Both timeout and return value of imx_gpt_update_count() are unsigned.
Thus "limit" can not be negative, but obviously it was implied.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
---
hw/timer/imx_gpt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/timer/imx_gpt.c b/hw/timer/imx_gpt.c
index 23b3d79bdb..06e4837fed 100644
--- a/hw/timer/imx_gpt.c
+++ b/hw/timer/imx_gpt.c
@@ -238,7 +238,7 @@ static void imx_gpt_compute_next_timeout(IMXGPTState *s, bool event)
}
/* the new range to count down from */
- limit = timeout - imx_gpt_update_count(s);
+ limit = (long long)timeout - imx_gpt_update_count(s);
if (limit < 0) {
/*
--
2.43.0