[qemu] Fix -vga qxl with -display vnc (bz #948717) Fix USB crash when installing reactos (bz #1005495) Don'
Cole Robinson
crobinso at fedoraproject.org
Tue Sep 24 14:17:59 UTC 2013
commit 840b28a1f8805fe2f53d9c78a0bd61dbc5eac302
Author: Cole Robinson <crobinso at redhat.com>
Date: Tue Sep 24 10:17:48 2013 -0400
Fix -vga qxl with -display vnc (bz #948717)
Fix USB crash when installing reactos (bz #1005495)
Don't ship x86 kvm wrapper on arm (bz #1005581)
0007-qxl-fix-local-renderer.patch | 65 ++++++++++++++++++++++
0008-ehci-save-device-pointer-in-EHCIState.patch | 65 ++++++++++++++++++++++
qemu.spec | 20 ++++++-
3 files changed, 148 insertions(+), 2 deletions(-)
---
diff --git a/0007-qxl-fix-local-renderer.patch b/0007-qxl-fix-local-renderer.patch
new file mode 100644
index 0000000..fa226de
--- /dev/null
+++ b/0007-qxl-fix-local-renderer.patch
@@ -0,0 +1,65 @@
+From 909d4a71878f3568b6c636a07d9f4f2c97a5de12 Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel at redhat.com>
+Date: Thu, 5 Sep 2013 21:57:19 +0200
+Subject: [PATCH] qxl: fix local renderer
+
+The local spice renderer assumes the primary surface is located at the
+start of the "ram" bar. This used to be a requirement in qxl hardware
+revision 1. In revision 2+ this is relaxed. Nevertheless guest drivers
+continued to use the traditional location, for historical and backward
+compatibility reasons. The qxl kms driver doesn't though as it depends
+on qxl revision 4+ anyway.
+
+Result is that local rendering is hosed for recent linux guests, you'll
+get pixel garbage with non-spice ui (gtk, sdl, vnc) and when doing
+screendumps. Fix that by doing a proper mapping of the guest-specified
+memory location.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=948717
+
+Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
+(cherry picked from commit c58c7b959b93b864a27fd6b3646ee1465ab8832b)
+---
+ hw/display/qxl-render.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/hw/display/qxl-render.c b/hw/display/qxl-render.c
+index 269b1a7..d34b0c4 100644
+--- a/hw/display/qxl-render.c
++++ b/hw/display/qxl-render.c
+@@ -31,10 +31,6 @@ static void qxl_blit(PCIQXLDevice *qxl, QXLRect *rect)
+ if (is_buffer_shared(surface)) {
+ return;
+ }
+- if (!qxl->guest_primary.data) {
+- trace_qxl_render_blit_guest_primary_initialized();
+- qxl->guest_primary.data = memory_region_get_ram_ptr(&qxl->vga.vram);
+- }
+ trace_qxl_render_blit(qxl->guest_primary.qxl_stride,
+ rect->left, rect->right, rect->top, rect->bottom);
+ src = qxl->guest_primary.data;
+@@ -104,7 +100,12 @@ static void qxl_render_update_area_unlocked(PCIQXLDevice *qxl)
+
+ if (qxl->guest_primary.resized) {
+ qxl->guest_primary.resized = 0;
+- qxl->guest_primary.data = memory_region_get_ram_ptr(&qxl->vga.vram);
++ qxl->guest_primary.data = qxl_phys2virt(qxl,
++ qxl->guest_primary.surface.mem,
++ MEMSLOT_GROUP_GUEST);
++ if (!qxl->guest_primary.data) {
++ return;
++ }
+ qxl_set_rect_to_surface(qxl, &qxl->dirty[0]);
+ qxl->num_dirty_rects = 1;
+ trace_qxl_render_guest_primary_resized(
+@@ -128,6 +129,10 @@ static void qxl_render_update_area_unlocked(PCIQXLDevice *qxl)
+ }
+ dpy_gfx_replace_surface(vga->con, surface);
+ }
++
++ if (!qxl->guest_primary.data) {
++ return;
++ }
+ for (i = 0; i < qxl->num_dirty_rects; i++) {
+ if (qemu_spice_rect_is_empty(qxl->dirty+i)) {
+ break;
diff --git a/0008-ehci-save-device-pointer-in-EHCIState.patch b/0008-ehci-save-device-pointer-in-EHCIState.patch
new file mode 100644
index 0000000..0168d9c
--- /dev/null
+++ b/0008-ehci-save-device-pointer-in-EHCIState.patch
@@ -0,0 +1,65 @@
+From f0679fb95d2c1b9597b83184309e70cc3c3e3b1d Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel at redhat.com>
+Date: Mon, 9 Sep 2013 10:18:17 +0200
+Subject: [PATCH] ehci: save device pointer in EHCIState
+
