (boot_once) {
+validate_bootdevices(boot_once, _fatal);
+}
+
+boot_menu = qemu_opt_get_bool(opts, "menu", boot_menu);
+boot_strict = qemu_opt_get_bool(opts, "strict", false);
+}
+
+if (!boot_order) {
+boot_order = machine_class->default_boot_order;
+}
+
+current_machine->boot_order = boot_order;
+
+if (semihosting_enabled() && !semihosting_get_argc()) {
+const char *kernel_filename = qemu_opt_get(machine_opts, "kernel");
+const char *kernel_cmdline = qemu_opt_get(machine_opts, "append") ?: 
"";
+/* fall back to the -kernel/-append */
+semihosting_arg_fallback(kernel_filename, kernel_cmdline);
+}
+
+}
+
 static void qemu_create_early_backends(void)
 {
 MachineClass *machine_class = MACHINE_GET_CLASS(current_machine);
@@ -3448,7 +3491,7 @@ static void qemu_machine_creation_done(void)
 
 void qemu_init(int argc, char **argv, char **envp)
 {
-QemuOpts *opts, *machine_opts;
+QemuOpts *opts;
 QemuOpts *icount_opts = NULL, *accel_opts = NULL;
 QemuOptsList *olist;
 int optind;
@@ -4387,12 +4430,7 @@ void qemu_init(int argc, char **argv, char **envp)
 qemu_create_default_devices();
 qemu_create_early_backends();
 
-machine_opts = qemu_get_machine_opts();
-qemu_opt_foreach(machine_opts, machine_set_property, current_machine,
- _fatal);
-current_machine->ram_size = ram_size;
-current_machine->maxram_size = maxram_size;
-current_machine->ram_slots = ram_slots;
+qemu_apply_machine_options();
 
 /*
  * Note: uses machine properties such as kernel-irqchip, must run
@@ -4428,37 +4466,8 @@ void qemu_init(int argc, char **argv, char **envp)
  */
 migration_object_init();
 
-opts = qemu_opts_find(qemu_find_opts("boot-opts"), NULL);
-if (opts) {
-boot_order = qemu_opt_get(opts, "order");
-if (boot_order) {
-validate_bootdevices(boot_order, _fatal);
-}
-
-boot_once = qemu_opt_get(opts, "once");
-if (boot_once) {
-validate_bootdevices(boot_once, _fatal);
-}
-
-boot_menu = qemu_opt_get_bool(opts, "menu", boot_menu);
-boot_strict = qemu_opt_get_bool(opts, "strict", false);
-}
-
-if (!boot_order) {
-boot_order = machine_class->default_boot_order;
-}
-
-if (semihosting_enabled() && !semihosting_get_argc()) {
-const char *kernel_filename = qemu_opt_get(machine_opts, "kernel");
-const char *kernel_cmdline = qemu_opt_get(machine_opts, "append");
-/* fall back to the -kernel/-append */
-semihosting_arg_fallback(kernel_filename, kernel_cmdline);
-}
-
 qemu_create_late_backends();
 
-current_machine->boot_order = boot_order;
-
 /* parse features once if machine provides default cpu_type */
 current_machine->cpu_type = machine_class->default_cpu_type;
 if (cpu_option) {
-- 
2.26.2

[PULL 097/113] Revert "kernel-doc: Use c:struct for Sphinx 3.0 and later"

[Paolo Bonzini]

This reverts commit 152d1967f650f67b7ece3a5dda77d48069d72647.
We will replace the commit with the fix from Linux.

Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-16-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 docs/sphinx/kerneldoc.py |  1 -
 scripts/kernel-doc   | 16 +---
 2 files changed, 1 insertion(+), 16 deletions(-)

diff --git a/docs/sphinx/kerneldoc.py b/docs/sphinx/kerneldoc.py
index 9124fcbff1..c0180e02a2 100644
--- a/docs/sphinx/kerneldoc.py
+++ b/docs/sphinx/kerneldoc.py
@@ -102,7 +102,6 @@ class KernelDocDirective(Directive):
 env.note_dependency(os.path.abspath(f))
 cmd += ['-export-file', f]
 
-cmd += ['-sphinx-version', sphinx.__version__]
 cmd += [filename]
 
 try:
diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index cb603532ed..60f75cd176 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -71,8 +71,6 @@ Output selection (mutually exclusive):
DOC: sections. May be specified multiple times.
 
 Output selection modifiers:
-  -sphinx-version VER   Generate rST syntax for the specified Sphinx version.
-Only works with reStructuredTextFormat.
   -no-doc-sections Do not output DOC: sections.
   -enable-linenoEnable output of #define LINENO lines. Only works with
 reStructuredText format.
@@ -294,7 +292,6 @@ use constant {
 };
 my $output_selection = OUTPUT_ALL;
 my $show_not_found = 0;# No longer used
-my $sphinx_version = "0.0"; # if not specified, assume old
 
 my @export_file_list;
 
@@ -460,8 +457,6 @@ while ($ARGV[0] =~ m/^--?(.*)/) {
$enable_lineno = 1;
 } elsif ($cmd eq 'show-not-found') {
$show_not_found = 1;  # A no-op but don't fail
-} elsif ($cmd eq 'sphinx-version') {
-$sphinx_version = shift @ARGV;
 } else {
# Unknown argument
 usage();
@@ -989,16 +984,7 @@ sub output_struct_rst(%) {
 my $oldprefix = $lineprefix;
 my $name = $args{'type'} . " " . $args{'struct'};
 
-# Sphinx 3.0 and up will emit warnings for "c:type:: struct Foo".
-# It wants to see "c:struct:: Foo" (and will add the word 'struct' in
-# the rendered output).
-if ((split(/\./, $sphinx_version))[0] >= 3) {
-my $sname = $name;
-$sname =~ s/^struct //;
-print "\n\n.. c:struct:: " . $sname . "\n\n";
-} else {
-print "\n\n.. c:type:: " . $name . "\n\n";
-}
+print "\n\n.. c:type:: " . $name . "\n\n";
 print_lineno($declaration_start_line);
 $lineprefix = "   ";
 output_highlight_rst($args{'purpose'});
-- 
2.26.2

[PULL 073/113] migration, vl: start migration via qmp_migrate_incoming

[Paolo Bonzini]

Make qemu_start_incoming_migration local to migration/migration.c.
By using the runstate instead of a separate flag, vl need not do
anything to setup deferred incoming migration.

qmp_migrate_incoming also does not need the deferred_incoming flag
anymore, because "-incoming PROTOCOL" will clear the "once" flag
before the main loop starts.  Therefore, later invocations of
the migrate-incoming command will fail with the existing
"The incoming migration has already been started" error message.

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 include/migration/misc.h |  1 -
 migration/migration.c| 33 -
 softmmu/vl.c | 11 +++
 3 files changed, 15 insertions(+), 30 deletions(-)

diff --git a/include/migration/misc.h b/include/migration/misc.h
index 34e7d75713..bccc1b6b44 100644
--- a/include/migration/misc.h
+++ b/include/migration/misc.h
@@ -58,7 +58,6 @@ void dump_vmstate_json_to_file(FILE *out_fp);
 /* migration/migration.c */
 void migration_object_init(void);
 void migration_shutdown(void);
-void qemu_start_incoming_migration(const char *uri, Error **errp);
 bool migration_is_idle(void);
 bool migration_is_active(MigrationState *);
 void add_migration_state_change_notifier(Notifier *notify);
diff --git a/migration/migration.c b/migration/migration.c
index d9e94f4080..e0dbde4091 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -118,8 +118,6 @@
 static NotifierList migration_state_notifiers =
 NOTIFIER_LIST_INITIALIZER(migration_state_notifiers);
 
-static bool deferred_incoming;
-
 /* Messages sent on the return path from destination to source */
 enum mig_rp_message_type {
 MIG_RP_MSG_INVALID = 0,  /* Must be 0 */
@@ -275,19 +273,6 @@ static bool migrate_late_block_activate(void)
 MIGRATION_CAPABILITY_LATE_BLOCK_ACTIVATE];
 }
 
-/*
- * Called on -incoming with a defer: uri.
- * The migration can be started later after any parameters have been
- * changed.
- */
-static void deferred_incoming_migration(Error **errp)
-{
-if (deferred_incoming) {
-error_setg(errp, "Incoming migration already deferred");
-}
-deferred_incoming = true;
-}
-
 /*
  * Send a message on the return channel back to the source
  * of the migration.
@@ -429,16 +414,14 @@ void migrate_add_address(SocketAddress *address)
 addrs->value = QAPI_CLONE(SocketAddress, address);
 }
 
-void qemu_start_incoming_migration(const char *uri, Error **errp)
+static void qemu_start_incoming_migration(const char *uri, Error **errp)
 {
 const char *p = NULL;
 
 qapi_event_send_migration(MIGRATION_STATUS_SETUP);
-if (!strcmp(uri, "defer")) {
-deferred_incoming_migration(errp);
-} else if (strstart(uri, "tcp:", ) ||
-   strstart(uri, "unix:", NULL) ||
-   strstart(uri, "vsock:", NULL)) {
+if (strstart(uri, "tcp:", ) ||
+strstart(uri, "unix:", NULL) ||
+strstart(uri, "vsock:", NULL)) {
 socket_start_incoming_migration(p ? p : uri, errp);
 #ifdef CONFIG_RDMA
 } else if (strstart(uri, "rdma:", )) {
@@ -1988,14 +1971,14 @@ void qmp_migrate_incoming(const char *uri, Error **errp)
 Error *local_err = NULL;
 static bool once = true;
 
-if (!deferred_incoming) {
-error_setg(errp, "For use with '-incoming defer'");
-return;
-}
 if (!once) {
 error_setg(errp, "The incoming migration has already been started");
 return;
 }
+if (!runstate_check(RUN_STATE_INMIGRATE)) {
+error_setg(errp, "'-incoming' was not specified on the command line");
+return;
+}
 
 qemu_start_incoming_migration(uri, _err);
 
diff --git a/softmmu/vl.c b/softmmu/vl.c
index e65eb0c9f2..20dd0cd517 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -109,6 +109,7 @@
 #include "qapi/qapi-visit-block-core.h"
 #include "qapi/qapi-visit-ui.h"
 #include "qapi/qapi-commands-block-core.h"
+#include "qapi/qapi-commands-migration.h"
 #include "qapi/qapi-commands-run-state.h"
 #include "qapi/qapi-commands-ui.h"
 #include "qapi/qmp/qerror.h"
@@ -4556,10 +4557,12 @@ void qemu_init(int argc, char **argv, char **envp)
 }
 if (incoming) {
 Error *local_err = NULL;
-qemu_start_incoming_migration(incoming, _err);
-if (local_err) {
-error_reportf_err(local_err, "-incoming %s: ", incoming);
-exit(1);
+if (strcmp(incoming, "defer") != 0) {
+qmp_migrate_incoming(incoming, _err);
+if (local_err) {
+error_reportf_err(local_err, "-incoming %s: ", incoming);
+exit(1);
+}
 }
 } else if (autostart) {
 vm_start();
-- 
2.26.2

[PULL 082/113] docs: temporarily disable the kernel-doc extension

[Paolo Bonzini]

Preserve bisectability while we update scripts/kernel-doc from Linux.
Without this patch, building with Sphinx 3 would break while we
revert our own Sphinx 3 support and replace it with Linux's.

Suggested-by: Peter Maydell 
Signed-off-by: Paolo Bonzini 
---
 docs/sphinx/kerneldoc.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/docs/sphinx/kerneldoc.py b/docs/sphinx/kerneldoc.py
index 3ac277d162..9124fcbff1 100644
--- a/docs/sphinx/kerneldoc.py
+++ b/docs/sphinx/kerneldoc.py
@@ -75,6 +75,9 @@ class KernelDocDirective(Directive):
 # Tell sphinx of the dependency
 env.note_dependency(os.path.abspath(filename))
 
+# Disabled temporarily while scripts/kernel-doc is updated
+return []
+
 tab_width = self.options.get('tab-width', 
self.state.document.settings.tab_width)
 
 # FIXME: make this nicer and more robust against errors
-- 
2.26.2

[PULL 081/113] config-file: move -set implementation to vl.c

[Paolo Bonzini]

We want to make it independent of QemuOpts.

Signed-off-by: Paolo Bonzini 

Signed-off-by: Paolo Bonzini 
---
 include/qemu/config-file.h |  1 -
 softmmu/vl.c   | 33 +
 util/qemu-config.c | 33 -
 3 files changed, 33 insertions(+), 34 deletions(-)

diff --git a/include/qemu/config-file.h b/include/qemu/config-file.h
index d74f920152..29226107bd 100644
--- a/include/qemu/config-file.h
+++ b/include/qemu/config-file.h
@@ -8,7 +8,6 @@ QemuOpts *qemu_find_opts_singleton(const char *group);
 
 void qemu_add_opts(QemuOptsList *list);
 void qemu_add_drive_opts(QemuOptsList *list);
-int qemu_set_option(const char *str);
 int qemu_global_option(const char *str);
 
 void qemu_config_write(FILE *fp);
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 77ee044c42..7146fbe219 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -2797,6 +2797,39 @@ static int qemu_read_default_config_file(void)
 return 0;
 }
 
+static int qemu_set_option(const char *str)
+{
+Error *local_err = NULL;
+char group[64], id[64], arg[64];
+QemuOptsList *list;
+QemuOpts *opts;
+int rc, offset;
+
+rc = sscanf(str, "%63[^.].%63[^.].%63[^=]%n", group, id, arg, );
+if (rc < 3 || str[offset] != '=') {
+error_report("can't parse: \"%s\"", str);
+return -1;
+}
+
+list = qemu_find_opts(group);
+if (list == NULL) {
+return -1;
+}
+
+opts = qemu_opts_find(list, id);
+if (!opts) {
+error_report("there is no %s \"%s\" defined",
+ list->name, id);
+return -1;
+}
+
+if (!qemu_opt_set(opts, arg, str + offset + 1, _err)) {
+error_report_err(local_err);
+return -1;
+}
+return 0;
+}
+
 static void user_register_global_props(void)
 {
 qemu_opts_foreach(qemu_find_opts("global"),
diff --git a/util/qemu-config.c b/util/qemu-config.c
index 660f47b005..725e3d7e4b 100644
--- a/util/qemu-config.c
+++ b/util/qemu-config.c
@@ -313,39 +313,6 @@ void qemu_add_opts(QemuOptsList *list)
 abort();
 }
 
-int qemu_set_option(const char *str)
-{
-Error *local_err = NULL;
-char group[64], id[64], arg[64];
-QemuOptsList *list;
-QemuOpts *opts;
-int rc, offset;
-
-rc = sscanf(str, "%63[^.].%63[^.].%63[^=]%n", group, id, arg, );
-if (rc < 3 || str[offset] != '=') {
-error_report("can't parse: \"%s\"", str);
-return -1;
-}
-
-list = qemu_find_opts(group);
-if (list == NULL) {
-return -1;
-}
-
-opts = qemu_opts_find(list, id);
-if (!opts) {
-error_report("there is no %s \"%s\" defined",
- list->name, id);
-return -1;
-}
-
-if (!qemu_opt_set(opts, arg, str + offset + 1, _err)) {
-error_report_err(local_err);
-return -1;
-}
-return 0;
-}
-
 struct ConfigWriteData {
 QemuOptsList *list;
 FILE *fp;
-- 
2.26.2

[PULL 113/113] scripts: kernel-doc: remove unnecesssary change wrt Linux

[Paolo Bonzini]

A comment in kernel-doc mentions QEMU's qatomic_set macro, but since
this code originated in Linux we should just revert it and stay as close
to the kernel's copy of the script as possible.

The change was introduced (more or less unintentionally) in QEMU commit
commit d73415a31547, which did a global search-and-replace of QEMU's
atomic access macros.

Suggested-by: Peter Maydell 
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index b95bae3654..4b19851b2d 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1758,7 +1758,7 @@ sub dump_function($$) {
 # If you mess with these regexps, it's a good idea to check that
 # the following functions' documentation still comes out right:
 # - parport_register_device (function pointer parameters)
-# - qatomic_set (macro)
+# - atomic_set (macro)
 # - pci_match_device, __copy_to_user (long return type)
 
 if ($define && $prototype =~ m/^()([a-zA-Z0-9_~:]+)\s+/) {
-- 
2.26.2

[PULL 093/113] kernel-doc: include line numbers for function prototypes

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

This should solve bad error reports like this one:

./include/linux/iio/iio.h:0: WARNING: Unknown target name: "devm".

Signed-off-by: Mauro Carvalho Chehab 
Link: 
https://lore.kernel.org/r/56eed0ba50cd726236acd12b11b55ce54854c5ea.1599660067.git.mchehab+hua...@kernel.org
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-12-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index eb635eb94c..3fd6f3925e 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1624,6 +1624,8 @@ sub dump_function($$) {
 my $file = shift;
 my $noret = 0;
 
+print_lineno($.);
+
 $prototype =~ s/^static +//;
 $prototype =~ s/^extern +//;
 $prototype =~ s/^asmlinkage +//;
-- 
2.26.2

[PULL 109/113] scripts: kernel-doc: fix typedef parsing

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

The include/linux/genalloc.h file defined this typedef:

typedef unsigned long (*genpool_algo_t)(unsigned long *map,unsigned 
long size,unsigned long start,unsigned int nr,void *data, struct gen_pool 
*pool, unsigned long start_addr);

Because it has a type composite of two words (unsigned long),
the parser gets the typedef name wrong:

.. c:macro:: long

   **Typedef**: Allocation callback function type definition

Fix the regex in order to accept composite types when
defining a typedef for a function pointer.

Signed-off-by: Mauro Carvalho Chehab 
Link: 
https://lore.kernel.org/r/328e8018041cc44f7a1684e57f8d111230761c4f.1603792384.git.mchehab+hua...@kernel.org
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-28-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index d3a289628c..862b77686e 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1434,13 +1434,14 @@ sub dump_typedef($$) {
 $x =~ s@/\*.*?\*/@@gos;# strip comments.
 
 # Parse function prototypes
-if ($x =~ /typedef\s+(\w+)\s*\(\*\s*(\w\S+)\s*\)\s*\((.*)\);/ ||
-   $x =~ /typedef\s+(\w+)\s*(\w\S+)\s*\s*\((.*)\);/) {
+if ($x =~ 
/typedef((?:\s+[\w\*]+){1,8})\s*\(\*?\s*(\w\S+)\s*\)\s*\((.*)\);/ ||
+   $x =~ /typedef((?:\s+[\w\*]+\s+){1,8})\s*\*?(\w\S+)\s*\s*\((.*)\);/) {
 
# Function typedefs
$return_type = $1;
$declaration_name = $2;
my $args = $3;
+   $return_type =~ s/^\s+//;
 
create_parameterlist($args, ',', $file, $declaration_name);
 
-- 
2.26.2

[PULL 111/113] scripts: kernel-doc: use :c:union when needed

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

Sphinx C domain code after 3.2.1 will start complaning if :c:struct
would be used for an union type:

.../Documentation/gpu/drm-kms-helpers:352: ../drivers/video/hdmi.c:851: 
WARNING: C 'identifier' cross-reference uses wrong tag: reference name is 
'union hdmi_infoframe' but found name is 'struct hdmi_infoframe'. Full 
reference name is 'union hdmi_infoframe'. Full found name is 'struct 
hdmi_infoframe'.

So, let's address this issue too in advance, in order to
avoid future issues.

Signed-off-by: Mauro Carvalho Chehab 
Link: 
https://lore.kernel.org/r/6e4ec3eec914df62389a299797a3880ae4490f35.1603791716.git.mchehab+hua...@kernel.org
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-30-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index 524fc626ed..b95bae3654 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1092,7 +1092,11 @@ sub output_struct_rst(%) {
print "\n\n.. c:type:: " . $name . "\n\n";
 } else {
my $name = $args{'struct'};
-   print "\n\n.. c:struct:: " . $name . "\n\n";
+   if ($args{'type'} eq 'union') {
+   print "\n\n.. c:union:: " . $name . "\n\n";
+   } else {
+   print "\n\n.. c:struct:: " . $name . "\n\n";
+   }
 }
 print_lineno($declaration_start_line);
 $lineprefix = "   ";
-- 
2.26.2

[PULL 110/113] scripts: kernel-doc: split typedef complex regex

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

The typedef regex for function prototypes are very complex.
Split them into 3 separate regex and then join them using
qr.

Signed-off-by: Mauro Carvalho Chehab 
Link: 
https://lore.kernel.org/r/3a4af999a0d62d4ab9dfae1cdefdfcad93383356.1603792384.git.mchehab+hua...@kernel.org
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-29-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 14 +-
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index 862b77686e..524fc626ed 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1427,17 +1427,21 @@ sub dump_enum($$) {
 }
 }
 
+my $typedef_type = qr { ((?:\s+[\w\*]+){1,8})\s* }x;
+my $typedef_ident = qr { \*?\s*(\w\S+)\s* }x;
+my $typedef_args = qr { \s*\((.*)\); }x;
+
+my $typedef1 = qr { typedef$typedef_type\($typedef_ident\)$typedef_args }x;
+my $typedef2 = qr { typedef$typedef_type$typedef_ident$typedef_args }x;
+
 sub dump_typedef($$) {
 my $x = shift;
 my $file = shift;
 
 $x =~ s@/\*.*?\*/@@gos;# strip comments.
 
-# Parse function prototypes
-if ($x =~ 
/typedef((?:\s+[\w\*]+){1,8})\s*\(\*?\s*(\w\S+)\s*\)\s*\((.*)\);/ ||
-   $x =~ /typedef((?:\s+[\w\*]+\s+){1,8})\s*\*?(\w\S+)\s*\s*\((.*)\);/) {
-
-   # Function typedefs
+# Parse function typedef prototypes
+if ($x =~ $typedef1 || $x =~ $typedef2) {
$return_type = $1;
$declaration_name = $2;
my $args = $3;
-- 
2.26.2

[PATCH 03/15] vl: allow -incoming defer with -preconfig

[Paolo Bonzini]

Now that there is no RUN_STATE_PRECONFIG anymore that can conflict with
RUN_STATE_INMIGRATE, we can allow -incoming defer with -preconfig.

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 softmmu/vl.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index a83e1a..3dfac8299b 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -2986,9 +2986,8 @@ static void qemu_validate_options(void)
  "mutually exclusive");
 exit(EXIT_FAILURE);
 }
-if (incoming && preconfig_requested) {
-error_report("'preconfig' and 'incoming' options are "
- "mutually exclusive");
+if (incoming && preconfig_requested && strcmp(incoming, "defer") != 0) {
+error_report("'preconfig' supports '-incoming defer' only");
 exit(EXIT_FAILURE);
 }
 
-- 
2.26.2

[PATCH 09/15] machine: record whether nvdimm= was set

[Paolo Bonzini]

This is needed for SPAPR which has different defaults than everyone else.
Right now it looks at the -machine QemuOpts, but those will go away.

Signed-off-by: Paolo Bonzini 
---
 hw/core/machine.c   | 1 +
 include/hw/mem/nvdimm.h | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/core/machine.c b/hw/core/machine.c
index 2c0bc15143..94992fa1c0 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -455,6 +455,7 @@ static void machine_set_nvdimm(Object *obj, bool value, 
Error **errp)
 {
 MachineState *ms = MACHINE(obj);
 
+ms->nvdimms_state->has_is_enabled = true;
 ms->nvdimms_state->is_enabled = value;
 }
 
diff --git a/include/hw/mem/nvdimm.h b/include/hw/mem/nvdimm.h
index c699842dd0..14c101c180 100644
--- a/include/hw/mem/nvdimm.h
+++ b/include/hw/mem/nvdimm.h
@@ -129,7 +129,7 @@ typedef struct NvdimmFitBuffer NvdimmFitBuffer;
 
 struct NVDIMMState {
 /* detect if NVDIMM support is enabled. */
-bool is_enabled;
+bool has_is_enabled, is_enabled;
 
 /* the data of the fw_cfg file NVDIMM_DSM_MEM_FILE. */
 GArray *dsm_mem;
-- 
2.26.2

RE: Proposal for a regular upstream performance testing

[Chenqun (kuhn)]

> -Original Message-
> From: Qemu-devel
> [mailto:qemu-devel-bounces+kuhn.chenqun=huawei@nongnu.org] On
> Behalf Of Luká? Doktor
> Sent: Thursday, November 26, 2020 4:10 PM
> To: QEMU Developers 
> Cc: Charles Shih ; Aleksandar Markovic
> ; Stefan Hajnoczi
> 
> Subject: Proposal for a regular upstream performance testing
> 
> Hello guys,
> 
> I had been around qemu on the Avocado-vt side for quite some time and a while
> ago I shifted my focus on performance testing. Currently I am not aware of any
> upstream CI that would continuously monitor the upstream qemu performance
> and I'd like to change that. There is a lot to cover so please bear with me.
> 
> Goal
> 
> 
> The goal of this initiative is to detect system-wide performance regressions 
> as
> well as improvements early, ideally pin-point the individual commits and 
> notify
> people that they should fix things. All in upstream and ideally with least 
> human
> interaction possible.
> 
> Unlike the recent work of Ahmed Karaman's
> https://ahmedkrmn.github.io/TCG-Continuous-Benchmarking/ my aim is on the
> system-wide performance inside the guest (like fio, uperf, ...)
> 
> Tools
> =
> 
> In house we have several different tools used by various teams and I bet there
> are tons of other tools out there that can do that. I can not speak for all 
> teams
> but over the time many teams at Red Hat have come to like pbench
> https://distributed-system-analysis.github.io/pbench/ to run the tests and
> produce machine readable results and use other tools (Ansible, scripts, ...) 
> to
> provision the systems and to generate the comparisons.
> 
> As for myself I used python for PoC and over the last year I pushed hard to 
> turn
> it into a usable and sensible tool which I'd like to offer:
> https://run-perf.readthedocs.io/en/latest/ anyway I am open to suggestions
> and comparisons. As I am using it downstream to watch regressions I do plan
> on keep developing the tool as well as the pipelines (unless a better tool is
> found that would replace it or it's parts).
> 
> How
> ===
> 
> This is a tough question. Ideally this should be a standalone service that 
> would
> only notify the author of the patch that caused the change with a bunch of
> useful data so they can either address the issue or just be aware of this 
> change
> and mark it as expected.
> 
> Ideally the community should have a way to also issue their custom builds in
> order to verify their patches so they can debug and address issues better than
> just commit to qemu-master.
> 
> The problem with those is that we can not simply use travis/gitlab/... 
> machines
> for running those tests, because we are measuring in-guest actual
> performance. We can't just stop the time when the machine decides to
> schedule another container/vm. I briefly checked the public bare-metal
> offerings like rackspace but these are most probably not sufficient either
> because (unless I'm wrong) they only give you a machine but it is not
> guaranteed that it will be the same machine the next time. If we are to
> compare the results we don't need just the same model, we really need the
> very same machine. Any change to the machine might lead to a significant
> difference (disk replacement, even firmware update...).

Hi Lukáš,

  It's nice to see a discussion of QEMU performance topic.
If you have a need for CI platform and physical machine environments, maybe 
compass-ci can help you.

Compass-ci is an open CI platform of the openEuler community and is growing.

