[Qemu-devel] [PULL v2 00/35] Misc patches for QEMU soft freeze

[Qemu-devel] [PULL v2 00/35] Misc patches for QEMU soft freeze

[Paolo Bonzini]

The following changes since commit 1f3aba377d2a531453f018c70de2580a142c74c9:

  pc: acpi: drop intermediate PCMachineState.node_cpu (2016-06-24 08:34:47 +0300)

are available in the git repository at:

  git://github.com/bonzini/qemu.git tags/for-upstream

for you to fetch changes up to 74b6ce43e3aacbb101018407196fc963e2c39fea:

  socket: unlink unix socket on remove (2016-06-29 16:49:41 +0200)

----------------------------------------------------------------
* serial port fixes (Paolo)
* Q35 modeling improvements (Paolo, Vasily)
* chardev cleanup improvements (Marc-André)
* iscsi bugfix (Peter L.)
* cpu_exec patch from multi-arch patches (Peter C.)
* pci-assign tweak (Lin Ma)

----------------------------------------------------------------
v1->v2: fixes for other issues in vhost-user-test

Andrew Jones (1):
      vl: smp_parse: fix regression

Efimov Vasily (13):
      ide: move headers to include folder
      pcspk: convert "pit" property type from ptr to link
      vmport: identify vmport type by macro TYPE_VMPORT
      pflash: make TYPE_CFI_PFLASH0{1,2} macros public
      Q35: implement property interfece to several parameters
      pc_q35: configure Q35 instance using properties
      pckbd: handle A20 IRQ as GPIO
      port92: handle A20 IRQ as GPIO
      ICH9 SMB: make TYPE_ICH9_SMB_DEVICE macro public
      ICH9 LPC: handle GSI as qdev GPIO
      ICH9 LPC: move call of isa_bus_irqs to 'realize' method
      isa: introduce wrapper isa_connect_gpio_out
      MC146818 RTC: add GPIO access to output IRQ

Lin Ma (1):
      pci-assign: Move "Invalid ROM" error message to pci-assign-load-rom.c

Marc-André Lureau (3):
      char: clean up remaining chardevs when leaving
      socket: add listen feature
      socket: unlink unix socket on remove

Paolo Bonzini (15):
      ich9: call ich9_lpc_update_pic for disabled pirqs
      ich9: clean up ich9_lpc_update_pic/ich9_lpc_update_apic and callers
      ich9: unify pic and ioapic IRQ vectors
      scsi: esp: fix migration
      vnc: generalize "VNC server running on ..." message
      serial: make tsr_retry unsigned
      serial: simplify tsr_retry reset
      serial: separate serial_xmit and serial_watch_cb
      char: change qemu_chr_fe_add_watch to return unsigned
      serial: remove watch on reset
      serial: reinstate watch after migration
      ich9: implement ACPI_EN register
      ich9: implement SCI_IRQ_SEL register
      vhost-user-test: fix g_cond_wait_until compat implementation
      vhost-user: disable chardev handlers on close

Peter Crosthwaite (1):
      target-*: Don't redefine cpu_exec()

