ehci: fix overflow in frame timer code
diff mbox

Message ID 20170515104543.32044-1-kraxel@redhat.com
State New
Headers show

Commit Message

Gerd Hoffmann May 15, 2017, 10:45 a.m. UTC
In case the frame timer doesn't run for a while due to the host being
busy skipped_uframes can become big enough that UFRAME_TIMER_NS *
skipped_uframes overflows.  Which in turn throws off all subsequent
ehci frame timer calculations.

Reported-by: 李林 <8610_28@163.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hw/usb/hcd-ehci.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Philippe Mathieu-Daudé May 15, 2017, 1:32 p.m. UTC | #1
Hi Gerd, 李林,

On 05/15/2017 07:45 AM, Gerd Hoffmann wrote:
> In case the frame timer doesn't run for a while due to the host being
> busy skipped_uframes can become big enough that UFRAME_TIMER_NS *
> skipped_uframes overflows.  Which in turn throws off all subsequent
> ehci frame timer calculations.
>
> Reported-by: 李林 <8610_28@163.com>

李林: You may want to add your Signed-off-by here along with Gerd's.

> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

> ---
>  hw/usb/hcd-ehci.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
> index 3703a8dddc..17c572c55f 100644
> --- a/hw/usb/hcd-ehci.c
> +++ b/hw/usb/hcd-ehci.c
> @@ -2238,7 +2238,7 @@ static void ehci_work_bh(void *opaque)
>      int need_timer = 0;
>      int64_t expire_time, t_now;
>      uint64_t ns_elapsed;
> -    int uframes, skipped_uframes;
> +    uint64_t uframes, skipped_uframes;
>      int i;
>
>      t_now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
>

Patch
diff mbox

diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 3703a8dddc..17c572c55f 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -2238,7 +2238,7 @@  static void ehci_work_bh(void *opaque)
     int need_timer = 0;
     int64_t expire_time, t_now;
     uint64_t ns_elapsed;
-    int uframes, skipped_uframes;
+    uint64_t uframes, skipped_uframes;
     int i;
 
     t_now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);