diff options
Diffstat (limited to 'hw/display')
| -rw-r--r-- | hw/display/cirrus_vga.c | 11 | ||||
| -rw-r--r-- | hw/display/framebuffer.c | 2 | ||||
| -rw-r--r-- | hw/display/milkymist-tmu2.c | 2 | ||||
| -rw-r--r-- | hw/display/ssd0303.c | 4 | ||||
| -rw-r--r-- | hw/display/virtio-gpu-3d.c | 13 | ||||
| -rw-r--r-- | hw/display/virtio-gpu.c | 82 | ||||
| -rw-r--r-- | hw/display/xlnx_dp.c | 4 |
7 files changed, 87 insertions, 31 deletions
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c index bdb092ee9d..379910db2d 100644 --- a/hw/display/cirrus_vga.c +++ b/hw/display/cirrus_vga.c @@ -294,7 +294,7 @@ static bool blit_region_is_unsafe(struct CirrusVGAState *s, return false; } -static bool blit_is_unsafe(struct CirrusVGAState *s) +static bool blit_is_unsafe(struct CirrusVGAState *s, bool dst_only) { /* should be the case, see cirrus_bitblt_start */ assert(s->cirrus_blt_width > 0); @@ -308,6 +308,9 @@ static bool blit_is_unsafe(struct CirrusVGAState *s) s->cirrus_blt_dstaddr & s->cirrus_addr_mask)) { return true; } + if (dst_only) { + return false; + } if (blit_region_is_unsafe(s, s->cirrus_blt_srcpitch, s->cirrus_blt_srcaddr & s->cirrus_addr_mask)) { return true; @@ -673,7 +676,7 @@ static int cirrus_bitblt_common_patterncopy(CirrusVGAState * s, dst = s->vga.vram_ptr + (s->cirrus_blt_dstaddr & s->cirrus_addr_mask); - if (blit_is_unsafe(s)) + if (blit_is_unsafe(s, false)) return 0; (*s->cirrus_rop) (s, dst, src, @@ -691,7 +694,7 @@ static int cirrus_bitblt_solidfill(CirrusVGAState *s, int blt_rop) { cirrus_fill_t rop_func; - if (blit_is_unsafe(s)) { + if (blit_is_unsafe(s, true)) { return 0; } rop_func = cirrus_fill[rop_to_index[blt_rop]][s->cirrus_blt_pixelwidth - 1]; @@ -795,7 +798,7 @@ static int cirrus_do_copy(CirrusVGAState *s, int dst, int src, int w, int h) static int cirrus_bitblt_videotovideo_copy(CirrusVGAState * s) { - if (blit_is_unsafe(s)) + if (blit_is_unsafe(s, false)) return 0; return cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->vga.start_addr, diff --git a/hw/display/framebuffer.c b/hw/display/framebuffer.c index df51358e72..25aa46c8c7 100644 --- a/hw/display/framebuffer.c +++ b/hw/display/framebuffer.c @@ -78,7 +78,7 @@ void framebuffer_update_display( i = *first_row; *first_row = -1; - src_len = src_width * rows; + src_len = (hwaddr)src_width * rows; mem = mem_section->mr; if (!mem) { diff --git a/hw/display/milkymist-tmu2.c b/hw/display/milkymist-tmu2.c index 5c666f9b24..920374b985 100644 --- a/hw/display/milkymist-tmu2.c +++ b/hw/display/milkymist-tmu2.c @@ -257,7 +257,7 @@ static void tmu2_start(MilkymistTMU2State *s) glColor4f(m, m, m, (float)(s->regs[R_ALPHA] + 1) / 64.0f); /* Read the QEMU dest. framebuffer into the OpenGL framebuffer */ - fb_len = 2 * s->regs[R_DSTHRES] * s->regs[R_DSTVRES]; + fb_len = 2ULL * s->regs[R_DSTHRES] * s->regs[R_DSTVRES]; fb = cpu_physical_memory_map(s->regs[R_DSTFBUF], &fb_len, 0); if (fb == NULL) { glDeleteTextures(1, &texture); diff --git a/hw/display/ssd0303.c b/hw/display/ssd0303.c index d3017563f3..68a80b9d64 100644 --- a/hw/display/ssd0303.c +++ b/hw/display/ssd0303.c @@ -179,7 +179,7 @@ static int ssd0303_send(I2CSlave *i2c, uint8_t data) return 0; } -static void ssd0303_event(I2CSlave *i2c, enum i2c_event event) +static int ssd0303_event(I2CSlave *i2c, enum i2c_event event) { ssd0303_state *s = SSD0303(i2c); @@ -193,6 +193,8 @@ static void ssd0303_event(I2CSlave *i2c, enum i2c_event event) /* Nothing to do. */ break; } + + return 0; } static void ssd0303_update_display(void *opaque) diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c index 23f39de94d..f96a0c2e59 100644 --- a/hw/display/virtio-gpu-3d.c +++ b/hw/display/virtio-gpu-3d.c @@ -291,8 +291,11 @@ static void virgl_resource_attach_backing(VirtIOGPU *g, return; } - virgl_renderer_resource_attach_iov(att_rb.resource_id, - res_iovs, att_rb.nr_entries); + ret = virgl_renderer_resource_attach_iov(att_rb.resource_id, + res_iovs, att_rb.nr_entries); + + if (ret != 0) + virtio_gpu_cleanup_mapping_iov(res_iovs, att_rb.nr_entries); } static void virgl_resource_detach_backing(VirtIOGPU *g, @@ -371,8 +374,12 @@ static void virgl_cmd_get_capset(VirtIOGPU *g, virgl_renderer_get_cap_set(gc.capset_id, &max_ver, &max_size); - resp = g_malloc(sizeof(*resp) + max_size); + if (!max_size) { + cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER; + return; + } + resp = g_malloc0(sizeof(*resp) + max_size); resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET; virgl_renderer_fill_caps(gc.capset_id, gc.capset_version, diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c index 5f32e1aae9..444ca064c1 100644 --- a/hw/display/virtio-gpu.c +++ b/hw/display/virtio-gpu.c @@ -28,6 +28,8 @@ static struct virtio_gpu_simple_resource* virtio_gpu_find_resource(VirtIOGPU *g, uint32_t resource_id); +static void virtio_gpu_cleanup_mapping(struct virtio_gpu_simple_resource *res); + #ifdef CONFIG_VIRGL #include <virglrenderer.h> #define VIRGL(_g, _virgl, _simple, ...) \ @@ -338,10 +340,14 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g, cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER; return; } - res->image = pixman_image_create_bits(pformat, - c2d.width, - c2d.height, - NULL, 0); + + res->hostmem = PIXMAN_FORMAT_BPP(pformat) * c2d.width * c2d.height; + if (res->hostmem + g->hostmem < g->conf.max_hostmem) { + res->image = pixman_image_create_bits(pformat, + c2d.width, + c2d.height, + NULL, 0); + } if (!res->image) { qemu_log_mask(LOG_GUEST_ERROR, @@ -353,13 +359,16 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g, } QTAILQ_INSERT_HEAD(&g->reslist, res, next); + g->hostmem += res->hostmem; } static void virtio_gpu_resource_destroy(VirtIOGPU *g, struct virtio_gpu_simple_resource *res) { pixman_image_unref(res->image); + virtio_gpu_cleanup_mapping(res); QTAILQ_REMOVE(&g->reslist, res, next); + g->hostmem -= res->hostmem; g_free(res); } @@ -705,6 +714,11 @@ virtio_gpu_resource_attach_backing(VirtIOGPU *g, return; } + if (res->iov) { + cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; + return; + } + ret = virtio_gpu_create_mapping_iov(&ab, cmd, &res->addrs, &res->iov); if (ret != 0) { cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; @@ -989,7 +1003,8 @@ static const VMStateDescription vmstate_virtio_gpu_scanouts = { }, }; -static void virtio_gpu_save(QEMUFile *f, void *opaque, size_t size) +static int virtio_gpu_save(QEMUFile *f, void *opaque, size_t size, + VMStateField *field, QJSON *vmdesc) { VirtIOGPU *g = opaque; struct virtio_gpu_simple_resource *res; @@ -1014,9 +1029,12 @@ static void virtio_gpu_save(QEMUFile *f, void *opaque, size_t size) qemu_put_be32(f, 0); /* end of list */ vmstate_save_state(f, &vmstate_virtio_gpu_scanouts, g, NULL); + + return 0; } -static int virtio_gpu_load(QEMUFile *f, void *opaque, size_t size) +static int virtio_gpu_load(QEMUFile *f, void *opaque, size_t size, + VMStateField *field) { VirtIOGPU *g = opaque; struct virtio_gpu_simple_resource *res; @@ -1024,6 +1042,8 @@ static int virtio_gpu_load(QEMUFile *f, void *opaque, size_t size) uint32_t resource_id, pformat; int i; + g->hostmem = 0; + resource_id = qemu_get_be32(f); while (resource_id != 0) { res = g_new0(struct virtio_gpu_simple_resource, 1); @@ -1036,15 +1056,19 @@ static int virtio_gpu_load(QEMUFile *f, void *opaque, size_t size) /* allocate */ pformat = get_pixman_format(res->format); if (!pformat) { + g_free(res); return -EINVAL; } res->image = pixman_image_create_bits(pformat, res->width, res->height, NULL, 0); if (!res->image) { + g_free(res); return -EINVAL; } + res->hostmem = PIXMAN_FORMAT_BPP(pformat) * res->width * res->height; + res->addrs = g_new(uint64_t, res->iov_cnt); res->iov = g_new(struct iovec, res->iov_cnt); @@ -1062,11 +1086,22 @@ static int virtio_gpu_load(QEMUFile *f, void *opaque, size_t size) res->iov[i].iov_base = cpu_physical_memory_map(res->addrs[i], &len, 1); if (!res->iov[i].iov_base || len != res->iov[i].iov_len) { + /* Clean up the half-a-mapping we just created... */ + if (res->iov[i].iov_base) { + cpu_physical_memory_unmap(res->iov[i].iov_base, + len, 0, 0); + } + /* ...and the mappings for previous loop iterations */ + res->iov_cnt = i; + virtio_gpu_cleanup_mapping(res); + pixman_image_unref(res->image); + g_free(res); return -EINVAL; } } QTAILQ_INSERT_HEAD(&g->reslist, res, next); + g->hostmem += res->hostmem; resource_id = qemu_get_be32(f); } @@ -1101,6 +1136,7 @@ static void virtio_gpu_device_realize(DeviceState *qdev, Error **errp) VirtIODevice *vdev = VIRTIO_DEVICE(qdev); VirtIOGPU *g = VIRTIO_GPU(qdev); bool have_virgl; + Error *local_err = NULL; int i; if (g->conf.max_outputs > VIRTIO_GPU_MAX_SCANOUTS) { @@ -1108,14 +1144,6 @@ static void virtio_gpu_device_realize(DeviceState *qdev, Error **errp) return; } - g->config_size = sizeof(struct virtio_gpu_config); - g->virtio_config.num_scanouts = g->conf.max_outputs; - virtio_init(VIRTIO_DEVICE(g), "virtio-gpu", VIRTIO_ID_GPU, - g->config_size); - - g->req_state[0].width = 1024; - g->req_state[0].height = 768; - g->use_virgl_renderer = false; #if !defined(CONFIG_VIRGL) || defined(HOST_WORDS_BIGENDIAN) have_virgl = false; @@ -1127,6 +1155,24 @@ static void virtio_gpu_device_realize(DeviceState *qdev, Error **errp) } if (virtio_gpu_virgl_enabled(g->conf)) { + error_setg(&g->migration_blocker, "virgl is not yet migratable"); + migrate_add_blocker(g->migration_blocker, &local_err); + if (local_err) { + error_propagate(errp, local_err); + error_free(g->migration_blocker); + return; + } + } + + g->config_size = sizeof(struct virtio_gpu_config); + g->virtio_config.num_scanouts = g->conf.max_outputs; + virtio_init(VIRTIO_DEVICE(g), "virtio-gpu", VIRTIO_ID_GPU, + g->config_size); + + g->req_state[0].width = 1024; + g->req_state[0].height = 768; + + if (virtio_gpu_virgl_enabled(g->conf)) { /* use larger control queue in 3d mode */ g->ctrl_vq = virtio_add_queue(vdev, 256, virtio_gpu_handle_ctrl_cb); g->cursor_vq = virtio_add_queue(vdev, 16, virtio_gpu_handle_cursor_cb); @@ -1152,11 +1198,6 @@ static void virtio_gpu_device_realize(DeviceState *qdev, Error **errp) dpy_gfx_replace_surface(g->scanout[i].con, NULL); } } - - if (virtio_gpu_virgl_enabled(g->conf)) { - error_setg(&g->migration_blocker, "virgl is not yet migratable"); - migrate_add_blocker(g->migration_blocker); - } } static void virtio_gpu_device_unrealize(DeviceState *qdev, Error **errp) @@ -1241,6 +1282,8 @@ static const VMStateDescription vmstate_virtio_gpu = { static Property virtio_gpu_properties[] = { DEFINE_PROP_UINT32("max_outputs", VirtIOGPU, conf.max_outputs, 1), + DEFINE_PROP_SIZE("max_hostmem", VirtIOGPU, conf.max_hostmem, + 256 * 1024 * 1024), #ifdef CONFIG_VIRGL DEFINE_PROP_BIT("virgl", VirtIOGPU, conf.flags, VIRTIO_GPU_FLAG_VIRGL_ENABLED, true), @@ -1266,6 +1309,7 @@ static void virtio_gpu_class_init(ObjectClass *klass, void *data) dc->props = virtio_gpu_properties; dc->vmsd = &vmstate_virtio_gpu; + dc->hotpluggable = false; } static const TypeInfo virtio_gpu_info = { diff --git a/hw/display/xlnx_dp.c b/hw/display/xlnx_dp.c index f43eb09304..f7b7b80c68 100644 --- a/hw/display/xlnx_dp.c +++ b/hw/display/xlnx_dp.c @@ -555,7 +555,7 @@ static void xlnx_dp_recreate_surface(XlnxDPState *s) if ((width != 0) && (height != 0)) { /* * As dpy_gfx_replace_surface calls qemu_free_displaysurface on the - * surface we need to be carefull and don't free the surface associated + * surface we need to be careful and don't free the surface associated * to the console or double free will happen. */ if (s->bout_plane.surface != current_console_surface) { @@ -1160,7 +1160,7 @@ static void xlnx_dp_update_display(void *opaque) */ if (!xlnx_dpdma_start_operation(s->dpdma, 3, false)) { /* - * An error occured don't do anything with the data.. + * An error occurred don't do anything with the data.. * Trigger an underflow interrupt. */ s->core_registers[DP_INT_STATUS] |= (1 << 21); |