* [Qemu-devel] [PULL 00/12] spice patch queue
@ 2012-05-03 8:53 Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 01/12] spice: require spice-protocol >= 0.8.1 Gerd Hoffmann
` (12 more replies)
0 siblings, 13 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Gerd Hoffmann
Hi,
Here comes the spice patch queue. Nothing major. Most patches make qxl
robust against guest bugs, by making qxl logging a message and raising
an error IRQ instead of calling abort(). And a few other bugfixes.
please pull,
Gerd
Alon Levy (12):
spice: require spice-protocol >= 0.8.1
spice_info: add mouse_mode
hw/qxl.c: qxl_phys2virt: replace panics with guest_bug
qxl: check for NULL return from qxl_phys2virt
qxl: replace panic with guest bug in qxl_track_command
qxl: fix > 80 chars line
qxl: don't abort on guest trigerrable ring indices mismatch
qxl: cleanup s/__FUNCTION__/__func__/
qxl: interface_notify_update: remove guest trigerrable abort
qxl: qxl_add_memslot: remove guest trigerrable panics
qxl: ioport_write: remove guest trigerrable abort
qxl: don't assert on guest create_guest_primary
configure | 1 +
hmp.c | 2 +
hw/qxl-logger.c | 51 ++++++++++++++-----
hw/qxl-render.c | 14 ++++-
hw/qxl.c | 145 +++++++++++++++++++++++++++++++++++++++++-------------
hw/qxl.h | 6 +-
qapi-schema.json | 27 ++++++++++-
ui/spice-core.c | 7 +++
8 files changed, 198 insertions(+), 55 deletions(-)
The following changes since commit 58a331bab950e9a12da8b17b57e11927893eaf5e:
Merge remote-tracking branch 'kwolf/for-anthony' into staging (2012-05-02 14:49:53 -0500)
are available in the git repository at:
git://anongit.freedesktop.org/spice/qemu spice.v54
Alon Levy (12):
spice: require spice-protocol >= 0.8.1
spice_info: add mouse_mode
hw/qxl.c: qxl_phys2virt: replace panics with guest_bug
qxl: check for NULL return from qxl_phys2virt
qxl: replace panic with guest bug in qxl_track_command
qxl: fix > 80 chars line
qxl: don't abort on guest trigerrable ring indices mismatch
qxl: cleanup s/__FUNCTION__/__func__/
qxl: interface_notify_update: remove guest trigerrable abort
qxl: qxl_add_memslot: remove guest trigerrable panics
qxl: ioport_write: remove guest trigerrable abort
qxl: don't assert on guest create_guest_primary
configure | 1 +
hmp.c | 2 +
hw/qxl-logger.c | 51 ++++++++++++++-----
hw/qxl-render.c | 14 ++++-
hw/qxl.c | 145 +++++++++++++++++++++++++++++++++++++++++-------------
hw/qxl.h | 6 +-
qapi-schema.json | 27 ++++++++++-
ui/spice-core.c | 7 +++
8 files changed, 198 insertions(+), 55 deletions(-)
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 01/12] spice: require spice-protocol >= 0.8.1
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 02/12] spice_info: add mouse_mode Gerd Hoffmann
` (11 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Requiring spice-server >= 0.8.2 is not enough since spice-server.pc
doesn't require spice-protocol (any version). Until that is fixed
upstream an explicit requirement in qemu fixes compilation broken since
commit 2e1a98c9c1b90ca093278c6b43244dc46604d7b7
Author: Alon Levy <alevy@redhat.com>
Date: Fri Feb 24 23:19:30 2012 +0200
qxl: introduce QXLCookie
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
configure | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/configure b/configure
index 0111774..62aa760 100755
--- a/configure
+++ b/configure
@@ -2592,6 +2592,7 @@ EOF
spice_cflags=$($pkg_config --cflags spice-protocol spice-server 2>/dev/null)
spice_libs=$($pkg_config --libs spice-protocol spice-server 2>/dev/null)
if $pkg_config --atleast-version=0.8.2 spice-server >/dev/null 2>&1 && \
+ $pkg_config --atleast-version=0.8.1 spice-protocol > /dev/null 2>&1 && \
compile_prog "$spice_cflags" "$spice_libs" ; then
spice="yes"
libs_softmmu="$libs_softmmu $spice_libs"
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 02/12] spice_info: add mouse_mode
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 01/12] spice: require spice-protocol >= 0.8.1 Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 03/12] hw/qxl.c: qxl_phys2virt: replace panics with guest_bug Gerd Hoffmann
` (10 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Add mouse_mode, either server or mouse, to qmp and hmp commands, based
on spice_server_is_server_mouse added in spice-server 0.10.3.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hmp.c | 2 ++
qapi-schema.json | 27 ++++++++++++++++++++++++++-
ui/spice-core.c | 7 +++++++
3 files changed, 35 insertions(+), 1 deletions(-)
diff --git a/hmp.c b/hmp.c
index eb96618..1f9fe0e 100644
--- a/hmp.c
+++ b/hmp.c
@@ -350,6 +350,8 @@ void hmp_info_spice(Monitor *mon)
}
monitor_printf(mon, " auth: %s\n", info->auth);
monitor_printf(mon, " compiled: %s\n", info->compiled_version);
+ monitor_printf(mon, " mouse-mode: %s\n",
+ SpiceQueryMouseMode_lookup[info->mouse_mode]);
if (!info->has_channels || info->channels == NULL) {
monitor_printf(mon, "Channels: none\n");
diff --git a/qapi-schema.json b/qapi-schema.json
index 9193fb9..4279259 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -634,6 +634,25 @@
'tls': 'bool'} }
##
+# @SpiceQueryMouseMode
+#
+# An enumation of Spice mouse states.
