[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH-for-5.0 v2] hw/display/sm501: Avoid heap overflow in sm501_2d

From: Gerd Hoffmann
Subject: Re: [PATCH-for-5.0 v2] hw/display/sm501: Avoid heap overflow in sm501_2d_operation()
Date: Tue, 21 Apr 2020 13:26:54 +0200

On Tue, Apr 21, 2020 at 10:25:49AM +0100, Peter Maydell wrote:
> On Tue, 21 Apr 2020 at 10:16, Gerd Hoffmann <address@hidden> wrote:
> > cirrus stopped using pointers years ago, exactly for the reasons
> > outlined above.  Conversion was pretty straight forward.
> >
> > commit 026aeffcb4752054830ba203020ed6eb05bcaba8
> > Author: Gerd Hoffmann <address@hidden>
> > Date:   Wed Mar 15 11:47:52 2017 +0100
> >
> >     cirrus: stop passing around dst pointers in the blitter
> >
> >     Instead pass around the address (aka offset into vga memory).  Calculate
> >     the pointer in the rop_* functions, after applying the mask to the
> >     address, to make sure the address stays within the valid range.
> Aha, thanks for bringing up the prior art. (Did anybody benchmark
> whether there was a noticeable performance impact for that cirrus
> change? My guess is that there wouldn't be much/any because the memory
> operations will dominate and you get to do the masking operation more
> or less for free, but guesses are notoriously unreliable when it
> comes to performance :-) )

In case of the cirrus the first problem is finding an guest which is
old enough that it actually uses the blitter ;)

So, in 99% of the cases the difference is zero due to the blitter not
being used by the guest.  And, no, I don't have numbers for the
remaining 1%.

take care,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]