+We'll need a pointer to the actual pci/sysbus device,
+stick a pointer to it into the EHCIState struct.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1005495
+
+Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
+(cherry picked from commit adbecc89731cf3e0ae656d50ea9fa58c589c4bdc)
+---
+ hw/usb/hcd-ehci.c | 7 +++----
+ hw/usb/hcd-ehci.h | 1 +
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
+index 010a0d0..e9fb20c 100644
+--- a/hw/usb/hcd-ehci.c
++++ b/hw/usb/hcd-ehci.c
+@@ -1241,13 +1241,11 @@ static int ehci_init_transfer(EHCIPacket *p)
+ {
+ uint32_t cpage, offset, bytes, plen;
+ dma_addr_t page;
+- USBBus *bus = &p->queue->ehci->bus;
+- BusState *qbus = BUS(bus);
+
+ cpage = get_field(p->qtd.token, QTD_TOKEN_CPAGE);
+ bytes = get_field(p->qtd.token, QTD_TOKEN_TBYTES);
+ offset = p->qtd.bufptr[0] & ~QTD_BUFPTR_MASK;
+- qemu_sglist_init(&p->sgl, qbus->parent, 5, p->queue->ehci->as);
++ qemu_sglist_init(&p->sgl, p->queue->ehci->device, 5, p->queue->ehci->as);
+
+ while (bytes > 0) {
+ if (cpage > 4) {
+@@ -1486,7 +1484,7 @@ static int ehci_process_itd(EHCIState *ehci,
+ return -1;
+ }
+
+- qemu_sglist_init(&ehci->isgl, DEVICE(ehci), 2, ehci->as);
++ qemu_sglist_init(&ehci->isgl, ehci->device, 2, ehci->as);
+ if (off + len > 4096) {
+ /* transfer crosses page border */
+ uint32_t len2 = off + len - 4096;
+@@ -2529,6 +2527,7 @@ void usb_ehci_realize(EHCIState *s, DeviceState *dev, Error **errp)
+
+ s->frame_timer = qemu_new_timer_ns(vm_clock, ehci_frame_timer, s);
+ s->async_bh = qemu_bh_new(ehci_frame_timer, s);
++ s->device = dev;
+
+ qemu_register_reset(ehci_reset, s);
+ qemu_add_vm_change_state_handler(usb_ehci_vm_state_change, s);
+diff --git a/hw/usb/hcd-ehci.h b/hw/usb/hcd-ehci.h
+index 15a28e8..065c9fa 100644
+--- a/hw/usb/hcd-ehci.h
++++ b/hw/usb/hcd-ehci.h
+@@ -255,6 +255,7 @@ typedef QTAILQ_HEAD(EHCIQueueHead, EHCIQueue) EHCIQueueHead;
+
+ struct EHCIState {
+ USBBus bus;
++ DeviceState *device;
+ qemu_irq irq;
+ MemoryRegion mem;
+ AddressSpace *as;
diff --git a/qemu.spec b/qemu.spec
index 6a644df..11201f2 100644
--- a/qemu.spec
+++ b/qemu.spec
@@ -104,7 +104,6 @@
%global system_arm kvm
%global kvm_package system-arm
%global kvm_target arm
-%global need_qemu_kvm 1
%endif
%if %{with kvmonly}
@@ -140,7 +139,7 @@
Summary: QEMU is a FAST! processor emulator
Name: qemu
Version: 1.6.0
-Release: 7%{?dist}
+Release: 8%{?dist}
Epoch: 2
License: GPLv2+ and LGPLv2+ and BSD
Group: Development/Tools
@@ -193,6 +192,12 @@ Patch0003: 0003-isapc-disable-kvmvapic.patch
Patch0004: 0004-pci-do-not-export-pci_bus_reset.patch
Patch0005: 0005-qdev-allow-both-pre-and-post-order-vists-in-qdev-wal.patch
Patch0006: 0006-qdev-switch-reset-to-post-order.patch
+# Fix -vga qxl with -display vnc (bz #948717)
+# Patch posted upstream
+Patch0007: 0007-qxl-fix-local-renderer.patch
+# Fix USB crash when installing reactos (bz #1005495)
+# Patch posted upstream
+Patch0008: 0008-ehci-save-device-pointer-in-EHCIState.patch
BuildRequires: SDL-devel
BuildRequires: zlib-devel
@@ -717,6 +722,12 @@ CAC emulation development files.
%patch0004 -p1
%patch0005 -p1
%patch0006 -p1
+# Fix -vga qxl with -display vnc (bz #948717)
+# Patch posted upstream
+%patch0007 -p1
+# Fix USB crash when installing reactos (bz #1005495)
+# Patch posted upstream
+%patch0008 -p1
%build
@@ -1425,6 +1436,11 @@ getent passwd qemu >/dev/null || \
%endif
%changelog
+* Tue Sep 24 2013 Cole Robinson <crobinso at redhat.com> - 2:1.6.0-8
+- Fix -vga qxl with -display vnc (bz #948717)
+- Fix USB crash when installing reactos (bz #1005495)
+- Don't ship x86 kvm wrapper on arm (bz #1005581)
+
* Thu Sep 12 2013 Dan HorĂ¡k <dan[at]danny.cz> - 2:1.6.0-7
- Enable TCG interpreter for s390 as the native backend supports 64-bit only
- Don't require RDMA on s390(x)
More information about the scm-commits
mailing list