xhci: Remove TDs from TD lists when URBs are canceled.

		 * so remove it from the endpoint ring's TD list.  Keep it in

		 * the cancelled TD list for URB completion later.

		 */

		list_del(&cur_td->td_list);

		list_del_init(&cur_td->td_list);

	}

	last_unlinked_td = cur_td;

	xhci_stop_watchdog_timer_in_irq(xhci, ep);

	do {

		cur_td = list_entry(ep->cancelled_td_list.next,

				struct xhci_td, cancelled_td_list);

		list_del(&cur_td->cancelled_td_list);

		list_del_init(&cur_td->cancelled_td_list);

		/* Clean up the cancelled URB */

		/* Doesn't matter what we pass for status, since the core will

				cur_td = list_first_entry(&ring->td_list,

						struct xhci_td,

						td_list);

				list_del(&cur_td->td_list);

				list_del_init(&cur_td->td_list);

				if (!list_empty(&cur_td->cancelled_td_list))

					list_del(&cur_td->cancelled_td_list);

					list_del_init(&cur_td->cancelled_td_list);

				xhci_giveback_urb_in_irq(xhci, cur_td,

						-ESHUTDOWN, "killed");

			}

						&temp_ep->cancelled_td_list,

						struct xhci_td,

						cancelled_td_list);

				list_del(&cur_td->cancelled_td_list);

				list_del_init(&cur_td->cancelled_td_list);

				xhci_giveback_urb_in_irq(xhci, cur_td,

						-ESHUTDOWN, "killed");

			}

			else

				*status = 0;

		}

		list_del(&td->td_list);

		list_del_init(&td->td_list);

		/* Was this TD slated to be cancelled but completed anyway? */

		if (!list_empty(&td->cancelled_td_list))

			list_del(&td->cancelled_td_list);

			list_del_init(&td->cancelled_td_list);

		urb_priv->td_cnt++;

		/* Giveback the urb when all the tds are completed */

	/* Clean up a partially enqueued isoc transfer. */

	for (i--; i >= 0; i--)

		list_del(&urb_priv->td[i]->td_list);

		list_del_init(&urb_priv->td[i]->td_list);

	/* Use the first TD as a temporary variable to turn the TDs we've queued

	 * into No-ops with a software-owned cycle bit. That way the hardware

	if (temp == 0xffffffff || (xhci->xhc_state & XHCI_STATE_HALTED)) {

		xhci_dbg(xhci, "HW died, freeing TD.\n");

		urb_priv = urb->hcpriv;

		for (i = urb_priv->td_cnt; i < urb_priv->length; i++) {

			td = urb_priv->td[i];

			if (!list_empty(&td->td_list))

				list_del_init(&td->td_list);

			if (!list_empty(&td->cancelled_td_list))

				list_del_init(&td->cancelled_td_list);

		}

		usb_hcd_unlink_urb_from_ep(hcd, urb);

		spin_unlock_irqrestore(&xhci->lock, flags);