From e01b61963faf810ceee1f15c97ec3a2210112c47 Mon Sep 17 00:00:00 2001 From: Weifeng Liu Date: Mon, 14 Jul 2025 22:17:54 +0800 Subject: [PATCH 1/5] gtk: Skip drawing if console surface is NULL MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In gtk draw/render callbacks, add an early NULL check for the console surface and skip drawing if it's NULL. Otherwise, attempting to fetch its width and height crash. This change fixes Coverity CID 1610328. In practice, this case wouldn't happen at all because we always install a placeholder surface to the console when there is nothing to display. Resolves: Coverity CID 1610328 Signed-off-by: Weifeng Liu Reviewed-by: Akihiko Odaki Reviewed-by: Marc-André Lureau Message-ID: <20250714141758.10062-1-weifeng.liu.z@gmail.com> --- ui/gtk-egl.c | 5 +---- ui/gtk-gl-area.c | 5 +---- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/ui/gtk-egl.c b/ui/gtk-egl.c index 0b787bea25..ae9239999c 100644 --- a/ui/gtk-egl.c +++ b/ui/gtk-egl.c @@ -72,7 +72,7 @@ void gd_egl_draw(VirtualConsole *vc) #endif int ww, wh, pw, ph, gs; - if (!vc->gfx.gls) { + if (!vc->gfx.gls || !vc->gfx.ds) { return; } @@ -112,9 +112,6 @@ void gd_egl_draw(VirtualConsole *vc) } #endif } else { - if (!vc->gfx.ds) { - return; - } eglMakeCurrent(qemu_egl_display, vc->gfx.esurface, vc->gfx.esurface, vc->gfx.ectx); diff --git a/ui/gtk-gl-area.c b/ui/gtk-gl-area.c index 8151cc413c..05fc38096e 100644 --- a/ui/gtk-gl-area.c +++ b/ui/gtk-gl-area.c @@ -48,7 +48,7 @@ void gd_gl_area_draw(VirtualConsole *vc) int fbw, fbh; int wx_offset, wy_offset; - if (!vc->gfx.gls) { + if (!vc->gfx.gls || !vc->gfx.ds) { return; } @@ -135,9 +135,6 @@ void gd_gl_area_draw(VirtualConsole *vc) } #endif } else { - if (!vc->gfx.ds) { - return; - } gtk_gl_area_make_current(GTK_GL_AREA(vc->gfx.drawing_area)); surface_gl_setup_viewport(vc->gfx.gls, vc->gfx.ds, pw, ph); From e7ecb533ee0dbfbe30c90abb213247f4943a9a12 Mon Sep 17 00:00:00 2001 From: Mohamed Akram Date: Mon, 29 Sep 2025 15:42:24 +0000 Subject: [PATCH 2/5] ui/spice: Fix abort on macOS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The check is faulty because the thread variable was assigned in the main thread while the main loop runs in a different thread on macOS. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3070 Signed-off-by: Mohamed Akram Acked-by: Marc-André Lureau Message-ID: --- ui/spice-core.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/ui/spice-core.c b/ui/spice-core.c index 5992f9daec..2645e96ef6 100644 --- a/ui/spice-core.c +++ b/ui/spice-core.c @@ -50,8 +50,6 @@ static int spice_migration_completed; static int spice_display_is_running; static int spice_have_target_host; -static QemuThread me; - struct SpiceTimer { QEMUTimer *timer; }; @@ -222,7 +220,7 @@ static void channel_event(int event, SpiceChannelEventInfo *info) * thread and grab the BQL if so before calling qemu * functions. */ - bool need_lock = !qemu_thread_is_self(&me); + bool need_lock = !bql_locked(); if (need_lock) { bql_lock(); } @@ -675,8 +673,6 @@ static void qemu_spice_init(void) spice_wan_compression_t wan_compr; bool seamless_migration; - qemu_thread_get_self(&me); - if (!opts) { return; } From 62fd247a24290dba2b2de4ee8575624a7993973c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= Date: Wed, 3 Sep 2025 23:38:18 +0400 Subject: [PATCH 3/5] ui/spice: fix crash when disabling GL scanout on MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When spice_qxl_gl_scanout2() isn't available, the fallback code incorrectly handles NULL arguments to disable the scanout, leading to: Program terminated with signal SIGSEGV, Segmentation fault. #0 spice_server_gl_scanout (qxl=0x55a25ce57ae8, fd=0x0, width=0, height=0, offset=0x0, stride=0x0, num_planes=0, format=0, modifier=72057594037927935, y_0_top=0) at ../ui/spice-display.c:983 983 if (num_planes <= 1) { Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2391334 Fixes: 98a050ca93afd8 ("ui/spice: support multi plane dmabuf scanout") Signed-off-by: Marc-André Lureau Reviewed-by: Daniel P. Berrangé Reviewed-by: Michael Tokarev Message-Id: <20250903193818.2460914-1-marcandre.lureau@redhat.com> --- ui/spice-display.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ui/spice-display.c b/ui/spice-display.c index 669832c561..db71e866f8 100644 --- a/ui/spice-display.c +++ b/ui/spice-display.c @@ -980,7 +980,9 @@ static void spice_server_gl_scanout(QXLInstance *qxl, spice_qxl_gl_scanout2(qxl, fd, width, height, offset, stride, num_planes, format, modifier, y_0_top); #else - if (num_planes <= 1) { + if (fd == NULL) { + spice_qxl_gl_scanout(qxl, -1, 0, 0, 0, 0, false); + } else if (num_planes <= 1) { spice_qxl_gl_scanout(qxl, fd[0], width, height, stride[0], format, y_0_top); } else { error_report("SPICE server does not support multi plane GL scanout"); From 15421f71137b4a1b6bab8c12257b013dae1aebb8 Mon Sep 17 00:00:00 2001 From: Nir Lichtman Date: Wed, 10 Sep 2025 11:49:29 +0000 Subject: [PATCH 4/5] ui/sdl2: fix reset scaling binding to be consistent with gtk Problem: Currently the reset scaling hotkey is inconsistent between SDL and GTK graphics modes. Solution: Fix SDL to use MOD+0 instead of MOD+u which is in line with GTK and generally more consistent with other apps. This is also related to my previously sent patch fixing the docs. Suggested-by: Gerd Hoffmann Signed-off-by: Nir Lichtman Reviewed-by: Thomas Huth Message-ID: <20250910114929.GA1783677@lichtman.org> --- ui/sdl2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ui/sdl2.c b/ui/sdl2.c index b00e421f7f..032dc14bc3 100644 --- a/ui/sdl2.c +++ b/ui/sdl2.c @@ -421,7 +421,7 @@ static void handle_keydown(SDL_Event *ev) sdl_grab_end(scon); } break; - case SDL_SCANCODE_U: + case SDL_SCANCODE_0: sdl2_window_resize(scon); if (!scon->opengl) { /* re-create scon->texture */ From 9163424c50981dbc4ded9990228ac01a3b193656 Mon Sep 17 00:00:00 2001 From: Thomas Huth Date: Tue, 30 Sep 2025 09:14:18 +0200 Subject: [PATCH 5/5] ui/icons/qemu.svg: Add metadata information (author, license) to the logo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We've got two versions of the QEMU logo in the repository, one with the whole word "QEMU" (pc-bios/qemu_logo.svg) and one that only contains the letter "Q" (ui/icons/qemu.svg). While qemu_logo.svg contains the proper metadata with license and author information, this is missing from the ui/icons/qemu.svg file. Copy the meta data there so that people have a chance to know the license of the file if they only look at the qemu.svg file. Closes: https://gitlab.com/qemu-project/qemu/-/issues/3139 Signed-off-by: Thomas Huth Reviewed-by: Marc-André Lureau Message-ID: <20250930071419.117592-1-thuth@redhat.com> --- ui/icons/qemu.svg | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/ui/icons/qemu.svg b/ui/icons/qemu.svg index 24ca23a1e9..f2500de339 100644 --- a/ui/icons/qemu.svg +++ b/ui/icons/qemu.svg @@ -918,7 +918,26 @@ image/svg+xml - + Kew the Angry Emu + + + Benoît Canet + + + + + CC BY 3.0 + + + + + QEMU Community + + + 2012-02-15 + + https://lists.gnu.org/archive/html/qemu-devel/2012-02/msg02865.html