Here's a brief reame：
https://gitee.com/wu_fengguang/compass-ci/blob/master/README.en.md


Thanks,
Chen Qun
> 
> Solution 1
> --
> 
> Doing this for downstream builds I can start doing this for upstream as well. 
> At
> this point I can offer a single pipeline watching only changes in qemu
> (downstream we are checking distro/kernel changes as well but that would
> require too much time at this point) on a single x86_64 machine. I can not 
> offer
> a public access to the testing machine, not even checking custom builds 
> (unless
> someone provides me a publicly available machine(s) that I would use for 
> this).
> What I can offer is running the checks on the latest qemu master, publishing
> the reports, bisecting issues and notifying people about the changes. An
> example of a report can be found here:
> https://drive.google.com/file/d/1V2w7QpSuybNusUaGxnyT5zTUvtZDOfsb/view
> ?usp=sharing a documentation of the format is here:
> https://run-perf.readthedocs.io/en/latest/scripts.html#html-results I can also
> attach the raw pbench results if needed (as well as details about the tests 
> that
> were executed and the params and other details).
> 
> Currently the covered scenarios would be a default libvirt machine with qcow2
> storage and tuned libvirt machine (cpus, hugepages, numa, raw disk...) running
> fio, uperf and linpack on the latest GA RHEL. In the future I can add/tweak 
> the
> scenarios as well as tests selection 

[PATCH 13/28] remove -writeconfig

[Paolo Bonzini]

Like -set and -readconfig, it would not really be too hard to
extend -writeconfig to parsing mechanisms other than QemuOpts.
However, the uses of -writeconfig are substantially more
limited, as it is generally easier to write the configuration
by hand in the first place.  In addition, -writeconfig does
not even try to detect cases where it prints incorrect
syntax (for example if values have a quote in them, since
qemu_config_parse does not support any kind of escaping.
Just remove it.

Signed-off-by: Paolo Bonzini 
---
 include/qemu/config-file.h |  1 -
 qemu-options.hx| 13 ++--
 softmmu/vl.c   | 19 -
 util/qemu-config.c | 42 --
 4 files changed, 2 insertions(+), 73 deletions(-)

diff --git a/include/qemu/config-file.h b/include/qemu/config-file.h
index 29226107bd..7d26fe3816 100644
--- a/include/qemu/config-file.h
+++ b/include/qemu/config-file.h
@@ -10,7 +10,6 @@ void qemu_add_opts(QemuOptsList *list);
 void qemu_add_drive_opts(QemuOptsList *list);
 int qemu_global_option(const char *str);
 
-void qemu_config_write(FILE *fp);
 int qemu_config_parse(FILE *fp, QemuOptsList **lists, const char *fname);
 
 int qemu_read_config_file(const char *filename);
diff --git a/qemu-options.hx b/qemu-options.hx
index e60ad42976..408d9c2def 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4278,23 +4278,14 @@ SRST
 ERST
 
 DEF("readconfig", HAS_ARG, QEMU_OPTION_readconfig,
-"-readconfig \n", QEMU_ARCH_ALL)
+"-readconfig \n",
+"read config file\n", QEMU_ARCH_ALL)
 SRST
 ``-readconfig file``
 Read device configuration from file. This approach is useful when
 you want to spawn QEMU process with many command line options but
 you don't want to exceed the command line character limit.
 ERST
-DEF("writeconfig", HAS_ARG, QEMU_OPTION_writeconfig,
-"-writeconfig \n"
-"read/write config file\n", QEMU_ARCH_ALL)
-SRST
-``-writeconfig file``
-Write device configuration to file. The file can be either filename
-to save command line and device configuration into file or dash
-``-``) character to print the output to stdout. This can be later
-used as input file for ``-readconfig`` option.
-ERST
 
 DEF("no-user-config", 0, QEMU_OPTION_nouserconfig,
 "-no-user-config\n"
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 023c16245b..4039bf3a39 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -3309,25 +3309,6 @@ void qemu_init(int argc, char **argv, char **envp)
 }
 display_remote++;
 break;
-case QEMU_OPTION_writeconfig:
-{
-FILE *fp;
-if (strcmp(optarg, "-") == 0) {
-fp = stdout;
-} else {
-fp = fopen(optarg, "w");
-if (fp == NULL) {
-error_report("open %s: %s", optarg,
- strerror(errno));
-exit(1);
-}
-}
-qemu_config_write(fp);
-if (fp != stdout) {
-fclose(fp);
-}
-break;
-}
 case QEMU_OPTION_qtest:
 qtest_chrdev = optarg;
 break;
diff --git a/util/qemu-config.c b/util/qemu-config.c
index 725e3d7e4b..cc5be3c779 100644
--- a/util/qemu-config.c
+++ b/util/qemu-config.c
@@ -313,48 +313,6 @@ void qemu_add_opts(QemuOptsList *list)
 abort();
 }
 
-struct ConfigWriteData {
-QemuOptsList *list;
-FILE *fp;
-};
-
-static int config_write_opt(void *opaque, const char *name, const char *value,
-Error **errp)
-{
-struct ConfigWriteData *data = opaque;
-
-fprintf(data->fp, "  %s = \"%s\"\n", name, value);
-return 0;
-}
-
-static int config_write_opts(void *opaque, QemuOpts *opts, Error **errp)
-{
-struct ConfigWriteData *data = opaque;
-const char *id = qemu_opts_id(opts);
-
-if (id) {
-fprintf(data->fp, "[%s \"%s\"]\n", data->list->name, id);
-} else {
-fprintf(data->fp, "[%s]\n", data->list->name);
-}
-qemu_opt_foreach(opts, config_write_opt, data, NULL);
-fprintf(data->fp, "\n");
-return 0;
-}
-
-void qemu_config_write(FILE *fp)
-{
-struct ConfigWriteData data = { .fp = fp };
-QemuOptsList **lists = vm_config_groups;
-int i;
-
-fprintf(fp, "# qemu config file\n\n");
-for (i = 0; lists[i] != NULL; i++) {
-data.list = lists[i];
-qemu_opts_foreach(data.list, config_write_opts, , NULL);
-}
-}
-
 /* Returns number of config groups on success, -errno on error */
 int qemu_config_parse(FILE *fp, QemuOptsList **lists, const char *fname)
 {
-- 
2.26.2

Re: [PATCH v2] hw/arm/virt enable support for virtio-mem

[Michael S. Tsirkin]

On Wed, Nov 25, 2020 at 02:56:59PM +, Jonathan Cameron wrote:
> Cool.  I'll run a few more comprehensive tests then send out the
> trivial patch to enable the kernel option + v2 of the qemu support.

IIUC there will be another version of this patch, right?

-- 
MST

[PATCH 20/28] qemu-nbd: use keyval for -object parsing

[Paolo Bonzini]

Enable creation of object with non-scalar properties.

Signed-off-by: Paolo Bonzini 
---
 qemu-nbd.c | 42 +-
 1 file changed, 13 insertions(+), 29 deletions(-)

diff --git a/qemu-nbd.c b/qemu-nbd.c
index a7075c5419..b4bd21a21e 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -407,23 +407,6 @@ static QemuOptsList file_opts = {
 },
 };
 
-static QemuOptsList qemu_object_opts = {
-.name = "object",
-.implied_opt_name = "qom-type",
-.head = QTAILQ_HEAD_INITIALIZER(qemu_object_opts.head),
-.desc = {
-{ }
-},
-};
-
-static bool qemu_nbd_object_print_help(const char *type, QemuOpts *opts)
-{
-if (user_creatable_print_help(type, opts)) {
-exit(0);
-}
-return true;
-}
-
 
 static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, bool list,
   Error **errp)
@@ -599,7 +582,6 @@ int main(int argc, char **argv)
 qcrypto_init(_fatal);
 
 module_call_init(MODULE_INIT_QOM);
-qemu_add_opts(_object_opts);
 qemu_add_opts(_trace_opts);
 qemu_init_exec_dir(argv[0]);
 
@@ -752,14 +734,20 @@ int main(int argc, char **argv)
 case '?':
 error_report("Try `%s --help' for more information.", argv[0]);
 exit(EXIT_FAILURE);
-case QEMU_NBD_OPT_OBJECT: {
-QemuOpts *opts;
-opts = qemu_opts_parse_noisily(_object_opts,
-   optarg, true);
-if (!opts) {
-exit(EXIT_FAILURE);
+case QEMU_NBD_OPT_OBJECT:
+{
+QDict *args;
+bool help;
+
+args = keyval_parse(optarg, "qom-type", , _fatal);
+if (help) {
+user_creatable_print_help_from_qdict(args);
+exit(EXIT_SUCCESS);
+}
+user_creatable_add_dict(args, true, _fatal);
+qobject_unref(args);
+break;
 }
-}   break;
 case QEMU_NBD_OPT_TLSCREDS:
 tlscredsid = optarg;
 break;
@@ -807,10 +795,6 @@ int main(int argc, char **argv)
 export_name = "";
 }
 
-qemu_opts_foreach(_object_opts,
-  user_creatable_add_opts_foreach,
-  qemu_nbd_object_print_help, _fatal);
-
 if (!trace_init_backends()) {
 exit(1);
 }
-- 
2.26.2

Re: [PATCH 00/18] qapi/qom: QAPIfy object-add

[Kevin Wolf]

Am 01.12.2020 um 22:23 hat Paolo Bonzini geschrieben:
> On 01/12/20 20:35, Kevin Wolf wrote:
> > Am 01.12.2020 um 18:16 hat Paolo Bonzini geschrieben:
> > I don't think this is actually a new things. We already have types and
> > commands declared with things like 'if': 'defined(TARGET_S390X)'.
> > As far as I understand, QAPI generated files are already built per
> > target, so not compiling things into all binaries should be entirely
> > possible.
> 
> There is some complication due to having different discriminators per
> target.  So yes it should be possible.

We have conditional union variants in existing code, too.

> But probably best left after objects because it's so much bigger a
> task and because objects have a bit more freedom for experimentation
> (less ties to other qdev-specific concepts, e.g.  the magic "bus"
> property).

Yes, I would like to get user creatable objects to a state that we
like and only then start converting other object types. I feel user
creatable objects are a nice set of types that aren't so trivial that
major problems could go unnoticed, but still a managable enough number
that it doesn't matter much if we take one or two extra steps until we
find our preferred shape.

> > So maybe only the abstract base class that actually defines the machine
> > properties (like generic-pc-machine) should be described in QAPI, and
> > then the concrete machine types would inherit from it without being
> > described in QAPI themselves?
> 
> Yes, maybe.
> 
> > > 1) whether to generate _all_ boilerplate or only properties
> > 
> > I would like to generate as much boilerplate as possible. That is, I
> > don't want to constrain us to only properties, but at the same time, I'm
> > not sure if it's possible to get rid of all boilerplate.
> > 
> > Basically, the vision I have in mind is that QAPI would generate code
> > that is the same for most instances, and then provide an option that
> > prevents code generation for a specific part for more complicated cases,
> > so that the respective function can (and must) be provided in the C
> > source.
> 
> Ok, so that's a bit different from what I am thinking of.  I don't
> care very much about the internal boilerplate, only the external
> interface for configuration.  So I don't care about type registration,
> dynamic cast macros etc., only essentially the part that leads to
> ucc->complete.

Once QAPI knows about the class hierarchy you get the internal
boilerplate generation almost for free, so I'm not sure why we would
pass on it. But I agree it's not critical to have it.

> > > 2) whether we want to introduce a separation between configuration
> > > schema and run-time state
> > 
> > You mean the internal run-time state? How is this separation not already
> > present with getter/setter functions for each property? In many cases
> > they just directly access the run-time state, but there are other cases
> > where they actually do things.
> 
> I mean moving more towards the blockdev/chardev way of doing things,
> increasing the separation very much by having separate configuration
> structs that have (potentially) no link to the run-time state struct.

I'm not sure, I'm seeing pros and contras. Also, to be honest, I'm
quite certain that the blockdev/chardev way is accidental rather than
the result of a careful design process.

Having to copy every option from the separate configuration into the
run-time state is somewhat inconvenient. On the other hand, it ensures
that every option is touched in the initialisation function, which
probably increases chances that it's checked for validity.

The separation might have made the kind of bugs more obvious where
property setters just change the configuration without actually applying
the updated value.

I guess we might end up with a mixed model where configuration is
separated into a different struct (the ObjectOptions branches), but
still kept around for the lifetime of the object so that qom-get can
keep working.

> > > 3) in the latter case, whether properties will survive at all---iothread 
> > > and
> > > throttle-groups don't really need them even if they're writable after
> > > creation.
> > 
> > How do you define properties, i.e. at which point would they stop
> > existing and what would be a non-property alternative?
> 
> Properties are only a useful concept if they have a use.  If
> -object/object_add/object-add can do the same job without properties,
> properties are not needed anymore.

Yes, I think object creation doesn't need properties. But no, that
doesn't automatically make them useless because of property updates
later on. If you want to get fully rid of them, you need a replacement
for the latter.

But you're right that I would like to make property setters only about
runtime changes (i.e. changes after creation) rather than part of the
creation itself. When they have only one job to do, it's more likely
that they actually implement something working for it.

I guess fully getting 

Re: [PATCH v3 4/6] linux-user/elfload: Introduce MIPS GET_FEATURE_REG_EQU() macro

[Philippe Mathieu-Daudé]

On 12/2/20 12:15 AM, Richard Henderson wrote:
> On 12/1/20 1:28 PM, Philippe Mathieu-Daudé wrote:
>> ISA features are usually denoted in read-only bits from
>> CPU registers. Add the GET_FEATURE_REG_EQU() macro which
>> checks if a CPU register has bits set to a specific value.
>>
>> Use the macro to check the 'Architecture Revision' level
>> of the Config0 register, which is '2' when the Release 6
>> ISA is implemented.
>>
>> Signed-off-by: Philippe Mathieu-Daudé 
>> ---
>>  linux-user/elfload.c | 11 ++-
>>  1 file changed, 10 insertions(+), 1 deletion(-)
>>
>> diff --git a/linux-user/elfload.c b/linux-user/elfload.c
>> index b7c6d30723a..9c475fa5f70 100644
>> --- a/linux-user/elfload.c
>> +++ b/linux-user/elfload.c
>> @@ -7,6 +7,7 @@
>>  
>>  #include "qemu.h"
>>  #include "disas/disas.h"
>> +#include "qemu/bitops.h"
>>  #include "qemu/path.h"
>>  #include "qemu/queue.h"
>>  #include "qemu/guest-random.h"
>> @@ -995,17 +996,25 @@ enum {
>>  #define GET_FEATURE_REG_SET(_reg, _mask, _hwcap) \
>>  do { if (cpu->env._reg & (_mask)) { hwcaps |= _hwcap; } } while (0)
>>  
>> +#define GET_FEATURE_REG_EQU(_reg, _start, _length, _val, _hwcap) \
>> +do { \
>> +if (extract32(cpu->env._reg, (_start), (_length)) == (_val)) { \
>> +hwcaps |= _hwcap; \
>> +} \
>> +} while (0)
>> +
>>  static uint32_t get_elf_hwcap(void)
>>  {
>>  MIPSCPU *cpu = MIPS_CPU(thread_cpu);
>>  uint32_t hwcaps = 0;
>>  
>> -GET_FEATURE_INSN(ISA_MIPS32R6 | ISA_MIPS64R6, HWCAP_MIPS_R6);
>> +GET_FEATURE_REG_EQU(CP0_Config0, CP0C0_AR, 3, 2, HWCAP_MIPS_R6);
> 
> You still get the magic 3.

TBH:

$ wc -l target/mips/cpu.h
1323 target/mips/cpu.h
$ egrep _MASK target/mips/cpu.h | wc -l
19

And mask definitions are not useful to use with extract/deposit:

$ egrep _MASK target/mips/cpu.h
#define MSACSR_FS_MASK  (1 << MSACSR_FS)
#define MSACSR_NX_MASK  (1 << MSACSR_NX)
#define MSACSR_CEF_MASK (0x << MSACSR_CEF)
#define MSACSR_RM_MASK  (0x3 << MSACSR_RM)
#define CP0PM_MASK 13
#define CP0SC_PA_MASK   (0x7FULL << CP0SC_PA)
#define CP0SC_AM_MASK   (0x7ULL << CP0SC_AM)
#define CP0SC_EU_MASK   (1ULL << CP0SC_EU)
#define CP0SC_C_MASK(0x7ULL << CP0SC_C)
...

If you rather I can amend this snippet:

-- >8 --
diff --git a/target/mips/cpu.h b/target/mips/cpu.h
index 23f8c6f96cd..2639b0ea06c 100644
--- a/target/mips/cpu.h
+++ b/target/mips/cpu.h
@@ -844,6 +844,7 @@ struct CPUMIPSState {
 #define CP0C0_MT   7 /*  9..7  */
 #define CP0C0_VI   3
 #define CP0C0_K0   0 /*  2..0  */
+#define CP0C0_AR_LENGTH 3
 int32_t CP0_Config1;
 #define CP0C1_M31
 #define CP0C1_MMU  25/* 30..25 */
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 5a39a7dc021..a64050713f2 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1021,7 +1021,8 @@ static uint32_t get_elf_hwcap(void)
 MIPSCPU *cpu = MIPS_CPU(thread_cpu);
 uint32_t hwcaps = 0;

-GET_FEATURE_REG_EQU(CP0_Config0, CP0C0_AR, 3, 2, HWCAP_MIPS_R6);
+GET_FEATURE_REG_EQU(CP0_Config0, CP0C0_AR, CP0C0_AR_LENGTH,
+2, HWCAP_MIPS_R6);
 GET_FEATURE_REG_SET(CP0_Config3, 1 << CP0C3_MSAP, HWCAP_MIPS_MSA);
 GET_FEATURE_INSN(ASE_LMMI, HWCAP_LOONGSON_MMI);
 GET_FEATURE_INSN(ASE_LEXT, HWCAP_LOONGSON_EXT);
---

> This is where hw/registerfields.h would come in handy.  But that is certainly 
> a
> large change to mips' cpu.h.  So I guess this is good enough for now.

Yes, that is my preference too, and I plan to get there eventually
(this is on my TODO list). But from here to there is a long way...

First I'd get rid of the cpu->env.insn_flags duplications.

> Reviewed-by: Richard Henderson 

Thanks!

Phil.

Re: [PATCH v6] hw/i386/pc: add max combined fw size as machine configuration option

[Michael S. Tsirkin]

Could you help by rebasing this on master? Shouldn't be hard ...
Thanks!

Re: [PATCH v2 01/27] migration: Network Failover can't work with a paused guest

[Daniel P . Berrangé]

On Wed, Dec 02, 2020 at 05:13:18AM -0500, Michael S. Tsirkin wrote:
> On Wed, Nov 18, 2020 at 09:37:22AM +0100, Juan Quintela wrote:
> > If we have a paused guest, it can't unplug the network VF device, so
> > we wait there forever.  Just change the code to give one error on that
> > case.
> > 
> > Signed-off-by: Juan Quintela 
> 
> It's certainly possible but it's management that created
> this situation after all - why do we bother to enforce
> a policy? It is possible that management will unpause immediately
> afterwards and everything will proceed smoothly.
> 
> Yes migration will not happen until guest is
> unpaused but the same it true of e.g. a guest that is stuck
> because of a bug.

That's pretty different behaviour from how migration normally handles
a paused guest, which is that it is guaranteed to complete the migration
in as short a time as network bandwidth allows.

Just ignoring the situation I think will lead to surprise apps / admins,
because the person/entity invoking the migration is not likely to have
checked wether this particular guest uses net failover or not before
invoking - they'll just be expecting a paused migration to run fast and
be guaranteed to complete.

Regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH v2 01/27] migration: Network Failover can't work with a paused guest

[Daniel P . Berrangé]

On Wed, Dec 02, 2020 at 11:51:05AM +0100, Juan Quintela wrote:
> "Michael S. Tsirkin"  wrote:
> > On Wed, Dec 02, 2020 at 05:31:53AM -0500, Michael S. Tsirkin wrote:
> >> On Wed, Dec 02, 2020 at 10:27:18AM +, Daniel P. Berrangé wrote:
> >> > On Wed, Dec 02, 2020 at 05:13:18AM -0500, Michael S. Tsirkin wrote:
> >> > > On Wed, Nov 18, 2020 at 09:37:22AM +0100, Juan Quintela wrote:
> >> > > > If we have a paused guest, it can't unplug the network VF device, so
> >> > > > we wait there forever.  Just change the code to give one error on 
> >> > > > that
> >> > > > case.
> >> > > > 
> >> > > > Signed-off-by: Juan Quintela 
> >> > > 
> >> > > It's certainly possible but it's management that created
> >> > > this situation after all - why do we bother to enforce
> >> > > a policy? It is possible that management will unpause immediately
> >> > > afterwards and everything will proceed smoothly.
> >> > > 
> >> > > Yes migration will not happen until guest is
> >> > > unpaused but the same it true of e.g. a guest that is stuck
> >> > > because of a bug.
> >> > 
> >> > That's pretty different behaviour from how migration normally handles
> >> > a paused guest, which is that it is guaranteed to complete the migration
> >> > in as short a time as network bandwidth allows.
> >> > 
> >> > Just ignoring the situation I think will lead to surprise apps / admins,
> >> > because the person/entity invoking the migration is not likely to have
> >> > checked wether this particular guest uses net failover or not before
> >> > invoking - they'll just be expecting a paused migration to run fast and
> >> > be guaranteed to complete.
> >> > 
> >> > Regards,
> >> > Daniel
> >> 
> >> Okay I guess. But then shouldn't we handle the reverse situation too:
> >> pausing guest after migration started but before device was
> >> unplugged?
> >> 
> >
> > Thinking of which, I have no idea how we'd handle it - fail
> > pausing guest until migration is cancelled?
> >
> > All this seems heavy handed to me ...
> 
> This is the minimal fix that I can think of.
> 
> Further solution would be:
> - Add a new migration parameter: migrate-paused
> - change libvirt to use the new parameter if it exist
> - in qemu, when we do start migration (but after we wait for the unplug
>   device) paused the guest before starting migration and resume it after
>   migration finish.

It would also have to handle issuing of paused after migration has
been started - delay the pause request until the nuplug is complete
is one answer.
 
> My understanding talking with Laine is that they use this functionality
> by default for migration, saving, etc, i.e. it is not an isolated case.

Yep,  save-to-disk always runs in the paused state, and migration is
also paused by default unless the mgmt app explicitl asks for live
migration.

Regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH RFC] vfio: Move the saving of the config space to the right place in VFIO migration

[Dr. David Alan Gilbert]

* Shenming Lu (lushenm...@huawei.com) wrote:
> Hi,
> 
> After reading everyone's opinions, we have a rough idea for this issue.
> 
> One key point is whether it is necessary to setup the config space before
> the device can accept further migration data. I think it is decided by
> the vendor driver, so we can simply ask the vendor driver about it in
> .save_setup, which could avoid a lot of unnecessary copies and settings.
> Once we have known the need, we can iterate the config space (before)
> along with the device migration data in .save_live_iterate and
> .save_live_complete_precopy, and if not needed, we can only migrate the
> config space in .save_state.
> 
> Another key point is that the interrupt enabling should be after the
> restoring of the interrupt controller (might not only interrupts).
> My solution is to add a subflag at the beginning of the config data
> (right after VFIO_MIG_FLAG_DEV_CONFIG_STATE) to indicate the triggered
> actions on the dst (such as whether to enable interrupts).
> 
> Below is it's workflow.
> 
> On the save path:
>   In vfio_save_setup():
>   Ask the vendor driver if it needs the config space setup before it
>   can accept further migration data.

You could argue that you could always send an initial copy of the config
data at the start; and then send new versions at the end anyway.
But is this just about interrupts? Is the dst going to interpret the
received migration data differently depending on the config data?  That
would seem dangerous if the config data was to change during the
migration.

Dave

>   |
>   In vfio_save_iterate() (pre-copy):
>   If *needed*, save the config space which would be setup on the dst
>   before the migration data, but send with a subflag to instruct not
>   to (such as) enable interrupts.
>   |
>   In vfio_save_complete_precopy() (stop-and-copy, iterable process):
>   The same as that in vfio_save_iterate().
>   |
>   In .save_state (stop-and-copy, non-iterable process):
>   If *needed*, only send a subflag to instruct to enable interrupts.
>   If *not needed*, save the config space and setup everything on the dst.
> 
> Besides the above idea, we might be able to choose to let the vendor driver do
> more: qemu just sends and writes the config data (before) along with the 
> device
> migration data every time, and it's up to the vendor driver to filter 
> out/buffer
> the received data or reorder the settings...
> 
> Thanks,
> Shenming
> 
-- 
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK

[PULL 0/6] pc,vhost: fixes

[Michael S. Tsirkin]

Patch 5 gave me pause but we do need patch 6 as
it's a guest triggerable assert, and it seemed
cleaner to just take the whole patchset than cherry-pick.

The following changes since commit d73c46e4a84e47ffc61b8bf7c378b1383e7316b5:

  Update version for v5.2.0-rc4 release (2020-12-01 16:21:01 +)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/virt/kvm/mst/qemu.git tags/for_upstream

for you to fetch changes up to a451089140c7b167661d0a23190e6d8bd7eae48d:

  memory: Skip bad range assertion if notifier is DEVIOTLB_UNMAP type 
(2020-12-02 05:14:29 -0500)


pc,vhost: fixes

A couple of last minute bugfixes.

Signed-off-by: Michael S. Tsirkin 


Alex Chen (1):
  vhost-user-scsi: Fix memleaks in vus_proc_req()

Eugenio Pérez (5):
  memory: Rename memory_region_notify_one to memory_region_notify_iommu_one
  memory: Add IOMMUTLBEvent
  memory: Add IOMMU_NOTIFIER_DEVIOTLB_UNMAP IOMMUTLBNotificationType
  intel_iommu: Skip page walking on device iotlb invalidations
  memory: Skip bad range assertion if notifier is DEVIOTLB_UNMAP type

 include/exec/memory.h | 40 --
 contrib/vhost-user-scsi/vhost-user-scsi.c |  3 +-
 hw/arm/smmu-common.c  | 13 +++--
 hw/arm/smmuv3.c   | 13 +++--
 hw/i386/intel_iommu.c | 92 ++-
 hw/misc/tz-mpc.c  | 32 ++-
 hw/ppc/spapr_iommu.c  | 15 ++---
 hw/s390x/s390-pci-inst.c  | 27 +
 hw/virtio/vhost.c |  2 +-
 hw/virtio/virtio-iommu.c  | 30 +-
 softmmu/memory.c  | 29 ++
 11 files changed, 167 insertions(+), 129 deletions(-)

[PULL 6/6] memory: Skip bad range assertion if notifier is DEVIOTLB_UNMAP type

[Michael S. Tsirkin]

From: Eugenio Pérez 

Device IOTLB invalidations can unmap arbitrary ranges, eiter outside of
the memory region or even [0, ~0ULL] for all the space. The assertion
could be hit by a guest, and rhel7 guest effectively hit it.

