These patches (the first three especially) fix an assertion failure introduced by horizontal pel panning support in VGA. The assertion triggers with legacy 4- and 16-color modes, due to a mismatch between the addresses visited by vga_draw_graphic() and the region that is passed to memory_region_snapshot_and_clear_dirty().
Patches 1 and 2 reorganize the code so that the "bits" value (used in turn to check if horizontal pel panning is taken into account) is available where the dirty memory region is computed. Patch 3 is the actual bug fix. Patch 4 is a small optimization that would also hide the bug, by treating pel panning as disabled in the common case where the register is set to 8 (bit 3 is ignored in graphics mode). This one could be suitable for QEMU 9.0 but is not necessary. Patches 5 and 6 are larger cleanups and optimizations in how the dirty memory region is computed. This is enabled by the availability of "bits" where the dirty memory region is computed; it is now possible for 8- and 15-bit modes to skip the slow path and only read dirty bits for a small part of VRAM. Paolo Bonzini (6): vga: merge conditionals on shift control register vga: move computation of dirty memory region later vga: adjust dirty memory region if pel panning is active vga: do not treat horiz pel panning value of 8 as "enabled" vga: optimize computation of dirty memory region vga: move dirty memory region code together hw/display/vga.c | 152 ++++++++++++++++++++----------------------- 1 file changed, 71 insertions(+), 81 deletions(-) -- 2.44.0