qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [Qemu-devel] [PATCH] Memory corruption after OHCI reset
@ 2007-07-25 16:40 Ed Swierk
  0 siblings, 0 replies; only message in thread
From: Ed Swierk @ 2007-07-25 16:40 UTC (permalink / raw)
  To: qemu-devel

[-- Attachment #1: Type: text/plain, Size: 549 bytes --]

When the USB OHCI controller starts, a periodic end-of-frame routine
writes to a chunk of memory set aside by the device driver. If the
machine reboots or the OS kexecs, the controller continues writing
even though the memory is no longer owned by the device driver,
causing random, mysterious corruption, until the new OS reinitializes
the OHCI controller.

The attached patch fixes this by resetting the controller whenever the
machine reboots or the device driver issues a reset command, and
disabling the timer when the controller resets.

--Ed

[-- Attachment #2: qemu-usb-ohci-reset.patch --]
[-- Type: text/x-patch, Size: 1501 bytes --]

Index: qemu-snapshot-2007-02-09_05/hw/usb-ohci.c
===================================================================
--- qemu-snapshot-2007-02-09_05.orig/hw/usb-ohci.c
+++ qemu-snapshot-2007-02-09_05/hw/usb-ohci.c
@@ -106,6 +106,8 @@ struct ohci_hcca {
     uint32_t done;
 };
 
+static void ohci_bus_stop(OHCIState *ohci);
+
 /* Bitfields for the first word of an Endpoint Desciptor.  */
 #define OHCI_ED_FA_SHIFT  0
 #define OHCI_ED_FA_MASK   (0x7f<<OHCI_ED_FA_SHIFT)
@@ -323,11 +325,13 @@ static void ohci_attach(USBPort *port1, 
 }
 
 /* Reset the controller */
-static void ohci_reset(OHCIState *ohci)
+static void ohci_reset(void *opaque)
 {
+    OHCIState *ohci = opaque;
     OHCIPort *port;
     int i;
 
+    ohci_bus_stop(ohci);
     ohci->ctl = 0;
     ohci->old_ctl = 0;
     ohci->status = 0;
@@ -813,6 +817,7 @@ static void ohci_bus_stop(OHCIState *ohc
 {
     if (ohci->eof_timer)
         qemu_del_timer(ohci->eof_timer);
+    ohci->eof_timer = NULL;
 }
 
 /* Sets a flag in a port status register but only set it if the port is
@@ -898,6 +903,7 @@ static void ohci_set_ctl(OHCIState *ohci
         dprintf("usb-ohci: %s: USB Resume\n", ohci->pci_dev.name);
         break;
     case OHCI_USB_RESET:
+        ohci_reset(ohci);
         dprintf("usb-ohci: %s: USB Reset\n", ohci->pci_dev.name);
         break;
     }
@@ -1266,5 +1272,6 @@ void usb_ohci_init(struct PCIBus *bus, i
     }
 
     ohci->async_td = 0;
+    qemu_register_reset(ohci_reset, ohci);
     ohci_reset(ohci);
 }

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2007-07-25 16:40 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-07-25 16:40 [Qemu-devel] [PATCH] Memory corruption after OHCI reset Ed Swierk

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).