VirtualBox

Changeset 53756 in vbox for trunk/src/VBox/Devices/Graphics


Ignore:
Timestamp:
Jan 6, 2015 11:28:38 PM (10 years ago)
Author:
vboxsync
Message:

vmsvgaGMRTransfer: Display detail in buffer overflow assertions.

Location:
trunk/src/VBox/Devices/Graphics
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/VBox/Devices/Graphics/DevVGA-SVGA.cpp

    r53755 r53756  
    28712871 * @returns VBox status code.
    28722872 * @param   pThis           VGA device instance data.
    2873  * @param   transfer        Transfer type (read/write)
    2874  * @param   pDest           Host destination pointer
     2873 * @param   enmTransferType Transfer type (read/write)
     2874 * @param   pbDst           Host destination pointer
    28752875 * @param   cbDestPitch     Destination buffer pitch
    28762876 * @param   src             GMR description
    2877  * @param   cbSrcOffset     Source buffer offset
     2877 * @param   offSrc          Source buffer offset
    28782878 * @param   cbSrcPitch      Source buffer pitch
    28792879 * @param   cbWidth         Source width in bytes
    28802880 * @param   cHeight         Source height
    28812881 */
    2882 int vmsvgaGMRTransfer(PVGASTATE pThis, const SVGA3dTransferType transfer, uint8_t *pDest, int32_t cbDestPitch, SVGAGuestPtr src, uint32_t cbSrcOffset, int32_t cbSrcPitch, uint32_t cbWidth, uint32_t cHeight)
     2882int vmsvgaGMRTransfer(PVGASTATE pThis, const SVGA3dTransferType enmTransferType, uint8_t *pbDst, int32_t cbDestPitch,
     2883                      SVGAGuestPtr src, uint32_t offSrc, int32_t cbSrcPitch, uint32_t cbWidth, uint32_t cHeight)
    28832884{
    28842885    PVMSVGASTATE            pSVGAState = (PVMSVGASTATE)pThis->svga.pSVGAState;
     
    28862887    int                     rc;
    28872888    PVMSVGAGMRDESCRIPTOR    pDesc;
    2888     unsigned                uDescOffset = 0;
    2889 
    2890     Log(("vmsvgaGMRTransfer: gmr=%x offset=%x pitch=%d cbWidth=%d cHeight=%d; src offset=%d src pitch=%d\n", src.gmrId, src.offset, cbDestPitch, cbWidth, cHeight, cbSrcOffset, cbSrcPitch));
     2889    unsigned                offDesc = 0;
     2890
     2891    Log(("vmsvgaGMRTransfer: gmr=%x offset=%x pitch=%d cbWidth=%d cHeight=%d; src offset=%d src pitch=%d\n",
     2892         src.gmrId, src.offset, cbDestPitch, cbWidth, cHeight, offSrc, cbSrcPitch));
    28912893    Assert(cbWidth && cHeight);
    28922894
     
    28942896    if (src.gmrId == SVGA_GMR_FRAMEBUFFER)
    28952897    {
    2896         cbSrcOffset += src.offset;
    2897         AssertReturn(src.offset < pThis->vram_size, VERR_INVALID_PARAMETER);
    2898         AssertReturn(cbSrcOffset + cbSrcPitch * (cHeight - 1) + cbWidth <= pThis->vram_size, VERR_INVALID_PARAMETER);
    2899 
    2900         uint8_t *pSrc  = pThis->CTX_SUFF(vram_ptr) + cbSrcOffset;
    2901 
    2902         if (transfer == SVGA3D_READ_HOST_VRAM)
     2898        offSrc += src.offset;
     2899        AssertMsgReturn(src.offset < pThis->vram_size,
     2900                        ("src.offset=%#x offSrc=%#x cbSrcPitch=%#x cHeight=%#x cbWidth=%#x cbTotal=%#x vram_size=%#x\n",
     2901                         src.offset, offSrc, cbSrcPitch, cHeight, cbWidth, pThis->vram_size),
     2902                        VERR_INVALID_PARAMETER);
     2903        AssertMsgReturn(offSrc + cbSrcPitch * (cHeight - 1) + cbWidth <= pThis->vram_size,
     2904                        ("src.offset=%#x offSrc=%#x cbSrcPitch=%#x cHeight=%#x cbWidth=%#x cbTotal=%#x vram_size=%#x\n",
     2905                         src.offset, offSrc, cbSrcPitch, cHeight, cbWidth, pThis->vram_size),
     2906                        VERR_INVALID_PARAMETER);
     2907
     2908        uint8_t *pSrc  = pThis->CTX_SUFF(vram_ptr) + offSrc;
     2909
     2910        if (enmTransferType == SVGA3D_READ_HOST_VRAM)
    29032911        {
    29042912            /* switch src & dest */
    2905             uint8_t *pTemp      = pDest;
     2913            uint8_t *pTemp      = pbDst;
    29062914            int32_t cbTempPitch = cbDestPitch;
    29072915
    2908             pDest = pSrc;
     2916            pbDst = pSrc;
    29092917            pSrc  = pTemp;
    29102918
     
