sdk/emulator/qemu.git
9 years agoconfigure: probe for memfd
Marc-André Lureau [Fri, 9 Oct 2015 15:17:16 +0000 (17:17 +0200)]
configure: probe for memfd

Check if memfd_create() is part of system libc.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Tested-by: Thibaut Collet <thibaut.collet@6wind.com>
9 years agovirtio: add some migration doc
Cornelia Huck [Thu, 17 Sep 2015 16:42:57 +0000 (18:42 +0200)]
virtio: add some migration doc

Try to cover the basics of virtio migration.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
9 years agovhost: fail backend intialization early
Igor Mammedov [Tue, 6 Oct 2015 08:37:29 +0000 (10:37 +0200)]
vhost: fail backend intialization early

Don't initialize vhost backend if memslots number exceeds the supported
limit. This prevents failures down the road when backend
is actually started.

[MST: rewrite commit log]

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agopc-dimm: add vhost slots limit check before commiting to hotplug
Igor Mammedov [Tue, 6 Oct 2015 08:37:28 +0000 (10:37 +0200)]
pc-dimm: add vhost slots limit check before commiting to hotplug

it allows safely cancel memory hotplug if vhost backend
doesn't support necessary amount of memory slots and prevents
QEMU crashing in vhost due to hitting vhost limit on amount
of supported memory ranges.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agovhost: add vhost_has_free_slot() interface
Igor Mammedov [Tue, 6 Oct 2015 08:37:27 +0000 (10:37 +0200)]
vhost: add vhost_has_free_slot() interface

it will allow for other parts of QEMU check if it's safe
to map memory region during hotplug/runtime.
That way hotplug path will have a chance to cancel
hotplug operation instead of crashing in vhost_commit().

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agonet: don't set native endianness
Michael S. Tsirkin [Wed, 14 Oct 2015 09:11:27 +0000 (12:11 +0300)]
net: don't set native endianness

commit 5be7d9f1b1452613b95c6ba70b8d7ad3d0797991
    vhost-net: tell tap backend about the vnet endianness
makes vhost net always try to set LE - even if that matches the
native endian-ness.

This makes it fail on older kernels on x86 without TUNSETVNETLE support.

To fix, make qemu_set_vnet_le/qemu_set_vnet_be skip the
ioctl if it matches the host endian-ness.

Reported-by: Marcel Apfelbaum <marcel@redhat.com>
Cc: Greg Kurz <gkurz@linux.vnet.ibm.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
9 years agoexec: factor out duplicate mmap code
Michael S. Tsirkin [Thu, 24 Sep 2015 11:41:17 +0000 (14:41 +0300)]
exec: factor out duplicate mmap code

Anonymous and file-backed RAM allocation are now almost exactly the same.

Reduce code duplication by moving RAM mmap code out of oslib-posix.c and
exec.c.

Reported-by: Marc-André Lureau <mlureau@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Thibaut Collet <thibaut.collet@6wind.com>
9 years agointel_iommu: Add support for translation for devices behind bridges
Knut Omang [Sun, 4 Oct 2015 13:48:50 +0000 (15:48 +0200)]
intel_iommu: Add support for translation for devices behind bridges

- Use a hash table indexed on bus pointers to store information about buses
  instead of using the bus numbers.
  Bus pointers are stored in a new VTDBus struct together with the vector
  of device address space pointers indexed by devfn.
- The bus number is still used for lookup for selective SID based invalidate,
  in which case the bus number is lazily resolved from the bus hash table and
  cached in a separate index.

Signed-off-by: Knut Omang <knut.omang@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151016' into...
Peter Maydell [Sat, 17 Oct 2015 11:31:33 +0000 (12:31 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151016' into staging

target-arm queue:
 * break TBs after ISB instructions
 * more support code for future implementation of EL2 and 64-bit EL3
 * tell guest if KVM is enabled in SMBIOS version string
 * implement OSLAR/OSLSR system registers
 * provide better help text for Sharp PDA machine names
 * rename imx25_pdk to imx25-pdk (since it has never been released
   with the underscore-version name)
 * fix MMIO writes in zynq_slcr
 * implement MDCR_EL2
 * virt: allow the guest to configure PCI BARs with zero PCI addresses
 * fix breakpoint handling code

# gpg: Signature made Fri 16 Oct 2015 14:56:15 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-target-arm-20151016:
  target-arm: Fix CPU breakpoint handling
  target-arm: Fix GDB breakpoint handling
  target-arm: implement arm_debug_target_el()
  hw/arm/virt: Allow zero address for PCI IO space
  target-arm: Add MDCR_EL2
  misc: zynq_slcr: Fix MMIO writes
  arm: imx25-pdk: Fix machine name
  target-arm: Provide model numbers for Sharp PDAs
  target-arm: Implement AArch64 OSLAR/OSLSR_EL1 sysregs
  hw/arm/virt: smbios: inform guest of kvm
  target-arm: Avoid calling arm_el_is_aa64() function for unimplemented EL
  target-arm: Break the TB after ISB to execute self-modified code correctly
  target-arm: Add missing 'static' attribute

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20151016' into staging
Peter Maydell [Fri, 16 Oct 2015 18:11:59 +0000 (19:11 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20151016' into staging

cocoa queue:
 * fixes for compiler warnings
 * fix mouse cursor flickering

# gpg: Signature made Fri 16 Oct 2015 11:09:46 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"

* remotes/pmaydell/tags/pull-cocoa-20151016:
  ui/cocoa.m: blinky mouse cursor fix
  ui/cocoa.m: addRemovableDevicesMenuItems() warning fix
  ui/cocoa.m: eliminate normalWindow warning

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-10-15' into staging
Peter Maydell [Fri, 16 Oct 2015 16:13:05 +0000 (17:13 +0100)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-10-15' into staging

QAPI patches

# gpg: Signature made Thu 15 Oct 2015 07:40:46 BST using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-qapi-2015-10-15:
  qapi: Track location that created an implicit type
  qapi: Create simple union type member earlier
  qapi: Lazy creation of array types
  qapi: Don't use info as witness of implicit object type
  qapi: Drop redundant args-member-array test
  qapi: Drop redundant flat-union-reverse-define test
  qapi: Drop redundant returns-int test
  qapi: Move empty-enum to compile-time test
  qapi: Drop redundant alternate-good test
  qapi: Prepare for errors during check()
  qapi: Use predicate callback to determine visit filtering
  qapi: Fix regression with '-netdev help'

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/juanquintela/tags/migration/20151015' into...
Peter Maydell [Fri, 16 Oct 2015 14:47:59 +0000 (15:47 +0100)]
Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151015' into staging

migration/next for 20151015

# gpg: Signature made Thu 15 Oct 2015 07:25:27 BST using RSA key ID 5872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>"
# gpg:                 aka "Juan Quintela <quintela@trasno.org>"

* remotes/juanquintela/tags/migration/20151015:
  migration: fix deadlock
  migration: announce VM's new home just before VM is runnable
  Migration: Generate the completed event only when we complete

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Fix CPU breakpoint handling
Sergey Fedorov [Tue, 13 Oct 2015 09:56:28 +0000 (12:56 +0300)]
target-arm: Fix CPU breakpoint handling

A QEMU breakpoint match is not definitely an architectural breakpoint
match. If an exception is generated unconditionally during translation,
it is hardly possible to ignore it in the debug exception handler.

Generate a call to a helper to check CPU breakpoints and raise an
exception only if any breakpoint matches architecturally.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Fix GDB breakpoint handling
Sergey Fedorov [Tue, 13 Oct 2015 09:56:27 +0000 (12:56 +0300)]
target-arm: Fix GDB breakpoint handling

GDB breakpoints have higher priority so they have to be checked first.
Should GDB breakpoint match, just return from the debug exception
handler.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: implement arm_debug_target_el()
Sergey Fedorov [Mon, 14 Sep 2015 10:53:48 +0000 (13:53 +0300)]
target-arm: implement arm_debug_target_el()

Implement debug exception routing according to ARM ARM D2.3.1 Pseudocode
description of routing debug exceptions.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agohw/arm/virt: Allow zero address for PCI IO space
Alexander Gordeev [Fri, 16 Oct 2015 10:14:54 +0000 (11:14 +0100)]
hw/arm/virt: Allow zero address for PCI IO space

Currently PCI IO address 0 is not allowed even though
the IO space starts from 0. This update makes  PCI IO
address 0 usable.

