Re: [Qemu-devel] usb-ohci: td.cbp incorrectly updated near page end

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] usb-ohci: td.cbp incorrectly updated near page end

From:	Stefan Hajnoczi
Subject:	Re: [Qemu-devel] usb-ohci: td.cbp incorrectly updated near page end
Date:	Fri, 30 Dec 2011 11:07:53 +0000
User-agent:	Mutt/1.5.21 (2010-09-15)

On Thu, Dec 22, 2011 at 11:34:30AM +0200, Andriy Gapon wrote:
> 
> The current code that updates the cbp value after a transfer looks like this:
> td.cbp += ret;
> if ((td.cbp & 0xfff) + ret > 0xfff) {
>       <handle page overflow>
> because the 'ret' value is effectively added twice the check may fire too 
> early
> when the overflow hasn't happened yet.

Reviewed-by: Stefan Hajnoczi <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] usb-ohci: td.cbp incorrectly updated near page end, Andriy Gapon, 2011/12/22
- Re: [Qemu-devel] usb-ohci: td.cbp incorrectly updated near page end, Stefan Hajnoczi <=

Prev by Date: Re: [Qemu-devel] coroutine bug?, was Re: [PATCH] sheepdog: use coroutines
Next by Date: Re: [Qemu-devel] [help] QEMUFile's format
Previous by thread: [Qemu-devel] usb-ohci: td.cbp incorrectly updated near page end
Next by thread: [Qemu-devel] [PATCH v2] w32: Build windows and console executables
Index(es):
- Date
- Thread