[U-Boot] [PATCH] EHCI: zero out QH transfer overlay in ehci_submit_async()
Sergei Shtylyov
sshtylyov at mvista.com
Mon Jun 28 19:23:30 CEST 2010
Hello.
Remy Bohmer wrote:
> 2010/6/25 Sergei Shtylyov <sshtylyov at ru.mvista.com>:
>> ehci_submit_async() doesn't really zero out the QH transfer overlay (as the EHCI
>> specification suggests) which leads to the controller seeing the 'token' field
>> as the previous call has left it, i.e.:
>> - if a timeout occured on the previous call (Active bit left as 1), controller
>> incorrectly tries to complete a previous transaction on a newly programmed
>> endpoint;
>> - if a halt occured on the previous call (Halted bit set to 1), controller just
>> ignores the newly programmed TD(s) and the function then keeps returning error
>> ad infinitum.
>> This turned out to be caused by the wrong orger of the arguments to the memset()
>> call in ehci_alloc(), so the allocated TDs weren't cleared either.
>> While at it, stop needlessly initializing the "next" pointers in the QH transfer
>> overlay...
>> Signed-off-by: Sergei Shtylyov <sshtylyov at mvista.com>
> Acked-by: Remy Bohmer <linux at bohmer.net>
> Wolfgang, can you please pull this patch in the v2010.06 release?
Don't pull it yet, I have a fixed up version coming shortly.
> Kind regards,
> Remy
>> ---
>> This is quite serious error, so would be good to have the patch in v2010.06...
>> drivers/usb/host/ehci-hcd.c | 4 +---
>> 1 file changed, 1 insertion(+), 3 deletions(-)
>> Index: u-boot/drivers/usb/host/ehci-hcd.c
>> ===================================================================
>> --- u-boot.orig/drivers/usb/host/ehci-hcd.c
>> +++ u-boot/drivers/usb/host/ehci-hcd.c
>> @@ -275,7 +275,7 @@ static void *ehci_alloc(size_t sz, size_
>> return NULL;
>> }
>>
>> - memset(p, sz, 0);
>> + memset(p, 0, sz);
>> return p;
>> }
>>
>> @@ -349,8 +349,6 @@ ehci_submit_async(struct usb_device *dev
>> (dev->portnr << 23) |
>> (dev->parent->devnum << 16) | (0 << 8) | (0 << 0);
>> qh->qh_endpt2 = cpu_to_hc32(endpt);
>> - qh->qh_overlay.qt_next = cpu_to_hc32(QT_NEXT_TERMINATE);
This line is still needed as it turned out.
WBR, Sergei
More information about the U-Boot
mailing list