Igor Mammedov [Tue, 8 Jul 2014 13:29:46 +0000 (15:29 +0200)]
pc: fix qemu exiting with error when -m X < 128 with old machines types
If machine doesn't support memory hotplug then staring QEMU
with initial memory less than default will make QEMU exit with
following error message:
$QEMU -m 16 -M isapc
qemu-system-i386: "-memory 'slots|maxmem'" is not supported by: isapc
Set maxram_size to initial memory value before parsing
'maxmem' option allows to keep maxmem in sync with initial
memory size if no maxmem option was specified.
Paolo Bonzini [Fri, 4 Jul 2014 09:43:49 +0000 (11:43 +0200)]
virtio-pci: fix MSI memory region use after free
After memory region QOMification QEMU is stricter in detecting
wrong usage of the memory region API. Here it detected a
memory_region_destroy done before the corresponding
memory_region_del_subregion; the memory_region_destroy is
done by msix_uninit_exclusive_bar, the memory_region_del_subregion
is done by the PCI core's pci_unregister_io_regions before
pc->exit is called.
The problem was introduced by
commit 06a1307379fcd6c551185ad87679cd7ed896b9ea
virtio-pci: add device_unplugged callback
As noted in that commit log, virtio device kick callbacks need to be
stopped before generic virtio is cleaned up. This is because these are
notifications from pci proxy to the generic virtio device so they need
to be stopped in the unplug call before the virtio device is unrealized.
However interrupts are notifications from the virtio device to
the pci proxy so they need to stay around while the device
is realized.
The memory API misuse caused an assertion when hot-unplugging virtio
devices. Using the API correctly fixes the assertion.
qdev: Fix crash when using non-device class name on -global
This fixes the following crash:
$ qemu-system-x86_64 -global container.xxx=y
hw/core/qdev-properties-system.c:399:qdev_add_one_global: Object 0x7f7eff234100 is not an instance of type device
Aborted (core dumped)
New behavior will be to just warn, just like when non-existing clas
names are used:
$ qemu-system-x86_64 -global container.xxx=y
qemu-system-x86_64: Warning: "-global container.xxx=y" not used
Ming Lei [Wed, 4 Jun 2014 02:05:55 +0000 (10:05 +0800)]
hw/virtio: enable common virtio feature for mmio device
Both 'indirect_desc' and 'event_idx' are bus independent features,
and they should be enabled for mmio devices too.
On arm64 quad core VM(qemu-kvm), the patch can increase block I/O
performance a lot with latest linux tree:
- without the patch: 14K IOPS
- with the patch: 34K IOPS
Le Tan [Wed, 2 Jul 2014 00:06:35 +0000 (08:06 +0800)]
pci: assign devfn to pci_dev before calling pci_device_iommu_address_space()
In function do_pci_register_device() in file hw/pci/pci.c, move the assignment
of pci_dev->devfn to the position before the call to
pci_device_iommu_address_space(pci_dev) which will use the value of
pci_dev->devfn.
Fixes: 9eda7d373e9c691c070eddcbe3467b991f67f6bd
pci: Introduce helper to retrieve a PCI device's DMA address space
Since commit cdaa86a54b232572bba594bf87a7416e527e460c
("Add G_IO_HUP handler for socket chardev")
GLib limitation results in a bug on Windows host. Steps to reproduce:
Start qemu: qemu-system-i386 -qmp tcp:127.0.0.1:4444:server:nowait
Connect with telnet: telnet 127.0.0.1 4444
Try sending some data from telnet.
Expected result: answers from QEMU.
Observed result: no answers (actually tcp_chr_read is not called at all).
Due to GLib limitations it is not possible to create several watches on one
channel on Windows hosts. See bug #338943 in GNOME bugzilla for details:
https://bugzilla.gnome.org/show_bug.cgi?id=338943
Igor Mammedov [Mon, 30 Jun 2014 10:43:29 +0000 (12:43 +0200)]
pc-dimm: error out if memory hotplug is not enabled
fixes QEMU abort in case it's started without memory
hotplug enabled.
as result of fix it will print following messages:
"
-device pc-dimm,id=d1,memdev=m1: memory hotplug is not enabled, enable it on startup
-device pc-dimm,id=d1,memdev=m1: Device 'pc-dimm' could not be initialized
"
Also fixup assert condition to detect hotplug address
space overflow.
