The command ring and cursor rings are pushed to by the guest, and
cleared asynchronously by qemu's spice thread. It is easy to have
them non empty by bad guest behaviour, and we must never abort on bad
guest behaviour.
Signed-off-by: Alon Levy <al...@redhat.com>
---
hw/display/qxl.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/hw/display/qxl.c b/hw/display/qxl.c
index 47bbf1f..abe7a18 100644
--- a/hw/display/qxl.c
+++ b/hw/display/qxl.c
@@ -1111,8 +1111,12 @@ static void qxl_check_state(PCIQXLDevice *d)
QXLRam *ram = d->ram;
int spice_display_running = qemu_spice_display_is_running(&d->ssd);
- assert(!spice_display_running || SPICE_RING_IS_EMPTY(&ram->cmd_ring));
- assert(!spice_display_running || SPICE_RING_IS_EMPTY(&ram->cursor_ring));
+ if (spice_display_running && !SPICE_RING_IS_EMPTY(&ram->cmd_ring)) {
+ fprintf(stderr, "qxl: cmd ring not empty on reset\n");
+ }
+ if (spice_display_running && !SPICE_RING_IS_EMPTY(&ram->cursor_ring)) {
+ fprintf(stderr, "qxl: cursor ring not empty on reset\n");
+ }
}
static void qxl_reset_state(PCIQXLDevice *d)
--
1.8.5.3
