From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:55173) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ztonf-0002HQ-3A for qemu-devel@nongnu.org; Tue, 03 Nov 2015 22:31:51 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Ztona-0007Xv-2r for qemu-devel@nongnu.org; Tue, 03 Nov 2015 22:31:51 -0500 Received: from mx1.redhat.com ([209.132.183.28]:40271) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZtonZ-0007XV-Tz for qemu-devel@nongnu.org; Tue, 03 Nov 2015 22:31:46 -0500 References: <5620F082.5040007@redhat.com> <5625AEE0.7070908@redhat.com> From: Jason Wang Message-ID: <56397C1D.6070304@redhat.com> Date: Wed, 4 Nov 2015 11:31:41 +0800 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH] eepro100: prevent an infinite loop over same command block List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: P J P , qemu-devel@nongnu.org Cc: max On 11/04/2015 02:49 AM, P J P wrote: > +-- On Tue, 20 Oct 2015, Jason Wang wrote --+ > | Can this survive if we had a chain like? > | A->B->A > > No, current patch wouldn't cope with it. Though I wonder if such a loop is > possible? Just wondering. Tx.link is unit32_t, but any chance s->cu_base + s->cu_offset can result a integer overflow? > > | If not, looks like we need to limit the maximum number of commands in a > | chain? (e.g 256) > > Okay, I'll update the patch. > > @max, @Qinghao: did you have chance to test the current patch? (just checking) > > > Thank you. > -- > - P J P > 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F >