diff --git a/hw/usb/core.c b/hw/usb/core.c
index 9a14a53852..0e02da7601 100644
--- a/hw/usb/core.c
+++ b/hw/usb/core.c
@@ -501,6 +501,7 @@ void usb_packet_set_state(USBPacket *p, USBPacketState state)
 void usb_packet_setup(USBPacket *p, int pid, USBEndpoint *ep)
 {
     assert(!usb_packet_is_inflight(p));
+    assert(p->iov.iov != NULL);
     p->pid = pid;
     p->ep = ep;
     p->result = 0;
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
index 10a5b15890..c6f21ac7b6 100644
--- a/hw/usb/hcd-ehci.c
+++ b/hw/usb/hcd-ehci.c
@@ -664,6 +664,7 @@ static EHCIQueue *ehci_alloc_queue(EHCIState *ehci, int async)
 
     q = g_malloc0(sizeof(*q));
     q->ehci = ehci;
+    usb_packet_init(&q->packet);
     QTAILQ_INSERT_HEAD(head, q, next);
     trace_usb_ehci_queue_action(q, "alloc");
     return q;