qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value

From: Gonglei (Arei)
Subject: Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload value
Date: Wed, 16 Nov 2016 06:03:05 +0000 
> Subject: Re: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload
> value
> 
> Hi,
> 
> Le 10/11/2016 à 15:50, Paolo Bonzini a écrit :
> >
> >
> > On 10/11/2016 06:56, Gonglei (Arei) wrote:
> >> Any ideas about this fix?
> >
> > It seems sensible, but perhaps the field is even smaller.  Let's CC
> > Hervé and Aurelien as I don't have a datasheet for this device.
> 
> Sorry for the delay...
> 
> I don't have any datasheet for this device either, so I tested with real
> programs.
> Those initialize itr field to either 0 or to 9, so your mask doesn't change
> anything.
> 
> Tested-by: Hervé Poussineau <address@hidden>
> 

Thanks for your feedback. Paolo, maybe you can post a formal patch :)

Regards,
-Gonglei

> >
> > Also, s->itr is used here:
> >
> >     tm_hz = 1000 / (s->itr + 1);
> >
> >     timer_mod(s->periodic_timer,
> qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
> >                    NANOSECONDS_PER_SECOND / tm_hz);
> >
> > and this is the same as
> >
> >     timer_mod(s->periodic_timer,
> qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
> >               NANOSECONDS_PER_SECOND / 1000 * (s->itr + 1));
> >
> > so perhaps it's better to do it like that.
> >
> > Paolo
> >
> >>> -----Original Message-----
> >>> From: Qemu-devel
> >>> [mailto:address@hidden On
> >>> Behalf Of P J P
> >>> Sent: Wednesday, October 12, 2016 8:38 PM
> >>> To: Qemu Developers
> >>> Cc: Paolo Bonzini; Huawei PSIRT; Prasad J Pandit; Michael S. Tsirkin
> >>> Subject: [Qemu-devel] [PATCH] dma: rc4030: limit interval timer reload
> value
> >>>
> >>> From: Prasad J Pandit <address@hidden>
> >>>
> >>> The JAZZ RC4030 chipset emulator has a periodic timer and
> >>> associated interval reload register. The reload value is used
> >>> as divider when computing timer's next tick value. If reload
> >>> value is large, it could lead to divide by zero error. Limit
> >>> the interval reload value to avoid it.
> >>>
> >>> Reported-by: Huawei PSIRT <address@hidden>
> >>> Signed-off-by: Prasad J Pandit <address@hidden>
> >>> ---
> >>>  hw/dma/rc4030.c | 2 +-
> >>>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>>
> >>> diff --git a/hw/dma/rc4030.c b/hw/dma/rc4030.c
> >>> index 2f2576f..c1b4997 100644
> >>> --- a/hw/dma/rc4030.c
> >>> +++ b/hw/dma/rc4030.c
> >>> @@ -460,7 +460,7 @@ static void rc4030_write(void *opaque, hwaddr
> addr,
> >>> uint64_t data,
> >>>          break;
> >>>      /* Interval timer reload */
> >>>      case 0x0228:
> >>> -        s->itr = val;
> >>> +        s->itr = val & 0x01FF;
> >>>          qemu_irq_lower(s->timer_irq);
> >>>          set_next_tick(s);
> >>>          break;
> >>> --
> >>> 2.5.5
> >>>
> >>
> >>
> >>
> >
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]