+#
+# @client: Mouse cursor position is determined by the client.
+#
+# @server: Mouse cursor position is determined by the server.
+#
+# @unknown: No information is available about mouse mode used by
+# the spice server.
+#
+# Note: spice/enums.h has a SpiceMouseMode already, hence the name.
+#
+# Since: 1.1
+##
+{ 'enum': 'SpiceQueryMouseMode',
+ 'data': [ 'client', 'server', 'unknown' ] }
+
+##
# @SpiceInfo
#
# Information about the SPICE session.
@@ -654,6 +673,12 @@
# 'spice' uses SASL or direct TLS authentication, depending on command
# line options
#
+# @mouse-mode: The mode in which the mouse cursor is displayed currently. Can
+# be determined by the client or the server, or unknown if spice
+# server doesn't provide this information.
+#
+# Since: 1.1
+#
# @channels: a list of @SpiceChannel for each active spice channel
#
# Since: 0.14.0
@@ -661,7 +686,7 @@
{ 'type': 'SpiceInfo',
'data': {'enabled': 'bool', '*host': 'str', '*port': 'int',
'*tls-port': 'int', '*auth': 'str', '*compiled-version': 'str',
- '*channels': ['SpiceChannel']} }
+ 'mouse-mode': 'SpiceQueryMouseMode', '*channels': ['SpiceChannel']} }
##
# @query-spice
diff --git a/ui/spice-core.c b/ui/spice-core.c
index a468524..4fc48f8 100644
--- a/ui/spice-core.c
+++ b/ui/spice-core.c
@@ -462,6 +462,13 @@ SpiceInfo *qmp_query_spice(Error **errp)
info->tls_port = tls_port;
}
+#if SPICE_SERVER_VERSION >= 0x000a03 /* 0.10.3 */
+ info->mouse_mode = spice_server_is_server_mouse(spice_server) ?
+ SPICE_QUERY_MOUSE_MODE_SERVER :
+ SPICE_QUERY_MOUSE_MODE_CLIENT;
+#else
+ info->mouse_mode = SPICE_QUERY_MOUSE_MODE_UNKNOWN;
+#endif
/* for compatibility with the original command */
info->has_channels = true;
info->channels = qmp_query_spice_channels();
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 03/12] hw/qxl.c: qxl_phys2virt: replace panics with guest_bug
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 01/12] spice: require spice-protocol >= 0.8.1 Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 02/12] spice_info: add mouse_mode Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 04/12] qxl: check for NULL return from qxl_phys2virt Gerd Hoffmann
` (9 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 25 +++++++++++++++++++------
1 files changed, 19 insertions(+), 6 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index c3540c3..9e8cdf3 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -1097,15 +1097,28 @@ void *qxl_phys2virt(PCIQXLDevice *qxl, QXLPHYSICAL pqxl, int group_id)
case MEMSLOT_GROUP_HOST:
return (void *)(intptr_t)offset;
case MEMSLOT_GROUP_GUEST:
- PANIC_ON(slot >= NUM_MEMSLOTS);
- PANIC_ON(!qxl->guest_slots[slot].active);
- PANIC_ON(offset < qxl->guest_slots[slot].delta);
+ if (slot >= NUM_MEMSLOTS) {
+ qxl_guest_bug(qxl, "slot too large %d >= %d", slot, NUM_MEMSLOTS);
+ return NULL;
+ }
+ if (!qxl->guest_slots[slot].active) {
+ qxl_guest_bug(qxl, "inactive slot %d\n", slot);
+ return NULL;
+ }
+ if (offset < qxl->guest_slots[slot].delta) {
+ qxl_guest_bug(qxl, "slot %d offset %"PRIu64" < delta %"PRIu64"\n",
+ slot, offset, qxl->guest_slots[slot].delta);
+ return NULL;
+ }
offset -= qxl->guest_slots[slot].delta;
- PANIC_ON(offset > qxl->guest_slots[slot].size)
+ if (offset > qxl->guest_slots[slot].size) {
+ qxl_guest_bug(qxl, "slot %d offset %"PRIu64" > size %"PRIu64"\n",
+ slot, offset, qxl->guest_slots[slot].size);
+ return NULL;
+ }
return qxl->guest_slots[slot].ptr + offset;
- default:
- PANIC_ON(1);
}
+ return NULL;
}
static void qxl_create_guest_primary_complete(PCIQXLDevice *qxl)
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 04/12] qxl: check for NULL return from qxl_phys2virt
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (2 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 03/12] hw/qxl.c: qxl_phys2virt: replace panics with guest_bug Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 05/12] qxl: replace panic with guest bug in qxl_track_command Gerd Hoffmann
