summaryrefslogtreecommitdiffstats
path: root/results/classifier/111/review/1306818
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/111/review/1306818')
-rw-r--r--results/classifier/111/review/130681877
1 files changed, 77 insertions, 0 deletions
diff --git a/results/classifier/111/review/1306818 b/results/classifier/111/review/1306818
new file mode 100644
index 00000000..2ee8500e
--- /dev/null
+++ b/results/classifier/111/review/1306818
@@ -0,0 +1,77 @@
+other: 0.170
+semantic: 0.119
+device: 0.096
+permissions: 0.085
+network: 0.085
+files: 0.076
+performance: 0.071
+PID: 0.068
+vnc: 0.050
+socket: 0.048
+debug: 0.043
+graphic: 0.040
+boot: 0.036
+KVM: 0.013
+network: 0.230
+debug: 0.141
+files: 0.133
+device: 0.084
+semantic: 0.072
+PID: 0.060
+other: 0.052
+vnc: 0.046
+boot: 0.045
+performance: 0.041
+permissions: 0.028
+KVM: 0.026
+graphic: 0.022
+socket: 0.019
+
+resetting moder register in opencores_eth.c code (ethernet IP core specification code)
+
+Hi, I would like to report a possible error in the code qemu/hw/net/opencores_eth.c
+
+The corresponding data sheet : http://www.cprover.org/firmware/doc/ethoc/eth_speci.pdf
+
+
+In the code, there is a function open_eth_moder_host_write.
+
+static void open_eth_moder_host_write(OpenEthState *s, uint32_t val)
+{
+ uint32_t set = val & ~s->regs[MODER];
+
+ if (set & MODER_RST) {
+ open_eth_reset(s);
+ }
+
+ s->regs[MODER] = val;
+
+ if (set & MODER_RXEN) {
+ s->rx_desc = s->regs[TX_BD_NUM];
+ open_eth_notify_can_receive(s);
+ }
+ if (set & MODER_TXEN) {
+ s->tx_desc = 0;
+ open_eth_check_start_xmit(s);
+ }
+}
+
+This piece of code is executed when MODER (Mode Register) resister is command to updated to ‘val’.
+
+In case of reset, as you can see, if the MODER_RST bit (0x800) bit is set && the old MODER_RST bit (0x800) of MODER register is clear, the code falls into the if(set & MODER_RST) branch. Then, it calls open_eth_reset(s), which does “s->regs[MODER] = 0xa000;”. Now, the MODER register is reset to 0xa000. Page 9 of the data sheet (http://www.cprover.org/firmware/doc/ethoc/eth_speci.pdf) specifies the reset value of the moder is 0000A000h. So far, the code works fine.
+Then, the open_eth_moder_host_write function does not end but executes but executes “s->regs[MODER] = val;” line. Now, the MODER register is not 0xa000 any more.
+In fact, since the MODER_RST bit of ‘val’ is 1, now the MODER_RST bit of the MODER register becomes 1 as well. Suppose one somehow calls this open_eth_moder_host_write again with val = MODER_RST with purpose of resetting again. Since the MODER_RST bit is 1, (set = val & ~s->regs[MODER]) & MODER_RST is zero. So after this, resetting again is not possible.
+
+Hence, I doubt the function’s correctness here. I think it could be better if the function changes to :
+
+ if (set & MODER_RST) {
+ open_eth_reset(s);
+ return;
+ }
+
+Please let me know if I am correct.
+
+Looking through old bug tickets... is this still an issue with the latest version of QEMU? Or could we close this ticket nowadays?
+
+[Expired for QEMU because there has been no activity for 60 days.]
+