CC: Peter Maydell <peter.maydell@linaro.org>
CC: Andrew Jones <drjones@redhat.com>
Signed-off-by: Alexander Gordeev <agordeev@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add MDCR_EL2
Sergey Fedorov [Fri, 16 Oct 2015 10:14:54 +0000 (11:14 +0100)]
target-arm: Add MDCR_EL2

Add the MDCR_EL2 register. We don't implement any of
the debug-related traps this register controls yet, so
currently it simply reads back as written.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1444383794-16767-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: tweaked commit message; moved non-dummy definition from
debug_cp_reginfo to el2_cp_reginfo.]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agomisc: zynq_slcr: Fix MMIO writes
Peter Crosthwaite [Fri, 16 Oct 2015 10:14:53 +0000 (11:14 +0100)]
misc: zynq_slcr: Fix MMIO writes

The /4 for offset calculation in MMIO writes was happening twice giving
wrong write offsets. Fix.

While touching the code, change the if-else to be a short returning if
and convert the debug message to a GUEST_ERROR, which is more accurate
for this condition.

Cc: qemu-stable@nongnu.org
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoarm: imx25-pdk: Fix machine name
Peter Crosthwaite [Fri, 16 Oct 2015 10:14:53 +0000 (11:14 +0100)]
arm: imx25-pdk: Fix machine name

ARM uses dashes instead of underscores for machine names. Fix imx25_pdk
which has not seen a release yet (so there is no legacy yet).

Cc: Jean-Christophe Dubois <jcd@tribudubois.net>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 1444445785-3648-1-git-send-email-crosthwaite.peter@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: Added change to tests/ds1338-test.c to use new machine name]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Provide model numbers for Sharp PDAs
Ryo ONODERA [Fri, 16 Oct 2015 10:14:53 +0000 (11:14 +0100)]
target-arm: Provide model numbers for Sharp PDAs

* For Collie, Akita, Spitz, Borzoi, Terrier and Tosa PDAs, provide
  model numbers and manufacturer (Sharp) information.

Signed-off-by: Ryo ONODERA <ryo_on@yk.rim.or.jp>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Implement AArch64 OSLAR/OSLSR_EL1 sysregs
Davorin Mista [Fri, 16 Oct 2015 10:14:53 +0000 (11:14 +0100)]
target-arm: Implement AArch64 OSLAR/OSLSR_EL1 sysregs

Added oslar_write function to OSLAR_EL1 sysreg, using a status variable
in ARMCPUState.cp15 struct (oslsr_el1). This variable is also linked
to the newly added read-only OSLSR_EL1 register.

Linux reads from this register during its suspend/resume procedure.

Signed-off-by: Davorin Mista <davorin.mista@aggios.com>
[PMM: folded a long line and tweaked a comment]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agohw/arm/virt: smbios: inform guest of kvm
Andrew Jones [Fri, 16 Oct 2015 10:14:53 +0000 (11:14 +0100)]
hw/arm/virt: smbios: inform guest of kvm

ARM/AArch64 KVM guests don't have any way to identify
themselves as KVM guests (x86 guests use a CPUID leaf). Now, we
could discuss all sorts of reasons why guests shouldn't need to
know that, but then there's always some case where it'd be
nice... Anyway, now that we have SMBIOS tables in ARM guests,
it's easy for the guest to know that it's a QEMU instance. This
patch takes that one step further, also identifying KVM, when
appropriate. Again, we could debate why generally nothing
should care whether it's of type QEMU or QEMU/KVM, but again,
sometimes it's nice to know...

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Wei Huang <wei@redhat.com>
Message-id: 1443017892-15567-1-git-send-email-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Avoid calling arm_el_is_aa64() function for unimplemented EL
Sergey Sorokin [Fri, 16 Oct 2015 10:14:52 +0000 (11:14 +0100)]
target-arm: Avoid calling arm_el_is_aa64() function for unimplemented EL

It is incorrect to call arm_el_is_aa64() function for unimplemented EL.
This patch fixes several attempts to do so.

Signed-off-by: Sergey Sorokin <afarallax@yandex.ru>
[PMM: Reworked several of the comments to be more verbose.]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Break the TB after ISB to execute self-modified code correctly
Sergey Sorokin [Fri, 16 Oct 2015 10:14:52 +0000 (11:14 +0100)]
target-arm: Break the TB after ISB to execute self-modified code correctly

If any store instruction writes the code inside the same TB
after this store insn, the execution of the TB must be stopped
to execute new code correctly.
As described in ARMv8 manual D3.4.6 self-modifying code must do an
IC invalidation to be valid, and an ISB after it. So it's enough to end
the TB after ISB instruction on the code translation.
Also this TB break is necessary to take any pending interrupts immediately
after an ISB (as required by ARMv8 ARM D1.14.4).

Signed-off-by: Sergey Sorokin <afarallax@yandex.ru>
[PMM: tweaked commit message and comments slightly]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agotarget-arm: Add missing 'static' attribute
Stefan Weil [Fri, 16 Oct 2015 10:14:52 +0000 (11:14 +0100)]
target-arm: Add missing 'static' attribute

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1443213733-9807-1-git-send-email-sw@weilnetz.de
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoui/cocoa.m: blinky mouse cursor fix
John Arbuckle [Tue, 13 Oct 2015 20:51:18 +0000 (21:51 +0100)]
ui/cocoa.m: blinky mouse cursor fix

The mouse cursor can become blinky when being moved a lot. This patch fixes that
problem by issuing the redraw sooner.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: AAA87DD7-EC20-4F4B-B71E-C38461D9FCBA@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoui/cocoa.m: addRemovableDevicesMenuItems() warning fix
John Arbuckle [Tue, 13 Oct 2015 20:51:18 +0000 (21:51 +0100)]
ui/cocoa.m: addRemovableDevicesMenuItems() warning fix

Eliminate this warning associated with the addRemovableDevicesMenuItems()
function:

ui/cocoa.m:1344:13: warning: function declaration isn't a prototype
[-Wstrict-prototypes]
 static void addRemovableDevicesMenuItems()
             ^
ui/cocoa.m: In function 'addRemovableDevicesMenuItems':
ui/cocoa.m:1344:13: warning: old-style function definition [-Wold-style-definition]

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 7B365FC2-072B-4E8D-A1D9-922C2D691A83@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoqapi: Track location that created an implicit type
Eric Blake [Tue, 13 Oct 2015 04:22:32 +0000 (22:22 -0600)]
qapi: Track location that created an implicit type

A future patch will move some error checking from the parser
to the various QAPISchema*.check() methods, which run only
after parsing completes.  It will thus be possible to create
a python instance representing an implicit QAPI type that
parses fine but will fail validation during check().  Since
all errors have to have an associated 'info' location, we
need a location to be associated with those implicit types.
The intuitive info to use is the location of the enclosing
entity that caused the creation of the implicit type.

Note that we do not anticipate builtin types being used in
an error message (as they are not part of the user's QAPI
input, the user can't cause a semantic error in their
behavior), so we exempt those types from requiring info, by
setting a flag to track the completion of _def_predefineds(),
and tracking that flag in _def_entity().

No change to the generated code.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-13-git-send-email-eblake@redhat.com>
[Missing QAPISchemaArrayType.is_implicit() supplied]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Create simple union type member earlier
Eric Blake [Tue, 13 Oct 2015 04:22:29 +0000 (22:22 -0600)]
qapi: Create simple union type member earlier

For simple unions, we were creating the implicit 'type' tag
member during the QAPISchemaObjectTypeVariants constructor.
This is different from every other implicit QAPISchemaEntity
object, which get created by QAPISchema methods.  Hoist the
creation to the caller (renaming _make_tag_enum() to
_make_implicit_tag()), and pass the entity rather than the
string name, so that we have the nice property that no
entities are created as a side effect within a different
entity.  A later patch will then have an easier time of
associating location info with each entity creation.

No change to generated code.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-10-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Lazy creation of array types
Eric Blake [Tue, 13 Oct 2015 04:22:28 +0000 (22:22 -0600)]
qapi: Lazy creation of array types

Commit ac88219a had several TODO markers about whether we needed
to automatically create the corresponding array type alongside
any other type.  It turns out that most of the time, we don't!

