[Solved: QEMU Oddity] xHCI No Interrupt on Endpoint Doorbell

[foliagecanine]

Hello again.
Recently I got interrupts to work correctly and I've made a lot of progress since then.
I'm at the point where I'm trying to read (the first 8 bytes of) a Device Descriptor.
First I initialized the slot and control endpoint for the device. I then allocated a memory buffer to store the Event TRB Status and the descriptor.
I then created a Setup TRB (Direction=3,ImmediateData,CorrectCycle) with the following setup packet:

Code: Select all

Setup Packet
Type = 0x80
Request = 0x06
Value = 0x0100
Index = 0x0000
Length = 0x0008

I then created a Data TRB (Remaining=0,Size=8,Direction=1,Chain,EvalTRB,CorrectCycle) pointing to the physical address of the buffer.
Then I created an Event Data TRB (IOC,CorrectCycle) pointing to the physical address of the status DWORD.
All of these were put into the Slot 1 (the correct slot) Control Endpoint ring.
Then I write a 1 to DoorbellOffset+sizeof(uint32_t) (slot 1 doorbell).

The problem is that it doesn't fire an interrupt.

I used GDB and QEMU to try to figure out what was happening, but it seems to be looking for a TR_STATUS TRB to actually evaluate the ring...
(this might be an inaccurate interpretation of the code at hcd-xhci.c:758)

--------------------------------------------

Relevant code and Logs are below. Lines starting with "[xHCI]" are my driver's logs and lines starting with "xhci" is the QEMU virtual xHCI controller logs.

QEMU/TritiumOS xHCI Log
Relevant Code

More xHCI code (less relevant)

Thanks ahead of time.

[BenLunt]

Hello again.
Recently I got interrupts to work correctly and I've made a lot of progress since then.
I'm at the point where I'm trying to read (the first 8 bytes of) a Device Descriptor.
First I initialized the slot and control endpoint for the device. I then allocated a memory buffer to store the Event TRB Status and the descriptor.
I then created a Setup TRB (Direction=3,ImmediateData,CorrectCycle) with the following setup packet:

Code: Select all

Setup Packet
Type = 0x80
Request = 0x06
Value = 0x0100
Index = 0x0000
Length = 0x0008

I then created a Data TRB (Remaining=0,Size=8,Direction=1,Chain,EvalTRB,CorrectCycle) pointing to the physical address of the buffer.
Then I created an Event Data TRB (IOC,CorrectCycle) pointing to the physical address of the status DWORD.
All of these were put into the Slot 1 (the correct slot) Control Endpoint ring.
Then I write a 1 to DoorbellOffset+sizeof(uint32_t) (slot 1 doorbell).

The problem is that it doesn't fire an interrupt.

I used GDB and QEMU to try to figure out what was happening, but it seems to be looking for a TR_STATUS TRB to actually evaluate the ring...
(this might be an inaccurate interpretation of the code at hcd-xhci.c:758)

--------------------------------------------

Relevant code and Logs are below. Lines starting with "[xHCI]" are my driver's logs and lines starting with "xhci" is the QEMU virtual xHCI controller logs.

QEMU/TritiumOS xHCI Log
Relevant Code

More xHCI code (less relevant)

Thanks ahead of time.

Hi,

Is this after you send the SETUP and DATA TRB's but *before* you send the STATUS TRB? If so, see my post in the other thread about this bug/oddity in QEMU. Your code is correct, however QEMU is not firing the interrupt because it is (incorrectly) waiting for the STATUS TRB before it will.

Again, another bug/oddity in QEMU and the xHCI emulation :-)

Ben
- http://www.fysnet.net/the_universal_serial_bus.htm

[foliagecanine]

Ah thank you.
I had seen the code where it was waiting for the Status TRB but it didn't seem right. Thank you for figuring this out.

Also, thank you for updating your code to work with QEMU.