[Qemu-devel] [PULL 24/25] hw/dma/pl080: Correct bug in register address

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PULL 24/25] hw/dma/pl080: Correct bug in register address

From:	Peter Maydell
Subject:	[Qemu-devel] [PULL 24/25] hw/dma/pl080: Correct bug in register address decode logic
Date:	Mon, 20 Aug 2018 11:32:11 +0100

A bug in the handling of the register address decode logic
for the PL08x meant that we were incorrectly treating
accesses to the DMA channel registers (DMACCxSrcAddr,
DMACCxDestaddr, DMACCxLLI, DMACCxControl, DMACCxConfiguration)
as bad offsets. Fix this long-standing bug.

Fixes: https://bugs.launchpad.net/qemu/+bug/1637974
Signed-off-by: Peter Maydell <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
---
 hw/dma/pl080.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/hw/dma/pl080.c b/hw/dma/pl080.c
index a7aacad74f0..8f92550392b 100644
--- a/hw/dma/pl080.c
+++ b/hw/dma/pl080.c
@@ -229,7 +229,7 @@ static uint64_t pl080_read(void *opaque, hwaddr offset,
         i = (offset & 0xe0) >> 5;
         if (i >= s->nchannels)
             goto bad_offset;
-        switch (offset >> 2) {
+        switch ((offset >> 2) & 7) {
         case 0: /* SrcAddr */
             return s->chan[i].src;
         case 1: /* DestAddr */
@@ -290,7 +290,7 @@ static void pl080_write(void *opaque, hwaddr offset,
         i = (offset & 0xe0) >> 5;
         if (i >= s->nchannels)
             goto bad_offset;
-        switch (offset >> 2) {
+        switch ((offset >> 2) & 7) {
         case 0: /* SrcAddr */
             s->chan[i].src = value;
             break;
@@ -308,6 +308,7 @@ static void pl080_write(void *opaque, hwaddr offset,
             pl080_run(s);
             break;
         }
+        return;
     }
     switch (offset >> 2) {
     case 2: /* IntTCClear */
-- 
2.18.0

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PULL 16/25] hw/misc: Remove mmio_interface device, (continued)
- [Qemu-devel] [PULL 16/25] hw/misc: Remove mmio_interface device, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 19/25] nvic: Expose NMI line, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 02/25] docs/generic-loader: mention U-Boot and Intel HEX executable formats, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 01/25] target/arm: Fix crash on conditional instruction in an IT block, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 15/25] memory: Remove MMIO request_ptr APIs, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 18/25] hw/watchdog/cmsdk_apb_watchdog: Implement CMSDK APB watchdog module, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 22/25] hw/dma/pl080: Don't use CPU address space for DMA accesses, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 23/25] hw/dma/pl080: Provide device reset function, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 21/25] hw/dma/pl080: Support all three interrupt lines, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 20/25] hw/dma/pl080: Allow use as embedded-struct device, Peter Maydell, 2018/08/20
- [Qemu-devel] [PULL 24/25] hw/dma/pl080: Correct bug in register address decode logic, Peter Maydell <=
- [Qemu-devel] [PULL 25/25] hw/dma/pl080: Remove hw_error() if DMA is enabled, Peter Maydell, 2018/08/20
- Re: [Qemu-devel] [PULL 00/25] target-arm queue, Peter Maydell, 2018/08/20

Prev by Date: [Qemu-devel] [PULL 20/25] hw/dma/pl080: Allow use as embedded-struct device
Next by Date: [Qemu-devel] [PULL 25/25] hw/dma/pl080: Remove hw_error() if DMA is enabled
Previous by thread: [Qemu-devel] [PULL 20/25] hw/dma/pl080: Allow use as embedded-struct device
Next by thread: [Qemu-devel] [PULL 25/25] hw/dma/pl080: Remove hw_error() if DMA is enabled
Index(es):
- Date
- Thread