There are a few exceptions: 1) We have a few situations where we
use an array type in internal code but do not expose that type
through QMP; fix it by declaring a dummy type that forces the
generator to see that we want to use the array type.

2) The builtin arrays (such as intList for QAPI ['int']) must
always be generated, because of the way our QAPI_TYPES_BUILTIN
compile guard works: we have situations (at the very least
tests/test-qmp-output-visitor.c) that include both top-level
"qapi-types.h" (via "error.h") and a secondary
"test-qapi-types.h". If we were to only emit the builtin types
when used locally, then the first .h file would not include all
types, but the second .h does not declare anything at all because
the first .h set QAPI_TYPES_BUILTIN, and we would end up with
compilation error due to things like unknown type 'int8List'.

Actually, we may need to revisit how we do type guards, and
change from a single QAPI_TYPES_BUILTIN over to a different
usage pattern that does one #ifdef per qapi type - right now,
the only types that are declared multiple times between two qapi
.json files for inclusion by a single .c file happen to be the
builtin arrays.  But now that we have QAPI 'include' statements,
it is logical to assume that we will soon reach a point where
we want to reuse non-builtin types (yes, I'm thinking about what
it will take to add introspection to QGA, where we will want to
reuse the SchemaInfo type and friends).  One #ifdef per type
will help ensure that generating the same qapi type into more
than one qapi-types.h won't cause collisions when both are
included in the same .c file; but we also have to solve how to
avoid creating duplicate qapi-types.c entry points.  So that
is a problem left for another day.

Generated code for qapi-types and qapi-visit is drastically
reduced; less than a third of the arrays that were blindly
created were actually needed (a quick grep shows we dropped
from 219 to 69 *List types), and the .o files lost more than
30% of their bulk.  [For best results, diff the generated
files with 'git diff --patience --no-index pre post'.]

Interestingly, the introspection output is unchanged - this is
because we already cull all types that are not indirectly
reachable from a command or event, so introspection was already
using only a subset of array types.  The subset of types
introspected is now a much larger percentage of the overall set
of array types emitted in qapi-types.h (since the larger set
shrunk), but still not 100% (evidence that the array types
emitted for our new Dummy structs, and the new struct itself,
don't affect QMP).

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-9-git-send-email-eblake@redhat.com>
[Moved array info tracking to a later patch]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Don't use info as witness of implicit object type
Eric Blake [Tue, 13 Oct 2015 04:22:27 +0000 (22:22 -0600)]
qapi: Don't use info as witness of implicit object type

A future patch will enable error reporting from the various
QAPISchema*.check() methods.  But to report an error related
to an implicit type, we'll need to associate a location with
the type (the same location as the top-level entity that is
causing the creation of the implicit type), and once we do
that, keying off of whether foo.info exists is no longer a
viable way to determine if foo is an implicit type.

Instead, add an is_implicit() method to QAPISchemaEntity, and use it.
It can be overridden later for ObjectType and EnumType, when implicit
instances of those classes gain info.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-8-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Drop redundant args-member-array test
Eric Blake [Tue, 13 Oct 2015 18:26:47 +0000 (12:26 -0600)]
qapi: Drop redundant args-member-array test

qapi-schema-test already ensures that we can correctly compile
an array of enums (__org.qemu_x-command), an array of builtins
(UserDefNativeListUnion), and an array of structs (again
__org.qemu_x-command).  That means args-member-array is not
adding any additional parse-only test coverage, so drop it.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444760807-11307-1-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Drop redundant flat-union-reverse-define test
Eric Blake [Tue, 13 Oct 2015 04:22:26 +0000 (22:22 -0600)]
qapi: Drop redundant flat-union-reverse-define test

As of commit 8c3f8e77, we test compilation of forward references
for a struct base type (UserDefOne), flat union base type
(UserDefUnionBase), and flat union branch type
(UserDefFlatUnion2). The only remaining forward reference being
tested for parsing in flat-union-reverse-define was a forward
enum declaration.  Once we make sure that always compiles,
the smaller parse-only test is redundant and can be deleted.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-7-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Drop redundant returns-int test
Eric Blake [Tue, 13 Oct 2015 04:22:25 +0000 (22:22 -0600)]
qapi: Drop redundant returns-int test

qapi-schema-test was already testing that we could have a
command returning int, but burned a command name in the whitelist.
Merge the redundant positive test returns-int, and pick a name
that reduces the whitelist size.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-6-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Move empty-enum to compile-time test
Eric Blake [Tue, 13 Oct 2015 04:22:24 +0000 (22:22 -0600)]
qapi: Move empty-enum to compile-time test

Rather than just asserting that we can parse an empty enum,
let's also make sure we can compile it, by including it in
qapi-schema-test.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-5-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Drop redundant alternate-good test
Eric Blake [Tue, 13 Oct 2015 04:22:23 +0000 (22:22 -0600)]
qapi: Drop redundant alternate-good test

The alternate-good.json test was already covered by
qapi-schema-test.json.  As future commits will be tweaking
how alternates are laid out, removing the duplicate test now
reduces churn.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-4-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Prepare for errors during check()
Eric Blake [Tue, 13 Oct 2015 04:22:22 +0000 (22:22 -0600)]
qapi: Prepare for errors during check()

The next few patches will start migrating error checking from
ad hoc parse methods into the QAPISchema*.check() methods.  But
for an error message to display, we first have to fix the
overall 'try' to catch those errors.  We also want to enable a
few more assertions, such as making sure every attempt to
raise a semantic error is passed a valid location info, or that
various preconditions hold.

The general approach for moving error checking will then be to
relax an assertion into an if that raises an exception if the
condition does not hold, and removing the counterpart ad hoc
check done during the parse phase.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-3-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Use predicate callback to determine visit filtering
Eric Blake [Tue, 13 Oct 2015 04:22:21 +0000 (22:22 -0600)]
qapi: Use predicate callback to determine visit filtering

Previously, qapi-types and qapi-visit filtered out implicit
objects during visit_object_type() by using 'info' (works since
implicit objects do not [yet] have associated info); meanwhile
qapi-introspect filtered out all schema types on the first pass
by returning a python type from visit_begin(), which was then
used at a distance in QAPISchema.visit() to do the filtering.

Rather than keeping these ad hoc approaches, add a new visitor
callback visit_needed() which returns False to skip a given
entity, and which defaults to True unless overridden.  Use the
new mechanism to simplify all three filtering visitors.

No change to the generated code.

Suggested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444710158-8723-2-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Fix regression with '-netdev help'
Eric Blake [Wed, 14 Oct 2015 22:30:25 +0000 (16:30 -0600)]
qapi: Fix regression with '-netdev help'

Commit e36c714e causes 'qemu -netdev help' to dump core, because the
call to visit_end_union() is no longer conditional on whether *obj was
allocated.

Reported by Marc-André Lureau <marcandre.lureau@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1444861825-19256-1-git-send-email-eblake@redhat.com>
[Commit message tweaked to say 'help' instead of '?']
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agomigration: fix deadlock
Denis V. Lunev [Mon, 28 Sep 2015 11:41:58 +0000 (14:41 +0300)]
migration: fix deadlock

Release qemu global mutex before call synchronize_rcu().
synchronize_rcu() waiting for all readers to finish their critical
sections. There is at least one critical section in which we try
to get QGM (critical section is in address_space_rw() and
prepare_mmio_access() is trying to aquire QGM).

Both functions (migration_end() and migration_bitmap_extend())
are called from main thread which is holding QGM.

Thus there is a race condition that ends up with deadlock:
main thread     working thread
Lock QGA                |
|             Call KVM_EXIT_IO handler
|                       |
|        Open rcu reader's critical section
Migration cleanup bh    |
|                       |
synchronize_rcu() is    |
waiting for readers     |
|            prepare_mmio_access() is waiting for QGM
  \                   /
         deadlock

The patch changes bitmap freeing from direct g_free after synchronize_rcu
to free inside call_rcu.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reported-by: Igor Redko <redkoi@virtuozzo.com>
Tested-by: Igor Redko <redkoi@virtuozzo.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
CC: Anna Melekhova <annam@virtuozzo.com>
CC: Juan Quintela <quintela@redhat.com>
CC: Amit Shah <amit.shah@redhat.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Wen Congyang <wency@cn.fujitsu.com>
9 years agomigration: announce VM's new home just before VM is runnable
Amit Shah [Wed, 14 Oct 2015 12:07:19 +0000 (17:37 +0530)]
migration: announce VM's new home just before VM is runnable

We were announcing the dest host's IP as our new IP a bit too soon -- if
there were errors detected after this announcement was done, the
migration is failed and the VM could continue running on the src host --
causing problems later.