    29172925            &&  cbSrcPitch == cbDestPitch)
    29182926        {
    2919             memcpy(pDest, pSrc, cbWidth * cHeight);
     2927            memcpy(pbDst, pSrc, cbWidth * cHeight);
    29202928        }
    29212929        else
     
    29232931            for(uint32_t i = 0; i < cHeight; i++)
    29242932            {
    2925                 memcpy(pDest, pSrc, cbWidth);
    2926 
    2927                 pDest += cbDestPitch;
     2933                memcpy(pbDst, pSrc, cbWidth);
     2934
     2935                pbDst += cbDestPitch;
    29282936                pSrc  += cbSrcPitch;
    29292937            }
     
    29362944    pDesc  = pGMR->paDesc;
    29372945
    2938     cbSrcOffset += src.offset;
    2939     AssertReturn(src.offset < pGMR->cbTotal, VERR_INVALID_PARAMETER);
    2940     AssertReturn(cbSrcOffset + cbSrcPitch * (cHeight - 1) + cbWidth <= pGMR->cbTotal, VERR_INVALID_PARAMETER);
    2941 
    2942     for (unsigned i = 0; i < cHeight; i++)
    2943     {
    2944         unsigned cbCurrentWidth = cbWidth;
    2945         unsigned uCurrentOffset = cbSrcOffset;
    2946         uint8_t *pCurrentDest   = pDest;
     2946    offSrc += src.offset;
     2947    AssertMsgReturn(src.offset < pGMR->cbTotal,
     2948                    ("src.gmrId=%#x src.offset=%#x offSrc=%#x cbSrcPitch=%#x cHeight=%#x cbWidth=%#x cbTotal=%#x\n",
     2949                     src.gmrId, src.offset, offSrc, cbSrcPitch, cHeight, cbWidth, pGMR->cbTotal),
     2950                    VERR_INVALID_PARAMETER);
     2951    AssertMsgReturn(offSrc + cbSrcPitch * (cHeight - 1) + cbWidth <= pGMR->cbTotal,
     2952                    ("src.gmrId=%#x src.offset=%#x offSrc=%#x cbSrcPitch=%#x cHeight=%#x cbWidth=%#x cbTotal=%#x\n",
     2953                     src.gmrId, src.offset, offSrc, cbSrcPitch, cHeight, cbWidth, pGMR->cbTotal),
     2954                    VERR_INVALID_PARAMETER);
     2955
     2956    for (uint32_t i = 0; i < cHeight; i++)
     2957    {
     2958        uint32_t cbCurrentWidth = cbWidth;
     2959        uint32_t offCurrent     = offSrc;
     2960        uint8_t *pCurrentDest   = pbDst;
    29472961
    29482962        /* Find the right descriptor */
    2949         while (uDescOffset + pDesc->numPages * PAGE_SIZE <= uCurrentOffset)
    2950         {
    2951             uDescOffset += pDesc->numPages * PAGE_SIZE;
    2952             AssertReturn(uDescOffset < pGMR->cbTotal, VERR_INTERNAL_ERROR); /* overflow protection */
     2963        while (offDesc + pDesc->numPages * PAGE_SIZE <= offCurrent)
     2964        {
     2965            offDesc += pDesc->numPages * PAGE_SIZE;
     2966            AssertReturn(offDesc < pGMR->cbTotal, VERR_INTERNAL_ERROR); /* overflow protection */
    29532967            pDesc++;
    29542968        }
     
    29562970        while (cbCurrentWidth)
    29572971        {
    2958             unsigned cbToCopy;
    2959 
    2960             if (uCurrentOffset + cbCurrentWidth <= uDescOffset + pDesc->numPages * PAGE_SIZE)
     2972            uint32_t cbToCopy;
     2973
     2974            if (offCurrent + cbCurrentWidth <= offDesc + pDesc->numPages * PAGE_SIZE)
    29612975            {
    29622976                cbToCopy = cbCurrentWidth;
     
