[Qemu-devel] [PULL 0/4] usb patch queue

[Qemu-devel] [PULL 0/4] usb patch queue

[Gerd Hoffmann]

  Hi,

Nothing major, just some small fixes.

please pull,
  Gerd

The following changes since commit 456736710df19c2275192269fe67a3f0b2583835:

  block: Fix build with tracing enabled (2013-04-22 11:31:41 -0500)

are available in the git repository at:

  git://git.kraxel.org/qemu usb.81

for you to fetch changes up to 3f5cc97e2ba00b34fd20a5553ed9d2fecf32f7e3:

  usb-host: raise libusbx minimum version to 1.0.13 (2013-04-23 08:43:10 +0200)

----------------------------------------------------------------
Gerd Hoffmann (3):
      xhci: remove XHCIRing->base (unused)
      usb: better speed mismatch error reporting
      usb-host: raise libusbx minimum version to 1.0.13

Hans de Goede (1):
      ehci_free_packet: Discard finished packets when the queue is halted

 configure            |    2 +-
 hw/usb/bus.c         |   36 ++++++++++++++++++++++++++++++++----
 hw/usb/desc.c        |    2 --
 hw/usb/hcd-ehci.c    |   16 +++++++++++-----
 hw/usb/hcd-xhci.c    |    4 +---
 hw/usb/host-libusb.c |    5 -----
 trace-events         |    2 +-
 7 files changed, 46 insertions(+), 21 deletions(-)

[Qemu-devel] [PULL 0/4] usb patch queue

[Gerd Hoffmann]

  Hi,

Here comes the usb patch queue, bringing little fixes and making usb
bluetooth support a compile time option.

please pull,
  Gerd

The following changes since commit 94c2b6aff43cdfcfdfb552773a6b6b973a72ef0b:

  mips_malta: support up to 2GiB RAM (2013-09-09 18:42:22 +0200)

are available in the git repository at:

  git://git.kraxel.org/qemu usb.89

for you to fetch changes up to adbecc89731cf3e0ae656d50ea9fa58c589c4bdc:

  ehci: save device pointer in EHCIState (2013-09-10 11:14:42 +0200)

----------------------------------------------------------------
Gerd Hoffmann (2):
      usb: sanity check setup_index+setup_len in post_load
      ehci: save device pointer in EHCIState

Miroslav Rezanina (2):
      Preparation for usb-bt-dongle conditional build
      Remove dev-bluetooth.c dependency from vl.c

 hw/bt/core.c           | 23 ++++++++++++++
 hw/bt/hci.c            | 48 +++++++++++++++++++++++++++++
 hw/usb/Makefile.objs   |  3 --
 hw/usb/bus.c           |  4 +++
 hw/usb/dev-bluetooth.c | 10 +++++-
 hw/usb/hcd-ehci.c      |  7 ++---
 hw/usb/hcd-ehci.h      |  1 +
 include/hw/bt.h        |  3 ++
 include/hw/usb.h       |  3 --
 vl.c                   | 82 +++-----------------------------------------------
 10 files changed, 95 insertions(+), 89 deletions(-)

[Qemu-devel] [PULL 0/4] usb patch queue

[Gerd Hoffmann]

  Hi,

Coming with a collection of usb bugfixes.

please pull,
  Gerd

The following changes since commit b3959efdbb2dc3d5959e3b0a8e188126930beca8:

  Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-2.1' into staging (2014-07-01 11:00:53 +0100)

are available in the git repository at:


  git://git.kraxel.org/qemu tags/pull-usb-20140701-1

for you to fetch changes up to c1129f6bffb6fc756f53c06bc554a7997b1f4be4:

  ccid-card-emulated: use EventNotifier (2014-07-01 15:49:51 +0200)

----------------------------------------------------------------
usb bugfixes.

----------------------------------------------------------------
Christian Burger (1):
      input: fix jumpy mouse cursor with USB mouse emulation

Hani Benhabiles (1):
      usb: Fix usb-bt-dongle initialization.

