From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:58397) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Yn6h7-0007fu-Ie for qemu-devel@nongnu.org; Tue, 28 Apr 2015 10:41:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Yn6h2-00015l-Q3 for qemu-devel@nongnu.org; Tue, 28 Apr 2015 10:41:05 -0400 Received: from mx1.redhat.com ([209.132.183.28]:49369) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Yn6h2-00015f-Hb for qemu-devel@nongnu.org; Tue, 28 Apr 2015 10:41:00 -0400 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id t3SEexnR018626 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for ; Tue, 28 Apr 2015 10:41:00 -0400 Received: from donizetti.redhat.com (ovpn-112-80.ams2.redhat.com [10.36.112.80]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t3SEeTdH013668 for ; Tue, 28 Apr 2015 10:40:58 -0400 From: Paolo Bonzini Date: Tue, 28 Apr 2015 16:40:21 +0200 Message-Id: <1430232029-9457-15-git-send-email-pbonzini@redhat.com> In-Reply-To: <1430232029-9457-1-git-send-email-pbonzini@redhat.com> References: <1430232029-9457-1-git-send-email-pbonzini@redhat.com> Subject: [Qemu-devel] [PULL 14/22] ioport: loosen assertions on emulation of 16-bit ports List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Right now, ioport.c assumes that the entire range specified with MemoryRegionPortio includes a region with size == 1. This however is not true for the VBE DISPI ports, which are 16-bit only. The next patch will make these regions' length equal to two, which can cause the assertions to trigger. Replace them with simple conditionals. Also, ioport.c will emulate a 16-bit ioport with two distinct reads or writes, even if one of the two accesses is out of the bounds given by the MemoryRegionPortio array. Do not do this anymore, instead discard writes to the incorrect register and read it as all-ones. This ensures that the mrp->read and mrp->write callbacks get an in-range ioport number. Signed-off-by: Paolo Bonzini --- ioport.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/ioport.c b/ioport.c index eb954e3..090c262 100644 --- a/ioport.c +++ b/ioport.c @@ -187,9 +187,14 @@ static uint64_t portio_read(void *opaque, hwaddr addr, unsigned size) data = mrp->read(mrpio->portio_opaque, mrp->base + addr); } else if (size == 2) { mrp = find_portio(mrpio, addr, 1, false); - assert(mrp); - data = mrp->read(mrpio->portio_opaque, mrp->base + addr) | - (mrp->read(mrpio->portio_opaque, mrp->base + addr + 1) << 8); + if (mrp) { + data = mrp->read(mrpio->portio_opaque, mrp->base + addr); + if (addr + 1 < mrp->offset + mrp->len) { + data |= mrp->read(mrpio->portio_opaque, mrp->base + addr + 1) << 8; + } else { + data |= 0xff00; + } + } } return data; } @@ -204,9 +209,12 @@ static void portio_write(void *opaque, hwaddr addr, uint64_t data, mrp->write(mrpio->portio_opaque, mrp->base + addr, data); } else if (size == 2) { mrp = find_portio(mrpio, addr, 1, true); - assert(mrp); - mrp->write(mrpio->portio_opaque, mrp->base + addr, data & 0xff); - mrp->write(mrpio->portio_opaque, mrp->base + addr + 1, data >> 8); + if (mrp) { + mrp->write(mrpio->portio_opaque, mrp->base + addr, data & 0xff); + if (addr + 1 < mrp->offset + mrp->len) { + mrp->write(mrpio->portio_opaque, mrp->base + addr + 1, data >> 8); + } + } } } -- 2.3.5