1. 31 Jan, 2017 2 commits
  2. 27 Jan, 2017 6 commits
  3. 12 Jan, 2017 1 commit
  4. 10 Jan, 2017 3 commits
  5. 24 Dec, 2016 4 commits
  6. 01 Nov, 2016 1 commit
  7. 30 Oct, 2016 3 commits
  8. 28 Oct, 2016 2 commits
  9. 24 Oct, 2016 7 commits
  10. 17 Oct, 2016 2 commits
  11. 22 Sep, 2016 1 commit
    • Lin Ma's avatar
      msmouse: Fix segfault caused by free the chr before chardev cleanup. · 9e14037f
      Lin Ma authored
      Segfault happens when leaving qemu with msmouse backend:
       #0  0x00007fa8526ac975 in raise () at /lib64/libc.so.6
       #1  0x00007fa8526add8a in abort () at /lib64/libc.so.6
       #2  0x0000558be78846ab in error_exit (err=16, msg=0x558be799da10 ...
       #3  0x0000558be7884717 in qemu_mutex_destroy (mutex=0x558be93be750) at ...
       #4  0x0000558be7549951 in qemu_chr_free_common (chr=0x558be93be750) at ...
       #5  0x0000558be754999c in qemu_chr_free (chr=0x558be93be750) at ...
       #6  0x0000558be7549a20 in qemu_chr_delete (chr=0x558be93be750) at ...
       #7  0x0000558be754a8ef in qemu_chr_cleanup () at qemu-char.c:4643
       #8  0x0000558be755843e in main (argc=5, argv=0x7ffe925d7118, ...
      The chr was freed by msmouse close callback before chardev cleanup,
      Then qemu_mutex_destroy triggered raise().
      Because freeing chr is handled by qemu_chr_free_common, Remove the free from
      msmouse_chr_close to avoid double free.
      Fixes: c1111a24
      Cc: qemu-stable@nongnu.org
      Signed-off-by: 's avatarLin Ma <lma@suse.com>
      Message-Id: <20160915143158.4796-1-lma@suse.com>
      Signed-off-by: 's avatarPaolo Bonzini <pbonzini@redhat.com>
  12. 14 Sep, 2016 1 commit
  13. 13 Sep, 2016 1 commit
    • Daniel P. Berrange's avatar
      hw: replace most use of qemu_chr_fe_write with qemu_chr_fe_write_all · 6ab3fc32
      Daniel P. Berrange authored
      The qemu_chr_fe_write method will return -1 on EAGAIN if the
      chardev backend write would block. Almost no callers of the
      qemu_chr_fe_write() method check the return value, instead
      blindly assuming data was successfully sent. In most cases
      this will lead to silent data loss on interactive consoles,
      but in some cases (eg RNG EGD) it'll just cause corruption
      of the protocol being spoken.
      We unfortunately can't fix the virtio-console code, due to
      a bug in the Linux guest drivers, which would cause the
      entire Linux kernel to hang if we delay processing of the
      incoming data in any way. Fixing this requires first fixing
      the guest driver to not hold spinlocks while writing to the
      hvc device backend.
      Fixes bug: https://bugs.launchpad.net/qemu/+bug/1586756Signed-off-by: 's avatarDaniel P. Berrange <berrange@redhat.com>
      Message-Id: <1473170165-540-4-git-send-email-berrange@redhat.com>
      Signed-off-by: 's avatarPaolo Bonzini <pbonzini@redhat.com>
  14. 02 Aug, 2016 1 commit
  15. 13 Jul, 2016 2 commits
  16. 12 Jul, 2016 3 commits
    • Gerd Hoffmann's avatar
      msmouse: send short messages if possible. · d7b7f526
      Gerd Hoffmann authored
      Keep track of button changes.  Send the extended 4-byte messages for
      three button mice only in case we have something to report for the
      middle button.  Use the short 3-byte messages (original protocol for
      two-button microsoft mouse) otherwise.
      Signed-off-by: 's avatarGerd Hoffmann <kraxel@redhat.com>
      Message-id: 1467625375-31774-5-git-send-email-kraxel@redhat.com
    • Gerd Hoffmann's avatar
      msmouse: switch to new input interface · 96d7c072
      Gerd Hoffmann authored
      Signed-off-by: 's avatarGerd Hoffmann <kraxel@redhat.com>
      Message-id: 1467625375-31774-4-git-send-email-kraxel@redhat.com
    • Gerd Hoffmann's avatar
      msmouse: fix buffer handling · 57a4e3b9
      Gerd Hoffmann authored
      The msmouse chardev backend writes data without checking whenever there
      is enough space.
      That happens to work with linux guests, probably by pure luck because
      the linux driver enables the fifo and the serial port emulation accepts
      more data than announced via qemu_chr_be_can_write() in that case.
      Handle this properly by adding a buffer to MouseState.  Hook up a
      CharDriverState->accept_input() handler which feeds the buffer to the
      serial port.  msmouse_event() only fills the buffer now, and calls the
      accept_input handler too to kick off the transmission.
      Signed-off-by: 's avatarGerd Hoffmann <kraxel@redhat.com>
      Acked-by: 's avatarPaolo Bonzini <pbonzini@redhat.com>
      Message-id: 1467625375-31774-3-git-send-email-kraxel@redhat.com