Signed-off-by: Eugenio Pérez 
Reviewed-by: Peter Xu 
Reviewed-by: Juan Quintela 
Acked-by: Jason Wang 
Message-Id: <20201116165506.31315-6-epere...@redhat.com>
Reviewed-by: Michael S. Tsirkin 
Signed-off-by: Michael S. Tsirkin 
---
 softmmu/memory.c | 11 +--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/softmmu/memory.c b/softmmu/memory.c
index 6ca87e8d73..22bacbbc78 100644
--- a/softmmu/memory.c
+++ b/softmmu/memory.c
@@ -1947,6 +1947,7 @@ void memory_region_notify_iommu_one(IOMMUNotifier 
*notifier,
 {
 IOMMUTLBEntry *entry = >entry;
 hwaddr entry_end = entry->iova + entry->addr_mask;
+IOMMUTLBEntry tmp = *entry;
 
 if (event->type == IOMMU_NOTIFIER_UNMAP) {
 assert(entry->perm == IOMMU_NONE);
@@ -1960,10 +1961,16 @@ void memory_region_notify_iommu_one(IOMMUNotifier 
*notifier,
 return;
 }
 
-assert(entry->iova >= notifier->start && entry_end <= notifier->end);
+if (notifier->notifier_flags & IOMMU_NOTIFIER_DEVIOTLB_UNMAP) {
+/* Crop (iova, addr_mask) to range */
+tmp.iova = MAX(tmp.iova, notifier->start);
+tmp.addr_mask = MIN(entry_end, notifier->end) - tmp.iova;
+} else {
+assert(entry->iova >= notifier->start && entry_end <= notifier->end);
+}
 
 if (event->type & notifier->notifier_flags) {
-notifier->notify(notifier, entry);
+notifier->notify(notifier, );
 }
 }
 
-- 
MST

Re: check-tcg errors (build-user, build-user-plugins) again

[Alex Bennée]

Claudio Fontana  writes:

> Hi Alex and all,
>
> when trying to use check-tcg (master), I am getting often these errors:
>
> $ ../configure --disable-system --disable-tools
>
> $ make -j12 check-tcg
>
> ERRO[] cannot find mappings for user claudio: No subgid ranges found for 
> group "claudio" in /etc/subgid 
> ERRO[] cannot find mappings for user claudio: No subgid ranges found for 
> group "claudio" in /etc/subgid 
> ERRO[] cannot find mappings for user claudio: No subgid ranges found for 
> group "claudio" in /etc/subgid 
> Trying to pull registry.gitlab.com/qemu-project/qemu/qemu/debian11...
> Trying to pull registry.gitlab.com/qemu-project/qemu/qemu/fedora-cris-cross...
> Trying to pull registry.gitlab.com/qemu-project/qemu/qemu/debian10...
> ERRO[] cannot find mappings for user claudio: No subgid ranges found for 
> group "claudio" in /etc/subgid 
>
> [...]
>   TESTlinux-test on x86_64
> timeout: failed to run command 
> ‘/home/claudio/git/qemu/build/qemu-x86_64’timeout: : No such file or 
> directoryfailed to run command ‘/home/claudio/git/qemu/build/qemu-x86_64’
>
> [...]
>
>
> Is there some pre-configuration on the host necessary to be able to
> run check-tcg?

There shouldn't be but those errors remind me of some of the tweaks I
had to make to me Gentoo system when using podman (instead of docker).
In the end I think I just ended up adding the lines:
  
  alex:10:65536

to /etc/subgid and /etc/subgid-

Marc-André may have some better pointers as he added podman support to
the builder scripts.

The main difference between the images on the registry and the local
versions is most add the current user so there is a clean mapping
between the container user and the host file-system. It's the last step
of the build so we still use the cached layers from the registry
versions.

> I see these errors in gitlab also for
>
> build-user
> build-user-plugin
>
> Maybe this is what Philippe mentioned before though, that this is
> expected at the moment due to a temporary Meson shortcoming?

That is odd - I'm not seeing anything like that on the master builds:

  https://gitlab.com/qemu-project/qemu/-/jobs/883985106
  https://gitlab.com/qemu-project/qemu/-/jobs/883985113

AFAIK GitLab is still using Docker to build it's containers (albeit with
BUILDKIT enabled).
  
>
> Ciao,
>
> Claudio


-- 
Alex Bennée

Re: [PATCH v2 01/27] migration: Network Failover can't work with a paused guest

[Daniel P . Berrangé]

On Wed, Dec 02, 2020 at 06:37:46AM -0500, Michael S. Tsirkin wrote:
> On Wed, Dec 02, 2020 at 11:26:39AM +, Daniel P. Berrangé wrote:
> > On Wed, Dec 02, 2020 at 06:19:29AM -0500, Michael S. Tsirkin wrote:
> > > On Wed, Dec 02, 2020 at 10:55:15AM +, Daniel P. Berrangé wrote:
> > > > On Wed, Dec 02, 2020 at 11:51:05AM +0100, Juan Quintela wrote:
> > > > > "Michael S. Tsirkin"  wrote:
> > > > > > On Wed, Dec 02, 2020 at 05:31:53AM -0500, Michael S. Tsirkin wrote:
> > > > > >> On Wed, Dec 02, 2020 at 10:27:18AM +, Daniel P. Berrangé 
> > > > > >> wrote:
> > > > > >> > On Wed, Dec 02, 2020 at 05:13:18AM -0500, Michael S. Tsirkin 
> > > > > >> > wrote:
> > > > > >> > > On Wed, Nov 18, 2020 at 09:37:22AM +0100, Juan Quintela wrote:
> > > > > >> > > > If we have a paused guest, it can't unplug the network VF 
> > > > > >> > > > device, so
> > > > > >> > > > we wait there forever.  Just change the code to give one 
> > > > > >> > > > error on that
> > > > > >> > > > case.
> > > > > >> > > > 
> > > > > >> > > > Signed-off-by: Juan Quintela 
> > > > > >> > > 
> > > > > >> > > It's certainly possible but it's management that created
> > > > > >> > > this situation after all - why do we bother to enforce
> > > > > >> > > a policy? It is possible that management will unpause 
> > > > > >> > > immediately
> > > > > >> > > afterwards and everything will proceed smoothly.
> > > > > >> > > 
> > > > > >> > > Yes migration will not happen until guest is
> > > > > >> > > unpaused but the same it true of e.g. a guest that is stuck
> > > > > >> > > because of a bug.
> > > > > >> > 
> > > > > >> > That's pretty different behaviour from how migration normally 
> > > > > >> > handles
> > > > > >> > a paused guest, which is that it is guaranteed to complete the 
> > > > > >> > migration
> > > > > >> > in as short a time as network bandwidth allows.
> > > > > >> > 
> > > > > >> > Just ignoring the situation I think will lead to surprise apps / 
> > > > > >> > admins,
> > > > > >> > because the person/entity invoking the migration is not likely 
> > > > > >> > to have
> > > > > >> > checked wether this particular guest uses net failover or not 
> > > > > >> > before
> > > > > >> > invoking - they'll just be expecting a paused migration to run 
> > > > > >> > fast and
> > > > > >> > be guaranteed to complete.
> > > > > >> > 
> > > > > >> > Regards,
> > > > > >> > Daniel
> > > > > >> 
> > > > > >> Okay I guess. But then shouldn't we handle the reverse situation 
> > > > > >> too:
> > > > > >> pausing guest after migration started but before device was
> > > > > >> unplugged?
> > > > > >> 
> > > > > >
> > > > > > Thinking of which, I have no idea how we'd handle it - fail
> > > > > > pausing guest until migration is cancelled?
> > > > > >
> > > > > > All this seems heavy handed to me ...
> > > > > 
> > > > > This is the minimal fix that I can think of.
> > > > > 
> > > > > Further solution would be:
> > > > > - Add a new migration parameter: migrate-paused
> > > > > - change libvirt to use the new parameter if it exist
> > > > > - in qemu, when we do start migration (but after we wait for the 
> > > > > unplug
> > > > >   device) paused the guest before starting migration and resume it 
> > > > > after
> > > > >   migration finish.
> > > > 
> > > > It would also have to handle issuing of paused after migration has
> > > > been started - delay the pause request until the nuplug is complete
> > > > is one answer.
> > > 
> > > Hmm my worry would be that pausing is one way to give cpu
> > > resources back to host. It's problematic if guest can delay
> > > that indefinitely.
> > 
> > hmm, yes, that is awkward.  Perhaps we should just report an explicit
> > error then.
> 
> Report an error in response to which command? Do you mean
> fail migration?

If mgt attempt to pause an existing migration that hasn't finished
the PCI unplug stage, then fail the pause request.

> 
> > In normal cases this won't happen, as unplug will have
> > easily completed before the mgmt app pauses the running migration.
> > In broken/malicious guest cases, this at least ives mgmt a heads up
> > that something is wrong and they might then decide to cancel the
> > migration.

Regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH] accel/tcg: Remove deprecated '-tb-size' option

[Ján Tomko]

On a Wednesday in 2020, Philippe Mathieu-Daudé wrote:

The '-tb-size' option (replaced by '-accel tcg,tb-size') is
deprecated since 5.0 (commit fe174132478). Remove it.

Signed-off-by: Philippe Mathieu-Daudé 
---
docs/system/deprecated.rst | 12 +---
accel/tcg/translate-all.c  |  2 +-
softmmu/vl.c   |  8 
qemu-options.hx|  8 
4 files changed, 6 insertions(+), 24 deletions(-)



Reviewed-by: Ján Tomko 

Jano


signature.asc
Description: PGP signature

Re: [PATCH 05/23] tests/docker: remove travis container

[Thomas Huth]

On 01/12/2020 18.18, Daniel P. Berrangé wrote:
> The travis container that we have no longer matches what travis
> currently uses. As all x86 jobs are being moved to GitLab CI too,
> there is no compelling reason to update the travis container. It
> is simpler to just remove it.
> 
> Signed-off-by: Daniel P. Berrangé 
> ---
>  tests/docker/dockerfiles/travis.docker | 17 --
>  tests/docker/travis| 22 
>  tests/docker/travis.py | 47 --
>  3 files changed, 86 deletions(-)
>  delete mode 100644 tests/docker/dockerfiles/travis.docker
>  delete mode 100755 tests/docker/travis
>  delete mode 100755 tests/docker/travis.py

Reviewed-by: Thomas Huth 

[Bug 1906463] Re: "-device help" does not report all devices

[Thomas Huth]

This works as intended, see Markus' reply here:
https://lists.gnu.org/archive/html/qemu-devel/2020-12/msg00337.html


** Changed in: qemu
   Status: New => Invalid

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1906463

Title:
  "-device help" does not report all devices

Status in QEMU:
  Invalid

Bug description:
  -device help doesn't report all devices.
  E.g., devices that are instantiated by a board don't get printed in part 
because they don't exist when "-device help" is processed. As an experiment I 
deferred processing of "-device help" as long as possible and some devices were 
still not printed, so there's more going on here.

  QEMU commit hash: 944fdc5e27a5b5adbb765891e8e70e88ba9a00ec

  Repro:
  $ configure --target-list=arm-softmmu
  $ make
  $ ./qemu-system-arm -device help | grep npcm7xx
  

  I'd expect to see things like npcm7xx-rng in the output.

  I can imagine enumerating board-provided devices is a challenge.
  Still, it'd be really nice if "-device help" printed them, and having
  "-device $driver,help" work as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1906463/+subscriptions

[PULL 003/113] target/i386: seg_helper: Correct segement selector nullification in the RET/IRET helper

[Paolo Bonzini]

From: Bin Meng 

Per the SDM, when returning to outer privilege level, for segment
registers (ES, FS, GS, and DS) if the check fails, the segment
selector becomes null, but QEMU clears the base/limit/flags as well
as nullifying the segment selector, which should be a spec violation.

Real hardware seems to be compliant with the spec, at least on one
Coffee Lake board I tested.

Signed-off-by: Bin Meng 

Message-Id: <1605261378-77971-1-git-send-email-bmeng...@gmail.com>
Signed-off-by: Paolo Bonzini 
---
 target/i386/seg_helper.c | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/target/i386/seg_helper.c b/target/i386/seg_helper.c
index 09b6554660..e6ffa1f018 100644
--- a/target/i386/seg_helper.c
+++ b/target/i386/seg_helper.c
@@ -2108,7 +2108,10 @@ static inline void validate_seg(CPUX86State *env, int 
seg_reg, int cpl)
 if (!(e2 & DESC_CS_MASK) || !(e2 & DESC_C_MASK)) {
 /* data or non conforming code segment */
 if (dpl < cpl) {
-cpu_x86_load_seg_cache(env, seg_reg, 0, 0, 0, 0);
+cpu_x86_load_seg_cache(env, seg_reg, 0,
+   env->segs[seg_reg].base,
+   env->segs[seg_reg].limit,
+   env->segs[seg_reg].flags & ~DESC_P_MASK);
 }
 }
 }
-- 
2.26.2

[PULL 017/113] hw/ssi: Rename SSI 'slave' as 'peripheral'

[Paolo Bonzini]

From: Philippe Mathieu-Daudé 

In order to use inclusive terminology, rename SSI 'slave' as
'peripheral', following the specification resolution:
https://www.oshwa.org/a-resolution-to-redefine-spi-signal-names/

Patch created mechanically using:

  $ sed -i s/SSISlave/SSIPeripheral/ $(git grep -l SSISlave)
  $ sed -i s/SSI_SLAVE/SSI_PERIPHERAL/ $(git grep -l SSI_SLAVE)
  $ sed -i s/ssi-slave/ssi-peripheral/ $(git grep -l ssi-slave)
  $ sed -i s/ssi_slave/ssi_peripheral/ $(git grep -l ssi_slave)
  $ sed -i s/ssi_create_slave/ssi_create_peripheral/ \
$(git grep -l ssi_create_slave)

Then in VMStateDescription vmstate_ssi_peripheral we restored
the "SSISlave" migration stream name (to avoid breaking migration).

Finally the following files have been manually tweaked:
 - hw/ssi/pl022.c
 - hw/ssi/xilinx_spips.c

Suggested-by: Paolo Bonzini 
Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20201012124955.3409127-4-f4...@amsat.org>
Signed-off-by: Paolo Bonzini 
---
 hw/arm/spitz.c| 32 +-
 hw/arm/stellaris.c|  4 ++--
 hw/arm/tosa.c | 12 +-
 hw/arm/z2.c   | 14 ++--
 hw/block/m25p80.c | 14 ++--
 hw/display/ads7846.c  | 12 +-
 hw/display/ssd0323.c  | 12 +-
 hw/misc/max111x.c | 18 +++
 hw/sd/ssi-sd.c| 12 +-
 hw/ssi/pl022.c|  2 +-
 hw/ssi/ssi.c  | 48 +++
 hw/ssi/xilinx_spips.c |  7 +++---
 include/hw/misc/max111x.h |  2 +-
 include/hw/ssi/ssi.h  | 46 ++---
 14 files changed, 118 insertions(+), 117 deletions(-)

diff --git a/hw/arm/spitz.c b/hw/arm/spitz.c
index 772662f149..6b3bf9828b 100644
--- a/hw/arm/spitz.c
+++ b/hw/arm/spitz.c
@@ -578,7 +578,7 @@ static void spitz_keyboard_realize(DeviceState *dev, Error 
**errp)
 OBJECT_DECLARE_SIMPLE_TYPE(SpitzLCDTG, SPITZ_LCDTG)
 
 struct SpitzLCDTG {
-SSISlave ssidev;
+SSIPeripheral ssidev;
 uint32_t bl_intensity;
 uint32_t bl_power;
 };
@@ -612,7 +612,7 @@ static inline void spitz_bl_power(void *opaque, int line, 
int level)
 spitz_bl_update(s);
 }
 
-static uint32_t spitz_lcdtg_transfer(SSISlave *dev, uint32_t value)
+static uint32_t spitz_lcdtg_transfer(SSIPeripheral *dev, uint32_t value)
 {
 SpitzLCDTG *s = SPITZ_LCDTG(dev);
 int addr;
@@ -641,7 +641,7 @@ static uint32_t spitz_lcdtg_transfer(SSISlave *dev, 
uint32_t value)
 return 0;
 }
 
-static void spitz_lcdtg_realize(SSISlave *ssi, Error **errp)
+static void spitz_lcdtg_realize(SSIPeripheral *ssi, Error **errp)
 {
 SpitzLCDTG *s = SPITZ_LCDTG(ssi);
 DeviceState *dev = DEVICE(s);
@@ -667,12 +667,12 @@ OBJECT_DECLARE_SIMPLE_TYPE(CorgiSSPState, CORGI_SSP)
 
 /* "Demux" the signal based on current chipselect */
 struct CorgiSSPState {
-SSISlave ssidev;
+SSIPeripheral ssidev;
 SSIBus *bus[3];
 uint32_t enable[3];
 };
 
-static uint32_t corgi_ssp_transfer(SSISlave *dev, uint32_t value)
+static uint32_t corgi_ssp_transfer(SSIPeripheral *dev, uint32_t value)
 {
 CorgiSSPState *s = CORGI_SSP(dev);
 int i;
@@ -700,7 +700,7 @@ static void corgi_ssp_gpio_cs(void *opaque, int line, int 
level)
 #define SPITZ_BATTERY_VOLT  0xd0/* About 4.0V */
 #define SPITZ_CHARGEON_ACIN 0x80/* About 5.0V */
 
-static void corgi_ssp_realize(SSISlave *d, Error **errp)
+static void corgi_ssp_realize(SSIPeripheral *d, Error **errp)
 {
 DeviceState *dev = DEVICE(d);
 CorgiSSPState *s = CORGI_SSP(d);
@@ -715,14 +715,14 @@ static void spitz_ssp_attach(SpitzMachineState *sms)
 {
 void *bus;
 
-sms->mux = ssi_create_slave(sms->mpu->ssp[CORGI_SSP_PORT - 1],
-TYPE_CORGI_SSP);
+sms->mux = ssi_create_peripheral(sms->mpu->ssp[CORGI_SSP_PORT - 1],
+ TYPE_CORGI_SSP);
 
 bus = qdev_get_child_bus(sms->mux, "ssi0");
-sms->lcdtg = ssi_create_slave(bus, TYPE_SPITZ_LCDTG);
+sms->lcdtg = ssi_create_peripheral(bus, TYPE_SPITZ_LCDTG);
 
 bus = qdev_get_child_bus(sms->mux, "ssi1");
-sms->ads7846 = ssi_create_slave(bus, "ads7846");
+sms->ads7846 = ssi_create_peripheral(bus, "ads7846");
 qdev_connect_gpio_out(sms->ads7846, 0,
   qdev_get_gpio_in(sms->mpu->gpio, SPITZ_GPIO_TP_INT));
 
@@ -1204,7 +1204,7 @@ static const VMStateDescription vmstate_corgi_ssp_regs = {
 .version_id = 2,
 .minimum_version_id = 2,
 .fields = (VMStateField[]) {
-VMSTATE_SSI_SLAVE(ssidev, CorgiSSPState),
+VMSTATE_SSI_PERIPHERAL(ssidev, CorgiSSPState),
 VMSTATE_UINT32_ARRAY(enable, CorgiSSPState, 3),
 VMSTATE_END_OF_LIST(),
 }
@@ -1213,7 +1213,7 @@ static const VMStateDescription vmstate_corgi_ssp_regs = {
 static void corgi_ssp_class_init(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
-SSISlaveClass *k = 

[PULL 015/113] hw/ssi/aspeed_smc: Rename 'max_slaves' variable as 'max_peripherals'

[Paolo Bonzini]

From: Philippe Mathieu-Daudé 

In order to use inclusive terminology, rename max_slaves
as max_peripherals.

Patch generated using:

  $ sed -i s/slave/peripheral/ \
hw/ssi/aspeed_smc.c include/hw/ssi/aspeed_smc.h

One line in aspeed_smc_read() has been manually tweaked
to pass checkpatch.

Reviewed-by: Thomas Huth 
Reviewed-by: Cédric Le Goater 
Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20201012124955.3409127-2-f4...@amsat.org>
Signed-off-by: Paolo Bonzini 
---
 hw/ssi/aspeed_smc.c | 53 +++--
 include/hw/ssi/aspeed_smc.h |  2 +-
 2 files changed, 28 insertions(+), 27 deletions(-)

diff --git a/hw/ssi/aspeed_smc.c b/hw/ssi/aspeed_smc.c
index 795784e5f3..2780cac71d 100644
--- a/hw/ssi/aspeed_smc.c
+++ b/hw/ssi/aspeed_smc.c
@@ -181,7 +181,7 @@
 #define SNOOP_START   0x0
 
 /*
- * Default segments mapping addresses and size for each slave per
+ * Default segments mapping addresses and size for each peripheral per
  * controller. These can be changed when board is initialized with the
  * Segment Address Registers.
  */
@@ -259,7 +259,7 @@ static const AspeedSMCController controllers[] = {
 .r_timings = R_TIMINGS,
 .nregs_timings = 1,
 .conf_enable_w0= CONF_ENABLE_W0,
-.max_slaves= 1,
+.max_peripherals   = 1,
 .segments  = aspeed_segments_legacy,
 .flash_window_base = ASPEED_SOC_SMC_FLASH_BASE,
 .flash_window_size = 0x600,
@@ -275,7 +275,7 @@ static const AspeedSMCController controllers[] = {
 .r_timings = R_TIMINGS,
 .nregs_timings = 1,
 .conf_enable_w0= CONF_ENABLE_W0,
-.max_slaves= 5,
+.max_peripherals   = 5,
 .segments  = aspeed_segments_fmc,
 .flash_window_base = ASPEED_SOC_FMC_FLASH_BASE,
 .flash_window_size = 0x1000,
@@ -293,7 +293,7 @@ static const AspeedSMCController controllers[] = {
 .r_timings = R_SPI_TIMINGS,
 .nregs_timings = 1,
 .conf_enable_w0= SPI_CONF_ENABLE_W0,
-.max_slaves= 1,
+.max_peripherals   = 1,
 .segments  = aspeed_segments_spi,
 .flash_window_base = ASPEED_SOC_SPI_FLASH_BASE,
 .flash_window_size = 0x1000,
@@ -309,7 +309,7 @@ static const AspeedSMCController controllers[] = {
 .r_timings = R_TIMINGS,
 .nregs_timings = 1,
 .conf_enable_w0= CONF_ENABLE_W0,
-.max_slaves= 3,
+.max_peripherals   = 3,
 .segments  = aspeed_segments_ast2500_fmc,
 .flash_window_base = ASPEED_SOC_FMC_FLASH_BASE,
 .flash_window_size = 0x1000,
@@ -327,7 +327,7 @@ static const AspeedSMCController controllers[] = {
 .r_timings = R_TIMINGS,
 .nregs_timings = 1,
 .conf_enable_w0= CONF_ENABLE_W0,
-.max_slaves= 2,
+.max_peripherals   = 2,
 .segments  = aspeed_segments_ast2500_spi1,
 .flash_window_base = ASPEED_SOC_SPI_FLASH_BASE,
 .flash_window_size = 0x800,
@@ -343,7 +343,7 @@ static const AspeedSMCController controllers[] = {
 .r_timings = R_TIMINGS,
 .nregs_timings = 1,
 .conf_enable_w0= CONF_ENABLE_W0,
-.max_slaves= 2,
+.max_peripherals   = 2,
 .segments  = aspeed_segments_ast2500_spi2,
 .flash_window_base = ASPEED_SOC_SPI2_FLASH_BASE,
 .flash_window_size = 0x800,
@@ -359,7 +359,7 @@ static const AspeedSMCController controllers[] = {
 .r_timings = R_TIMINGS,
 .nregs_timings = 1,
 .conf_enable_w0= CONF_ENABLE_W0,
-.max_slaves= 3,
+.max_peripherals   = 3,
 .segments  = aspeed_segments_ast2600_fmc,
 .flash_window_base = ASPEED26_SOC_FMC_FLASH_BASE,
 .flash_window_size = 0x1000,
@@ -377,7 +377,7 @@ static const AspeedSMCController controllers[] = {
 .r_timings = R_TIMINGS,
 .nregs_timings = 2,
 .conf_enable_w0= CONF_ENABLE_W0,
-.max_slaves= 2,
+.max_peripherals   = 2,
 .segments  = aspeed_segments_ast2600_spi1,
 .flash_window_base = ASPEED26_SOC_SPI_FLASH_BASE,
 .flash_window_size = 0x1000,
@@ -395,7 +395,7 @@ static const AspeedSMCController controllers[] = {
 .r_timings = R_TIMINGS,
 .nregs_timings = 3,
 .conf_enable_w0= CONF_ENABLE_W0,
-.max_slaves= 3,
+.max_peripherals   = 3,
 .segments  = aspeed_segments_ast2600_spi2,
 .flash_window_base = ASPEED26_SOC_SPI2_FLASH_BASE,
 .flash_window_size = 0x1000,
@@ -410,7 +410,7 @@ static const AspeedSMCController controllers[] = {
 
 /*
  * The Segment Registers of the AST2400 and AST2500 have a 8MB
- * unit. The address range of a 

[PULL 035/113] vl: remove bios_name

[Paolo Bonzini]

bios_name was a legacy variable used by machine code, but it is
no more.

Signed-off-by: Paolo Bonzini 
Reviewed-by: Alex Bennée 
Message-Id: <20201026143028.3034018-16-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 include/sysemu/sysemu.h | 1 -
 softmmu/vl.c| 2 --
 2 files changed, 3 deletions(-)

diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index 817ff4cf75..1336b4264a 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -8,7 +8,6 @@
 
 /* vl.c */
 
-extern const char *bios_name;
 extern int only_migratable;
 extern const char *qemu_name;
 extern QemuUUID qemu_uuid;
diff --git a/softmmu/vl.c b/softmmu/vl.c
index bbe65d3742..2b82e6f5cd 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -119,7 +119,6 @@
 
 static const char *data_dir[16];
 static int data_dir_idx;
-const char *bios_name = NULL;
 enum vga_retrace_method vga_retrace_method = VGA_RETRACE_DUMB;
 int display_opengl;
 const char* keyboard_layout = NULL;
@@ -4212,7 +4211,6 @@ void qemu_init(int argc, char **argv, char **envp)
 kernel_filename = qemu_opt_get(machine_opts, "kernel");
 initrd_filename = qemu_opt_get(machine_opts, "initrd");
 kernel_cmdline = qemu_opt_get(machine_opts, "append");
-bios_name = qemu_opt_get(machine_opts, "firmware");
 
 opts = qemu_opts_find(qemu_find_opts("boot-opts"), NULL);
 if (opts) {
-- 
2.26.2

[PULL 059/113] vl: preconfig and loadvm are mutually exclusive

[Paolo Bonzini]

Just like -incoming.  Later we will add support for "-incoming defer
-preconfig", because there are cases (Xen, block layer) that want
to look at RUNSTATE_INMIGRATE.  -loadvm will remain mutually exclusive
with preconfig; the plan is to just do loadvm in the monitor, since
the user is already going to interact with it for preconfiguration.

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 softmmu/vl.c | 7 ++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index 71b5263d05..98994e10fa 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -124,6 +124,7 @@ static const char *mem_path;
 static const char *boot_order;
 static const char *boot_once;
 static const char *incoming;
+static const char *loadvm;
 enum vga_retrace_method vga_retrace_method = VGA_RETRACE_DUMB;
 int display_opengl;
 const char* keyboard_layout = NULL;
@@ -2894,6 +2895,11 @@ static void qemu_validate_options(void)
   }
 }
 
+if (loadvm && !preconfig_exit_requested) {
+error_report("'preconfig' and 'loadvm' options are "
+ "mutually exclusive");
+exit(EXIT_FAILURE);
+}
 if (incoming && !preconfig_exit_requested) {
 error_report("'preconfig' and 'incoming' options are "
  "mutually exclusive");
@@ -3176,7 +3182,6 @@ void qemu_init(int argc, char **argv, char **envp)
 QemuOptsList *olist;
 int optind;
 const char *optarg;
-const char *loadvm = NULL;
 MachineClass *machine_class;
 const char *vga_model = NULL;
 bool userconfig = true;
-- 
2.26.2

[PULL 039/113] i386: do not use ram_size global

[Paolo Bonzini]

Use the loader parameters instead.

