Hans de Goede [Tue, 28 Aug 2012 07:08:45 +0000 (09:08 +0200)]
usb-redir: Get rid of unused async-struct dev member
This is a preparation patch for completely getting rid of the async-packet
struct in usb-redir, instead relying on the (new) per ep queues in the
qemu usb core.
Hans de Goede [Tue, 28 Aug 2012 07:05:38 +0000 (09:05 +0200)]
usb-redir: Get rid of local shadow copy of packet headers
The shadow copy only serves as an extra check (besides the packet-id) to
ensure the packet we get back is a reply to the packet we think it is.
This check has never triggered in all the time usb-redir is in use now,
and since the verified data in the returned packet-header is not used
otherwise, removing the check does not open any possibilities for the
usbredirhost to confuse us.
This is a preparation patch for completely getting rid of the async-packet
struct in usb-redir, instead relying on the (new) per ep queues in the
qemu usb core.
Hans de Goede [Mon, 27 Aug 2012 14:33:08 +0000 (16:33 +0200)]
usb-redir: Get rid of async-struct get member
This is a preparation patch for completely getting rid of the async-packet
struct in usb-redir, instead relying on the (new) per ep queues in the
qemu usb core.
Hans de Goede [Thu, 23 Aug 2012 14:37:19 +0000 (16:37 +0200)]
usb-redir: Don't delay handling of open events to a bottom half
There is no need for this, and doing so means that a backend trying to
write immediately after an open event will see qemu_chr_be_can_write
returning 0, which not all backends handle well as there is no wakeup
mechanism to detect when the frontend does become writable.
Hans de Goede [Fri, 17 Aug 2012 15:27:08 +0000 (17:27 +0200)]
usb-redir: Never return USB_RET_NAK for async handled packets
USB_RET_NAK is not a valid response for async handled packets (and will
trigger an assert as such).
Also drop the warning when receiving a status of cancelled for packets not
cancelled by qemu itself, this can happen when a device gets unredirected
by the usbredir-host while transfers are pending.
Hans de Goede [Mon, 3 Sep 2012 10:17:48 +0000 (12:17 +0200)]
ehci: Correct a comment in fetchqtd packet processing
Since my previous comment said "Should never happen", I tried changing the
next line to an assert(0), which did not go well, which as the new comments
explains is logical if you think about it for a moment.
Hans de Goede [Mon, 3 Sep 2012 09:01:13 +0000 (11:01 +0200)]
ehci: Fix memory leak in handling of NAK-ed packets
Currently each time we try to execute a NAK-ed packet we redo
ehci_init_transfer, and usb_packet_map, re-allocing (without freeing) the
sg list every time.
This patch fixes this, it does this by introducing another async state, so
that we also properly cleanup a NAK-ed packet on cancel.
Gerd Hoffmann [Fri, 31 Aug 2012 08:44:21 +0000 (10:44 +0200)]
ehci: trace guest bugs
make qemu_queue_{cancel,reset} return the number of packets released,
so the caller can figure whenever there have been active packets even
though there shouldn't have been any. Add tracepoint to log this.
Hans de Goede [Thu, 30 Aug 2012 13:18:24 +0000 (15:18 +0200)]
ehci: Properly report completed but not yet processed packets to the guest
Reported packets which have completed before being cancelled as such to the
host. Note that the new code path this patch adds is untested since it I've
been unable to actually trigger the race which needs this code path.
Hans de Goede [Wed, 29 Aug 2012 08:37:37 +0000 (10:37 +0200)]
ehci: Validate qh is not changed unexpectedly by the guest
-combine the qh check with the check for devaddr changes
-also ensure that p gets set to NULL when the queue gets cancelled on
devaddr change, which was not done properly before this patch
Hans de Goede [Wed, 29 Aug 2012 08:12:52 +0000 (10:12 +0200)]
Revert "ehci: don't flush cache on doorbell rings."
This reverts commit 9bc3a3a216e2689bfcdd36c3e079333bbdbf3ba0, which got
added to fix an issue where the real, underlying cause was not stopping
the ep queue on an error.
Now that the underlying cause is fixed by the "usb: Halt ep queue and
cancel pending packets on a packet error" patch, the "don't flush" fix
is no longer needed.