Jincheng Miao (1):
      usb: initialize libusb_device to avoid crash

Paolo Bonzini (1):
      ccid-card-emulated: use EventNotifier

 hw/input/hid.c              |  4 ++--
 hw/usb/ccid-card-emulated.c | 29 ++++++++++-------------------
 hw/usb/dev-bluetooth.c      | 24 ++++++++++++++++--------
 hw/usb/host-libusb.c        |  4 ++--
 4 files changed, 30 insertions(+), 31 deletions(-)

[Qemu-devel] [PULL 1/4] input: fix jumpy mouse cursor with USB mouse emulation

[Gerd Hoffmann]

From: Christian Burger <christian@krikkel.de>

Guest mouse pointer was jumpy, when moving host mouse in the vertical direction (see bug #1327800).

Signed-off-by: Christian Burger <christian@krikkel.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hw/input/hid.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/input/hid.c b/hw/input/hid.c
index 9656e90..148c003 100644
--- a/hw/input/hid.c
+++ b/hw/input/hid.c
@@ -124,7 +124,7 @@ static void hid_pointer_event(DeviceState *dev, QemuConsole *src,
         if (evt->rel->axis == INPUT_AXIS_X) {
             e->xdx += evt->rel->value;
         } else if (evt->rel->axis == INPUT_AXIS_Y) {
-            e->ydy -= evt->rel->value;
+            e->ydy += evt->rel->value;
         }
         break;
 
@@ -191,7 +191,7 @@ static void hid_pointer_sync(DeviceState *dev)
         if (hs->kind == HID_MOUSE) {
             prev->xdx += curr->xdx;
             curr->xdx = 0;
-            prev->ydy -= curr->ydy;
+            prev->ydy += curr->ydy;
             curr->ydy = 0;
         } else {
             prev->xdx = curr->xdx;
-- 
1.8.3.1

[Qemu-devel] [PULL 2/4] usb: Fix usb-bt-dongle initialization.

[Gerd Hoffmann]

From: Hani Benhabiles <kroosec@gmail.com>

Due to an incomplete initialization, adding a usb-bt-dongle device through HMP
or QMP will cause a segmentation fault.

Signed-off-by: Hani Benhabiles <hani@linux.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hw/usb/dev-bluetooth.c | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/hw/usb/dev-bluetooth.c b/hw/usb/dev-bluetooth.c
index a9661d2..a76e581 100644
--- a/hw/usb/dev-bluetooth.c
+++ b/hw/usb/dev-bluetooth.c
@@ -19,6 +19,7 @@
  */
 
 #include "qemu-common.h"
+#include "qemu/error-report.h"
 #include "hw/usb.h"
 #include "hw/usb/desc.h"
 #include "sysemu/bt.h"
@@ -506,6 +507,14 @@ static int usb_bt_initfn(USBDevice *dev)
 
     usb_desc_create_serial(dev);
     usb_desc_init(dev);
+    s->dev.opaque = s;
+    if (!s->hci) {
+        s->hci = bt_new_hci(qemu_find_bt_vlan(0));
+    }
+    s->hci->opaque = s;
+    s->hci->evt_recv = usb_bt_out_hci_packet_event;
+    s->hci->acl_recv = usb_bt_out_hci_packet_acl;
+    usb_bt_handle_reset(&s->dev);
     s->intr = usb_ep_get(dev, USB_TOKEN_IN, USB_EVT_EP);
 
     return 0;
@@ -516,6 +525,7 @@ static USBDevice *usb_bt_init(USBBus *bus, const char *cmdline)
     USBDevice *dev;
     struct USBBtState *s;
     HCIInfo *hci;
+    const char *name = "usb-bt-dongle";
 
     if (*cmdline) {
         hci = hci_init(cmdline);
@@ -525,19 +535,17 @@ static USBDevice *usb_bt_init(USBBus *bus, const char *cmdline)
 
