Changeset 1681 in vbox

Timestamp:

Mar 23, 2007 2:45:10 PM (18 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

19817

Message:

Implemented HGCM save/load state

Location:

trunk/src/VBox

Files:

• Devices/VMMDev/VBoxDev.cpp (modified) (11 diffs)
• Devices/VMMDev/VMMDevHGCM.cpp (modified) (9 diffs)
• Devices/VMMDev/VMMDevHGCM.h (modified) (1 diff)
• Devices/VMMDev/VMMDevState.h (modified) (2 diffs)
• Main/ConsoleImpl.cpp (modified) (3 diffs)
• Main/Makefile (modified) (1 diff)
• Main/VMMDevInterface.cpp (modified) (14 diffs)
• Main/hgcm/HGCM.cpp (modified) (19 diffs)
• Main/hgcm/HGCMObjects.cpp (modified) (10 diffs)
• Main/hgcm/HGCMThread.cpp (modified) (7 diffs)
• Main/include/VMMDev.h (modified) (2 diffs)
• Main/include/hgcm/HGCM.h (modified) (2 diffs)
• Main/include/hgcm/HGCMObjects.h (modified) (2 diffs)
• Main/include/hgcm/HGCMThread.h (modified) (2 diffs)

trunk/src/VBox/Devices/VMMDev/VBoxDev.cpp

@@ -22 +22 @@
 
 /* #define LOG_ENABLED */
-
-#define TIMESYNC_BACKDOOR
 
 #include <stdio.h>
@@ -904 +902 @@
                 Log(("VMMDevReq_HGCMConnect\n"));
 
-                requestHeader->rc = vmmdevHGCMConnect (pData, pHGCMConnect);
+                requestHeader->rc = vmmdevHGCMConnect (pData, pHGCMConnect, (RTGCPHYS)u32);
             }
             break;
@@ -926 +924 @@
 
                 Log(("VMMDevReq_VMMDevHGCMDisconnect\n"));
-                requestHeader->rc = vmmdevHGCMDisconnect (pData, pHGCMDisconnect);
+                requestHeader->rc = vmmdevHGCMDisconnect (pData, pHGCMDisconnect, (RTGCPHYS)u32);
             }
             break;
@@ -951 +949 @@
                 Log(("%.*Vhxd\n", requestHeader->size, requestHeader));
 
-                requestHeader->rc = vmmdevHGCMCall (pData, pHGCMCall);
+                requestHeader->rc = vmmdevHGCMCall (pData, pHGCMCall, (RTGCPHYS)u32);
             }
             break;
@@ -1473 +1471 @@
 
 
-#define VMMDEV_SSM_VERSION 2
+#define VMMDEV_SSM_VERSION 3
 
 /**
@@ -1492 +1490 @@
     SSMR3PutBool(pSSMHandle, pData->fNewGuestFilterMask);
     SSMR3PutU32(pSSMHandle, pData->u32NewGuestFilterMask);
+    SSMR3PutU32(pSSMHandle, pData->u32GuestFilterMask);
     SSMR3PutU32(pSSMHandle, pData->u32HostEventFlags);
     // here be dragons (probably)
@@ -1500 +1499 @@
     SSMR3PutU32(pSSMHandle, pData->fu32AdditionsOk);
     SSMR3PutU32(pSSMHandle, pData->u32VideoAccelEnabled);
+
+#ifdef VBOX_HGCM
+    vmmdevHGCMSaveState (pData, pSSMHandle);
+#endif /* VBOX_HGCM */
+
     return VINF_SUCCESS;
 }
@@ -1523 +1527 @@
     SSMR3GetBool(pSSMHandle, &pData->fNewGuestFilterMask);
     SSMR3GetU32(pSSMHandle, &pData->u32NewGuestFilterMask);
+    SSMR3GetU32(pSSMHandle, &pData->u32GuestFilterMask);
     SSMR3GetU32(pSSMHandle, &pData->u32HostEventFlags);
 //    SSMR3GetBool(pSSMHandle, &pData->pVMMDevRAMHC->fHaveEvents);
@@ -1531 +1536 @@
     SSMR3GetU32(pSSMHandle, &pData->fu32AdditionsOk);
     SSMR3GetU32(pSSMHandle, &pData->u32VideoAccelEnabled);
+
+#ifdef VBOX_HGCM
+    vmmdevHGCMLoadState (pData, pSSMHandle);
+#endif /* VBOX_HGCM */
 
     /*
@@ -1558 +1567 @@
 {
     VMMDevState *pData = PDMINS2DATA(pDevIns, VMMDevState*);
+
+#ifdef VBOX_HGCM
+    vmmdevHGCMLoadStateDone (pData, pSSMHandle);
+#endif /* VBOX_HGCM */
 
     VMMDevNotifyGuest (pData, VMMDEV_EVENT_RESTORED);
@@ -1718 +1731 @@
         AssertMsgFailed(("VMMDev SUPPageAlloc(%#x,) -> %d\n", VMMDEV_RAM_SIZE, rc));
     }
+    
+#ifdef VBOX_HGCM
+    rc = RTCritSectInit(&pData->critsectHGCMCmdList);
+    AssertRC(rc);
+#endif /* VBOX_HGCM */
 
     /* initialize the VMMDev memory */

trunk/src/VBox/Devices/VMMDev/VMMDevHGCM.cpp

@@ -57 +57 @@
 struct VBOXHGCMCMD
 {
+    /* Active commands, list is protected by critsectHGCMCmdList. */
+    struct VBOXHGCMCMD *pNext;
+    struct VBOXHGCMCMD *pPrev;
+    
+    /* GC ptr of the command header. */
+    RTGCPHYS GCPtr;
+
     /* Pointer to guest request. */
     VMMDevHGCMRequestHeader *pHeader;
@@ -62 +69 @@
     /* Pointer to converted host parameters in case of a Call request. */
     VBOXHGCMSVCPARM *paHostParms;
-    
+
     /* Linear pointer parameters information. */
     int cLinPtrs;
-    
+
     /* Pointer to descriptions of linear pointers.  */
     VBOXHGCMLINPTR *paLinPtrs;
 };
+
+static int vmmdevHGCMCmdListLock (VMMDevState *pVMMDevState)
+{
+    int rc = RTCritSectEnter (&pVMMDevState->critsectHGCMCmdList);
+    AssertRC (rc);
+    return rc;
+}
+
+static void vmmdevHGCMCmdListUnlock (VMMDevState *pVMMDevState)
+{
+    int rc = RTCritSectLeave (&pVMMDevState->critsectHGCMCmdList);
+    AssertRC (rc);
+}
+
+static int vmmdevHGCMAddCommand (VMMDevState *pVMMDevState, PVBOXHGCMCMD pCmd, RTGCPHYS GCPtr)
+{
+    PPDMDEVINS pDevIns = pVMMDevState->pDevIns;
+
+    int rc = vmmdevHGCMCmdListLock (pVMMDevState);
+    
+    if (VBOX_SUCCESS (rc))
+    {
+        LogFlowFunc(("%p\n", pCmd));
+
+        /* Insert at the head of the list. The vmmdevHGCMLoadStateDone depends on this. */
+        pCmd->pNext = pVMMDevState->pHGCMCmdList;
+        pCmd->pPrev = NULL;
+        
+        if (pVMMDevState->pHGCMCmdList)
+        {
+            pVMMDevState->pHGCMCmdList->pPrev = pCmd;
+        }
+        
+        pVMMDevState->pHGCMCmdList = pCmd;
+        
+        pCmd->GCPtr = GCPtr;
+
+        vmmdevHGCMCmdListUnlock (pVMMDevState);
+    }
+    
+    return rc;
+}
+
+static int vmmdevHGCMRemoveCommand (VMMDevState *pVMMDevState, PVBOXHGCMCMD pCmd)
+{
+    PPDMDEVINS pDevIns = pVMMDevState->pDevIns;
+
+    int rc = vmmdevHGCMCmdListLock (pVMMDevState);
+    
+    if (VBOX_SUCCESS (rc))
+    {
+        LogFlowFunc(("%p\n", pCmd));
+
+        if (pCmd->pNext)
+        {
+            pCmd->pNext->pPrev = pCmd->pPrev;
+        }
+        else
+        {
+           /* Tail, do nothing. */
+        }
+        
+        if (pCmd->pPrev)
+        {
+            pCmd->pPrev->pNext = pCmd->pNext;
+        }
+        else
+        {
+            pVMMDevState->pHGCMCmdList = pCmd->pNext;
+        }
+
+        vmmdevHGCMCmdListUnlock (pVMMDevState);
+    }
+    
+    return rc;
+}
 
 static int vmmdevHGCMSaveLinPtr (PPDMDEVINS pDevIns,
@@ -183 +266 @@
 }
 
-int vmmdevHGCMConnect (VMMDevState *pVMMDevState, VMMDevHGCMConnect *pHGCMConnect)
+int vmmdevHGCMConnect (VMMDevState *pVMMDevState, VMMDevHGCMConnect *pHGCMConnect, RTGCPHYS GCPtr)
 {
     int rc = VINF_SUCCESS;
 
-    PVBOXHGCMCMD pCmd = (PVBOXHGCMCMD)RTMemAlloc (sizeof (struct VBOXHGCMCMD));
+    PVBOXHGCMCMD pCmd = (PVBOXHGCMCMD)RTMemAllocZ (sizeof (struct VBOXHGCMCMD));
 
     if (pCmd)
     {
+        vmmdevHGCMAddCommand (pVMMDevState, pCmd, GCPtr);
+
         pCmd->pHeader = &pHGCMConnect->header;
         pCmd->paHostParms = NULL;
@@ -210 +295 @@
 }
 
-int vmmdevHGCMDisconnect (VMMDevState *pVMMDevState, VMMDevHGCMDisconnect *pHGCMDisconnect)
+int vmmdevHGCMDisconnect (VMMDevState *pVMMDevState, VMMDevHGCMDisconnect *pHGCMDisconnect, RTGCPHYS GCPtr)
 {
     int rc = VINF_SUCCESS;
 
-    PVBOXHGCMCMD pCmd = (PVBOXHGCMCMD)RTMemAlloc (sizeof (struct VBOXHGCMCMD));
+    PVBOXHGCMCMD pCmd = (PVBOXHGCMCMD)RTMemAllocZ (sizeof (struct VBOXHGCMCMD));
 
     if (pCmd)
     {
+        vmmdevHGCMAddCommand (pVMMDevState, pCmd, GCPtr);
+
         pCmd->pHeader = &pHGCMDisconnect->header;
         pCmd->paHostParms = NULL;
@@ -234 +321 @@
 
 
-int vmmdevHGCMCall (VMMDevState *pVMMDevState, VMMDevHGCMCall *pHGCMCall)
+int vmmdevHGCMCall (VMMDevState *pVMMDevState, VMMDevHGCMCall *pHGCMCall, RTGCPHYS GCPtr)
 {
     int rc = VINF_SUCCESS;
@@ -271 +358 @@
             case VMMDevHGCMParmType_LinAddr_Out: /* Out (write) */
             case VMMDevHGCMParmType_LinAddr:     /* In & Out */
-#if 0
-            case VMMDevHGCMParmType_Virt16Addr:
-            case VMMDevHGCMParmType_VirtAddr:
-#endif
             {
                 cbCmdSize += pGuestParm->u.Pointer.size;
@@ -313 +396 @@
     }
 
+    memset (pCmd, 0, sizeof (*pCmd));
+    
     pCmd->pHeader     = &pHGCMCall->header;
     pCmd->paHostParms = NULL;
@@ -446 +531 @@
     if (VBOX_SUCCESS (rc))
     {
+        vmmdevHGCMAddCommand (pVMMDevState, pCmd, GCPtr);
+
         /* Pass the function call to HGCM connector for actual processing */
         rc = pVMMDevState->pHGCMDrv->pfnCall (pVMMDevState->pHGCMDrv, pCmd, pHGCMCall->u32ClientID, pHGCMCall->u32Function, cParms, pCmd->paHostParms);
@@ -472 +559 @@
     VMMDevState *pVMMDevState = PDMIHGCMPORT_2_VMMDEVSTATE(pInterface);
 
