<feed xmlns='http://www.w3.org/2005/Atom'>
<title>qemu/chardev, branch master</title>
<subtitle>QEMU development tree</subtitle>
<id>https://git.zx2c4.com/qemu/atom/chardev?h=master</id>
<link rel='self' href='https://git.zx2c4.com/qemu/atom/chardev?h=master'/>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/'/>
<updated>2024-08-16T13:04:19Z</updated>
<entry>
<title>chardev: set record/replay on the base device of a muxed device</title>
<updated>2024-08-16T13:04:19Z</updated>
<author>
<name>Nicholas Piggin</name>
<email>npiggin@gmail.com</email>
</author>
<published>2024-08-13T20:23:23Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=4c193bb129dae164ce19c1197c76b59c62b405aa'/>
<id>urn:sha1:4c193bb129dae164ce19c1197c76b59c62b405aa</id>
<content type='text'>
chardev events to a muxed device don't get recorded because e.g.,
qemu_chr_be_write() checks whether the base device has the record flag
set.

This can be seen when replaying a trace that has characters typed into
the console, an examination of the log shows they are not recorded.

Setting QEMU_CHAR_FEATURE_REPLAY on the base chardev fixes the problem.

Reviewed-by: Alex Bennée &lt;alex.bennee@linaro.org&gt;
Signed-off-by: Nicholas Piggin &lt;npiggin@gmail.com&gt;
Message-Id: &lt;20240813050638.446172-8-npiggin@gmail.com&gt;
Signed-off-by: Alex Bennée &lt;alex.bennee@linaro.org&gt;
Message-Id: &lt;20240813202329.1237572-16-alex.bennee@linaro.org&gt;
</content>
</entry>
<entry>
<title>chardev: add tracing of socket error conditions</title>
<updated>2024-07-24T09:39:10Z</updated>
<author>
<name>Daniel P. Berrangé</name>
<email>berrange@redhat.com</email>
</author>
<published>2024-03-15T13:04:44Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=6ffade7974171b9091b3cdd38a76477fd4f71d8d'/>
<id>urn:sha1:6ffade7974171b9091b3cdd38a76477fd4f71d8d</id>
<content type='text'>
This adds trace points to every error scenario in the chardev socket
backend that can lead to termination of the connection.

Reviewed-by: Philippe Mathieu-Daudé &lt;philmd@linaro.org&gt;
Signed-off-by: Daniel P. Berrangé &lt;berrange@redhat.com&gt;
</content>
</entry>
<entry>
<title>util/fifo8: Rename fifo8_pop_buf() -&gt; fifo8_pop_bufptr()</title>
<updated>2024-07-23T20:34:54Z</updated>
<author>
<name>Philippe Mathieu-Daudé</name>
<email>philmd@linaro.org</email>
</author>
<published>2024-07-22T11:25:01Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=06252bf5122f047ed5c14fb75f3167f11b882352'/>
<id>urn:sha1:06252bf5122f047ed5c14fb75f3167f11b882352</id>
<content type='text'>
Since fifo8_pop_buf() return a const buffer (which points
directly into the FIFO backing store). Rename it using the
'bufptr' suffix to better reflect that it is a pointer to
the internal buffer that is being returned. This will help
differentiate with methods *copying* the FIFO data.

Signed-off-by: Philippe Mathieu-Daudé &lt;philmd@linaro.org&gt;
Reviewed-by: Pierrick Bouvier &lt;pierrick.bouvier@linaro.org&gt;
Reviewed-by: Mark Cave-Ayland &lt;mark.cave-ayland@ilande.co.uk&gt;
Message-Id: &lt;20240722160745.67904-6-philmd@linaro.org&gt;
</content>
</entry>
<entry>
<title>chardev/char-win-stdio.c: restore old console mode</title>
<updated>2024-07-22T18:25:46Z</updated>
<author>
<name>songziming</name>
<email>s.ziming@hotmail.com</email>
</author>
<published>2024-07-22T09:52:55Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=903cc9e1173e0778caa50871e8275c898770c690'/>
<id>urn:sha1:903cc9e1173e0778caa50871e8275c898770c690</id>
<content type='text'>
If I use `-serial stdio` on Windows, after QEMU exits, the terminal
could not handle arrow keys and tab any more. Because stdio backend
on Windows sets console mode to virtual terminal input when starts,
but does not restore the old mode when finalize.

This small patch saves the old console mode and set it back.

