On Wed, Mar 07, 2012 at 11:17:48AM +0800, Jason Wang wrote: > The tx buffer would be re-allocated for tx descriptor with big size > and without LS bit set, this would make guest driver could easily let > qemu to allocate unlimited. > > In linux host, a glib failure were easy to be triggered: > > GLib-ERROR **: gmem.c:176: failed to allocate 18446744071562067968 bytes > > This patch fix this by adding a limit. As the spec didn't tell the maximum > size > of buffer allowed, stick it to current CP_TX_BUFFER_SIZE (65536). > > Changes from V1: > > Drop the while statement and s->cplus_txbuffer check. > > Signed-off-by: Jason Wang <jasow...@redhat.com> > --- > hw/rtl8139.c | 11 +++++------ > 1 files changed, 5 insertions(+), 6 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefa...@linux.vnet.ibm.com>