The mmsghdr struct is only introduced in Linux 2.6.32; add a
configure check for it and disable L2TPV3 on hosts which are
too old to provide it, rather than simply failing to compile.
Peter Maydell [Tue, 1 Jul 2014 12:13:04 +0000 (13:13 +0100)]
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Block pull request
# gpg: Signature made Tue 01 Jul 2014 09:47:15 BST using RSA key ID 81AB73C8
# gpg: Good signature from "Stefan Hajnoczi <[email protected]>"
# gpg: aka "Stefan Hajnoczi <[email protected]>"
* remotes/stefanha/tags/block-pull-request: (23 commits)
block: add backing-file option to block-stream
block: extend block-commit to accept a string for the backing file
block: add helper function to determine if a BDS is in a chain
block: add QAPI command to allow live backing file change
qapi: Change back sector-count to sectors-count in quorum QAPI events.
block/cow: Avoid use of uninitialized cow_bs in error path
block: simplify bdrv_find_base() and bdrv_find_overlay()
block: make 'top' argument to block-commit optional
iotests: Add more tests to quick group
iotests: Add qemu tests to quick group
iotests: Simplify qemu-iotests-quick.sh
qemu-img create: add 'nocow' option
virtio-blk: remove need for explicit x-data-plane=on option
qdev: drop iothread property type
virtio-blk: replace x-iothread with iothread link property
virtio-blk: move qdev properties into virtio-blk.c
virtio: fix virtio-blk child refcount in transports
virtio-blk: drop virtio_blk_set_conf()
virtio-blk: use aliases instead of duplicate qdev properties
qdev: add qdev_alias_all_properties()
...
Peter Lieven [Mon, 30 Jun 2014 08:57:51 +0000 (10:57 +0200)]
ui/vnc: fix potential memory corruption issues
this patch makes the VNC server work correctly if the
server surface and the guest surface have different sizes.
Basically the server surface is adjusted to not exceed VNC_MAX_WIDTH
x VNC_MAX_HEIGHT and additionally the width is rounded up to multiple of
VNC_DIRTY_PIXELS_PER_BIT.
If we have a resolution whose width is not dividable by VNC_DIRTY_PIXELS_PER_BIT
we now get a small black bar on the right of the screen.
If the surface is too big to fit the limits only the upper left area is shown.
On top of that this fixes 2 memory corruption issues:
The first was actually discovered during playing
around with a Windows 7 vServer. During resolution
change in Windows 7 it happens sometimes that Windows
changes to an intermediate resolution where
server_stride % cmp_bytes != 0 (in vnc_refresh_server_surface).
This happens only if width % VNC_DIRTY_PIXELS_PER_BIT != 0.
The second is a theoretical issue, but is maybe exploitable
by the guest. If for some reason the guest surface size is bigger
than VNC_MAX_WIDTH x VNC_MAX_HEIGHT we end up in severe corruption since
this limit is nowhere enforced.
Peter Lieven [Mon, 30 Jun 2014 08:07:54 +0000 (10:07 +0200)]
ui/vnc: limit client_cut_text msg payload size
currently a malicious client could define a payload
size of 2^32 - 1 bytes and send up to that size of
data to the vnc server. The server would allocated
that amount of memory which could easily create an
out of memory condition.
This patch limits the payload size to 1MB max.
Please note that client_cut_text messages are currently
silently ignored.
Jincheng Miao [Fri, 20 Jun 2014 06:12:52 +0000 (14:12 +0800)]
usb: initialize libusb_device to avoid crash
If libusb_get_device_list() fails, the uninitialized local variable
libusb_device would be passed to libusb_free_device_list(), that
will cause a crash, like:
(gdb) bt
#0 0x00007fbbb4bafc10 in pthread_mutex_lock () from /lib64/libpthread.so.0
#1 0x00007fbbb233e653 in libusb_unref_device (dev=0x6275682d627375)
at core.c:902
#2 0x00007fbbb233e739 in libusb_free_device_list (list=0x7fbbb6e8436e,
unref_devices=<optimized out>) at core.c:653
#3 0x00007fbbb6cd80a4 in usb_host_auto_check (unused=unused@entry=0x0)
at hw/usb/host-libusb.c:1446
#4 0x00007fbbb6cd8525 in usb_host_initfn (udev=0x7fbbbd3c5670)
at hw/usb/host-libusb.c:912
#5 0x00007fbbb6cc123b in usb_device_init (dev=0x7fbbbd3c5670)
at hw/usb/bus.c:106
...