Peter Lieven (1):
      iscsi: fix assertion in is_sector_request_lun_aligned

 block/iscsi.c                     |  5 ++-
 hw/audio/pcspk.c                  |  9 +++-
 hw/block/pflash_cfi01.c           |  1 -
 hw/block/pflash_cfi02.c           |  1 -
 hw/char/cadence_uart.c            |  9 ++--
 hw/char/serial.c                  | 67 ++++++++++++++++++++++-------
 hw/i2c/smbus_ich9.c               |  1 -
 hw/i386/kvm/pci-assign.c          |  4 --
 hw/i386/pc.c                      | 10 ++---
 hw/i386/pc_q35.c                  | 28 +++++++-----
 hw/i386/pci-assign-load-rom.c     |  3 ++
 hw/ide/ahci.c                     |  2 +-
 hw/input/pckbd.c                  | 21 +++------
 hw/isa/isa-bus.c                  |  7 +++
 hw/isa/lpc_ich9.c                 | 89 ++++++++++++++++++++++-----------------
 hw/misc/vmport.c                  |  1 -
 hw/pci-host/q35.c                 | 20 +++++++++
 hw/scsi/esp.c                     |  5 ++-
 hw/timer/mc146818rtc.c            |  6 ++-
 include/exec/cpu-all.h            |  2 +
 include/glib-compat.h             | 26 ++++++++++++
 include/hw/audio/pcspk.h          |  2 +-
 include/hw/block/flash.h          |  3 ++
 include/hw/char/serial.h          |  3 +-
 include/hw/i386/ich9.h            |  8 +++-
 include/hw/i386/pc.h              |  8 +++-
 {hw => include/hw}/ide/ahci.h     |  0
 {hw => include/hw}/ide/internal.h |  0
 {hw => include/hw}/ide/pci.h      |  0
 include/hw/isa/isa.h              |  1 +
 include/hw/pci-host/q35.h         |  9 +++-
 include/io/channel.h              |  1 +
 include/migration/vmstate.h       |  5 ++-
 include/qemu/sockets.h            |  1 +
 include/sysemu/char.h             | 16 ++++++-
 include/ui/console.h              |  7 ---
 io/channel-socket.c               | 17 ++++++++
 linux-user/main.c                 | 32 +++++++-------
 net/vhost-user.c                  |  7 ++-
 qemu-char.c                       | 19 +++++++--
 target-alpha/cpu.h                |  2 -
 target-arm/cpu.h                  |  2 -
 target-cris/cpu.h                 |  2 -
 target-i386/cpu.h                 |  2 -
 target-lm32/cpu.h                 |  2 -
 target-m68k/cpu.h                 |  2 -
 target-microblaze/cpu.h           |  2 -
 target-mips/cpu.h                 |  2 -
 target-moxie/cpu.h                |  2 -
 target-openrisc/cpu.h             |  2 -
 target-ppc/cpu.h                  |  2 -
 target-s390x/cpu.h                |  2 -
 target-sh4/cpu.h                  |  2 -
 target-sparc/cpu.h                |  2 -
 target-tilegx/cpu.h               |  2 -
 target-tricore/cpu.h              |  2 -
 target-unicore32/cpu.h            |  3 --
 target-xtensa/cpu.h               |  2 -
 tests/test-io-channel-socket.c    |  2 +-
 tests/vhost-user-test.c           | 17 +-------
 ui/vnc.c                          | 23 +++++-----
 util/qemu-sockets.c               | 18 ++++++++
 vl.c                              |  9 +---
 63 files changed, 349 insertions(+), 213 deletions(-)
 rename {hw => include/hw}/ide/ahci.h (100%)
 rename {hw => include/hw}/ide/internal.h (100%)
 rename {hw => include/hw}/ide/pci.h (100%)
-- 
1.8.3.1

[Qemu-devel] [PULL 31/35] vhost-user-test: fix g_cond_wait_until compat implementation

[Paolo Bonzini]

This fixes compilation with glib versions up to 2.30, such
as the one in CentOS 6.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 include/glib-compat.h   | 26 ++++++++++++++++++++++++++
 tests/vhost-user-test.c | 17 ++---------------
 2 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/include/glib-compat.h b/include/glib-compat.h
index 03d8b12..01aa7b3 100644
--- a/include/glib-compat.h
+++ b/include/glib-compat.h
@@ -149,6 +149,32 @@ static inline void (g_cond_signal)(CompatGCond *cond)
 }
 #undef g_cond_signal
 
