| Message ID | 1466432945-28682-7-git-send-email-pbonzini@redhat.com |
|---|---|
| State | New |
| Headers | show |
Tested-by: Bret Ketchum <bcketchum@gmail.com> On Mon, Jun 20, 2016 at 9:29 AM, Paolo Bonzini <pbonzini@redhat.com> wrote: > Otherwise, this can cause serial_xmit to be entered with LSR.TEMT=0, > which is invalid and causes an assertion failure. > > Reported-by: Bret Ketchum <bcketchum@gmail.com> > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> > --- > hw/char/serial.c | 16 ++++++++++++---- > 1 file changed, 12 insertions(+), 4 deletions(-) > > diff --git a/hw/char/serial.c b/hw/char/serial.c > index d232473..7c196e2 100644 > --- a/hw/char/serial.c > +++ b/hw/char/serial.c > @@ -228,6 +228,7 @@ static gboolean serial_watch_cb(GIOChannel *chan, GIOCondition cond, > void *opaque) > { > SerialState *s = opaque; > + s->watch_tag = 0; > serial_xmit(s); > return FALSE; > } > @@ -258,10 +259,12 @@ static void serial_xmit(SerialState *s) > if (s->mcr & UART_MCR_LOOP) { > /* in loopback mode, say that we just received a char */ > serial_receive1(s, &s->tsr, 1); > - } else if (qemu_chr_fe_write(s->chr, &s->tsr, 1) != 1) { > - if (s->tsr_retry < MAX_XMIT_RETRY && > - qemu_chr_fe_add_watch(s->chr, G_IO_OUT|G_IO_HUP, > - serial_watch_cb, s) > 0) { > + } else if (qemu_chr_fe_write(s->chr, &s->tsr, 1) != 1 && > + s->tsr_retry < MAX_XMIT_RETRY) { > + assert(s->watch_tag == 0); > + s->watch_tag = qemu_chr_fe_add_watch(s->chr, G_IO_OUT|G_IO_HUP, > + serial_watch_cb, s); > + if (s->watch_tag > 0) { > s->tsr_retry++; > return; > } > @@ -834,6 +837,11 @@ static void serial_reset(void *opaque) > { > SerialState *s = opaque; > > + if (s->watch_tag > 0) { > + g_source_remove(s->watch_tag); > + s->watch_tag = 0; > + } > + > s->rbr = 0; > s->ier = 0; > s->iir = UART_IIR_NO_INT; > -- > 2.5.5 >
* Paolo Bonzini (pbonzini@redhat.com) wrote: > Otherwise, this can cause serial_xmit to be entered with LSR.TEMT=0, > which is invalid and causes an assertion failure. Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> > Reported-by: Bret Ketchum <bcketchum@gmail.com> > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> > --- > hw/char/serial.c | 16 ++++++++++++---- > 1 file changed, 12 insertions(+), 4 deletions(-) > > diff --git a/hw/char/serial.c b/hw/char/serial.c > index d232473..7c196e2 100644 > --- a/hw/char/serial.c > +++ b/hw/char/serial.c > @@ -228,6 +228,7 @@ static gboolean serial_watch_cb(GIOChannel *chan, GIOCondition cond, > void *opaque) > { > SerialState *s = opaque; > + s->watch_tag = 0; > serial_xmit(s); > return FALSE; > } > @@ -258,10 +259,12 @@ static void serial_xmit(SerialState *s) > if (s->mcr & UART_MCR_LOOP) { > /* in loopback mode, say that we just received a char */ > serial_receive1(s, &s->tsr, 1); > - } else if (qemu_chr_fe_write(s->chr, &s->tsr, 1) != 1) { > - if (s->tsr_retry < MAX_XMIT_RETRY && > - qemu_chr_fe_add_watch(s->chr, G_IO_OUT|G_IO_HUP, > - serial_watch_cb, s) > 0) { > + } else if (qemu_chr_fe_write(s->chr, &s->tsr, 1) != 1 && > + s->tsr_retry < MAX_XMIT_RETRY) { > + assert(s->watch_tag == 0); > + s->watch_tag = qemu_chr_fe_add_watch(s->chr, G_IO_OUT|G_IO_HUP, > + serial_watch_cb, s); > + if (s->watch_tag > 0) { > s->tsr_retry++; > return; > } > @@ -834,6 +837,11 @@ static void serial_reset(void *opaque) > { > SerialState *s = opaque; > > + if (s->watch_tag > 0) { > + g_source_remove(s->watch_tag); > + s->watch_tag = 0; > + } > + > s->rbr = 0; > s->ier = 0; > s->iir = UART_IIR_NO_INT; > -- > 2.5.5 > -- Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
diff --git a/hw/char/serial.c b/hw/char/serial.c index d232473..7c196e2 100644 --- a/hw/char/serial.c +++ b/hw/char/serial.c @@ -228,6 +228,7 @@ static gboolean serial_watch_cb(GIOChannel *chan, GIOCondition cond, void *opaque) { SerialState *s = opaque; + s->watch_tag = 0; serial_xmit(s); return FALSE; } @@ -258,10 +259,12 @@ static void serial_xmit(SerialState *s) if (s->mcr & UART_MCR_LOOP) { /* in loopback mode, say that we just received a char */ serial_receive1(s, &s->tsr, 1); - } else if (qemu_chr_fe_write(s->chr, &s->tsr, 1) != 1) { - if (s->tsr_retry < MAX_XMIT_RETRY && - qemu_chr_fe_add_watch(s->chr, G_IO_OUT|G_IO_HUP, - serial_watch_cb, s) > 0) { + } else if (qemu_chr_fe_write(s->chr, &s->tsr, 1) != 1 && + s->tsr_retry < MAX_XMIT_RETRY) { + assert(s->watch_tag == 0); + s->watch_tag = qemu_chr_fe_add_watch(s->chr, G_IO_OUT|G_IO_HUP, + serial_watch_cb, s); + if (s->watch_tag > 0) { s->tsr_retry++; return; } @@ -834,6 +837,11 @@ static void serial_reset(void *opaque) { SerialState *s = opaque; + if (s->watch_tag > 0) { + g_source_remove(s->watch_tag); + s->watch_tag = 0; + } + s->rbr = 0; s->ier = 0; s->iir = UART_IIR_NO_INT;
Otherwise, this can cause serial_xmit to be entered with LSR.TEMT=0, which is invalid and causes an assertion failure. Reported-by: Bret Ketchum <bcketchum@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> --- hw/char/serial.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-)