Move around the qemu_announce_self() call so it's done just before the
VM is runnable.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
9 years agoMigration: Generate the completed event only when we complete
Dr. David Alan Gilbert [Tue, 13 Oct 2015 11:21:27 +0000 (12:21 +0100)]
Migration: Generate the completed event only when we complete

The current migration-completed event is generated a bit too early,
which means that an eager libvirt that's ready to go as soon
as it sees the event ends up racing with the actual end of migration.

This corresponds to RH bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1271145

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Amit Shah <amit.shah@redhat.com>
xSigned-off-by: Juan Quintela <quintela@redhat.com>

9 years agoui/cocoa.m: eliminate normalWindow warning
John Arbuckle [Tue, 13 Oct 2015 20:51:18 +0000 (21:51 +0100)]
ui/cocoa.m: eliminate normalWindow warning

Eliminate this warning associated with the setting of the normalWindow's title:

ui/cocoa.m: In function '-[QemuCocoaAppController init]':
ui/cocoa.m:888:9: warning: format not a string literal and no format arguments
 [-Wformat-security]
         [normalWindow setTitle:[NSString stringWithFormat:@"QEMU"]];

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 57057D6E-C108-4AE1-8370-E7E6855B2F2C@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-10-12' into staging
Peter Maydell [Tue, 13 Oct 2015 09:42:06 +0000 (10:42 +0100)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-10-12' into staging

QAPI patches

# gpg: Signature made Mon 12 Oct 2015 18:56:35 BST using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-qapi-2015-10-12:
  qapi: Simplify gen_visit_fields() error handling
  qapi: Share gen_visit_fields()
  qapi: Share gen_err_check()
  qapi: Consistent generated code: minimize push_indent() usage
  qapi: Consistent generated code: prefer common indentation
  qapi: Consistent generated code: prefer common labels
  qapi: Consistent generated code: prefer visitor 'v'
  qapi: Consistent generated code: prefer error 'err'
  qapi: Reuse code for flat union base validation
  qapi: Test use of 'number' within alternates
  qapi: Add tests for empty unions
  qapi: Avoid assertion failure on union 'type' collision
  qapi: Test for various name collisions
  qapi: Clean up qapi.py per pep8
  qapi: Invoke exception superclass initializer
  qapi: Improve 'include' error message
  qapi: Sort qapi-schema tests
  MAINTAINERS: Specify QAPI include and test files
  MAINTAINERS: Specify QObject include and test files
  docs: Move files from docs/qmp/ to docs/

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoqapi: Simplify gen_visit_fields() error handling
Eric Blake [Tue, 29 Sep 2015 22:21:15 +0000 (16:21 -0600)]
qapi: Simplify gen_visit_fields() error handling

Since we have consolidated all generated code to use 'err' as
the name of the local variable for error detection, we can
simplify the decision on whether to skip error detection (useful
for deallocation paths) to be a boolean.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-18-git-send-email-eblake@redhat.com>
[Change to gen_visit_fields() simplified]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Share gen_visit_fields()
Eric Blake [Tue, 29 Sep 2015 22:21:14 +0000 (16:21 -0600)]
qapi: Share gen_visit_fields()

Consolidate the code between visit, command marshalling, and
event generation that iterates over the members of a struct.
It reduces code duplication in the generator, so that a future
patch can reduce the size of generated code while touching only
one instead of three locations.

There are no changes to the generated marshal code.

The visitor code becomes slightly more verbose, but remains
semantically equivalent, and is actually easier to read as
it follows a more common idiom:

|     visit_optional(v, &(*obj)->has_device, "device", &err);
|-    if (!err && (*obj)->has_device) {
|-        visit_type_str(v, &(*obj)->device, "device", &err);
|-    }
|     if (err) {
|         goto out;
|     }
|+    if ((*obj)->has_device) {
|+        visit_type_str(v, &(*obj)->device, "device", &err);
|+        if (err) {
|+            goto out;
|+        }
|+    }

The event code becomes slightly more verbose, but this is
arguably a bug fix: although the visitors are not well
documented, use of an optional member should not be attempted
unless guarded by a prior call to visit_optional().  Works only
because the output qmp visitor has a no-op visit_optional():

|+    visit_optional(v, &has_offset, "offset", &err);
|+    if (err) {
|+        goto out;
|+    }
|     if (has_offset) {
|         visit_type_int(v, &offset, "offset", &err);

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-17-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Share gen_err_check()
Eric Blake [Tue, 29 Sep 2015 22:21:13 +0000 (16:21 -0600)]
qapi: Share gen_err_check()

qapi-commands has a nice helper gen_err_check(), but did not
use it everywhere. In fact, using it in more places makes it
easier to reduce the lines of code used for generating error
checks.  This in turn will make it easier for later patches
to consolidate another common pattern among the generators.

The generated code has fewer blank lines in qapi-event.c functions,
but has no semantic difference.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-16-git-send-email-eblake@redhat.com>
[Drop another blank line for symmetry]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Consistent generated code: minimize push_indent() usage
Eric Blake [Tue, 29 Sep 2015 22:21:12 +0000 (16:21 -0600)]
qapi: Consistent generated code: minimize push_indent() usage

We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch reduces the number of push_indent()/pop_indent() pairs
so that generated code is typically already at its natural output
indentation in the python files.  It is easier to reason about
generated code if the reader does not have to track how much
spacing will be inserted alongside the code, and moreso when all
of the generators use the same patterns (qapi-type and qapi-event
were already using in-place indentation).

Arguably, the resulting python may be a bit harder to read with C
code at the same indentation as python; on the other hand, not
having to think about push_indent() is a win, and most decent
editors provide syntax highlighting that makes it easier to
visually distinguish python code from string literals that will
become C code.

There is no change to the generated output.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-15-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Consistent generated code: prefer common indentation
Eric Blake [Tue, 29 Sep 2015 22:21:11 +0000 (16:21 -0600)]
qapi: Consistent generated code: prefer common indentation

We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch adjusts gen_visit_union() to use the same indentation
as other functions, namely, by jumping early to the error label
if the object was not set rather than placing the rest of the
body inside an if for when it is set.

No change in semantics to the generated code.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-14-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Consistent generated code: prefer common labels
Eric Blake [Tue, 29 Sep 2015 22:21:10 +0000 (16:21 -0600)]
qapi: Consistent generated code: prefer common labels

We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch names the goto labels 'out' (not 'clean') and 'out_obj'
(not 'out_end').  Additionally, the generator was inconsistent on
whether labels had a leading space [our HACKING is silent; while
emacs 'gnu' style adds the space to avoid littering column 1].
For minimal churn, prefer no leading space; this also matches
the style that is more prevalent in current qemu.git.

No change in semantics to the generated code.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-13-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Consistent generated code: prefer visitor 'v'
Eric Blake [Tue, 29 Sep 2015 22:21:09 +0000 (16:21 -0600)]
qapi: Consistent generated code: prefer visitor 'v'

We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch names the local visitor variable 'v' rather than 'm'.
Related objects, such as 'QapiDeallocVisitor', are also named by
their initials instead of an unrelated leading m.

No change in semantics to the generated code.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-12-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Consistent generated code: prefer error 'err'
Eric Blake [Tue, 29 Sep 2015 22:21:08 +0000 (16:21 -0600)]
qapi: Consistent generated code: prefer error 'err'

We had some pointless differences in the generated code for visit,
command marshalling, and events; unifying them makes it easier for
future patches to consolidate to common helper functions.
This is one patch of a series to clean up these differences.

This patch consistently names the local error variable 'err' rather
than 'local_err'.

No change in semantics to the generated code.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-11-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Reuse code for flat union base validation
Eric Blake [Tue, 29 Sep 2015 22:21:07 +0000 (16:21 -0600)]
qapi: Reuse code for flat union base validation

Rather than open-code the check for a valid base type, we
should reuse the common functionality. This allows for
consistent error messages, and also makes it easier for a
later patch to turn on support for inline anonymous base
structures.

Test flat-union-inline is updated to test only one feature
(anonymous branch dictionaries), which can be implemented
independently (test flat-union-bad-base already covers the
idea of an anonymous base dictionary).

