Patchwork [8/9] PPC: Get rid of segfaults in DBDMA emulation

login
register
mail settings
Submitter Alexander Graf
Date Jan. 12, 2010, 11:58 a.m.
Message ID <1263297526-13518-9-git-send-email-agraf@suse.de>
Download mbox | patch
Permalink /patch/42713/
State New
Headers show

Comments

Alexander Graf - Jan. 12, 2010, 11:58 a.m.
While trying to find the right channel number for the DBDMA emulation I
stumbled across segmentation faults that were purely triggered by the guest.

The guest should never have the possiblity to segfault us, so let's check
all indirect function calls on a channel, so the code even works for channels
that have not been reserved.

Signed-off-by: Alexander Graf <agraf@suse.de>
---
 hw/mac_dbdma.c |   10 +++++++---
 1 files changed, 7 insertions(+), 3 deletions(-)

Patch

diff --git a/hw/mac_dbdma.c b/hw/mac_dbdma.c
index 8ec3d99..8f94c35 100644
--- a/hw/mac_dbdma.c
+++ b/hw/mac_dbdma.c
@@ -402,7 +402,9 @@  static void start_output(DBDMA_channel *ch, int key, uint32_t addr,
     ch->io.dma_end = dbdma_end;
     ch->io.is_dma_out = 1;
     ch->processing = 1;
-    ch->rw(&ch->io);
+    if (ch->rw) {
+        ch->rw(&ch->io);
+    }
 }
 
 static void start_input(DBDMA_channel *ch, int key, uint32_t addr,
@@ -425,7 +427,9 @@  static void start_input(DBDMA_channel *ch, int key, uint32_t addr,
     ch->io.dma_end = dbdma_end;
     ch->io.is_dma_out = 0;
     ch->processing = 1;
-    ch->rw(&ch->io);
+    if (ch->rw) {
+        ch->rw(&ch->io);
+    }
 }
 
 static void load_word(DBDMA_channel *ch, int key, uint32_t addr,
@@ -688,7 +692,7 @@  dbdma_control_write(DBDMA_channel *ch)
 
     if (status & ACTIVE)
         qemu_bh_schedule(dbdma_bh);
-    if (status & FLUSH)
+    if ((status & FLUSH) && ch->flush)
         ch->flush(&ch->io);
 }