Signed-off-by: Paolo Bonzini 
---
 hw/i386/fw_cfg.c  | 2 +-
 hw/i386/vmport.c  | 3 ++-
 hw/i386/xen/xen-hvm.c | 2 +-
 hw/intc/apic_common.c | 3 ++-
 hw/smbios/smbios.c| 8 
 5 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/hw/i386/fw_cfg.c b/hw/i386/fw_cfg.c
index e06579490c..b87f0e5070 100644
--- a/hw/i386/fw_cfg.c
+++ b/hw/i386/fw_cfg.c
@@ -118,7 +118,7 @@ FWCfgState *fw_cfg_arch_create(MachineState *ms,
  * "etc/max-cpus" actually being apic_id_limit
  */
 fw_cfg_add_i16(fw_cfg, FW_CFG_MAX_CPUS, apic_id_limit);
-fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)ram_size);
+fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, ms->ram_size);
 #ifdef CONFIG_ACPI
 fw_cfg_add_bytes(fw_cfg, FW_CFG_ACPI_TABLES,
  acpi_tables, acpi_tables_len);
diff --git a/hw/i386/vmport.c b/hw/i386/vmport.c
index 20d605506b..490a57f52c 100644
--- a/hw/i386/vmport.c
+++ b/hw/i386/vmport.c
@@ -32,6 +32,7 @@
 #include "hw/isa/isa.h"
 #include "hw/i386/vmport.h"
 #include "hw/qdev-properties.h"
+#include "hw/boards.h"
 #include "sysemu/sysemu.h"
 #include "sysemu/hw_accel.h"
 #include "sysemu/qtest.h"
@@ -188,7 +189,7 @@ static uint32_t vmport_cmd_ram_size(void *opaque, uint32_t 
addr)
 return -1;
 }
 cpu->env.regs[R_EBX] = 0x1177;
-return ram_size;
+return current_machine->ram_size;
 }
 
 static uint32_t vmport_cmd_get_hz(void *opaque, uint32_t addr)
diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c
index 9519c33c09..096c46fef1 100644
--- a/hw/i386/xen/xen-hvm.c
+++ b/hw/i386/xen/xen-hvm.c
@@ -1493,7 +1493,7 @@ void xen_hvm_init_pc(PCMachineState *pcms, MemoryRegion 
**ram_memory)
 #else
 xen_map_cache_init(NULL, state);
 #endif
-xen_ram_init(pcms, ram_size, ram_memory);
+xen_ram_init(pcms, ms->ram_size, ram_memory);
 
 qemu_add_vm_change_state_handler(xen_hvm_change_state_handler, state);
 
diff --git a/hw/intc/apic_common.c b/hw/intc/apic_common.c
index 502e94effc..97dd96dffa 100644
--- a/hw/intc/apic_common.c
+++ b/hw/intc/apic_common.c
@@ -27,6 +27,7 @@
 #include "hw/i386/apic.h"
 #include "hw/i386/apic_internal.h"
 #include "trace.h"
+#include "hw/boards.h"
 #include "sysemu/hax.h"
 #include "sysemu/kvm.h"
 #include "hw/qdev-properties.h"
@@ -297,7 +298,7 @@ static void apic_common_realize(DeviceState *dev, Error 
**errp)
 
 /* Note: We need at least 1M to map the VAPIC option ROM */
 if (!vapic && s->vapic_control & VAPIC_ENABLE_MASK &&
-!hax_enabled() && ram_size >= 1024 * 1024) {
+!hax_enabled() && current_machine->ram_size >= 1024 * 1024) {
 vapic = sysbus_create_simple("kvmvapic", -1, NULL);
 }
 s->vapic = vapic;
diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c
index 6a3d39793b..f22c4f5b73 100644
--- a/hw/smbios/smbios.c
+++ b/hw/smbios/smbios.c
@@ -678,13 +678,13 @@ static void smbios_build_type_16_table(unsigned dimm_cnt)
 t->location = 0x01; /* Other */
 t->use = 0x03; /* System memory */
 t->error_correction = 0x06; /* Multi-bit ECC (for Microsoft, per SeaBIOS) 
*/
-size_kb = QEMU_ALIGN_UP(ram_size, KiB) / KiB;
+size_kb = QEMU_ALIGN_UP(current_machine->ram_size, KiB) / KiB;
 if (size_kb < MAX_T16_STD_SZ) {
 t->maximum_capacity = cpu_to_le32(size_kb);
 t->extended_maximum_capacity = cpu_to_le64(0);
 } else {
 t->maximum_capacity = cpu_to_le32(MAX_T16_STD_SZ);
-t->extended_maximum_capacity = cpu_to_le64(ram_size);
+t->extended_maximum_capacity = cpu_to_le64(current_machine->ram_size);
 }
 t->memory_error_information_handle = cpu_to_le16(0xFFFE); /* Not provided 
*/
 t->number_of_memory_devices = cpu_to_le16(dimm_cnt);
@@ -911,9 +911,9 @@ void smbios_get_tables(MachineState *ms,
 
 #define MAX_DIMM_SZ (16 * GiB)
 #define GET_DIMM_SZ ((i < dimm_cnt - 1) ? MAX_DIMM_SZ \
-: ((ram_size - 1) % MAX_DIMM_SZ) + 1)
+: ((current_machine->ram_size - 1) % 
MAX_DIMM_SZ) + 1)
 
-dimm_cnt = QEMU_ALIGN_UP(ram_size, MAX_DIMM_SZ) / MAX_DIMM_SZ;
+dimm_cnt = QEMU_ALIGN_UP(current_machine->ram_size, MAX_DIMM_SZ) / 
MAX_DIMM_SZ;
 
 smbios_build_type_16_table(dimm_cnt);
 
-- 
2.26.2

[PULL 049/113] make ram_size local to vl.c

[Paolo Bonzini]

Use the machine properties for the leftovers too.

Signed-off-by: Paolo Bonzini 
---
 hw/core/generic-loader.c   |  3 ++-
 hw/core/numa.c | 10 +-
 hw/virtio/virtio-balloon.c |  3 ++-
 include/exec/cpu-common.h  |  2 --
 monitor/qmp-cmds.c |  3 ++-
 softmmu/vl.c   |  2 +-
 6 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/hw/core/generic-loader.c b/hw/core/generic-loader.c
index a242c076f6..2b2a7b5e9a 100644
--- a/hw/core/generic-loader.c
+++ b/hw/core/generic-loader.c
@@ -35,6 +35,7 @@
 #include "hw/sysbus.h"
 #include "sysemu/dma.h"
 #include "sysemu/reset.h"
+#include "hw/boards.h"
 #include "hw/loader.h"
 #include "hw/qdev-properties.h"
 #include "qapi/error.h"
@@ -154,7 +155,7 @@ static void generic_loader_realize(DeviceState *dev, Error 
**errp)
 
 if (size < 0 || s->force_raw) {
 /* Default to the maximum size being the machine's ram size */
-size = load_image_targphys_as(s->file, s->addr, ram_size, as);
+size = load_image_targphys_as(s->file, s->addr, 
current_machine->ram_size, as);
 } else {
 s->addr = entry;
 }
diff --git a/hw/core/numa.c b/hw/core/numa.c
index 7c4dd4e68e..68cee65f61 100644
--- a/hw/core/numa.c
+++ b/hw/core/numa.c
@@ -642,7 +642,7 @@ void numa_complete_configuration(MachineState *ms)
 
 /*
  * If memory hotplug is enabled (slot > 0) or memory devices are enabled
- * (ms->maxram_size > ram_size) but without '-numa' options explicitly on
+ * (ms->maxram_size > ms->ram_size) but without '-numa' options explicitly 
on
  * CLI, guests will break.
  *
  *   Windows: won't enable memory hotplug without SRAT table at all
@@ -663,7 +663,7 @@ void numa_complete_configuration(MachineState *ms)
  mc->auto_enable_numa)) {
 NumaNodeOptions node = { };
 parse_numa_node(ms, , _abort);
-numa_info[0].node_mem = ram_size;
+numa_info[0].node_mem = ms->ram_size;
 }
 
 assert(max_numa_nodeid <= MAX_NODES);
@@ -687,10 +687,10 @@ void numa_complete_configuration(MachineState *ms)
 for (i = 0; i < ms->numa_state->num_nodes; i++) {
 numa_total += numa_info[i].node_mem;
 }
-if (numa_total != ram_size) {
+if (numa_total != ms->ram_size) {
 error_report("total memory for NUMA nodes (0x%" PRIx64 ")"
  " should equal RAM size (0x" RAM_ADDR_FMT ")",
- numa_total, ram_size);
+ numa_total, ms->ram_size);
 exit(1);
 }
 
@@ -702,7 +702,7 @@ void numa_complete_configuration(MachineState *ms)
 }
 ms->ram = g_new(MemoryRegion, 1);
 memory_region_init(ms->ram, OBJECT(ms), mc->default_ram_id,
-   ram_size);
+   ms->ram_size);
 numa_init_memdev_container(ms, ms->ram);
 }
 /* QEMU needs at least all unique node pair distances to build
diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c
index b22b5beda3..e83017c02d 100644
--- a/hw/virtio/virtio-balloon.c
+++ b/hw/virtio/virtio-balloon.c
@@ -20,6 +20,7 @@
 #include "hw/virtio/virtio.h"
 #include "hw/mem/pc-dimm.h"
 #include "hw/qdev-properties.h"
+#include "hw/boards.h"
 #include "sysemu/balloon.h"
 #include "hw/virtio/virtio-balloon.h"
 #include "exec/address-spaces.h"
@@ -748,7 +749,7 @@ static int build_dimm_list(Object *obj, void *opaque)
 static ram_addr_t get_current_ram_size(void)
 {
 GSList *list = NULL, *item;
-ram_addr_t size = ram_size;
+ram_addr_t size = current_machine->ram_size;
 
 build_dimm_list(qdev_get_machine(), );
 for (item = list; item; item = g_slist_next(item)) {
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index 19805ed6db..bd5e15dd7d 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -42,8 +42,6 @@ typedef uintptr_t ram_addr_t;
 #  define RAM_ADDR_FMT "%" PRIxPTR
 #endif
 
-extern ram_addr_t ram_size;
-
 /* memory API */
 
 void qemu_ram_remap(ram_addr_t addr, ram_addr_t length);
diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
index a08143b323..6299c0c8c7 100644
--- a/monitor/qmp-cmds.c
+++ b/monitor/qmp-cmds.c
@@ -392,8 +392,9 @@ ACPIOSTInfoList *qmp_query_acpi_ospm_status(Error **errp)
 MemoryInfo *qmp_query_memory_size_summary(Error **errp)
 {
 MemoryInfo *mem_info = g_malloc0(sizeof(MemoryInfo));
+MachineState *ms = MACHINE(qdev_get_machine());
 
-mem_info->base_memory = ram_size;
+mem_info->base_memory = ms->ram_size;
 
 mem_info->plugged_memory = get_plugged_memory_size();
 mem_info->has_plugged_memory =
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 2b82e6f5cd..3819a4abf2 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -122,7 +122,7 @@ static int data_dir_idx;
 enum vga_retrace_method vga_retrace_method = VGA_RETRACE_DUMB;
 int display_opengl;
 const 

[PULL 086/113] scripts: kernel-doc: proper handle @foo->bar()

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

The pattern @foo->bar() is valid, as it can be used by a
function pointer inside a struct passed as a parameter.

Right now, it causes a warning:

./drivers/firewire/core-transaction.c:606: WARNING: Inline strong 
start-string without end-string.

In this specific case, the kernel-doc markup is:

/**
 * fw_core_remove_address_handler() - unregister an address handler
 * @handler: callback
 *
 * To be called in process context.
 *
 * When fw_core_remove_address_handler() returns, @handler->callback() 
is
 * guaranteed to not run on any CPU anymore.
 */

With seems valid on my eyes. So, instead of trying to hack
the kernel-doc markup, let's teach it about how to handle
such things. This should likely remove lots of other similar
warnings as well.

Signed-off-by: Mauro Carvalho Chehab 
Link: 
https://lore.kernel.org/r/48b46426d7bf6ff7529f20e5718fbf4e9758e62c.1586881715.git.mchehab+hua...@kernel.org
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-5-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index 0f67664165..99530fb08b 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -216,6 +216,7 @@ my $type_constant2 = '\%([-_\w]+)';
 my $type_func = '(\w+)\(\)';
 my $type_param = '\@(\w*((\.\w+)|(->\w+))*(\.\.\.)?)';
 my $type_fp_param = '\@(\w+)\(\)';  # Special RST handling for func ptr params
+my $type_fp_param2 = '\@(\w+->\S+)\(\)';  # Special RST handling for structs 
with func ptr params
 my $type_env = '(\$\w+)';
 my $type_enum = '#(enum\s*([_\w]+))';
 my $type_struct = '#(struct\s*([_\w]+))';
@@ -251,6 +252,7 @@ my @highlights_rst = (
[$type_member_func, "\\:c\\:type\\:`\$1\$2\$3() 
<\$1>`"],
[$type_member, "\\:c\\:type\\:`\$1\$2\$3 <\$1>`"],
   [$type_fp_param, "**\$1()**"],
+  [$type_fp_param2, "**\$1()**"],
[$type_func, "\$1()"],
[$type_enum, "\\:c\\:type\\:`\$1 <\$2>`"],
[$type_struct, "\\:c\\:type\\:`\$1 <\$2>`"],
-- 
2.26.2

[PATCH 05/15] vl: extract softmmu/globals.c

[Paolo Bonzini]

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 hw/core/machine.c |  2 ++
 include/exec/cpu-common.h |  3 ++
 include/exec/exec-all.h   |  3 --
 softmmu/globals.c | 74 +++
 softmmu/meson.build   |  1 +
 softmmu/vl.c  | 45 ++--
 6 files changed, 83 insertions(+), 45 deletions(-)
 create mode 100644 softmmu/globals.c

diff --git a/hw/core/machine.c b/hw/core/machine.c
index 745531c9d9..5659b1f49c 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -213,6 +213,8 @@ GlobalProperty hw_compat_2_1[] = {
 };
 const size_t hw_compat_2_1_len = G_N_ELEMENTS(hw_compat_2_1);
 
+MachineState *current_machine;
+
 static char *machine_get_kernel(Object *obj, Error **errp)
 {
 MachineState *ms = MACHINE(obj);
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index bd5e15dd7d..5a0a2d93e0 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -105,4 +105,7 @@ int ram_block_discard_range(RAMBlock *rb, uint64_t start, 
size_t length);
 
 #endif
 
+/* vl.c */
+extern int singlestep;
+
 #endif /* CPU_COMMON_H */
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 94fe05daaa..fab573da06 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -676,7 +676,4 @@ hwaddr memory_region_section_get_iotlb(CPUState *cpu,
MemoryRegionSection *section);
 #endif
 
-/* vl.c */
-extern int singlestep;
-
 #endif
diff --git a/softmmu/globals.c b/softmmu/globals.c
new file mode 100644
index 00..e62d9cd8da
--- /dev/null
+++ b/softmmu/globals.c
@@ -0,0 +1,74 @@
+/*
+ * Global variables that (mostly) should not exist
+ *
+ * Copyright (c) 2003-2020 QEMU contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to 
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "exec/cpu-common.h"
+#include "hw/display/vga.h"
+#include "hw/i386/pc.h"
+#include "hw/i386/x86.h"
+#include "hw/loader.h"
+#include "hw/xen/xen.h"
+#include "net/net.h"
+#include "sysemu/cpus.h"
+#include "sysemu/sysemu.h"
+
+enum vga_retrace_method vga_retrace_method = VGA_RETRACE_DUMB;
+int display_opengl;
+const char* keyboard_layout;
+bool enable_mlock;
+bool enable_cpu_pm;
+int nb_nics;
+NICInfo nd_table[MAX_NICS];
+int autostart = 1;
+int vga_interface_type = VGA_NONE;
+Chardev *parallel_hds[MAX_PARALLEL_PORTS];
+int win2k_install_hack;
+int singlestep;
+int fd_bootchk = 1;
+int no_reboot;
+int no_shutdown;
+int graphic_rotate;
+QEMUOptionRom option_rom[MAX_OPTION_ROMS];
+int nb_option_roms;
+int old_param;
+const char *qemu_name;
+int alt_grab;
+int ctrl_grab;
+unsigned int nb_prom_envs;
+const char *prom_envs[MAX_PROM_ENVS];
+int boot_menu;
+bool boot_strict;
+uint8_t *boot_splash_filedata;
+int only_migratable; /* turn it off unless user states otherwise */
+int icount_align_option;
+
+/* The bytes in qemu_uuid are in the order specified by RFC4122, _not_ in the
+ * little-endian "wire format" described in the SMBIOS 2.6 specification.
+ */
+QemuUUID qemu_uuid;
+bool qemu_uuid_set;
+
+uint32_t xen_domid;
+enum xen_mode xen_mode = XEN_EMULATE;
+bool xen_domid_restrict;
diff --git a/softmmu/meson.build b/softmmu/meson.build
index 2a73ebc223..e5865b97cb 100644
--- a/softmmu/meson.build
+++ b/softmmu/meson.build
@@ -4,6 +4,7 @@ specific_ss.add(when: 'CONFIG_SOFTMMU', if_true: [files(
   'cpus.c',
   'cpu-throttle.c',
   'datadir.c',
+  'globals.c',
   'physmem.c',
   'ioport.c',
   'rtc.c',
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 6282ae2101..685d92df5d 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -26,6 +26,7 @@
 #include "qemu-common.h"
 #include "qemu/datadir.h"
 #include "qemu/units.h"
+#include "exec/cpu-common.h"
 #include "hw/boards.h"
 #include "hw/qdev-properties.h"
 #include "qapi/error.h"
@@ -67,6 +68,8 @@
 #include "qemu/log.h"
 #include "sysemu/blockdev.h"
 #include "hw/block/block.h"
+#include "hw/i386/x86.h"
+#include 

[PULL 108/113] Revert "kernel-doc: Handle function typedefs that return pointers"

[Paolo Bonzini]

This reverts commit 19ab6044be0c55d529e875e3ee16fdd5c3b54d33.
We will replace the commit with the fix from Linux.

Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-27-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index 780aee4e92..d3a289628c 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1434,8 +1434,8 @@ sub dump_typedef($$) {
 $x =~ s@/\*.*?\*/@@gos;# strip comments.
 
 # Parse function prototypes
-if ($x =~ /typedef\s+(\w+\s*\**)\s*\(\*\s*(\w\S+)\s*\)\s*\((.*)\);/ ||
-   $x =~ /typedef\s+(\w+\s*\**)\s*(\w\S+)\s*\s*\((.*)\);/) {
+if ($x =~ /typedef\s+(\w+)\s*\(\*\s*(\w\S+)\s*\)\s*\((.*)\);/ ||
+   $x =~ /typedef\s+(\w+)\s*(\w\S+)\s*\s*\((.*)\);/) {
 
# Function typedefs
$return_type = $1;
-- 
2.26.2

[PATCH 04/15] vl: extract softmmu/runstate.c

[Paolo Bonzini]

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 include/sysemu/sysemu.h |   3 +
 softmmu/meson.build |   1 +
 softmmu/runstate.c  | 800 
 softmmu/vl.c| 752 +
 4 files changed, 805 insertions(+), 751 deletions(-)
 create mode 100644 softmmu/runstate.c

diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index 29c32f9851..0e7b405d22 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -24,6 +24,8 @@ void qemu_remove_machine_init_done_notifier(Notifier *notify);
 
 void configure_rtc(QemuOpts *opts);
 
+void qemu_init_subsystems(void);
+
 extern int autostart;
 
 typedef enum {
@@ -44,6 +46,7 @@ extern int alt_grab;
 extern int ctrl_grab;
 extern int graphic_rotate;
 extern int no_shutdown;
+extern int no_reboot;
 extern int old_param;
 extern int boot_menu;
 extern bool boot_strict;
diff --git a/softmmu/meson.build b/softmmu/meson.build
index d098d89653..2a73ebc223 100644
--- a/softmmu/meson.build
+++ b/softmmu/meson.build
@@ -7,6 +7,7 @@ specific_ss.add(when: 'CONFIG_SOFTMMU', if_true: [files(
   'physmem.c',
   'ioport.c',
   'rtc.c',
+  'runstate.c',
   'memory.c',
   'memory_mapping.c',
   'qtest.c',
diff --git a/softmmu/runstate.c b/softmmu/runstate.c
new file mode 100644
index 00..892f2f679f
--- /dev/null
+++ b/softmmu/runstate.c
@@ -0,0 +1,800 @@
+/*
+ * QEMU main system emulation loop
+ *
+ * Copyright (c) 2003-2020 QEMU contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to 
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "audio/audio.h"
+#include "block/block.h"
+#include "chardev/char.h"
+#include "crypto/cipher.h"
+#include "crypto/init.h"
+#include "exec/cpu-common.h"
+#include "exec/exec-all.h"
+#include "exec/gdbstub.h"
+#include "hw/boards.h"
+#include "migration/misc.h"
+#include "migration/postcopy-ram.h"
+#include "monitor/monitor.h"
+#include "net/net.h"
+#include "net/vhost_net.h"
+#include "qapi/error.h"
+#include "qapi/qapi-commands-run-state.h"
+#include "qapi/qapi-events-run-state.h"
+#include "qemu-common.h"
+#include "qemu/error-report.h"
+#include "qemu/job.h"
+#include "qemu/module.h"
+#include "qemu/plugin.h"
+#include "qemu/sockets.h"
+#include "qemu/thread.h"
+#include "qom/object.h"
+#include "qom/object_interfaces.h"
+#include "sysemu/cpus.h"
+#include "sysemu/qtest.h"
+#include "sysemu/replay.h"
+#include "sysemu/reset.h"
+#include "sysemu/runstate.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/tpm.h"
+#include "trace.h"
+
+static NotifierList exit_notifiers =
+NOTIFIER_LIST_INITIALIZER(exit_notifiers);
+
+static RunState current_run_state = RUN_STATE_PRELAUNCH;
+
+/* We use RUN_STATE__MAX but any invalid value will do */
+static RunState vmstop_requested = RUN_STATE__MAX;
+static QemuMutex vmstop_lock;
+
+typedef struct {
+RunState from;
+RunState to;
+} RunStateTransition;
+
+static const RunStateTransition runstate_transitions_def[] = {
+{ RUN_STATE_PRELAUNCH, RUN_STATE_INMIGRATE },
+
+{ RUN_STATE_DEBUG, RUN_STATE_RUNNING },
+{ RUN_STATE_DEBUG, RUN_STATE_FINISH_MIGRATE },
+{ RUN_STATE_DEBUG, RUN_STATE_PRELAUNCH },
+
+{ RUN_STATE_INMIGRATE, RUN_STATE_INTERNAL_ERROR },
+{ RUN_STATE_INMIGRATE, RUN_STATE_IO_ERROR },
+{ RUN_STATE_INMIGRATE, RUN_STATE_PAUSED },
+{ RUN_STATE_INMIGRATE, RUN_STATE_RUNNING },
+{ RUN_STATE_INMIGRATE, RUN_STATE_SHUTDOWN },
+{ RUN_STATE_INMIGRATE, RUN_STATE_SUSPENDED },
+{ RUN_STATE_INMIGRATE, RUN_STATE_WATCHDOG },
+{ RUN_STATE_INMIGRATE, RUN_STATE_GUEST_PANICKED },
+{ RUN_STATE_INMIGRATE, RUN_STATE_FINISH_MIGRATE },
+{ RUN_STATE_INMIGRATE, RUN_STATE_PRELAUNCH },
+{ RUN_STATE_INMIGRATE, RUN_STATE_POSTMIGRATE },
+{ RUN_STATE_INMIGRATE, RUN_STATE_COLO },
+
+{ RUN_STATE_INTERNAL_ERROR, RUN_STATE_PAUSED },
+{ RUN_STATE_INTERNAL_ERROR, RUN_STATE_FINISH_MIGRATE },
+{ RUN_STATE_INTERNAL_ERROR, 

[PATCH 06/15] vl: move all generic initialization out of vl.c

[Paolo Bonzini]

qdev_machine_creation_done is only setting a flag now.  Extend it to
move more code out of vl.c.  Leave only consistency checks and gdbserver
processing in qemu_machine_creation_done.

gdbserver_start can be moved after qdev_machine_creation_done because
it only does listen on the socket and creates some internal data
structures; it does not send any data (e.g. guest state) over the socket.

Signed-off-by: Paolo Bonzini 
---
 hw/core/machine.c  | 47 +-
 hw/core/qdev.c | 12 +++
 include/hw/qdev-core.h |  1 +
 softmmu/vl.c   | 37 +
 4 files changed, 51 insertions(+), 46 deletions(-)

diff --git a/hw/core/machine.c b/hw/core/machine.c
index 5659b1f49c..025c4f9749 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -16,16 +16,21 @@
 #include "sysemu/replay.h"
 #include "qemu/units.h"
 #include "hw/boards.h"
+#include "hw/loader.h"
 #include "qapi/error.h"
 #include "qapi/qapi-visit-common.h"
 #include "qapi/visitor.h"
 #include "hw/sysbus.h"
+#include "sysemu/cpus.h"
 #include "sysemu/sysemu.h"
+#include "sysemu/reset.h"
+#include "sysemu/runstate.h"
 #include "sysemu/numa.h"
 #include "qemu/error-report.h"
 #include "sysemu/qtest.h"
 #include "hw/pci/pci.h"
 #include "hw/mem/nvdimm.h"
+#include "migration/global_state.h"
 #include "migration/vmstate.h"
 
 GlobalProperty hw_compat_5_1[] = {
@@ -1186,10 +1191,50 @@ void qemu_remove_machine_init_done_notifier(Notifier 
*notify)
 notifier_remove(notify);
 }
 
-void qemu_run_machine_init_done_notifiers(void)
+void qdev_machine_creation_done(void)
 {
+cpu_synchronize_all_post_init();
+
+if (current_machine->boot_once) {
+qemu_boot_set(current_machine->boot_once, _fatal);
+qemu_register_reset(restore_boot_order, 
g_strdup(current_machine->boot_order));
+}
+
+/*
+ * ok, initial machine setup is done, starting from now we can
+ * only create hotpluggable devices
+ */
+qdev_hotplug = true;
+qdev_assert_realized_properly();
+
+/* TODO: once all bus devices are qdevified, this should be done
+ * when bus is created by qdev.c */
+/*
+ * TODO: If we had a main 'reset container' that the whole system
+ * lived in, we could reset that using the multi-phase reset
+ * APIs. For the moment, we just reset the sysbus, which will cause
+ * all devices hanging off it (and all their child buses, recursively)
+ * to be reset. Note that this will *not* reset any Device objects
+ * which are not attached to some part of the qbus tree!
+ */
+qemu_register_reset(resettable_cold_reset_fn, sysbus_get_default());
+
 machine_init_done = true;
 notifier_list_notify(_init_done_notifiers, NULL);
+
+if (rom_check_and_register_reset() != 0) {
+error_report("rom check and register reset failed");
+exit(1);
+}
+
+replay_start();
+
+/* This checkpoint is required by replay to separate prior clock
+   reading from the other reads, because timer polling functions query
+   clock values from the log. */
+replay_checkpoint(CHECKPOINT_RESET);
+qemu_system_reset(SHUTDOWN_CAUSE_NONE);
+register_global_state();
 }
 
 static const TypeInfo machine_info = {
diff --git a/hw/core/qdev.c b/hw/core/qdev.c
index 262bca716f..bc5df8ce69 100644
--- a/hw/core/qdev.c
+++ b/hw/core/qdev.c
@@ -413,7 +413,7 @@ void qdev_unrealize(DeviceState *dev)
 object_property_set_bool(OBJECT(dev), "realized", false, _abort);
 }
 
-static int qdev_assert_realized_properly(Object *obj, void *opaque)
+static int qdev_assert_realized_properly_cb(Object *obj, void *opaque)
 {
 DeviceState *dev = DEVICE(object_dynamic_cast(obj, TYPE_DEVICE));
 DeviceClass *dc;
@@ -426,16 +426,10 @@ static int qdev_assert_realized_properly(Object *obj, 
void *opaque)
 return 0;
 }
 
-void qdev_machine_creation_done(void)
+void qdev_assert_realized_properly(void)
 {
-/*
- * ok, initial machine setup is done, starting from now we can
- * only create hotpluggable devices
- */
-qdev_hotplug = true;
-
 object_child_foreach_recursive(object_get_root(),
-   qdev_assert_realized_properly, NULL);
+   qdev_assert_realized_properly_cb, NULL);
 }
 
 bool qdev_machine_modified(void)
diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h
index b77a2f1da7..6446846752 100644
--- a/include/hw/qdev-core.h
+++ b/include/hw/qdev-core.h
@@ -815,6 +815,7 @@ const VMStateDescription *qdev_get_vmsd(DeviceState *dev);
 
 const char *qdev_fw_name(DeviceState *dev);
 
+void qdev_assert_realized_properly(void);
 Object *qdev_get_machine(void);
 
 /* FIXME: make this a link<> */
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 685d92df5d..d8af26c281 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -72,7 +72,6 @@
 #include "hw/i386/pc.h"
 #include "migration/misc.h"
 #include "migration/snapshot.h"
-#include 

[PATCH 11/28] qom: use qemu_printf to print help for user-creatable objects

[Paolo Bonzini]

This is needed when we add help support for object_add.

