From: Philippe Mathieu-Daudé <philmd@linaro.org>
Date: Tue, 30 Jul 2024 08:41:25 +0000 (+0200)
Subject: hw/sd/sdhci: Reset @data_count index on invalid ADMA transfers
X-Git-Tag: v7.2.14~23
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fc2e706f4c5f8c081812a9dde482a96485d55cb8;p=thirdparty%2Fqemu.git

hw/sd/sdhci: Reset @data_count index on invalid ADMA transfers

We neglected to clear the @data_count index on ADMA error,
allowing to trigger assertion in sdhci_read_dataport() or
sdhci_write_dataport().

Cc: qemu-stable@nongnu.org
Fixes: d7dfca0807 ("hw/sdhci: introduce standard SD host controller")
Reported-by: Zheyu Ma <zheyuma97@gmail.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2455
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20240730092138.32443-4-philmd@linaro.org>
(cherry picked from commit ed5a159c3de48a581f46de4c8c02b4b295e6c52d)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
---

diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
index abd503d168d..c4a9b5956d7 100644
--- a/hw/sd/sdhci.c
+++ b/hw/sd/sdhci.c
@@ -846,6 +846,7 @@ static void sdhci_do_adma(SDHCIState *s)
                 }
             }
             if (res != MEMTX_OK) {
+                s->data_count = 0;
                 if (s->errintstsen & SDHC_EISEN_ADMAERR) {
                     trace_sdhci_error("Set ADMA error flag");
                     s->errintsts |= SDHC_EIS_ADMAERR;