` (8 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl-logger.c | 51 ++++++++++++++++++++++++++++++++++++++-------------
hw/qxl-render.c | 14 +++++++++++---
hw/qxl.c | 13 ++++++++++++-
hw/qxl.h | 6 +++---
4 files changed, 64 insertions(+), 20 deletions(-)
diff --git a/hw/qxl-logger.c b/hw/qxl-logger.c
index 367aad1..fe2878c 100644
--- a/hw/qxl-logger.c
+++ b/hw/qxl-logger.c
@@ -100,12 +100,15 @@ static const char *qxl_v2n(const char *n[], size_t l, int v)
}
#define qxl_name(_list, _value) qxl_v2n(_list, ARRAY_SIZE(_list), _value)
-static void qxl_log_image(PCIQXLDevice *qxl, QXLPHYSICAL addr, int group_id)
+static int qxl_log_image(PCIQXLDevice *qxl, QXLPHYSICAL addr, int group_id)
{
QXLImage *image;
QXLImageDescriptor *desc;
image = qxl_phys2virt(qxl, addr, group_id);
+ if (!image) {
+ return 1;
+ }
desc = &image->descriptor;
fprintf(stderr, " (id %" PRIx64 " type %d flags %d width %d height %d",
desc->id, desc->type, desc->flags, desc->width, desc->height);
@@ -120,6 +123,7 @@ static void qxl_log_image(PCIQXLDevice *qxl, QXLPHYSICAL addr, int group_id)
break;
}
fprintf(stderr, ")");
+ return 0;
}
static void qxl_log_rect(QXLRect *rect)
@@ -130,17 +134,24 @@ static void qxl_log_rect(QXLRect *rect)
rect->left, rect->top);
}
-static void qxl_log_cmd_draw_copy(PCIQXLDevice *qxl, QXLCopy *copy, int group_id)
+static int qxl_log_cmd_draw_copy(PCIQXLDevice *qxl, QXLCopy *copy,
+ int group_id)
{
+ int ret;
+
fprintf(stderr, " src %" PRIx64,
copy->src_bitmap);
- qxl_log_image(qxl, copy->src_bitmap, group_id);
+ ret = qxl_log_image(qxl, copy->src_bitmap, group_id);
+ if (ret != 0) {
+ return ret;
+ }
fprintf(stderr, " area");
qxl_log_rect(©->src_area);
fprintf(stderr, " rop %d", copy->rop_descriptor);
+ return 0;
}
-static void qxl_log_cmd_draw(PCIQXLDevice *qxl, QXLDrawable *draw, int group_id)
+static int qxl_log_cmd_draw(PCIQXLDevice *qxl, QXLDrawable *draw, int group_id)
{
fprintf(stderr, ": surface_id %d type %s effect %s",
draw->surface_id,
@@ -148,13 +159,14 @@ static void qxl_log_cmd_draw(PCIQXLDevice *qxl, QXLDrawable *draw, int group_id)
qxl_name(qxl_draw_effect, draw->effect));
switch (draw->type) {
case QXL_DRAW_COPY:
- qxl_log_cmd_draw_copy(qxl, &draw->u.copy, group_id);
+ return qxl_log_cmd_draw_copy(qxl, &draw->u.copy, group_id);
break;
}
+ return 0;
}
-static void qxl_log_cmd_draw_compat(PCIQXLDevice *qxl, QXLCompatDrawable *draw,
- int group_id)
+static int qxl_log_cmd_draw_compat(PCIQXLDevice *qxl, QXLCompatDrawable *draw,
+ int group_id)
{
fprintf(stderr, ": type %s effect %s",
qxl_name(qxl_draw_type, draw->type),
@@ -166,9 +178,10 @@ static void qxl_log_cmd_draw_compat(PCIQXLDevice *qxl, QXLCompatDrawable *draw,
}
switch (draw->type) {
case QXL_DRAW_COPY:
- qxl_log_cmd_draw_copy(qxl, &draw->u.copy, group_id);
+ return qxl_log_cmd_draw_copy(qxl, &draw->u.copy, group_id);
break;
}
+ return 0;
}
static void qxl_log_cmd_surface(PCIQXLDevice *qxl, QXLSurfaceCmd *cmd)
@@ -189,7 +202,7 @@ static void qxl_log_cmd_surface(PCIQXLDevice *qxl, QXLSurfaceCmd *cmd)
}
}
-void qxl_log_cmd_cursor(PCIQXLDevice *qxl, QXLCursorCmd *cmd, int group_id)
+int qxl_log_cmd_cursor(PCIQXLDevice *qxl, QXLCursorCmd *cmd, int group_id)
{
QXLCursor *cursor;
@@ -203,6 +216,9 @@ void qxl_log_cmd_cursor(PCIQXLDevice *qxl, QXLCursorCmd *cmd, int group_id)
cmd->u.set.visible ? "yes" : "no",
cmd->u.set.shape);
cursor = qxl_phys2virt(qxl, cmd->u.set.shape, group_id);
+ if (!cursor) {
+ return 1;
+ }
fprintf(stderr, " type %s size %dx%d hot-spot +%d+%d"
" unique 0x%" PRIx64 " data-size %d",
qxl_name(spice_cursor_type, cursor->header.type),
@@ -214,15 +230,17 @@ void qxl_log_cmd_cursor(PCIQXLDevice *qxl, QXLCursorCmd *cmd, int group_id)
fprintf(stderr, " +%d+%d", cmd->u.position.x, cmd->u.position.y);
