From: Qiang Liu <cyruscyliu@gmail.com>
Check fifos before poping data from and pushing data into it.
Fixes: 98e5d7a2b726 ("hw/net/can: Introduce Xilinx ZynqMP CAN controller")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1425
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1427
Reported-by: Qiang Liu <cyruscyliu@gmail.com>
Signed-off-by: Qiang Liu <cyruscyliu@gmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
hw/net/can/xlnx-zynqmp-can.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/hw/net/can/xlnx-zynqmp-can.c b/hw/net/can/xlnx-zynqmp-can.c
index e93e6c5..55d3221 100644
--- a/hw/net/can/xlnx-zynqmp-can.c
+++ b/hw/net/can/xlnx-zynqmp-can.c
@@ -451,6 +451,12 @@ static void transfer_fifo(XlnxZynqMPCANState *s, Fifo32
*fifo)
}
while (!fifo32_is_empty(fifo)) {
+ if (fifo32_num_used(fifo) < (4 * CAN_FRAME_SIZE)) {
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: data left in the fifo is not"
+ " enough for transfer.\n", path);
+ break;