Signed-off-by: Paolo Bonzini 
---
 qom/object_interfaces.c | 13 +++--
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/qom/object_interfaces.c b/qom/object_interfaces.c
index ed896fe764..34edc3d1d8 100644
--- a/qom/object_interfaces.c
+++ b/qom/object_interfaces.c
@@ -13,6 +13,7 @@
 #include "qemu/option.h"
 #include "qapi/opts-visitor.h"
 #include "qemu/config-file.h"
+#include "qemu/qemu-print.h"
 
 bool user_creatable_complete(UserCreatable *uc, Error **errp)
 {
@@ -214,15 +215,15 @@ char *object_property_help(const char *name, const char 
*type,
 return g_string_free(str, false);
 }
 
-static void user_creatable_print_types(void)
+void user_creatable_print_types(void)
 {
 GSList *l, *list;
 
-printf("List of user creatable objects:\n");
+qemu_printf("List of user creatable objects:\n");
 list = object_class_get_list_sorted(TYPE_USER_CREATABLE, false);
 for (l = list; l != NULL; l = l->next) {
 ObjectClass *oc = OBJECT_CLASS(l->data);
-printf("  %s\n", object_class_get_name(oc));
+qemu_printf("  %s\n", object_class_get_name(oc));
 }
 g_slist_free(list);
 }
@@ -253,12 +254,12 @@ static bool user_creatable_print_type_properites(const 
char *type)
 }
 g_ptr_array_sort(array, (GCompareFunc)qemu_pstrcmp0);
 if (array->len > 0) {
-printf("%s options:\n", type);
+qemu_printf("%s options:\n", type);
 } else {
-printf("There are no options for %s.\n", type);
+qemu_printf("There are no options for %s.\n", type);
 }
 for (i = 0; i < array->len; i++) {
-printf("%s\n", (char *)array->pdata[i]);
+qemu_printf("%s\n", (char *)array->pdata[i]);
 }
 g_ptr_array_set_free_func(array, g_free);
 g_ptr_array_free(array, true);
-- 
2.26.2

[PATCH 10/28] hmp: replace "O" parser with keyval

[Paolo Bonzini]

HMP is using QemuOpts to parse free-form commands device_add,
netdev_add and object_add.  However, none of these need QemuOpts
for validation (these three QemuOptsLists are all of the catch-all
kind), and keyval is already able to parse into QDict.  So use
keyval directly, avoiding the detour from
string to QemuOpts to QDict.

The args_type now stores the implied key.  This arguably makes more
sense than storing the QemuOptsList name; at least, it _is_ a key
that might end up in the arguments QDict.

Signed-off-by: Paolo Bonzini 
---
 hmp-commands.hx |  6 +++---
 monitor/hmp.c   | 20 +---
 2 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/hmp-commands.hx b/hmp-commands.hx
index 737c647c46..b3e54de27a 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -676,7 +676,7 @@ ERST
 
 {
 .name   = "device_add",
-.args_type  = "device:O",
+.args_type  = "driver:O",
 .params = "driver[,prop=value][,...]",
 .help   = "add device, like -device on the command line",
 .cmd= hmp_device_add,
@@ -1322,7 +1322,7 @@ ERST
 
 {
 .name   = "netdev_add",
-.args_type  = "netdev:O",
+.args_type  = "type:O",
 .params = 
"[user|tap|socket|vde|bridge|hubport|netmap|vhost-user],id=str[,prop=value][,...]",
 .help   = "add host network device",
 .cmd= hmp_netdev_add,
@@ -1352,7 +1352,7 @@ ERST
 
 {
 .name   = "object_add",
-.args_type  = "object:O",
+.args_type  = "qom-type:O",
 .params = "[qom-type=]type,id=str[,prop=value][,...]",
 .help   = "create QOM object",
 .cmd= hmp_object_add,
diff --git a/monitor/hmp.c b/monitor/hmp.c
index 6c0b33a0b1..d2cb886da5 100644
--- a/monitor/hmp.c
+++ b/monitor/hmp.c
@@ -744,13 +744,9 @@ static QDict *monitor_parse_arguments(Monitor *mon,
 break;
 case 'O':
 {
-QemuOptsList *opts_list;
-QemuOpts *opts;
+Error *errp;
+bool help;
 
-opts_list = qemu_find_opts(key);
-if (!opts_list || opts_list->desc->name) {
-goto bad_type;
-}
 while (qemu_isspace(*p)) {
 p++;
 }
@@ -760,12 +756,14 @@ static QDict *monitor_parse_arguments(Monitor *mon,
 if (get_str(buf, sizeof(buf), ) < 0) {
 goto fail;
 }
-opts = qemu_opts_parse_noisily(opts_list, buf, true);
-if (!opts) {
-goto fail;
+keyval_parse_into(qdict, buf, key, , );
+if (help) {
+if (qdict_haskey(qdict, key)) {
+qdict_put_bool(qdict, "help", true);
+} else {
+qdict_put_str(qdict, key, "help");
+}
 }
-qemu_opts_to_qdict(opts, qdict);
-qemu_opts_del(opts);
 }
 break;
 case '/':
-- 
2.26.2

Re: [PATCH] docs/devel/writing-qmp-commands.txt: Fix docs

[Markus Armbruster]

Zihao Chang  writes:

> Fix the example of add qmp hello-world example.
> Without ":", make will report error:
> ../qapi/misc.json:573:2: line should end with ':'
>
> Signed-off-by: Zihao Chang 
> ---
>  docs/devel/writing-qmp-commands.txt | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/docs/devel/writing-qmp-commands.txt 
> b/docs/devel/writing-qmp-commands.txt
> index 46a6c48683..28984686c9 100644
> --- a/docs/devel/writing-qmp-commands.txt
> +++ b/docs/devel/writing-qmp-commands.txt
> @@ -243,7 +243,7 @@ There are many examples of such documentation in the 
> schema file already, but
>  here goes "hello-world"'s new entry for qapi/misc.json:
>  
>  ##
> -# @hello-world
> +# @hello-world:
>  #
>  # Print a client provided string to the standard output stream.
>  #

Queued, thanks!

Re: [PATCH V17 4/6] hw/mips: Add Loongson-3 boot parameter helpers

[Philippe Mathieu-Daudé]

On 12/2/20 2:14 AM, Huacai Chen wrote:
> Hi, Phillippe,
> 
> On Tue, Nov 24, 2020 at 6:25 AM Philippe Mathieu-Daudé  
> wrote:
>>
>> On 11/6/20 5:21 AM, Huacai Chen wrote:
>>> Preparing to add Loongson-3 machine support, add Loongson-3's LEFI (a
>>> UEFI-like interface for BIOS-Kernel boot parameters) helpers first.
>>>
>>> Reviewed-by: Philippe Mathieu-Daudé 
>>> Signed-off-by: Huacai Chen 
>>> Co-developed-by: Jiaxun Yang 
>>> Signed-off-by: Jiaxun Yang 
>>> ---
>>>  hw/mips/loongson3_bootp.c | 165 +++
>>>  hw/mips/loongson3_bootp.h | 241 
>>> ++
>>>  hw/mips/meson.build   |   1 +
>>>  3 files changed, 407 insertions(+)
>>>  create mode 100644 hw/mips/loongson3_bootp.c
>>>  create mode 100644 hw/mips/loongson3_bootp.h
>>>
>>> diff --git a/hw/mips/loongson3_bootp.c b/hw/mips/loongson3_bootp.c
>>> new file mode 100644
>>> index 000..3a16081
>>> --- /dev/null
>>> +++ b/hw/mips/loongson3_bootp.c
>>> @@ -0,0 +1,165 @@
>>> +/*
>>> + * LEFI (a UEFI-like interface for BIOS-Kernel boot parameters) helpers
>>> + *
>>> + * Copyright (c) 2018-2020 Huacai Chen (che...@lemote.com)
>>> + * Copyright (c) 2018-2020 Jiaxun Yang 
>>> + *
>>> + * This program is free software: you can redistribute it and/or modify
>>> + * it under the terms of the GNU General Public License as published by
>>> + * the Free Software Foundation, either version 2 of the License, or
>>> + * (at your option) any later version.
>>> + *
>>> + * This program is distributed in the hope that it will be useful,
>>> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
>>> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>>> + * GNU General Public License for more details.
>>> + *
>>> + * You should have received a copy of the GNU General Public License
>>> + * along with this program. If not, see .
>>> + */
>>> +
>>> +#include "qemu/osdep.h"
>>> +#include "qemu/units.h"
>>> +#include "qemu/cutils.h"
>>> +#include "cpu.h"
>>> +#include "hw/boards.h"
>>> +#include "hw/mips/loongson3_bootp.h"
>>> +
>>> +#define LOONGSON3_CORE_PER_NODE 4
>>> +
>>> +static struct efi_cpuinfo_loongson *init_cpu_info(void *g_cpuinfo, 
>>> uint64_t cpu_freq)
>>> +{
>>> +struct efi_cpuinfo_loongson *c = g_cpuinfo;
>>> +
>>> +stl_le_p(>cputype, Loongson_3A);
>>> +stl_le_p(>processor_id, MIPS_CPU(first_cpu)->env.CP0_PRid);
>>
>> Build failing with Clang:
>>
>> FAILED: libqemu-mips64el-softmmu.fa.p/hw_mips_loongson3_bootp.c.o
>> hw/mips/loongson3_bootp.c:35:15: error: taking address of packed member
>> 'processor_id' of class or structure 'efi_cpuinfo_loongson' may result
>> in an unaligned pointer value [-Werror,-Waddress-of-packed-member]
>> stl_le_p(>processor_id, MIPS_CPU(first_cpu)->env.CP0_PRid);
>>   ^~~
>> 1 error generated.
> We cannot reproduce it on X86/MIPS with clang...

You can reproduce running the Clang job on Gitlab-CI:

https://wiki.qemu.org/Testing/CI/GitLabCI

> And I found that
> stl_le_p() will be __builtin_memcpy(), I don't think memcpy() will
> cause unaligned access. So, any suggestions?

I'll defer this question to Richard/Peter who have deeper understanding.

> 
> Huacai

Re: [PATCH v2 00/27] Virtio net failover fixes

[Michael S. Tsirkin]

On Wed, Dec 02, 2020 at 11:16:04AM +0100, Juan Quintela wrote:
> "Michael S. Tsirkin"  wrote:
> > On Wed, Nov 18, 2020 at 09:37:21AM +0100, Juan Quintela wrote:
> >> Hi
> >> 
> >> This is a big rework of the network failover setup.  General idea is:
> >> * We don't cache the name of the primary/standby devices
> >>   We have several problems there with stale pointers
> >> * After this:
> >> - We can always remove either the primary/standby devices without trouble
> >> - Pluggin/unplugging works
> >> - We go to device opts to see what the failover device are.
> >>   Notice that we are plugging/unplugging the device, so it is not critical.
> >> - Once there, I "fixed" managedsave for libvirt (now gives an error 
> >> instead o=
> >> f just hanging)
> >> * Fields not cached anymore:
> >> - primary_device_dict
> >> - primary_device_opts
> >> - standby_id
> >> - primary_device_id
> >> - primary_dev
> >> * I renamed the should_be_hidden() callback to hide device, but if
> >>   people preffer the old name I can leave it.
> >> * Add (some) doc to some functions
> >> * Remove almost 100 lines of code while fixing things.
> >> 
> >> Please review.
> >
> > OK that's great, any of this appropriate for 5.2?
> > The memory leak fix maybe?
> 
> 1st one is also a fix, current code just hangs the guest.


Hmm it does but then proceeds when you unpause so I'm not sure
it's a good idea for 5.2. It's late in the cycle to try to
handle management bugs ...

> Rest of things  current code fails a lot, but we are too late on the
> cycle.
> 
> Later, Juan.
> 
> 
> >> Later, Juan.
> >> 
> >> Juan Quintela (27):
> >>   migration: Network Failover can't work with a paused guest
> >>   failover: fix indentantion
> >>   failover: Use always atomics for primary_should_be_hidden
> >>   failover: primary bus is only used once, and where it is set
> >>   failover: Remove unused parameter
> >>   failover: Remove external partially_hotplugged property
> >>   failover: qdev_device_add() returns err or dev set
> >>   failover: Rename bool to failover_primary_hidden
> >>   failover: g_strcmp0() knows how to handle NULL
> >>   failover: Remove primary_device_opts
> >>   failover: remove standby_id variable
> >>   failover: Remove primary_device_dict
> >>   failover: Remove memory leak
> >>   failover: simplify virtio_net_find_primary()
> >>   failover: should_be_hidden() should take a bool
> >>   failover: Rename function to hide_device()
> >>   failover: virtio_net_connect_failover_devices() does nothing
> >>   failover: Rename to failover_find_primary_device()
> >>   failover: simplify qdev_device_add() failover case
> >>   failover: simplify qdev_device_add()
> >>   failover: make sure that id always exist
> >>   failover: remove failover_find_primary_device() error parameter
> >>   failover: split failover_find_primary_device_id()
> >>   failover: We don't need to cache primary_device_id anymore
> >>   failover: Caller of this two functions already have primary_dev
> >>   failover: simplify failover_unplug_primary
> >>   failover: Remove primary_dev member
> >> 
> >>  include/hw/qdev-core.h |  28 ++--
> >>  include/hw/virtio/virtio-net.h |   9 +-
> >>  hw/core/qdev.c |  19 +--
> >>  hw/net/virtio-net.c| 298 +
> >>  migration/migration.c  |  13 ++
> >>  softmmu/qdev-monitor.c |  43 ++---
> >>  6 files changed, 167 insertions(+), 243 deletions(-)
> >> 
> >> --=20
> >> 2.26.2
> >> 

Re: [PATCH 00/10] vhost/qemu: thread per IO SCSI vq

[Stefano Garzarella]

On Tue, Dec 01, 2020 at 05:43:38PM +, Stefan Hajnoczi wrote:

On Tue, Dec 01, 2020 at 02:45:18PM +0100, Stefano Garzarella wrote:

On Tue, Dec 01, 2020 at 12:59:43PM +, Stefan Hajnoczi wrote:
> On Fri, Nov 20, 2020 at 07:31:08AM -0500, Michael S. Tsirkin wrote:
> > On Fri, Nov 20, 2020 at 08:45:49AM +, Stefan Hajnoczi wrote:
> > > On Thu, Nov 19, 2020 at 5:08 PM Stefan Hajnoczi  
wrote:
> > > >
> > > > On Thu, Nov 19, 2020 at 4:43 PM Mike Christie
> > > >  wrote:
> > > > >
> > > > > On 11/19/20 10:24 AM, Stefan Hajnoczi wrote:
> > > > > > On Thu, Nov 19, 2020 at 4:13 PM Mike Christie
> > > > > >  wrote:
> > > > > >>
> > > > > >> On 11/19/20 8:46 AM, Michael S. Tsirkin wrote:
> > > > > >>> On Wed, Nov 18, 2020 at 11:31:17AM +, Stefan Hajnoczi wrote:
> > > > > > struct vhost_run_worker_info {
> > > > > >  struct timespec *timeout;
> > > > > >  sigset_t *sigmask;
> > > > > >
> > > > > >  /* List of virtqueues to process */
> > > > > >  unsigned nvqs;
> > > > > >  unsigned vqs[];
> > > > > > };
> > > > > >
> > > > > > /* This blocks until the timeout is reached, a signal is received, 
or
> > > > > > the vhost device is destroyed */
> > > > > > int ret = ioctl(vhost_fd, VHOST_RUN_WORKER, );
> > > > > >
> > > > > > As you can see, userspace isn't involved with dealing with the
> > > > > > requests. It just acts as a thread donor to the vhost driver.
> > > > > >
> > > > > > We would want the VHOST_RUN_WORKER calls to be infrequent to avoid 
the
> > > > > > penalty of switching into the kernel, copying in the arguments, etc.
> > > > >
> > > > > I didn't get this part. Why have the timeout? When the timeout 
expires,
> > > > > does userspace just call right back down to the kernel or does it do
> > > > > some sort of processing/operation?
> > > > >
> > > > > You could have your worker function run from that ioctl wait for a
> > > > > signal or a wake up call from the vhost_work/poll functions.
> > > >
> > > > An optional timeout argument is common in blocking interfaces like
> > > > poll(2), recvmmsg(2), etc.
> > > >
> > > > Although something can send a signal to the thread instead,
> > > > implementing that in an application is more awkward than passing a
> > > > struct timespec.
> > > >
> > > > Compared to other blocking calls we don't expect
> > > > ioctl(VHOST_RUN_WORKER) to return soon, so maybe the timeout will
> > > > rarely be used and can be dropped from the interface.
> > > >
> > > > BTW the code I posted wasn't a carefully thought out proposal 
> > > > :). The

> > > > details still need to be considered and I'm going to be offline for
> > > > the next week so maybe someone else can think it through in the
> > > > meantime.
> > >
> > > One final thought before I'm offline for a week. If
> > > ioctl(VHOST_RUN_WORKER) is specific to a single vhost device instance
> > > then it's hard to support poll-mode (busy waiting) workers because
> > > each device instance consumes a whole CPU. If we stick to an interface
> > > where the kernel manages the worker threads then it's easier to 
> > > share

> > > workers between devices for polling.
> >
> >
> > Yes that is the reason vhost did its own reason in the first place.
> >
> >
> > I am vaguely thinking about poll(2) or a similar interface,
> > which can wait for an event on multiple FDs.
>
> I can imagine how using poll(2) would work from a userspace perspective,
> but on the kernel side I don't think it can be implemented cleanly.
> poll(2) is tied to the file_operations->poll() callback and
> read/write/error events. Not to mention there isn't a way to substitue
> the vhost worker thread function instead of scheduling out the current
> thread while waiting for poll fd events.
>
> But maybe ioctl(VHOST_WORKER_RUN) can do it:
>
>  struct vhost_run_worker_dev {
>  int vhostfd;  /* /dev/vhost-TYPE fd */
>  unsigned nvqs;/* number of virtqueues in vqs[] */
>  unsigned vqs[];   /* virtqueues to process */
>  };
>
>  struct vhost_run_worker_info {
>   struct timespec *timeout;
>   sigset_t *sigmask;
>
>   unsigned ndevices;
>   struct vhost_run_worker_dev *devices[];
>  };
>
> In the simple case userspace sets ndevices to 1 and we just handle
> virtqueues for the current device.
>
> In the fancier shared worker thread case the userspace process has the
> vhost fds of all the devices it is processing and passes them to
> ioctl(VHOST_WORKER_RUN) via struct vhost_run_worker_dev elements.

Which fd will be used for this IOCTL? One of the 'vhostfd' or we should
create a new /dev/vhost-workers (or something similar)?

Maybe the new device will be cleaner and can be reused also for other stuff
(I'm thinking about vDPA software devices).

>
> From a security perspective it means the userspace thread has access to
> all vhost devices (because it has their fds).
>
> I'm not sure how the mm is supposed to work. The devices might be
> associated with different userspace processes (guests) and therefore
> 

Re: [PATCH 03/23] tests/docker: use project specific container registries

[Daniel P . Berrangé]

On Wed, Dec 02, 2020 at 12:54:14PM +0100, Gerd Hoffmann wrote:
> > --- a/tests/docker/dockerfiles/centos8.docker
> > +++ b/tests/docker/dockerfiles/centos8.docker
> > @@ -1,4 +1,4 @@
> > -FROM centos:8.1.1911
> > +FROM registry.centos.org/centos:8
> 
> At least for centos-8 I've noticed the docker.io containters are
> multiarch whereas registry.centos.org has x86_64 only.
> 
> I think right now we don't use any !x86_64 containers due to gitlab
> having only x86_64 shared runners.  So this isn't a blocker.  Wanted
> to note that nevertheless ;)

Interesting, I wonder if that's a mistake or not, because the Fedora
/ CentOS specific registries are supposed to be preferred, so I would
have expected better content.

In any case, for non-x86_64 stuff we currently do have all the Debian
cross-compiler containers available.


Regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH v11 2/7] block/nbd.c: Add yank feature

[Vladimir Sementsov-Ogievskiy]

15.11.2020 14:36, Lukas Straub wrote:

Register a yank function which shuts down the socket and sets
s->state = NBD_CLIENT_QUIT. This is the same behaviour as if an
error occured.

Signed-off-by: Lukas Straub
Acked-by: Stefan Hajnoczi


Hi! Could I ask, what's the reason for qatomic_load_acquire access to s->state? 
Is there same bug fixed? Or is it related somehow to new feature?

--
Best regards,
Vladimir

[PULL 010/113] dma: Let dma_memory_read() propagate MemTxResult

[Paolo Bonzini]

From: Philippe Mathieu-Daudé 

dma_memory_rw_relaxed() returns a MemTxResult type.
Do not discard it, return it to the caller.

Reviewed-by: Richard Henderson 
Reviewed-by: Li Qiang 
Reviewed-by: Edgar E. Iglesias 
Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20201023151923.3243652-7-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 include/sysemu/dma.h | 21 +
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/include/sysemu/dma.h b/include/sysemu/dma.h
index 04687d8825..df170047eb 100644
--- a/include/sysemu/dma.h
+++ b/include/sysemu/dma.h
@@ -89,8 +89,9 @@ static inline MemTxResult dma_memory_rw_relaxed(AddressSpace 
*as,
 buf, len, dir == DMA_DIRECTION_FROM_DEVICE);
 }
 
-static inline int dma_memory_read_relaxed(AddressSpace *as, dma_addr_t addr,
-  void *buf, dma_addr_t len)
+static inline MemTxResult dma_memory_read_relaxed(AddressSpace *as,
+  dma_addr_t addr,
+  void *buf, dma_addr_t len)
 {
 return dma_memory_rw_relaxed(as, addr, buf, len, DMA_DIRECTION_TO_DEVICE);
 }
@@ -124,8 +125,20 @@ static inline MemTxResult dma_memory_rw(AddressSpace *as, 
dma_addr_t addr,
 return dma_memory_rw_relaxed(as, addr, buf, len, dir);
 }
 
-static inline int dma_memory_read(AddressSpace *as, dma_addr_t addr,
-  void *buf, dma_addr_t len)
+/**
+ * dma_memory_read: Read from an address space from DMA controller.
+ *
+ * Return a MemTxResult indicating whether the operation succeeded
+ * or failed (eg unassigned memory, device rejected the transaction,
+ * IOMMU fault).  Called within RCU critical section.
+ *
+ * @as: #AddressSpace to be accessed
+ * @addr: address within that address space
+ * @buf: buffer with the data transferred
+ * @len: length of the data transferred
+ */
+static inline MemTxResult dma_memory_read(AddressSpace *as, dma_addr_t addr,
+  void *buf, dma_addr_t len)
 {
 return dma_memory_rw(as, addr, buf, len, DMA_DIRECTION_TO_DEVICE);
 }
-- 
2.26.2

[PULL 019/113] hw/dma/xilinx_axidma: Rename StreamSlave as StreamSink

[Paolo Bonzini]

From: Philippe Mathieu-Daudé 

In order to use inclusive terminology, rename 'slave stream'
as 'sink stream'.