-    /* Setup return codes. */
-    pHeader->result = result;
-
-    /* Update parameters and data buffers. */
-
-    if (pHeader->header.requestType == VMMDevReq_HGCMCall)
-    {
-        VMMDevHGCMCall *pHGCMCall = (VMMDevHGCMCall *)pHeader;
-
-        uint32_t cParms = pHGCMCall->cParms;
-
-        HGCMFunctionParameter *pGuestParm = VMMDEV_HGCM_CALL_PARMS(pHGCMCall);
-
-        VBOXHGCMSVCPARM *pHostParm = pCmd->paHostParms;
-
-        uint32_t i;
-        uint32_t iLinPtr = 0;
-
-        for (i = 0; i < cParms; i++, pGuestParm++, pHostParm++)
-        {
-            switch (pGuestParm->type)
+    if (result != VINF_HGCM_SAVE_STATE)
+    {
+        /* Setup return codes. */
+        pHeader->result = result;
+
+        /* Update parameters and data buffers. */
+
+        if (pHeader->header.requestType == VMMDevReq_HGCMCall)
+        {
+            VMMDevHGCMCall *pHGCMCall = (VMMDevHGCMCall *)pHeader;
+
+            uint32_t cParms = pHGCMCall->cParms;
+
+            HGCMFunctionParameter *pGuestParm = VMMDEV_HGCM_CALL_PARMS(pHGCMCall);
+
+            VBOXHGCMSVCPARM *pHostParm = pCmd->paHostParms;
+
+            uint32_t i;
+            uint32_t iLinPtr = 0;
+
+            for (i = 0; i < cParms; i++, pGuestParm++, pHostParm++)
             {
-                case VMMDevHGCMParmType_32bit:
+                switch (pGuestParm->type)
                 {
-                    pGuestParm->u.value32 = pHostParm->u.uint32;
-                } break;
-
-                case VMMDevHGCMParmType_64bit:
-                {
-                    pGuestParm->u.value64 = pHostParm->u.uint64;
-                } break;
-
-                case VMMDevHGCMParmType_PhysAddr:
-                {
-                    /* do nothing */
-                } break;
-
-                case VMMDevHGCMParmType_LinAddr_In:  /* In (read) */
-                case VMMDevHGCMParmType_LinAddr_Out: /* Out (write) */
-                case VMMDevHGCMParmType_LinAddr:     /* In & Out */
-                {
-                    /* Copy buffer back to guest memory. */
-                    uint32_t size = pGuestParm->u.Pointer.size;
-
-                    if (size > 0 && pGuestParm->type != VMMDevHGCMParmType_LinAddr_In)
+                    case VMMDevHGCMParmType_32bit:
                     {
-                        /* Use the saved page list. */
-                        rc = vmmdevHGCMWriteLinPtr (pVMMDevState->pDevIns, i, pHostParm->u.pointer.addr, size, iLinPtr++, pCmd->paLinPtrs);
-
-//                        RTGCPTR linearAddr = pGuestParm->u.Pointer.u.linearAddr;
-//
-//                        rc = pVMMDevState->pDevIns->pDevHlp->pfnPhysWriteGCVirt (pVMMDevState->pDevIns,
-//                                                                                 linearAddr,
-//                                                                                 pHostParm->u.pointer.addr,
-//                                                                                 size);
-                        AssertReleaseRC(rc);
+                        pGuestParm->u.value32 = pHostParm->u.uint32;
+                    } break;
+
+                    case VMMDevHGCMParmType_64bit:
+                    {
+                        pGuestParm->u.value64 = pHostParm->u.uint64;
+                    } break;
+
+                    case VMMDevHGCMParmType_PhysAddr:
+                    {
+                        /* do nothing */
+                    } break;
+
+                    case VMMDevHGCMParmType_LinAddr_In:  /* In (read) */
+                    case VMMDevHGCMParmType_LinAddr_Out: /* Out (write) */
+                    case VMMDevHGCMParmType_LinAddr:     /* In & Out */
+                    {
+                        /* Copy buffer back to guest memory. */
+                        uint32_t size = pGuestParm->u.Pointer.size;
+
+                        if (size > 0 && pGuestParm->type != VMMDevHGCMParmType_LinAddr_In)
+                        {
+                            /* Use the saved page list. */
+                            rc = vmmdevHGCMWriteLinPtr (pVMMDevState->pDevIns, i, pHostParm->u.pointer.addr, size, iLinPtr++, pCmd->paLinPtrs);
+                            AssertReleaseRC(rc);
+                        }
+                    } break;
+
+                    default:
+                    {
+                        /* This indicates that the guest request memory was corrupted. */
+                        AssertReleaseMsgFailed(("hgcmCompleted: invalid parameter type %08X\n", pGuestParm->type));
                     }
-                } break;
-
-                default:
-                {
-                    /* This indicates that the guest request memory was corrupted. */
-                    AssertReleaseMsgFailed(("hgcmCompleted: invalid parameter type %08X\n", pGuestParm->type));
                 }
             }
         }
-    }
-
-    /* Mark request as processed*/
-    pHeader->fu32Flags |= VBOX_HGCM_REQ_DONE;
-
-    VMMDevNotifyGuest (pVMMDevState, VMMDEV_EVENT_HGCM);
-
-    if (pCmd->paLinPtrs)
-    {
-        RTMemFree (pCmd->paLinPtrs);
-    }
-        
-    RTMemFree (pCmd);
+
+        /* Mark request as processed*/
+        pHeader->fu32Flags |= VBOX_HGCM_REQ_DONE;
+
+        VMMDevNotifyGuest (pVMMDevState, VMMDEV_EVENT_HGCM);
+
+        /* It it assumed that VMMDev saves state after the HGCM services. */
+        vmmdevHGCMRemoveCommand (pVMMDevState, pCmd);
+
+        if (pCmd->paLinPtrs)
+        {
+            RTMemFree (pCmd->paLinPtrs);
+        }
+        
+        RTMemFree (pCmd);
+    }
 