break;
}
+ return 0;
}
-void qxl_log_command(PCIQXLDevice *qxl, const char *ring, QXLCommandExt *ext)
+int qxl_log_command(PCIQXLDevice *qxl, const char *ring, QXLCommandExt *ext)
{
bool compat = ext->flags & QXL_COMMAND_FLAG_COMPAT;
void *data;
+ int ret;
if (!qxl->cmdlog) {
- return;
+ return 0;
}
fprintf(stderr, "%" PRId64 " qxl-%d/%s:", qemu_get_clock_ns(vm_clock),
qxl->id, ring);
@@ -231,12 +249,18 @@ void qxl_log_command(PCIQXLDevice *qxl, const char *ring, QXLCommandExt *ext)
compat ? "(compat)" : "");
data = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id);
+ if (!data) {
+ return 1;
+ }
switch (ext->cmd.type) {
case QXL_CMD_DRAW:
if (!compat) {
- qxl_log_cmd_draw(qxl, data, ext->group_id);
+ ret = qxl_log_cmd_draw(qxl, data, ext->group_id);
} else {
- qxl_log_cmd_draw_compat(qxl, data, ext->group_id);
+ ret = qxl_log_cmd_draw_compat(qxl, data, ext->group_id);
+ }
+ if (ret) {
+ return ret;
}
break;
case QXL_CMD_SURFACE:
@@ -247,4 +271,5 @@ void qxl_log_command(PCIQXLDevice *qxl, const char *ring, QXLCommandExt *ext)
break;
}
fprintf(stderr, "\n");
+ return 0;
}
diff --git a/hw/qxl-render.c b/hw/qxl-render.c
index f7f1bfd..e2e3fe2 100644
--- a/hw/qxl-render.c
+++ b/hw/qxl-render.c
@@ -228,14 +228,18 @@ fail:
/* called from spice server thread context only */
-void qxl_render_cursor(PCIQXLDevice *qxl, QXLCommandExt *ext)
+int qxl_render_cursor(PCIQXLDevice *qxl, QXLCommandExt *ext)
{
QXLCursorCmd *cmd = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id);
QXLCursor *cursor;
QEMUCursor *c;
+ if (!cmd) {
+ return 1;
+ }
+
if (!qxl->ssd.ds->mouse_set || !qxl->ssd.ds->cursor_define) {
- return;
+ return 0;
}
if (qxl->debug > 1 && cmd->type != QXL_CURSOR_MOVE) {
@@ -246,9 +250,12 @@ void qxl_render_cursor(PCIQXLDevice *qxl, QXLCommandExt *ext)
switch (cmd->type) {
case QXL_CURSOR_SET:
cursor = qxl_phys2virt(qxl, cmd->u.set.shape, ext->group_id);
+ if (!cursor) {
+ return 1;
+ }
if (cursor->chunk.data_size != cursor->data_size) {
fprintf(stderr, "%s: multiple chunks\n", __FUNCTION__);
- return;
+ return 1;
}
c = qxl_cursor(qxl, cursor);
if (c == NULL) {
@@ -270,4 +277,5 @@ void qxl_render_cursor(PCIQXLDevice *qxl, QXLCommandExt *ext)
qemu_mutex_unlock(&qxl->ssd.lock);
break;
}
+ return 0;
}
diff --git a/hw/qxl.c b/hw/qxl.c
index 9e8cdf3..b6a738e 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -383,12 +383,16 @@ static void qxl_ring_set_dirty(PCIQXLDevice *qxl)
* keep track of some command state, for savevm/loadvm.
* called from spice server thread context only
*/
-static void qxl_track_command(PCIQXLDevice *qxl, struct QXLCommandExt *ext)
+static int qxl_track_command(PCIQXLDevice *qxl, struct QXLCommandExt *ext)
{
switch (le32_to_cpu(ext->cmd.type)) {
case QXL_CMD_SURFACE:
{
QXLSurfaceCmd *cmd = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id);
+
+ if (!cmd) {
+ return 1;
+ }
uint32_t id = le32_to_cpu(cmd->surface_id);
PANIC_ON(id >= NUM_SURFACES);
qemu_mutex_lock(&qxl->track_lock);
@@ -408,6 +412,10 @@ static void qxl_track_command(PCIQXLDevice *qxl, struct QXLCommandExt *ext)
case QXL_CMD_CURSOR:
{
QXLCursorCmd *cmd = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id);
+
+ if (!cmd) {
+ return 1;
+ }
if (cmd->type == QXL_CURSOR_SET) {
qemu_mutex_lock(&qxl->track_lock);
qxl->guest_cursor = ext->cmd.data;
@@ -416,6 +424,7 @@ static void qxl_track_command(PCIQXLDevice *qxl, struct QXLCommandExt *ext)
break;
}
}
+ return 0;
}
/* spice display interface callbacks */
@@ -1568,10 +1577,12 @@ static void qxl_dirty_surfaces(PCIQXLDevice *qxl)
cmd = qxl_phys2virt(qxl, qxl->guest_surfaces.cmds[i],
MEMSLOT_GROUP_GUEST);
+ assert(cmd);
assert(cmd->type == QXL_SURFACE_CMD_CREATE);
surface_offset = (intptr_t)qxl_phys2virt(qxl,
cmd->u.surface_create.data,
MEMSLOT_GROUP_GUEST);
+ assert(surface_offset);
surface_offset -= vram_start;
