Re: [Qemu-devel] USB port NULL pointer causes segv

Re: [Qemu-devel] USB port NULL pointer causes segv

[erik.rull]

Hi Gerd,

thanks a lot.

I just had a look on usb-linux.c where the "port" could be identified.

for those that must use /proc/bus/usb it would be possible to allow the
following:
read in the "Port=" and check if it is on bus level 1, then you can
identify at least your real root hardware port - hubs won't work, but for
most users this would help at least for basic use cases.

And:
My system has the /sys/bus/usb structure, but NO udev enabled! That means
the /dev/bus/usb structure is missing! Running the existing usb-linux.c
code, I can never use USB, because /sys/... is selected but /dev/... is
used which is not checked for existance! This causes delayed problems when
you want to start using usb host devices.
I moved the /proc/bus/usb checking in front of the /sys/ checking and it
worked for me - maybe not useful for all but then the checkings for
/sys/bus/usb should be extended on the /dev/bus/usb existance check.

Additionally I have bigger problems with CD and DVD usb drives, they get
detected and routed to the guest, but the "claimend" message comes up on
the qemu monitor every 10-15 seconds and sometimes the linux usb driver
resets the port - that causes a very slow detection in the guest and I
never got it finished and I was not able to access the data on the CD. Most
USB keys work, but some also had a similar issue.

Everything tested with qemu-kvm-0.15.0

Best regards,

Erik

Re: [Qemu-devel] USB port NULL pointer causes segv

[Erik Rull]

Hi Gerd,

thanks a lot.

I just had a look on usb-linux.c where the "port" could be identified.

for those that must use /proc/bus/usb it would be possible to allow the
following:
read in the "Port=" and check if it is on bus level 1, then you can
identify at least your real root hardware port - hubs won't work, but for
most users this would help at least for basic use cases.

And:
My system has the /sys/bus/usb structure, but NO udev enabled! That means
the /dev/bus/usb structure is missing! Running the existing usb-linux.c
code, I can never use USB, because /sys/... is selected but /dev/... is
used which is not checked for existance! This causes delayed problems when
you want to start using usb host devices.
I moved the /proc/bus/usb checking in front of the /sys/ checking and it
worked for me - maybe not useful for all but then the checkings for
/sys/bus/usb should be extended on the /dev/bus/usb existance check.

Additionally I have bigger problems with CD and DVD usb drives, they get
detected and routed to the guest, but the "claimend" message comes up on
the qemu monitor every 10-15 seconds and sometimes the linux usb driver
resets the port - that causes a very slow detection in the guest and I
never got it finished and I was not able to access the data on the CD. Most
USB keys work, but some also had a similar issue.

Everything tested with qemu-kvm-0.15.0

Best regards,

Erik

Re: [Qemu-devel] USB port NULL pointer causes segv

[Gerd Hoffmann]

[-- Attachment #1: Type: text/plain, Size: 245 bytes --]

   Hi,

> in usb-linux.c my qemu crashes in
> static int usb_host_open(USBHostDevice *dev, int bus_num, int addr, char
> *port, const char *prod_name, int speed)
>
> because port is NULL.

The attached patches should fix this.

cheers,
   Gerd


[-- Attachment #2: 0001-usb-linux-constify-port.patch --]
[-- Type: text/plain, Size: 2584 bytes --]

>From 15fd107f500f8a0f6ffa05fa3a9775d37afda1bd Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Wed, 17 Aug 2011 23:35:45 +0200
Subject: [PATCH 1/2] usb-linux: constify port

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 usb-linux.c |   13 ++++++++-----
 1 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/usb-linux.c b/usb-linux.c
index 5562187..dec3bc9 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -53,7 +53,7 @@ struct usb_ctrltransfer {
     void *data;
 };
 
-typedef int USBScanFunc(void *opaque, int bus_num, int addr, char *port,
+typedef int USBScanFunc(void *opaque, int bus_num, int addr, const char *port,
                         int class_id, int vendor_id, int product_id,
                         const char *product_name, int speed);
 
@@ -1135,7 +1135,8 @@ static int usb_linux_full_speed_compat(USBHostDevice *dev)
 }
 
 static int usb_host_open(USBHostDevice *dev, int bus_num,
-                        int addr, char *port, const char *prod_name, int speed)
+                         int addr, const char *port,
+                         const char *prod_name, int speed)
 {
     int fd = -1, ret;
     char buf[1024];
@@ -1713,7 +1714,8 @@ static int usb_host_scan(void *opaque, USBScanFunc *func)
 
 static QEMUTimer *usb_auto_timer;
 
-static int usb_host_auto_scan(void *opaque, int bus_num, int addr, char *port,
+static int usb_host_auto_scan(void *opaque, int bus_num,
+                              int addr, const char *port,
                               int class_id, int vendor_id, int product_id,
                               const char *product_name, int speed)
 {
@@ -1875,7 +1877,8 @@ static const char *usb_class_str(uint8_t class)
     return p->class_name;
 }
 
-static void usb_info_device(Monitor *mon, int bus_num, int addr, char *port,
+static void usb_info_device(Monitor *mon, int bus_num,
+                            int addr, const char *port,
                             int class_id, int vendor_id, int product_id,
                             const char *product_name,
                             int speed)
@@ -1916,7 +1919,7 @@ static void usb_info_device(Monitor *mon, int bus_num, int addr, char *port,
 }
 
 static int usb_host_info_device(void *opaque, int bus_num, int addr,
-                                char *path, int class_id,
+                                const char *path, int class_id,
                                 int vendor_id, int product_id,
                                 const char *product_name,
                                 int speed)
-- 
1.7.1


[-- Attachment #3: 0002-usb-linux-set-port-to-non-NULL-for-proc-bus-usb-devi.patch --]
[-- Type: text/plain, Size: 868 bytes --]

>From 3da0c8ed9d83928bbb88c2ffbd3ae8d2eed2e41a Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Wed, 17 Aug 2011 23:36:46 +0200
Subject: [PATCH 2/2] usb-linux: set port to non-NULL for /proc/bus/usb/devices scan

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 usb-linux.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/usb-linux.c b/usb-linux.c
index dec3bc9..f8a47da 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -1505,7 +1505,7 @@ static int usb_host_scan_dev(void *opaque, USBScanFunc *func)
     }
     if (device_count && (vendor_id || product_id)) {
         /* Add the last device.  */
-        ret = func(opaque, bus_num, addr, 0, class_id, vendor_id,
+        ret = func(opaque, bus_num, addr, "?", class_id, vendor_id,
                    product_id, product_name, speed);
     }
  the_end:
-- 
1.7.1

[Qemu-devel] USB port NULL pointer causes segv

[Erik Rull]

Hi all,

in usb-linux.c my qemu crashes in
static int usb_host_open(USBHostDevice *dev, int bus_num, int addr, char 
*port, const char *prod_name, int speed)

because port is NULL.

The line that causes the problem is:
strcpy(dev->port, port);

All Ports are displayed in the qemu monitor info as (null)

when changing the line to:
     if (port)
       strcpy(dev->port, port);
     else
       dev->port[0] = '\0';

everything is fine :-)

Please check this issue and let me know if my workaround is okay.

Best regards,

Erik