Signed-off-by: Ziming Song &lt;s.ziming@hotmail.com&gt;
Reviewed-by: Marc-André Lureau &lt;marcandre.lureau@redhat.com&gt;
Message-ID: &lt;ME3P282MB25488BE7C39BF0C35CD0DA5D8CA82@ME3P282MB2548.AUSP282.PROD.OUTLOOK.COM&gt;
</content>
</entry>
<entry>
<title>Revert "qemu-char: do not operate on sources from finalize callbacks"</title>
<updated>2024-07-16T08:45:06Z</updated>
<author>
<name>Sergey Dyasli</name>
<email>sergey.dyasli@nutanix.com</email>
</author>
<published>2024-07-12T09:26:59Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=e0bf95443ee9326d44031373420cf9f3513ee255'/>
<id>urn:sha1:e0bf95443ee9326d44031373420cf9f3513ee255</id>
<content type='text'>
This reverts commit 2b316774f60291f57ca9ecb6a9f0712c532cae34.

After 038b4217884c ("Revert "chardev: use a child source for qio input
source"") we've been observing the "iwp-&gt;src == NULL" assertion
triggering periodically during the initial capabilities querying by
libvirtd. One of possible backtraces:

Thread 1 (Thread 0x7f16cd4f0700 (LWP 43858)):
0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
1  0x00007f16c6c21e65 in __GI_abort () at abort.c:79
2  0x00007f16c6c21d39 in __assert_fail_base  at assert.c:92
3  0x00007f16c6c46e86 in __GI___assert_fail (assertion=assertion@entry=0x562e9bcdaadd "iwp-&gt;src == NULL", file=file@entry=0x562e9bcdaac8 "../chardev/char-io.c", line=line@entry=99, function=function@entry=0x562e9bcdab10 &lt;__PRETTY_FUNCTION__.20549&gt; "io_watch_poll_finalize") at assert.c:101
4  0x0000562e9ba20c2c in io_watch_poll_finalize (source=&lt;optimized out&gt;) at ../chardev/char-io.c:99
5  io_watch_poll_finalize (source=&lt;optimized out&gt;) at ../chardev/char-io.c:88
6  0x00007f16c904aae0 in g_source_unref_internal () from /lib64/libglib-2.0.so.0
7  0x00007f16c904baf9 in g_source_destroy_internal () from /lib64/libglib-2.0.so.0
8  0x0000562e9ba20db0 in io_remove_watch_poll (source=0x562e9d6720b0) at ../chardev/char-io.c:147
9  remove_fd_in_watch (chr=chr@entry=0x562e9d5f3800) at ../chardev/char-io.c:153
10 0x0000562e9ba23ffb in update_ioc_handlers (s=0x562e9d5f3800) at ../chardev/char-socket.c:592
11 0x0000562e9ba2072f in qemu_chr_fe_set_handlers_full at ../chardev/char-fe.c:279
12 0x0000562e9ba207a9 in qemu_chr_fe_set_handlers at ../chardev/char-fe.c:304
13 0x0000562e9ba2ca75 in monitor_qmp_setup_handlers_bh (opaque=0x562e9d4c2c60) at ../monitor/qmp.c:509
14 0x0000562e9bb6222e in aio_bh_poll (ctx=ctx@entry=0x562e9d4c2f20) at ../util/async.c:216
15 0x0000562e9bb4de0a in aio_poll (ctx=0x562e9d4c2f20, blocking=blocking@entry=true) at ../util/aio-posix.c:722
16 0x0000562e9b99dfaa in iothread_run (opaque=0x562e9d4c26f0) at ../iothread.c:63
17 0x0000562e9bb505a4 in qemu_thread_start (args=0x562e9d4c7ea0) at ../util/qemu-thread-posix.c:543
18 0x00007f16c70081ca in start_thread (arg=&lt;optimized out&gt;) at pthread_create.c:479
19 0x00007f16c6c398d3 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

io_remove_watch_poll(), which makes sure that iwp-&gt;src is NULL, calls
g_source_destroy() which finds that iwp-&gt;src is not NULL in the finalize
callback. This can only happen if another thread has managed to trigger
io_watch_poll_prepare() callback in the meantime.

Move iwp-&gt;src destruction back to the finalize callback to prevent the
described race, and also remove the stale comment. The deadlock glib bug
was fixed back in 2010 by b35820285668 ("gmain: move finalization of
GSource outside of context lock").

