diff options
| author | Paolo Bonzini <pbonzini@redhat.com> | 2024-04-02 12:25:57 +0200 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2024-04-02 18:08:59 +0200 |
| commit | 3b6d2b1962b23295c463f010ff88eb5a594f2ef9 (patch) | |
| tree | e12df109d13f46438190d8c75e2238f0ff5aa8a8 /hw | |
| parent | 3826a372e4aafac1dba9ba3434e7c2f76775de42 (diff) | |
vga: adjust dirty memory region if pel panning is active
When pel panning is active, one more byte is read from each of the VGA
memory planes. This has to be accounted in the computation of region_end,
otherwise vga_draw_graphic() fails an assertion:
qemu-system-i386: ../system/physmem.c:946: cpu_physical_memory_snapshot_get_dirty: Assertion `start + length <= snap->end' failed.
Reported-by: Helge Konetzka <hk@zapateado.de>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2244
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'hw')
| -rw-r--r-- | hw/display/vga.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/hw/display/vga.c b/hw/display/vga.c index b4ceff70eb..40acd19e72 100644 --- a/hw/display/vga.c +++ b/hw/display/vga.c @@ -1571,11 +1571,15 @@ static void vga_draw_graphic(VGACommonState *s, int full_update) break; } } + hpel = bits <= 8 ? s->params.hpel : 0; region_start = (s->params.start_addr * 4); region_end = region_start + (ram_addr_t)s->params.line_offset * height; region_end += width * depth / 8; /* scanline length */ region_end -= s->params.line_offset; + if (hpel) { + region_end += 4; + } if (region_end > s->vbe_size || depth == 0 || depth == 15) { /* * We land here on: @@ -1660,7 +1664,6 @@ static void vga_draw_graphic(VGACommonState *s, int full_update) width, height, v, line_offset, s->cr[9], s->cr[VGA_CRTC_MODE], s->params.line_compare, sr(s, VGA_SEQ_CLOCK_MODE)); #endif - hpel = bits <= 8 ? s->params.hpel : 0; addr1 = (s->params.start_addr * 4); bwidth = DIV_ROUND_UP(width * bits, 8); if (hpel) { |