surface_size = cmd->u.surface_create.height *
abs(cmd->u.surface_create.stride);
diff --git a/hw/qxl.h b/hw/qxl.h
index cbb1e2d..3102950 100644
--- a/hw/qxl.h
+++ b/hw/qxl.h
@@ -142,12 +142,12 @@ void qxl_spice_reset_image_cache(PCIQXLDevice *qxl);
void qxl_spice_reset_cursor(PCIQXLDevice *qxl);
/* qxl-logger.c */
-void qxl_log_cmd_cursor(PCIQXLDevice *qxl, QXLCursorCmd *cmd, int group_id);
-void qxl_log_command(PCIQXLDevice *qxl, const char *ring, QXLCommandExt *ext);
+int qxl_log_cmd_cursor(PCIQXLDevice *qxl, QXLCursorCmd *cmd, int group_id);
+int qxl_log_command(PCIQXLDevice *qxl, const char *ring, QXLCommandExt *ext);
/* qxl-render.c */
void qxl_render_resize(PCIQXLDevice *qxl);
void qxl_render_update(PCIQXLDevice *qxl);
-void qxl_render_cursor(PCIQXLDevice *qxl, QXLCommandExt *ext);
+int qxl_render_cursor(PCIQXLDevice *qxl, QXLCommandExt *ext);
void qxl_render_update_area_done(PCIQXLDevice *qxl, QXLCookie *cookie);
void qxl_render_update_area_bh(void *opaque);
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 05/12] qxl: replace panic with guest bug in qxl_track_command
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (3 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 04/12] qxl: check for NULL return from qxl_phys2virt Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 06/12] qxl: fix > 80 chars line Gerd Hoffmann
` (7 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index b6a738e..8b66cbb 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -394,7 +394,11 @@ static int qxl_track_command(PCIQXLDevice *qxl, struct QXLCommandExt *ext)
return 1;
}
uint32_t id = le32_to_cpu(cmd->surface_id);
- PANIC_ON(id >= NUM_SURFACES);
+
+ if (id >= NUM_SURFACES) {
+ qxl_guest_bug(qxl, "QXL_CMD_SURFACE id %d >= %d", id, NUM_SURFACES);
+ return 1;
+ }
qemu_mutex_lock(&qxl->track_lock);
if (cmd->type == QXL_SURFACE_CMD_CREATE) {
qxl->guest_surfaces.cmds[id] = ext->cmd.data;
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 06/12] qxl: fix > 80 chars line
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (4 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 05/12] qxl: replace panic with guest bug in qxl_track_command Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 07/12] qxl: don't abort on guest trigerrable ring indices mismatch Gerd Hoffmann
` (6 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index 8b66cbb..b22f86e 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -777,8 +777,8 @@ static void interface_async_complete_io(PCIQXLDevice *qxl, QXLCookie *cookie)
}
if (cookie && current_async != cookie->io) {
fprintf(stderr,
- "qxl: %s: error: current_async = %d != %" PRId64 " = cookie->io\n",
- __func__, current_async, cookie->io);
+ "qxl: %s: error: current_async = %d != %"
+ PRId64 " = cookie->io\n", __func__, current_async, cookie->io);
}
switch (current_async) {
case QXL_IO_MEMSLOT_ADD_ASYNC:
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 07/12] qxl: don't abort on guest trigerrable ring indices mismatch
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (5 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 06/12] qxl: fix > 80 chars line Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 08/12] qxl: cleanup s/__FUNCTION__/__func__/ Gerd Hoffmann
` (5 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 51 +++++++++++++++++++++++++++++++++++++++------------
1 files changed, 39 insertions(+), 12 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index b22f86e..44a4c9b 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -27,28 +27,42 @@
#include "qxl.h"
+/*
+ * NOTE: SPICE_RING_PROD_ITEM accesses memory on the pci bar and as
+ * such can be changed by the guest, so to avoid a guest trigerrable
+ * abort we just set qxl_guest_bug and set the return to NULL. Still
+ * it may happen as a result of emulator bug as well.
