| Message ID | 20230704091933.2342193-1-marcandre.lureau@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | virtio-gpu: fix potential divide-by-zero regression | expand |
On 04/07/2023 11.19, marcandre.lureau@redhat.com wrote: > From: Marc-André Lureau <marcandre.lureau@redhat.com> > > Commit 9462ff4695aa0 ("virtio-gpu/win32: allocate shareable 2d > resources/images") introduces a division, which can lead to crashes when > "height" is 0. > > Fixes: https://gitlab.com/qemu-project/qemu/-/issues/1744 > Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> > --- ... > diff --git a/tests/lcitool/libvirt-ci b/tests/lcitool/libvirt-ci > index b0f44f929a..c8971e90ac 160000 > --- a/tests/lcitool/libvirt-ci > +++ b/tests/lcitool/libvirt-ci > @@ -1 +1 @@ > -Subproject commit b0f44f929a81c0a604fb7fbf8afc34d37ab0eae9 > +Subproject commit c8971e90ac169ee2b539c747f74d96c876debdf9 That submodule update looks like an accident? Thomas
On 230704 1119, marcandre.lureau@redhat.com wrote: > From: Marc-André Lureau <marcandre.lureau@redhat.com> > > Commit 9462ff4695aa0 ("virtio-gpu/win32: allocate shareable 2d > resources/images") introduces a division, which can lead to crashes when > "height" is 0. > > Fixes: https://gitlab.com/qemu-project/qemu/-/issues/1744 > Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
On Tue, Jul 4, 2023 at 11:24 AM Thomas Huth <thuth@redhat.com> wrote: > On 04/07/2023 11.19, marcandre.lureau@redhat.com wrote: > > From: Marc-André Lureau <marcandre.lureau@redhat.com> > > > > Commit 9462ff4695aa0 ("virtio-gpu/win32: allocate shareable 2d > > resources/images") introduces a division, which can lead to crashes when > > "height" is 0. > > > > Fixes: https://gitlab.com/qemu-project/qemu/-/issues/1744 > > Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> > > --- > ... > > diff --git a/tests/lcitool/libvirt-ci b/tests/lcitool/libvirt-ci > > index b0f44f929a..c8971e90ac 160000 > > --- a/tests/lcitool/libvirt-ci > > +++ b/tests/lcitool/libvirt-ci > > @@ -1 +1 @@ > > -Subproject commit b0f44f929a81c0a604fb7fbf8afc34d37ab0eae9 > > +Subproject commit c8971e90ac169ee2b539c747f74d96c876debdf9 > > That submodule update looks like an accident? > > Oops.. thanks for noticing
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c index 347e17d490..7371a5cbf0 100644 --- a/hw/display/virtio-gpu.c +++ b/hw/display/virtio-gpu.c @@ -324,7 +324,7 @@ static void virtio_gpu_resource_create_2d(VirtIOGPU *g, res->image = pixman_image_create_bits(pformat, c2d.width, c2d.height, - bits, res->hostmem / c2d.height); + bits, c2d.height ? res->hostmem / c2d.height : 0); #ifdef WIN32 if (res->image) { pixman_image_set_destroy_function(res->image, win32_pixman_image_destroy, res->handle); @@ -1292,7 +1292,7 @@ static int virtio_gpu_load(QEMUFile *f, void *opaque, size_t size, #endif res->image = pixman_image_create_bits(pformat, res->width, res->height, - bits, res->hostmem / res->height); + bits, res->height ? res->hostmem / res->height : 0); if (!res->image) { g_free(res); return -EINVAL; diff --git a/tests/lcitool/libvirt-ci b/tests/lcitool/libvirt-ci index b0f44f929a..c8971e90ac 160000 --- a/tests/lcitool/libvirt-ci +++ b/tests/lcitool/libvirt-ci @@ -1 +1 @@ -Subproject commit b0f44f929a81c0a604fb7fbf8afc34d37ab0eae9 +Subproject commit c8971e90ac169ee2b539c747f74d96c876debdf9