From: Stefan Weil <sw@weilnetz.de>
To: P J P <ppandit@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>,
Jason Wang <jasowang@redhat.com>,
QEMU Developer <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] [PATCH for-2.5] eepro100: Prevent two endless loops
Date: Fri, 20 Nov 2015 09:52:48 +0100 [thread overview]
Message-ID: <564EDF60.7080305@weilnetz.de> (raw)
In-Reply-To: <alpine.LFD.2.20.1511201340040.19670@wniryva>
Am 20.11.2015 um 09:39 schrieb P J P:
> +-- On Fri, 20 Nov 2015, Stefan Weil wrote --+
> | diff --git a/hw/net/eepro100.c b/hw/net/eepro100.c
> | index 60333b7..685a478 100644
> | --- a/hw/net/eepro100.c
> | +++ b/hw/net/eepro100.c
> | @@ -774,6 +774,11 @@ static void tx_command(EEPRO100State *s)
> | #if 0
> | uint16_t tx_buffer_el = lduw_le_pci_dma(&s->dev, tbd_address + 6);
> | #endif
> | + if (tx_buffer_size == 0) {
> | + /* Prevent an endless loop. */
> | + logout("loop in %s:%u\n", __FILE__, __LINE__);
> | + break;
> | + }
>
> Yes, looks good. Where is 'lduw_le_pci_dma' routine defined?
include/hw/pci/pci.h: static inline uint##_bits##_t
ld##_l##_pci_dma(PCIDevice *dev, \
>
> | static void action_command(EEPRO100State *s)
> | {
> | + /* The loop below won't stop if it gets special handcrafted data.
> | + Therefore we limit the number of iterations. */
> | + unsigned max_loop_count = 16;
> | +
>
> Is '16' a lower count for the command list? Earilier Jason mentioned 256.
> Not sure what is an ideal count.
Is there an ideal count? If it is too low, it might break some use cases.
If it is too high, it will take longer until the loop is finished.
I don't think EEPRO100 emulation is used in critical production
applications.
Therefore a lower value and a debug message when this value is exceeded
might be helpful to find out which lowest value is acceptable. If you want
to avoid this risk, the value should be set to 256, 10000, 65536 or any
other higher value. Feel free to change this when you apply the patch.
Stefan
next prev parent reply other threads:[~2015-11-20 8:52 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-20 7:42 [Qemu-devel] [PATCH for-2.5] eepro100: Prevent two endless loops Stefan Weil
2015-11-20 8:39 ` P J P
2015-11-20 8:52 ` Stefan Weil [this message]
2015-11-20 11:27 ` P J P
2015-11-25 3:08 ` Jason Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=564EDF60.7080305@weilnetz.de \
--to=sw@weilnetz.de \
--cc=jasowang@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=ppandit@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).