Signed-off-by: Philippe Mathieu-Daudé 
Acked-by: Paolo Bonzini 
Reviewed-by: Edgar E. Iglesias 
Message-Id: <20200910070131.435543-4-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 hw/dma/xilinx_axidma.c | 26 +-
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/hw/dma/xilinx_axidma.c b/hw/dma/xilinx_axidma.c
index 306da46699..bc383f53cc 100644
--- a/hw/dma/xilinx_axidma.c
+++ b/hw/dma/xilinx_axidma.c
@@ -45,11 +45,11 @@
 
 OBJECT_DECLARE_SIMPLE_TYPE(XilinxAXIDMA, XILINX_AXI_DMA)
 
-typedef struct XilinxAXIDMAStreamSlave XilinxAXIDMAStreamSlave;
-DECLARE_INSTANCE_CHECKER(XilinxAXIDMAStreamSlave, XILINX_AXI_DMA_DATA_STREAM,
+typedef struct XilinxAXIDMAStreamSink XilinxAXIDMAStreamSink;
+DECLARE_INSTANCE_CHECKER(XilinxAXIDMAStreamSink, XILINX_AXI_DMA_DATA_STREAM,
  TYPE_XILINX_AXI_DMA_DATA_STREAM)
 
-DECLARE_INSTANCE_CHECKER(XilinxAXIDMAStreamSlave, 
XILINX_AXI_DMA_CONTROL_STREAM,
+DECLARE_INSTANCE_CHECKER(XilinxAXIDMAStreamSink, XILINX_AXI_DMA_CONTROL_STREAM,
  TYPE_XILINX_AXI_DMA_CONTROL_STREAM)
 
 #define R_DMACR (0x00 / 4)
@@ -115,7 +115,7 @@ struct Stream {
 unsigned char txbuf[16 * 1024];
 };
 
-struct XilinxAXIDMAStreamSlave {
+struct XilinxAXIDMAStreamSink {
 Object parent;
 
 struct XilinxAXIDMA *dma;
@@ -130,8 +130,8 @@ struct XilinxAXIDMA {
 uint32_t freqhz;
 StreamSink *tx_data_dev;
 StreamSink *tx_control_dev;
-XilinxAXIDMAStreamSlave rx_data_dev;
-XilinxAXIDMAStreamSlave rx_control_dev;
+XilinxAXIDMAStreamSink rx_data_dev;
+XilinxAXIDMAStreamSink rx_control_dev;
 
 struct Stream streams[2];
 
@@ -387,7 +387,7 @@ static size_t
 xilinx_axidma_control_stream_push(StreamSink *obj, unsigned char *buf,
   size_t len, bool eop)
 {
-XilinxAXIDMAStreamSlave *cs = XILINX_AXI_DMA_CONTROL_STREAM(obj);
+XilinxAXIDMAStreamSink *cs = XILINX_AXI_DMA_CONTROL_STREAM(obj);
 struct Stream *s = >dma->streams[1];
 
 if (len != CONTROL_PAYLOAD_SIZE) {
@@ -404,7 +404,7 @@ xilinx_axidma_data_stream_can_push(StreamSink *obj,
StreamCanPushNotifyFn notify,
void *notify_opaque)
 {
-XilinxAXIDMAStreamSlave *ds = XILINX_AXI_DMA_DATA_STREAM(obj);
+XilinxAXIDMAStreamSink *ds = XILINX_AXI_DMA_DATA_STREAM(obj);
 struct Stream *s = >dma->streams[1];
 
 if (!stream_running(s) || stream_idle(s)) {
@@ -420,7 +420,7 @@ static size_t
 xilinx_axidma_data_stream_push(StreamSink *obj, unsigned char *buf, size_t len,
bool eop)
 {
-XilinxAXIDMAStreamSlave *ds = XILINX_AXI_DMA_DATA_STREAM(obj);
+XilinxAXIDMAStreamSink *ds = XILINX_AXI_DMA_DATA_STREAM(obj);
 struct Stream *s = >dma->streams[1];
 size_t ret;
 
@@ -531,8 +531,8 @@ static const MemoryRegionOps axidma_ops = {
 static void xilinx_axidma_realize(DeviceState *dev, Error **errp)
 {
 XilinxAXIDMA *s = XILINX_AXI_DMA(dev);
-XilinxAXIDMAStreamSlave *ds = XILINX_AXI_DMA_DATA_STREAM(>rx_data_dev);
-XilinxAXIDMAStreamSlave *cs = XILINX_AXI_DMA_CONTROL_STREAM(
+XilinxAXIDMAStreamSink *ds = XILINX_AXI_DMA_DATA_STREAM(>rx_data_dev);
+XilinxAXIDMAStreamSink *cs = XILINX_AXI_DMA_CONTROL_STREAM(
 
>rx_control_dev);
 int i;
 
@@ -631,7 +631,7 @@ static const TypeInfo axidma_info = {
 static const TypeInfo xilinx_axidma_data_stream_info = {
 .name  = TYPE_XILINX_AXI_DMA_DATA_STREAM,
 .parent= TYPE_OBJECT,
-.instance_size = sizeof(XilinxAXIDMAStreamSlave),
+.instance_size = sizeof(XilinxAXIDMAStreamSink),
 .class_init= xilinx_axidma_stream_class_init,
 .class_data= _axidma_data_stream_class,
 .interfaces = (InterfaceInfo[]) {
@@ -643,7 +643,7 @@ static const TypeInfo xilinx_axidma_data_stream_info = {
 static const TypeInfo xilinx_axidma_control_stream_info = {
 .name  = TYPE_XILINX_AXI_DMA_CONTROL_STREAM,
 .parent= TYPE_OBJECT,
-.instance_size = sizeof(XilinxAXIDMAStreamSlave),
+.instance_size = sizeof(XilinxAXIDMAStreamSink),
 .class_init= xilinx_axidma_stream_class_init,
 .class_data= _axidma_control_stream_class,
 .interfaces = (InterfaceInfo[]) {
-- 
2.26.2

[PULL 048/113] sparc64: do not use ram_size global

[Paolo Bonzini]

Use the machine properties instead.

Cc: Mark Cave-Ayland 
Signed-off-by: Paolo Bonzini 
---
 hw/sparc64/sparc64.c | 3 ++-
 hw/sparc64/sun4u.c   | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/hw/sparc64/sparc64.c b/hw/sparc64/sparc64.c
index 100b2fab17..e3f9219a10 100644
--- a/hw/sparc64/sparc64.c
+++ b/hw/sparc64/sparc64.c
@@ -25,6 +25,7 @@
 
 #include "qemu/osdep.h"
 #include "cpu.h"
+#include "hw/boards.h"
 #include "hw/char/serial.h"
 #include "hw/sparc/sparc64.h"
 #include "qemu/timer.h"
@@ -180,7 +181,7 @@ static void main_cpu_reset(void *opaque)
 cpu_timer_reset(env->hstick);
 
 env->gregs[1] = 0; /* Memory start */
-env->gregs[2] = ram_size; /* Memory size */
+env->gregs[2] = current_machine->ram_size; /* Memory size */
 env->gregs[3] = 0; /* Machine description XXX */
 if (nr_resets++ == 0) {
 /* Power on reset */
diff --git a/hw/sparc64/sun4u.c b/hw/sparc64/sun4u.c
index 22896b4c62..8bee7dd2f4 100644
--- a/hw/sparc64/sun4u.c
+++ b/hw/sparc64/sun4u.c
@@ -690,7 +690,7 @@ static void sun4uv_init(MemoryRegion *address_space_mem,
 initrd_addr = 0;
 kernel_size = sun4u_load_kernel(machine->kernel_filename,
 machine->initrd_filename,
-ram_size, _size, _addr,
+machine->ram_size, _size, 
_addr,
 _addr, _entry);
 
 sun4u_NVRAM_set_params(nvram, NVRAM_SIZE, "Sun4u", machine->ram_size,
@@ -713,7 +713,7 @@ static void sun4uv_init(MemoryRegion *address_space_mem,
 fw_cfg = FW_CFG(dev);
 fw_cfg_add_i16(fw_cfg, FW_CFG_NB_CPUS, (uint16_t)machine->smp.cpus);
 fw_cfg_add_i16(fw_cfg, FW_CFG_MAX_CPUS, (uint16_t)machine->smp.max_cpus);
-fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)ram_size);
+fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)machine->ram_size);
 fw_cfg_add_i16(fw_cfg, FW_CFG_MACHINE_ID, hwdef->machine_id);
 fw_cfg_add_i64(fw_cfg, FW_CFG_KERNEL_ADDR, kernel_entry);
 fw_cfg_add_i64(fw_cfg, FW_CFG_KERNEL_SIZE, kernel_size);
-- 
2.26.2

[PULL 045/113] ppc: do not use ram_size global

[Paolo Bonzini]

Use the machine properties instead.

Cc: qemu-...@nongnu.org
Signed-off-by: Paolo Bonzini 
---
 hw/ppc/prep.c  | 2 +-
 hw/ppc/spapr_vio.c | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/ppc/prep.c b/hw/ppc/prep.c
index c6b9d1ddcb..7e72f6e4a9 100644
--- a/hw/ppc/prep.c
+++ b/hw/ppc/prep.c
@@ -420,7 +420,7 @@ static void ibm_40p_init(MachineState *machine)
 
 /* Prepare firmware configuration for Open Hack'Ware */
 if (m48t59) {
-PPC_NVRAM_set_params(m48t59, NVRAM_SIZE, "PREP", ram_size,
+PPC_NVRAM_set_params(m48t59, NVRAM_SIZE, "PREP", machine->ram_size,
  boot_device,
  kernel_base, kernel_size,
  machine->kernel_cmdline,
diff --git a/hw/ppc/spapr_vio.c b/hw/ppc/spapr_vio.c
index 5d6c56473f..3cc9421526 100644
--- a/hw/ppc/spapr_vio.c
+++ b/hw/ppc/spapr_vio.c
@@ -525,10 +525,10 @@ static void spapr_vio_busdev_realize(DeviceState *qdev, 
Error **errp)
 uint32_t liobn = SPAPR_VIO_LIOBN(dev->reg);
 
 memory_region_init(>mrroot, OBJECT(dev), "iommu-spapr-root",
-   ram_size);
+   MACHINE(spapr)->ram_size);
 memory_region_init_alias(>mrbypass, OBJECT(dev),
  "iommu-spapr-bypass", get_system_memory(),
- 0, ram_size);
+ 0, MACHINE(spapr)->ram_size);
 memory_region_add_subregion_overlap(>mrroot, 0, >mrbypass, 
1);
 address_space_init(>as, >mrroot, qdev->id);
 
-- 
2.26.2

[PULL 065/113] vl: move CHECKPOINT_INIT after preconfig

[Paolo Bonzini]

Move CHECKPOINT_INIT right before the machine initialization is
completed.  Everything before is essentially an extension of
command line parsing.

Reviewed-by: Philippe Mathieu-Daudé 
Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 hw/core/machine.c | 5 +
 softmmu/vl.c  | 5 -
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/hw/core/machine.c b/hw/core/machine.c
index 7ef3de5ce5..a5cfbcc7cb 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -1107,6 +1107,11 @@ void machine_run_board_init(MachineState *machine)
 ObjectClass *oc = object_class_by_name(machine->cpu_type);
 CPUClass *cc;
 
+/* This checkpoint is required by replay to separate prior clock
+   reading from the other reads, because timer polling functions query
+   clock values from the log. */
+replay_checkpoint(CHECKPOINT_INIT);
+
 if (machine->ram_memdev_id) {
 Object *o;
 o = object_resolve_path_type(machine->ram_memdev_id,
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 1a80a9a68d..91ef21833b 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -4443,11 +4443,6 @@ void qemu_init(int argc, char **argv, char **envp)
 qemu_semihosting_connect_chardevs();
 qemu_semihosting_console_init();
 
-/* This checkpoint is required by replay to separate prior clock
-   reading from the other reads, because timer polling functions query
-   clock values from the log. */
-replay_checkpoint(CHECKPOINT_INIT);
-
 current_machine->boot_order = boot_order;
 
 /* parse features once if machine provides default cpu_type */
-- 
2.26.2

[PULL 057/113] vl: move prelaunch part of qemu_init to new functions

[Paolo Bonzini]

The final part of qemu_init, starting with the completion of
board init, is already relatively clean.  Split it out of
qemu_init so that qemu_init keeps only the messy parts.

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 softmmu/vl.c | 249 +++
 1 file changed, 134 insertions(+), 115 deletions(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index 41a685bb5d..90f9782107 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -120,6 +120,9 @@
 static const char *cpu_option;
 static const char *data_dir[16];
 static int data_dir_idx;
+static const char *mem_path;
+static const char *boot_order;
+static const char *boot_once;
 enum vga_retrace_method vga_retrace_method = VGA_RETRACE_DUMB;
 int display_opengl;
 const char* keyboard_layout = NULL;
@@ -3002,6 +3005,134 @@ static void qemu_init_subsystems(void)
 socket_init();
 }
 
+/*
+ * Called after leaving preconfig state.  From here on runstate is
+ * RUN_STATE_PRELAUNCH or RUN_STATE_INMIGRATE.
+ */
+static void qemu_init_board(void)
+{
+MachineClass *machine_class = MACHINE_GET_CLASS(current_machine);
+
+if (machine_class->default_ram_id && current_machine->ram_size &&
+numa_uses_legacy_mem() && !current_machine->ram_memdev_id) {
+create_default_memdev(current_machine, mem_path);
+}
+
+machine_run_board_init(current_machine);
+
+/*
+ * TODO To drop support for deprecated bogus if=..., move
+ * drive_check_orphaned() here, replacing this call.  Also drop
+ * its deprecation warning, along with DriveInfo member
+ * @claimed_by_board.
+ */
+drive_mark_claimed_by_board();
+
+realtime_init();
+
+if (hax_enabled()) {
+/* FIXME: why isn't cpu_synchronize_all_post_init enough? */
+hax_sync_vcpus();
+}
+}
+
+static void qemu_create_cli_devices(void)
+{
+soundhw_init();
+
+qemu_opts_foreach(qemu_find_opts("fw_cfg"),
+  parse_fw_cfg, fw_cfg_find(), _fatal);
+
+/* init USB devices */
+if (machine_usb(current_machine)) {
+if (foreach_device_config(DEV_USB, usb_parse) < 0)
+exit(1);
+}
+
+/* init generic devices */
+rom_set_order_override(FW_CFG_ORDER_OVERRIDE_DEVICE);
+qemu_opts_foreach(qemu_find_opts("device"),
+  device_init_func, NULL, _fatal);
+rom_reset_order_override();
+}
+
+static void qemu_machine_creation_done(void)
+{
+DisplayState *ds;
+
+cpu_synchronize_all_post_init();
+
+/* Did we create any drives that we failed to create a device for? */
+drive_check_orphaned();
+
+/* Don't warn about the default network setup that you get if
+ * no command line -net or -netdev options are specified. There
+ * are two cases that we would otherwise complain about:
+ * (1) board doesn't support a NIC but the implicit "-net nic"
+ * requested one
+ * (2) CONFIG_SLIRP not set, in which case the implicit "-net nic"
+ * sets up a nic that isn't connected to anything.
+ */
+if (!default_net && (!qtest_enabled() || has_defaults)) {
+net_check_clients();
+}
+
+if (boot_once) {
+qemu_boot_set(boot_once, _fatal);
+qemu_register_reset(restore_boot_order, g_strdup(boot_order));
+}
+
+/* init local displays */
+ds = init_displaystate();
+qemu_display_init(ds, );
+
+/* must be after terminal init, SDL library changes signal handlers */
+os_setup_signal_handling();
+
+/* init remote displays */
+#ifdef CONFIG_VNC
+qemu_opts_foreach(qemu_find_opts("vnc"),
+  vnc_init_func, NULL, _fatal);
+#endif
+
+if (using_spice) {
+qemu_spice.display_init();
+}
+
+if (foreach_device_config(DEV_GDB, gdbserver_start) < 0) {
+exit(1);
+}
+
+qdev_machine_creation_done();
+
+/* TODO: once all bus devices are qdevified, this should be done
+ * when bus is created by qdev.c */
+/*
+ * TODO: If we had a main 'reset container' that the whole system
+ * lived in, we could reset that using the multi-phase reset
+ * APIs. For the moment, we just reset the sysbus, which will cause
+ * all devices hanging off it (and all their child buses, recursively)
+ * to be reset. Note that this will *not* reset any Device objects
+ * which are not attached to some part of the qbus tree!
+ */
+qemu_register_reset(resettable_cold_reset_fn, sysbus_get_default());
+qemu_run_machine_init_done_notifiers();
+
+if (rom_check_and_register_reset() != 0) {
+error_report("rom check and register reset failed");
+exit(1);
+}
+
+replay_start();
+
+/* This checkpoint is required by replay to separate prior clock
+   reading from the other reads, because timer polling functions query
+   clock values from the log. */
+replay_checkpoint(CHECKPOINT_RESET);
+qemu_system_reset(SHUTDOWN_CAUSE_NONE);
+register_global_state();
+}
+
 void 

[PULL 068/113] vl: separate qemu_create_machine

[Paolo Bonzini]

Reviewed-by: Igor Mammedov 
Signed-off-by: Paolo Bonzini 
---
 softmmu/vl.c | 113 +++
 1 file changed, 60 insertions(+), 53 deletions(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index d9fe9f63c0..5af52454ee 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -133,6 +133,8 @@ static const char *boot_order;
 static const char *boot_once;
 static const char *incoming;
 static const char *loadvm;
+static ram_addr_t maxram_size;
+static uint64_t ram_slots;
 static int display_remote;
 static int snapshot;
 static QemuPluginList plugin_list = QTAILQ_HEAD_INITIALIZER(plugin_list);
@@ -2795,8 +2797,13 @@ static void qemu_create_late_backends(void)
 qemu_semihosting_console_init();
 }
 
-static bool set_memory_options(uint64_t *ram_slots, ram_addr_t *maxram_size,
-   MachineClass *mc)
+static bool have_custom_ram_size(void)
+{
+QemuOpts *opts = qemu_find_opts_singleton("memory");
+return !!qemu_opt_get_size(opts, "size", 0);
+}
+
+static void set_memory_options(MachineClass *mc)
 {
 uint64_t sz;
 const char *mem_str;
@@ -2846,7 +2853,7 @@ static bool set_memory_options(uint64_t *ram_slots, 
ram_addr_t *maxram_size,
 
 /* store value for the future use */
 qemu_opt_set_number(opts, "size", ram_size, _abort);
-*maxram_size = ram_size;
+maxram_size = ram_size;
 
 if (qemu_opt_get(opts, "maxmem")) {
 uint64_t slots;
@@ -2867,15 +2874,59 @@ static bool set_memory_options(uint64_t *ram_slots, 
ram_addr_t *maxram_size,
 exit(EXIT_FAILURE);
 }
 
-*maxram_size = sz;
-*ram_slots = slots;
+maxram_size = sz;
+ram_slots = slots;
 } else if (qemu_opt_get(opts, "slots")) {
 error_report("invalid -m option value: missing 'maxmem' option");
 exit(EXIT_FAILURE);
 }
 
 loc_pop();
-return !!mem_str;
+}
+
+static void qemu_create_machine(MachineClass *machine_class)
+{
+object_set_machine_compat_props(machine_class->compat_props);
+
+set_memory_options(machine_class);
+
+current_machine = 
MACHINE(object_new_with_class(OBJECT_CLASS(machine_class)));
+if (machine_help_func(qemu_get_machine_opts(), current_machine)) {
+exit(0);
+}
+object_property_add_child(object_get_root(), "machine",
+  OBJECT(current_machine));
+object_property_add_child(container_get(OBJECT(current_machine),
+"/unattached"),
+  "sysbus", OBJECT(sysbus_get_default()));
+
+if (machine_class->minimum_page_bits) {
+if (!set_preferred_target_page_bits(machine_class->minimum_page_bits)) 
{
+/* This would be a board error: specifying a minimum smaller than
+ * a target's compile-time fixed setting.
+ */
+g_assert_not_reached();
+}
+}
+
+cpu_exec_init_all();
+page_size_init();
+
+if (machine_class->hw_version) {
+qemu_set_hw_version(machine_class->hw_version);
+}
+
+machine_smp_parse(current_machine,
+qemu_opts_find(qemu_find_opts("smp-opts"), NULL), _fatal);
+
+/*
+ * Get the default machine options from the machine if it is not already
+ * specified either by the configuration file or by the command line.
+ */
+if (machine_class->default_machine_opts) {
+qemu_opts_set_defaults(qemu_find_opts("machine"),
+   machine_class->default_machine_opts, 0);
+}
 }
 
 static int global_init_func(void *opaque, QemuOpts *opts, Error **errp)
@@ -3404,10 +3455,7 @@ void qemu_init(int argc, char **argv, char **envp)
 const char *optarg;
 MachineClass *machine_class;
 bool userconfig = true;
-ram_addr_t maxram_size;
-uint64_t ram_slots = 0;
 FILE *vmstate_dump_file = NULL;
-bool have_custom_ram_size;
 
 qemu_add_opts(_drive_opts);
 qemu_add_drive_opts(_legacy_drive_opts);
@@ -4333,49 +4381,7 @@ void qemu_init(int argc, char **argv, char **envp)
 
 configure_rtc(qemu_find_opts_singleton("rtc"));
 
-machine_class = select_machine();
-object_set_machine_compat_props(machine_class->compat_props);
-
-have_custom_ram_size = set_memory_options(_slots, _size,
-  machine_class);
-
-current_machine = 
MACHINE(object_new_with_class(OBJECT_CLASS(machine_class)));
-if (machine_help_func(qemu_get_machine_opts(), current_machine)) {
-exit(0);
-}
-object_property_add_child(object_get_root(), "machine",
-  OBJECT(current_machine));
-object_property_add_child(container_get(OBJECT(current_machine),
-"/unattached"),
-  "sysbus", OBJECT(sysbus_get_default()));
-
-if (machine_class->minimum_page_bits) {
-if (!set_preferred_target_page_bits(machine_class->minimum_page_bits)) 
{
-  

[PULL 088/113] scripts: kernel-doc: accept blank lines on parameter description

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

Sphinx is very pedantic with respect to blank lines. Sometimes,
in order to make it to properly handle something, we need to
add a blank line. However, currently, any blank line inside a
kernel-doc comment like:

/*
 * @foo: bar
 *
 *   foobar
 *
 * some description

will be considered as if "foobar" was part of the description.

This patch changes kernel-doc behavior. After it, foobar will
be considered as part of the parameter text. The description
will only be considered as such if it starts with:

zero spaces after asterisk:

*foo

one space after asterisk:
* foo

or have a explicit Description section:

*   Description:

Signed-off-by: Mauro Carvalho Chehab 
Link: 
https://lore.kernel.org/r/c07d2862792d75a2691d69c9eceb7b89a0164cc0.1586881715.git.mchehab+hua...@kernel.org
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-7-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 35 +++
 1 file changed, 23 insertions(+), 12 deletions(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index e4b3cd486f..95f2d7adcf 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -334,13 +334,14 @@ my $lineprefix="";
 
 # Parser states
 use constant {
-STATE_NORMAL=> 0, # normal code
-STATE_NAME  => 1, # looking for function name
-STATE_BODY_MAYBE=> 2, # body - or maybe more description
-STATE_BODY  => 3, # the body of the comment
-STATE_PROTO => 4, # scanning prototype
-STATE_DOCBLOCK  => 5, # documentation block
-STATE_INLINE=> 6, # gathering documentation outside main block
+STATE_NORMAL=> 0,# normal code
+STATE_NAME  => 1,# looking for function name
+STATE_BODY_MAYBE=> 2,# body - or maybe more description
+STATE_BODY  => 3,# the body of the comment
+STATE_BODY_WITH_BLANK_LINE => 4, # the body, which has a blank line
+STATE_PROTO => 5,# scanning prototype
+STATE_DOCBLOCK  => 6,# documentation block
+STATE_INLINE=> 7,# gathering doc outside main block
 };
 my $state;
 my $in_doc_sect;
@@ -1987,6 +1988,12 @@ sub process_body($$) {
}
 }
 
+if ($state == STATE_BODY_WITH_BLANK_LINE && /^\s*\*\s?\S/) {
+   dump_section($file, $section, $contents);
+   $section = $section_default;
+   $contents = "";
+}
+
 if (/$doc_sect/i) { # case insensitive for supported section names
$newsection = $1;
$newcontents = $2;
@@ -2040,18 +2047,21 @@ sub process_body($$) {
$state = STATE_PROTO;
$brcount = 0;
 } elsif (/$doc_content/) {
-   # miguel-style comment kludge, look for blank lines after
-   # @parameter line to signify start of description
if ($1 eq "") {
-   if ($section =~ m/^@/ || $section eq $section_context) {
+   if ($section eq $section_context) {
dump_section($file, $section, $contents);
$section = $section_default;
$contents = "";
$new_start_line = $.;
+   $state = STATE_BODY;
} else {
+   if ($section ne $section_default) {
+   $state = STATE_BODY_WITH_BLANK_LINE;
+   } else {
+   $state = STATE_BODY;
+   }
$contents .= "\n";
}
-   $state = STATE_BODY;
} elsif ($state == STATE_BODY_MAYBE) {
# Continued declaration purpose
chomp($declaration_purpose);
@@ -2203,7 +2213,8 @@ sub process_file($) {
process_normal();
} elsif ($state == STATE_NAME) {
process_name($file, $_);
-   } elsif ($state == STATE_BODY || $state == STATE_BODY_MAYBE) {
+   } elsif ($state == STATE_BODY || $state == STATE_BODY_MAYBE ||
+$state == STATE_BODY_WITH_BLANK_LINE) {
process_body($file, $_);
} elsif ($state == STATE_INLINE) { # scanning for inline parameters
process_inline($file, $_);
-- 
2.26.2

[PULL 085/113] scripts/kernel-doc: Add support for named variable macro arguments

[Paolo Bonzini]

From: Jonathan Neuschäfer 

Currently, when kernel-doc encounters a macro with a named variable
argument[1], such as this:

   #define hlist_for_each_entry_rcu(pos, head, member, cond...)

... it expects the variable argument to be documented as `cond...`,
rather than `cond`. This is semantically wrong, because the name (as
used in the macro body) is actually `cond`.

With this patch, kernel-doc will accept the name without dots (`cond`
in the example above) in doc comments, and warn if the name with dots
(`cond...`) is used and verbose mode[2] is enabled.

The support for the `cond...` syntax can be removed later, when the
documentation of all such macros has been switched to the new syntax.

Testing this patch on top of v5.4-rc6, `make htmldocs` shows a few
changes in log output and HTML output:

 1) The following warnings[3] are eliminated:

   ./include/linux/rculist.h:374: warning:
Excess function parameter 'cond' description in 
'list_for_each_entry_rcu'
   ./include/linux/rculist.h:651: warning:
Excess function parameter 'cond' description in 
'hlist_for_each_entry_rcu'

 2) For list_for_each_entry_rcu and hlist_for_each_entry_rcu, the
correct description is shown

 3) Named variable arguments are shown without dots

[1]: https://gcc.gnu.org/onlinedocs/cpp/Variadic-Macros.html
[2]: scripts/kernel-doc -v
[3]: See also 
https://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git/commit/?h=dev=5bc4bc0d6153617eabde275285b7b5a8137fdf3c

Signed-off-by: Jonathan Neuschäfer 
Tested-by: Paul E. McKenney 
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-4-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 16 
 1 file changed, 16 insertions(+)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index 2f421b7313..0f67664165 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1480,6 +1480,10 @@ sub push_parameter() {
  # handles unnamed variable parameters
  $param = "...";
}
+   elsif ($param =~ /\w\.\.\.$/) {
+ # for named variable parameters of the form `x...`, remove the 
dots
+ $param =~ s/\.\.\.$//;
+   }
if (!defined $parameterdescs{$param} || $parameterdescs{$param} eq 
"") {
$parameterdescs{$param} = "variable arguments";
}
@@ -1967,6 +1971,18 @@ sub process_name($$) {
 sub process_body($$) {
 my $file = shift;
 
+# Until all named variable macro parameters are
+# documented using the bare name (`x`) rather than with
+# dots (`x...`), strip the dots:
+if ($section =~ /\w\.\.\.$/) {
+   $section =~ s/\.\.\.$//;
+
+   if ($verbose) {
+   print STDERR "${file}:$.: warning: Variable macro arguments should 
be documented without dots\n";
+   ++$warnings;
+   }
+}
+
 if (/$doc_sect/i) { # case insensitive for supported section names
$newsection = $1;
$newcontents = $2;
-- 
2.26.2

[PATCH 10/15] vl: make qemu_get_machine_opts static

[Paolo Bonzini]

Machine options can be retrieved as properties of the machine object.
Encourage that by removing the "easy" accessor to machine options.

