[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] usb-ohci: td.cbp incorrectly updated near page end
From: |
Stefan Hajnoczi |
Subject: |
Re: [Qemu-devel] usb-ohci: td.cbp incorrectly updated near page end |
Date: |
Fri, 30 Dec 2011 11:07:53 +0000 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Thu, Dec 22, 2011 at 11:34:30AM +0200, Andriy Gapon wrote:
>
> The current code that updates the cbp value after a transfer looks like this:
> td.cbp += ret;
> if ((td.cbp & 0xfff) + ret > 0xfff) {
> <handle page overflow>
> because the 'ret' value is effectively added twice the check may fire too
> early
> when the overflow hasn't happened yet.
Reviewed-by: Stefan Hajnoczi <address@hidden>