OSDev.org

The Place to Start for Operating System Developers
It is currently Wed Sep 19, 2018 12:22 pm

All times are UTC - 6 hours




Post new topic Reply to topic  [ 19 posts ]  Go to page Previous  1, 2
Author Message
 Post subject: Re: USB Ehci transaction error
PostPosted: Wed May 16, 2018 5:22 am 
Offline
Member
Member

Joined: Sat Jul 02, 2016 7:02 am
Posts: 98
MollenOS wrote:
Ahh I see - but as you said the structure members will always be present even if not compiled as 64 bit.

Yes, you are correct. The presence of the extended members in the structures is not controlled by the __BITS config. Thus, an out-of-bounds read is unlikely due to this particular reason.

MollenOS wrote:
I tried extending the delay from 1 second to 3 seconds and run a few times until the crash came after, nothing changes it's stuck on the first qtd with the Active + XActErr bit set. It seems it crashes while processing the first transaction. What could this indicate? I mean it would be obvious that the buffer pointers are wrong, but I've double checked them, and they are valid.


The setup buffer can be rejected as the source of the problem by setting the length (in the setup packet) as 0 instead of 8. Assuming that vbox avoids accessing the buffer address if the length field is 0, we can expect to receive a clean, straightforward error.

Edit: Sorry, above I meant "The setup buffer can be confirmed ..." and not "The setup buffer can be rejected..."


Top
 Profile  
 
 Post subject: Re: USB Ehci transaction error
PostPosted: Wed May 16, 2018 5:38 am 
Offline
Member
Member

Joined: Wed Oct 26, 2011 12:00 pm
Posts: 178
linuxyne wrote:
MollenOS wrote:
Ahh I see - but as you said the structure members will always be present even if not compiled as 64 bit.

Yes, you are correct. The presence of the extended members in the structures is not controlled by the __BITS config. Thus, an out-of-bounds read is unlikely due to this particular reason.

MollenOS wrote:
I tried extending the delay from 1 second to 3 seconds and run a few times until the crash came after, nothing changes it's stuck on the first qtd with the Active + XActErr bit set. It seems it crashes while processing the first transaction. What could this indicate? I mean it would be obvious that the buffer pointers are wrong, but I've double checked them, and they are valid.


The setup buffer can be rejected as the source of the problem by setting the length (in the setup packet) as 0 instead of 8. Assuming that vbox avoids accessing the buffer address if the length field is 0, we can expect to receive a clean, straightforward error.

Edit: Sorry, above I meant "The setup buffer can be confirmed ..." and not "The setup buffer can be rejected..."

OK, so this became very interesting - I did as you said and changed the length to 0 on the setup td. It now does NOT crash and instead gives me a clean error (XActError)

Image

This could indeed indicate my buffer being invalid and reveals I have a hidden problem somewhere, I setup the SetAddress packet here:

Code:
    Packet                    = (UsbPacket_t*)PacketBuffer;
    Packet->Direction    = USBPACKET_DIRECTION_OUT;
    Packet->Type          = USBPACKET_TYPE_SET_ADDRESS;
    Packet->ValueLo     = (uint8_t)(Address & 0xFF);
    Packet->ValueHi      = 0;
    Packet->Index        = 0;
    Packet->Length       = 0;


So it obviously crashes on either the buffer address being invalid or the packet containg bogus data? What other reasons for this?

_________________
MollenOS Progress: Userspace Programming
Github
Website


Top
 Profile  
 
 Post subject: Re: USB Ehci transaction error
PostPosted: Wed May 16, 2018 5:54 am 
Offline
Member
Member

Joined: Sat Jul 02, 2016 7:02 am
Posts: 98
MollenOS wrote:
So it obviously crashes on either the buffer address being invalid or the packet containg bogus data? What other reasons for this?


Instead of using the memory allocator, we can statically allocate a global UsbPacket_t of 8-bytes, fill it at compile time with the data we intend to send during set_address, and use its physical address. Since the packet is now part of the kernel, and we know that vbox has obviously properly mapped it (since the kernel is running), we can expect to avoid any mapping problems within the guest or the hypervisor for the buffer.

Another area of interest is memory barriers to carry out any cache clean/invalidation. But I am not sure how that fits here, especially if ohci/uhci work the same as ehci is expected to.

We can may be print the buffer too at the same time we print the chain, to at least know that guest views the data as consistent.

Edit: :oops: I think it behooves me correct "memory barriers to carry out any cache clean/invalidation" into "memory barriers plus cache clean/invalidation".


Top
 Profile  
 
 Post subject: Re: USB Ehci transaction error
PostPosted: Wed May 16, 2018 6:21 am 
Offline
Member
Member

Joined: Wed Oct 26, 2011 12:00 pm
Posts: 178
Thanks for all your help nailing this problem, you've really saved me a lot headache. It really helps having some input other than your own.

I discovered the issue, the physical buffer I was passing was 0x156DFF0, the thing is, in my EhciTdFill function i have this line of code

Code:
Td->Buffers[i]          = EHCI_TD_BUFFER(Physical);


This macro clears the lower 12 bits since they are reserved, the thing is of course that they are not reserved for the first buffer page, so changing it to

Code:
Td->Buffers[i]          = (i == 0) ? Physical : EHCI_TD_BUFFER(Physical);


fixes the issue, and it now completes the SetAddress transfer without any issues. This also explains why there were no issue with UHCI or OHCI.

_________________
MollenOS Progress: Userspace Programming
Github
Website


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 19 posts ]  Go to page Previous  1, 2

All times are UTC - 6 hours


Who is online

Users browsing this forum: YaCy [Bot] and 12 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group