Bug 784918

Summary: usb_packet_complete assertion failed
Product: Red Hat Enterprise Linux 6 Reporter: Jón Fairbairn <jon.fairbairn>
Component: qemu-kvmAssignee: Virtualization Maintenance <virt-maint>
Status: CLOSED DUPLICATE QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.0CC: acathrow, bsarathy, jon.fairbairn, juzhang, mkenneth, tburke, virt-maint
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-02-02 16:24:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
/var/log/libvirt/qemu/....log none

Description Jón Fairbairn 2012-01-26 16:18:48 UTC 
Created attachment 557703 [details]
/var/log/libvirt/qemu/....log

Description of problem:
After upgrade of qemu-kvm from 0.12.1.2-2.209.el6_2.1, VM with assigned usb network device crashes with 

qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.12.1.2/hw/usb.c:345: usb_packet_complete: Assertion `p->owner != ((void *)0)' failed.


Version-Release number of selected component (if applicable):
0.12.1.2-2.209.el6_2.4

How reproducible:
reliably, though the crash can be immediate or take a little while (probably depends on network traffic)

Steps to Reproduce:
1. create a VM and assign a specific usb hardware device to it (in my case 0b95:7720 Device 001:002 ASIX Elec. Corp. AX88772 )
2. boot up
3. wait
  
Actual results:
assertion failed, machine shuts down

Expected results:
vm should work and have access to the net via the usb nic

Additional info:
This appears to the bug for which http://repo.or.cz/w/qemu.git/commitdiff/80cf7cf74f29a219e02b50f27c12b1c792ebf99b
has a patch
Comment 2 Jón Fairbairn 2012-01-26 19:43:31 UTC 
I tried the above mentioned patch and had the same VM crash, so it alone is not enough.
Comment 3 Jón Fairbairn 2012-01-30 16:12:37 UTC 
Investigation of the older logs for the VM and the yum log for the host
suggests that the VM was never booted with qemu-kvm 0.12.1.2-2.209.el6_2.1 as
it was running continuously from 2012-01-13 to 2012-01-26. So the non-crashing
version was probably qemu-kvm-0.12.1.2-2.160.el6_1.2.x86_64.  Further
investigation required to determine which is the earliest version that stops it
working.
Comment 4 Jón Fairbairn 2012-01-31 16:21:53 UTC 
Have confirmed that the fault occurs with qemu-kvm-0.12.1.2-2.209.el6_2.1
Downgrading to 0.12.1.2-2.160.el6_1.2 appears to cure the problem.

Currently running with qemu-kvm-0.12.1.2-2.209.el6_2.4 patched to comment out
the assertion:

+++ hw/usb.c  2012-01-31 15:52:48.000000000 +0000
@@ -342,7 +342,9 @@
 void usb_packet_complete(USBDevice *dev, USBPacket *p)
 {
     /* Note: p->owner != dev is possible in case dev is a hub */
+  /*
     assert(p->owner != NULL);
+  */
     dev->port->ops->complete(dev->port, p);
     p->owner = NULL;
 }


and have not had any errors yet, which suggests that something in kvm-usb-keep-track-of-packet-owner.patch isn’t quite right, but I don’t understand the code well enough to determine what.

(not attached as a patch as it’s not a real solution)
Comment 5 Jón Fairbairn 2012-01-31 17:36:34 UTC 
Eventually dies with qemu-kvm: /home/jf/rpmbuild/BUILD/qemu-kvm-0.12.1.2/hw/usb.c:357: usb_cancel_packet: Assertion `p->owner != ((void *)0)' failed.

Now running with all the assertions in usb.c turned off (ie
#define NDEBUG 
at top of hw/usb.c)
Comment 6 Jón Fairbairn 2012-02-01 21:36:42 UTC 
Which eventually dies with just “shutting down”, so there is definitely a bug rather than the assertions being over strict.
Comment 7 Dor Laor 2012-02-02 16:24:31 UTC 

*** This bug has been marked as a duplicate of bug 783321 ***