Signed-off-by: Paolo Bonzini 
---
 accel/kvm/kvm-all.c | 11 ---
 hw/arm/boot.c   |  2 +-
 hw/microblaze/boot.c|  9 -
 hw/nios2/boot.c |  9 -
 hw/ppc/e500.c   |  5 ++---
 hw/ppc/spapr_nvdimm.c   |  4 ++--
 hw/ppc/virtex_ml507.c   |  2 +-
 hw/riscv/sifive_u.c |  6 ++
 hw/riscv/virt.c |  6 ++
 hw/xtensa/xtfpga.c  |  9 -
 include/sysemu/sysemu.h |  2 --
 softmmu/device_tree.c   |  2 +-
 softmmu/vl.c|  2 +-
 13 files changed, 28 insertions(+), 41 deletions(-)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index baaa54249d..666b9ab96c 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2013,7 +2013,6 @@ static int kvm_init(MachineState *ms)
 const KVMCapabilityInfo *missing_cap;
 int ret;
 int type = 0;
-const char *kvm_type;
 uint64_t dirty_log_manual_caps;
 
 s = KVM_STATE(ms->accelerator);
@@ -2069,13 +2068,11 @@ static int kvm_init(MachineState *ms)
 }
 s->as = g_new0(struct KVMAs, s->nr_as);
 
-kvm_type = qemu_opt_get(qemu_get_machine_opts(), "kvm-type");
-if (mc->kvm_type) {
+if (object_property_find(OBJECT(current_machine), "kvm-type")) {
+g_autofree char *kvm_type = 
object_property_get_str(OBJECT(current_machine),
+"kvm-type",
+_abort);
 type = mc->kvm_type(ms, kvm_type);
-} else if (kvm_type) {
-ret = -EINVAL;
-fprintf(stderr, "Invalid argument kvm-type=%s\n", kvm_type);
-goto err;
 }
 
 do {
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index 4d9d47ba1c..e56c42ac22 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -1299,7 +1299,7 @@ void arm_load_kernel(ARMCPU *cpu, MachineState *ms, 
struct arm_boot_info *info)
 info->kernel_filename = ms->kernel_filename;
 info->kernel_cmdline = ms->kernel_cmdline;
 info->initrd_filename = ms->initrd_filename;
-info->dtb_filename = qemu_opt_get(qemu_get_machine_opts(), "dtb");
+info->dtb_filename = ms->dtb;
 info->dtb_limit = 0;
 
 /* Load the kernel.  */
diff --git a/hw/microblaze/boot.c b/hw/microblaze/boot.c
index 6715ba2ff9..caaba1aa4c 100644
--- a/hw/microblaze/boot.c
+++ b/hw/microblaze/boot.c
@@ -34,6 +34,7 @@
 #include "sysemu/device_tree.h"
 #include "sysemu/reset.h"
 #include "sysemu/sysemu.h"
+#include "hw/boards.h"
 #include "hw/loader.h"
 #include "elf.h"
 #include "qemu/cutils.h"
@@ -116,16 +117,14 @@ void microblaze_load_kernel(MicroBlazeCPU *cpu, hwaddr 
ddr_base,
 const char *dtb_filename,
 void (*machine_cpu_reset)(MicroBlazeCPU *))
 {
-QemuOpts *machine_opts;
 const char *kernel_filename;
 const char *kernel_cmdline;
 const char *dtb_arg;
 char *filename = NULL;
 
-machine_opts = qemu_get_machine_opts();
-kernel_filename = qemu_opt_get(machine_opts, "kernel");
-kernel_cmdline = qemu_opt_get(machine_opts, "append");
-dtb_arg = qemu_opt_get(machine_opts, "dtb");
+kernel_filename = current_machine->kernel_filename;
+kernel_cmdline = current_machine->kernel_cmdline;
+dtb_arg = current_machine->dtb;
 /* default to pcbios dtb as passed by machine_init */
 if (!dtb_arg && dtb_filename) {
 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, dtb_filename);
diff --git a/hw/nios2/boot.c b/hw/nios2/boot.c
index 95a8697906..d9969ac148 100644
--- a/hw/nios2/boot.c
+++ b/hw/nios2/boot.c
@@ -39,6 +39,7 @@
 #include "sysemu/device_tree.h"
 #include "sysemu/reset.h"
 #include "sysemu/sysemu.h"
+#include "hw/boards.h"
 #include "hw/loader.h"
 #include "elf.h"
 
@@ -120,16 +121,14 @@ void nios2_load_kernel(Nios2CPU *cpu, hwaddr ddr_base,
 const char *dtb_filename,
 void (*machine_cpu_reset)(Nios2CPU *))
 {
-QemuOpts *machine_opts;
 const char *kernel_filename;
 const char *kernel_cmdline;
 const char *dtb_arg;
 char *filename = NULL;
 
-machine_opts = qemu_get_machine_opts();
-kernel_filename = qemu_opt_get(machine_opts, "kernel");
-kernel_cmdline = qemu_opt_get(machine_opts, "append");
-dtb_arg = qemu_opt_get(machine_opts, "dtb");
+kernel_filename = current_machine->kernel_filename;
+kernel_cmdline = current_machine->kernel_cmdline;
+dtb_arg = current_machine->dtb;
 /* default to pcbios dtb as passed by machine_init */
 if (!dtb_arg) {
 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, dtb_filename);
diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c
index 6a64eb31ab..41dad2e583 100644
--- a/hw/ppc/e500.c
+++ b/hw/ppc/e500.c
@@ -343,9 +343,8 @@ static int ppce500_load_device_tree(PPCE500MachineState 
*pms,
 pmc->pci_pio_base >> 32, 

[PULL 106/113] scripts: kernel-doc: try to use c:function if possible

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

There are a few namespace clashes by using c:macro everywhere:

basically, when using it, we can't have something like:

.. c:struct:: pwm_capture

.. c:macro:: pwm_capture

So, we need to use, instead:

.. c:function:: int pwm_capture (struct pwm_device * pwm, struct 
pwm_capture * result, unsigned long timeout)

for the function declaration.

The kernel-doc change was proposed by Jakob Lykke Andersen here:


https://github.com/jakobandersen/linux_docs/commit/6fd2076ec001cca7466857493cd678df4dfe4a65

Although I did a different implementation.

Signed-off-by: Mauro Carvalho Chehab 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-25-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 23 ++-
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index 98752164eb..2d56c46933 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -917,6 +917,7 @@ sub output_function_rst(%) {
 my ($parameter, $section);
 my $oldprefix = $lineprefix;
 my $start = "";
+my $is_macro = 0;
 
 if ($sphinx_major < 3) {
if ($args{'typedef'}) {
@@ -926,11 +927,17 @@ sub output_function_rst(%) {
$lineprefix = "";
output_highlight_rst($args{'purpose'});
$start = "\n\n**Syntax**\n\n  ``";
+   $is_macro = 1;
} else {
print ".. c:function:: ";
}
 } else {
-   print ".. c:macro:: ". $args{'function'} . "\n\n";
+   if ($args{'typedef'} || $args{'functiontype'} eq "") {
+   $is_macro = 1;
+   print ".. c:macro:: ". $args{'function'} . "\n\n";
+   } else {
+   print ".. c:function:: ";
+   }
 
if ($args{'typedef'}) {
print_lineno($declaration_start_line);
@@ -939,7 +946,7 @@ sub output_function_rst(%) {
output_highlight_rst($args{'purpose'});
$start = "\n\n**Syntax**\n\n  ``";
} else {
-   print "``";
+   print "``" if ($is_macro);
}
 }
 if ($args{'functiontype'} ne "") {
@@ -964,14 +971,12 @@ sub output_function_rst(%) {
print $type;
}
 }
-if ($args{'typedef'}) {
-   print ");``\n\n";
+if ($is_macro) {
+   print ")``\n\n";
 } else {
-   if ($sphinx_major < 3) {
-   print ")\n\n";
-   } else {
-   print ")``\n";
-   }
+   print ")\n\n";
+}
+if (!$args{'typedef'}) {
print_lineno($declaration_start_line);
$lineprefix = "   ";
output_highlight_rst($args{'purpose'});
-- 
2.26.2

[PULL 091/113] scripts/kernel-doc: handle function pointer prototypes

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

There are some function pointer prototypes inside the net
includes, like this one:

int (*pcs_config)(struct phylink_config *config, unsigned int mode,
  phy_interface_t interface, const unsigned long 
*advertising);

There's nothing wrong using it with kernel-doc, but we need to
add a rule for it to parse such kind of prototype.

Signed-off-by: Mauro Carvalho Chehab 
Link: 
https://lore.kernel.org/r/fec520dd731a273013ae06b7653a19c7d15b9562.1592895969.git.mchehab+hua...@kernel.org
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-10-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 5 +
 1 file changed, 5 insertions(+)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index e8fff6a525..1cdece23fb 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1801,6 +1801,11 @@ sub process_proto_function($$) {
$prototype =~ s@/\*.*?\*/@@gos; # strip comments.
$prototype =~ s@[\r\n]+@ @gos; # strip newlines/cr's.
$prototype =~ s@^\s+@@gos; # strip leading spaces
+
+# Handle prototypes for function pointers like:
+# int (*pcs_config)(struct foo)
+   $prototype =~ s@^(\S+\s+)\(\s*\*(\S+)\)@$1$2@gos;
+
if ($prototype =~ /SYSCALL_DEFINE/) {
syscall_munge();
}
-- 
2.26.2

[PULL 103/113] scripts: kernel-doc: don't mangle with parameter list

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

While kernel-doc needs to parse parameters in order to
identify its name, it shouldn't be touching the type,
as parsing it is very difficult, and errors happen.

One current error is when parsing this parameter:

const u32 (*tab)[256]

Found at ./lib/crc32.c, on this function:

u32 __pure crc32_be_generic (u32 crc, unsigned char const *p, size_t 
len, const u32 (*tab)[256], u32 polynomial);

The current logic mangles it, producing this output:

const u32 ( *tab

That's something that it is not recognizeable.

So, instead, let's push the argument as-is, and use it
when printing the function prototype and when describing
each argument.

Signed-off-by: Mauro Carvalho Chehab 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-22-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 26 ++
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index 0c31e9ad66..478037f736 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -655,10 +655,10 @@ sub output_function_man(%) {
$type = $args{'parametertypes'}{$parameter};
if ($type =~ m/([^\(]*\(\*)\s*\)\s*\(([^\)]*)\)/) {
# pointer-to-function
-   print ".BI \"" . $parenth . $1 . "\" " . $parameter . " \") (" . $2 
. ")" . $post . "\"\n";
+   print ".BI \"" . $parenth . $1 . "\" " . " \") (" . $2 . ")" . 
$post . "\"\n";
} else {
$type =~ s/([^\*])$/$1 /;
-   print ".BI \"" . $parenth . $type . "\" " . $parameter . " \"" . 
$post . "\"\n";
+   print ".BI \"" . $parenth . $type . "\" " . " \"" . $post . "\"\n";
}
$count++;
$parenth = "";
@@ -929,7 +929,7 @@ sub output_function_rst(%) {
# pointer-to-function
print $1 . $parameter . ") (" . $2 . ")";
} else {
-   print $type . " " . $parameter;
+   print $type;
}
 }
 if ($args{'typedef'}) {
@@ -954,7 +954,7 @@ sub output_function_rst(%) {
$type = $args{'parametertypes'}{$parameter};
 
if ($type ne "") {
-   print "``$type $parameter``\n";
+   print "``$type``\n";
} else {
print "``$parameter``\n";
}
@@ -1479,7 +1479,7 @@ sub create_parameterlist() {
# Treat preprocessor directive as a typeless variable just to fill
# corresponding data structures "correctly". Catch it later in
# output_* subs.
-   push_parameter($arg, "", $file);
+   push_parameter($arg, "", "", $file);
} elsif ($arg =~ m/\(.+\)\s*\(/) {
# pointer-to-function
$arg =~ tr/#/,/;
@@ -1488,7 +1488,7 @@ sub create_parameterlist() {
$type = $arg;
$type =~ s/([^\(]+\(\*?)\s*$param/$1/;
save_struct_actual($param);
-   push_parameter($param, $type, $file, $declaration_name);
+   push_parameter($param, $type, $arg, $file, $declaration_name);
} elsif ($arg) {
$arg =~ s/\s*:\s*/:/g;
$arg =~ s/\s*\[/\[/g;
@@ -1513,26 +1513,28 @@ sub create_parameterlist() {
foreach $param (@args) {
if ($param =~ m/^(\*+)\s*(.*)/) {
save_struct_actual($2);
-   push_parameter($2, "$type $1", $file, $declaration_name);
+
+   push_parameter($2, "$type $1", $arg, $file, 
$declaration_name);
}
elsif ($param =~ m/(.*?):(\d+)/) {
if ($type ne "") { # skip unnamed bit-fields
save_struct_actual($1);
-   push_parameter($1, "$type:$2", $file, $declaration_name)
+   push_parameter($1, "$type:$2", $arg, $file, 
$declaration_name)
}
}
else {
save_struct_actual($param);
-   push_parameter($param, $type, $file, $declaration_name);
+   push_parameter($param, $type, $arg, $file, 
$declaration_name);
}
}
}
 }
 }
 
-sub push_parameter() {
+sub push_parameter($) {
my $param = shift;
my $type = shift;
+   my $org_arg = shift;
my $file = shift;
my $declaration_name = shift;
 
@@ -1596,8 +1598,8 @@ sub push_parameter() {
# "[blah" in a parameter string;
###$param =~ s/\s*//g;
push @parameterlist, $param;
-   $type =~ s/\s\s+/ /g;
-   $parametertypes{$param} = $type;
+   $org_arg =~ s/\s\s+/ /g;
+   $parametertypes{$param} = $org_arg;
 }
 
 sub check_sections($) {
-- 
2.26.2

Re: [PATCH v2 32/32] scripts: kernel-doc: remove unnecesssary change wrt Linux

[Philippe Mathieu-Daudé]

On 12/1/20 11:35 AM, Paolo Bonzini wrote:
> A comment in kernel-doc mentions QEMU's qatomic_set macro, but since
> this code originated in Linux we should just revert it and stay as close
> to the kernel's copy of the script as possible.
> 
> The change was introduced (more or less unintentionally) in QEMU commit
> commit d73415a31547, which did a global search-and-replace of QEMU's
> atomic access macros.
> 
> Suggested-by: Peter Maydell 
> Signed-off-by: Paolo Bonzini 
> ---
>  scripts/kernel-doc | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Typo "unneces[s]sary" in subject.

[PATCH 17/28] vl: plumb keyval-based options into -set and -readconfig

[Paolo Bonzini]

Add generic machinery to support parsing command line options with
keyval in -set and -readconfig, choosing between QDict and
QemuOpts as the underlying data structure.

The keyval_merge function is slightly heavyweight as a way to
do qemu_set_option for QDict-based options, but it will be put
to further use later to merge entire -readconfig sections together
with their command-line equivalents.

Signed-off-by: Paolo Bonzini 
---
 include/block/qdict.h|   2 -
 include/qapi/qmp/qdict.h |   3 +
 include/qemu/option.h|   1 +
 softmmu/vl.c | 131 ---
 tests/test-keyval.c  |  32 ++
 util/keyval.c|  36 +++
 6 files changed, 182 insertions(+), 23 deletions(-)

diff --git a/include/block/qdict.h b/include/block/qdict.h
index d8cb502d7d..ced2acfb92 100644
--- a/include/block/qdict.h
+++ b/include/block/qdict.h
@@ -20,8 +20,6 @@ void qdict_join(QDict *dest, QDict *src, bool overwrite);
 void qdict_extract_subqdict(QDict *src, QDict **dst, const char *start);
 void qdict_array_split(QDict *src, QList **dst);
 int qdict_array_entries(QDict *src, const char *subqdict);
-QObject *qdict_crumple(const QDict *src, Error **errp);
-void qdict_flatten(QDict *qdict);
 
 typedef struct QDictRenames {
 const char *from;
diff --git a/include/qapi/qmp/qdict.h b/include/qapi/qmp/qdict.h
index da942347a7..8eb1dc9500 100644
--- a/include/qapi/qmp/qdict.h
+++ b/include/qapi/qmp/qdict.h
@@ -66,4 +66,7 @@ const char *qdict_get_try_str(const QDict *qdict, const char 
*key);
 
 QDict *qdict_clone_shallow(const QDict *src);
 
+QObject *qdict_crumple(const QDict *src, Error **errp);
+void qdict_flatten(QDict *qdict);
+
 #endif /* QDICT_H */
diff --git a/include/qemu/option.h b/include/qemu/option.h
index 092e291c37..fffb03d848 100644
--- a/include/qemu/option.h
+++ b/include/qemu/option.h
@@ -151,5 +151,6 @@ QDict *keyval_parse_into(QDict *qdict, const char *params, 
const char *implied_k
  bool *p_help, Error **errp);
 QDict *keyval_parse(const char *params, const char *implied_key,
 bool *help, Error **errp);
+void keyval_merge(QDict *old, const QDict *new, Error **errp);
 
 #endif
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 771af8bb85..de3e22c9eb 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -115,6 +115,7 @@
 #include "qapi/qapi-commands-migration.h"
 #include "qapi/qapi-commands-misc.h"
 #include "qapi/qapi-commands-ui.h"
+#include "qapi/qmp/qdict.h"
 #include "qapi/qmp/qerror.h"
 #include "sysemu/iothread.h"
 #include "qemu/guest-random.h"
@@ -2045,13 +2046,94 @@ static int global_init_func(void *opaque, QemuOpts 
*opts, Error **errp)
 return 0;
 }
 
+/*
+ * Return whether configuration group @group is stored in QemuOpts or
+ * in a list of QDicts.
+ */
+static bool is_qemuopts_group(const char *group)
+{
+return true;
+}
+
+/*
+ * Return a pointer to a list of QDicts, used to store options for
+ * "-set GROUP.*".
+ */
+static GSList **qemu_config_list(const char *group)
+{
+return NULL;
+}
+
+/*
+ * Return a pointer to a QDict inside the list starting at @head,
+ * used to store options for "-GROUP id=...".
+ */
+static QDict *qemu_find_config(GSList *head, const char *id)
+{
+assert(id);
+while (head) {
+QDict *dict = head->data;
+if (g_strcmp0(qdict_get_try_str(dict, "id"), id) == 0) {
+return dict;
+}
+head = head->next;
+}
+return NULL;
+}
+
+static void qemu_record_config_group(const char *group, QDict *dict, Error 
**errp)
+{
+GSList **p_head;
+
+p_head = qemu_config_list(group);
+if (p_head) {
+*p_head = g_slist_prepend(*p_head, dict);
+} else {
+abort();
+}
+}
+
+static void qemu_set_qdict_option(QDict *dict, const char *key, const char 
*value,
+  Error **errp)
+{
+QDict *merge_dict;
+
+merge_dict = qdict_new();
+qdict_put_str(merge_dict, key, value);
+keyval_merge(dict, merge_dict, errp);
+qobject_unref(merge_dict);
+}
+
+/*
+ * Parse non-QemuOpts config file groups, pass the rest to
+ * qemu_config_do_parse.
+ */
+static void qemu_parse_config_group(const char *group, QDict *qdict,
+void *opaque, Error **errp)
+{
+if (is_qemuopts_group(group)) {
+QObject *crumpled = qdict_crumple(qdict, errp);
+if (!crumpled) {
+return;
+}
+if (qobject_type(crumpled) != QTYPE_QDICT) {
+assert(qobject_type(crumpled) == QTYPE_QLIST);
+error_setg(errp, "Lists cannot be at top level of a configuration 
section");
+return;
+}
+qemu_record_config_group(group, qobject_to(QDict, crumpled), errp);
+} else {
+qemu_config_do_parse(group, qdict, opaque, errp);
+}
+}
+
 static void qemu_read_default_config_file(Error **errp)
 {
 int ret;
 Error *local_err = NULL;
 g_autofree char *file = 

[PATCH 05/28] qemu-option: warn for short-form boolean options

[Paolo Bonzini]

Options such as "server" or "nowait", that are commonly found in -chardev,
are sugar for "server=on" and "wait=off".  This is quite surprising and
also does not have any notion of typing attached.  It is even possible to
do "-device e1000,noid" and get a device with "id=off".

Deprecate it and print a warning when it is encountered.  In general,
this short form for boolean options only seems to be in wide use for
-chardev and -spice.

Signed-off-by: Paolo Bonzini 
---
 docs/system/deprecated.rst |  6 ++
 tests/test-qemu-opts.c |  2 +-
 util/qemu-option.c | 29 ++---
 3 files changed, 25 insertions(+), 12 deletions(-)

diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst
index 565389697e..ced4fa23a5 100644
--- a/docs/system/deprecated.rst
+++ b/docs/system/deprecated.rst
@@ -146,6 +146,12 @@ Drives with interface types other than ``if=none`` are for 
onboard
 devices.  It is possible to use drives the board doesn't pick up with
 -device.  This usage is now deprecated.  Use ``if=none`` instead.
 
+Short-form boolean options (since 5.2)
+''
+
+Boolean options such as ``share=on``/``share=off`` can be written
+in short form as ``share`` and ``noshare``.  This is deprecated
+and will cause a warning.
 
 QEMU Machine Protocol (QMP) commands
 
diff --git a/tests/test-qemu-opts.c b/tests/test-qemu-opts.c
index 2aab831d10..8bbb17b1c7 100644
--- a/tests/test-qemu-opts.c
+++ b/tests/test-qemu-opts.c
@@ -515,7 +515,7 @@ static void test_opts_parse(void)
 error_free_or_abort();
 g_assert(!opts);
 
-/* Implied value */
+/* Implied value (qemu_opts_parse warns but accepts it) */
 opts = qemu_opts_parse(_list_03, "an,noaus,noaus=",
false, _abort);
 g_assert_cmpuint(opts_count(opts), ==, 3);
diff --git a/util/qemu-option.c b/util/qemu-option.c
index 5f27d4369d..40564a12eb 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -756,10 +756,12 @@ void qemu_opts_print(QemuOpts *opts, const char 
*separator)
 
 static const char *get_opt_name_value(const char *params,
   const char *firstname,
+  bool warn_on_flag,
   bool *help_wanted,
   char **name, char **value)
 {
 const char *p;
+const char *prefix = "";
 size_t len;
 bool is_help = false;
 
@@ -776,10 +778,15 @@ static const char *get_opt_name_value(const char *params,
 if (strncmp(*name, "no", 2) == 0) {
 memmove(*name, *name + 2, strlen(*name + 2) + 1);
 *value = g_strdup("off");
+prefix = "no";
 } else {
 *value = g_strdup("on");
 is_help = is_help_option(*name);
 }
+if (!is_help && warn_on_flag) {
+warn_report("short-form boolean option '%s%s' deprecated", 
prefix, *name);
+error_printf("Please use %s=%s instead\n", *name, *value);
+}
 }
 } else {
 /* found "foo=bar,more" */
@@ -801,14 +808,14 @@ static const char *get_opt_name_value(const char *params,
 
 static bool opts_do_parse(QemuOpts *opts, const char *params,
   const char *firstname, bool prepend,
-  bool *help_wanted, Error **errp)
+  bool warn_on_flag, bool *help_wanted, Error **errp)
 {
 char *option, *value;
 const char *p;
 QemuOpt *opt;
 
 for (p = params; *p;) {
-p = get_opt_name_value(p, firstname, help_wanted, , );
+p = get_opt_name_value(p, firstname, warn_on_flag, help_wanted, 
, );
 if (help_wanted && *help_wanted) {
 g_free(option);
 g_free(value);
@@ -839,7 +846,7 @@ static char *opts_parse_id(const char *params)
 char *name, *value;
 
 for (p = params; *p;) {
-p = get_opt_name_value(p, NULL, NULL, , );
+p = get_opt_name_value(p, NULL, false, NULL, , );
 if (!strcmp(name, "id")) {
 g_free(name);
 return value;
@@ -858,7 +865,7 @@ bool has_help_option(const char *params)
 bool ret = false;
 
 for (p = params; *p;) {
-p = get_opt_name_value(p, NULL, , , );
+p = get_opt_name_value(p, NULL, false, , , );
 g_free(name);
 g_free(value);
 if (ret) {
@@ -878,12 +885,12 @@ bool has_help_option(const char *params)
 bool qemu_opts_do_parse(QemuOpts *opts, const char *params,
const char *firstname, Error **errp)
 {
-return opts_do_parse(opts, params, firstname, false, NULL, errp);
+return opts_do_parse(opts, params, firstname, false, false, NULL, errp);
 }
 
 static QemuOpts *opts_parse(QemuOptsList *list, const char *params,
 bool permit_abbrev, bool defaults,
-   

Re: [PATCH 4/4] block/iscsi.c: Use lock guard macros

[Kevin Wolf]

Am 09.11.2020 um 16:43 hat Gan Qixin geschrieben:
> Replace manual lock()/unlock() calls with lock guard macros
> (QEMU_LOCK_GUARD/WITH_QEMU_LOCK_GUARD) in block/iscsi.c.
> 
> Signed-off-by: Gan Qixin 
> ---
>  block/iscsi.c | 28 +---
>  1 file changed, 13 insertions(+), 15 deletions(-)
> 
> diff --git a/block/iscsi.c b/block/iscsi.c
> index e30a7e3606..f5f657b582 100644
> --- a/block/iscsi.c
> +++ b/block/iscsi.c
> @@ -322,7 +322,7 @@ iscsi_aio_cancel(BlockAIOCB *blockacb)
>  IscsiAIOCB *acb = (IscsiAIOCB *)blockacb;
>  IscsiLun *iscsilun = acb->iscsilun;
>  
> -qemu_mutex_lock(>mutex);
> +QEMU_LOCK_GUARD(>mutex);
>  
>  /* If it was cancelled or completed already, our work is done here */
>  if (acb->cancelled || acb->status != -EINPROGRESS) {
   qemu_mutex_unlock(>mutex);
   return;
   }

I don't think this qemu_mutex_unlock() is right any more now.

Kevin

[PULL 002/113] target/i386: Support up to 32768 CPUs without IRQ remapping

[Paolo Bonzini]

From: David Woodhouse 

The IOAPIC has an 'Extended Destination ID' field in its RTE, which maps
to bits 11-4 of the MSI address. Since those address bits fall within a
given 4KiB page they were historically non-trivial to use on real hardware.

The Intel IOMMU uses the lowest bit to indicate a remappable format MSI,
and then the remaining 7 bits are part of the index.

Where the remappable format bit isn't set, we can actually use the other
seven to allow external (IOAPIC and MSI) interrupts to reach up to 32768
CPUs instead of just the 255 permitted on bare metal.

