the code was correct. erealloc9p() terminates the process
on error, but the code was handling realloc() error explicitely
and responded the request with Enomem error.
the vmware svga video card emulated by qemu (qemu -vga vmware) complains and eventually causes a panic if the rectangles aren't clipped.
messages like the following can be observed from qemu before the kernel panics:
vmsvga_update_rect: update h was < 0 (-20000)
vmsvga_update_rect: update height too large y: 10000, h: 0
vmsvga_update_rect: update w was < 0 (-20000)
vmsvga_update_rect: update width too large x: 10000, w: 0
i could only reproduce this in qemu 2.0.50 on the master branch, when using the ui and had selected 'Zoom To Fit' from the View menu.
fix bug introduced by amd64 support:
forgot to update ring index i on receive. surprisingly
this was working until there where more than one packet
to process. sorry.
ilock the controller while processing rings. this should
be fixed and use kprocs instead.
we have to make sure the *swap address* doesnt go away,
after putting the swap address in the segment pte.
after we unlock the segment, the process could be
killed or fault which would cause the swap address to
be freed *before* we write the page to disk when it
pulls the page from the cache and putswap() swap pte.
keeping a reference to the page is no good. we have
to hold on the swap address. this also has the advantage
that we can now test if the swap address is still
referenced and can avoid writing to disk.
as with the Block refcount changes, _xinc() and _xdec() arent
used anymore, so remove them.
architecure can still define ainc()/adec() when it needs them.
change Proc.nlocks from Ref to int and just use normal increment and decrelemt
as done in erik quanstros 9atom.
It is not clear why we used atomic increment in the fist place as even if we
get preempted by interrupt and scheduled before we write back the incremented
value, it shouldnt be a problem and we'll just continue where we left off as
our process is the only one that can write to it.
Yoann Padioleau found that the Mach pointer Lock.m wasnt maintained
consistently for lock() vs canlock() and ilock(). Fixed.
Use uintptr instead of ulong for maxlockpc, maxilockpc and ilockpc debug variables.
webfs forks the namespace to isolate itself from its mount
point which has the side effect that it captures the mount
of previous instances of webfs mounted on /mnt/web.
explicitely unmount the mountpoint in our namespace copy
to drop the reference.
when there are multiple readers of /dev/usbevent, we have to
serialize the processing to make sure that only one driver
is opening the devices control endpoint at a time.
to do this, we assume the device is busy after reading the
event file until the next read or clunk on the same fid.
to mark a device busy, we set the dev->aux pointer to the
fid processing a event. And the Event structure takes a
reference to the device producing the event.
the problem arised from cdc ethernet and nusb/serial sharing
the same device class, and we need to run the particular driver
to figure out if the device can be used. doing this concurrently
fails because devusb allows only one open per endpoint.
the palloc.pages array takes arround 5% of the upages which
gives us:
16GB = ~0.8GB
32GB = ~1.6GB
64GB = ~3.2GB
we only have 2GB of address space above KZERO so this will not
work for long.
instead, pageinit() was altered to accept a preallocated memory
in palloc.pages. and preallocpages() in pc64/main.c allocates the
in upages memory, mapping it in the VMAP area (which has 512GB).
the drawback is that we cannot poke at Page structures now from
/proc/n/mem as the VMAP area is not accessible from it.
Without an explicit signal for a truncation, copy propagation will
sometimes propagate a 32-bit truncation and end up overwriting uses of
the original 64-bit value.
This was independently discovered and fixed in Go. See:
http://golang.org/issue/1315https://codereview.appspot.com/6002043/
Thanks Charles Forsyth for tips and advice.
as we do system reset and reboot only from boot processor cpu0 now,
theres no need for active.rebooting conditional variable.
mpshutdown() will unconditionally park application processors and
and cpu0 boots the new kernel or calls mpshutdown() causing system
reset.
in vmware, mpshutdown() used to hang in i8042reset() when not
called from the boot processor, so instead of reseting from first
cpu that acquires the shutdown lock, we park all application
processors and let the boot processor do the reset.
procwrite() did truncate the offset to 32bit ulong.
introduce off2addr() function that does the sign
extension hack and use it conststently for Qmem
reads and writes.
for the CMclose procctl, the fd number was not
bounds checked before indexing in the Fgrp.fd
array.
for the CMclosefiles, we looped fd from 0..maxfd-1,
but need to loop from 0..maxfd as maxfd is inclusive.
newns() (called by auth_chuid()) already prepares the
environment variables and puts us in a sane working
directory (as specified by the namespace file).
on amd64, the text segment is aligned and padded to
2MB, but segment granularity is 4K which can give
us page faults that are beyond the highest file
offset. this is perfectly valid, but was not handled
correctly in pio().
