[Qemu-devel] [PULL for-2.9 5/7] cirrus: fix cirrus_invalidate

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PULL for-2.9 5/7] cirrus: fix cirrus_invalidate_region

From:	Gerd Hoffmann
Subject:	[Qemu-devel] [PULL for-2.9 5/7] cirrus: fix cirrus_invalidate_region
Date:	Thu, 16 Mar 2017 10:30:40 +0100

off_cur_end is exclusive, so off_cur_end == cirrus_addr_mask is valid.
Fix calculation to make sure to allow that, otherwise the assert added
by commit f153b563f8cf121aebf5a2fff5f0110faf58ccb3 can trigger for valid
blits.

Test case: boot windows nt 4.0

Signed-off-by: Gerd Hoffmann <address@hidden>
Message-id: address@hidden
---
 hw/display/cirrus_vga.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 326d511..a9f6d5b 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -667,11 +667,11 @@ static void cirrus_invalidate_region(CirrusVGAState * s, 
int off_begin,
     }
 
     for (y = 0; y < lines; y++) {
-       off_cur = off_begin;
-       off_cur_end = (off_cur + bytesperline) & s->cirrus_addr_mask;
+        off_cur = off_begin;
+        off_cur_end = ((off_cur + bytesperline - 1) & s->cirrus_addr_mask) + 1;
         assert(off_cur_end >= off_cur);
         memory_region_set_dirty(&s->vga.vram, off_cur, off_cur_end - off_cur);
-       off_begin += off_pitch;
+        off_begin += off_pitch;
     }
 }
 
-- 
1.8.3.1

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PULL for-2.9 0/7] cirrus: more blitter security fixes., Gerd Hoffmann, 2017/03/16
- [Qemu-devel] [PULL for-2.9 1/7] fix :cirrus_vga fix OOB read case qemu Segmentation fault, Gerd Hoffmann, 2017/03/16
- [Qemu-devel] [PULL for-2.9 3/7] cirrus: switch to 4 MB video memory by default, Gerd Hoffmann, 2017/03/16
- [Qemu-devel] [PULL for-2.9 4/7] cirrus: add option to disable blitter, Gerd Hoffmann, 2017/03/16
  - Re: [Qemu-devel] [PULL for-2.9 4/7] cirrus: add option to disable blitter, 李强, 2017/03/16
    - Re: [Qemu-devel] [PULL for-2.9 4/7] cirrus: add option to disable blitter, Thomas Huth, 2017/03/16
    - Re: [Qemu-devel] [PULL for-2.9 4/7] cirrus: add option to disable blitter, Gerd Hoffmann, 2017/03/16
- [Qemu-devel] [PULL for-2.9 6/7] cirrus: stop passing around dst pointers in the blitter, Gerd Hoffmann, 2017/03/16
- [Qemu-devel] [PULL for-2.9 5/7] cirrus: fix cirrus_invalidate_region, Gerd Hoffmann <=
- [Qemu-devel] [PULL for-2.9 7/7] cirrus: stop passing around src pointers in the blitter, Gerd Hoffmann, 2017/03/16
- [Qemu-devel] [PULL for-2.9 2/7] cirrus/vnc: zap bitblit support from console code., Gerd Hoffmann, 2017/03/16
- Re: [Qemu-devel] [PULL for-2.9 0/7] cirrus: more blitter security fixes., Peter Maydell, 2017/03/16

Prev by Date: [Qemu-devel] [PULL for-2.9 6/7] cirrus: stop passing around dst pointers in the blitter
Next by Date: [Qemu-devel] [PULL for-2.9 7/7] cirrus: stop passing around src pointers in the blitter
Previous by thread: [Qemu-devel] [PULL for-2.9 6/7] cirrus: stop passing around dst pointers in the blitter
Next by thread: [Qemu-devel] [PULL for-2.9 7/7] cirrus: stop passing around src pointers in the blitter
Index(es):
- Date
- Thread