     if (!hci)
         return NULL;
-    dev = usb_create_simple(bus, "usb-bt-dongle");
+    dev = usb_create(bus, name);
     if (!dev) {
+        error_report("Failed to create USB device '%s'", name);
         return NULL;
     }
     s = DO_UPCAST(struct USBBtState, dev, dev);
-    s->dev.opaque = s;
-
     s->hci = hci;
-    s->hci->opaque = s;
-    s->hci->evt_recv = usb_bt_out_hci_packet_event;
-    s->hci->acl_recv = usb_bt_out_hci_packet_acl;
-
-    usb_bt_handle_reset(&s->dev);
+    if (qdev_init(&dev->qdev) < 0) {
+        error_report("Failed to initialize USB device '%s'", name);
+        return NULL;
+    }
 
     return dev;
 }
-- 
1.8.3.1

[Qemu-devel] [PULL 3/4] usb: initialize libusb_device to avoid crash

[Gerd Hoffmann]

From: Jincheng Miao <jmiao@redhat.com>

If libusb_get_device_list() fails, the uninitialized local variable
libusb_device would be passed to libusb_free_device_list(), that
will cause a crash, like:
(gdb) bt
 #0  0x00007fbbb4bafc10 in pthread_mutex_lock () from /lib64/libpthread.so.0
 #1  0x00007fbbb233e653 in libusb_unref_device (dev=0x6275682d627375)
     at core.c:902
 #2  0x00007fbbb233e739 in libusb_free_device_list (list=0x7fbbb6e8436e,
     unref_devices=<optimized out>) at core.c:653
 #3  0x00007fbbb6cd80a4 in usb_host_auto_check (unused=unused@entry=0x0)
     at hw/usb/host-libusb.c:1446
 #4  0x00007fbbb6cd8525 in usb_host_initfn (udev=0x7fbbbd3c5670)
     at hw/usb/host-libusb.c:912
 #5  0x00007fbbb6cc123b in usb_device_init (dev=0x7fbbbd3c5670)
     at hw/usb/bus.c:106
 ...

So initialize libusb_device at the begin time.

Signed-off-by: Jincheng Miao <jmiao@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hw/usb/host-libusb.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/usb/host-libusb.c b/hw/usb/host-libusb.c
index 33b5b9f..c189147 100644
--- a/hw/usb/host-libusb.c
+++ b/hw/usb/host-libusb.c
@@ -1522,7 +1522,7 @@ static void usb_host_auto_check(void *unused)
 {
     struct USBHostDevice *s;
     struct USBAutoFilter *f;
-    libusb_device **devs;
+    libusb_device **devs = NULL;
     struct libusb_device_descriptor ddesc;
     int unconnected = 0;
     int i, n;
@@ -1623,7 +1623,7 @@ static void usb_host_auto_check(void *unused)
 
 void usb_host_info(Monitor *mon, const QDict *qdict)
 {
-    libusb_device **devs;
+    libusb_device **devs = NULL;
     struct libusb_device_descriptor ddesc;
     char port[16];
     int i, n;
-- 
1.8.3.1

[Qemu-devel] [PULL 4/4] ccid-card-emulated: use EventNotifier

[Gerd Hoffmann]

From: Paolo Bonzini <pbonzini@redhat.com>

Shut up Coverity's complaint about unchecked fcntl return values,
and especially make the code simpler and more efficient.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hw/usb/ccid-card-emulated.c | 29 ++++++++++-------------------
 1 file changed, 10 insertions(+), 19 deletions(-)

