From: Ruimei Yan <ruimei.yan@windriver.com>
At present MSI / MSI-X interrupts are triggered regardless of the
irq level. We should have checked the level to determine whether
the interrupt needs to be delivered.
The level check logic was present in early versions of the xhci
model, but got dropped later by a rework of interrupt handling
under commit 4c4abe7cc903 ("xhci: rework interrupt handling").
Fixes: 4c4abe7cc903 ("xhci: rework interrupt handling")
Signed-off-by: Ruimei Yan <ruimei.yan@windriver.com>
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Message-Id: <20210521024224.2277634-1-bmeng.cn@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/usb/hcd-xhci-pci.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/usb/hcd-xhci-pci.c b/hw/usb/hcd-xhci-pci.c
index 9421734d0fe2..b6acd1790c1a 100644
--- a/hw/usb/hcd-xhci-pci.c
+++ b/hw/usb/hcd-xhci-pci.c
@@ -67,12 +67,13 @@ static void xhci_pci_intr_raise(XHCIState *xhci, int n, bool level)
msi_enabled(pci_dev))) {
pci_set_irq(pci_dev, level);
}
- if (msix_enabled(pci_dev)) {
+
+ if (msix_enabled(pci_dev) && level) {
msix_notify(pci_dev, n);
return;
}
- if (msi_enabled(pci_dev)) {
+ if (msi_enabled(pci_dev) && level) {
msi_notify(pci_dev, n);
return;
}
--
2.31.1
On 210528 1622, Gerd Hoffmann wrote:
> From: Ruimei Yan <ruimei.yan@windriver.com>
>
> At present MSI / MSI-X interrupts are triggered regardless of the
> irq level. We should have checked the level to determine whether
> the interrupt needs to be delivered.
>
> The level check logic was present in early versions of the xhci
> model, but got dropped later by a rework of interrupt handling
> under commit 4c4abe7cc903 ("xhci: rework interrupt handling").
>
> Fixes: 4c4abe7cc903 ("xhci: rework interrupt handling")
> Signed-off-by: Ruimei Yan <ruimei.yan@windriver.com>
> Signed-off-by: Bin Meng <bin.meng@windriver.com>
> Message-Id: <20210521024224.2277634-1-bmeng.cn@gmail.com>
> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Hi,
FYI, OSS-Fuzz detected that this fixed this stack-overflow:
https://bugs.launchpad.net/bugs/1905444
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27796#c5
-Alex
On Mon, May 31, 2021 at 11:33 PM Alexander Bulekov <alxndr@bu.edu> wrote:
>
> On 210528 1622, Gerd Hoffmann wrote:
> > From: Ruimei Yan <ruimei.yan@windriver.com>
> >
> > At present MSI / MSI-X interrupts are triggered regardless of the
> > irq level. We should have checked the level to determine whether
> > the interrupt needs to be delivered.
> >
> > The level check logic was present in early versions of the xhci
> > model, but got dropped later by a rework of interrupt handling
> > under commit 4c4abe7cc903 ("xhci: rework interrupt handling").
> >
> > Fixes: 4c4abe7cc903 ("xhci: rework interrupt handling")
> > Signed-off-by: Ruimei Yan <ruimei.yan@windriver.com>
> > Signed-off-by: Bin Meng <bin.meng@windriver.com>
> > Message-Id: <20210521024224.2277634-1-bmeng.cn@gmail.com>
> > Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> > Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
>
> Hi,
> FYI, OSS-Fuzz detected that this fixed this stack-overflow:
> https://bugs.launchpad.net/bugs/1905444
> https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27796#c5
Good to know :)
Regards,
Bin
© 2016 - 2026 Red Hat, Inc.