From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:34980) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Rtaav-0002EP-KJ for qemu-devel@nongnu.org; Sat, 04 Feb 2012 03:03:39 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Rtaau-0005Mr-7w for qemu-devel@nongnu.org; Sat, 04 Feb 2012 03:03:37 -0500 Received: from mail-wi0-f173.google.com ([209.85.212.173]:51500) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Rtaat-0005CR-ON for qemu-devel@nongnu.org; Sat, 04 Feb 2012 03:03:36 -0500 Received: by mail-wi0-f173.google.com with SMTP id hi20so3684792wib.4 for ; Sat, 04 Feb 2012 00:03:35 -0800 (PST) Sender: Paolo Bonzini From: Paolo Bonzini Date: Sat, 4 Feb 2012 09:03:30 +0100 Message-Id: <1328342612-25826-2-git-send-email-pbonzini@redhat.com> In-Reply-To: <1328342612-25826-1-git-send-email-pbonzini@redhat.com> References: <1328342612-25826-1-git-send-email-pbonzini@redhat.com> Subject: [Qemu-devel] [PATCH 1/3] smbus: fix writes List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org SMBus protocol sends offset and length before the actual data that is transferred. So we need to skip two bytes rather than one. Signed-off-by: Paolo Bonzini --- hw/smbus.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/smbus.c b/hw/smbus.c index 77626f3..4ff2342 100644 --- a/hw/smbus.c +++ b/hw/smbus.c @@ -59,9 +59,12 @@ static void smbus_do_write(SMBusDevice *dev) } else { dev->command = dev->data_buf[0]; DPRINTF("Command %d len %d\n", dev->command, dev->data_len - 1); + if (dev->data_buf[1] > dev->data_len - 2) { + fprintf(stderr, "SMBus data transfer overrun!\n"); + } if (sc->write_data) { - sc->write_data(dev, dev->command, dev->data_buf + 1, - dev->data_len - 1); + sc->write_data(dev, dev->command, dev->data_buf + 2, + MIN(dev->data_buf[1], dev->data_len - 2)); } } } -- 1.7.7.6