On 2015-07-19 15:44, Cormac O'Brien wrote:
QEMU's CUDA packet handling model has been updated to provide a correct 3-byte header. This patch allows OpenBIOS to handle this special case correctly.
Signed-off-by: Cormac O'Brien cormac@c-obrien.org
drivers/cuda.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/drivers/cuda.c b/drivers/cuda.c index 9555dea..5fe75a4 100644 --- a/drivers/cuda.c +++ b/drivers/cuda.c @@ -58,6 +58,7 @@ #define CUDA_PACKET 1
/* CUDA commands (2nd byte) */ +#define CUDA_AUTOPOLL 0x01 #define CUDA_GET_TIME 0x03 #define CUDA_SET_TIME 0x09 #define CUDA_POWERDOWN 0x0a @@ -147,8 +148,14 @@ static int cuda_adb_req (void *host, const uint8_t *snd_buf, int len, pos = buffer + 2; len -= 2; } else {
pos = buffer + 1;
len = -1;
/* Autopoll packet headers are 3 bytes */
if (len > 2 && buffer[1] == CUDA_AUTOPOLL) {
pos = buffer + 3;
len -= 3;
} else {
pos = buffer + 1;
len = -1;
} memcpy(rcv_buf, pos, len);}
-- 2.4.6
Segher has pointed out an additional existing bug in this function: 'len = -1' is probably intended to be 'len -= 1' and will cause a memcpy() of SIZE_MAX, which is probably not too kind to the emulator unless it never gets called, which seems more likely.
~Cormac