Not only is it not needed, it causes us to see cancellations (unlinks)
done by the Linux EHCI driver too late, which in combination with the new
usb-core packet-id generation where qtd addresses are used as ids, causes
duplicate ids for in flight packets.
Hans de Goede [Mon, 3 Sep 2012 10:48:49 +0000 (12:48 +0200)]
usb-core: Allow the first packet of a pipelined ep to complete immediately
This can happen with usb-redir live-migration when the packet gets re-queued
after the migration and the original queuing from the migration source side
has already finished.
Hans de Goede [Fri, 17 Aug 2012 09:39:16 +0000 (11:39 +0200)]
usb: controllers do not need to check for babble themselves
If an (emulated) usb-device tries to write more data to a packet then
its iov len, this will trigger an assert in usb_packet_copy(), and if
a driver somehow circumvents that check and writes more data to the
iov then there is space, we have a much bigger problem then not correctly
reporting babble to the guest.
In practice babble will only happen with (real) redirected devices, and there
both the usb-host os and the qemu usb-device code already check for it.
Add ability to force enable/disable of tools build
The qemu-img, qemu-nbd and qemu-io tools are built conditionally
based on whether any softmmu target is enabled. These are useful
self-contained tools which can be used in many other scenarios.
Add new --enable-tools/--disable-tools args to configure to allow
the user to explicitly turn on / off their build. The default
behaviour is now to build these tools are all times, regardless
of whether any softmmu target is enabled
Allow passing of '--target-list=' to configure to request that
all targets are to be disabled. This allows for doing a very
fast tools-only build of things like qemu-img, qemu-io, qemu-nbd.
Paolo Bonzini [Thu, 2 Aug 2012 16:04:12 +0000 (18:04 +0200)]
RTC: Get and set time without going through s->current_tm
This patch makes rtc_set_time and rtc_set_cmos work without reading
s->current_tm. In the case of rtc_set_time I introduce a new
function that retrieves the time and stores into a given struct tm
(not hard-coded to s->current_tm). In the case of rtc_set_cmos, the
current time is similarly taken from a struct tm rather than
s->current_tm.
Paolo Bonzini [Thu, 2 Aug 2012 16:04:11 +0000 (18:04 +0200)]
RTC: Do not fire timer periodically to catch next alarm
This patch limits further the usage of a periodic timer. It computes the
time of the next alarm, and uses it to skip all intermediate occurrences
of the timer.
Base_rtc is the RTC value when the RTC was last updated.
Guest_time_now is the guest time when the access happens.
Guest_time_last_update was the guest time when the RTC was last updated.
Offset is used when divider reset happens or the set bit is toggled.
The timer is kept in order to signal interrupts, but it only needs to
run when either UF or AF is cleared. When the bits are both set, the
timer does not run.
UIP is now synthesized when reading register A. If the timer is not set,
or if there is more than one second before it (as is the case at the
end of this series), the leading edge of UIP is computed and the rising
edge occurs 220us later. If the update timer occurs within one second,
however, the rising edge of the AF and UF bits should coincide withe
the falling edge of UIP. We do not know exactly when this will happen
because there could be delays in the servicing of the timer. Hence, in
this case reading register A only computes for the rising edge of UIP,
and latches the bit until the timer is fired and clears it.
Anthony Liguori [Mon, 10 Sep 2012 17:51:44 +0000 (12:51 -0500)]
Merge remote-tracking branch 'qemu-kvm/uq/master' into staging
* qemu-kvm/uq/master:
kvm: i386: Add classic PCI device assignment
kvm: i386: Add services required for PCI device assignment
kvm: Introduce kvm_has_intx_set_mask
kvm: Introduce kvm_irqchip_update_msi_route
kvm: Clean up irqfd API
qemu: Use valgrind annotations to mark kvm guest memory as defined
Anthony Liguori [Mon, 10 Sep 2012 17:48:43 +0000 (12:48 -0500)]
Merge remote-tracking branch 'mst/tags/for_anthony' into staging
* mst/tags/for_anthony:
vhost: Pass device path to vhost_dev_init()
monitor: Rename+move net_handle_fd_param -> monitor_handle_fd_param
pcie_aer: clear cmask for Advanced Error Interrupt Message Number
pcie: drop version_id field for live migration
qemu: add .exrc
Anthony Liguori [Wed, 5 Sep 2012 18:52:49 +0000 (13:52 -0500)]
socket: don't attempt to reconnect a TCP socket in server mode
Commit c3767ed0eb5d0bb25fe409ae5dec06e3411ff1b6 introduced a possible SEGV when
using a socket chardev with server=on because it assumes that all TCP sockets
are in client mode.