+ */
#undef SPICE_RING_PROD_ITEM
-#define SPICE_RING_PROD_ITEM(r, ret) { \
+#define SPICE_RING_PROD_ITEM(qxl, r, ret) { \
typeof(r) start = r; \
typeof(r) end = r + 1; \
uint32_t prod = (r)->prod & SPICE_RING_INDEX_MASK(r); \
typeof(&(r)->items[prod]) m_item = &(r)->items[prod]; \
if (!((uint8_t*)m_item >= (uint8_t*)(start) && (uint8_t*)(m_item + 1) <= (uint8_t*)(end))) { \
- abort(); \
+ qxl_guest_bug(qxl, "SPICE_RING_PROD_ITEM indices mismatch " \
+ "! %p <= %p < %p", (uint8_t *)start, \
+ (uint8_t *)m_item, (uint8_t *)end); \
+ ret = NULL; \
+ } else { \
+ ret = &m_item->el; \
} \
- ret = &m_item->el; \
}
#undef SPICE_RING_CONS_ITEM
-#define SPICE_RING_CONS_ITEM(r, ret) { \
+#define SPICE_RING_CONS_ITEM(qxl, r, ret) { \
typeof(r) start = r; \
typeof(r) end = r + 1; \
uint32_t cons = (r)->cons & SPICE_RING_INDEX_MASK(r); \
typeof(&(r)->items[cons]) m_item = &(r)->items[cons]; \
if (!((uint8_t*)m_item >= (uint8_t*)(start) && (uint8_t*)(m_item + 1) <= (uint8_t*)(end))) { \
- abort(); \
+ qxl_guest_bug(qxl, "SPICE_RING_CONS_ITEM indices mismatch " \
+ "! %p <= %p < %p", (uint8_t *)start, \
+ (uint8_t *)m_item, (uint8_t *)end); \
+ ret = NULL; \
+ } else { \
+ ret = &m_item->el; \
} \
- ret = &m_item->el; \
}
#undef ALIGN
@@ -343,7 +357,8 @@ static void init_qxl_ram(PCIQXLDevice *d)
SPICE_RING_INIT(&d->ram->cmd_ring);
SPICE_RING_INIT(&d->ram->cursor_ring);
SPICE_RING_INIT(&d->ram->release_ring);
- SPICE_RING_PROD_ITEM(&d->ram->release_ring, item);
+ SPICE_RING_PROD_ITEM(d, &d->ram->release_ring, item);
+ assert(item);
*item = 0;
qxl_ring_set_dirty(d);
}
@@ -559,8 +574,10 @@ static int interface_get_command(QXLInstance *sin, struct QXLCommandExt *ext)
if (SPICE_RING_IS_EMPTY(ring)) {
return false;
}
- trace_qxl_ring_command_get(qxl->id, qxl_mode_to_string(qxl->mode));
- SPICE_RING_CONS_ITEM(ring, cmd);
+ SPICE_RING_CONS_ITEM(qxl, ring, cmd);
+ if (!cmd) {
+ return false;
+ }
ext->cmd = *cmd;
ext->group_id = MEMSLOT_GROUP_GUEST;
ext->flags = qxl->cmdflags;
@@ -572,6 +589,7 @@ static int interface_get_command(QXLInstance *sin, struct QXLCommandExt *ext)
qxl->guest_primary.commands++;
qxl_track_command(qxl, ext);
qxl_log_command(qxl, "cmd", ext);
+ trace_qxl_ring_command_get(qxl->id, qxl_mode_to_string(qxl->mode));
return true;
default:
return false;
@@ -630,7 +648,10 @@ static inline void qxl_push_free_res(PCIQXLDevice *d, int flush)
if (notify) {
qxl_send_events(d, QXL_INTERRUPT_DISPLAY);
}
- SPICE_RING_PROD_ITEM(ring, item);
+ SPICE_RING_PROD_ITEM(d, ring, item);
+ if (!item) {
+ return;
+ }
*item = 0;
d->num_free_res = 0;
d->last_release = NULL;
@@ -656,7 +677,10 @@ static void interface_release_resource(QXLInstance *sin,
* pci bar 0, $command.release_info
*/
ring = &qxl->ram->release_ring;
- SPICE_RING_PROD_ITEM(ring, item);
+ SPICE_RING_PROD_ITEM(qxl, ring, item);
+ if (!item) {
+ return;
+ }
if (*item == 0) {
/* stick head into the ring */
id = ext.info->id;
@@ -695,7 +719,10 @@ static int interface_get_cursor_command(QXLInstance *sin, struct QXLCommandExt *
if (SPICE_RING_IS_EMPTY(ring)) {
return false;
}
- SPICE_RING_CONS_ITEM(ring, cmd);
+ SPICE_RING_CONS_ITEM(qxl, ring, cmd);
+ if (!cmd) {
+ return false;
+ }
ext->cmd = *cmd;
ext->group_id = MEMSLOT_GROUP_GUEST;
ext->flags = qxl->cmdflags;
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 08/12] qxl: cleanup s/__FUNCTION__/__func__/
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (6 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 07/12] qxl: don't abort on guest trigerrable ring indices mismatch Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 09/12] qxl: interface_notify_update: remove guest trigerrable abort Gerd Hoffmann
` (4 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index 44a4c9b..6e7232c 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -1503,7 +1503,7 @@ static void qxl_send_events(PCIQXLDevice *d, uint32_t events)
qxl_update_irq(d);
} else {
if (write(d->pipe[1], d, 1) != 1) {
- dprint(d, 1, "%s: write to pipe failed\n", __FUNCTION__);
+ dprint(d, 1, "%s: write to pipe failed\n", __func__);
}
}
}
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 09/12] qxl: interface_notify_update: remove guest trigerrable abort
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (7 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 08/12] qxl: cleanup s/__FUNCTION__/__func__/ Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 10/12] qxl: qxl_add_memslot: remove guest trigerrable panics Gerd Hoffmann
` (3 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 9 +++++++--
1 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index 6e7232c..44ee495 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -768,8 +768,13 @@ static int interface_req_cursor_notification(QXLInstance *sin)
/* called from spice server thread context */
static void interface_notify_update(QXLInstance *sin, uint32_t update_id)
{
- fprintf(stderr, "%s: abort()\n", __FUNCTION__);
- abort();
+ /*
+ * Called by spice-server as a result of a QXL_CMD_UPDATE which is not in
+ * use by xf86-video-qxl and is defined out in the qxl windows driver.
+ * Probably was at some earlier version that is prior to git start (2009),
+ * and is still guest trigerrable.
