USB descriptor parsing in qemu-kvm is very primitive and if given incorrect values can (and does) get stuck in an endless loop, hanging the guest OS and maxing out one of CPU cores. I've written a small patch to "intelligentify" it and added a work-around for my buggy device (URC MX-950 universal remote control). The patch was accepted into git tree and shows up in app-emulation/qemu-kvm-9999. Unfortunately, -9999 version is not compatible with libvirt, so I am currently using qemu-kvm-0.12.5-r1. I backported the patch to work with qemu-kvm-0.12.4-r1 and qemu-kvm-0.12.5-r1 (it might also work with earlier versions, but I haven't tried). Please include the patch into the appropriate ebuilds Reproducible: Always Steps to Reproduce: 1. Fire up VM using qemu-kvm (or via libvirt in my case) 2. Attached USB device with buggy USB descriptor block 3. From qemu monitor issue usb_add command (or from virsh -- attach-device) 4. Watch guest OS hang and one of the cores spin at 100% Actual Results: Guest OS hangs, one core spins at 100% Expected Results: In worst case scenario, qemu-kvm should have rejected the devices. In my case, I'd like it to "realize" that there is a bug in device's USB descriptor and ignore it (which is what my patch does)
Created attachment 247921 [details, diff] Intelligentify usb descriptor parsing
Anybody out there?
qemu-kvm-0.13.0 is in the tree now -- do you still observe this bug with the new version? It works with libvirt, so updating should be safe.
The bug is still in 0.13. I am attaching the original patch, which I wrote against git tree. It works on 0.13.
Created attachment 252619 [details, diff] Original intelligentify usb descriptor parsing patch which works on 0.13 patch with -p1
If it helps getting this bug done and over with, I can rename the patches and modify the affected ebuilds and submit them. Otherwise, if no one else is interested, you can go ahead and close this bug -- I will just keep patching it manually until it shows up in one of the next releases.
Can you please provide the commit id or a link to the commit in qemu-kvm? I've been searching for a few minutes and even though I can see your email with the patch, I can't find any hit in git log about it.
I just checked the git sources and your patch wasn't applied. Please get upstream to commit it or to give an ok so we can apply it on Gentoo.
I've added the patch to the tree and prepared the ebuild to use it, but I'll wait on feedback from upstream.
Hmm, strange... I wrote the patch back in July and someone signed off on it: http://marc.info/?l=qemu-devel&m=127772835321075&w=2 I assumed twas one of the devs and after sending in the final version: http://marc.info/?l=qemu-devel&m=127773644205369&w=2 I forgot about it. Sorry, for the confusion. I resent it to the list. Will see what happens.
(In reply to comment #10) > Hmm, strange... I wrote the patch back in July and someone signed off on it: > http://marc.info/?l=qemu-devel&m=127772835321075&w=2 > > I assumed twas one of the devs and after sending in the final version: > http://marc.info/?l=qemu-devel&m=127773644205369&w=2 Yes, one of the devs agreed with your patch, but it seems in the meantime it got lost and no one comitted it to the git tree. I checked the git tree against your patch.
(In reply to comment #10) > Hmm, strange... I wrote the patch back in July and someone signed off on it: > > http://marc.info/?l=qemu-devel&m=127772835321075&w=2 > > I assumed twas one of the devs and after sending in the final version: > > http://marc.info/?l=qemu-devel&m=127773644205369&w=2 > > I forgot about it. Sorry, for the confusion. I resent it to the list. Will see > what happens. > Tim, Can you reply on the qemu mailing list and get this patch merged upstream?
Guys, there seems to be no interest in my patch. Feel free to close this patch
(In reply to comment #13) > Guys, there seems to be no interest in my patch. Feel free to close this patch Interest from upstream? In case you feel it's us that don't have an interest, we just want to know what upstream thinks about it.
Yeah, sorry, I meant upstream. I've sent a few emails and didn't get any replies. I seem to be the only one suffering from this bug and for that I can just manually patch whenever I update.
Timothy, please try to get it upstream. Did you mail to the public list or in private? If public, can you give me an url (from a list archive)?
Hi Stef, Here is my original bug/patch submission (follow the thread): http://marc.info/?l=qemu-devel&m=127731731314855&w=2 and the patches that I submitted: [PATCH] http://marc.info/?l=qemu-devel&m=127740438200842&w=2 [PATCH v2] http://marc.info/?l=qemu-devel&m=127773644205369&w=2 After KVM 0.13 came out and I didn't see the patch in it, I sent this (follow the thread): http://marc.info/?l=qemu-devel&m=128871199132707&w=2 And resubmitted the patch as requested: [PATCH v3] http://marc.info/?l=qemu-devel&m=128994363127518&w=2 At some point Anthony stopt responding. I resent my email to him a few times with CC to the list to no avail. As much as I hate to say this, I am no longer interested in this issue. I went away from qemu and switcht back to virtualbox, as it is (a) now fully open source, (b) works with my remote, (c) supports USB 2.0 (with closed source add-on), which I kept waiting for for a while in qemu. Feel free to either add this patch or close this bug. -TJ
While they never applied your patch, this issue may actually be fixed since they reworked much of the USB stack and have added more sanity tests in there. I'll mark this as a test request however, unless we can get someone with the same USB device it'll be hard.
No problem. I haven't used qemu in a while (due to lack of USB 2.0 support). Once they get it working, I will prolly give it another shot. I still have several of those remotes.
