From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:35939)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <hdegoede@redhat.com>) id 1T1Ji8-00056C-Ad
	for qemu-devel@nongnu.org; Tue, 14 Aug 2012 12:11:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <hdegoede@redhat.com>) id 1T1Ji1-0000px-Ub
	for qemu-devel@nongnu.org; Tue, 14 Aug 2012 12:11:16 -0400
Received: from mx1.redhat.com ([209.132.183.28]:65059)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <hdegoede@redhat.com>) id 1T1Ji1-0000pd-Mq
	for qemu-devel@nongnu.org; Tue, 14 Aug 2012 12:11:09 -0400
Received: from int-mx02.intmail.prod.int.phx2.redhat.com
	(int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q7EGB8sx001408
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <qemu-devel@nongnu.org>; Tue, 14 Aug 2012 12:11:08 -0400
Message-ID: <502A78D9.6050003@redhat.com>
Date: Tue, 14 Aug 2012 18:12:09 +0200
From: Hans de Goede <hdegoede@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] 2 issues with qemu-master / 1.2 ehci code
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Gerd Hoffmann <kraxel@redhat.com>
Cc: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>

Hi,

While testing qemu-master I've encountered 2 problems caused by the ehci changes
made since 1.1:

1) Newly plugged in devices don't get recognized by the guest
This seems to be a case of no interrupt getting generated while it should, doing lsusb in a linux
guest makes the device show up (after the lsusb, so its there in a second lsusb run)

2) I'm hitting:
qemu-system-x86_64: /home/hans/projects/qemu/hw/usb/hcd-ehci.c:2075: ehci_state_executing: Assertion `p->qtdaddr == q->qtdaddr' failed.
When trying to redirect a microsoft lifecam, since this is a device with multiple interfaces
(both uvc and usb-audio) I think it may be a case of multiple control requests getting submitted at the same time,
but that is just a wild guess.

Some gdb output:

(gdb) fr 4
#4  0x00005555556c33ce in ehci_state_executing (q=0x5555566c9590)
     at /home/hans/projects/qemu/hw/usb/hcd-ehci.c:2075
2075        assert(p->qtdaddr == q->qtdaddr);
(gdb) p q
$1 = (EHCIQueue *) 0x5555566c9590
(gdb) p *q
$2 = {ehci = 0x5555566e58b0, next = {tqe_next = 0x5555566c23e0, tqe_prev =
     0x5555566e7188}, seen = 1, ts = 500707440673, async = 1, revalidate = 0,
   qh = {next = 915959810, epchar = 1077960706, epcap = 1073741824,
     current_qtd = 915964192, next_qtd = 915964384, altnext_qtd = 1, token =
     2147483720, bufptr = {865509240, 0, 0, 0, 0}}, qhaddr = 915959906,
   qtdaddr = 915964192, dev = 0x555556710e10, packets = {tqh_first =
     0x55555676a440, tqh_last = 0x55555676aca8}}
(gdb) p *p
$3 = {queue = 0x5555566c9590, next = {tqe_next = 0x55555676aca0, tqe_prev =
     0x5555566c9600}, qtd = {next = 915964288, altnext = 1, token = 2147683712,
     bufptr = {865509232, 0, 0, 0, 0}}, qtdaddr = 915964480, packet = {pid =
     105, ep = 0x555556711f08, iov = {iov = 0x55555676a960, niov = 1, nalloc =
     1, size = 3}, parameter = 0, result = -3, state = USB_PACKET_COMPLETE,
     queue = {tqe_next = 0x55555676ace0, tqe_prev = 0x555556711f20}}, sgl = {
     sg = 0x555556769940, nsg = 1, nalloc = 5, size = 3, dma = 0x0}, pid = 105,
   tbytes = 3, async = EHCI_ASYNC_FINISHED, usb_status = -3}

Let me know what else you need to debug this.

Regards,

Hans