This patch adds a check to only reconnect when in client mode.
Michael Tokarev [Wed, 6 Jun 2012 21:11:00 +0000 (01:11 +0400)]
use --libexecdir instead of ignoring it first and reinventing it later
Commit 7b93fadf3a38d1ed65ea5536a52efc2772c6e3b8 "Add basic version
of bridge helper" put the bridge helper executable into a fixed
${prefix}/libexec/ location, instead of using ${libexecdir} for
this. At the same time, --libexecdir is being happily ignored
by ./configure. Even more, the same patch sets unused $libexecdir
variable in the generated config-host.mak, and uses fixed string
(\${prefix}/libexecdir) for the bridge helper binary.
Fix this braindamage by introducing $libexecdir variable, using
it for the bridge helper binary, and recognizing --libexecdir.
Merge branch 'spice.v59' of git://anongit.freedesktop.org/spice/qemu
* 'spice.v59' of git://anongit.freedesktop.org/spice/qemu:
Remove #ifdef QXL_COMMAND_FLAG_COMPAT_16BPP
qxl: Add set_client_capabilities() interface to QXLInterface
spice: make number of surfaces runtime-configurable.
configure: print spice-protocol and spice-server versions
qxl: add QXL_IO_MONITORS_CONFIG_ASYNC
qxl: disallow unknown revisions
qxl/update_area_io: guest_bug on invalid parameters
spice: increase the verbosity of spice section in "qemu --help"
spice: adding seamless-migration option to the command line
spice: add 'migrated' flag to spice info
spice migration: add QEVENT_SPICE_MIGRATE_COMPLETED
spice: notify on vm state change only via spice_server_vm_start/stop
spice: notify spice server on vm start/stop
spice: abort on invalid streaming cmdline params
Jan Kiszka [Thu, 30 Aug 2012 18:30:00 +0000 (20:30 +0200)]
kvm: i386: Add classic PCI device assignment
This adds PCI device assignment for i386 targets using the classic KVM
interfaces. This version is 100% identical to what is being maintained
in qemu-kvm for several years and is supported by libvirt as well. It is
expected to remain relevant for another couple of years until kernels
without full-features and performance-wise equivalent VFIO support are
obsolete.
A refactoring to-do that should be done in-tree is to model MSI and
MSI-X support via the generic PCI layer, similar to what VFIO is already
doing for MSI-X. This should improve the correctness and clean up the
code from duplicate logic.
Jan Kiszka [Mon, 27 Aug 2012 06:28:40 +0000 (08:28 +0200)]
kvm: i386: Add services required for PCI device assignment
These helpers abstract the interaction of upcoming pci-assign with the
KVM kernel services. Put them under i386 only as other archs will
implement device pass-through via VFIO and not this classic interface.
Jan Kiszka [Mon, 27 Aug 2012 06:28:38 +0000 (08:28 +0200)]
kvm: Introduce kvm_irqchip_update_msi_route
This service allows to update an MSI route without releasing/reacquiring
the associated VIRQ. Will be used by PCI device assignment, later on
likely also by virtio/vhost and VFIO.
The load/store slow path has been broken in e141ab52d:
- We need to move 4 registers for store functions and 3 registers for
load functions and not the reverse.
- According to the s390x calling convention the arguments of a function
should be zero extended. This means that the register shift should be
done with TCG_TYPE_I64 to ensure the higher word is correctly zero
extended when needed.
I am aware that CONFIG_TCG_PASS_AREG0 is being removed and thus that
this patch can be improved, but doing so means it can also be applied to
the 1.1 and 1.2 stable branches.
Jan Kiszka [Mon, 20 Aug 2012 08:55:56 +0000 (10:55 +0200)]
kvm: Clean up irqfd API
No need to expose the fd-based interface, everyone will already be fine
with the more handy EventNotifier variant. Rename the latter to clarify
that we are still talking about irqfds here.
qemu: Use valgrind annotations to mark kvm guest memory as defined
valgrind with kvm produces a big amount of false positives regarding
"Conditional jump or move depends on uninitialised value(s)". This
happens because the guest memory is allocated with qemu_vmalloc which
boils down posix_memalign etc. This function is (correctly) considered
by valgrind as returning undefined memory.
Since valgrind is based on jitting code, it will not be able to see
changes made by the guest to guest memory if this is done by KVM_RUN,
thus keeping most of the guest memory undefined.
Now lots of places in qemu will then use guest memory to change behaviour.
To avoid the flood of these messages, lets declare the whole guest
memory as defined. This will reduce the noise and allows us to see real
problems.
In the future we might want to make this conditional, since there
is actually something that we can use those false positives for:
These messages will point to code that depends on guest memory, so
we can use these backtraces to actually make an audit that is focussed
only at those code places. For normal development we dont want to
see those messages, though.
fcmp{s,d,q} instructions are supposed to ignore quiet NaN (contrary to
the fcmpe{s,d,q} instructions), but the current code is wrongly setting
the NV exception in that case. Moreover the current code is duplicated:
first the arguments are checked for NaN to generate an exception, and
later in case the comparison is unordered (which can only happens if one
of the argument is a NaN), the same check is done to generate an
exception.
Fix that by calling clear_float_exceptions() followed by
check_ieee_exceptions() as for the other floating point instructions.
Use the _compare_quiet functions for fcmp{s,d,q} and the _compare ones
for fcmpe{s,d,q}. Simplify the flag setting by not clearing a flag that
is set the line just below.
Max Filippov [Thu, 6 Sep 2012 00:36:46 +0000 (04:36 +0400)]
target-xtensa: fix missing errno codes for mingw32
Put the following errno value mappings under #ifdef:
xtensa-semi.c: In function 'errno_h2g':
xtensa-semi.c:113: error: 'ENOTBLK' undeclared (first use in this function)
xtensa-semi.c:113: error: (Each undeclared identifier is reported only once
xtensa-semi.c:113: error: for each function it appears in.)
xtensa-semi.c:113: error: array index in initializer not of integer type
xtensa-semi.c:113: error: (near initialization for 'guest_errno')
xtensa-semi.c:124: error: 'ETXTBSY' undeclared (first use in this function)
xtensa-semi.c:124: error: array index in initializer not of integer type
xtensa-semi.c:124: error: (near initialization for 'guest_errno')
xtensa-semi.c:134: error: 'ELOOP' undeclared (first use in this function)
xtensa-semi.c:134: error: array index in initializer not of integer type
xtensa-semi.c:134: error: (near initialization for 'guest_errno')
This change updates the CPU reset sequence to use a common piece of code
that figures out CPU state flags, fixing the problem with MIPS_HFLAG_COP1X
not being set where applicable that causes floating-point MADD family
instructions (and other instructions from the MIPS IV FP subset) to trap.
As compute_hflags is now shared between op_helper.c and translate.c, the
function is now moved to a common header. There are no changes to this
function.
The problem was seen with the 24Kf MIPS32r2 processor in user emulation.
The new approach prevents system and user emulation from diverging -- all
the hflags state is initialized in one place now.
Stefan Hajnoczi [Tue, 21 Aug 2012 20:52:08 +0000 (20:52 +0000)]
vhost: Pass device path to vhost_dev_init()
The path to /dev/vhost-net is currently hardcoded in vhost_dev_init().
This needs to be changed so that /dev/vhost-scsi can be used. Pass in
the device path instead of hardcoding it.
This patch renames+moves the net_handle_fd_param() caller used to
obtain a file descriptor from either qemu_parse_fd() (the normal case)
or from monitor_get_fd() (migration case) into a generically prefixed
monitor_handle_fd_param() to be used by vhost-scsi code.
Also update net/[socket,tap].c consumers to use the new prefix.
Jason Baron [Tue, 4 Sep 2012 20:22:46 +0000 (16:22 -0400)]
pcie_aer: clear cmask for Advanced Error Interrupt Message Number
The Advanced Error Interrupt Message Number (bits 31:27 of the Root
Error Status Register) is updated when the number of msi messages assigned to a
device changes. Migration of windows 7 on q35 chipset failed because the check
in get_pci_config_device() fails due to cmask being set on these bits. Its valid
to update these bits and we must restore this state across migration.