Signed-off-by: David Woodhouse 
Message-Id: <78097f9218300e63e751e077a0a5ca029b56ba46.ca...@infradead.org>
Signed-off-by: Paolo Bonzini 
---
 hw/i386/kvm/apic.c  |  7 ++
 hw/i386/pc.c| 16 ++---
 include/standard-headers/asm-x86/kvm_para.h |  1 +
 target/i386/cpu.c   |  5 +-
 target/i386/kvm.c   | 74 +++--
 target/i386/kvm_i386.h  |  2 +
 6 files changed, 75 insertions(+), 30 deletions(-)

diff --git a/hw/i386/kvm/apic.c b/hw/i386/kvm/apic.c
index dd29906061..b226b674e8 100644
--- a/hw/i386/kvm/apic.c
+++ b/hw/i386/kvm/apic.c
@@ -183,6 +183,13 @@ static void kvm_send_msi(MSIMessage *msg)
 {
 int ret;
 
+/*
+ * The message has already passed through interrupt remapping if enabled,
+ * but the legacy extended destination ID in low bits still needs to be
+ * handled.
+ */
+msg->address = kvm_swizzle_msi_ext_dest_id(msg->address);
+
 ret = kvm_irqchip_send_msi(kvm_state, *msg);
 if (ret < 0) {
 fprintf(stderr, "KVM: injection failed, MSI lost (%s)\n",
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 17b514d1da..544db900d3 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -99,6 +99,7 @@
 
 GlobalProperty pc_compat_5_1[] = {
 { "ICH9-LPC", "x-smi-cpu-hotplug", "off" },
+{ TYPE_X86_CPU, "kvm-msi-ext-dest-id", "off" },
 };
 const size_t pc_compat_5_1_len = G_N_ELEMENTS(pc_compat_5_1);
 
@@ -807,17 +808,12 @@ void pc_machine_done(Notifier *notifier, void *data)
 fw_cfg_modify_i16(x86ms->fw_cfg, FW_CFG_NB_CPUS, x86ms->boot_cpus);
 }
 
-if (x86ms->apic_id_limit > 255 && !xen_enabled()) {
-IntelIOMMUState *iommu = INTEL_IOMMU_DEVICE(x86_iommu_get_default());
 
-if (!iommu || !x86_iommu_ir_supported(X86_IOMMU_DEVICE(iommu)) ||
-iommu->intr_eim != ON_OFF_AUTO_ON) {
-error_report("current -smp configuration requires "
- "Extended Interrupt Mode enabled. "
- "You can add an IOMMU using: "
- "-device intel-iommu,intremap=on,eim=on");
-exit(EXIT_FAILURE);
-}
+if (x86ms->apic_id_limit > 255 && !xen_enabled() &&
+!kvm_irqchip_in_kernel()) {
+error_report("current -smp configuration requires kernel "
+ "irqchip support.");
+exit(EXIT_FAILURE);
 }
 }
 
diff --git a/include/standard-headers/asm-x86/kvm_para.h 
b/include/standard-headers/asm-x86/kvm_para.h
index 07877d3295..215d01b4ec 100644
--- a/include/standard-headers/asm-x86/kvm_para.h
+++ b/include/standard-headers/asm-x86/kvm_para.h
@@ -32,6 +32,7 @@
 #define KVM_FEATURE_POLL_CONTROL   12
 #define KVM_FEATURE_PV_SCHED_YIELD 13
 #define KVM_FEATURE_ASYNC_PF_INT   14
+#define KVM_FEATURE_MSI_EXT_DEST_ID15
 
 #define KVM_HINTS_REALTIME  0
 
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 5a8c96072e..b90ed05897 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -799,7 +799,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
 "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
 "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
 NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi",
-"kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", NULL,
+"kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", 
"kvm-msi-ext-dest-id",
 NULL, NULL, NULL, NULL,
 NULL, NULL, NULL, NULL,
 "kvmclock-stable-bit", NULL, NULL, NULL,
@@ -4114,6 +4114,7 @@ static PropValue kvm_default_props[] = {
 { "kvm-pv-eoi", "on" },
 { "kvmclock-stable-bit", "on" },
 { "x2apic", "on" },
+{ "kvm-msi-ext-dest-id", "off" },
 { "acpi", "off" },
 { "monitor", "off" },
 { "svm", "off" },
@@ -5140,6 +5141,8 @@ static void x86_cpu_load_model(X86CPU *cpu, X86CPUModel 
*model)
 if (kvm_enabled()) {
 if (!kvm_irqchip_in_kernel()) {
 x86_cpu_change_kvm_default("x2apic", "off");
+} else if (kvm_irqchip_is_split() && kvm_enable_x2apic()) {
+x86_cpu_change_kvm_default("kvm-msi-ext-dest-id", "on");
 }
 
 x86_cpu_apply_props(cpu, kvm_default_props);
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index a2934dda02..4531c50656 100644
--- 

[PULL 006/113] qom: eliminate identical functions

[Paolo Bonzini]

Most property release functions in qom/object.c only free the opaque
value.  Combine all of them into a single function.

Signed-off-by: Paolo Bonzini 
---
 qom/object.c | 36 +++-
 1 file changed, 7 insertions(+), 29 deletions(-)

diff --git a/qom/object.c b/qom/object.c
index 1065355233..75a78c9343 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -2174,11 +2174,10 @@ static void property_set_str(Object *obj, Visitor *v, 
const char *name,
 g_free(value);
 }
 
-static void property_release_str(Object *obj, const char *name,
- void *opaque)
+static void property_release_data(Object *obj, const char *name,
+  void *opaque)
 {
-StringProperty *prop = opaque;
-g_free(prop);
+g_free(opaque);
 }
 
 ObjectProperty *
@@ -2194,7 +2193,7 @@ object_property_add_str(Object *obj, const char *name,
 return object_property_add(obj, name, "string",
get ? property_get_str : NULL,
set ? property_set_str : NULL,
-   property_release_str,
+   property_release_data,
prop);
 }
 
@@ -2251,13 +2250,6 @@ static void property_set_bool(Object *obj, Visitor *v, 
const char *name,
 prop->set(obj, value, errp);
 }
 
-static void property_release_bool(Object *obj, const char *name,
-  void *opaque)
-{
-BoolProperty *prop = opaque;
-g_free(prop);
-}
-
 ObjectProperty *
 object_property_add_bool(Object *obj, const char *name,
  bool (*get)(Object *, Error **),
@@ -2271,7 +2263,7 @@ object_property_add_bool(Object *obj, const char *name,
 return object_property_add(obj, name, "bool",
get ? property_get_bool : NULL,
set ? property_set_bool : NULL,
-   property_release_bool,
+   property_release_data,
prop);
 }
 
@@ -2320,13 +2312,6 @@ static void property_set_enum(Object *obj, Visitor *v, 
const char *name,
 prop->set(obj, value, errp);
 }
 
-static void property_release_enum(Object *obj, const char *name,
-  void *opaque)
-{
-EnumProperty *prop = opaque;
-g_free(prop);
-}
-
 ObjectProperty *
 object_property_add_enum(Object *obj, const char *name,
  const char *typename,
@@ -2343,7 +2328,7 @@ object_property_add_enum(Object *obj, const char *name,
 return object_property_add(obj, name, typename,
get ? property_get_enum : NULL,
set ? property_set_enum : NULL,
-   property_release_enum,
+   property_release_data,
prop);
 }
 
@@ -2410,13 +2395,6 @@ out_end:
 visit_end_struct(v, NULL);
 }
 
-static void property_release_tm(Object *obj, const char *name,
-void *opaque)
-{
-TMProperty *prop = opaque;
-g_free(prop);
-}
-
 ObjectProperty *
 object_property_add_tm(Object *obj, const char *name,
void (*get)(Object *, struct tm *, Error **))
@@ -2427,7 +2405,7 @@ object_property_add_tm(Object *obj, const char *name,
 
 return object_property_add(obj, name, "struct tm",
get ? property_get_tm : NULL, NULL,
-   property_release_tm,
+   property_release_data,
prop);
 }
 
-- 
2.26.2

[PULL 020/113] hw/net/xilinx_axienet: Rename StreamSlave as StreamSink

[Paolo Bonzini]

From: Philippe Mathieu-Daudé 

In order to use inclusive terminology, rename 'slave stream'
as 'sink stream'.

Signed-off-by: Philippe Mathieu-Daudé 
Acked-by: Paolo Bonzini 
Reviewed-by: Edgar E. Iglesias 
Message-Id: <20200910070131.435543-5-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 hw/net/xilinx_axienet.c | 24 
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/hw/net/xilinx_axienet.c b/hw/net/xilinx_axienet.c
index 9bccbe9be3..990ff3a1c2 100644
--- a/hw/net/xilinx_axienet.c
+++ b/hw/net/xilinx_axienet.c
@@ -45,11 +45,11 @@
 
 OBJECT_DECLARE_SIMPLE_TYPE(XilinxAXIEnet, XILINX_AXI_ENET)
 
-typedef struct XilinxAXIEnetStreamSlave XilinxAXIEnetStreamSlave;
-DECLARE_INSTANCE_CHECKER(XilinxAXIEnetStreamSlave, XILINX_AXI_ENET_DATA_STREAM,
+typedef struct XilinxAXIEnetStreamSink XilinxAXIEnetStreamSink;
+DECLARE_INSTANCE_CHECKER(XilinxAXIEnetStreamSink, XILINX_AXI_ENET_DATA_STREAM,
  TYPE_XILINX_AXI_ENET_DATA_STREAM)
 
-DECLARE_INSTANCE_CHECKER(XilinxAXIEnetStreamSlave, 
XILINX_AXI_ENET_CONTROL_STREAM,
+DECLARE_INSTANCE_CHECKER(XilinxAXIEnetStreamSink, 
XILINX_AXI_ENET_CONTROL_STREAM,
  TYPE_XILINX_AXI_ENET_CONTROL_STREAM)
 
 /* Advertisement control register. */
@@ -310,7 +310,7 @@ struct TEMAC  {
 };
 
 
-struct XilinxAXIEnetStreamSlave {
+struct XilinxAXIEnetStreamSink {
 Object parent;
 
 struct XilinxAXIEnet *enet;
@@ -322,8 +322,8 @@ struct XilinxAXIEnet {
 qemu_irq irq;
 StreamSink *tx_data_dev;
 StreamSink *tx_control_dev;
-XilinxAXIEnetStreamSlave rx_data_dev;
-XilinxAXIEnetStreamSlave rx_control_dev;
+XilinxAXIEnetStreamSink rx_data_dev;
+XilinxAXIEnetStreamSink rx_control_dev;
 NICState *nic;
 NICConf conf;
 
@@ -856,7 +856,7 @@ xilinx_axienet_control_stream_push(StreamSink *obj, uint8_t 
*buf, size_t len,
bool eop)
 {
 int i;
-XilinxAXIEnetStreamSlave *cs = XILINX_AXI_ENET_CONTROL_STREAM(obj);
+XilinxAXIEnetStreamSink *cs = XILINX_AXI_ENET_CONTROL_STREAM(obj);
 XilinxAXIEnet *s = cs->enet;
 
 assert(eop);
@@ -877,7 +877,7 @@ static size_t
 xilinx_axienet_data_stream_push(StreamSink *obj, uint8_t *buf, size_t size,
 bool eop)
 {
-XilinxAXIEnetStreamSlave *ds = XILINX_AXI_ENET_DATA_STREAM(obj);
+XilinxAXIEnetStreamSink *ds = XILINX_AXI_ENET_DATA_STREAM(obj);
 XilinxAXIEnet *s = ds->enet;
 
 /* TX enable ?  */
@@ -951,8 +951,8 @@ static NetClientInfo net_xilinx_enet_info = {
 static void xilinx_enet_realize(DeviceState *dev, Error **errp)
 {
 XilinxAXIEnet *s = XILINX_AXI_ENET(dev);
-XilinxAXIEnetStreamSlave *ds = 
XILINX_AXI_ENET_DATA_STREAM(>rx_data_dev);
-XilinxAXIEnetStreamSlave *cs = XILINX_AXI_ENET_CONTROL_STREAM(
+XilinxAXIEnetStreamSink *ds = XILINX_AXI_ENET_DATA_STREAM(>rx_data_dev);
+XilinxAXIEnetStreamSink *cs = XILINX_AXI_ENET_CONTROL_STREAM(
 
>rx_control_dev);
 
 object_property_add_link(OBJECT(ds), "enet", "xlnx.axi-ethernet",
@@ -1043,7 +1043,7 @@ static const TypeInfo xilinx_enet_info = {
 static const TypeInfo xilinx_enet_data_stream_info = {
 .name  = TYPE_XILINX_AXI_ENET_DATA_STREAM,
 .parent= TYPE_OBJECT,
-.instance_size = sizeof(XilinxAXIEnetStreamSlave),
+.instance_size = sizeof(XilinxAXIEnetStreamSink),
 .class_init= xilinx_enet_data_stream_class_init,
 .interfaces = (InterfaceInfo[]) {
 { TYPE_STREAM_SINK },
@@ -1054,7 +1054,7 @@ static const TypeInfo xilinx_enet_data_stream_info = {
 static const TypeInfo xilinx_enet_control_stream_info = {
 .name  = TYPE_XILINX_AXI_ENET_CONTROL_STREAM,
 .parent= TYPE_OBJECT,
-.instance_size = sizeof(XilinxAXIEnetStreamSlave),
+.instance_size = sizeof(XilinxAXIEnetStreamSink),
 .class_init= xilinx_enet_control_stream_class_init,
 .interfaces = (InterfaceInfo[]) {
 { TYPE_STREAM_SINK },
-- 
2.26.2

[PULL 043/113] moxie: do not use ram_size global

[Paolo Bonzini]

Use the loader parameters instead.

Cc: Philippe Mathieu-Daudé 
Signed-off-by: Paolo Bonzini 
---
 hw/moxie/moxiesim.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/moxie/moxiesim.c b/hw/moxie/moxiesim.c
index d07d504c0d..f7b57fcae1 100644
--- a/hw/moxie/moxiesim.c
+++ b/hw/moxie/moxiesim.c
@@ -82,7 +82,7 @@ static void load_kernel(MoxieCPU *cpu, LoaderParams 
*loader_params)
 }
 initrd_size = load_image_targphys(loader_params->initrd_filename,
   initrd_offset,
-  ram_size);
+  loader_params->ram_size);
 }
 if (initrd_size == (target_ulong)-1) {
 error_report("could not load initial ram disk '%s'",
-- 
2.26.2

[PULL 025/113] lm32: remove bios_name

[Paolo Bonzini]

Cc: Michael Walle 
Signed-off-by: Paolo Bonzini 
Reviewed-by: Alex Bennée 
Message-Id: <20201026143028.3034018-7-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 hw/lm32/milkymist.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/hw/lm32/milkymist.c b/hw/lm32/milkymist.c
index 9ef94883d5..93ca8bc2ac 100644
--- a/hw/lm32/milkymist.c
+++ b/hw/lm32/milkymist.c
@@ -108,6 +108,7 @@ static void
 milkymist_init(MachineState *machine)
 {
 MachineClass *mc = MACHINE_GET_CLASS(machine);
+const char *bios_name = machine->firmware ?: BIOS_FILENAME;
 const char *kernel_filename = machine->kernel_filename;
 const char *kernel_cmdline = machine->kernel_cmdline;
 const char *initrd_filename = machine->initrd_filename;
@@ -162,9 +163,6 @@ milkymist_init(MachineState *machine)
 }
 
 /* load bios rom */
-if (bios_name == NULL) {
-bios_name = BIOS_FILENAME;
-}
 bios_filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
 
 if (bios_filename) {
-- 
2.26.2

[PULL 030/113] rx: move BIOS load from MCU to board

[Paolo Bonzini]

The ROM loader state is global and not part of the MCU, and the
BIOS is in machine->firmware.  So just like the kernel case,
load it in the board.

Due to the ordering between CPU reset and ROM reset, the ROM
has to be registered before the CPU is realized, otherwise
the reset vector is loaded before the ROM is there.

Reviewed-by: Philippe Mathieu-Daudé 
Tested-by: Philippe Mathieu-Daudé 
Signed-off-by: Paolo Bonzini 
---
 hw/rx/rx-gdbsim.c | 10 ++
 hw/rx/rx62n.c |  9 -
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/hw/rx/rx-gdbsim.c b/hw/rx/rx-gdbsim.c
index 285549c79b..b1d7c2488f 100644
--- a/hw/rx/rx-gdbsim.c
+++ b/hw/rx/rx-gdbsim.c
@@ -106,6 +106,16 @@ static void rx_gdbsim_init(MachineState *machine)
  rxc->xtal_freq_hz, _abort);
 object_property_set_bool(OBJECT(>mcu), "load-kernel",
  kernel_filename != NULL, _abort);
+
+if (!kernel_filename) {
+if (machine->firmware) {
+rom_add_file_fixed(machine->firmware, RX62N_CFLASH_BASE, 0);
+} else if (!qtest_enabled()) {
+error_report("No bios or kernel specified");
+exit(1);
+}
+}
+
 qdev_realize(DEVICE(>mcu), NULL, _abort);
 
 /* Load kernel and dtb */
diff --git a/hw/rx/rx62n.c b/hw/rx/rx62n.c
index 6eb4eea700..17ec73fc7b 100644
--- a/hw/rx/rx62n.c
+++ b/hw/rx/rx62n.c
@@ -245,15 +245,6 @@ static void rx62n_realize(DeviceState *dev, Error **errp)
rxc->rom_flash_size, _abort);
 memory_region_add_subregion(s->sysmem, RX62N_CFLASH_BASE, >c_flash);
 
-if (!s->kernel) {
-if (bios_name) {
-rom_add_file_fixed(bios_name, RX62N_CFLASH_BASE, 0);
-}  else if (!qtest_enabled()) {
-error_report("No bios or kernel specified");
-exit(1);
-}
-}
-
 /* Initialize CPU */
 object_initialize_child(OBJECT(s), "cpu", >cpu, TYPE_RX62N_CPU);
 qdev_realize(DEVICE(>cpu), NULL, _abort);
-- 
2.26.2

[PULL 041/113] microblaze: do not use ram_size global

[Paolo Bonzini]

Use the equivalent argument to the function instead.

Signed-off-by: Paolo Bonzini 
---
 hw/microblaze/boot.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/microblaze/boot.c b/hw/microblaze/boot.c
index 8ad3c27f2c..e1f56f83f9 100644
--- a/hw/microblaze/boot.c
+++ b/hw/microblaze/boot.c
@@ -170,7 +170,7 @@ void microblaze_load_kernel(MicroBlazeCPU *cpu, hwaddr 
ddr_base,
 /* Not an ELF image nor an u-boot image, try a RAW image.  */
 if (kernel_size < 0) {
 kernel_size = load_image_targphys(kernel_filename, ddr_base,
-  ram_size);
+  ramsize);
 boot_info.bootstrap_pc = ddr_base;
 high = (ddr_base + kernel_size + 3) & ~3;
 }
@@ -185,11 +185,11 @@ void microblaze_load_kernel(MicroBlazeCPU *cpu, hwaddr 
ddr_base,
 
 initrd_size = load_ramdisk(initrd_filename,
boot_info.initrd_start,
-   ram_size - initrd_offset);
+   ramsize - initrd_offset);
 if (initrd_size < 0) {
 initrd_size = load_image_targphys(initrd_filename,
   boot_info.initrd_start,
-  ram_size - initrd_offset);
+  ramsize - initrd_offset);
 }
 if (initrd_size < 0) {
 error_report("could not load initrd '%s'",
@@ -206,7 +206,7 @@ void microblaze_load_kernel(MicroBlazeCPU *cpu, hwaddr 
ddr_base,
 }
 /* Provide a device-tree.  */
 boot_info.fdt = boot_info.cmdline + 4096;
-microblaze_load_dtb(boot_info.fdt, ram_size,
+microblaze_load_dtb(boot_info.fdt, ramsize,
 boot_info.initrd_start,
 boot_info.initrd_end,
 kernel_cmdline,
-- 
2.26.2

[PULL 040/113] m68k: do not use ram_size global

[Paolo Bonzini]

Use the machine properties instead.

Cc: Laurent Vivier 
Reviewed-by: Thomas Huth 
Signed-off-by: Paolo Bonzini 
---
 hw/m68k/mcf5206.c   | 4 +++-
 hw/m68k/mcf5208.c   | 3 ++-
 target/m68k/m68k-semi.c | 5 +++--
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/hw/m68k/mcf5206.c b/hw/m68k/mcf5206.c
index 51d2e0da1c..8708aa4480 100644
--- a/hw/m68k/mcf5206.c
+++ b/hw/m68k/mcf5206.c
@@ -10,6 +10,7 @@
 #include "qemu/error-report.h"
 #include "qemu/log.h"
 #include "cpu.h"
+#include "hw/boards.h"
 #include "hw/irq.h"
 #include "hw/m68k/mcf.h"
 #include "qemu/timer.h"
@@ -311,8 +312,9 @@ static uint64_t m5206_mbar_read(m5206_mbar_state *s,
 /* FIXME: currently hardcoded to 128Mb.  */
 {
 uint32_t mask = ~0;
-while (mask > ram_size)
+while (mask > current_machine->ram_size) {
 mask >>= 1;
+}
 return mask & 0x0ffe;
 }
 case 0x5c: return 1; /* DRAM bank 1 empty.  */
diff --git a/hw/m68k/mcf5208.c b/hw/m68k/mcf5208.c
index 7c8ca5ddf6..2205145ecc 100644
--- a/hw/m68k/mcf5208.c
+++ b/hw/m68k/mcf5208.c
@@ -157,8 +157,9 @@ static uint64_t m5208_sys_read(void *opaque, hwaddr addr,
 {
 int n;
 for (n = 0; n < 32; n++) {
-if (ram_size < (2u << n))
+if (current_machine->ram_size < (2u << n)) {
 break;
+}
 }
 return (n - 1)  | 0x4000;
 }
diff --git a/target/m68k/m68k-semi.c b/target/m68k/m68k-semi.c
index 8e5fbfc8fa..27600e0cc0 100644
--- a/target/m68k/m68k-semi.c
+++ b/target/m68k/m68k-semi.c
@@ -26,6 +26,7 @@
 #else
 #include "exec/gdbstub.h"
 #include "exec/softmmu-semi.h"
+#include "hw/boards.h"
 #endif
 #include "qemu/log.h"
 
@@ -455,8 +456,8 @@ void do_m68k_semihosting(CPUM68KState *env, int nr)
  * FIXME: This is wrong for boards where RAM does not start at
  * address zero.
  */
-env->dregs[1] = ram_size;
-env->aregs[7] = ram_size;
+env->dregs[1] = current_machine->ram_size;
+env->aregs[7] = current_machine->ram_size;
 #endif
 return;
 default:
-- 
2.26.2

[PULL 042/113] mips: do not use ram_size global

[Paolo Bonzini]

Use the machine properties or loader parameters instead.

Cc: Philippe Mathieu-Daudé 
Signed-off-by: Paolo Bonzini 
---
 hw/mips/fuloong2e.c | 4 ++--
 hw/mips/malta.c | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/mips/fuloong2e.c b/hw/mips/fuloong2e.c
index 25b679011f..84a2132f85 100644
--- a/hw/mips/fuloong2e.c
+++ b/hw/mips/fuloong2e.c
@@ -134,14 +134,14 @@ static int64_t load_kernel(CPUMIPSState *env)
 initrd_size = get_image_size(loaderparams.initrd_filename);
 if (initrd_size > 0) {
 initrd_offset = ROUND_UP(kernel_high, INITRD_PAGE_SIZE);
-if (initrd_offset + initrd_size > ram_size) {
+if (initrd_offset + initrd_size > loaderparams.ram_size) {
 error_report("memory too small for initial ram disk '%s'",
  loaderparams.initrd_filename);
 exit(1);
 }
 initrd_size = load_image_targphys(loaderparams.initrd_filename,
   initrd_offset,
-  ram_size - initrd_offset);
+  loaderparams.ram_size - 
initrd_offset);
 }
 if (initrd_size == (target_ulong) -1) {
 error_report("could not load initial ram disk '%s'",
diff --git a/hw/mips/malta.c b/hw/mips/malta.c
index ef369945d1..467b21849e 100644
--- a/hw/mips/malta.c
+++ b/hw/mips/malta.c
@@ -1087,7 +1087,7 @@ static int64_t load_kernel(void)
 }
 initrd_size = load_image_targphys(loaderparams.initrd_filename,
   initrd_offset,
-  ram_size - initrd_offset);
+  loaderparams.ram_size - 
initrd_offset);
 }
 if (initrd_size == (target_ulong) -1) {
 error_report("could not load initial ram disk '%s'",
-- 
2.26.2

[PULL 083/113] kernel-doc: fix processing nested structs with attributes

[Paolo Bonzini]

From: André Almeida 

The current regular expression for strip attributes of structs (and
for nested ones as well) also removes all whitespaces that may
surround the attribute. After that, the code will split structs and
iterate for each symbol separated by comma at the end of struct
definition (e.g. "} alias1, alias2;"). However, if the nested struct
does not have any alias and has an attribute, it will result in a
empty string at the closing bracket (e.g "};"). This will make the
split return nothing and $newmember will keep uninitialized. Fix
that, by ensuring that the attribute substitution will leave at least
one whitespace.

Signed-off-by: André Almeida 
Signed-off-by: Jonathan Corbet 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-2-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index 4fbaaa05e3..d6bdb77ceb 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1103,10 +1103,10 @@ sub dump_struct($$) {
# strip comments:
$members =~ s/\/\*.*?\*\///gos;
# strip attributes
-   $members =~ s/\s*__attribute__\s*\(\([a-z0-9,_\*\s\(\)]*\)\)//gi;
-   $members =~ s/\s*__aligned\s*\([^;]*\)//gos;
-   $members =~ s/\s*__packed\s*//gos;
-   $members =~ s/\s*CRYPTO_MINALIGN_ATTR//gos;
+   $members =~ s/\s*__attribute__\s*\(\([a-z0-9,_\*\s\(\)]*\)\)/ /gi;
+   $members =~ s/\s*__aligned\s*\([^;]*\)/ /gos;
+   $members =~ s/\s*__packed\s*/ /gos;
+   $members =~ s/\s*CRYPTO_MINALIGN_ATTR/ /gos;
# replace DECLARE_BITMAP
$members =~ s/DECLARE_BITMAP\s*\(([^,)]+),\s*([^,)]+)\)/unsigned long 
$1\[BITS_TO_LONGS($2)\]/gos;
# replace DECLARE_HASHTABLE
-- 
2.26.2

[PULL 105/113] scripts: kernel-doc: fix line number handling

[Paolo Bonzini]

From: Mauro Carvalho Chehab 

Address several issues related to pointing to the wrong line
number:

1) ensure that line numbers will always be initialized

   When section is the default (Description), the line number
   is not initializing, producing this:

$ ./scripts/kernel-doc --enable-lineno 
./drivers/media/v4l2-core/v4l2-mem2mem.c|less

**Description**

#define LINENO 0
In case of streamoff or release called on any context,
1] If the context is currently running, then abort job will be called
2] If the context is queued, then the context will be removed from
   the job_queue

  Which is not right. Ensure that the line number will always
  be there. After applied, the result now points to the right location:

**Description**

#define LINENO 410
In case of streamoff or release called on any context,
1] If the context is currently running, then abort job will be called
2] If the context is queued, then the context will be removed from
   the job_queue

2) The line numbers for function prototypes are always + 1,
   because it is taken at the line after handling the prototype.
   Change the logic to point to the next line after the /** */
   block;

3) The "DOC:" line number should point to the same line as this
   markup is found, and not to the next one.

Probably part of the issues were due to a but that was causing
the line number offset to be incremented by one, if --export
were used.

Signed-off-by: Mauro Carvalho Chehab 
Signed-off-by: Paolo Bonzini 
Message-Id: <20201117165312.118257-24-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/kernel-doc | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/scripts/kernel-doc b/scripts/kernel-doc
index 667ad3169c..98752164eb 100755
--- a/scripts/kernel-doc
+++ b/scripts/kernel-doc
@@ -1705,7 +1705,7 @@ sub dump_function($$) {
 my $file = shift;
 my $noret = 0;
 
-print_lineno($.);
+print_lineno($new_start_line);
 
 $prototype =~ s/^static +//;
 $prototype =~ s/^extern +//;
@@ -2033,7 +2033,7 @@ sub process_name($$) {
 if (/$doc_block/o) {
$state = STATE_DOCBLOCK;
$contents = "";
-   $new_start_line = $. + 1;
+   $new_start_line = $.;
 
if ( $1 eq "" ) {
$section = $section_intro;
@@ -2116,6 +2116,7 @@ sub process_body($$) {
 if ($state == STATE_BODY_WITH_BLANK_LINE && /^\s*\*\s?\S/) {
dump_section($file, $section, $contents);
$section = $section_default;
+   $new_start_line = $.;
$contents = "";
 }
 
@@ -2171,6 +2172,7 @@ sub process_body($$) {
$prototype = "";
$state = STATE_PROTO;
$brcount = 0;
+$new_start_line = $. + 1;
 } elsif (/$doc_content/) {
if ($1 eq "") {
if ($section eq $section_context) {
-- 
2.26.2