From 22b59e7290b2649efc03fe800859c48e2fd90763 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 6 Jun 2017 15:43:52 +0200
Subject: [PATCH 16/17] ehci: fix overflow in frame timer code
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

RH-Author: Gerd Hoffmann <kraxel@redhat.com>
Message-id: <20170606154353.31670-2-kraxel@redhat.com>
Patchwork-id: 75506
O-Subject: [RHEL-7.4 qemu-kvm-rhev PATCH 1/2] ehci: fix overflow in frame timer code
Bugzilla: 1449609
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
RH-Acked-by: Thomas Huth <thuth@redhat.com>

In case the frame timer doesn't run for a while due to the host being
busy skipped_uframes can become big enough that UFRAME_TIMER_NS *
skipped_uframes overflows.  Which in turn throws off all subsequent
ehci frame timer calculations.

Reported-by: 李林 <8610_28@163.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20170515104543.32044-1-kraxel@redhat.com
(cherry picked from commit 3ae7eb88c472799f17beb653f4bc3fb8b124c72e)
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 hw/usb/hcd-ehci.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 50ef817..d7361e5 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -2238,7 +2238,7 @@ static void ehci_frame_timer(void *opaque)
     int need_timer = 0;
     int64_t expire_time, t_now;
     uint64_t ns_elapsed;
-    int uframes, skipped_uframes;
+    uint64_t uframes, skipped_uframes;
     int i;
 
     t_now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
-- 
1.8.3.1