+static inline gboolean (g_cond_timed_wait)(CompatGCond *cond,
+                                           CompatGMutex *mutex,
+                                           GTimeVal *time)
+{
+    g_assert(mutex->once.status != G_ONCE_STATUS_PROGRESS);
+    g_once(&cond->once, do_g_cond_new, NULL);
+    return g_cond_timed_wait((GCond *) cond->once.retval,
+                             (GMutex *) mutex->once.retval, time);
+}
+#undef g_cond_timed_wait
+
+/* This is not a macro, because it didn't exist until 2.32.  */
+static inline gboolean g_cond_wait_until(CompatGCond *cond, CompatGMutex *mutex,
+                                         gint64 end_time)
+{
+    GTimeVal time;
+
+    /* Convert from monotonic to CLOCK_REALTIME.  */
+    end_time -= g_get_monotonic_time();
+    g_get_current_time(&time);
+    end_time += time.tv_sec * G_TIME_SPAN_SECOND + time.tv_usec;
+
+    time.tv_sec = end_time / G_TIME_SPAN_SECOND;
+    time.tv_usec = end_time % G_TIME_SPAN_SECOND;
+    return g_cond_timed_wait(cond, mutex, &time);
+}
 
 /* before 2.31 there was no g_thread_new() */
 static inline GThread *g_thread_new(const char *name,
diff --git a/tests/vhost-user-test.c b/tests/vhost-user-test.c
index 8b2164b..421d432 100644
--- a/tests/vhost-user-test.c
+++ b/tests/vhost-user-test.c
@@ -127,25 +127,12 @@ typedef struct TestServer {
     int fds_num;
     int fds[VHOST_MEMORY_MAX_NREGIONS];
     VhostUserMemory memory;
-    GMutex data_mutex;
-    GCond data_cond;
+    CompatGMutex data_mutex;
+    CompatGCond data_cond;
     int log_fd;
     uint64_t rings;
 } TestServer;
 
-#if !GLIB_CHECK_VERSION(2, 32, 0)
-static gboolean g_cond_wait_until(CompatGCond cond, CompatGMutex mutex,
-                                  gint64 end_time)
-{
-    gboolean ret = FALSE;
-    end_time -= g_get_monotonic_time();
-    GTimeVal time = { end_time / G_TIME_SPAN_SECOND,
-                      end_time % G_TIME_SPAN_SECOND };
-    ret = g_cond_timed_wait(cond, mutex, &time);
-    return ret;
-}
-#endif
-
 static const char *tmpfs;
 static const char *root;
 
-- 
1.8.3.1

[Qemu-devel] [PULL 32/35] vhost-user: disable chardev handlers on close

[Paolo Bonzini]

This otherwise causes a use-after-free if network backend cleanup
is performed before character device cleanup.

Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 net/vhost-user.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/net/vhost-user.c b/net/vhost-user.c
index 636899a..92f4cfd 100644
--- a/net/vhost-user.c
+++ b/net/vhost-user.c
@@ -151,6 +151,11 @@ static void vhost_user_cleanup(NetClientState *nc)
         vhost_net_cleanup(s->vhost_net);
         s->vhost_net = NULL;
     }
+    if (s->chr) {
+        qemu_chr_add_handlers(s->chr, NULL, NULL, NULL, NULL);
+        qemu_chr_fe_release(s->chr);
+        s->chr = NULL;
+    }
 
     qemu_purge_queued_packets(nc);
 }
-- 
1.8.3.1

Re: [Qemu-devel] [PULL 32/35] vhost-user: disable chardev handlers on close

[Marc-André Lureau]

Hi

----- Original Message -----
> This otherwise causes a use-after-free if network backend cleanup
> is performed before character device cleanup.
> 
> Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>



See also my previous (still unreviewed) series:
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01004.html

so: Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>


> ---
>  net/vhost-user.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/net/vhost-user.c b/net/vhost-user.c
> index 636899a..92f4cfd 100644
> --- a/net/vhost-user.c
> +++ b/net/vhost-user.c
> @@ -151,6 +151,11 @@ static void vhost_user_cleanup(NetClientState *nc)
>          vhost_net_cleanup(s->vhost_net);
>          s->vhost_net = NULL;
>      }
> +    if (s->chr) {
> +        qemu_chr_add_handlers(s->chr, NULL, NULL, NULL, NULL);
> +        qemu_chr_fe_release(s->chr);
> +        s->chr = NULL;
> +    }
>  
>      qemu_purge_queued_packets(nc);
>  }
> --
> 1.8.3.1
> 

Re: [Qemu-devel] [PULL 32/35] vhost-user: disable chardev handlers on close

[Paolo Bonzini]

On 29/06/2016 17:31, Marc-André Lureau wrote:
> Hi
> 
> ----- Original Message -----
>> This otherwise causes a use-after-free if network backend cleanup
>> is performed before character device cleanup.
>>
>> Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> 
> 
> 
> See also my previous (still unreviewed) series:
> https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01004.html

Oh, interesting!

