[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] workaround for cmd646 bmdma register access wh
|
From: |
Blue Swirl |
|
Subject: |
Re: [Qemu-devel] [PATCH] workaround for cmd646 bmdma register access while no dma is active |
|
Date: |
Sun, 13 Dec 2009 15:50:52 +0000 |
On Sun, Dec 13, 2009 at 12:23 PM, Igor V. Kovalenko
<address@hidden> wrote:
> From: Igor V. Kovalenko <address@hidden>
>
> This is a workaround only, and is a partial revert
> of a few changes to BMDMAState which removed pci_dev
> field on the way.
>
> - cmd646 pci_from_bm() expects bm->unit value to
> correspond with bm data being passed to callback
> as opaque pointer. This breaks when write to dma
> control register of second channel happens when no
> dma operation is in progress, so bm->unit is zero
> for second channel, and pci_from_bm() returns garbage
> pointer. Crash happens shortly after that while
> dereferencing that pointer.
> static PCIIDEState *pci_from_bm(BMDMAState *bm)
> {
> + return bm->pci_dev;
> if (bm->unit == 0) {
> return container_of(bm, PCIIDEState, bmdma[0]);
> } else {
I think you should delete the rest of the function, unused code is
useless and if someone decides to fix and restore the old code, they
can fetch it from git.