From: David Brownell This patch has a one line oops fix, plus related cleanups. - The bugfix uses microframe scheduling data given to the hardware to test "is this a periodic QH", rather than testing for nonzero period. (Prevents an oops by providing the correct answer.) - The cleanup going along with the patch should make it clearer what's going on whenever those bitfields are accessed. The bug came about when, around January, two new kinds of EHCI interrupt scheduling operation were added, involving both the high speed (24 KBytes per millisec) and low/full speed (1-64 bytes per millisec) microframe scheduling. A driver for the Edirol UA-1000 Audio Capture Unit ran into the oops; it used one of the newly supported high speed modes. Signed-off-by: David Brownell Signed-off-by: Andrew Morton --- drivers/usb/host/ehci-dbg.c | 2 +- drivers/usb/host/ehci-q.c | 5 +++-- drivers/usb/host/ehci-sched.c | 13 +++++++------ drivers/usb/host/ehci.h | 5 +++++ 4 files changed, 16 insertions(+), 9 deletions(-) diff -puN drivers/usb/host/ehci-dbg.c~usb-ehci-microframe-handling-fix drivers/usb/host/ehci-dbg.c --- devel/drivers/usb/host/ehci-dbg.c~usb-ehci-microframe-handling-fix 2005-07-29 13:22:24.000000000 -0700 +++ devel-akpm/drivers/usb/host/ehci-dbg.c 2005-07-29 13:22:24.000000000 -0700 @@ -527,7 +527,7 @@ show_periodic (struct class_device *clas p.qh->period, le32_to_cpup (&p.qh->hw_info2) /* uframe masks */ - & 0xffff, + & (QH_CMASK | QH_SMASK), p.qh); size -= temp; next += temp; diff -puN drivers/usb/host/ehci.h~usb-ehci-microframe-handling-fix drivers/usb/host/ehci.h --- devel/drivers/usb/host/ehci.h~usb-ehci-microframe-handling-fix 2005-07-29 13:22:24.000000000 -0700 +++ devel-akpm/drivers/usb/host/ehci.h 2005-07-29 13:22:24.000000000 -0700 @@ -385,6 +385,11 @@ struct ehci_qh { __le32 hw_info1; /* see EHCI 3.6.2 */ #define QH_HEAD 0x00008000 __le32 hw_info2; /* see EHCI 3.6.2 */ +#define QH_SMASK 0x000000ff +#define QH_CMASK 0x0000ff00 +#define QH_HUBADDR 0x007f0000 +#define QH_HUBPORT 0x3f800000 +#define QH_MULT 0xc0000000 __le32 hw_current; /* qtd list - see EHCI 3.6.4 */ /* qtd overlay (hardware parts of a struct ehci_qtd) */ diff -puN drivers/usb/host/ehci-q.c~usb-ehci-microframe-handling-fix drivers/usb/host/ehci-q.c --- devel/drivers/usb/host/ehci-q.c~usb-ehci-microframe-handling-fix 2005-07-29 13:22:24.000000000 -0700 +++ devel-akpm/drivers/usb/host/ehci-q.c 2005-07-29 13:22:24.000000000 -0700 @@ -222,7 +222,7 @@ __acquires(ehci->lock) struct ehci_qh *qh = (struct ehci_qh *) urb->hcpriv; /* S-mask in a QH means it's an interrupt urb */ - if ((qh->hw_info2 & __constant_cpu_to_le32 (0x00ff)) != 0) { + if ((qh->hw_info2 & __constant_cpu_to_le32 (QH_SMASK)) != 0) { /* ... update hc-wide periodic stats (for usbfs) */ ehci_to_hcd(ehci)->self.bandwidth_int_reqs--; @@ -428,7 +428,8 @@ halt: /* should be rare for periodic transfers, * except maybe high bandwidth ... */ - if (qh->period) { + if ((__constant_cpu_to_le32 (QH_SMASK) + & qh->hw_info2) != 0) { intr_deschedule (ehci, qh); (void) qh_schedule (ehci, qh); } else diff -puN drivers/usb/host/ehci-sched.c~usb-ehci-microframe-handling-fix drivers/usb/host/ehci-sched.c --- devel/drivers/usb/host/ehci-sched.c~usb-ehci-microframe-handling-fix 2005-07-29 13:22:24.000000000 -0700 +++ devel-akpm/drivers/usb/host/ehci-sched.c 2005-07-29 13:22:24.000000000 -0700 @@ -301,7 +301,7 @@ static int qh_link_periodic (struct ehci dev_dbg (&qh->dev->dev, "link qh%d-%04x/%p start %d [%d/%d us]\n", - period, le32_to_cpup (&qh->hw_info2) & 0xffff, + period, le32_to_cpup (&qh->hw_info2) & (QH_CMASK | QH_SMASK), qh, qh->start, qh->usecs, qh->c_usecs); /* high bandwidth, or otherwise every microframe */ @@ -385,7 +385,8 @@ static void qh_unlink_periodic (struct e dev_dbg (&qh->dev->dev, "unlink qh%d-%04x/%p start %d [%d/%d us]\n", - qh->period, le32_to_cpup (&qh->hw_info2) & 0xffff, + qh->period, + le32_to_cpup (&qh->hw_info2) & (QH_CMASK | QH_SMASK), qh, qh->start, qh->usecs, qh->c_usecs); /* qh->qh_next still "live" to HC */ @@ -411,7 +412,7 @@ static void intr_deschedule (struct ehci * active high speed queues may need bigger delays... */ if (list_empty (&qh->qtd_list) - || (__constant_cpu_to_le32 (0x0ff << 8) + || (__constant_cpu_to_le32 (QH_CMASK) & qh->hw_info2) != 0) wait = 2; else @@ -533,7 +534,7 @@ static int qh_schedule (struct ehci_hcd /* reuse the previous schedule slots, if we can */ if (frame < qh->period) { - uframe = ffs (le32_to_cpup (&qh->hw_info2) & 0x00ff); + uframe = ffs (le32_to_cpup (&qh->hw_info2) & QH_SMASK); status = check_intr_schedule (ehci, frame, --uframe, qh, &c_mask); } else { @@ -569,10 +570,10 @@ static int qh_schedule (struct ehci_hcd qh->start = frame; /* reset S-frame and (maybe) C-frame masks */ - qh->hw_info2 &= __constant_cpu_to_le32 (~0xffff); + qh->hw_info2 &= __constant_cpu_to_le32(~(QH_CMASK | QH_SMASK)); qh->hw_info2 |= qh->period ? cpu_to_le32 (1 << uframe) - : __constant_cpu_to_le32 (0xff); + : __constant_cpu_to_le32 (QH_SMASK); qh->hw_info2 |= c_mask; } else ehci_dbg (ehci, "reused qh %p schedule\n", qh); _