Bug 771091

Summary: [abrt] qemu-system-x86-0.15.1-3.fc16: usb_packet_complete: Process /usr/bin/qemu-kvm was killed by signal 6 (SIGABRT)
Product: [Fedora] Fedora Reporter: Samuel Sieb <samuel-rhbugs>
Component: qemuAssignee: Justin M. Forbes <jforbes>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: amit.shah, bazanluis20, berrange, dougsland, dwmw2, ehabkost, itamar, jaswinder, jforbes, knoel, pebolle, scottt.tw, tburke, virt-maint
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Unspecified   
Whiteboard: abrt_hash:fd0ba836f5cabc935486bb6d075cef6b44e78cb2
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-01-30 15:02:58 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Description Flags
File: dso_list
File: build_ids
File: maps
File: backtrace none

Description Samuel Sieb 2012-01-01 03:15:48 EST
libreport version: 2.0.7
abrt_version:   2.0.6
backtrace_rating: 4
cmdline:        /usr/bin/qemu-kvm -S -M pc-0.14 -enable-kvm -m 1024 -smp 1,sockets=1,cores=1,threads=1 -name XP -uuid 28c6a51d-8f8f-5fd1-7c20-2e2713c32c23 -nodefconfig -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/XP.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime -drive file=/var/lib/libvirt/images/XP.img,if=none,id=drive-ide0-0-0,format=raw -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 -drive file=/var/lib/libvirt/images/XP-1.img,if=none,id=drive-ide0-0-1,format=raw -device ide-drive,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -netdev tap,fd=26,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=52:54:00:df:28:18,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -usb -device usb-tablet,id=input0 -vnc -vga std -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -device usb-host,hostbus=2,hostaddr=49,id=hostdev0 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5
comment:        It appears to be related to using the USB pass through.  It randomly crashes.  I'm attempting to flash my phone using a windows program (it's the only way).  Very rarely does it make it all the way through, I have to retry it several times.
crash_function: usb_packet_complete
executable:     /usr/bin/qemu-kvm
kernel:         3.1.4-1.fc16.i686.PAE
pid:            21350
pwd:            /
reason:         Process /usr/bin/qemu-kvm was killed by signal 6 (SIGABRT)
time:           Sat 31 Dec 2011 11:04:25 PM PST
uid:            107
username:       qemu

backtrace:      Text file, 14182 bytes
build_ids:      Text file, 3362 bytes
dso_list:       Text file, 6548 bytes
maps:           Text file, 18047 bytes


:Nov  7 12:20:58 worklap yum[7343]: Updated: 2:qemu-kvm-0.15.1-1.fc16.i686
:Nov  7 15:26:10 worklap yum[8250]: Updated: 2:qemu-kvm-tools-0.15.1-1.fc16.i686
:Nov 11 23:25:21 worklap yum[3329]: Updated: 2:qemu-kvm-tools-0.15.1-2.fc16.i686
:Nov 11 23:28:00 worklap yum[3329]: Updated: 2:qemu-kvm-0.15.1-2.fc16.i686
:Nov 20 22:55:58 worklap yum[5413]: Updated: 2:qemu-kvm-tools-0.15.1-3.fc16.i686
:Nov 20 22:57:34 worklap yum[5413]: Updated: 2:qemu-kvm-0.15.1-3.fc16.i686
:Dec 30 00:35:27 worklap abrt[27122]: Saved core dump of pid 24760 (/usr/bin/qemu-kvm) to /var/spool/abrt/ccpp-2011-12-30-00:34:51-24760 (1127600128 bytes)
:Dec 30 01:02:18 worklap abrt[29511]: Saved core dump of pid 27300 (/usr/bin/qemu-kvm) to /var/spool/abrt/ccpp-2011-12-30-01:01:32-27300 (1126895616 bytes)
:Dec 30 11:00:21 worklap abrt[7717]: Saved core dump of pid 7121 (/usr/bin/qemu-kvm) to /var/spool/abrt/ccpp-2011-12-30-10:59:48-7121 (1135517696 bytes)
:Dec 30 11:04:37 worklap abrt[8052]: Saved core dump of pid 7777 (/usr/bin/qemu-kvm) to /var/spool/abrt/ccpp-2011-12-30-11:04:27-7777 (1126715392 bytes)
:Dec 31 22:54:56 worklap abrt[21227]: Saved core dump of pid 20428 (/usr/bin/qemu-kvm) to /var/spool/abrt/ccpp-2011-12-31-22:54:35-20428 (1175089152 bytes)
:Dec 31 23:04:41 worklap abrt[21956]: Saved core dump of pid 21350 (/usr/bin/qemu-kvm) to /var/spool/abrt/ccpp-2011-12-31-23:04:25-21350 (1166704640 bytes)
Comment 1 Samuel Sieb 2012-01-01 03:15:54 EST
Created attachment 550138 [details]
File: dso_list
Comment 2 Samuel Sieb 2012-01-01 03:15:55 EST
Created attachment 550139 [details]
File: build_ids
Comment 3 Samuel Sieb 2012-01-01 03:15:57 EST
Created attachment 550140 [details]
File: maps
Comment 4 Samuel Sieb 2012-01-01 03:15:59 EST
Created attachment 550141 [details]
File: backtrace
Comment 5 Samuel Sieb 2012-01-01 03:38:55 EST
It's definitely the USB pass through.  For some reason a packet is coming back without an owner and hitting the assert:

333	void usb_packet_complete(USBDevice *dev, USBPacket *p)
334	{
335	    /* Note: p->owner != dev is possible in case dev is a hub */
336	    assert(p->owner != NULL);
337	    dev->port->ops->complete(dev->port, p);
338	    p->owner = NULL;
339	}

This is really painful as my phone is currently bricked until I can get this to run through successfully again...
Comment 6 Samuel Sieb 2012-01-01 12:41:23 EST
I checked around in the code and couldn't find anywhere that that value was actually used, so I commented out the assert and tried again.  It appeared to work, my phone is now functional again.
Comment 7 Paul Bolle 2012-01-25 06:16:57 EST
Mark as duplicate of bug #769625 ? That report has a (backported) patch
attached, which is claimed to fix this issue.
Comment 8 Justin M. Forbes 2012-01-30 15:02:58 EST

*** This bug has been marked as a duplicate of bug 769625 ***