Suggested-by: Paolo Bonzini &lt;pbonzini@redhat.com&gt;
Signed-off-by: Sergey Dyasli &lt;sergey.dyasli@nutanix.com&gt;
Link: https://lore.kernel.org/r/20240712092659.216206-1-sergey.dyasli@nutanix.com
Signed-off-by: Paolo Bonzini &lt;pbonzini@redhat.com&gt;
</content>
</entry>
<entry>
<title>char-stdio: Restore blocking mode of stdout on exit</title>
<updated>2024-07-03T19:54:41Z</updated>
<author>
<name>Maxim Mikityanskiy</name>
<email>maxtram95@gmail.com</email>
</author>
<published>2024-07-03T19:08:12Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=a0124e333e2176640f233e5ea57a2f413985d9b5'/>
<id>urn:sha1:a0124e333e2176640f233e5ea57a2f413985d9b5</id>
<content type='text'>
qemu_chr_open_fd() sets stdout into non-blocking mode. Restore the old
fd flags on exit to avoid breaking unsuspecting applications that run on
the same terminal after qemu and don't expect to get EAGAIN.

While at at, also ensure term_exit is called once (at the moment it's
called both from char_stdio_finalize() and as the atexit() hook.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2423
Signed-off-by: Maxim Mikityanskiy &lt;maxtram95@gmail.com&gt;
Link: https://lore.kernel.org/r/20240703190812.3459514-1-maxtram95@gmail.com
Signed-off-by: Paolo Bonzini &lt;pbonzini@redhat.com&gt;
</content>
</entry>
<entry>
<title>error: Drop superfluous #include "qapi/qmp/qerror.h"</title>
<updated>2024-04-24T07:50:58Z</updated>
<author>
<name>Markus Armbruster</name>
<email>armbru@redhat.com</email>
</author>
<published>2024-03-12T14:13:34Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=4a18751cf423970221d86853c6909696fae52785'/>
<id>urn:sha1:4a18751cf423970221d86853c6909696fae52785</id>
<content type='text'>
Signed-off-by: Markus Armbruster &lt;armbru@redhat.com&gt;
Message-ID: &lt;20240312141343.3168265-2-armbru@redhat.com&gt;
</content>
</entry>
<entry>
<title>Revert "chardev: use a child source for qio input source"</title>
<updated>2024-03-19T20:17:12Z</updated>
<author>
<name>Daniel P. Berrangé</name>
<email>berrange@redhat.com</email>
</author>
<published>2024-03-18T17:08:30Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=038b4217884c6f297278bb1ec6f0463c6c8221de'/>
<id>urn:sha1:038b4217884c6f297278bb1ec6f0463c6c8221de</id>
<content type='text'>
This reverts commit a7077b8e354d90fec26c2921aa2dea85b90dff90,
and add comments to explain why child sources cannot be used.

When a GSource is added as a child of another GSource, if its
'prepare' function indicates readiness, then the parent's
'prepare' function will never be run. The io_watch_poll_prepare
absolutely *must* be run on every iteration of the main loop,
to ensure that the chardev backend doesn't feed data to the
frontend that it is unable to consume.

At the time a7077b8e354d90fec26c2921aa2dea85b90dff90 was made,
all the child GSource impls were relying on poll'ing an FD,
so their 'prepare' functions would never indicate readiness
ahead of poll() being invoked. So the buggy behaviour was
not noticed and lay dormant.

Relatively recently the QIOChannelTLS impl introduced a
level 2 child GSource, which checks with GNUTLS whether it
has cached any data that was decoded but not yet consumed:

  commit ffda5db65aef42266a5053a4be34515106c4c7ee
  Author: Antoine Damhet &lt;antoine.damhet@shadow.tech&gt;
  Date:   Tue Nov 15 15:23:29 2022 +0100

    io/channel-tls: fix handling of bigger read buffers

    Since the TLS backend can read more data from the underlying QIOChannel
    we introduce a minimal child GSource to notify if we still have more
    data available to be read.

    Signed-off-by: Antoine Damhet &lt;antoine.damhet@shadow.tech&gt;
    Signed-off-by: Charles Frey &lt;charles.frey@shadow.tech&gt;
    Signed-off-by: Daniel P. Berrangé &lt;berrange@redhat.com&gt;

With this, it is now quite common for the 'prepare' function
on a QIOChannelTLS GSource to indicate immediate readiness,
bypassing the parent GSource 'prepare' function. IOW, the
critical 'io_watch_poll_prepare' is being skipped on some
iterations of the main loop. As a result chardev frontend
asserts are now being triggered as they are fed data they
are not ready to consume.

A reproducer is as follows:

 * In terminal 1 run a GNUTLS *echo* server

   $ gnutls-serv --echo \
                 --x509cafile ca-cert.pem \
                 --x509keyfile server-key.pem \
		 --x509certfile server-cert.pem \
		 -p 9000

 * In terminal 2 run a QEMU guest

   $ qemu-system-s390x \
       -nodefaults \
       -display none \
       -object tls-creds-x509,id=tls0,dir=$PWD,endpoint=client \
       -chardev socket,id=con0,host=localhost,port=9000,tls-creds=tls0 \
       -device sclpconsole,chardev=con0 \
       -hda Fedora-Cloud-Base-39-1.5.s390x.qcow2

After the previous patch revert, but before this patch revert,
this scenario will crash:

  qemu-system-s390x: ../hw/char/sclpconsole.c:73: chr_read: Assertion
  `size &lt;= SIZE_BUFFER_VT220 - scon-&gt;iov_data_len' failed.