Peter Maydell [Tue, 1 Jul 2014 10:55:48 +0000 (11:55 +0100)]
Merge remote-tracking branch 'remotes/bonzini/memory' into staging
* remotes/bonzini/memory:
qdev: correctly send DEVICE_DELETED for recursively-deleted devices
memory: do not give a name to the internal exec.c regions
memory: MemoryRegion: Add size property
memory: MemoryRegion: Add may-overlap and priority props
memory: MemoryRegion: Add container and addr props
memory: MemoryRegion: replace owner field with QOM parent
memory: MemoryRegion: QOMify
memory: MemoryRegion: use /machine as default owner
libqtest: escape strings in QMP commands, fix leak
qom: object: Ignore refs/unrefs of NULL
qom: object: remove parent pointer when unparenting
mc146818rtc: add "rtc-time" link to "/machine/rtc"
qom: allow creating an alias of a child<> property
qom: add a generic mechanism to resolve paths
qom: add object_property_add_alias()
Peter Maydell [Tue, 1 Jul 2014 09:28:52 +0000 (10:28 +0100)]
Merge remote-tracking branch 'remotes/bonzini/scsi-next' into staging
* remotes/bonzini/scsi-next:
configure: Fix -lm test, so that tools can be compiled on hosts that require -lm
virtio-scsi: scsi events must be converted to target endianness
virtio-scsi: virtio_scsi_push_event() lacks VirtIOSCSIReq parsing
Yang Zhiyong [Sat, 21 Jun 2014 18:43:03 +0000 (02:43 +0800)]
trace: add qemu_system_powerdown_request and qemu_system_shutdown_request trace events
We have the experience that the guest doesn't stop successfully
though it was instructed to shut down.
The root cause may be not in QEMU mostly. However, QEMU is often
suspected at the beginning just because the issue occurred in
virtualization environment.
Therefore, we need to affirm that QEMU received the shutdown
request and raised ACPI irq from "virsh shutdown" command,
virt-manger or stopping QEMU process to the VM .
So that we can affirm the problems was belonged to the Guset OS
rather than the QEMU itself.
When we stop guests by "virsh shutdown" command or virt-manger,
or stopping QEMU process, qemu_system_powerdown_request() or
qemu_system_shutdown_request() is called. Then the below functions
in main_loop_should_exit() of Vl.c are called roughly in the
following order.
if (qemu_powerdown_requested())
qemu_system_powerdown()
monitor_protocol_event(QEVENT_POWERDOWN, NULL)
The tracepoint of monitor_protocol_event() already exists, but no
tracepoints are defined for qemu_system_powerdown_request() and
qemu_system_shutdown_request(). So this patch adds two tracepoints for
the two functions. We believe that it will become much easier to
isolate the problem mentioned above by these tracepoints.
Jeff Cody [Wed, 25 Jun 2014 19:40:11 +0000 (15:40 -0400)]
block: add backing-file option to block-stream
On some image chains, QEMU may not always be able to resolve the
filenames properly, when updating the backing file of an image
after a block job.
For instance, certain relative pathnames may fail, or drives may
have been specified originally by file descriptor (e.g. /dev/fd/???),
or a relative protocol pathname may have been used.
In these instances, QEMU may lack the information to be able to make
the correct choice, but the user or management layer most likely does
have that knowledge.
With this extension to the block-stream api, the user is able to change
the backing file of the active layer as part of the block-stream
operation.
This allows the change to be 'safe', in the sense that if the attempt
to write the active image metadata fails, then the block-stream
operation returns failure, without disrupting the guest.
If a backing file string is not specified in the command, the backing
file string to use is determined in the same manner as it was
previously.
Jeff Cody [Wed, 25 Jun 2014 19:40:10 +0000 (15:40 -0400)]
block: extend block-commit to accept a string for the backing file
On some image chains, QEMU may not always be able to resolve the
filenames properly, when updating the backing file of an image
after a block commit.
For instance, certain relative pathnames may fail, or drives may
have been specified originally by file descriptor (e.g. /dev/fd/???),
or a relative protocol pathname may have been used.
In these instances, QEMU may lack the information to be able to make
the correct choice, but the user or management layer most likely does
have that knowledge.
With this extension to the block-commit api, the user is able to change
the backing file of the overlay image as part of the block-commit
operation.
This allows the change to be 'safe', in the sense that if the attempt
to write the overlay image metadata fails, then the block-commit
operation returns failure, without disrupting the guest.
If the commit top is the active layer, then specifying the backing
file string will be treated as an error (there is no overlay image
to modify in that case).
If a backing file string is not specified in the command, the backing
file string to use is determined in the same manner as it was
previously.
Jeff Cody [Wed, 25 Jun 2014 19:40:09 +0000 (15:40 -0400)]
block: add helper function to determine if a BDS is in a chain
This is a small helper function, to determine if 'base' is in the
chain of BlockDriverState 'top'. It returns true if it is in the chain,
and false otherwise.
If either argument is NULL, it will also return false.
Jeff Cody [Tue, 1 Jul 2014 07:52:16 +0000 (09:52 +0200)]
block: add QAPI command to allow live backing file change
This allows a user to make a live change to the backing file recorded in
an open image.
The image file to modify can be specified 2 ways:
1) image filename
2) image node-name
Note: this does not cause the backing file itself to be reopened; it
merely changes the backing filename in the image file structure, and
in internal BDS structures.
It is the responsibility of the user to pass a filename string that
can be resolved when the image chain is reopened, and the filename
string is not validated.
A good analogy for this command is that it is a live version of
'qemu-img rebase -u', with respect to changing the backing file string.
[Jeff is offline so I respun this patch in his absence. Dropped image
filename since using node-name is preferred and this is a new command.
No need to introduce the limitations of finding images by filename.
--Stefan]
configure: Fix -lm test, so that tools can be compiled on hosts that require -lm
The existing test whether "-lm" needs to be included or not is
insufficient as it reports false negative on Fedora20/ppc64.
This happens because sin(0.0) is a constant value which compiler
can safely throw away and therefore there is no need to add "-lm".
As the result, qemu-nbd/qemu-io/qemu-img tools cannot compile.
This adds a global variable and uses it in the test to prevent
from optimization.
Signed-off-by: Alexey Kardashevskiy <[email protected]>
[Use Peter's improvement on the test to fool LTO, and remove the
now useless -lm addition in Makefile.target. - Paolo] Signed-off-by: Paolo Bonzini <[email protected]>
Paolo Bonzini [Thu, 26 Jun 2014 13:10:03 +0000 (15:10 +0200)]
qdev: correctly send DEVICE_DELETED for recursively-deleted devices
When a device is unparented (i.e. made completely hidden from management)
we want to send a DEVICE_DELETED event only if the device actually was
realized. This avoids raising DEVICE_DELETED events when device_add
fails.
However, this does not work right for recursively-deleted
devices: the whole tree is _first_ unrealized, _then_ unparented.
Then device_unparent sees realized==false and fails to trigger
the event. The solution is simply to move have_realized into
the DeviceState struct. If device_add fails, we never set the
new field to true and DEVICE_DELETED is not sent.
Fixes qemu-iotests testcase 067 (broken by commit 5942a19, though that
commit in turn fixed a possible segfault in the same test).
To allow devices to dynamically resize the device. The motivation is
to allow devices with variable size to init their memory_region
without size early and then correctly populate size at realize() time.
memory: MemoryRegion: Add may-overlap and priority props
QOM propertyify the .may-overlap and .priority fields. The setters
will re-add the memory as a subregion if needed (i.e. the values change
when the memory region is already contained).
memory: MemoryRegion: Add container and addr props
Expose the already existing .parent and .addr fields as QOM properties.
.parent (i.e. the field describing the memory region that contains this
one in Memory hierachy) is renamed "container". This is to avoid
confusion with the QOM parent.
Signed-off-by: Peter Crosthwaite <[email protected]>
[Remove setters. Do not unref parent on releasing the property. Clean
up error propagation. - Paolo] Signed-off-by: Paolo Bonzini <[email protected]>
QOMify memory regions as an Object. The former init() and destroy()
routines become instance_init() and instance_finalize() resp.
memory_region_init() is re-implemented to be:
object_initialize() + set fields
memory_region_destroy() is re-implemented to call unparent().
Signed-off-by: Peter Crosthwaite <[email protected]>
[Add newly-created MR as child, unparent on destruction. - Paolo] Signed-off-by: Paolo Bonzini <[email protected]>
Paolo Bonzini [Fri, 13 Jun 2014 07:35:18 +0000 (09:35 +0200)]
libqtest: escape strings in QMP commands, fix leak
libqtest is using g_strdup_printf to format QMP commands, but
this does not work if the argument strings need to be escaped.
Instead, use the fancy %-formatting functionality of QObject.
The only change required in tests is that strings have to be
formatted as %s, not '%s' or \"%s\". Luckily this usage of
parameterized QMP commands is not that frequent.
The leak is in socket_sendf. Since we are extracting the send
loop to a new function, fix it now.
Just do nothing if passed NULL for a ref or unref. This avoids
call sites that manage a combination of NULL or non-NULL pointers
having to add iffery around every ref and unref.
qom: object: remove parent pointer when unparenting
Certain parts of the QOM framework test this pointer to determine if
an object is parented. Nuke it when the object is unparented to allow
for reuse of an object after unparenting.
Marcelo Tosatti [Wed, 4 Jun 2014 17:52:03 +0000 (14:52 -0300)]
mc146818rtc: add "rtc-time" link to "/machine/rtc"
Add a link to rtc under /machine providing a stable
location for management apps to query the value of the
time. The link should be added by any object that sends
RTC_TIME_CHANGE events.
Paolo Bonzini [Thu, 5 Jun 2014 11:11:51 +0000 (13:11 +0200)]
qom: add a generic mechanism to resolve paths
It may be desirable to have custom link<> properties that do more
than just store an object. Even the addition of a "check"
function is not enough if setting the link has side effects
or if a non-standard reference counting is preferrable.
Avoid the assumption that the opaque field of a link<> is a
LinkProperty struct, by adding a generic "resolve" callback
to ObjectProperty. This fixes aliases of link properties.
Peter Maydell [Mon, 30 Jun 2014 18:03:37 +0000 (19:03 +0100)]
block/cow: Avoid use of uninitialized cow_bs in error path
Commit 25814e8987 introduced an error-exit code path which does
a "goto exit" before the cow_bs variable is initialized, meaning
we would call bdrv_unref() on an uninitialized variable and
likely segfault. Fix this by moving the NULL-initialization
to the top of the function and making the exit code path handle
the case where it is NULL.
Jeff Cody [Wed, 25 Jun 2014 19:35:26 +0000 (15:35 -0400)]
block: simplify bdrv_find_base() and bdrv_find_overlay()
This simplifies the function bdrv_find_overlay(). With this change,
bdrv_find_base() is just a subset of usage of bdrv_find_overlay(),
so this also takes advantage of that.
Max Reitz [Fri, 27 Jun 2014 20:47:46 +0000 (22:47 +0200)]
iotests: Simplify qemu-iotests-quick.sh
As of the "iotests: Allow out-of-tree run" series, the qemu-iotests may
(and should) be run directly in the build tree and will then guess the
binary paths themselves. Therefore, qemu-iotests-quick.sh does not need
to (and should not) enter the source path anymore; also, it does not
need to specify the binaries because "check" will guess them
automatically.
As a side-effect, tests using qemu may now be added to the quick group.
Chunyan Liu [Mon, 30 Jun 2014 06:29:58 +0000 (14:29 +0800)]
qemu-img create: add 'nocow' option
Add 'nocow' option so that users could have a chance to set NOCOW flag to
newly created files. It's useful on btrfs file system to enhance performance.
Btrfs has low performance when hosting VM images, even more when the guest
in those VM are also using btrfs as file system. One way to mitigate this bad
performance is to turn off COW attributes on VM files. Generally, there are
two ways to turn off NOCOW on btrfs: a) by mounting fs with nodatacow, then
all newly created files will be NOCOW. b) per file. Add the NOCOW file
attribute. It could only be done to empty or new files.
This patch tries the second way, according to the option, it could add NOCOW
per file.
For most block drivers, since the create file step is in raw-posix.c, so we
can do setting NOCOW flag ioctl in raw-posix.c only.
But there are some exceptions, like block/vpc.c and block/vdi.c, they are
creating file by calling qemu_open directly. For them, do the same setting
NOCOW flag ioctl work in them separately.
[Fixed up 082.out due to the new 'nocow' creation option
--Stefan]
Cédric Le Goater [Mon, 30 Jun 2014 15:17:17 +0000 (17:17 +0200)]
virtio-scsi: scsi events must be converted to target endianness
Virtio SCSI Events need to be byteswapped before being pushed
when host and guest have a different endianness. Not doing so
breaks hotplug of virtio scsi disks, with the following error
message being printed in the guest console:
This issue got uncovered while testing disk hotplug with a PowerKVM
ppc64le guest. I have checked that this issue also affects a x86_64
guest run on a ppc64 host.
Hotplug of a virtio scsi disk is currently broken: no disk appears in the
guest (verified with a fedora 20 host running a fedora 20 guest with KVM).
Bisect leeds to Paolo's patches to support any_layout, especially this
commit:
It modifies virtio_scsi_pop_req() so that it is up to the callers to parse
the virtio scsi request. It seems that virtio_scsi_push_event() was not
modified accordingly...
This patch adds a call to virtio_scsi_parse_req(). It also drops some
sanity checks that are already performed by virtio_scsi_parse_req().
Stefan Hajnoczi [Wed, 18 Jun 2014 09:58:28 +0000 (17:58 +0800)]
qom: add object_property_add_alias()
Sometimes an object needs to present a property which is actually on
another object, or it needs to provide an alias name for an existing
property.
Examples:
a.foo -> b.foo
a.old_name -> a.new_name
The new object_property_add_alias() API allows objects to alias a
property on the same object or another object. The source and target
names can be different.
Stefan Hajnoczi [Tue, 10 Jun 2014 07:03:20 +0000 (09:03 +0200)]
virtio-blk: replace x-iothread with iothread link property
Up until now -device virtio-blk-pci,x-iothread=<id> was used to assign
an IOThread. This was a temporary solution while we cleaned up QOM link
properties.
This patch switches over to a QOM link property since it is now possible
to restrict the setter to unrealized instances and automatically unref
the IOThread when the virtio-blk-pci device is freed.
Since the "iothread" property is a QOM property and not a qdev property,
we must alias it explicitly for virtio-blk-pci, as well as CCW and
s390-virtio.
Stefan Hajnoczi [Wed, 18 Jun 2014 09:58:35 +0000 (17:58 +0800)]
virtio: fix virtio-blk child refcount in transports
object_initialize() leaves the object with a refcount of 1.
object_property_add_child() adds its own reference which is dropped
again when the property is deleted.
The upshot of this is that we always have a refcount >= 1. Upon hot
unplug the virtio-blk child is not finalized!
Drop our reference after the child property has been added to the
parent.
Stefan Hajnoczi [Wed, 18 Jun 2014 09:58:33 +0000 (17:58 +0800)]
virtio-blk: use aliases instead of duplicate qdev properties
virtio-blk-pci, virtio-blk-s390, and virtio-blk-ccw all duplicate the
qdev properties of their VirtIOBlock child. This approach does not work
well with string or pointer properties since we must be careful about
leaking or double-freeing them.
Use the QOM alias property to forward property accesses to the
VirtIOBlock child. This way no duplication is necessary.
Remember to stop calling virtio_blk_set_conf() so that we don't clobber
the values already set on the VirtIOBlock instance.
Stefan Hajnoczi [Wed, 18 Jun 2014 09:58:32 +0000 (17:58 +0800)]
qdev: add qdev_alias_all_properties()
The qdev_alias_all_properties() function creates QOM alias properties
for each qdev property on a DeviceState. This is useful for parent
objects that wish to forward property accesses to their children.
Stefan Hajnoczi [Wed, 18 Jun 2014 09:58:31 +0000 (17:58 +0800)]
virtio-blk: move x-data-plane qdev property to virtio-blk.h
Move the x-data-plane property. Originally it was outside since not
every transport may wish to support dataplane. But that makes little
sense when we have a dedicated CONFIG_VIRTIO_BLK_DATA_PLANE ifdef
already.
This move makes it easier to switch to property aliases in the next
patch.
It becomes unwiedly to duplicate all virtio-blk qdev property
definitions due to an #ifdef. The C preprocessor syntax makes it a
little hard to resolve this cleanly but we can extract the #ifdef and
call a macro it defines later.
Avoiding duplication is important since it will only get worse when we
move the x-data-plane qdev property here too. We'd have a combinatorial
explosion since x-data-plane has its own #ifdef.
Andreas Färber [Wed, 18 Jun 2014 07:57:08 +0000 (00:57 -0700)]
irq: Slim conversion of qemu_irq to QOM
As a prequel to any big Pin refactoring plans, do an in-place conversion
of qemu_irq to an Object, so that we can reference it in link<> properties.
Signed-off-by: Andreas Färber <[email protected]>
[ PC Changes:
* Removed array-alloctor ref counting logic (limit changes just to
* single IRQ allocator)
* Removed WIP marking from subject line
] Reviewed-by: Peter Maydell <[email protected]> Signed-off-by: Peter Crosthwaite <[email protected]> Acked-by: Paolo Bonzini <[email protected]> Signed-off-by: Andreas Färber <[email protected]>
Allocate each IRQ individually on array allocations. This prepares for
QOMification of IRQs, where pointers to individual IRQs may be taken
and handed around for usage as QOM Links. The g_renew() scheme used here
is too fragile and would break all existing links should an IRQ list
be extended.
We now have to pass the IRQ count to qemu_free_irqs(). We have so few
call sites however, so this change is reasonably trivial.
Certain parts of the QOM framework test this pointer to determine if
an object is parented. Nuke it when the object is unparented to allow
for reuse of an object after unparenting.
Paolo Bonzini [Mon, 30 Jun 2014 15:56:08 +0000 (09:56 -0600)]
vfio: use correct runstate
io-error is for block device errors; it should always be preceded
by a BLOCK_IO_ERROR event. I think vfio wants to use
RUN_STATE_INTERNAL_ERROR instead.
Slow BAR access path is used when VFIO fails to mmap() BAR.
Since this is just a transport between the guest and a device, there is
no need to do endianness swapping.
This changes BARs to use native endianness. Since non-ROM BARs were
doing byte swapping, we need to remove it so does the patch.
As the result, this eliminates cancelling byte swaps and there is
no change in behavior for non-ROM BARs.
ROM BARs were declared little endian too but byte swapping was not
implemented for them so they never actually worked on big endian systems
as there was no cancelling byte swap. This fixes endiannes for ROM BARs
by declaring them native endian and only fixing access sizes as it is
done for non-ROM BARs.
Alex Williamson [Mon, 30 Jun 2014 15:50:33 +0000 (09:50 -0600)]
vfio-pci: Fix MSI-X masking performance
There are still old guests out there that over-exercise MSI-X masking.
The current code completely sets-up and tears-down an MSI-X vector on
the "use" and "release" callbacks. While this is functional, it can
slow an old guest to a crawl. We can easily skip the KVM parts of
this so that we keep the MSI route and irqfd setup. We do however
need to switch VFIO to trigger a different eventfd while masked.
Actually, we have the option of continuing to use -1 to disable the
trigger, but by using another EventNotifier we can allow the MSI-X
core to emulate pending bits and re-fire the vector once unmasked.
MSI code gets updated as well to use the same setup and teardown
structures and functions.
Prior to this change, an igbvf assigned to a RHEL5 guest gets about
20Mbps and 50 transactions/s with netperf (remote or VF->PF). With
this change, we get line rate and 3k transactions/s remote or 2Gbps
and 6k+ transactions/s to the PF. No significant change is expected
for newer guests with more well behaved MSI-X support.
Peter Maydell [Mon, 30 Jun 2014 15:13:32 +0000 (16:13 +0100)]
Merge remote-tracking branch 'remotes/bonzini/nbd-next' into staging
* remotes/bonzini/nbd-next:
nbd: Handle NBD_OPT_LIST option.
nbd: Handle fixed new-style clients.
nbd: Shutdown socket before closing.
nbd: Don't validate from and len in NBD_CMD_DISC.
nbd: Don't export a block device with no medium.
Peter Maydell [Mon, 30 Jun 2014 14:42:35 +0000 (15:42 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20140630' into staging
cocoa.next:
* Honour -show-cursor option
* Fix handling of absolute positioning devices
* Cope with first surface being same as initial window size
# gpg: Signature made Mon 30 Jun 2014 13:48:46 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <[email protected]>"
* remotes/pmaydell/tags/pull-cocoa-20140630:
ui/cocoa: Honour -show-cursor command line option
ui/cocoa: Fix handling of absolute positioning devices
ui/cocoa: Add utility method to check if point is within window
ui/cocoa: Cope with first surface being same as initial window size
Peter Maydell [Mon, 30 Jun 2014 14:16:25 +0000 (15:16 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140630' into staging
target-arm:
* provide PL031 RTC in virt board
* fix missing pxa2xx and strongarm vmstate
* convert cadence_ttc to instance_init
* fix libvixl format strings and README
# gpg: Signature made Mon 30 Jun 2014 13:44:33 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <[email protected]>"
* remotes/pmaydell/tags/pull-target-arm-20140630:
disas/libvixl: Fix wrong format strings
disas/libvixl: Update README for version base
timer: cadence_ttc: Convert to instance_init
hw/arm/pxa2xx_gpio: Correct and register vmstate
hw/arm/pxa2xx_gpio: Fix handling of GPSR/GPCR reads
hw/arm/strongarm: Wire up missing GPIO and PPC vmstate
hw/arm/strongarm: Fix handling of GPSR/GPCR reads
hw/arm/virt: Provide PL031 RTC
Roger Pau Monne [Fri, 23 May 2014 15:57:49 +0000 (17:57 +0200)]
serial: poll the serial console with G_IO_HUP
On FreeBSD polling a master pty while the other end is not connected
with G_IO_OUT only results in an endless wait. This is different from
the Linux behaviour, that returns immediately. In order to demonstrate
this, I have the following example code:
http://xenbits.xen.org/people/royger/test_poll.c
When executed on Linux:
$ ./test_poll
In callback
On FreeBSD instead, the callback never gets called:
$ ./test_poll
So, in order to workaround this, poll the source with G_IO_HUP (which
makes the code behave the same way on both Linux and FreeBSD).
Hani Benhabiles [Sat, 7 Jun 2014 00:32:31 +0000 (01:32 +0100)]
nbd: Handle fixed new-style clients.
When this flag is set, the server tells the client that it can send another
option if the server received a request with an option that it doesn't
understand instead of directly closing the connection.
Also add link to the most up-to-date documentation.
Peter Maydell [Mon, 23 Jun 2014 09:35:25 +0000 (10:35 +0100)]
ui/cocoa: Honour -show-cursor command line option
Honour the -show-cursor command line option (which forces the mouse pointer
to always be displayed even when input is grabbed) in the Cocoa UI backend.
Peter Maydell [Mon, 23 Jun 2014 09:35:24 +0000 (10:35 +0100)]
ui/cocoa: Fix handling of absolute positioning devices
Fix handling of absolute positioning devices, which were basically
unusable for two separate reasons:
(1) as soon as you pressed the left mouse button we would call
CGAssociateMouseAndMouseCursorPosition(FALSE), which means that
the absolute coordinates of the mouse events are never updated
(2) we didn't account for MacOSX coordinate origin being bottom left
rather than top right, and so all the Y values sent to the guest
were inverted
We fix (1) by aligning our behaviour with the SDL UI backend for
absolute devices:
* when the mouse moves into the window we do a grab (which means
hiding the host cursor and sending special keys to the guest)
* when the mouse moves out of the window we un-grab
and fix (2) by doing the correct transformation in the call to
qemu_input_queue_abs().
Peter Maydell [Mon, 23 Jun 2014 09:35:23 +0000 (10:35 +0100)]
ui/cocoa: Add utility method to check if point is within window
Add a utility method to check whether a point is within the current window
bounds, and use it in the various places in the mouse handling code that
were opencoding the check.
Peter Maydell [Mon, 23 Jun 2014 09:35:22 +0000 (10:35 +0100)]
ui/cocoa: Cope with first surface being same as initial window size
Do the recalculation of the content dimensions in switchSurface if the
current cdx is zero as well as if the new surface is a different size to
the current window. This catches the case where the first surface registered
happens to be 640x480 (our current window size), and fixes a bug where we
would always display a black screen until the first surface of a different
size was registered.
projects / qemu.git / log