     return;
 }
+
+/* @thread EMT */
+int vmmdevHGCMSaveState(VMMDevState *pVMMDevState, PSSMHANDLE pSSM)
+{
+    /* Save information about pending requests.
+     * Only GCPtrs are of interest.
+     */
+    int rc = VINF_SUCCESS;
+
+    LogFlowFunc(("\n"));
+
+    /* Compute how many commands are pending. */
+    uint32_t cCmds = 0;
+
+    PVBOXHGCMCMD pIter = pVMMDevState->pHGCMCmdList;
+
+    while (pIter)
+    {
+        LogFlowFunc (("pIter %p\n", pIter));
+        cCmds++;
+        pIter = pIter->pNext;
+    }
+
+    LogFlowFunc(("cCmds = %d\n", cCmds));
+
+    /* Save number of commands. */
+    rc = SSMR3PutU32(pSSM, cCmds);
+    AssertRCReturn(rc, rc);
+
+    if (cCmds > 0)
+    {
+        pIter = pVMMDevState->pHGCMCmdList;
+
+        while (pIter)
+        {
+            PVBOXHGCMCMD pNext = pIter->pNext;
+
+            LogFlowFunc (("Saving %VGp\n", pIter->GCPtr));
+            rc = SSMR3PutGCPtr(pSSM, pIter->GCPtr);
+            AssertRCReturn(rc, rc);
+
+            vmmdevHGCMRemoveCommand (pVMMDevState, pIter);
+
+            pIter = pNext;
+        }
+    }
+
+    return rc;
+}
+
+/* @thread EMT */
+int vmmdevHGCMLoadState(VMMDevState *pVMMDevState, PSSMHANDLE pSSM)
+{
+    int rc = VINF_SUCCESS;
+
+    LogFlowFunc(("\n"));
+
+    /* Read how many commands were pending. */
+    uint32_t cCmds = 0;
+    rc = SSMR3GetU32(pSSM, &cCmds);
+    AssertRCReturn(rc, rc);
+
+    LogFlowFunc(("cCmds = %d\n", cCmds));
+
+    while (cCmds--)
+    {
+        RTGCPHYS GCPtr;
+        rc = SSMR3GetGCPtr(pSSM, &GCPtr);
+        AssertRCReturn(rc, rc);
+
+        LogFlowFunc (("Restoring %VGp\n", GCPtr));
+
+        PVBOXHGCMCMD pCmd = (PVBOXHGCMCMD)RTMemAllocZ (sizeof (struct VBOXHGCMCMD));
+        AssertReturn(pCmd, VERR_NO_MEMORY);
+
+        vmmdevHGCMAddCommand (pVMMDevState, pCmd, GCPtr);
+    }
+
+    return rc;
+}
+
+/* @thread EMT */
+int vmmdevHGCMLoadStateDone(VMMDevState *pVMMDevState, PSSMHANDLE pSSM)
+{
+    LogFlowFunc(("\n"));
+
+    /* Reissue pending requests. */
+    PPDMDEVINS pDevIns = pVMMDevState->pDevIns;
+
+    int rc = vmmdevHGCMCmdListLock (pVMMDevState);
+
+    if (VBOX_SUCCESS (rc))
+    {
+        PVBOXHGCMCMD pIter = pVMMDevState->pHGCMCmdList;
+
+        while (pIter)
+        {
+            LogFlowFunc (("pIter %p\n", pIter));
+
+            PVBOXHGCMCMD pNext = pIter->pNext;
+
+            VMMDevRequestHeader *requestHeader = NULL;
+            rc = PDMDevHlpPhys2HCVirt(pDevIns, pIter->GCPtr, 0, (PRTHCPTR)&requestHeader);
+
+            if (VBOX_FAILURE(rc) || !requestHeader)
+            {
+                AssertMsgFailed(("VMMDev::LoadStateDone: could not convert guest physical address to host virtual!!! rc = %Vrc\n", rc));
+            }
+            else
+            {
+                /* the structure size must be greater or equal to the header size */
+                if (requestHeader->size < sizeof(VMMDevRequestHeader))
+                {
+                    Log(("VMMDev request header size too small! size = %d\n", requestHeader->size));
+                }
+                else
+                {
+                    /* check the version of the header structure */
+                    if (requestHeader->version != VMMDEV_REQUEST_HEADER_VERSION)
+                    {
+                        Log(("VMMDev: guest header version (0x%08X) differs from ours (0x%08X)\n", requestHeader->version, VMMDEV_REQUEST_HEADER_VERSION));
+                    }
+                    else
+                    {
+                        Log(("VMMDev request issued: %d\n", requestHeader->requestType));
+
+                        switch (requestHeader->requestType)
+                        {
+                            case VMMDevReq_HGCMConnect:
+                            {
+                                if (requestHeader->size < sizeof(VMMDevHGCMConnect))
+                                {
+                                    AssertMsgFailed(("VMMDevReq_HGCMConnect structure has invalid size!\n"));
+                                    requestHeader->rc = VERR_INVALID_PARAMETER;
+                                }
+                                else if (!pVMMDevState->pHGCMDrv)
+                                {
+                                    Log(("VMMDevReq_HGCMConnect HGCM Connector is NULL!\n"));
+                                    requestHeader->rc = VERR_NOT_SUPPORTED;
+                                }
+                                else
+                                {
+                                    VMMDevHGCMConnect *pHGCMConnect = (VMMDevHGCMConnect *)requestHeader;
+
+                                    Log(("VMMDevReq_HGCMConnect\n"));
+
+                                    requestHeader->rc = vmmdevHGCMConnect (pVMMDevState, pHGCMConnect, pIter->GCPtr);
+                                }
+                                break;
+                            }
+
+                            case VMMDevReq_HGCMDisconnect:
+                            {
+                                if (requestHeader->size < sizeof(VMMDevHGCMDisconnect))
+                                {
+                                    AssertMsgFailed(("VMMDevReq_HGCMDisconnect structure has invalid size!\n"));
+                                    requestHeader->rc = VERR_INVALID_PARAMETER;
+                                }
+                                else if (!pVMMDevState->pHGCMDrv)
+                                {
+                                    Log(("VMMDevReq_HGCMDisconnect HGCM Connector is NULL!\n"));
+                                    requestHeader->rc = VERR_NOT_SUPPORTED;
+                                }
+                                else
+                                {
+                                    VMMDevHGCMDisconnect *pHGCMDisconnect = (VMMDevHGCMDisconnect *)requestHeader;
+
+                                    Log(("VMMDevReq_VMMDevHGCMDisconnect\n"));
+                                    requestHeader->rc = vmmdevHGCMDisconnect (pVMMDevState, pHGCMDisconnect, pIter->GCPtr);
+                                }
+                                break;
+                            }
+
+                            case VMMDevReq_HGCMCall:
+                            {
+                                if (requestHeader->size < sizeof(VMMDevHGCMCall))
+                                {
+                                    AssertMsgFailed(("VMMDevReq_HGCMCall structure has invalid size!\n"));
+                                    requestHeader->rc = VERR_INVALID_PARAMETER;
+                                }
+                                else if (!pVMMDevState->pHGCMDrv)
+                                {
+                                    Log(("VMMDevReq_HGCMCall HGCM Connector is NULL!\n"));
+                                    requestHeader->rc = VERR_NOT_SUPPORTED;
+                                }
+                                else
+                                {
+                                    VMMDevHGCMCall *pHGCMCall = (VMMDevHGCMCall *)requestHeader;
+
+                                    Log(("VMMDevReq_HGCMCall: sizeof (VMMDevHGCMRequest) = %04X\n", sizeof (VMMDevHGCMCall)));
+
+                                    Log(("%.*Vhxd\n", requestHeader->size, requestHeader));
+
+                                    requestHeader->rc = vmmdevHGCMCall (pVMMDevState, pHGCMCall, pIter->GCPtr);
+                                }
+                                break;
+                            }
+                            default:
+                               AssertReleaseFailed();
+                        }
+                    }
+                }
+            }
+
+            vmmdevHGCMRemoveCommand (pVMMDevState, pIter);
+            pIter = pNext;
+        }
+
+        vmmdevHGCMCmdListUnlock (pVMMDevState);
+    }
+    
+    return rc;
+}

trunk/src/VBox/Devices/VMMDev/VMMDevHGCM.h

@@ -32 +32 @@
 
 __BEGIN_DECLS
-DECLCALLBACK(int) vmmdevHGCMConnect (VMMDevState *pVMMDevState, VMMDevHGCMConnect *pHGCMConnect);
-DECLCALLBACK(int) vmmdevHGCMDisconnect (VMMDevState *pVMMDevState, VMMDevHGCMDisconnect *pHGCMDisconnect);
-DECLCALLBACK(int) vmmdevHGCMCall (VMMDevState *pVMMDevState, VMMDevHGCMCall *pHGCMCall);
+DECLCALLBACK(int) vmmdevHGCMConnect (VMMDevState *pVMMDevState, VMMDevHGCMConnect *pHGCMConnect, RTGCPHYS GCPtr);
+DECLCALLBACK(int) vmmdevHGCMDisconnect (VMMDevState *pVMMDevState, VMMDevHGCMDisconnect *pHGCMDisconnect, RTGCPHYS GCPtr);
+DECLCALLBACK(int) vmmdevHGCMCall (VMMDevState *pVMMDevState, VMMDevHGCMCall *pHGCMCall, RTGCPHYS GCPtr);
 
 DECLCALLBACK(void) hgcmCompleted (PPDMIHGCMPORT pInterface, int32_t result, PVBOXHGCMCMD pCmdPtr);
+
+int vmmdevHGCMSaveState(VMMDevState *pVMMDevState, PSSMHANDLE pSSM);
+int vmmdevHGCMLoadState(VMMDevState *pVMMDevState, PSSMHANDLE pSSM);
+int vmmdevHGCMLoadStateDone(VMMDevState *pVMMDevState, PSSMHANDLE pSSM);
 __END_DECLS
 

trunk/src/VBox/Devices/VMMDev/VMMDevState.h

@@ -28 +28 @@
 
 #include <VBox/pdm.h>
+
+#define TIMESYNC_BACKDOOR
 
 /** device structure containing all state information */
@@ -137 +139 @@
     bool fBackdoorLogDisabled;
 
+#ifdef VBOX_HGCM
+    /** List of pending HGCM requests, used for saving the HGCM state. */
+    PVBOXHGCMCMD pHGCMCmdList;
+    /** Critical section to protect the list. */
+    RTCRITSECT critsectHGCMCmdList;
+#endif /* VBOX_HGCM */
+
 } VMMDevState;
 

trunk/src/VBox/Main/ConsoleImpl.cpp

@@ -2005 +2005 @@
 
     /// @todo (r=sander?) should move this into the shared folder class */
-    if (mpVM && mVMMDev->getShFlClientId())
+    if (mpVM && mVMMDev->isShFlActive())
     {
         /*
@@ -2080 +2080 @@
     CheckComRCReturnRC (autoVMCaller.rc());
 
-    if (mpVM && mVMMDev->getShFlClientId())
+    if (mpVM && mVMMDev->isShFlActive())
     {
         /*
@@ -6444 +6444 @@
                 }
 
