Hello, I'd like to submit a patch to the xhci subsystem of QEMU. Currently, when the command stop or command abort flags in the crcr_low register are set, nothing happens. This is because the part of the code that tests those two flags (and performs command ring abort/stop) is in the crcr_high case. This error has a simple workaround - after writing to the crcr_low register with either of these two flags set, one can write the value of crcr_high to crcr_high, so I assume this fix does not have that big of a priority, but a driver that follows the specification strictly would misbehave in this kind of situation (stopping/aborting the command ring).
The patch is contained in the attachement. Kind regards, Jaroslav Jindrak
From b18a165f3c70c6154944706bd096fb002a9b4461 Mon Sep 17 00:00:00 2001 From: Dzejrou <[email protected]> Date: Tue, 1 Aug 2017 01:30:49 +0200 Subject: [PATCH 1/1] xhci: move command stop and command abort flag check to the case when the crcr_low register is set Signed-off-by: Dzejrou <[email protected]> --- hw/usb/hcd-xhci.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c index 204ea69..9eb3c83 100644 --- a/hw/usb/hcd-xhci.c +++ b/hw/usb/hcd-xhci.c @@ -2937,9 +2937,6 @@ static void xhci_oper_write(void *ptr, hwaddr reg, break; case 0x18: /* CRCR low */ xhci->crcr_low = (val & 0xffffffcf) | (xhci->crcr_low & CRCR_CRR); - break; - case 0x1c: /* CRCR high */ - xhci->crcr_high = val; if (xhci->crcr_low & (CRCR_CA|CRCR_CS) && (xhci->crcr_low & CRCR_CRR)) { XHCIEvent event = {ER_COMMAND_COMPLETE, CC_COMMAND_RING_STOPPED}; xhci->crcr_low &= ~CRCR_CRR; @@ -2951,6 +2948,9 @@ static void xhci_oper_write(void *ptr, hwaddr reg, } xhci->crcr_low &= ~(CRCR_CA | CRCR_CS); break; + case 0x1c: /* CRCR high */ + xhci->crcr_high = val; + break; case 0x30: /* DCBAAP low */ xhci->dcbaap_low = val & 0xffffffc0; break; -- 2.4.11