+ */
+ fprintf(stderr, "%s: deprecated\n", __func__);
}
/* called from spice server thread context only */
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 10/12] qxl: qxl_add_memslot: remove guest trigerrable panics
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (8 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 09/12] qxl: interface_notify_update: remove guest trigerrable abort Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 11/12] qxl: ioport_write: remove guest trigerrable abort Gerd Hoffmann
` (2 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 27 ++++++++++++++++++++-------
1 files changed, 20 insertions(+), 7 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index 44ee495..44a167a 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -1038,8 +1038,8 @@ static const MemoryRegionPortio qxl_vga_portio_list[] = {
PORTIO_END_OF_LIST(),
};
-static void qxl_add_memslot(PCIQXLDevice *d, uint32_t slot_id, uint64_t delta,
- qxl_async_io async)
+static int qxl_add_memslot(PCIQXLDevice *d, uint32_t slot_id, uint64_t delta,
+ qxl_async_io async)
{
static const int regions[] = {
QXL_RAM_RANGE_INDEX,
@@ -1060,8 +1060,16 @@ static void qxl_add_memslot(PCIQXLDevice *d, uint32_t slot_id, uint64_t delta,
trace_qxl_memslot_add_guest(d->id, slot_id, guest_start, guest_end);
- PANIC_ON(slot_id >= NUM_MEMSLOTS);
- PANIC_ON(guest_start > guest_end);
+ if (slot_id >= NUM_MEMSLOTS) {
+ qxl_guest_bug(d, "%s: slot_id >= NUM_MEMSLOTS %d >= %d", __func__,
+ slot_id, NUM_MEMSLOTS);
+ return 1;
+ }
+ if (guest_start > guest_end) {
+ qxl_guest_bug(d, "%s: guest_start > guest_end 0x%" PRIx64
+ " > 0x%" PRIx64, __func__, guest_start, guest_end);
+ return 1;
+ }
for (i = 0; i < ARRAY_SIZE(regions); i++) {
pci_region = regions[i];
@@ -1082,7 +1090,10 @@ static void qxl_add_memslot(PCIQXLDevice *d, uint32_t slot_id, uint64_t delta,
/* passed */
break;
}
- PANIC_ON(i == ARRAY_SIZE(regions)); /* finished loop without match */
+ if (i == ARRAY_SIZE(regions)) {
+ qxl_guest_bug(d, "%s: finished loop without match", __func__);
+ return 1;
+ }
switch (pci_region) {
case QXL_RAM_RANGE_INDEX:
@@ -1094,7 +1105,8 @@ static void qxl_add_memslot(PCIQXLDevice *d, uint32_t slot_id, uint64_t delta,
break;
default:
/* should not happen */
- abort();
+ qxl_guest_bug(d, "%s: pci_region = %d", __func__, pci_region);
+ return 1;
}
memslot.slot_id = slot_id;
@@ -1110,6 +1122,7 @@ static void qxl_add_memslot(PCIQXLDevice *d, uint32_t slot_id, uint64_t delta,
d->guest_slots[slot_id].size = memslot.virt_end - memslot.virt_start;
d->guest_slots[slot_id].delta = delta;
d->guest_slots[slot_id].active = 1;
+ return 0;
}
static void qxl_del_memslot(PCIQXLDevice *d, uint32_t slot_id)
@@ -1250,7 +1263,7 @@ static void qxl_set_mode(PCIQXLDevice *d, int modenr, int loadvm)
}
d->guest_slots[0].slot = slot;
- qxl_add_memslot(d, 0, devmem, QXL_SYNC);
+ assert(qxl_add_memslot(d, 0, devmem, QXL_SYNC) == 0);
d->guest_primary.surface = surface;
qxl_create_guest_primary(d, 0, QXL_SYNC);
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 11/12] qxl: ioport_write: remove guest trigerrable abort
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (9 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 10/12] qxl: qxl_add_memslot: remove guest trigerrable panics Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 12/12] qxl: don't assert on guest create_guest_primary Gerd Hoffmann
2012-05-08 16:11 ` [Qemu-devel] [PULL 00/12] spice patch queue Anthony Liguori
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index 44a167a..c614c91 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -1464,8 +1464,7 @@ async_common:
qxl_spice_destroy_surfaces(d, async);
break;
default:
- fprintf(stderr, "%s: ioport=0x%x, abort()\n", __FUNCTION__, io_port);
- abort();
+ qxl_guest_bug(d, "%s: unexpected ioport=0x%x\n", __func__, io_port);
}
return;
cancel_async:
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PATCH 12/12] qxl: don't assert on guest create_guest_primary
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (10 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 11/12] qxl: ioport_write: remove guest trigerrable abort Gerd Hoffmann
@ 2012-05-03 8:53 ` Gerd Hoffmann
2012-05-08 16:11 ` [Qemu-devel] [PULL 00/12] spice patch queue Anthony Liguori
12 siblings, 0 replies; 14+ messages in thread
From: Gerd Hoffmann @ 2012-05-03 8:53 UTC (permalink / raw)
To: qemu-devel; +Cc: Alon Levy, Gerd Hoffmann
From: Alon Levy <alevy@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index c614c91..6c11e70 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -1191,7 +1191,10 @@ static void qxl_create_guest_primary(PCIQXLDevice *qxl, int loadvm,
QXLDevSurfaceCreate surface;
QXLSurfaceCreate *sc = &qxl->guest_primary.surface;
- assert(qxl->mode != QXL_MODE_NATIVE);
+ if (qxl->mode == QXL_MODE_NATIVE) {
+ qxl_guest_bug(qxl, "%s: nop since already in QXL_MODE_NATIVE",
+ __func__);
+ }
qxl_exit_vga_mode(qxl);
surface.format = le32_to_cpu(sc->format);
--
1.7.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: [Qemu-devel] [PULL 00/12] spice patch queue
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
` (11 preceding siblings ...)