-                if (console->getVMMDev()->getShFlClientId())
+                if (console->getVMMDev()->isShFlActive())
                 {
                     /// @todo (dmik)

trunk/src/VBox/Main/Makefile

@@ -21 +21 @@
 DEPTH = ../../..
 include $(PATH_KBUILD)/header.kmk
+
+DEFS       += HGCMSS
 
 ifdef VRDP_MC

trunk/src/VBox/Main/VMMDevInterface.cpp

@@ -298 +298 @@
 static DECLCALLBACK(int) iface_hgcmConnect (PPDMIHGCMCONNECTOR pInterface, PVBOXHGCMCMD pCmd, PHGCMSERVICELOCATION pServiceLocation, uint32_t *pu32ClientID)
 {
+    LogFlowFunc(("Enter\n"));
+
     PDRVMAINVMMDEV pDrv = PDMIHGCMCONNECTOR_2_MAINVMMDEV(pInterface);
 
@@ -305 +307 @@
 static DECLCALLBACK(int) iface_hgcmDisconnect (PPDMIHGCMCONNECTOR pInterface, PVBOXHGCMCMD pCmd, uint32_t u32ClientID)
 {
+    LogFlowFunc(("Enter\n"));
+
     PDRVMAINVMMDEV pDrv = PDMIHGCMCONNECTOR_2_MAINVMMDEV(pInterface);
 
@@ -313 +317 @@
                                          uint32_t cParms, PVBOXHGCMSVCPARM paParms)
 {
+    LogFlowFunc(("Enter\n"));
+
     PDRVMAINVMMDEV pDrv = PDMIHGCMCONNECTOR_2_MAINVMMDEV(pInterface);
 
@@ -327 +333 @@
 static DECLCALLBACK(int) iface_hgcmSave(PPDMDRVINS pDrvIns, PSSMHANDLE pSSM)
 {
+    LogFlowFunc(("Enter\n"));
+
+#ifdef HGCMSS
+    return hgcmSaveStateInternal (pSSM);
+#else
     PDRVMAINVMMDEV pDrv = PDMINS2DATA(pDrvIns, PDRVMAINVMMDEV);
     
@@ -334 +345 @@
 
     return hgcmSaveStateInternal (pDrv->pVMMDev->mSharedFolderClientId, pSSM);
+#endif /* HGCMSS */
 }
 
@@ -347 +359 @@
 static DECLCALLBACK(int) iface_hgcmLoad(PPDMDRVINS pDrvIns, PSSMHANDLE pSSM, uint32_t u32Version)
 {
+    LogFlowFunc(("Enter\n"));
+
+#ifdef HGCMSS
+    if (u32Version != HGCM_SSM_VERSION)
+        return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
+
+    return hgcmLoadStateInternal (pSSM);
+#else
     PDRVMAINVMMDEV pDrv = PDMINS2DATA(pDrvIns, PDRVMAINVMMDEV);
     uint32_t       u32HandleCount;
@@ -385 +405 @@
 
     return hgcmLoadStateInternal (pDrv->pVMMDev->mSharedFolderClientId, pSSM);
+#endif /* HGCMSS */
 }
 
@@ -450 +471 @@
     LogFlow(("VMMDev::drvDestruct: iInstance=%d\n", pDrvIns->iInstance));
 #ifdef VBOX_HGCM
+#ifndef HGCMSS
     /* Unload Shared Folder HGCM service */
     if (pData->pVMMDev->mSharedFolderClientId)
@@ -458 +480 @@
         pData->pVMMDev->hgcmDisconnect(cmd, pData->pVMMDev->getShFlClientId());
     }
+#endif /* !HGCMSS */
 
     hgcmReset ();
@@ -478 +501 @@
     LogFlow(("VMMDev::drvReset: iInstance=%d\n", pDrvIns->iInstance));
 #ifdef VBOX_HGCM
+#ifndef HGCMSS
     /* Unload Shared Folder HGCM service */
     uint64_t     dummy = 0;
@@ -486 +510 @@
         pData->pVMMDev->hgcmDisconnect(cmd, pData->pVMMDev->getShFlClientId());
     }
+#endif /* !HGCMSS */
     
     hgcmReset ();
 
+#ifndef HGCMSS
     if (pData->pVMMDev->mSharedFolderClientId)
     {
@@ -506 +532 @@
         }
     }
+#endif /* !HGCMSS */
 #endif
 }
@@ -592 +619 @@
 #ifdef VBOX_HGCM
 
+#ifdef HGCMSS
+    rc = pData->pVMMDev->hgcmLoadService ("VBoxSharedFolders", "VBoxSharedFolders");
+    pData->pVMMDev->fSharedFolderActive = VBOX_SUCCESS(rc);
+    if (VBOX_SUCCESS(rc))
+    {
+        LogRel(("Shared Folders service loaded.\n"));
+    }
+    else
+    {
+        LogRel(("Failed to load Shared Folders service %Vrc\n", rc));
+    }
+#else
     /* Load Shared Folder HGCM service */
     HGCMSERVICELOCATION loc;
@@ -617 +656 @@
         pData->pVMMDev->mSharedFolderClientId = 0;
     }
+#endif /* HGCMSS */
     pDrvIns->pDrvHlp->pfnSSMRegister(pDrvIns, "HGCM", 0, HGCM_SSM_VERSION, 4096/* bad guess */, NULL, iface_hgcmSave, NULL, NULL, iface_hgcmLoad, NULL);
 #endif

trunk/src/VBox/Main/hgcm/HGCM.cpp

@@ -28 +28 @@
 #include "Logging.h"
 
-#include <string.h>
+#include <malloc.h>
 
 #include "hgcm/HGCM.h"
@@ -98 +98 @@
  */
 
+/* The maximum allowed size of a service name in bytes. */
+#define VBOX_HGCM_SVC_NAME_MAX_BYTES 1024
 
 /** Internal helper service object. HGCM code would use it to
@@ -115 +117 @@
         static HGCMService *sm_pSvcListTail;
 
+#ifdef HGCMSS
+       static int sm_cServices;
+#endif /* HGCMSS */
 
         HGCMTHREADHANDLE m_thread;
@@ -155 +160 @@
 
         static void Reset (void);
+
+#ifdef HGCMSS
+        static int SaveState (PSSMHANDLE pSSM);
+        static int LoadState (PSSMHANDLE pSSM);
+#endif /* HGCMSS */
     
         static int FindService (HGCMService **ppsvc, HGCMServiceLocation *loc);
@@ -165 +175 @@
         void DisconnectAll (void);
 
+#ifdef HGCMSS
+        int CreateAndConnectClient (uint32_t *pu32ClientIdOut, uint32_t u32ClientIdIn);
+#endif /* HGCMSS */
+                    
         int Connect (uint32_t u32ClientID);
         int Disconnect (uint32_t u32ClientID);
@@ -384 +398 @@
 HGCMService *HGCMService::sm_pSvcListHead = NULL;
 HGCMService *HGCMService::sm_pSvcListTail = NULL;
+#ifdef HGCMSS
+int HGCMService::sm_cServices = 0;
+#endif /* HGCMSS */
 
 HGCMService::HGCMService ()
@@ -429 +446 @@
 
 static bool g_fResetting = false;
+static bool g_fSaveState = false;
 
 static DECLCALLBACK(void) hgcmMsgCompletionCallback (int32_t result, HGCMMsgCore *pMsgCore)
@@ -439 +457 @@
     if (pMsgHdr->pHGCMPort && !g_fResetting)
     {
-        pMsgHdr->pHGCMPort->pfnCompleted (pMsgHdr->pHGCMPort, result, pMsgHdr->pCmd);
+        pMsgHdr->pHGCMPort->pfnCompleted (pMsgHdr->pHGCMPort, g_fSaveState? VINF_HGCM_SAVE_STATE: result, pMsgHdr->pCmd);
     }
 
