From: Gerd Hoffmann <kraxel@redhat.com>
To: qemu-devel@nongnu.org
Cc: Gonglei <arei.gonglei@huawei.com>, Gerd Hoffmann <kraxel@redhat.com>
Subject: [Qemu-devel] [PULL 1/3] cirrus_vga: adding sanity check for vram size
Date: Fri, 11 Jul 2014 12:24:36 +0200 [thread overview]
Message-ID: <1405074278-16230-2-git-send-email-kraxel@redhat.com> (raw)
In-Reply-To: <1405074278-16230-1-git-send-email-kraxel@redhat.com>
From: Gonglei <arei.gonglei@huawei.com>
when configure a invalid vram size for cirrus card, such as less
2 MB, which will crash qemu. Follow the real hardware, the cirrus
card has 4 MB video memory. Also for backward compatibility, accept
8 MB and 16 MB vram size.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/display/cirrus_vga.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 6fbe39d..52d039e 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -2911,6 +2911,14 @@ static void isa_cirrus_vga_realizefn(DeviceState *dev, Error **errp)
ISACirrusVGAState *d = ISA_CIRRUS_VGA(dev);
VGACommonState *s = &d->cirrus_vga.vga;
+ /* follow real hardware, cirrus card emulated has 4 MB video memory.
+ Also accept 8 MB/16 MB for backward compatibility. */
+ if (s->vram_size_mb != 4 && s->vram_size_mb != 8 &&
+ s->vram_size_mb != 16) {
+ error_setg(errp, "Invalid cirrus_vga ram size '%u'",
+ s->vram_size_mb);
+ return;
+ }
vga_common_init(s, OBJECT(dev), true);
cirrus_init_common(&d->cirrus_vga, OBJECT(dev), CIRRUS_ID_CLGD5430, 0,
isa_address_space(isadev),
@@ -2957,6 +2965,14 @@ static int pci_cirrus_vga_initfn(PCIDevice *dev)
PCIDeviceClass *pc = PCI_DEVICE_GET_CLASS(dev);
int16_t device_id = pc->device_id;
+ /* follow real hardware, cirrus card emulated has 4 MB video memory.
+ Also accept 8 MB/16 MB for backward compatibility. */
+ if (s->vga.vram_size_mb != 4 && s->vga.vram_size_mb != 8 &&
+ s->vga.vram_size_mb != 16) {
+ error_report("Invalid cirrus_vga ram size '%u'",
+ s->vga.vram_size_mb);
+ return -1;
+ }
/* setup VGA */
vga_common_init(&s->vga, OBJECT(dev), true);
cirrus_init_common(s, OBJECT(dev), device_id, 1, pci_address_space(dev),
--
1.8.3.1
next prev parent reply other threads:[~2014-07-11 10:43 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-11 10:24 [Qemu-devel] [PULL 0/3] vga: some cirrus fixes Gerd Hoffmann
2014-07-11 10:24 ` Gerd Hoffmann [this message]
2014-07-11 10:24 ` [Qemu-devel] [PULL 2/3] cirrus: Fix build of debug code Gerd Hoffmann
2014-07-11 10:24 ` [Qemu-devel] [PULL 3/3] cirrus: Fix host CPU blits Gerd Hoffmann
2014-07-14 7:24 ` Peter Lieven
2014-07-14 7:29 ` Benjamin Herrenschmidt
2014-07-14 7:33 ` Benjamin Herrenschmidt
2014-07-14 8:28 ` Peter Lieven
2014-07-14 9:53 ` Gerd Hoffmann
2014-07-14 12:56 ` Peter Lieven
2014-07-14 16:03 ` Gerd Hoffmann
2014-07-11 17:47 ` [Qemu-devel] [PULL 0/3] vga: some cirrus fixes Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1405074278-16230-2-git-send-email-kraxel@redhat.com \
--to=kraxel@redhat.com \
--cc=arei.gonglei@huawei.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).