This is indeed a superset of patch 1, but you need to either delete the
chardev (patch 2) or clear the handlers.  There are only a handful uses
of qemu_chr_delete outside qemu-char.c, which makes me believe that most
of them are wrong...

Paolo

> so: Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> 
> 
>> ---
>>  net/vhost-user.c | 5 +++++
>>  1 file changed, 5 insertions(+)
>>
>> diff --git a/net/vhost-user.c b/net/vhost-user.c
>> index 636899a..92f4cfd 100644
>> --- a/net/vhost-user.c
>> +++ b/net/vhost-user.c
>> @@ -151,6 +151,11 @@ static void vhost_user_cleanup(NetClientState *nc)
>>          vhost_net_cleanup(s->vhost_net);
>>          s->vhost_net = NULL;
>>      }
>> +    if (s->chr) {
>> +        qemu_chr_add_handlers(s->chr, NULL, NULL, NULL, NULL);
>> +        qemu_chr_fe_release(s->chr);
>> +        s->chr = NULL;
>> +    }
>>  
>>      qemu_purge_queued_packets(nc);
>>  }
>> --
>> 1.8.3.1
>>

Re: [Qemu-devel] [PULL v2 00/35] Misc patches for QEMU soft freeze

[Peter Maydell]

On 29 June 2016 at 16:23, Paolo Bonzini <pbonzini@redhat.com> wrote:
> The following changes since commit 1f3aba377d2a531453f018c70de2580a142c74c9:
>
>   pc: acpi: drop intermediate PCMachineState.node_cpu (2016-06-24 08:34:47 +0300)
>
> are available in the git repository at:
>
>   git://github.com/bonzini/qemu.git tags/for-upstream
>
> for you to fetch changes up to 74b6ce43e3aacbb101018407196fc963e2c39fea:
>
>   socket: unlink unix socket on remove (2016-06-29 16:49:41 +0200)
>
> ----------------------------------------------------------------
> * serial port fixes (Paolo)
> * Q35 modeling improvements (Paolo, Vasily)
> * chardev cleanup improvements (Marc-André)
> * iscsi bugfix (Peter L.)
> * cpu_exec patch from multi-arch patches (Peter C.)
> * pci-assign tweak (Lin Ma)

Applied, thanks.

-- PMM

Re: [Qemu-devel] [PULL v2 00/35] Misc patches for QEMU soft freeze

[Paolo Bonzini]

On 30/06/2016 10:59, Peter Maydell wrote:
> On 29 June 2016 at 16:23, Paolo Bonzini <pbonzini@redhat.com> wrote:
>> The following changes since commit 1f3aba377d2a531453f018c70de2580a142c74c9:
>>
>>   pc: acpi: drop intermediate PCMachineState.node_cpu (2016-06-24 08:34:47 +0300)
>>
>> are available in the git repository at:
>>
>>   git://github.com/bonzini/qemu.git tags/for-upstream
>>
>> for you to fetch changes up to 74b6ce43e3aacbb101018407196fc963e2c39fea:
>>
>>   socket: unlink unix socket on remove (2016-06-29 16:49:41 +0200)
>>
>> ----------------------------------------------------------------
>> * serial port fixes (Paolo)
>> * Q35 modeling improvements (Paolo, Vasily)
>> * chardev cleanup improvements (Marc-André)
>> * iscsi bugfix (Peter L.)
>> * cpu_exec patch from multi-arch patches (Peter C.)
>> * pci-assign tweak (Lin Ma)
> 
> Applied, thanks.

And it breaks KVM with default options (of course I had just done a test
run with non-standard -machine kernel_irqchip=split, and I kept those
before sending the pull request).

Will send a fixup ASAP.

Paolo