@@ -566 +584 @@
 
                 rc = VINF_SUCCESS;
-                if (pClient && pSvc->m_fntable.pfnLoadState)
+
+                if (pClient)
                 {
-                    rc = pSvc->m_fntable.pfnLoadState (pMsg->u32ClientID, HGCM_CLIENT_DATA(pSvc, pClient), pMsg->pSSM);
+                    if (pSvc->m_fntable.pfnLoadState)
+                    {
+                        rc = pSvc->m_fntable.pfnLoadState (pMsg->u32ClientID, HGCM_CLIENT_DATA(pSvc, pClient), pMsg->pSSM);
+                    }
+
                     hgcmObjDereference (pClient);
                 }
@@ -582 +605 @@
 
                 rc = VINF_SUCCESS;
-                if (pClient && pSvc->m_fntable.pfnSaveState)
+
+                if (pClient)
                 {
-                    rc = pSvc->m_fntable.pfnSaveState (pMsg->u32ClientID, HGCM_CLIENT_DATA(pSvc, pClient), pMsg->pSSM);
+                    if (pSvc->m_fntable.pfnSaveState)
+                    {
+                        g_fSaveState = true;
+                        rc = pSvc->m_fntable.pfnSaveState (pMsg->u32ClientID, HGCM_CLIENT_DATA(pSvc, pClient), pMsg->pSSM);
+                        g_fSaveState = false;
+                    }
+
                     hgcmObjDereference (pClient);
                 }
@@ -688 +718 @@
     RTStrFree (m_pszSvcName);
     m_pszSvcName = NULL;
+    
+    // @todo Adjust the list sm_cServices--;
 
     LogFlow(("HGCMService::InstanceDestroy completed\n"));
@@ -816 +848 @@
                 sm_pSvcListHead = psvc;
                 
+#ifdef HGCMSS
+                sm_cServices++;
+#endif /* HGCMSS */
+                
                 LogFlow(("HGCMService::LoadService: service %p\n", psvc));
             }
@@ -844 +880 @@
     g_fResetting = false;
 }
+
+#ifdef HGCMSS
+/* static */ int HGCMService::SaveState (PSSMHANDLE pSSM)
+{
+    /* Save the current handle count and restore afterwards to avoid client id conflicts. */
+    int rc = SSMR3PutU32(pSSM, hgcmObjQueryHandleCount());
+    AssertRCReturn(rc, rc);
+
+    LogFlowFunc(("%d services to be saved:\n", sm_cServices));
+    
+    /* Save number of services. */
+    rc = SSMR3PutU32(pSSM, sm_cServices);
+    AssertRCReturn(rc, rc);
+
+    /* Save every service. */
+    HGCMService *pSvc = sm_pSvcListHead;
+
+    while (pSvc)
+    {
+        LogFlowFunc(("Saving service [%s]\n", pSvc->m_pszSvcName));
+
+        /* Save the length of the service name. */
+        rc = SSMR3PutU32(pSSM, strlen(pSvc->m_pszSvcName) + 1);
+        AssertRCReturn(rc, rc);
+
+        /* Save the name of the service. */
+        rc = SSMR3PutStrZ(pSSM, pSvc->m_pszSvcName);
+        AssertRCReturn(rc, rc);
+
+        /* Save the number of clients. */
+        rc = SSMR3PutU32(pSSM, pSvc->m_cClients);
+        AssertRCReturn(rc, rc);
+
+        /* Call the service for every client. Normally a service must not have
+         * a global state to be saved: only per client info is relevant.
+         * The global state of a service is configured during VM startup.
+         */
+        int i;
+
+        for (i = 0; i < pSvc->m_cClients; i++)
+        {
+            void *pvState = NULL;
+            uint32_t cbState = 0;
+
+            uint32_t u32ClientID = pSvc->m_paClientIds[i];
+
+            Log(("client id 0x%08X\n", u32ClientID));
+
+            /* Save the client id. */
+            rc = SSMR3PutU32(pSSM, u32ClientID);
+            AssertRCReturn(rc, rc);
+
+            /* Call the service, so the operation is executed by the service thread. */
+            rc = pSvc->SaveState (u32ClientID, pSSM);
+            AssertRCReturn(rc, rc);
+        }
+
+        pSvc = pSvc->m_pSvcNext;
+    }
+
+    return VINF_SUCCESS;
+}
+
+/* static */ int HGCMService::LoadState (PSSMHANDLE pSSM)
+{
+    /* Restore handle count to avoid client id conflicts. */
+    uint32_t u32;
+
+    int rc = SSMR3GetU32(pSSM, &u32);
+    AssertRCReturn(rc, rc);
+
+    hgcmObjSetHandleCount(u32);
+
+    /* Get the number of services. */
+    uint32_t cServices;
+
+    rc = SSMR3GetU32(pSSM, &cServices);
+    AssertRCReturn(rc, rc);
+    
+    LogFlowFunc(("%d services to be restored:\n", cServices));
+
+    while (cServices--)
+    {
+        /* Get the length of the service name. */
+        rc = SSMR3GetU32(pSSM, &u32);
+        AssertRCReturn(rc, rc);
+        AssertReturn(u32 <= VBOX_HGCM_SVC_NAME_MAX_BYTES, VERR_SSM_UNEXPECTED_DATA);
+        
+        char *pszServiceName = (char *)alloca (u32);
+
+        /* Get the service name. */
+        rc = SSMR3GetStrZ(pSSM, pszServiceName, u32);
+        AssertRCReturn(rc, rc);
+        
+        LogFlowFunc(("Restoring service [%s]\n", pszServiceName));
+    
+        /* Resolve the service instance. */
+        HGCMService *pSvc = FindServiceByName (pszServiceName);
+        AssertReturn(pSvc, VERR_SSM_UNEXPECTED_DATA);
+            
+        /* Get the number of clients. */
+        uint32_t cClients;
+        rc = SSMR3GetU32(pSSM, &cClients);
+        AssertRCReturn(rc, rc);
+        
+        while (cClients--)
+        {
+            /* Get the client id. */
+            uint32_t u32ClientID;
+            rc = SSMR3GetU32(pSSM, &u32ClientID);
+            AssertRCReturn(rc, rc);
+
+            /* Connect the client. */
+            rc = pSvc->CreateAndConnectClient (NULL, u32ClientID);
+            AssertRCReturn(rc, rc);
+
+            /* Call the service, so the operation is executed by the service thread. */
+            rc = pSvc->LoadState (u32ClientID, pSSM);
+            AssertRCReturn(rc, rc);
+        }
+    }
+
+    return VINF_SUCCESS;
+}
+#endif /* HGCMSS */
 