This assert indicates that 'tcp_chr_read' was called without
'tcp_chr_read_poll' having first been checked for ability to
receive more data

QEMU's use of a 'prepare' function to create/delete another
GSource is rather a hack and not normally the kind of thing that
is expected to be done by a GSource. There is no mechanism to
force GLib to always run the 'prepare' function of a parent
GSource. The best option is to simply not use the child source
concept, and go back to the functional approach previously
relied on.

Reviewed-by: Marc-André Lureau &lt;marcandre.lureau@redhat.com&gt;
Reviewed-by: Thomas Huth &lt;thuth@redhat.com&gt;
Tested-by: Thomas Huth &lt;thuth@redhat.com&gt;
Signed-off-by: Daniel P. Berrangé &lt;berrange@redhat.com&gt;
</content>
</entry>
<entry>
<title>Revert "chardev/char-socket: Fix TLS io channels sending too much data to the backend"</title>
<updated>2024-03-19T20:17:12Z</updated>
<author>
<name>Daniel P. Berrangé</name>
<email>berrange@redhat.com</email>
</author>
<published>2024-03-18T13:03:19Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=e8ee827ffdb86ebbd5f5213a1f78123c25a90864'/>
<id>urn:sha1:e8ee827ffdb86ebbd5f5213a1f78123c25a90864</id>
<content type='text'>
This commit results in unexpected termination of the TLS connection.
When 'fd_can_read' returns 0, the code goes on to pass a zero length
buffer to qio_channel_read. The TLS impl calls into gnutls_recv()
with this zero length buffer, at which point GNUTLS returns an error
GNUTLS_E_INVALID_REQUEST. This is treated as fatal by QEMU's TLS code
resulting in the connection being torn down by the chardev.

Simply skipping the qio_channel_read when the buffer length is zero
is also not satisfactory, as it results in a high CPU burn busy loop
massively slowing QEMU's functionality.

The proper solution is to avoid tcp_chr_read being called at all
unless the frontend is able to accept more data. This will be done
in a followup commit.

This reverts commit 462945cd22d2bcd233401ed3aa167d83a8e35b05

Reviewed-by: Thomas Huth &lt;thuth@redhat.com&gt;
Signed-off-by: Daniel P. Berrangé &lt;berrange@redhat.com&gt;
</content>
</entry>
<entry>
<title>chardev: lower priority of the HUP GSource in socket chardev</title>
<updated>2024-03-19T20:17:12Z</updated>
<author>
<name>Daniel P. Berrangé</name>
<email>berrange@redhat.com</email>
</author>
<published>2024-03-18T18:06:59Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/qemu/commit/?id=8bd8b04adc9f18904f323dff085f8b4ec77915c6'/>
<id>urn:sha1:8bd8b04adc9f18904f323dff085f8b4ec77915c6</id>
<content type='text'>
The socket chardev often has 2 GSource object registered against the
same FD. One is registered all the time and is just intended to handle
POLLHUP events, while the other gets registered &amp; unregistered on the
fly as the frontend is ready to receive more data or not.

It is very common for poll() to signal a POLLHUP event at the same time
as there is pending incoming data from the disconnected client. It is
therefore essential to process incoming data prior to processing HUP.
The problem with having 2 GSource on the same FD is that there is no
guaranteed ordering of execution between them, so the chardev code may
process HUP first and thus discard data.

This failure scenario is non-deterministic but can be seen fairly
reliably by reverting a7077b8e354d90fec26c2921aa2dea85b90dff90, and
then running 'tests/unit/test-char', which will sometimes fail with
missing data.

Ideally QEMU would only have 1 GSource, but that's a complex code
refactoring job. The next best solution is to try to ensure ordering
between the 2 GSource objects. This can be achieved by lowering the
priority of the HUP GSource, so that it is never dispatched if the
main GSource is also ready to dispatch. Counter-intuitively, lowering
the priority of a GSource is done by raising its priority number.

Reviewed-by: Marc-André Lureau &lt;marcandre.lureau@redhat.com&gt;
Reviewed-by: Thomas Huth &lt;thuth@redhat.com&gt;
Signed-off-by: Daniel P. Berrangé &lt;berrange@redhat.com&gt;
</content>
</entry>
</feed>