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-10-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Test use of 'number' within alternates
Eric Blake [Tue, 29 Sep 2015 22:21:06 +0000 (16:21 -0600)]
qapi: Test use of 'number' within alternates

Add some testsuite exposure for use of a 'number' as part of
an alternate.  The current state of the tree has a few bugs
exposed by this: our input parser depends on the ordering of
how the qapi schema declared the alternate, and the parser
does not accept integers for a 'number' in an alternate even
though it does for numbers outside of an alternate.

Mixing 'int' and 'number' in the same alternate is unusual,
since both are supplied by json-numbers, but there does not
seem to be a technical reason to forbid it given that our
json lexer distinguishes between json-numbers that can be
represented as an int vs. those that cannot.

Improve the existing test_visitor_in_alternate() to match the
style of the new test_visitor_in_alternate_number(), and to
ensure full coverage of all possible qtype parsing.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-9-git-send-email-eblake@redhat.com>
[Eric's follow-up fixes squashed in]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Add tests for empty unions
Eric Blake [Tue, 29 Sep 2015 22:21:05 +0000 (16:21 -0600)]
qapi: Add tests for empty unions

The documentation claims that alternates are useful for
allowing two or more types, although nothing enforces this.
Meanwhile, it is silent on whether empty unions are allowed.
In practice, the generated code will compile, in part because
we have a 'void *data' branch; but attempting to visit such a
type will cause an abort().  While there's no technical reason
that a degenerate union could not be made to work, it's harder
to justify the time spent in chasing known (the current
abort() during visit) and unknown corner cases, than it would
be to just outlaw them.  A future patch will probably take the
approach of forbidding them; in the meantime, we can at least
add testsuite coverage to make it obvious where things stand.

In addition to adding tests to expose the problems, we also
need to adjust existing tests that are meant to test something
else, but which could fail for the wrong reason if we reject
degenerate alternates/unions.

Note that empty structs are explicitly supported (for example,
right now they are the only way to specify that one branch of a
flat union adds no additional members), and empty enums are
covered by the testsuite as working (even if they do not seem
to have much use).

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-8-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Avoid assertion failure on union 'type' collision
Eric Blake [Tue, 29 Sep 2015 22:21:04 +0000 (16:21 -0600)]
qapi: Avoid assertion failure on union 'type' collision

The previous commit added two tests that triggered an assertion
failure. It's fairly straightforward to avoid the failure by
just outright forbidding the collision between a union's tag
values and its discriminator name (including the implicit name
'kind' supplied for simple unions [*]).  Ultimately, we'd like
to move the collision detection into QAPISchema*.check(), but
for now it is easier just to enhance the existing checks.

[*] Of course, down the road, we have plans to rename the simple
union tag name to 'type' to match the QMP wire name, but the
idea of the collision will still be present even then.

Technically, we could avoid the collision by naming the C union
members representing each enum value as '_case_value' rather
than 'value'; but until we have an actual qapi client (and not
just our testsuite) that has a legitimate reason to match a
case label to the name of a QMP key and needs the name munging
to satisfy the compiler, it's easier to just reject the qapi
as invalid.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-7-git-send-email-eblake@redhat.com>
[Polished a few comments]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Test for various name collisions
Eric Blake [Tue, 29 Sep 2015 22:21:03 +0000 (16:21 -0600)]
qapi: Test for various name collisions

Expose some weaknesses in the generator: we don't always forbid
the generation of structs that contain multiple members that map
to the same C or QMP name.  This has already been marked FIXME in
qapi.py in commit d90675f, but having more tests will make sure
future patches produce desired behavior; and updating existing
patches to better document things doesn't hurt, either.  Some of
these collisions are already caught in the old-style parser
checks, but ultimately we want all collisions to be caught in the
new-style QAPISchema*.check() methods.

This patch focuses on C struct members, and does not consider
collisions between commands and events (affecting C function
names), or even collisions between generated C type names with
user type names (for things like automatic FOOList struct
representing array types or FOOKind for an implicit enum).

There are two types of struct collisions we want to catch:
 1) Collision between two keys in a JSON object. qapi.py prevents
    that within a single struct (see test duplicate-key), but it is
    possible to have collisions between a type's members and its
    base type's members (existing tests struct-base-clash,
    struct-base-clash-deep), and its flat union variant members
    (renamed test flat-union-clash-member).
 2) Collision between two members of the C struct that is generated
    for a given QAPI type:
    a) Multiple QAPI names map to the same C name (new test
       args-name-clash)
    b) A QAPI name maps to a C name that is used for another purpose
       (new tests flat-union-clash-branch, struct-base-clash-base,
       union-clash-data). We already fixed some such cases in commit
       0f61af3e and 1e6c1616, but more remain.
    c) Two C names generated for other purposes clash
       (updated test alternate-clash, new test union-clash-branches,
       union-clash-type, flat-union-clash-type)

Ultimately, if we need to have a flat union where a tag value
clashes with a base member name, we could change the generator to
name the union (using 'foo.u.value' rather than 'foo.value') or
otherwise munge the C name corresponding to tag values.  But
unless such a need arises, it will probably be easier to just
forbid these collisions.

Some of these negative tests will be deleted later, and positive
tests added to qapi-schema-test.json in their place, when the
generator code is reworked to avoid particular code generation
collisions in class 2).

[Note that viewing this patch with git rename detection enabled
may see some confusion due to renaming some tests while adding
others, but where the content is similar enough that git picks
the wrong pre- and post-patch files to associate]

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-6-git-send-email-eblake@redhat.com>
[Improve commit message and comments a bit, drop an unrelated test]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Clean up qapi.py per pep8
Eric Blake [Tue, 29 Sep 2015 22:21:02 +0000 (16:21 -0600)]
qapi: Clean up qapi.py per pep8

Silence pep8, and make pylint a bit happier.  Just style cleanups,
plus killing a useless comment in camel_to_upper(); no semantic
changes.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-5-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Invoke exception superclass initializer
Eric Blake [Tue, 29 Sep 2015 22:21:01 +0000 (16:21 -0600)]
qapi: Invoke exception superclass initializer

pylint recommends that every exception class should explicitly
invoke the superclass __init__, even though things seem to work
fine without it.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-4-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Improve 'include' error message
Eric Blake [Tue, 29 Sep 2015 22:21:00 +0000 (16:21 -0600)]
qapi: Improve 'include' error message

Use of '"...%s" % include' to print non-strings can lead to
ugly messages, such as this (if the .json change is applied
without the qapi.py change):
 Expected a file name (string), got: OrderedDict()

Better is to just omit the actual non-string value in the
message.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-3-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoqapi: Sort qapi-schema tests
Eric Blake [Tue, 29 Sep 2015 22:20:59 +0000 (16:20 -0600)]
qapi: Sort qapi-schema tests

Recent changes to qapi have provided quite a bit of churn in
the makefile, because we are inconsistent on what order test
names appear in, and on whether to re-wrap the list of tests or
just add arbitrary line lengths.  Writing the list in a sorted
fashion, one test per line, will make future patches easier
to see what tests are being added or removed by a patch.

Although it is tempting to use $(wildcard qapi-schema/*.json)
for a more compact listing, such an approach would risk picking
up leftover garbage .json files in the directory; so keeping
the list explicit is safer for ensuring reproducible tarballs
and test results.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443565276-4535-2-git-send-email-eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
9 years agoMAINTAINERS: Specify QAPI include and test files
Markus Armbruster [Thu, 24 Sep 2015 16:11:57 +0000 (18:11 +0200)]
MAINTAINERS: Specify QAPI include and test files

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1443111117-29831-4-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
9 years agoMAINTAINERS: Specify QObject include and test files
Markus Armbruster [Thu, 24 Sep 2015 16:11:56 +0000 (18:11 +0200)]
MAINTAINERS: Specify QObject include and test files

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1443111117-29831-3-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
9 years agodocs: Move files from docs/qmp/ to docs/
Markus Armbruster [Thu, 24 Sep 2015 16:11:55 +0000 (18:11 +0200)]
docs: Move files from docs/qmp/ to docs/

Giving QMP its own subdirectory in docs/ is hardly worthwhile when we
have just four files, and one of them isn't even in the subdirectory.
Move the files from docs/qmp/ to docs/, renaming docs/qmp/README to
docs/qmp-intro.

