aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerd Hoffmann <kraxel@redhat.com>2017-05-19 14:04:28 +0200
committerGerd Hoffmann <kraxel@redhat.com>2017-05-29 14:19:16 +0200
commit3bfecee2cb71f21cd39d6183f18b446c01917573 (patch)
tree5cd2fadd5d3525cee73b5d0ca360acc99c85c3f4
parent26022652c6fd067b9fa09280f5a6d6284a21c73f (diff)
downloadqemu-3bfecee2cb71f21cd39d6183f18b446c01917573.zip
qemu-3bfecee2cb71f21cd39d6183f18b446c01917573.tar.gz
qemu-3bfecee2cb71f21cd39d6183f18b446c01917573.tar.bz2
ehci: fix frame timer invocation.
ehci registers ehci_frame_timer as both timer and bottom half, which turned out to be a bad idea as it can be called as bottom half then while it is running as timer, and it isn't prepared to handle recursive calls. Change the timer func to just schedule the bottom half to avoid this. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1449609 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 20170519120428.25981-1-kraxel@redhat.com
-rw-r--r--hw/usb/hcd-ehci.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index d7361e5..17c572c 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -2232,7 +2232,7 @@ static void ehci_update_frindex(EHCIState *ehci, int uframes)
ehci->frindex = (ehci->frindex + uframes) % 0x4000;
}
-static void ehci_frame_timer(void *opaque)
+static void ehci_work_bh(void *opaque)
{
EHCIState *ehci = opaque;
int need_timer = 0;
@@ -2324,6 +2324,13 @@ static void ehci_frame_timer(void *opaque)
}
}
+static void ehci_work_timer(void *opaque)
+{
+ EHCIState *ehci = opaque;
+
+ qemu_bh_schedule(ehci->async_bh);
+}
+
static const MemoryRegionOps ehci_mmio_caps_ops = {
.read = ehci_caps_read,
.write = ehci_caps_write,
@@ -2478,8 +2485,8 @@ void usb_ehci_realize(EHCIState *s, DeviceState *dev, Error **errp)
s->ports[i].dev = 0;
}
- s->frame_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, ehci_frame_timer, s);
- s->async_bh = qemu_bh_new(ehci_frame_timer, s);
+ s->frame_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, ehci_work_timer, s);
+ s->async_bh = qemu_bh_new(ehci_work_bh, s);
s->device = dev;
s->vmstate = qemu_add_vm_change_state_handler(usb_ehci_vm_state_change, s);