From: Keir Fraser <keir.fraser@citrix.com>
Date: Wed, 30 Jan 2008 09:33:26 +0000 (+0000)
Subject: ioemu: Better fix for SB16 infinite looping.
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~14353
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=0ccfc15faed207891610e04569e5418aaa4e8da4;p=xen.git

ioemu: Better fix for SB16 infinite looping.

Qemu upstream solves "Fix an infinite loop in the emulated SB16
device" issue differently as stated in [2]

[1] http://xenbits.xensource.com/xen-3.1-testing.hg?rev/4b22d472bda6
[2] http://lists.gnu.org/archive/html/qemu-devel/2008-01/msg00709.html

Signed-off-by: S. Caglar Onur <caglar@pardus.org.tr>
---

diff --git a/tools/ioemu/hw/dma.c b/tools/ioemu/hw/dma.c
index 9ce330304b..69fdf49f8d 100644
--- a/tools/ioemu/hw/dma.c
+++ b/tools/ioemu/hw/dma.c
@@ -440,6 +440,13 @@ static void dma_reset(void *opaque)
     write_cont (d, (0x0d << d->dshift), 0);
 }
 
+static int dma_phony_handler (void *opaque, int nchan, int dma_pos, int dma_len)
+{
+    dolog ("unregistered DMA channel used nchan=%d dma_pos=%d dma_len=%d\n",
+           nchan, dma_pos, dma_len);
+    return dma_pos;
+}
+
 /* dshift = 0: 8 bit DMA, 1 = 16 bit DMA */
 static void dma_init2(struct dma_cont *d, int base, int dshift,
                       int page_base, int pageh_base)
@@ -472,6 +479,9 @@ static void dma_init2(struct dma_cont *d, int base, int dshift,
     }
     qemu_register_reset(dma_reset, d);
     dma_reset(d);
+    for (i = 0; i < LENOFA (d->regs); ++i) {
+        d->regs[i].transfer_handler = dma_phony_handler;
+    }
 }
 
 static void dma_save (QEMUFile *f, void *opaque)
diff --git a/tools/ioemu/hw/sb16.c b/tools/ioemu/hw/sb16.c
index 387330f414..b34afab40b 100644
--- a/tools/ioemu/hw/sb16.c
+++ b/tools/ioemu/hw/sb16.c
@@ -1188,6 +1188,12 @@ static int SB_read_DMA (void *opaque, int nchan, int dma_pos, int dma_len)
     SB16State *s = opaque;
     int till, copy, written, free;
 
+    if (s->block_size <= 0) {
+        dolog ("invalid block size=%d nchan=%d dma_pos=%d dma_len=%d\n",
+               s->block_size, nchan, dma_pos, dma_len);
+        return dma_pos;
+    }
+
     if (s->left_till_irq < 0) {
         s->left_till_irq = s->block_size;
     }
@@ -1235,10 +1241,8 @@ static int SB_read_DMA (void *opaque, int nchan, int dma_pos, int dma_len)
             s->block_size);
 #endif
 
-    if (s->block_size) {
-        while (s->left_till_irq <= 0) {
-            s->left_till_irq = s->block_size + s->left_till_irq;
-        }
+    while (s->left_till_irq <= 0) {
+        s->left_till_irq = s->block_size + s->left_till_irq;
     }
 
     return dma_pos;