Re: [Qemu-devel] [PULL 23/36] cadence

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PULL 23/36] cadence_gem: Add queue support

From:	Alistair Francis
Subject:	Re: [Qemu-devel] [PULL 23/36] cadence_gem: Add queue support
Date:	Mon, 26 Sep 2016 10:43:19 -0700

On Mon, Sep 26, 2016 at 4:01 AM, Paolo Bonzini <address@hidden> wrote:
>
>
> On 22/09/2016 19:22, Peter Maydell wrote:
>> +    case GEM_RECEIVE_Q1_PTR ... GEM_RECEIVE_Q15_PTR:
>> +        s->rx_desc_addr[offset - GEM_RECEIVE_Q1_PTR + 1] = val;
>> +        break;
>
> MAX_PRIORITY_QUEUES is still 8, so this can cause an out-of-bounds write
> in s->rx_desc_addr (and likewise for s->tx_addr).

The MAX_PRIORITY_QUEUES is actually right, there are only 8 supported.

I guess when this was modeled it was just assumed there would be 16. I
checked the spec and confirmed there are only 8, so I have fixed up
the logic around that.

Thanks,

Alistair

>
> Paolo
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PULL 36/36] imx: Use 'const char', not 'char const', (continued)
- [Qemu-devel] [PULL 36/36] imx: Use 'const char', not 'char const', Peter Maydell, 2016/09/22
- [Qemu-devel] [PULL 06/36] palmetto-bmc: replace palmetto_bmc with aspeed, Peter Maydell, 2016/09/22
- [Qemu-devel] [PULL 17/36] hw/ptimer: Introduce timer policy feature, Peter Maydell, 2016/09/22
- [Qemu-devel] [PULL 19/36] tests: Add ptimer tests, Peter Maydell, 2016/09/22
- [Qemu-devel] [PULL 24/36] cadence_gem: Correct indentation, Peter Maydell, 2016/09/22
- [Qemu-devel] [PULL 28/36] loader: Allow a custom AddressSpace when loading ROMs, Peter Maydell, 2016/09/22
- [Qemu-devel] [PULL 26/36] loader: Allow ELF loader to auto-detect the ELF arch, Peter Maydell, 2016/09/22
- [Qemu-devel] [PULL 05/36] palmetto-bmc: rename the Aspeed board file to aspeed.c, Peter Maydell, 2016/09/22
- [Qemu-devel] [PULL 23/36] cadence_gem: Add queue support, Peter Maydell, 2016/09/22
  - Re: [Qemu-devel] [PULL 23/36] cadence_gem: Add queue support, Paolo Bonzini, 2016/09/26
    - Re: [Qemu-devel] [PULL 23/36] cadence_gem: Add queue support, Alistair Francis <=
- [Qemu-devel] [PULL 35/36] disas/arm.c: Remove unused macro definitions, Peter Maydell, 2016/09/22
- [Qemu-devel] [PULL 33/36] vmstateify ssd0323 display, Peter Maydell, 2016/09/22
- Re: [Qemu-devel] [PULL 00/36] target-arm queue, no-reply, 2016/09/22
- Re: [Qemu-devel] [PULL 00/36] target-arm queue, Peter Maydell, 2016/09/23

Prev by Date: Re: [Qemu-devel] [PATCH 05/18] target-riscv: Add Arithmetic instructions
Next by Date: Re: [Qemu-devel] [PATCH 06/18] target-riscv: Add JALR, Branch Instructions
Previous by thread: Re: [Qemu-devel] [PULL 23/36] cadence_gem: Add queue support
Next by thread: [Qemu-devel] [PULL 35/36] disas/arm.c: Remove unused macro definitions
Index(es):
- Date
- Thread