2012-05-03 8:53 ` [Qemu-devel] [PATCH 12/12] qxl: don't assert on guest create_guest_primary Gerd Hoffmann
@ 2012-05-08 16:11 ` Anthony Liguori
12 siblings, 0 replies; 14+ messages in thread
From: Anthony Liguori @ 2012-05-08 16:11 UTC (permalink / raw)
To: Gerd Hoffmann; +Cc: qemu-devel
On 05/03/2012 03:53 AM, Gerd Hoffmann wrote:
> Hi,
>
> Here comes the spice patch queue. Nothing major. Most patches make qxl
> robust against guest bugs, by making qxl logging a message and raising
> an error IRQ instead of calling abort(). And a few other bugfixes.
Pulled. Thanks.
Regards,
Anthony Liguori
> please pull,
> Gerd
>
> Alon Levy (12):
> spice: require spice-protocol>= 0.8.1
> spice_info: add mouse_mode
> hw/qxl.c: qxl_phys2virt: replace panics with guest_bug
> qxl: check for NULL return from qxl_phys2virt
> qxl: replace panic with guest bug in qxl_track_command
> qxl: fix> 80 chars line
> qxl: don't abort on guest trigerrable ring indices mismatch
> qxl: cleanup s/__FUNCTION__/__func__/
> qxl: interface_notify_update: remove guest trigerrable abort
> qxl: qxl_add_memslot: remove guest trigerrable panics
> qxl: ioport_write: remove guest trigerrable abort
> qxl: don't assert on guest create_guest_primary
>
> configure | 1 +
> hmp.c | 2 +
> hw/qxl-logger.c | 51 ++++++++++++++-----
> hw/qxl-render.c | 14 ++++-
> hw/qxl.c | 145 +++++++++++++++++++++++++++++++++++++++++-------------
> hw/qxl.h | 6 +-
> qapi-schema.json | 27 ++++++++++-
> ui/spice-core.c | 7 +++
> 8 files changed, 198 insertions(+), 55 deletions(-)
>
> The following changes since commit 58a331bab950e9a12da8b17b57e11927893eaf5e:
>
> Merge remote-tracking branch 'kwolf/for-anthony' into staging (2012-05-02 14:49:53 -0500)
>
> are available in the git repository at:
>
> git://anongit.freedesktop.org/spice/qemu spice.v54
>
> Alon Levy (12):
> spice: require spice-protocol>= 0.8.1
> spice_info: add mouse_mode
> hw/qxl.c: qxl_phys2virt: replace panics with guest_bug
> qxl: check for NULL return from qxl_phys2virt
> qxl: replace panic with guest bug in qxl_track_command
> qxl: fix> 80 chars line
> qxl: don't abort on guest trigerrable ring indices mismatch
> qxl: cleanup s/__FUNCTION__/__func__/
> qxl: interface_notify_update: remove guest trigerrable abort
> qxl: qxl_add_memslot: remove guest trigerrable panics
> qxl: ioport_write: remove guest trigerrable abort
> qxl: don't assert on guest create_guest_primary
>
> configure | 1 +
> hmp.c | 2 +
> hw/qxl-logger.c | 51 ++++++++++++++-----
> hw/qxl-render.c | 14 ++++-
> hw/qxl.c | 145 +++++++++++++++++++++++++++++++++++++++++-------------
> hw/qxl.h | 6 +-
> qapi-schema.json | 27 ++++++++++-
> ui/spice-core.c | 7 +++
> 8 files changed, 198 insertions(+), 55 deletions(-)
>
>
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2012-05-08 16:11 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-05-03 8:53 [Qemu-devel] [PULL 00/12] spice patch queue Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 01/12] spice: require spice-protocol >= 0.8.1 Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 02/12] spice_info: add mouse_mode Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 03/12] hw/qxl.c: qxl_phys2virt: replace panics with guest_bug Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 04/12] qxl: check for NULL return from qxl_phys2virt Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 05/12] qxl: replace panic with guest bug in qxl_track_command Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 06/12] qxl: fix > 80 chars line Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 07/12] qxl: don't abort on guest trigerrable ring indices mismatch Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 08/12] qxl: cleanup s/__FUNCTION__/__func__/ Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 09/12] qxl: interface_notify_update: remove guest trigerrable abort Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 10/12] qxl: qxl_add_memslot: remove guest trigerrable panics Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 11/12] qxl: ioport_write: remove guest trigerrable abort Gerd Hoffmann
2012-05-03 8:53 ` [Qemu-devel] [PATCH 12/12] qxl: don't assert on guest create_guest_primary Gerd Hoffmann
2012-05-08 16:11 ` [Qemu-devel] [PULL 00/12] spice patch queue Anthony Liguori
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).