From 1db39c0e6101882e9025000f59cb2dd46688c094 Mon Sep 17 00:00:00 2001 From: Martin Ling Date: Tue, 27 Sep 2022 09:45:43 +0100 Subject: [PATCH] Flush queues on control endpoint when a new SETUP is received. On macOS 12.6 running libusb 1.0.26, the host was seen to sometimes make an incomplete ClearFeature(ENDPOINT_HALT) request when ClearPipeStallBothEnds was called from libusb_cancel_transfer. The host would send the SETUP packet, and the firmware would call usb_transfer_schedule_ack to acknowledge the upcoming IN token. However, the host would then not send the IN token, proceeding directly to the next SETUP. Since an empty transfer was queued to schedule the ACK, the firmware would leak one transfer from the free_transfers list. After a few iterations of this, the firmware would run out of free transfers and the next request would hang waiting for one. Fix this by flushing the transfer queues for the control endpoint when a new SETUP is received, since that token implicitly cancels any previously ongoing request. --- firmware/common/usb_request.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/firmware/common/usb_request.c b/firmware/common/usb_request.c index 4fab7a70..fe86133d 100644 --- a/firmware/common/usb_request.c +++ b/firmware/common/usb_request.c @@ -60,6 +60,11 @@ static void usb_request(usb_endpoint_t* const endpoint, const usb_transfer_stage void usb_setup_complete(usb_endpoint_t* const endpoint) { + // If we've received a new SETUP token, then any previously + // in-progress request is now aborted. + usb_endpoint_flush(endpoint->in); + usb_endpoint_flush(endpoint->out); + usb_request(endpoint, USB_TRANSFER_STAGE_SETUP); }