Using a very old guest (lenny) with spice and vga=cirrus, I have
a segfault:
FILE: ui/spice-display.c
FUNCTION: qemu_spice_create_update
LINE: if (memcmp(guest + yoff + xoff,
mirror + yoff + xoff,
bw * bpp) == 0)
The address of mirror + yoff + xoff is out of boundaries.
I use the following to avoid the crash:
...
img_get_stride = pixman_image_get_stride(ssd->mirror);
img_height = pixman_image_get_height(ssd->mirror);
img_max = img_height * img_get_stride;
...
if (yoff > img_max)
{
if (dirty_top[blk] == -1)
dirty_top[blk] = y;
}
else if (memcmp(guest + yoff + xoff,
mirror + yoff + xoff,
bw * bpp) == 0)
{
...