use two per process memory slots, one for the
pid and one for the fd instead of a global table
avoiding the case when the table gets full.
instead of calling pread() on the cached fd
(dangerous as it has side effects when the
fd was not closed), we check if the cached fd
is still good using fd2path() when called
the first time in this process.
theres big performance regression with this using
cwfs. cwfs calls time() to update atime on every
read/write which now causes walks on /dev.
reverting to the previous version for now. in the
long run, we'll use new _nsec() syscall but this
has to wait for a later release once new kernels
are established.
trackers do like the new default Mozilla/5.0 (compatible)
user agent. so force useragent to hjdicks and give option
to override it in case trackers get even more clever in
the future.
in dhcpwatch, the sleep time "secs" could become
zero potentially freezing the lease time.
give up when in Sinit state in dhcpquery() as this
is a terminal state.
from the specification:
software may reset the entire HBA by setting GHC.HR to '1'.
When software sets the GHC.HR bit to '1', the HBA shall perform
an internal reset action. The bit shall be cleared to '0'
by the HBA when the reset is complete.
sites like google return the wrong characterset when
they do not recognize the user-agent. so setting default
user agent to something thats likely to pass these
idiotic browser tests.
> warning: a.c:9 useless or misleading comparison: UINT < 0
the error can be observed by compiling the following code
with warnings enabled:
#include <u.h>
#include <libc.h>
uint r;
void
main(int argc, char *argv[])
{
int r;
if(r < 0){
exits(0);
}
}
the offending code in the compiler is:
- if(l->op == ONAME && l->sym->type){
- lt = l->sym->type;
- if(lt->etype == TARRAY)
- lt = lt->link;
- }
compiler handles scope by overwritin and reverting
symbols while parsing. in the ccom phase, the nodes symbol
(n->sym) is not in the right scope and we wrongly think r
is uint instead of int.
it is not clear to me what this code tried to accomplish in
the first place nor could anyone answer me this question.
the risk is small as this change doesnt affect the compiled
program, only the warning, so removing the offending code.
the malloc pool allocator is limited in its allocation
size. as almost all data structures in cwfs are never
freed, use brk() in ialloc() instead of mallocalign().
this means memory returned by ialloc() cannot be freed!
to make sure we do not call free by accident, remove
the #define malloc(n) ialloc(n, 0) macro and use ialloc()
directly as in the original code to show the intend
of permanent allocations.
this was a big mistake. we should never attempt to
timeout or retry a scsi command from the controller
driver because theres no way to tell how long a
command would take or if a command has side effects
when being retried.
number of bank slots in Conf.mem[4] was too small
for kenjis machine, set it to maximum 16 (the
size of the RAM map in pc64/memory.c).
also increasing the UPA memory map to 64. the
e820 map on my x200s has 31 entries and many
holes. this gets rid of the "mapfree: ... losing"
messages on boot.
make mntflushfree() return the original rpc and do the
botched clunk check on the original instead of the
current rpc.
so if we get a botched flush of a clunk, we abandon the
fid of the channel as well.
if theres an error transmitting a Tclunk or Tremove request,
we cannot assume the fid to be clunked. in case this was
a transient error, reusing the fid on further requests
will fail.
as a work arround, we zero the channels fid and allocate
a new fid before the chan is reused.
this is not correct as we essentially leak the fid
on the fileserver, but we will still be able to use
the mount.
the shift instructions does not change the zero flag
when the shift count is 0, so we cannot remove the
compare instruction in this case.
this fixes oggdec under 386.
ftrvxmtrx repots devices that use the endpoint number for
input and output of different types like:
nusb/ether: parsedesc endpoint 5[7] 07 05 81 03 08 00 09 # ep1 in intr
nusb/ether: parsedesc endpoint 5[7] 07 05 82 02 00 02 00
nusb/ether: parsedesc endpoint 5[7] 07 05 01 02 00 02 00 # ep1 out bulk
the previous change tried to work arround this but had the
concequence that only the lastly defined endpoint was
usable.
this change addresses the issue by allowing up to 32 endpoints
per device (16 output + 16 input endpoints) in devusb. the
hci driver will ignore the 4th bit and will only use the
lower 4 bits as endpoint address when talking to the usb
device.
when we encounter a conflict, we map the input endpoint
to the upper id range 16..31 and the output endpoint
to id 0..15 so two distinct endpoints are created.
nusb code assumes endpoint numbers are unique. It's true in general
case, but it becomes false once the direction bit is ignored. The
commit adds a check so that two endpoints of different types are not
merged into one with Eboth direction. It does overwrite endpoint
though, so it shouldn't be considered as a full fix.