When the synchronous read and write functions were dropped, they were replaced
by generic emulation functions. Unfortunately, these emulation functions don't
provide the same semantics as the original functions did.
The original bdrv_read would mean that we read some data synchronously and that
we won't be interrupted during this read. The latter assumption is no longer
true with the emulation function which needs to use qemu_aio_poll and therefore
allows the callback of any other concurrent AIO request to be run during the
read. Which in turn means that (meta)data read earlier could have changed and
be invalid now. qcow2 is not prepared to work in this way and it's just scary
how many places there are where other requests could run.
I'm not sure yet where exactly it breaks, but you'll see breakage with virtio
on qcow2 with a backing file. Providing synchronous functions again fixes the
problem for me.
Patchworks-ID: 35437
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
(cherry picked from commit ef845c3bf4)
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
With the recent device handling changes the I2C slave addressing code
was broken. With current code, if a slave with the correct address is
not found on the bus the last scanned slave on the bus will be
addressed. This is wrong. Please find attached a patch to fix it.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Acked-by: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This causes ctrl+alt+u or ctrl+alt+f to not work when windows hasn't been
resized first. Other graphic emulators do resize the screen on
hw_invalidate.
This reverts commit 0bd8246bfe.
460fec67ee introduced a use-after free in slirp.
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
preventing the correct handling of --cpu=armv4l.
Laurent
Signed-off-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
If qemu_send_packet_async() returns zero, it means the packet has been
queued and the sent callback will be invoked once it has been flushed.
This is only possible where the NIC's receive() handler returns zero
and promises to notify the networking core that room is available in its
queue again.
In the case where the receive handler does not have this capability
(and its queue fills up) it returns -1 and the networking core does not
queue up the packet. This condition is indicated by a -1 return from
qemu_send_packet_async().
Currently, tap handles this condition simply by dropping the packet. It
should do its best to avoid getting into this situation by checking such
NIC's have room for a packet before copying the packet from the tap
interface.
tap_send() used to achieve this by only reading a single packet before
returning to the mainloop. That way, tap_can_send() is called before
reading each packet.
tap_send() was changed to completely drain the tap interface queue
without taking into account the situation where the NIC returns an
error and the packet is not queued. Let's start fixing this by
reverting to the previous behaviour of reading one packet at a time.
Reported-by: Scott Tsai <scottt.tw@gmail.com>
Tested-by: Sven Rudolph <Sven_Rudolph@drewag.de>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Just like we call into pcnet_poll_timer on stop, we need to call it on
start to trigger the setup of the poll timer.
Patchworks-ID: 35313
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In usb-linux.c:usb_host_handle_control, we pass a 1024-byte buffer and
length to the kernel. However, the length was provided by the caller
of dev->handle_packet, and is not checked, so the kernel might provide
too much data and overflow our buffer.
For example, hw/usb-uhci.c could set the length to 2047.
hw/usb-ohci.c looks like it might go up to 4096 or 8192.
This causes a qemu crash, as reported here:
http://www.mail-archive.com/kvm@vger.kernel.org/msg18447.html
This patch increases the usb-linux.c buffer size to 2048 to fix the
specific device reported, and adds a check to avoid the overflow in
any case.
Signed-off-by: Jim Paris <jim@jtan.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch fixes the linking of generated blocks on an ARM host.
No need to say this brings a very nice speedup :-)
Signed-off-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Well one problem seems to be the rx condition,
... if ((s->ier & UART_IER_RDI) && (s->lsr & UART_LSR_DR))
is not enough to trigger an irq, yet still causes the following
conditions not to be checked anymore at all.
Signed-off-by: Juergen Lock <nox@jelal.kn-bremen.de>
Acked-by: Jan Kiszka <jan.kiszka@web.de>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The x86_64 ror instruction on a 32-bit host can generate up to 77 TCG
ops. Some more space should be left for opc that are added at the end
of the translation.
Thanks to Laurent Desnogues for the debugging help.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The RTC emulation does not set the IRQ flags independent of the IRQ enable bits.
The original MC146818A datasheet from 1984 notes:
"flag bits in Register C [...] are set independent of the
state of the corresponding enable bits in Register B"
Similar sections can be found in newer documentation e.g. in rtc82885.
Qemu and Bochs set the IRQ flags only if they are enabled,
which breaks drivers polling on them.
The following patch corrects this for the update-ended-flag in Qemu only.
It does not fix the handling of the other flags.
Signed-off-by: Bernhard Kauer <kauer@tudos.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When two AIO requests write to the same cluster, and this cluster is
unallocated, currently both requests allocate a new cluster and the second one
merges the first one when it is completed. This means an cluster allocation, a
read and a cluster deallocation which cause some overhead. If we simply let the
second request wait until the first one is done, we improve overall performance
with AIO requests (specifially, qcow2/virtio combinations).
This patch maintains a list of in-flight requests that have allocated new
clusters. A second request touching the same cluster is limited so that it
either doesn't touch the allocation of the first request (so it can have a
non-overlapping allocation) or it waits for the first request to complete.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* Add missing include for struct timeval.
* Replace non-portable strsep by local qemu_strsep.
* Use POSIX basename by including libgen.h.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The extlh instruction on Alpha currently doesn't work properly.
It's a combination of a cut/paste bug (16 where it should be 32) as well
as a "shift by 64" bug.
Signed-off-by: Vince Weaver <vince@csl.cornell.edu>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Ensure that packets enqueued for delayed delivery are dequeued in FIFO
order. At least one simplistic guest TCP/IP stack became unhappy due to
sporadically reordered packet streams.
At this chance, switch the send queue implementation to TAILQ.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Backport from master:
Recent versions of the Linux kernel will not preempt CPU-intensive
tasks unless the clock used by sched_clock() works. On -M versatilepb
that's the 24MHz timer in the system controller. It's a very simple
timer, so implement it.
