From a1c3e4b839f8e7ec7f1792b8a11c63ca845aa021 Mon Sep 17 00:00:00 2001 From: Hans de Goede Date: Thu, 30 Aug 2012 09:55:19 +0200 Subject: [PATCH] ehci: Schedule async-bh when IAAD bit gets set After the "ehci: Print a warning when a queue unexpectedly contains packets on cancel" commit. Under certain reproducable conditions I was getting the following message: "EHCI: Warning queue not empty on queue reset". After aprox. 8 hours of debugging I've finally found the cause. The Linux EHCI driver has an IAAD watchdog, to work around certain EHCI hardware sometimes not acknowledging the doorbell at all. This watchdog has a timeout of 10 ms, which is less then the time between 2 runs through the async schedule when async_stepdown is at its highest value. Thus the watchdog can trigger, after which Linux clears the IAAD bit and re-uses the QH. IOW we were not properly detecting the unlink of the qh, due to us missing (ignoring for more then 10 ms) the IAAD command, which triggered the warning. Signed-off-by: Hans de Goede --- hw/usb/hcd-ehci.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c index a3aea6debe..3e10977492 100644 --- a/hw/usb/hcd-ehci.c +++ b/hw/usb/hcd-ehci.c @@ -1194,6 +1194,15 @@ static void ehci_mem_writel(void *ptr, target_phys_addr_t addr, uint32_t val) val &= ~USBCMD_FLS; } + if (val & USBCMD_IAAD) { + /* + * Process IAAD immediately, otherwise the Linux IAAD watchdog may + * trigger and re-use a qh without us seeing the unlink. + */ + s->async_stepdown = 0; + qemu_bh_schedule(s->async_bh); + } + if (((USBCMD_RUNSTOP | USBCMD_PSE | USBCMD_ASE) & val) != ((USBCMD_RUNSTOP | USBCMD_PSE | USBCMD_ASE) & s->usbcmd)) { if (s->pstate == EST_INACTIVE) {