From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=59223 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1ORav6-0005CV-Hv for qemu-devel@nongnu.org; Wed, 23 Jun 2010 21:07:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1ORav5-0004CF-Ap for qemu-devel@nongnu.org; Wed, 23 Jun 2010 21:07:56 -0400 Received: from mail-fx0-f45.google.com ([209.85.161.45]:37073) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1ORav5-0004C4-4C for qemu-devel@nongnu.org; Wed, 23 Jun 2010 21:07:55 -0400 Received: by fxm9 with SMTP id 9so4058085fxm.4 for ; Wed, 23 Jun 2010 18:07:54 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: Date: Wed, 23 Jun 2010 21:07:54 -0400 Message-ID: From: Timothy Jones Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: [Qemu-devel] Guest OS hangs on usb_add List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org With some digging around I found out that the qemu hangs in usb_host_claim_interfaces, which is caused by screwed up usb descriptor. The device reports the following: (gdb) p dev->descr_len $21 =3D 50 (gdb) p /x dev->descr[0]@50 $23 =3D {0x18, 0x1, 0x0, 0x1, 0xff, 0xff, 0xff, 0x8, 0x47, 0x46, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x9, 0x2, 0x20, 0x0, 0x1, 0x1, 0x0, 0x80, 0x19, 0x9, 0x4, 0x0, 0x0, 0x2, 0xff, 0xff, 0xff, 0x0, 0x7, 0x5, 0x81, 0x2, 0x40, 0x0, 0x0, 0x7, 0x5, 0x3, 0x2, 0x10, 0x0, 0x0} The first 0x18 (Device Descriptor bLength) is supposed to be decimal 18, not hex! According to USB spec, if the device reports size greater than expected, the host is supposed ignore the extra bytes. So qemu behaves correctly here. However, with this length, the following Configuration Descriptor length falls on a 0x0 and so the qemu spins in an endless loop. (This is prolly something that should be detected and reported as error by qemu.) My question is: This 0x18 -- is this something that comes from the device itself (ie, firmware bug)? Or does it come from the USB subsystem? I don't mind writing a small patch to make descriptor parsing a bit more intelligent, but I am very unfamiliar with the code, so I might botch things up. Or is the above data sufficient for one of the devs to take a look at the code and improve it? Thank you. -TJ ---------- Forwarded message ---------- From: Timothy Jones Date: Wed, Jun 23, 2010 at 2:21 PM Subject: Guest OS hangs on usb_add To: qemu-devel@nongnu.org I am trying to attach universal remote control (URC MX-950) to Windows XP guest as follows: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D (qemu) info usbhost =A0 Device 1.1, speed 480 Mb/s =A0=A0=A0 Hub: USB device 1d6b:0002, EHCI Host Controller =A0 Device 2.1, speed 480 Mb/s =A0=A0=A0 Hub: USB device 1d6b:0002, EHCI Host Controller =A0 Device 1.2, speed 480 Mb/s =A0=A0=A0 Hub: USB device 8087:0020 =A0 Device 2.2, speed 480 Mb/s =A0=A0=A0 Hub: USB device 8087:0020 =A0 Device 1.3, speed 480 Mb/s =A0=A0=A0 Class ef: USB device 0c45:6416, Laptop_Integrated_Webcam_2M =A0 Device 2.5, speed 12 Mb/s =A0=A0=A0 Vendor Specific: USB device 4647:3000=A0=A0=A0=A0 <-------- MX-95= 0 USB remote =A0 Device 2.4, speed 1.5 Mb/s =A0=A0=A0 Class 00: USB device 05ac:0304, Apple Optical USB Mouse (qemu) usb_add host:4647:3000 usb_create: no bus specified, using "usb.0" for "usb-host" husb: open device 2.5 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D The guest just freezes including the monitor and pegs one of the cores on host OS at 100%. I tried the same with 2 other devices on the above list (Apple Mouse and Webcam) and both worked fine. I am running: (qemu) info version 0.12.50 (qemu-kvm-devel) Host: Linux studio 2.6.34-gentoo-r1 #2 SMP Tue Jun 22 23:21:18 EDT 2010 x86_64 Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz GenuineIntel GNU/Linux Guest: Windows XP Pro SP3 FWIW, I tried the above with and without kvm and kvm-intel modules loaded. Anybody know what could be causing this? Thank you. -TJ