    29642978            else
    29652979            {
    2966                 cbToCopy = (uDescOffset + pDesc->numPages * PAGE_SIZE - uCurrentOffset);
     2980                cbToCopy = (offDesc + pDesc->numPages * PAGE_SIZE - offCurrent);
    29672981                AssertReturn(cbToCopy <= cbCurrentWidth, VERR_INVALID_PARAMETER);
    29682982            }
    29692983
    2970             LogFlow(("vmsvgaGMRTransfer: %s phys=%RGp\n", (transfer == SVGA3D_WRITE_HOST_VRAM) ? "READ" : "WRITE", pDesc->GCPhys + uCurrentOffset - uDescOffset));
    2971 
    2972             if (transfer == SVGA3D_WRITE_HOST_VRAM)
    2973                 rc = PDMDevHlpPhysRead(pThis->CTX_SUFF(pDevIns), pDesc->GCPhys + uCurrentOffset - uDescOffset, pCurrentDest, cbToCopy);
     2984            LogFlow(("vmsvgaGMRTransfer: %s phys=%RGp\n", (enmTransferType == SVGA3D_WRITE_HOST_VRAM) ? "READ" : "WRITE", pDesc->GCPhys + offCurrent - offDesc));
     2985
     2986            if (enmTransferType == SVGA3D_WRITE_HOST_VRAM)
     2987                rc = PDMDevHlpPhysRead(pThis->CTX_SUFF(pDevIns), pDesc->GCPhys + offCurrent - offDesc, pCurrentDest, cbToCopy);
    29742988            else
    2975                 rc = PDMDevHlpPhysWrite(pThis->CTX_SUFF(pDevIns), pDesc->GCPhys + uCurrentOffset - uDescOffset, pCurrentDest, cbToCopy);
     2989                rc = PDMDevHlpPhysWrite(pThis->CTX_SUFF(pDevIns), pDesc->GCPhys + offCurrent - offDesc, pCurrentDest, cbToCopy);
    29762990            AssertRCBreak(rc);
    29772991
    29782992            cbCurrentWidth -= cbToCopy;
    2979             uCurrentOffset += cbToCopy;
     2993            offCurrent    += cbToCopy;
    29802994            pCurrentDest   += cbToCopy;
    29812995
     
    29832997            if (cbCurrentWidth)
    29842998            {
    2985                 uDescOffset += pDesc->numPages * PAGE_SIZE;
     2999                offDesc += pDesc->numPages * PAGE_SIZE;
    29863000                pDesc++;
    29873001            }
    29883002        }
    29893003
    2990         cbSrcOffset += cbSrcPitch;
    2991         pDest       += cbDestPitch;
     3004        offSrc += cbSrcPitch;
     3005        pbDst   += cbDestPitch;
    29923006    }
    29933007
  • trunk/src/VBox/Devices/Graphics/DevVGA-SVGA3d-ogl.cpp

    r53755 r53756  
    27622762#endif
    27632763            rc = vmsvgaGMRTransfer(pThis,
    2764                                     transfer,
    2765                                     pBufferStart,
     2764                                   transfer,
     2765                                   pBufferStart,
    27662766#ifdef MANUAL_FLIP_SURFACE_DATA
    2767                                     -(int32_t)pMipLevel->cbSurfacePitch,
     2767                                   -(int32_t)pMipLevel->cbSurfacePitch,
    27682768#else
    2769                                     (int32_t)pMipLevel->cbSurfacePitch,
     2769                                   (int32_t)pMipLevel->cbSurfacePitch,
    27702770#endif
    2771                                     guest.ptr,
    2772                                     pBoxes[i].srcx * pSurface->cbBlock + (pBoxes[i].srcy + pBoxes[i].srcz * pBoxes[i].h) * cbSrcPitch,
    2773                                     cbSrcPitch,
    2774                                     pBoxes[i].w * pSurface->cbBlock,
    2775                                     pBoxes[i].d * pBoxes[i].h);
     2771                                   guest.ptr,
     2772                                   pBoxes[i].srcx * pSurface->cbBlock + (pBoxes[i].srcy + pBoxes[i].srcz * pBoxes[i].h) * cbSrcPitch,
     2773                                   cbSrcPitch,
     2774                                   pBoxes[i].w * pSurface->cbBlock,
     2775                                   pBoxes[i].d * pBoxes[i].h);
    27762776
    27772777            Log4(("first line:\n%.*Rhxd\n", pMipLevel->cbSurface, pMipLevel->pSurfaceData));
  • trunk/src/VBox/Devices/Graphics/DevVGA-SVGA3d.h

    r53755 r53756  
    4545
    4646void vmsvgaGMRFree(PVGASTATE pThis, uint32_t idGMR);
    47 int vmsvgaGMRTransfer(PVGASTATE pThis, const SVGA3dTransferType transfer, uint8_t *pDest, int32_t cbDestPitch, SVGAGuestPtr src, uint32_t cbSrcOffset, int32_t cbSrcPitch, uint32_t cbWidth, uint32_t cHeight);
     47int vmsvgaGMRTransfer(PVGASTATE pThis, const SVGA3dTransferType enmTransferType, uint8_t *pDest, int32_t cbDestPitch,
     48                      SVGAGuestPtr src, uint32_t offSrc, int32_t cbSrcPitch, uint32_t cbWidth, uint32_t cHeight);
    4849
    4950int vmsvga3dInit(PVGASTATE pThis);
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette