[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH-for-5.0 v2] hw/display/sm501: Avoid heap overflow in sm501_2d
|
From: |
Gerd Hoffmann |
|
Subject: |
Re: [PATCH-for-5.0 v2] hw/display/sm501: Avoid heap overflow in sm501_2d_operation() |
|
Date: |
Tue, 21 Apr 2020 13:26:54 +0200 |
On Tue, Apr 21, 2020 at 10:25:49AM +0100, Peter Maydell wrote:
> On Tue, 21 Apr 2020 at 10:16, Gerd Hoffmann <address@hidden> wrote:
> > cirrus stopped using pointers years ago, exactly for the reasons
> > outlined above. Conversion was pretty straight forward.
> >
> > commit 026aeffcb4752054830ba203020ed6eb05bcaba8
> > Author: Gerd Hoffmann <address@hidden>
> > Date: Wed Mar 15 11:47:52 2017 +0100
> >
> > cirrus: stop passing around dst pointers in the blitter
> >
> > Instead pass around the address (aka offset into vga memory). Calculate
> > the pointer in the rop_* functions, after applying the mask to the
> > address, to make sure the address stays within the valid range.
>
> Aha, thanks for bringing up the prior art. (Did anybody benchmark
> whether there was a noticeable performance impact for that cirrus
> change? My guess is that there wouldn't be much/any because the memory
> operations will dominate and you get to do the masking operation more
> or less for free, but guesses are notoriously unreliable when it
> comes to performance :-) )
In case of the cirrus the first problem is finding an guest which is
old enough that it actually uses the blitter ;)
So, in 99% of the cases the difference is zero due to the blitter not
being used by the guest. And, no, I don't have numbers for the
remaining 1%.
take care,
Gerd