Il 05/03/2014 11:05, Paolo Bonzini ha scritto:
Il 19/02/2014 10:05, Mark Cave-Ayland ha scritto:
+#define CG3_REG_SIZE 0x20
+
+#define CG3_REG_FBC_CTRL 0x10
+#define CG3_REG_FBC_STATUS 0x11
+#define CG3_REG_FBC_CURSTART 0x12
+#define CG3_REG_FBC_CUREND 0x13
+#define CG3_REG_FBC_VCTRL 0x14
+
+typedef struct CG3State {
...
+ uint8_t regs[16];
...
+ case CG3_REG_FBC_CURSTART ... CG3_REG_SIZE:
+ val = s->regs[addr - 0x10];
+ break;
+ default:
Something weird here, you can access regs[16] if addr == CG3_REG_SIZE.
The same happens in the write path.
Ping. I cannot fix it without access to the datasheet, though I suspect
you want CG3_REG_SIZE - 1.
Paolo