diff options
author | Markus Armbruster | 2020-04-22 15:07:12 +0200 |
---|---|---|
committer | Markus Armbruster | 2020-04-29 08:01:52 +0200 |
commit | ee29f6e92d987bd7f37e3a0002dd839f8431adb1 (patch) | |
tree | e7b842b8dc952e92897d1968b2ccc8272a6873fc | |
parent | fdc: Fix fallback=auto error handling (diff) | |
download | qemu-ee29f6e92d987bd7f37e3a0002dd839f8431adb1.tar.gz qemu-ee29f6e92d987bd7f37e3a0002dd839f8431adb1.tar.xz qemu-ee29f6e92d987bd7f37e3a0002dd839f8431adb1.zip |
bochs-display: Fix vgamem=SIZE error handling
bochs_display_realize() rejects out-of-range vgamem. The error
handling is broken:
$ qemu-system-x86_64 -S -display none -monitor stdio
QEMU 4.2.93 monitor - type 'help' for more information
(qemu) device_add bochs-display,vgamem=1
Error: bochs-display: video memory too small
(qemu) device_add bochs-display,vgamem=1
RAMBlock "0000:00:04.0/bochs-display-vram" already registered, abort!
Aborted (core dumped)
Cause: bochs_display_realize() neglects to bail out after setting the
error. Fix that.
Fixes: 765c94290863eef1fc4a67819d452cc13b7854a1
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200422130719.28225-8-armbru@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
-rw-r--r-- | hw/display/bochs-display.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/hw/display/bochs-display.c b/hw/display/bochs-display.c index 70eb619ef4..e763a0a72d 100644 --- a/hw/display/bochs-display.c +++ b/hw/display/bochs-display.c @@ -267,16 +267,18 @@ static void bochs_display_realize(PCIDevice *dev, Error **errp) Object *obj = OBJECT(dev); int ret; - s->con = graphic_console_init(DEVICE(dev), 0, &bochs_display_gfx_ops, s); - if (s->vgamem < 4 * MiB) { error_setg(errp, "bochs-display: video memory too small"); + return; } if (s->vgamem > 256 * MiB) { error_setg(errp, "bochs-display: video memory too big"); + return; } s->vgamem = pow2ceil(s->vgamem); + s->con = graphic_console_init(DEVICE(dev), 0, &bochs_display_gfx_ops, s); + memory_region_init_ram(&s->vram, obj, "bochs-display-vram", s->vgamem, &error_fatal); memory_region_init_io(&s->vbe, obj, &bochs_display_vbe_ops, s, |