Merge remote-tracking branch 'remotes/kraxel/tags/vga-20200605-pull-request' into...

author Peter Maydell <peter.maydell@linaro.org>

Fri, 5 Jun 2020 12:53:05 +0000 (13:53 +0100)

committer Peter Maydell <peter.maydell@linaro.org>

Fri, 5 Jun 2020 12:53:05 +0000 (13:53 +0100)
author Peter Maydell <peter.maydell@linaro.org>
Fri, 5 Jun 2020 12:53:05 +0000 (13:53 +0100)
committer Peter Maydell <peter.maydell@linaro.org>
Fri, 5 Jun 2020 12:53:05 +0000 (13:53 +0100)
diff --git a/hw/display/ati.c b/hw/display/ati.c

index 065f197678e49faeb45cd29de59f753699f42c41..67604e68deb16d100d25a080a96f6f5f3ebbd872 100644 (file)
--- a/hw/display/ati.c
+++ b/hw/display/ati.c
@@ -285,8 +285,11 @@ static uint64_t ati_mm_read(void *opaque, hwaddr addr, unsigned int size)
              if (idx <= s->vga.vram_size - size) {
                  val = ldn_le_p(s->vga.vram_ptr + idx, size);
              }
-        } else {
+        } else if (s->regs.mm_index > MM_DATA + 3) {
              val = ati_mm_read(s, s->regs.mm_index + addr - MM_DATA, size);
+        } else {
+            qemu_log_mask(LOG_GUEST_ERROR,
+                "ati_mm_read: mm_index too small: %u\n", s->regs.mm_index);
          }
          break;
      case BIOS_0_SCRATCH ... BUS_CNTL - 1:
@@ -520,8 +523,11 @@ static void ati_mm_write(void *opaque, hwaddr addr,
              if (idx <= s->vga.vram_size - size) {
                  stn_le_p(s->vga.vram_ptr + idx, size, data);
              }
-        } else {
+        } else if (s->regs.mm_index > MM_DATA + 3) {
              ati_mm_write(s, s->regs.mm_index + addr - MM_DATA, data, size);
+        } else {
+            qemu_log_mask(LOG_GUEST_ERROR,
+                "ati_mm_write: mm_index too small: %u\n", s->regs.mm_index);
          }
          break;
      case BIOS_0_SCRATCH ... BUS_CNTL - 1:
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c

index 92c197cdde1d31570eabe61ff67ca80283b3f267..212d6f5e6145c4cf8aea4b8a3b731aaa1db64705 100644 (file)
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -1032,9 +1032,9 @@ static void cirrus_bitblt_start(CirrusVGAState * s)
          } else {
             if (s->cirrus_blt_mode & CIRRUS_BLTMODE_TRANSPARENTCOMP) {
                 if (s->cirrus_blt_pixelwidth > 2) {
-            qemu_log_mask(LOG_GUEST_ERROR,
-                          "cirrus: src transparent without colorexpand "
-                          "must be 8bpp or 16bpp\n");
+                    qemu_log_mask(LOG_GUEST_ERROR,
+                                  "cirrus: src transparent without colorexpand "
+                                  "must be 8bpp or 16bpp\n");
                     goto bitblt_ignore;
                 }
                 if (s->cirrus_blt_mode & CIRRUS_BLTMODE_BACKWARDS) {
author	Peter Maydell <peter.maydell@linaro.org>
	Fri, 5 Jun 2020 12:53:05 +0000 (13:53 +0100)
committer	Peter Maydell <peter.maydell@linaro.org>
	Fri, 5 Jun 2020 12:53:05 +0000 (13:53 +0100)
hw/display/ati.c		patch \| blob \| blame \| history
hw/display/cirrus_vga.c		patch \| blob \| blame \| history