Re: [PULL 08/10] hw/net/can/xlnx-zynqmp-can: fix assertion failures in t

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PULL 08/10] hw/net/can/xlnx-zynqmp-can: fix assertion failures in t

From:	Philippe Mathieu-Daudé
Subject:	Re: [PULL 08/10] hw/net/can/xlnx-zynqmp-can: fix assertion failures in transfer_fifo()
Date:	Wed, 15 Feb 2023 15:56:29 +0100
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.7.2

Adding CAN bus maintainers.

On 14/2/23 07:11, Jason Wang wrote:

From: Qiang Liu <cyruscyliu@gmail.com>

Check fifos before poping data from and pushing data into it.

Fixes: 98e5d7a2b726 ("hw/net/can: Introduce Xilinx ZynqMP CAN controller")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1425
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1427
Reported-by: Qiang Liu <cyruscyliu@gmail.com>
Signed-off-by: Qiang Liu <cyruscyliu@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
  hw/net/can/xlnx-zynqmp-can.c | 9 ++++++++-
  1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/hw/net/can/xlnx-zynqmp-can.c b/hw/net/can/xlnx-zynqmp-can.c
index e93e6c5..55d3221 100644
--- a/hw/net/can/xlnx-zynqmp-can.c
+++ b/hw/net/can/xlnx-zynqmp-can.c
@@ -451,6 +451,12 @@ static void transfer_fifo(XlnxZynqMPCANState *s, Fifo32 
*fifo)
      }

while (!fifo32_is_empty(fifo)) {

+        if (fifo32_num_used(fifo) < (4 * CAN_FRAME_SIZE)) {
+            g_autofree char *path = object_get_canonical_path(OBJECT(s));
+            qemu_log_mask(LOG_GUEST_ERROR, "%s: data left in the fifo is not"
+                          " enough for transfer.\n", path);
+            break;


This change looks dubious... Shouldn't this rejected earlier?
Shouldn't we assert(fifo32_num_used(fifo)) >= CAN_FRAME_SIZE here?
Is this really how this works on the hardware?

          for (i = 0; i < CAN_FRAME_SIZE; i++) {
              data[i] = fifo32_pop(fifo);
          }

[Prev in Thread]

Current Thread

[Next in Thread]

[PULL 00/10] Net patches, Jason Wang, 2023/02/14
- [PULL 01/10] net: Move the code to collect available NIC models to a separate function, Jason Wang, 2023/02/14
- [PULL 02/10] net: Restore printing of the help text with "-nic help", Jason Wang, 2023/02/14
- [PULL 03/10] net: Replace "Supported NIC models" with "Available NIC models", Jason Wang, 2023/02/14
- [PULL 04/10] hw/net/lan9118: log [read|write]b when mode_16bit is enabled rather than abort, Jason Wang, 2023/02/14
- [PULL 05/10] hw/net/vmxnet3: allow VMXNET3_MAX_MTU itself as a value, Jason Wang, 2023/02/14
- [PULL 06/10] net: Increase L2TPv3 buffer to fit jumboframes, Jason Wang, 2023/02/14
- [PULL 07/10] vmnet: stop recieving events when VM is stopped, Jason Wang, 2023/02/14
- [PULL 08/10] hw/net/can/xlnx-zynqmp-can: fix assertion failures in transfer_fifo(), Jason Wang, 2023/02/14
  - Re: [PULL 08/10] hw/net/can/xlnx-zynqmp-can: fix assertion failures in transfer_fifo(), Philippe Mathieu-Daudé <=
- [PULL 09/10] net: stream: add a new option to automatically reconnect, Jason Wang, 2023/02/14
- [PULL 10/10] vdpa: fix VHOST_BACKEND_F_IOTLB_ASID flag check, Jason Wang, 2023/02/14
- Re: [PULL 00/10] Net patches, Peter Maydell, 2023/02/14
  - Re: [PULL 00/10] Net patches, Peter Maydell, 2023/02/14
    - Re: [PULL 00/10] Net patches, Laurent Vivier, 2023/02/15
    - Re: [PULL 00/10] Net patches, Jason Wang, 2023/02/15

Prev by Date: Re: [PATCH RESEND 10/18] i386: Update APIC ID parsing rule to support module level
Next by Date: Re: [PATCH] gitlab-ci: Use artifacts instead of dumping logs in the Cirrus-CI jobs
Previous by thread: [PULL 08/10] hw/net/can/xlnx-zynqmp-can: fix assertion failures in transfer_fifo()
Next by thread: [PULL 09/10] net: stream: add a new option to automatically reconnect
Index(es):
- Date
- Thread