[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 01/21] hw/char/bcm2835_aux: Fix assert when receive FIFO fills up
From: |
Peter Maydell |
Subject: |
[PULL 01/21] hw/char/bcm2835_aux: Fix assert when receive FIFO fills up |
Date: |
Tue, 30 Jul 2024 10:40:00 +0100 |
From: Frederik van Hövell <frederik@fvhovell.nl>
When a bare-metal application on the raspi3 board reads the
AUX_MU_STAT_REG MMIO register while the device's buffer is
at full receive FIFO capacity
(i.e. `s->read_count == BCM2835_AUX_RX_FIFO_LEN`) the
assertion `assert(s->read_count < BCM2835_AUX_RX_FIFO_LEN)`
fails.
Reported-by: Cryptjar <cryptjar@junk.studio>
Suggested-by: Cryptjar <cryptjar@junk.studio>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/459
Signed-off-by: Frederik van Hövell <frederik@fvhovell.nl>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
[PMM: commit message tweaks]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/char/bcm2835_aux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/char/bcm2835_aux.c b/hw/char/bcm2835_aux.c
index 83990e20f76..fca2f27a553 100644
--- a/hw/char/bcm2835_aux.c
+++ b/hw/char/bcm2835_aux.c
@@ -138,7 +138,7 @@ static uint64_t bcm2835_aux_read(void *opaque, hwaddr
offset, unsigned size)
res = 0x30e; /* space in the output buffer, empty tx fifo, idle tx/rx
*/
if (s->read_count > 0) {
res |= 0x1; /* data in input buffer */
- assert(s->read_count < BCM2835_AUX_RX_FIFO_LEN);
+ assert(s->read_count <= BCM2835_AUX_RX_FIFO_LEN);
res |= ((uint32_t)s->read_count) << 16; /* rx fifo fill level */
}
return res;
--
2.34.1
- [PULL 00/21] target-arm queue, Peter Maydell, 2024/07/30
- [PULL 01/21] hw/char/bcm2835_aux: Fix assert when receive FIFO fills up,
Peter Maydell <=
- [PULL 03/21] target/arm/kvm: Set PMU for host only when available, Peter Maydell, 2024/07/30
- [PULL 04/21] target/arm/kvm: Do not silently remove PMU, Peter Maydell, 2024/07/30
- [PULL 08/21] hw/misc/bcm2835_property: Fix handling of FRAMEBUFFER_SET_PALETTE, Peter Maydell, 2024/07/30
- [PULL 06/21] hvf: arm: Properly disable PMU, Peter Maydell, 2024/07/30
- [PULL 14/21] target/arm: Avoid shifts by -1 in tszimm_shr() and tszimm_shl(), Peter Maydell, 2024/07/30
- [PULL 02/21] hw/arm/smmuv3: Assert input to oas2bits() is valid, Peter Maydell, 2024/07/30
- [PULL 05/21] hvf: arm: Raise an exception for sysreg by default, Peter Maydell, 2024/07/30
- [PULL 07/21] hvf: arm: Do not advance PC when raising an exception, Peter Maydell, 2024/07/30
- [PULL 15/21] target/arm: Ignore SMCR_EL2.LEN and SVCR_EL2.LEN if EL2 is not enabled, Peter Maydell, 2024/07/30
- [PULL 18/21] target/m68k: avoid shift into sign bit in dump_address_map(), Peter Maydell, 2024/07/30