@@ -1790,7 +1790,7 @@ static int ehci_fill_queue(EHCIPacket *p)
USBEndpoint *ep = p->packet.ep;
EHCIQueue *q = p->queue;
EHCIqtd qtd = p->qtd;
- uint32_t qtdaddr, start_addr = p->qtdaddr;
+ uint32_t qtdaddr;
for (;;) {
if (NLPTR_TBIT(qtd.next) != 0) {
@@ -1801,8 +1801,10 @@ static int ehci_fill_queue(EHCIPacket *p)
* Detect circular td lists, Windows creates these, counting on the
* active bit going low after execution to make the queue stop.
*/
- if (qtdaddr == start_addr) {
- break;
+ QTAILQ_FOREACH(p, &q->packets, next) {
+ if (p->qtdaddr == qtdaddr) {
+ goto leave;
+ }
}
get_dwords(q->ehci, NLPTR_GET(qtdaddr),
(uint32_t *) &qtd, sizeof(EHCIqtd) >> 2);
@@ -1819,6 +1821,7 @@ static int ehci_fill_queue(EHCIPacket *p)
assert(p->packet.status == USB_RET_ASYNC);
p->async = EHCI_ASYNC_INFLIGHT;
}
+leave:
usb_device_flush_ep_queue(ep->dev, ep);
return 1;
}
Windows links interrupt qtd-s in circles, which means that when interrupt endpoints return USB_RET_ASYNC, combined with the recent "ehci: Retry to fill the queue while waiting for td completion" patch, we keep adding the tds to the queue over and over again, as we detect the circle from fill_queue, but we call it over and over again ... This patch fixes this by changing the circle detection to also detect circling into tds already queued up previously. Signed-off-by: Hans de Goede <hdegoede@redhat.com> --- hw/usb/hcd-ehci.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-)