The stn_he_p function only supports power of two sizes so it will
assert if we call it with size 3 that happens with 24 bits per pixel.
It's not clear from the documentation if this should be supported or
not and drivers tested so far don't use it so refuse the parameters
that would crash QEMU for now.
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
---
hw/display/ati_2d.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/hw/display/ati_2d.c b/hw/display/ati_2d.c
index 9baf6ff37b..f0f77cecc6 100644
--- a/hw/display/ati_2d.c
+++ b/hw/display/ati_2d.c
@@ -265,6 +265,10 @@ static bool ati_2d_do_blt(ATI2DCtx *ctx, uint8_t use_pixman)
{
uint32_t filler = 0;
+ if (ctx->bpp == 24) {
+ qemu_log_mask(LOG_UNIMP, "Fill blt unsupported in 24 bits\n");
+ return false;
+ }
switch (ctx->rop3) {
case ROP3_PATCOPY:
filler = make_filler(ctx->bpp, ctx->frgd_clr);
@@ -362,6 +366,11 @@ bool ati_host_data_flush(ATIVGAState *s)
setup_2d_blt_ctx(s, &ctx);
+ if (ctx.bpp == 24) {
+ qemu_log_mask(LOG_UNIMP,
+ "host_data_blt: unsupported in 24 bits mode\n");
+ return false;
+ }
if (!ctx.left_to_right || !ctx.top_to_bottom) {
qemu_log_mask(LOG_UNIMP,
"host_data_blt: unsupported blit direction %c%c\n",
--
2.41.3