 void HGCMService::ReleaseService (void)
@@ -961 +1122 @@
 }
 
+#ifdef HGCMSS
+/* Create a new client instance and connect it to the service.
+ *
+ * @param pu32ClientIdOut If not NULL, then the method must generate a new handle for the client.
+ *                        If NULL, use the given 'u32ClientIdIn' handle.
+ * @param u32ClientIdIn   The handle for the client, when 'pu32ClientIdOut' is NULL.
+ *
+ */
+int HGCMService::CreateAndConnectClient (uint32_t *pu32ClientIdOut, uint32_t u32ClientIdIn)
+{
+    /* Allocate a client information structure */
+    HGCMClient *pClient = new HGCMClient ();
+
+    if (!pClient)
+    {
+        LogWarningFunc(("Could not allocate HGCMClient!!!\n"));
+        return VERR_NO_MEMORY;
+    }
+
+    uint32_t handle;
+    
+    if (pu32ClientIdOut != NULL)
+    {
+        handle = hgcmObjGenerateHandle (pClient);
+    }
+    else
+    {
+        handle = hgcmObjAssignHandle (pClient, u32ClientIdIn);
+    }
+
+    AssertRelease(handle);
+
+    int rc = pClient->Init (this);
+
+    if (VBOX_SUCCESS(rc))
+    {
+        rc = Connect (handle);
+    }
+
+    if (VBOX_FAILURE(rc))
+    {
+        hgcmObjDeleteHandle (handle);
+    }
+    else
+    {
+        if (pu32ClientIdOut != NULL)
+        {
+            *pu32ClientIdOut = handle;
+        }
+    }
+    
+    return rc;
+}
+#endif /* HGCMSS */
 
 int HGCMService::Connect (uint32_t u32ClientID)
@@ -1242 +1457 @@
                 if (VBOX_SUCCESS (rc))
                 {
+#ifdef HGCMSS
+                    rc = pService->CreateAndConnectClient (pMsg->pu32ClientID, 0);
+#else
                     /* Allocate a client information structure */
 
@@ -1273 +1491 @@
                         }
                     }
+#endif /* HGCMSS */
                 }
 
@@ -1349 +1568 @@
             } break;
 
+#ifdef HGCMSS
+            case HGCMMSGID_LOADSTATE:
+            {
+                LogFlow(("HGCMMSGID_LOADSTATE\n"));
+
+                HGCMMsgLoadSaveState *pMsg = (HGCMMsgLoadSaveState *)pMsgCore;
+
+                rc = HGCMService::LoadState (pMsg->pSSM);
+            } break;
+
+            case HGCMMSGID_SAVESTATE:
+            {
+                LogFlow(("HGCMMSGID_SAVESTATE\n"));
+
+                HGCMMsgLoadSaveState *pMsg = (HGCMMsgLoadSaveState *)pMsgCore;
+
+                rc = HGCMService::SaveState (pMsg->pSSM);
+            } break;
+#endif /* HGCMSS */
+            
             default:
             {
@@ -1471 +1710 @@
 }
 
+#ifdef HGCMSS
+static int hgcmLoadSaveStateSend (PSSMHANDLE pSSM, uint32_t u32MsgId)
+{
+    /* Forward the request to the main HGCM thread. */
+    LogFlowFunc(("u32MsgId = %d\n", u32MsgId));
+
+    HGCMMSGHANDLE hMsg = 0;
+
+    int rc = hgcmMsgAlloc (g_hgcmThread, &hMsg, u32MsgId, hgcmMessageAlloc);
+
+    if (VBOX_SUCCESS(rc))
+    {
+        HGCMMsgLoadSaveState *pMsg = (HGCMMsgLoadSaveState *)hgcmObjReference (hMsg, HGCMOBJ_MSG);
+        AssertRelease(pMsg);
+
+        pMsg->u32ClientID = 0; /* @todo not used. */
+        pMsg->pSSM        = pSSM;
+
+        rc = hgcmMsgSend (hMsg);
+
+        hgcmObjDereference (pMsg);
+    }
+
+    LogFlowFunc(("rc = %Vrc\n", rc));
+
+    return rc;
+}
+
+int hgcmSaveStateInternal (PSSMHANDLE pSSM)
+{
+    return hgcmLoadSaveStateSend (pSSM, HGCMMSGID_SAVESTATE);
+}
+
+int hgcmLoadStateInternal (PSSMHANDLE pSSM)
+{
+    return hgcmLoadSaveStateSend (pSSM, HGCMMSGID_LOADSTATE);
+}
+#else
 int hgcmSaveStateInternal (uint32_t u32ClientID, PSSMHANDLE pSSM)
 {
@@ -1515 +1792 @@
     return rc;
 }
+#endif /* HGCMSS */
 
 int hgcmLoadInternal (const char *pszServiceName, const char *pszServiceLibrary)

trunk/src/VBox/Main/hgcm/HGCMObjects.cpp

@@ -33 +33 @@
 static RTCRITSECT g_critsect;
 
-static uint32_t volatile g_u32HandleCount;
+/* There are internal handles, which are not saved,
+ * and client handles, which are saved.
+ * They use different range of values:
+ *     1..7FFFFFFF for clients,
+ *     0x80000001..0xFFFFFFFF for other handles.
+ */
+static uint32_t volatile g_u32InternalHandleCount;
+static uint32_t volatile g_u32ClientHandleCount;
 
 static PAVLULNODECORE g_pTree;
@@ -54 +61 @@
     LogFlow(("MAIN::hgcmObjInit\n"));
 
-    g_u32HandleCount = 0;
+    g_u32InternalHandleCount = 0x80000000;
+    g_u32ClientHandleCount = 0;
     g_pTree = NULL;
 
@@ -72 +80 @@
 }
 
-uint32_t hgcmObjGenerateHandle (HGCMObject *pObject)
+uint32_t hgcmObjMake (HGCMObject *pObject, uint32_t u32HandleIn)
 {
     int handle = 0;
@@ -85 +93 @@
 
         /* Generate a new handle value. */
-
-        uint32_t u32Start = g_u32HandleCount;
+        
+        uint32_t volatile *pu32HandleCountSource = pObject->Type () == HGCMOBJ_CLIENT?
+                                                       &g_u32ClientHandleCount:
+                                                       &g_u32InternalHandleCount;
+
+        uint32_t u32Start = *pu32HandleCountSource;
 
         for (;;)
         {
-            uint32_t Key = ASMAtomicIncU32 (&g_u32HandleCount);
-
-            if (Key == u32Start)
-            {
-                /* Rollover. Something is wrong. */
-                break;
-            }
-
-            /* 0 is not a valid handle. */
-            if (Key == 0)
-            {
-                continue;
+            uint32_t Key; 
+            
+            if (u32HandleIn == 0)
+            {
+                Key = ASMAtomicIncU32 (pu32HandleCountSource);
+
+                if (Key == u32Start)
+                {
+                    /* Rollover. Something is wrong. */
+                    AssertReleaseFailed ();
+                    break;
+                }
+
+                /* 0 and 0x80000000 are not valid handles. */
+                if ((Key & 0x7FFFFFFF) == 0)
+                {
+                    /* Over the invalid value, reinitialize the source. */
+                    *pu32HandleCountSource = pObject->Type () == HGCMOBJ_CLIENT?
+                                                 0:
+                                                 0x80000000;
+                    continue;
+                }
+            }
+            else
+            {
+                Key = u32HandleIn;
             }
 
@@ -112 +138 @@
             if (!bRC)
             {
-                continue;
+                if (u32HandleIn == 0)
+                {
+                    /* Try another generated handle. */
+                    continue;
+                }
+                else
+                {
+                    /* Could not use the specified handle. */
+                    break;
+                }
             }
 
