From patchwork Mon May 14 10:31:17 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gerd Hoffmann X-Patchwork-Id: 912844 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40kxsH11hbz9ry1 for ; Mon, 14 May 2018 20:34:43 +1000 (AEST) Received: from localhost ([::1]:56399 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fIAoS-00075m-O6 for incoming@patchwork.ozlabs.org; Mon, 14 May 2018 06:34:40 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:39456) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fIAlF-0004Pv-Uz for qemu-devel@nongnu.org; Mon, 14 May 2018 06:31:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fIAlC-00043U-PQ for qemu-devel@nongnu.org; Mon, 14 May 2018 06:31:22 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:44816 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fIAlC-00043L-L6 for qemu-devel@nongnu.org; Mon, 14 May 2018 06:31:18 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 189D74067EF0 for ; Mon, 14 May 2018 10:31:18 +0000 (UTC) Received: from sirius.home.kraxel.org (ovpn-116-49.ams2.redhat.com [10.36.116.49]) by smtp.corp.redhat.com (Postfix) with ESMTP id D09462026DEF; Mon, 14 May 2018 10:31:17 +0000 (UTC) Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 4471D31EEE; Mon, 14 May 2018 12:31:17 +0200 (CEST) From: Gerd Hoffmann To: qemu-devel@nongnu.org Date: Mon, 14 May 2018 12:31:17 +0200 Message-Id: <20180514103117.21059-1-kraxel@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Mon, 14 May 2018 10:31:18 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Mon, 14 May 2018 10:31:18 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'kraxel@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH] vga: catch depth 0 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Gerd Hoffmann Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" depth == 0 is used to indicate 256 color modes. Our region calculation goes wrong in that case. So detect that and just take the safe code path we already have for the wraparound case. While being at it also catch depth == 15 (where our region size calculation goes wrong too). And make the comment more verbose, explaining what is going on here. Without this windows guest install might trigger an assert due to trying to check dirty bitmap outside the snapshot region. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1575541 Signed-off-by: Gerd Hoffmann --- hw/display/vga.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/hw/display/vga.c b/hw/display/vga.c index 72181330b8..a7794f6d1f 100644 --- a/hw/display/vga.c +++ b/hw/display/vga.c @@ -1480,13 +1480,28 @@ static void vga_draw_graphic(VGACommonState *s, int full_update) s->get_resolution(s, &width, &height); disp_width = width; + depth = s->get_bpp(s); region_start = (s->start_addr * 4); region_end = region_start + (ram_addr_t)s->line_offset * height; - region_end += width * s->get_bpp(s) / 8; /* scanline length */ + region_end += width * depth / 8; /* scanline length */ region_end -= s->line_offset; - if (region_end > s->vbe_size) { - /* wraps around (can happen with cirrus vbe modes) */ + if (region_end > s->vbe_size || depth == 0 || depth == 15) { + /* + * We land here on: + * - wraps around (can happen with cirrus vbe modes) + * - depth == 0 (256 color palette video mode) + * - depth == 15 + * + * Take the safe and slow route: + * - create a dirty bitmap snapshot for all vga memory. + * - force shadowing (so all vga memory access goes + * through vga_read_*() helpers). + * + * Given this affects only vga features which are pretty much + * unused by modern guests there should be no performance + * impact. + */ region_start = 0; region_end = s->vbe_size; force_shadow = true; @@ -1520,8 +1535,6 @@ static void vga_draw_graphic(VGACommonState *s, int full_update) } } - depth = s->get_bpp(s); - /* * Check whether we can share the surface with the backend * or whether we need a shadow surface. We share native