Update MAINTAINERS.  The new pattern also captures the fourth file
docs/writing-qmp-commands.txt.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1443111117-29831-2-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Peter Maydell [Mon, 12 Oct 2015 14:52:54 +0000 (15:52 +0100)]
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Pull request

v2:
 * Fix virtio 16lx -> HWADDR_PRIx format specifier [Peter]

# gpg: Signature made Mon 12 Oct 2015 11:19:06 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/block-pull-request:
  sdhci.c: Limit the maximum block size
  block: switch from g_slice allocator to malloc
  virtio dataplane: adapt dataplane for virtio Version 1
  virtio-blk: use blk_io_plug/unplug for Linux AIO batching
  sdhci: Pass drive parameter to sdhci-pci via qdev property

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoMerge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
Peter Maydell [Mon, 12 Oct 2015 13:29:29 +0000 (14:29 +0100)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging

# gpg: Signature made Mon 12 Oct 2015 08:56:47 BST using RSA key ID 398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F  3562 EF04 965B 398D 6211

* remotes/jasowang/tags/net-pull-request:
  tests: add test cases for netfilter object
  netfilter: add a netbuffer filter
  net/queue: export qemu_net_queue_append_iov
  netfilter: print filter info associate with the netdev
  netfilter: add an API to pass the packet to next filter
  net/queue: introduce NetQueueDeliverFunc
  net: merge qemu_deliver_packet and qemu_deliver_packet_iov
  netfilter: hook packets before net queue send
  init/cleanup of netfilter object
  vl.c: init delayed object after net_init_clients
  vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command
  e1000: use alias for default model
  vmxnet3: Support reading IMR registers on bar0
  net/vmxnet3: Refine l2 header validation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agosdhci.c: Limit the maximum block size
Alistair Francis [Tue, 6 Oct 2015 17:40:41 +0000 (10:40 -0700)]
sdhci.c: Limit the maximum block size

It is possible for the guest to set an invalid block
size which is larger then the fifo_buffer[] array. This
could cause a buffer overflow.

To avoid this limit the maximum size of the blksize variable.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reported-by: Intel Security ATR <secure@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: abe4c51f513290bbb85d1ee271cb1a3d463d7561.1444067470.git.alistair.francis@xilinx.com
Suggested-by: Igor Mitsyanko <i.mitsyanko@gmail.com>
Reported-by: Intel Security ATR <secure@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
9 years agoblock: switch from g_slice allocator to malloc
Paolo Bonzini [Thu, 1 Oct 2015 11:04:39 +0000 (13:04 +0200)]
block: switch from g_slice allocator to malloc

Simplify memory allocation by sticking with a single API.  GSlice
is not that fast anyway (tcmalloc/jemalloc are better).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
9 years agovirtio dataplane: adapt dataplane for virtio Version 1
Pierre Morel [Mon, 7 Sep 2015 11:33:56 +0000 (13:33 +0200)]
virtio dataplane: adapt dataplane for virtio Version 1

Let dataplane allocate different region for the desc/avail/used
ring regions.
Take VIRTIO_RING_F_EVENT_IDX into account to increase the used/avail
rings accordingly.

[Fix 32-bit builds by changing 16lx format specifier to HWADDR_PRIx.
--Stefan]

Signed-off-by: Pierre Morel <pmorel@linux.vnet.ibm.com>
Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Message-id: 1441625636-23773-1-git-send-email-pmorel@linux.vnet.ibm.com
(changed __virtio16 into uint16_t,
 map descriptor table and available ring read-only)
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-10-09' into staging
Peter Maydell [Mon, 12 Oct 2015 10:07:38 +0000 (11:07 +0100)]
Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-10-09' into staging

Fix device introspection regressions

# gpg: Signature made Fri 09 Oct 2015 14:43:41 BST using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-monitor-2015-10-09:
  Revert "qdev: Use qdev_get_device_class() for -device <type>,help"
  qdev: Protect device-list-properties against broken devices
  qmp: Fix device-list-properties not to crash for abstract device
  device-introspect-test: New, covering device introspection
  libqtest: New hmp() & friends
  libqtest: Clean up unused QTestState member sigact_old
  tests: Fix how qom-test is run
  macio: move DBDMA_init from instance_init to realize
  hw: do not pass NULL to memory_region_init from instance_init
  memory: allow destroying a non-empty MemoryRegion
  virtio-input: Fix device introspection on non-Linux hosts
  update-linux-headers: Rename SW_MAX to SW_MAX_

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agovirtio-blk: use blk_io_plug/unplug for Linux AIO batching
Stefan Hajnoczi [Mon, 20 Jul 2015 15:54:16 +0000 (16:54 +0100)]
virtio-blk: use blk_io_plug/unplug for Linux AIO batching

The raw-posix block driver implements Linux AIO batching so multiple
requests can be submitted with a single io_submit(2) system call.
Batching is currently only used by virtio-scsi and
virtio-blk-data-plane.

Enable batching for regular virtio-blk so the number of io_submit(2)
system calls is reduced for workloads with queue depth > 1.

In 4KB random read performance tests with queue depth 32, the CPU
utilization on the host is reduced by 9.4%.  The fio job is as follows:

  [global]
  bs=4k
  ioengine=libaio
  iodepth=32
  direct=1
  sync=0
  time_based=1
  runtime=30
  clocksource=gettimeofday
  ramp_time=5

  [job1]
  rw=randread
  filename=/dev/vdb
  size=4096M
  write_bw_log=fio
  write_iops_log=fio
  write_lat_log=fio
  log_avg_msec=1000

This benchmark was run on an raw image on LVM.  The disk was an SSD
drive and -drive cache=none,aio=native was used.

Tested-by: Pradeep Surisetty <psuriset@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
9 years agosdhci: Pass drive parameter to sdhci-pci via qdev property
Kevin O'Connor [Mon, 17 Aug 2015 19:20:33 +0000 (15:20 -0400)]
sdhci: Pass drive parameter to sdhci-pci via qdev property

Commit 19109131 disabled the sdhci-pci support because it used
drive_get_next().  This patch reenables sdhci-pci and changes it to
pass the drive via a qdev property - for example:
 -device sdhci-pci,drive=drive0 -drive id=drive0,if=sd,file=myimage

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
9 years agotests: add test cases for netfilter object
Yang Hongyang [Wed, 7 Oct 2015 03:52:22 +0000 (11:52 +0800)]
tests: add test cases for netfilter object

Using qtest qmp interface to implement following cases:
1) add/remove netfilter
2) add a netfilter then delete the netdev
3) add/remove more than one netfilters
4) add more than one netfilters and then delete the netdev

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonetfilter: add a netbuffer filter
Yang Hongyang [Wed, 7 Oct 2015 03:52:21 +0000 (11:52 +0800)]
netfilter: add a netbuffer filter

This filter is to buffer/release packets. Can be used when using
MicroCheckpointing or other Remus like VM FT solutions.
You can also use it to crudely simulate network delay.  Doesn't
actually delay individual packets, but batches them together, which is
a delay of sorts.

Usage:
 -netdev tap,id=bn0
 -object filter-buffer,id=f0,netdev=bn0,queue=rx,interval=1000

NOTE:
 Interval is in microseconds, it can't be omitted currently, and can't be 0.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet/queue: export qemu_net_queue_append_iov
Yang Hongyang [Wed, 7 Oct 2015 03:52:20 +0000 (11:52 +0800)]
net/queue: export qemu_net_queue_append_iov

This will be used by buffer filter implementation later to
queue packets.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonetfilter: print filter info associate with the netdev
Yang Hongyang [Wed, 7 Oct 2015 03:52:19 +0000 (11:52 +0800)]
netfilter: print filter info associate with the netdev

When execute "info network", print filter info also.
add a info_str member to NetFilterState, store specific filters
info.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonetfilter: add an API to pass the packet to next filter
Yang Hongyang [Wed, 7 Oct 2015 03:52:18 +0000 (11:52 +0800)]
netfilter: add an API to pass the packet to next filter

add an API qemu_netfilter_pass_to_next() to pass the packet
to next filter.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet/queue: introduce NetQueueDeliverFunc
Yang Hongyang [Wed, 7 Oct 2015 03:52:17 +0000 (11:52 +0800)]
net/queue: introduce NetQueueDeliverFunc

net/queue.c has logic to send/queue/flush packets but a
qemu_deliver_packet_iov() call is hardcoded. Abstract this
func so that we can use our own deliver function in netfilter.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet: merge qemu_deliver_packet and qemu_deliver_packet_iov
Yang Hongyang [Wed, 7 Oct 2015 03:52:16 +0000 (11:52 +0800)]
net: merge qemu_deliver_packet and qemu_deliver_packet_iov

qemu_deliver_packet_iov already have the compat delivery, we
can drop qemu_deliver_packet.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonetfilter: hook packets before net queue send
Yang Hongyang [Wed, 7 Oct 2015 03:52:15 +0000 (11:52 +0800)]
netfilter: hook packets before net queue send

Capture packets that will be sent.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agoinit/cleanup of netfilter object
Yang Hongyang [Wed, 7 Oct 2015 03:52:14 +0000 (11:52 +0800)]
init/cleanup of netfilter object

Add a netfilter object based on QOM.