@@ -123 +158 @@
             /* Store returned handle. */
             handle = Key;
+            
+            Log(("Object key inserted 0x%08X\n", Key));
 
             break;
@@ -134 +171 @@
     }
 
-    LogFlow(("MAIN::hgcmObjGenerateHandle: handle = %d, rc = %Vrc, return void\n", handle, rc));
+    LogFlow(("MAIN::hgcmObjGenerateHandle: handle = 0x%08X, rc = %Vrc, return void\n", handle, rc));
 
     return handle;
 }
 
+uint32_t hgcmObjGenerateHandle (HGCMObject *pObject)
+{
+    return hgcmObjMake (pObject, 0);
+}
+
+uint32_t hgcmObjAssignHandle (HGCMObject *pObject, uint32_t u32Handle)
+{
+    return hgcmObjMake (pObject, u32Handle);
+}
+
 void hgcmObjDeleteHandle (uint32_t handle)
 {
     int rc = VINF_SUCCESS;
 
-    LogFlow(("MAIN::hgcmObjDeleteHandle: handle %d\n", handle));
+    LogFlow(("MAIN::hgcmObjDeleteHandle: handle 0x%08X\n", handle));
 
     if (handle)
@@ -175 +222 @@
 HGCMObject *hgcmObjReference (uint32_t handle, HGCMOBJ_TYPE enmObjType)
 {
-    LogFlow(("MAIN::hgcmObjReference: handle %d\n", handle));
+    LogFlow(("MAIN::hgcmObjReference: handle 0x%08X\n", handle));
 
     HGCMObject *pObject = NULL;
@@ -222 +269 @@
 uint32_t hgcmObjQueryHandleCount ()
 {
-    return g_u32HandleCount;
-}
-
-void hgcmObjSetHandleCount (uint32_t u32HandleCount)
-{
-    Assert(g_u32HandleCount <= u32HandleCount);
+    return g_u32ClientHandleCount;
+}
+
+void hgcmObjSetHandleCount (uint32_t u32ClientHandleCount)
+{
+    Assert(g_u32ClientHandleCount <= u32ClientHandleCount);
 
     int rc = hgcmObjEnter ();
@@ -233 +280 @@
     if (VBOX_SUCCESS(rc))
     {
-        if (g_u32HandleCount <= u32HandleCount)
-            g_u32HandleCount = u32HandleCount;
+        if (g_u32ClientHandleCount <= u32ClientHandleCount)
+            g_u32ClientHandleCount = u32ClientHandleCount;
         hgcmObjLeave ();
    }

trunk/src/VBox/Main/hgcm/HGCMThread.cpp

@@ -121 +121 @@
         HGCMMsgCore *m_pFreeTail;
 
+        HGCMTHREADHANDLE m_handle;
 
         inline int Enter (void);
@@ -151 +152 @@
 #define HGCM_MSG_F_IN_PROCESS (0x00000004)
 
-void HGCMMsgCore::InitializeCore (uint32_t u32MsgId, HGCMThread *pThread)
+void HGCMMsgCore::InitializeCore (uint32_t u32MsgId, HGCMTHREADHANDLE hThread)
 {
     m_u32Version  = HGCMMSG_VERSION;
@@ -161 +162 @@
     m_rcSend      = VINF_SUCCESS;
 
-    m_pThread     = pThread;
-}
-
+    m_pThread = (HGCMThread *)hgcmObjReference (hThread, HGCMOBJ_THREAD);
+    AssertRelease (m_pThread);
+}
+
+/* virtual */ HGCMMsgCore::~HGCMMsgCore ()
+{
+    if (m_pThread)
+    {
+        hgcmObjDereference (m_pThread);
+        m_pThread = NULL;
+    }
+}
 
 /*
@@ -209 +219 @@
     m_pMsgInProcessTail (NULL),
     m_pFreeHead (NULL),
-    m_pFreeTail (NULL)
+    m_pFreeTail (NULL),
+    m_handle (0)
 {
     memset (&m_critsect, 0, sizeof (m_critsect));
@@ -266 +277 @@
                 m_pfnThread = pfnThread;
                 m_pvUser    = pvUser;
+                m_handle    = handle;
 
                 m_fu32ThreadFlags = HGCMMSG_TF_INITIALIZING;
@@ -349 +361 @@
     if (VBOX_SUCCESS(rc))
     {
-        /* Reference the thread because pMsg contains the pointer to it. */
-        Reference ();
-
         /* Initialize just allocated message core */
-        pmsg->InitializeCore (u32MsgId, this);
+        pmsg->InitializeCore (u32MsgId, m_handle);
 
         /* and the message specific data. */
@@ -524 +533 @@
 
     AssertRelease(pMsg->m_pThread == this);
-    AssertRelease((pMsg->m_fu32Flags & HGCM_MSG_F_IN_PROCESS) != 0);
+    AssertReleaseMsg((pMsg->m_fu32Flags & HGCM_MSG_F_IN_PROCESS) != 0, ("%p %x\n", pMsg, pMsg->m_fu32Flags));
 
     if (pMsg->m_pfnCallback)

trunk/src/VBox/Main/include/VMMDev.h

@@ -37 +37 @@
     struct DRVMAINVMMDEV *mpDrv;
 
+#ifdef HGCMSS
+    bool fSharedFolderActive;
+    bool isShFlActive()
+    {
+        return fSharedFolderActive;
+    }
+#else
     uint32_t mSharedFolderClientId;
     uint32_t getShFlClientId()
@@ -42 +49 @@
         return mSharedFolderClientId;
     }
+#endif /* HGCMSS */
 
     Console *getParent()

trunk/src/VBox/Main/include/hgcm/HGCM.h

@@ -31 +31 @@
 
 /* HGCM saved state version */
-#define HGCM_SSM_VERSION    1
+#define HGCM_SSM_VERSION    2
 
 __BEGIN_DECLS
@@ -45 +45 @@
 int hgcmHostCallInternal (const char *pszServiceName, uint32_t function, uint32_t cParms, VBOXHGCMSVCPARM aParms[]);
 
+#ifdef HGCMSS
+int hgcmSaveStateInternal (PSSMHANDLE pSSM);
+int hgcmLoadStateInternal (PSSMHANDLE pSSM);
+#else
 int hgcmSaveStateInternal (uint32_t clientID, PSSMHANDLE pSSM);
 int hgcmLoadStateInternal (uint32_t clientID, PSSMHANDLE pSSM);
+#endif /* HGCMSS */
 
 __END_DECLS

trunk/src/VBox/Main/include/hgcm/HGCMObjects.h

@@ -50 +50 @@
 {
     private:
-    friend uint32_t hgcmObjGenerateHandle (HGCMObject *pObject);
+    friend uint32_t hgcmObjMake (HGCMObject *pObject, uint32_t u32HandleIn);
 
         int32_t volatile cRef;
@@ -105 +105 @@
 
 uint32_t hgcmObjGenerateHandle (HGCMObject *pObject);
+uint32_t hgcmObjAssignHandle (HGCMObject *pObject, uint32_t u32Handle);
 
 void hgcmObjDeleteHandle (uint32_t handle);

trunk/src/VBox/Main/include/hgcm/HGCMThread.h

@@ -64 +64 @@
         uint32_t m_u32Version;
 
-        /** Thread the message belongs to. */
+        /** Thread the message belongs to, referenced by the message. */
         HGCMThread *m_pThread;
 
@@ -84 +84 @@
         int32_t m_rcSend;
 
-        void InitializeCore (uint32_t u32MsgId, HGCMThread *pThread);
+        void InitializeCore (uint32_t u32MsgId, HGCMTHREADHANDLE hThread);
 
     protected:
-        virtual ~HGCMMsgCore () {};
+        virtual ~HGCMMsgCore ();
 
     public: