On 12/12/2015 09:17 PM, Stefan Brüns wrote: > flush_dcache_range may access data after priv->aligned_buffer end if > len > DWC2_DATA_BUF_SIZE. > memcpy may access data after buffer end if done > 0
Acked-by: Stephen Warren <[email protected]> Uggh; icky bug:-( > @@ -823,12 +823,13 @@ int chunk_msg(struct dwc2_priv *priv, struct usb_device > *dev, > (*pid << DWC2_HCTSIZ_PID_OFFSET), > &hc_regs->hctsiz); > > - if (!in) { > - memcpy(priv->aligned_buffer, (char *)buffer + done, > len); > + if (!in && xfer_len) { Do zero-length memcpy or flush_dcache_range actually cause an issue? _______________________________________________ U-Boot mailing list [email protected] http://lists.denx.de/mailman/listinfo/u-boot