The VMSTATE_PCIE_DEVICE() currently has a 'version_id' set to 2. However,
'version_id' in the above check is 1. And thus we fail to load the pcie device
field. Further the code returns to 'qemu_loadvm_state()' which produces the
error that I saw.
I'm proposing to fix this by simply dropping the 'version_id' field from
VMSTATE_PCIE_DEVICE(). VMSTATE_PCI_DEVICE() defines no such field and further
the vmstate_pcie_device that VMSTATE_PCI_DEVICE() refers to is already
versioned. Thus, any versioning issues could be detected at the vmsd level.
Taking a step back, I think that the 'field->version_id' should be compared
against a saved version number for the field not the 'version_id'. Futhermore,
once vmstate_load_state() is called recursively on another vmsd, the check of:
if (version_id > vmsd->version_id) {
return -EINVAL;
}
Will never fail since version_id is always equal to vmsd->version_id. So I'm
wondering why we aren't storing the vmsd version id of the source in the
migration stream?
This patch also renames the 'name' field of vmstate_pcie_device from:
PCIDevice -> PCIEDevice to differentiate it from vmstate_pci_device.
I've been using this to get correct indenting with vim
in qemu for a while, but it's a bit easier if we
put the settings in the central place.
Note that
1. you still need to enable 'exrc' and 'secure'
options in your vimrc for these settings to take effect.
2. you can create a .vimrc file if 'exrc' is on but there's
need to bypass this configuration.
Stefan Weil [Sat, 1 Sep 2012 07:30:39 +0000 (09:30 +0200)]
qapi: Fix potential NULL pointer segfault
Report from smatch:
qapi-visit.c:1640 visit_type_BlockdevAction(8) error:
we previously assumed 'obj' could be null (see line 1639)
qapi-visit.c:2432 visit_type_NetClientOptions(8) error:
we previously assumed 'obj' could be null (see line 2431)
Amos Kong [Fri, 31 Aug 2012 02:56:26 +0000 (10:56 +0800)]
qapi: convert sendkey
Convert 'sendkey' to use QAPI.
QAPI passes key's index of mapping table to qmp_send_key(),
not keycode. So we use help functions to convert key/code to
index of key_defs, and 'index' will be converted to 'keycode'
inside qmp_send_key().
For qmp, QAPI would check invalid key and raise error.
For hmp, invalid key is checked in hmp_send_key().
'send-key' of QMP doesn't support key in hexadecimal format.
Amos Kong [Fri, 31 Aug 2012 02:56:25 +0000 (10:56 +0800)]
monitor: move key_defs[] table and introduce two help functions
This patch added two help functions to convert key/code to index of
mapping table, those functions will return Q_KEY_CODE_MAX if the
code/key is invalid.
Patch also moved key_defs[] to input.c, and removed useless KeyDef struct.
Key's index in QKeyCode enmu is same as keycode's index in new key_defs[].
Monitor functions were changed to access key_defs[] directly.
key_defs[] is used in do_send_key(), so export key_defs[]. It will be
changed to static in next patch.
Amos Kong [Fri, 31 Aug 2012 02:56:24 +0000 (10:56 +0800)]
qapi: add the QKeyCode enum
key_defs[] in monitor.c is a mapping table of keys and keycodes,
this patch added a QKeyCode enum. Key's index in the enmu is same
as keycode's index in key_defs[].
Amos Kong [Fri, 31 Aug 2012 02:56:21 +0000 (10:56 +0800)]
monitor: rename keyname '<' to 'less'
There are many maps of keycode 0x56 in pc-bios/keymaps/*
pc-bios/keymaps/common:less 0x56
pc-bios/keymaps/common:greater 0x56 shift
pc-bios/keymaps/common:bar 0x56 altgr
pc-bios/keymaps/common:brokenbar 0x56 shift altgr
This patch just renamed '<' to 'less', QAPI might add new
variable by adding a prefix to keyname, '$PREFIX_<' is not
available, '$PREFIX_less' is ok.
For compatibility, convert user inputted '<' to 'less'.
projects / qemu.git / log