From 423b6f57bc0e49823f5e3b849d04c858aca61d9e Mon Sep 17 00:00:00 2001
From: Jannik Vogel <email@jannikvogel.de>
Date: Fri, 28 Dec 2018 07:42:12 +0100
Subject: [PATCH] apu: Fix off-by-one in scatter gather page entry check

---
 hw/xbox/mcpx_apu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/xbox/mcpx_apu.c b/hw/xbox/mcpx_apu.c
index 1db7bf629b..463fd62eb1 100644
--- a/hw/xbox/mcpx_apu.c
+++ b/hw/xbox/mcpx_apu.c
@@ -419,7 +419,7 @@ static void scatter_gather_rw(MCPXAPUState *d,
     unsigned int bytes_to_copy = TARGET_PAGE_SIZE - offset_in_page;
 
     while (len > 0) {
-        assert(page_entry < max_sge);
+        assert(page_entry <= max_sge);
 
         uint32_t prd_address = ldl_le_phys(&address_space_memory,
                                            sge_base + page_entry * 8 + 0);