aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexander Graf <agraf@suse.de>2010-02-09 17:37:07 +0100
committerMichael S. Tsirkin <mst@redhat.com>2010-02-14 16:10:54 +0200
commita9ceb76d55abfed9426a819024aa3a4b87266c9f (patch)
tree4049ddb820ce5282fd81081f481cb26874f9eac2
parentdffc07ca92bbc21c02850242104cb77a53335325 (diff)
PPC: Get rid of segfaults in DBDMA emulation
While trying to find the right channel number for the DBDMA emulation I stumbled across segmentation faults that were purely triggered by the guest. The guest should never have the possiblity to segfault us, so let's check all indirect function calls on a channel, so the code even works for channels that have not been reserved. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-rw-r--r--hw/mac_dbdma.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/hw/mac_dbdma.c b/hw/mac_dbdma.c
index 8ec3d99314..8f94c35ac3 100644
--- a/hw/mac_dbdma.c
+++ b/hw/mac_dbdma.c
@@ -402,7 +402,9 @@ static void start_output(DBDMA_channel *ch, int key, uint32_t addr,
ch->io.dma_end = dbdma_end;
ch->io.is_dma_out = 1;
ch->processing = 1;
- ch->rw(&ch->io);
+ if (ch->rw) {
+ ch->rw(&ch->io);
+ }
}
static void start_input(DBDMA_channel *ch, int key, uint32_t addr,
@@ -425,7 +427,9 @@ static void start_input(DBDMA_channel *ch, int key, uint32_t addr,
ch->io.dma_end = dbdma_end;
ch->io.is_dma_out = 0;
ch->processing = 1;
- ch->rw(&ch->io);
+ if (ch->rw) {
+ ch->rw(&ch->io);
+ }
}
static void load_word(DBDMA_channel *ch, int key, uint32_t addr,
@@ -688,7 +692,7 @@ dbdma_control_write(DBDMA_channel *ch)
if (status & ACTIVE)
qemu_bh_schedule(dbdma_bh);
- if (status & FLUSH)
+ if ((status & FLUSH) && ch->flush)
ch->flush(&ch->io);
}