Signed-off-by: Daniel Jacobowitz <dan@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Don't call curses_resize() at the end of curses_display_init() as height
and width are not yet defined. It will be called later by code from
vl.c.
This save 250MB of memory when using -curses.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The error message for an unknown network device given to
monitor command set_link looks better with a terminating
linefeed.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When trying to do detached migration with exec, I found that
the monitor wouldn't always return in a timely manner. I
tracked this down to exec_start_outgoing_migration. It
appeared we were setting the fd to NONBLOCK'ing, but in
point of fact we weren't.
This bugfix should also go onto the stable 0.10 branch
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If the user does not want autostart, they can specify -S.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Hi all,
currently the vga screen_dump code doesn't use the DisplayState
interface properly and tries to replace it temporarily while taking the
screenshot.
A better approach is to register a DisplayChangeListener, call
vga_hw_update, and finally write the ppm in the next call from dpy_update.
Testing is appreciated.
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Hello,
currently when a 32 bpp cursor gets defined the result is all-black in
the areas that are not transparent (you'll get a 32 bpp cursor if you
use my previous patch to allow vmware_vga to use a 32 bpp framebuffer).
This is because the switch in sdl.c lacks a 32 bpp case.
The thing I am unsure about though is which byte is the unused one and
should be skipped, the first or the last - for the black-and-white
cursors I tested it doesn't make a difference...
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
Signed-off-by: Andrzej Zaborowski <balrogg@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Hello,
for what I can tell, there is no way for vmware_vga to work correctly
right now. It assumes that the framebuffer bits-per-pixel and the one
from the DisplaySurface are identical (it uses directly the VRAM from
vga.c), but it always assumes 3 bytes per pixel, which is never possible
with the current version of DisplaySurface.
Attached patch fixes that by using ds_get_bits_per_pixel.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
commit 93c8cfd9e6
Author: Gleb Natapov <gleb@redhat.com>
Date: Sun Aug 2 11:36:47 2009 +0300
make windows notice media change
Broke save/restore by loading a new field but not saving it.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Depending on what glibc/kernel headers you are compiling against,
PR_SET_NAME may or may not be defined. Do the right thing if
PR_SET_NAME isn't defined and skip setting the process name.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-Id:
Windows seems to be very stupid about cdrom media change. It polls
cdrom status and if status goes ready->media not present->ready
it assumes that media was changed. If "media not present" step doesn't
happen even if "medium may have changed" was seen it assumes media
haven't changed. Fake "media not present" step.
Filip Navara did a great job debugging this issue in Windows and this is
what he found out:
BINGO! ... The media present notifications were broken ever since
Windows 2000 it seems. The media change is detected properly and it's
passed to ClassSetMediaChangeState function which in turn calls
ClasspInternalSetMediaChangeState. This function is responsible for
changing some internal state of the device object and sending the PnP
events which later result in application notifications. It has this
tiny bit of code (not copied byte for byte):
if (oldMediaState == NewState) {
// Media is in the same state it was before.
return;
}
so the end result is that for the case of UNIT NEEDS ATTENTION /
MEDIUM MAY HAVE CHANGED without NOT READY in-between is really broken.
It results in the internal media change counter incremented, so the
media contents are re-read when necessary, instead of relying on the
cache, but the notifications to applications are never sent.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-Id:
Commit 751c6a1704 changed the monitor's
'commit' command to this behavior:
1. Any string you type as argument will cause do_commit() to
call bdrv_commit() to all devices
2. If you enter a device name, it will be the only one ignored
by do_commit() :)
The fix is to call bdrv_commit() to the specified device only and
ignore the others (when 'all' is not specified).
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
- One type 4 table is required per cpu. Add a check for this.
- Fix check for smbios file.
Changes from v1:
- static designation of smbios_validate_table, and remove whitespace
Signed-off-by: Beth Kon <eak@us.ibm.com>
--
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-Id:
Hi all,
currently vga always resizes the screen when vga_hw_invalidate is called
while this is not required and all the other graphic emulators don't.
This patch fixes it, making vga invalidate behaviour consistent with the
other emulated devices.
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-Id:
Hi all,
this patch fixes the sdl window resize event handler so that it doesn't
require the emulated graphic card (or console.c) to call
qemu_console_resize.
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-Id:
The printf command takes an octal value after \, so we have to convert
our decimal representation to octal first and then write it.
This unbreaks extboot signing. Multiboot wasn't affected yet because
the checksum was < 8.
Spotted and first patch by Glauber Costa <glommer@redhat.com>.
Printf idea by Paolo Bonzini <bonzini@gnu.org>.
Signed-off-by: Alexander Graf <agraf@suse.de>
CC: Glauber Costa <glommer@redhat.com>
CC: Paolo Bonzini <bonzini@gnu.org>
CC: Jan Ondrej <ondrejj@salstar.sk>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-Id:
The old code resulted in wrong escape sequences:
#define CONFIG_QEMU_SHAREDIR "c:\Program Files\Qemu"
gcc warnings:
vl.c:5708:20: warning: unknown escape sequence '\P'
vl.c:5708:20: warning: unknown escape sequence '\Q'
Windows can handle slash (/) path separators,
and QEMU already adds directories using slash,
so there is no need to fight with the correct number
of backslashes.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-Id:
this patch fixes an issue in symfind.
Assume you have the following symbols:
Address Size
0045bca0 00000080 T s0
0045bd20 00000112 T s1
You'll notice that s1 is s0 + size.
So the current symfind will find that address 0045bd20 belongs to s0
instead of s1.
Laurent
Signed-off-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-Id:
