qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [RFC] Break cross migration from qemu-1.5 to qemu-2.1.

From: Dr. David Alan Gilbert
Subject: Re: [Qemu-devel] [RFC] Break cross migration from qemu-1.5 to qemu-2.1. because of input/hid rewriting
Date: Fri, 21 Nov 2014 15:16:47 +0000
User-agent: Mutt/1.5.23 (2014-03-12) 
* Gonglei (address@hidden) wrote:
> Hi, Gerd
> 
> I encounter a problem that breaking  migration from qemu-1.5 to qemu-2.1.
> The error message as below:
>  qemu-system-x86_64: hw/input/hid.c:121: hid_pointer_event: Assertion `hs->n 
> < 16' failed.
> Qemu assert in hid_pointer_event().

What is your test to reproduce this?

Dave

> I get the value of hs->n which is 16 by  reproduction. And the code of 
> qemu-1.5 :
> 
> static void hid_pointer_event(void *opaque,
>                               int x1, int y1, int z1, int buttons_state)
> {
>     HIDState *hs = opaque;
>     unsigned use_slot = (hs->head + hs->n - 1) & QUEUE_MASK;
>     unsigned previous_slot = (use_slot - 1) & QUEUE_MASK;
> 
>     if (hs->n == QUEUE_LENGTH) {
>         /* Queue full.  Discard old button state, combine motion normally.  */
>         hs->ptr.queue[use_slot].buttons_state = buttons_state;
>     }
> 
> Which indicate it is legal when hs->n == QUEUE_LENGTH.
> 
> But now:
> static void hid_pointer_event(DeviceState *dev, QemuConsole *src,
>                               InputEvent *evt)
> {
>     static const int bmap[INPUT_BUTTON_MAX] = {
>         [INPUT_BUTTON_LEFT]   = 0x01,
>         [INPUT_BUTTON_RIGHT]  = 0x02,
>         [INPUT_BUTTON_MIDDLE] = 0x04,
>     };
>     HIDState *hs = (HIDState *)dev;
>     HIDPointerEvent *e;
> 
>     assert(hs->n < QUEUE_LENGTH);
>     e = &hs->ptr.queue[(hs->head + hs->n) & QUEUE_MASK];
> ...
> 
> static void hid_pointer_sync(DeviceState *dev)
> {
>     HIDState *hs = (HIDState *)dev;
>     HIDPointerEvent *prev, *curr, *next;
>     bool event_compression = false;
> 
>     if (hs->n == QUEUE_LENGTH-1) {
>         /*
>          * Queue full.  We are losing information, but we at least
>          * keep track of most recent button state.
>          */
>         return;
>     }
> 
> What about this patch:
> 
> diff --git a/hw/input/hid.c b/hw/input/hid.c
> index 148c003..56e0637 100644
> --- a/hw/input/hid.c
> +++ b/hw/input/hid.c
> @@ -116,7 +116,7 @@ static void hid_pointer_event(DeviceState *dev, 
> QemuConsole *src,
>      HIDState *hs = (HIDState *)dev;
>      HIDPointerEvent *e;
> 
> -    assert(hs->n < QUEUE_LENGTH);
> +    assert(hs->n <= QUEUE_LENGTH);
>      e = &hs->ptr.queue[(hs->head + hs->n) & QUEUE_MASK];
> 
>      switch (evt->kind) {
> 
> Best regards,
> -Gonglei
> 
--
Dr. David Alan Gilbert / address@hidden / Manchester, UK
reply via email to
[Prev in Thread] Current Thread [Next in Thread]