A netfilter is attached to a netdev, captures all network packets
that pass through the netdev. When we delete the netdev, we also
delete the netfilter object attached to it, because if the netdev is
removed, the filter which attached to it is useless.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agovl.c: init delayed object after net_init_clients
Yang Hongyang [Wed, 7 Oct 2015 03:52:13 +0000 (11:52 +0800)]
vl.c: init delayed object after net_init_clients

Init delayed object after net_init_clients, because netfilters need
to be initialized after net clients initialized.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agovmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command
Shmulik Ladkani [Fri, 18 Sep 2015 05:55:04 +0000 (08:55 +0300)]
vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command

Some drivers (e.g. vmware-tools) issue the VMXNET3_CMD_GET_ADAPTIVE_RING_INFO
command.

Currently, due to lack of support, a bogus value (-1) is returned.

Support this command, returning the "adaptive-ring disabled" flag.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agoe1000: use alias for default model
Jason Wang [Mon, 28 Sep 2015 05:37:26 +0000 (13:37 +0800)]
e1000: use alias for default model

Instead of duplicating the "e1000-82540em" device model as "e1000",
make the latter an alias for the former.

Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com
Reviewed-by: Markus Armbruster <armbru@redhat.com>
9 years agovmxnet3: Support reading IMR registers on bar0
Shmulik Ladkani [Mon, 21 Sep 2015 14:09:02 +0000 (17:09 +0300)]
vmxnet3: Support reading IMR registers on bar0

Instead of asserting, return the actual IMR register value.
This is aligned with what's returned on ESXi.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Tested-by: Dana Rubin <dana.rubin@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agonet/vmxnet3: Refine l2 header validation
Dana Rubin [Tue, 18 Aug 2015 09:45:55 +0000 (12:45 +0300)]
net/vmxnet3: Refine l2 header validation

Validation of l2 header length assumed minimal packet size as
eth_header + 2 * vlan_header regardless of the actual protocol.

This caused crash for valid non-IP packets shorter than 22 bytes, as
'tx_pkt->packet_type' hasn't been assigned for such packets, and
'vmxnet3_on_tx_done_update_stats()' expects it to be properly set.

Refine header length validation in 'vmxnet_tx_pkt_parse_headers'.
Check its return value during packet processing flow.

As a side effect, in case IPv4 and IPv6 header validation failure,
corrupt packets will be dropped.

Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com>
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/kraxel/tags/pull-virgl-20151008-1' into staging
Peter Maydell [Fri, 9 Oct 2015 16:30:03 +0000 (17:30 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/pull-virgl-20151008-1' into staging

virtio-gpu: add 3d rendering support using virgl, misc fixes.
ui/gtk: add opengl context and scanout support (for virtio-gpu).

# gpg: Signature made Thu 08 Oct 2015 10:35:39 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-virgl-20151008-1:
  gtk/opengl: add opengl context and scanout support (GtkGLArea)
  gtk/opengl: add opengl context and scanout support (egl)
  opengl: add egl-context.[ch] helpers
  virtio-gpu: add cursor update tracepoint
  virtio-gpu: add 3d mode and virgl rendering support.
  virtio-gpu: update headers for virgl/3d
  virtio-gpu: change licence from GPLv2 to GPLv2+
  virtio-gpu: move iov free to virtio_gpu_cleanup_mapping_iov
  ui/console: add opengl context and scanout support interfaces.
  sdl2: stop flickering
  shaders: initialize vertexes once

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9 years agoRevert "qdev: Use qdev_get_device_class() for -device <type>,help"
Markus Armbruster [Thu, 1 Oct 2015 08:59:59 +0000 (10:59 +0200)]
Revert "qdev: Use qdev_get_device_class() for -device <type>,help"

This reverts commit 31bed5509dfcbdfc293154ce81086a4dbd7a80b6.

The reverted commit changed qdev_device_help() to reject abstract
devices and devices that have cannot_instantiate_with_device_add_yet
set, to fix crash bugs like -device x86_64-cpu,help.

Rejecting abstract devices makes sense: they're purely internal, and
the implementation of the help feature can't cope with them.

Rejecting non-pluggable devices makes less sense: even though you
can't use them with -device, the help may still be useful elsewhere,
for instance with -global.  This is a regression: -device FOO,help
used to help even for FOO that aren't pluggable.

The previous two commits fixed the crash bug at a lower layer, so
reverting this one is now safe.  Fixes the -device FOO,help
regression, except for the broken devices marked
cannot_even_create_with_object_new_yet.  For those, the error message
is improved.

Example of a device where the regression is fixed:

    $ qemu-system-x86_64 -device PIIX4_PM,help
    PIIX4_PM.command_serr_enable=bool (on/off)
    PIIX4_PM.multifunction=bool (on/off)
    PIIX4_PM.rombar=uint32
    PIIX4_PM.romfile=str
    PIIX4_PM.addr=int32 (Slot and optional function number, example: 06.0 or 06)
    PIIX4_PM.memory-hotplug-support=bool
    PIIX4_PM.acpi-pci-hotplug-with-bridge-support=bool
    PIIX4_PM.s4_val=uint8
    PIIX4_PM.disable_s4=uint8
    PIIX4_PM.disable_s3=uint8
    PIIX4_PM.smb_io_base=uint32

Example of a device where it isn't fixed:

    $ qemu-system-x86_64 -device host-x86_64-cpu,help
    Can't list properties of device 'host-x86_64-cpu'

Both failed with "Parameter 'driver' expects pluggable device type"
before.

Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1443689999-12182-11-git-send-email-armbru@redhat.com>

9 years agoqdev: Protect device-list-properties against broken devices
Markus Armbruster [Thu, 1 Oct 2015 08:59:58 +0000 (10:59 +0200)]
qdev: Protect device-list-properties against broken devices

Several devices don't survive object_unref(object_new(T)): they crash
or hang during cleanup, or they leave dangling pointers behind.

This breaks at least device-list-properties, because
qmp_device_list_properties() needs to create a device to find its
properties.  Broken in commit f4eb32b "qmp: show QOM properties in
device-list-properties", v2.1.  Example reproducer:

    $ qemu-system-aarch64 -nodefaults -display none -machine none -S -qmp stdio
    {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2}, "package": ""}, "capabilities": []}}
    { "execute": "qmp_capabilities" }
    {"return": {}}
    { "execute": "device-list-properties", "arguments": { "typename": "pxa2xx-pcmcia" } }
    qemu-system-aarch64: /home/armbru/work/qemu/memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed.
    Aborted (core dumped)
    [Exit 134 (SIGABRT)]

Unfortunately, I can't fix the problems in these devices right now.
Instead, add DeviceClass member cannot_destroy_with_object_finalize_yet
to mark them:

* Hang during cleanup (didn't debug, so I can't say why):
  "realview_pci", "versatile_pci".

* Dangling pointer in cpus: most CPUs, plus "allwinner-a10", "digic",
  "fsl,imx25", "fsl,imx31", "xlnx,zynqmp", because they create such
  CPUs

* Assert kvm_enabled(): "host-x86_64-cpu", host-i386-cpu",
  "host-powerpc64-cpu", "host-embedded-powerpc-cpu",
  "host-powerpc-cpu" (the powerpc ones can't currently reach the
  assertion, because the CPUs are only registered when KVM is enabled,
  but the assertion is arguably in the wrong place all the same)

Make qmp_device_list_properties() fail cleanly when the device is so
marked.  This improves device-list-properties from "crashes, hangs or
leaves dangling pointers behind" to "fails".  Not a complete fix, just
a better-than-nothing work-around.  In the above reproducer,
device-list-properties now fails with "Can't list properties of device
'pxa2xx-pcmcia'".

This also protects -device FOO,help, which uses the same machinery
since commit ef52358 "qdev-monitor: include QOM properties in -device
FOO, help output", v2.2.  Example reproducer:

    $ qemu-system-aarch64 -machine none -device pxa2xx-pcmcia,help

Before:

    qemu-system-aarch64: .../memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed.

After:

    Can't list properties of device 'pxa2xx-pcmcia'

Cc: "Andreas Färber" <afaerber@suse.de>
Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Anthony Green <green@moxielogic.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Blue Swirl <blauwirbel@gmail.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Jia Liu <proljc@gmail.com>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Richard Henderson <rth@twiddle.net>
Cc: qemu-ppc@nongnu.org
Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <1443689999-12182-10-git-send-email-armbru@redhat.com>

9 years agoqmp: Fix device-list-properties not to crash for abstract device
Markus Armbruster [Thu, 1 Oct 2015 08:59:57 +0000 (10:59 +0200)]
qmp: Fix device-list-properties not to crash for abstract device

Broken in commit f4eb32b "qmp: show QOM properties in
device-list-properties", v2.1.

Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-Id: <1443689999-12182-9-git-send-email-armbru@redhat.com>

9 years agodevice-introspect-test: New, covering device introspection
Markus Armbruster [Thu, 1 Oct 2015 08:59:56 +0000 (10:59 +0200)]
device-introspect-test: New, covering device introspection

The test doesn't check that the output makes any sense, only that QEMU
survives.  Useful since we've had an astounding number of crash bugs
around there.

In fact, we have a bunch of them right now: a few devices crash or
hang, and some leave dangling pointers behind.  The test skips testing
the broken parts.  The next commits will fix them up, and drop the
skipping.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443689999-12182-8-git-send-email-armbru@redhat.com>

9 years agolibqtest: New hmp() & friends
Markus Armbruster [Thu, 1 Oct 2015 08:59:55 +0000 (10:59 +0200)]
libqtest: New hmp() & friends

New convenience function hmp() to facilitate use of
human-monitor-command in tests.  Use it to simplify its existing uses.

To blend into existing libqtest code, also add qtest_hmpv() and
qtest_hmp().  That, and the egregiously verbose GTK-Doc comment format
make this patch look bigger than it is.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1443689999-12182-7-git-send-email-armbru@redhat.com>

9 years agolibqtest: Clean up unused QTestState member sigact_old
Markus Armbruster [Thu, 1 Oct 2015 08:59:54 +0000 (10:59 +0200)]
libqtest: Clean up unused QTestState member sigact_old

Unused since commit d766825.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1443689999-12182-6-git-send-email-armbru@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
9 years agotests: Fix how qom-test is run
Markus Armbruster [Thu, 1 Oct 2015 08:59:53 +0000 (10:59 +0200)]
tests: Fix how qom-test is run

We want to run qom-test for every architecture, without having to
manually add it to every architecture's list of tests.  Commit 3687d53
accomplished this by adding it to every architecture's list
automatically.

However, some architectures inherit their tests from others, like this:

    check-qtest-x86_64-y = $(check-qtest-i386-y)
    check-qtest-microblazeel-y = $(check-qtest-microblaze-y)
    check-qtest-xtensaeb-y = $(check-qtest-xtensa-y)

For such architectures, we ended up running the (slow!) test twice.
Commit 2b8419c attempted to avoid this by adding the test only when
it's not already present.  Works only as long as we consider adding
the test to the architectures on the left hand side *after* the ones
on the right hand side: x86_64 after i386, microblazeel after
microblaze, xtensaeb after xtensa.

Turns out we consider them in $(SYSEMU_TARGET_LIST) order.  Defined as

    SYSEMU_TARGET_LIST := $(subst -softmmu.mak,,$(notdir \
       $(wildcard $(SRC_PATH)/default-configs/*-softmmu.mak)))

On my machine, this results in the oder xtensa, x86_64, microblazeel,
microblaze, i386.  Consequently, qom-test runs twice for microblazeel
and x86_64.

Replace this complex and flawed machinery with a much simpler one: add
generic tests (currently just qom-test) to check-qtest-generic-y
instead of check-qtest-$(target)-y for every target, then run
$(check-qtest-generic-y) for every target.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-Id: <1443689999-12182-5-git-send-email-armbru@redhat.com>

9 years agomacio: move DBDMA_init from instance_init to realize
Paolo Bonzini [Thu, 1 Oct 2015 08:59:52 +0000 (10:59 +0200)]
macio: move DBDMA_init from instance_init to realize

DBDMA_init is not idempotent, and calling it from instance_init
breaks a simple object_new/object_unref pair.  Work around this,
pending qdev-ification of DBDMA, by moving the call to realize.

Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1443689999-12182-4-git-send-email-armbru@redhat.com>

9 years agohw: do not pass NULL to memory_region_init from instance_init
Paolo Bonzini [Thu, 1 Oct 2015 08:59:51 +0000 (10:59 +0200)]
hw: do not pass NULL to memory_region_init from instance_init

This causes the region to outlive the object, because it attaches the
region to /machine.  This is not nice for the "realize" method, but
much worse for "instance_init" because it can cause dangling pointers
after a simple object_new/object_unref pair.

Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1443689999-12182-3-git-send-email-armbru@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
9 years agomemory: allow destroying a non-empty MemoryRegion
Paolo Bonzini [Thu, 1 Oct 2015 08:59:50 +0000 (10:59 +0200)]
memory: allow destroying a non-empty MemoryRegion

This is legal; the MemoryRegion will simply unreference all the
existing subregions and possibly bring them down with it as well.
However, it requires a bit of care to avoid an infinite loop.
Finalizing a memory region cannot trigger an address space update,
but memory_region_del_subregion errs on the side of caution and
might trigger a spurious update: avoid that by resetting mr->enabled
first.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1443689999-12182-2-git-send-email-armbru@redhat.com>

9 years agovirtio-input: Fix device introspection on non-Linux hosts
Markus Armbruster [Thu, 8 Oct 2015 16:11:40 +0000 (18:11 +0200)]
virtio-input: Fix device introspection on non-Linux hosts

When CONFIG_LINUX is off, devices "virtio-keyboard-device",
"virtio-mouse-device", "virtio-tablet-device" and
"virtio-input-host-device" aren't compiled in, yet
"virtio-keyboard-pci", "virtio-mouse-pci", "virtio-tablet-pci" and
"virtio-input-host-pci" still are.  Attempts to introspect them crash,
e.g.

    $ qemu-system-x86_64 -device virtio-tablet-pci,help
    **
    ERROR:/work/armbru/qemu/qom/object.c:333:object_initialize_with_type: assertion failed: (type != NULL)

Broken in commit 710e2d9 and commit 006a5ed.

Fix by compiling the "virtio-FOO-pci" exactly when compiling the
"virtio-FOO-device": compile "virtio-keyboard-device",
"virtio-mouse-device", "virtio-tablet-device" regardless of
CONFIG_LINUX, and compile "virtio-input-host-pci" only for
CONFIG_LINUX.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <1444320700-26260-3-git-send-email-armbru@redhat.com>

9 years agoupdate-linux-headers: Rename SW_MAX to SW_MAX_
Markus Armbruster [Thu, 8 Oct 2015 16:11:39 +0000 (18:11 +0200)]
update-linux-headers: Rename SW_MAX to SW_MAX_

The next commit will compile hw/input/virtio-input.c and
hw/input/virtio-input-hid.c even when CONFIG_LINUX is off.  These
files include both "include/standard-headers/linux/input.h" and
<windows.h> then.  Doesn't work, because both define SW_MAX.  We don't
actually use it.  Patch input.h to define SW_MAX_ instead.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1444320700-26260-2-git-send-email-armbru@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
9 years agoMerge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging
Peter Maydell [Fri, 9 Oct 2015 11:18:13 +0000 (12:18 +0100)]
Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging

# gpg: Signature made Fri 09 Oct 2015 10:15:13 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"

* remotes/stefanha/tags/tracing-pull-request:
  trace: remove malloc tracing
  docs: update the usage example of "dtrace" backend in tracing.txt

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>