diff --git a/hw/usb/ccid-card-emulated.c b/hw/usb/ccid-card-emulated.c
index 7213c89..aa1c37a 100644
--- a/hw/usb/ccid-card-emulated.c
+++ b/hw/usb/ccid-card-emulated.c
@@ -126,7 +126,7 @@ struct EmulatedState {
     QemuMutex vreader_mutex; /* and guest_apdu_list mutex */
     QemuMutex handle_apdu_mutex;
     QemuCond handle_apdu_cond;
-    int      pipe[2];
+    EventNotifier notifier;
     int      quit_apdu_thread;
     QemuThread apdu_thread_id;
 };
@@ -162,9 +162,7 @@ static void emulated_push_event(EmulatedState *card, EmulEvent *event)
     qemu_mutex_lock(&card->event_list_mutex);
     QSIMPLEQ_INSERT_TAIL(&(card->event_list), event, entry);
     qemu_mutex_unlock(&card->event_list_mutex);
-    if (write(card->pipe[1], card, 1) != 1) {
-        DPRINTF(card, 1, "write to pipe failed\n");
-    }
+    event_notifier_set(&card->notifier);
 }
 
 static void emulated_push_type(EmulatedState *card, uint32_t type)
@@ -358,16 +356,12 @@ static void *event_thread(void *arg)
     return NULL;
 }
 
-static void pipe_read(void *opaque)
+static void card_event_handler(EventNotifier *notifier)
 {
-    EmulatedState *card = opaque;
+    EmulatedState *card = container_of(notifier, EmulatedState, notifier);
     EmulEvent *event, *next;
-    char dummy;
-    int len;
 
-    do {
-        len = read(card->pipe[0], &dummy, sizeof(dummy));
-    } while (len == sizeof(dummy));
+    event_notifier_test_and_clear(&card->notifier);
     qemu_mutex_lock(&card->event_list_mutex);
     QSIMPLEQ_FOREACH_SAFE(event, &card->event_list, entry, next) {
         DPRINTF(card, 2, "event %s\n", emul_event_to_string(event->p.gen.type));
@@ -404,16 +398,13 @@ static void pipe_read(void *opaque)
     qemu_mutex_unlock(&card->event_list_mutex);
 }
 
-static int init_pipe_signaling(EmulatedState *card)
+static int init_event_notifier(EmulatedState *card)
 {
-    if (pipe(card->pipe) < 0) {
-        DPRINTF(card, 2, "pipe creation failed\n");
+    if (event_notifier_init(&card->notifier, false) < 0) {
+        DPRINTF(card, 2, "event notifier creation failed\n");
         return -1;
     }
-    fcntl(card->pipe[0], F_SETFL, O_NONBLOCK);
-    fcntl(card->pipe[1], F_SETFL, O_NONBLOCK);
-    fcntl(card->pipe[0], F_SETOWN, getpid());
-    qemu_set_fd_handler(card->pipe[0], pipe_read, NULL, card);
+    event_notifier_set_handler(&card->notifier, card_event_handler);
     return 0;
 }
 
@@ -500,7 +491,7 @@ static int emulated_initfn(CCIDCardState *base)
     qemu_cond_init(&card->handle_apdu_cond);
     card->reader = NULL;
     card->quit_apdu_thread = 0;
-    if (init_pipe_signaling(card) < 0) {
+    if (init_event_notifier(card) < 0) {
         return -1;
     }
 
-- 
1.8.3.1

Re: [Qemu-devel] [PULL 0/4] usb patch queue

[Peter Maydell]

On 1 July 2014 15:07, Gerd Hoffmann <kraxel@redhat.com> wrote:
>   Hi,
>
> Coming with a collection of usb bugfixes.
>
> please pull,
>   Gerd
>
> The following changes since commit b3959efdbb2dc3d5959e3b0a8e188126930beca8:
>
>   Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-2.1' into staging (2014-07-01 11:00:53 +0100)
>
> are available in the git repository at:
>
>
>   git://git.kraxel.org/qemu tags/pull-usb-20140701-1
>
> for you to fetch changes up to c1129f6bffb6fc756f53c06bc554a7997b1f4be4:
>
>   ccid-card-emulated: use EventNotifier (2014-07-01 15:49:51 +0200)
>
> ----------------------------------------------------------------
> usb bugfixes.

Applied, thanks.

-- PMM