Bug 980738
| Summary: | QEMU core dump when passthrough USB Webcam to guest with xHCI controller | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Sibiao Luo <sluo> |
| Component: | qemu-kvm | Assignee: | Gerd Hoffmann <kraxel> |
| Status: | CLOSED DUPLICATE | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.0 | CC: | acathrow, chayang, hhuang, juzhang, kraxel, mazhang, michen, qzhang, rhod, shuang, virt-maint, xfu |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-07-24 07:29:53 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Sibiao Luo
2013-07-03 07:18:23 UTC
(gdb) bt
#0 0x00007fa69571ea19 in raise () from /lib64/libc.so.6
#1 0x00007fa695720128 in abort () from /lib64/libc.so.6
#2 0x00007fa695717986 in __assert_fail_base () from /lib64/libc.so.6
#3 0x00007fa695717a32 in __assert_fail () from /lib64/libc.so.6
#4 0x00007fa699f3d2d7 in usb_handle_packet (dev=<optimized out>, p=p@entry=0x7fa680054ba0) at hw/usb/core.c:412
#5 0x00007fa699f5083b in xhci_submit (epctx=0x7fa680054b70, xfer=0x7fa680054b98, xhci=0x7fa67dd38010)
at hw/usb/hcd-xhci.c:1861
#6 xhci_fire_transfer (epctx=0x7fa680054b70, xfer=0x7fa680054b98, xhci=0x7fa67dd38010) at hw/usb/hcd-xhci.c:1873
#7 xhci_kick_ep (xhci=0x7fa67dd38010, slotid=1, epid=3, streamid=0) at hw/usb/hcd-xhci.c:1995
#8 0x00007fa69a0307b2 in access_with_adjusted_size (addr=addr@entry=4, value=value@entry=0x7fa68c8e7a40,
size=size@entry=4, access_size_min=<optimized out>, access_size_max=<optimized out>, access=access@entry=
0x7fa69a030d70 <memory_region_write_accessor>, opaque=opaque@entry=0x7fa67dd38a30)
at /usr/src/debug/qemu-1.5.1/memory.c:364
#9 0x00007fa69a03574b in memory_region_dispatch_write (size=4, data=3, addr=4, mr=0x7fa67dd38a30)
at /usr/src/debug/qemu-1.5.1/memory.c:916
#10 io_mem_write (mr=0x7fa67dd38a30, addr=4, val=<optimized out>, size=4) at /usr/src/debug/qemu-1.5.1/memory.c:1597
#11 0x00007fa69a0307b2 in access_with_adjusted_size (addr=addr@entry=4, value=value@entry=0x7fa68c8e7af0,
size=size@entry=4, access_size_min=<optimized out>, access_size_max=<optimized out>, access=access@entry=
0x7fa69a030d70 <memory_region_write_accessor>, opaque=opaque@entry=0x7fa678007320)
at /usr/src/debug/qemu-1.5.1/memory.c:364
#12 0x00007fa69a03574b in memory_region_dispatch_write (size=4, data=3, addr=4, mr=0x7fa678007320)
at /usr/src/debug/qemu-1.5.1/memory.c:916
#13 io_mem_write (mr=0x7fa678007320, addr=4, val=<optimized out>, size=size@entry=4)
at /usr/src/debug/qemu-1.5.1/memory.c:1597
#14 0x00007fa699fe377d in address_space_rw (as=as@entry=0x7fa69acfdf80 <address_space_memory>, addr=4272168964,
buf=buf@entry=0x7fa699cbf028 <Address 0x7fa699cbf028 out of bounds>, len=4, is_write=true)
at /usr/src/debug/qemu-1.5.1/exec.c:1916
#15 0x00007fa699fe3875 in cpu_physical_memory_rw (addr=<optimized out>,
buf=buf@entry=0x7fa699cbf028 <Address 0x7fa699cbf028 out of bounds>, len=<optimized out>, is_write=<optimized out>)
at /usr/src/debug/qemu-1.5.1/exec.c:1998
#16 0x00007fa69a02f245 in kvm_cpu_exec (env=env@entry=0x7fa69b8f0070) at /usr/src/debug/qemu-1.5.1/kvm-all.c:1643
#17 0x00007fa699fda375 in qemu_kvm_cpu_thread_fn (arg=0x7fa69b8f0070) at /usr/src/debug/qemu-1.5.1/cpus.c:759
#18 0x00007fa698057c53 in start_thread () from /lib64/libpthread.so.0
#19 0x00007fa6957de13d in clone () from /lib64/libc.so.6
(gdb) bt full
#0 0x00007fa69571ea19 in raise () from /lib64/libc.so.6
No symbol table info available.
#1 0x00007fa695720128 in abort () from /lib64/libc.so.6
No symbol table info available.
#2 0x00007fa695717986 in __assert_fail_base () from /lib64/libc.so.6
No symbol table info available.
#3 0x00007fa695717a32 in __assert_fail () from /lib64/libc.so.6
No symbol table info available.
#4 0x00007fa699f3d2d7 in usb_handle_packet (dev=<optimized out>, p=p@entry=0x7fa680054ba0) at hw/usb/core.c:412
__PRETTY_FUNCTION__ = "usb_handle_packet"
#5 0x00007fa699f5083b in xhci_submit (epctx=0x7fa680054b70, xfer=0x7fa680054b98, xhci=0x7fa67dd38010)
at hw/usb/hcd-xhci.c:1861
mfindex = <optimized out>
#6 xhci_fire_transfer (epctx=0x7fa680054b70, xfer=0x7fa680054b98, xhci=0x7fa67dd38010) at hw/usb/hcd-xhci.c:1873
No locals.
#7 xhci_kick_ep (xhci=0x7fa67dd38010, slotid=1, epid=3, streamid=0) at hw/usb/hcd-xhci.c:1995
xfer = 0x7fa680054b98
stctx = <optimized out>
epctx = 0x7fa680054b70
ring = 0x7fa680054b80
ep = 0x0
mfindex = <optimized out>
i = <optimized out>
__PRETTY_FUNCTION__ = "xhci_kick_ep"
#8 0x00007fa69a0307b2 in access_with_adjusted_size (addr=addr@entry=4, value=value@entry=0x7fa68c8e7a40,
size=size@entry=4, access_size_min=<optimized out>, access_size_max=<optimized out>, access=access@entry=
0x7fa69a030d70 <memory_region_write_accessor>, opaque=opaque@entry=0x7fa67dd38a30)
at /usr/src/debug/qemu-1.5.1/memory.c:364
access_mask = 4294967295
access_size = 4
i = <optimized out>
#9 0x00007fa69a03574b in memory_region_dispatch_write (size=4, data=3, addr=4, mr=0x7fa67dd38a30)
at /usr/src/debug/qemu-1.5.1/memory.c:916
No locals.
#10 io_mem_write (mr=0x7fa67dd38a30, addr=4, val=<optimized out>, size=4) at /usr/src/debug/qemu-1.5.1/memory.c:1597
No locals.
#11 0x00007fa69a0307b2 in access_with_adjusted_size (addr=addr@entry=4, value=value@entry=0x7fa68c8e7af0,
size=size@entry=4, access_size_min=<optimized out>, access_size_max=<optimized out>, access=access@entry=
0x7fa69a030d70 <memory_region_write_accessor>, opaque=opaque@entry=0x7fa678007320)
at /usr/src/debug/qemu-1.5.1/memory.c:364
access_mask = 4294967295
access_size = 4
i = <optimized out>
#12 0x00007fa69a03574b in memory_region_dispatch_write (size=4, data=3, addr=4, mr=0x7fa678007320)
at /usr/src/debug/qemu-1.5.1/memory.c:916
No locals.
#13 io_mem_write (mr=0x7fa678007320, addr=4, val=<optimized out>, size=size@entry=4)
at /usr/src/debug/qemu-1.5.1/memory.c:1597
No locals.
#14 0x00007fa699fe377d in address_space_rw (as=as@entry=0x7fa69acfdf80 <address_space_memory>, addr=4272168964,
buf=buf@entry=0x7fa699cbf028 <Address 0x7fa699cbf028 out of bounds>, len=4, is_write=true)
at /usr/src/debug/qemu-1.5.1/exec.c:1916
addr1 = <optimized out>
d = 0x7fa69b6fc810
l = 4
ptr = <optimized out>
val = <optimized out>
page = 4272168960
section = <optimized out>
#15 0x00007fa699fe3875 in cpu_physical_memory_rw (addr=<optimized out>,
buf=buf@entry=0x7fa699cbf028 <Address 0x7fa699cbf028 out of bounds>, len=<optimized out>, is_write=<optimized out>)
at /usr/src/debug/qemu-1.5.1/exec.c:1998
No locals.
#16 0x00007fa69a02f245 in kvm_cpu_exec (env=env@entry=0x7fa69b8f0070) at /usr/src/debug/qemu-1.5.1/kvm-all.c:1643
cpu = 0x7fa69b8eff60
__func__ = "kvm_cpu_exec"
run = 0x7fa699cbf000
ret = <optimized out>
run_ret = 0
#17 0x00007fa699fda375 in qemu_kvm_cpu_thread_fn (arg=0x7fa69b8f0070) at /usr/src/debug/qemu-1.5.1/cpus.c:759
cpu = 0x7fa69b8eff60
__func__ = "qemu_kvm_cpu_thread_fn"
r = <optimized out>
#18 0x00007fa698057c53 in start_thread () from /lib64/libpthread.so.0
No symbol table info available.
#19 0x00007fa6957de13d in clone () from /lib64/libc.so.6
No symbol table info available.
(gdb)
# lsusb -vv
Bus 003 Device 002: ID 0ac8:3450 Z-Star Microelectronics Corp.
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 2.00
bDeviceClass 239 Miscellaneous Device
bDeviceSubClass 2 ?
bDeviceProtocol 1 Interface Association
bMaxPacketSize0 64
idVendor 0x0ac8 Z-Star Microelectronics Corp.
idProduct 0x3450
bcdDevice 1.a2
iManufacturer 1 Vimicro Corp.
iProduct 2 Altair USB2.0 Camera
iSerial 0
bNumConfigurations 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 481
bNumInterfaces 2
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x80
(Bus Powered)
MaxPower 320mA
Interface Association:
bLength 8
bDescriptorType 11
bFirstInterface 0
bInterfaceCount 2
bFunctionClass 14 Video
bFunctionSubClass 3 Video Interface Collection
bFunctionProtocol 0
iFunction 2 Altair USB2.0 Camera
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 1
bInterfaceClass 14 Video
bInterfaceSubClass 1 Video Control
bInterfaceProtocol 0
iInterface 2 Altair USB2.0 Camera
VideoControl Interface Descriptor:
bLength 13
bDescriptorType 36
bDescriptorSubtype 1 (HEADER)
bcdUVC 1.00
wTotalLength 79
dwClockFrequency 30.000000MHz
bInCollection 1
baInterfaceNr( 0) 1
VideoControl Interface Descriptor:
bLength 18
bDescriptorType 36
bDescriptorSubtype 2 (INPUT_TERMINAL)
bTerminalID 1
wTerminalType 0x0201 Camera Sensor
bAssocTerminal 0
iTerminal 0
wObjectiveFocalLengthMin 0
wObjectiveFocalLengthMax 0
wOcularFocalLength 0
bControlSize 3
bmControls 0x0002002a
Auto-Exposure Mode
Exposure Time (Absolute)
Focus (Absolute)
Focus, Auto
VideoControl Interface Descriptor:
bLength 11
bDescriptorType 36
bDescriptorSubtype 5 (PROCESSING_UNIT)
Warning: Descriptor too short
bUnitID 2
bSourceID 1
wMaxMultiplier 0
bControlSize 2
bmControls 0x0000177b
Brightness
Contrast
Saturation
Sharpness
Gamma
White Balance Temperature
Backlight Compensation
Gain
Power Line Frequency
White Balance Temperature, Auto
iProcessing 0
bmVideoStandards 0x 9
None
SECAM - 625/50
VideoControl Interface Descriptor:
bLength 9
bDescriptorType 36
bDescriptorSubtype 3 (OUTPUT_TERMINAL)
bTerminalID 3
wTerminalType 0x0101 USB Streaming
bAssocTerminal 0
bSourceID 2
iTerminal 0
VideoControl Interface Descriptor:
bLength 28
bDescriptorType 36
bDescriptorSubtype 6 (EXTENSION_UNIT)
bUnitID 4
guidExtensionCode {5dc717a9-1941-da11-ae0e-000d56ac7b4c}
bNumControl 8
bNrPins 1
baSourceID( 0) 1
bControlSize 3
bmControls( 0) 0x59
bmControls( 1) 0x80
bmControls( 2) 0x80
iExtension 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x000a 1x 10 bytes
bInterval 5
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 0
bNumEndpoints 0
bInterfaceClass 14 Video
bInterfaceSubClass 2 Video Streaming
bInterfaceProtocol 0
iInterface 0
VideoStreaming Interface Descriptor:
bLength 14
bDescriptorType 36
bDescriptorSubtype 1 (INPUT_HEADER)
bNumFormats 1
wTotalLength 243
bEndPointAddress 130
bmInfo 0
bTerminalLink 3
bStillCaptureMethod 2
bTriggerSupport 1
bTriggerUsage 1
bControlSize 1
bmaControls( 0) 27
VideoStreaming Interface Descriptor:
bLength 27
bDescriptorType 36
bDescriptorSubtype 4 (FORMAT_UNCOMPRESSED)
bFormatIndex 1
bNumFrameDescriptors 5
guidFormat {59555932-0000-1000-8000-00aa00389b71}
bBitsPerPixel 16
bDefaultFrameIndex 1
bAspectRatioX 0
bAspectRatioY 0
bmInterlaceFlags 0x00
Interlaced stream or variable: No
Fields per frame: 2 fields
Field 1 first: No
Field pattern: Field 1 only
bCopyProtect 0
VideoStreaming Interface Descriptor:
bLength 34
bDescriptorType 36
bDescriptorSubtype 5 (FRAME_UNCOMPRESSED)
bFrameIndex 1
bmCapabilities 0x00
Still image unsupported
wWidth 640
wHeight 480
dwMinBitRate 768000
dwMaxBitRate 196608000
dwMaxVideoFrameBufferSize 614400
dwDefaultFrameInterval 333333
bFrameIntervalType 2
dwFrameInterval( 0) 333333
dwFrameInterval( 1) 666667
VideoStreaming Interface Descriptor:
bLength 34
bDescriptorType 36
bDescriptorSubtype 5 (FRAME_UNCOMPRESSED)
bFrameIndex 2
bmCapabilities 0x00
Still image unsupported
wWidth 352
wHeight 288
dwMinBitRate 768000
dwMaxBitRate 196608000
dwMaxVideoFrameBufferSize 202752
dwDefaultFrameInterval 333333
bFrameIntervalType 2
dwFrameInterval( 0) 333333
dwFrameInterval( 1) 666667
VideoStreaming Interface Descriptor:
bLength 34
bDescriptorType 36
bDescriptorSubtype 5 (FRAME_UNCOMPRESSED)
bFrameIndex 3
bmCapabilities 0x00
Still image unsupported
wWidth 320
wHeight 240
dwMinBitRate 768000
dwMaxBitRate 196608000
dwMaxVideoFrameBufferSize 153600
dwDefaultFrameInterval 333333
bFrameIntervalType 2
dwFrameInterval( 0) 333333
dwFrameInterval( 1) 666667
VideoStreaming Interface Descriptor:
bLength 34
bDescriptorType 36
bDescriptorSubtype 5 (FRAME_UNCOMPRESSED)
bFrameIndex 4
bmCapabilities 0x00
Still image unsupported
wWidth 176
wHeight 144
dwMinBitRate 768000
dwMaxBitRate 196608000
dwMaxVideoFrameBufferSize 50688
dwDefaultFrameInterval 333333
bFrameIntervalType 2
dwFrameInterval( 0) 333333
dwFrameInterval( 1) 666667
VideoStreaming Interface Descriptor:
bLength 34
bDescriptorType 36
bDescriptorSubtype 5 (FRAME_UNCOMPRESSED)
bFrameIndex 5
bmCapabilities 0x00
Still image unsupported
wWidth 160
wHeight 120
dwMinBitRate 768000
dwMaxBitRate 196608000
dwMaxVideoFrameBufferSize 38400
dwDefaultFrameInterval 333333
bFrameIntervalType 2
dwFrameInterval( 0) 333333
dwFrameInterval( 1) 666667
VideoStreaming Interface Descriptor:
bLength 26
bDescriptorType 36
bDescriptorSubtype 3 (STILL_IMAGE_FRAME)
bEndpointAddress 0
bNumImageSizePatterns 5
wWidth( 0) 640
wHeight( 0) 480
wWidth( 1) 352
wHeight( 1) 288
wWidth( 2) 320
wHeight( 2) 240
wWidth( 3) 176
wHeight( 3) 144
wWidth( 4) 160
wHeight( 4) 120
bNumCompressionPatterns 5
VideoStreaming Interface Descriptor:
bLength 6
bDescriptorType 36
bDescriptorSubtype 13 (COLORFORMAT)
bColorPrimaries 0 (Unspecified)
bTransferCharacteristics 0 (Unspecified)
bMatrixCoefficients 0 (Unspecified)
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 1
bNumEndpoints 1
bInterfaceClass 14 Video
bInterfaceSubClass 2 Video Streaming
bInterfaceProtocol 0
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 5
Transfer Type Isochronous
Synch Type Asynchronous
Usage Type Data
wMaxPacketSize 0x0080 1x 128 bytes
bInterval 1
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 2
bNumEndpoints 1
bInterfaceClass 14 Video
bInterfaceSubClass 2 Video Streaming
bInterfaceProtocol 0
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 5
Transfer Type Isochronous
Synch Type Asynchronous
Usage Type Data
wMaxPacketSize 0x0200 1x 512 bytes
bInterval 1
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 3
bNumEndpoints 1
bInterfaceClass 14 Video
bInterfaceSubClass 2 Video Streaming
bInterfaceProtocol 0
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 5
Transfer Type Isochronous
Synch Type Asynchronous
Usage Type Data
wMaxPacketSize 0x0400 1x 1024 bytes
bInterval 1
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 4
bNumEndpoints 1
bInterfaceClass 14 Video
bInterfaceSubClass 2 Video Streaming
bInterfaceProtocol 0
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 5
Transfer Type Isochronous
Synch Type Asynchronous
Usage Type Data
wMaxPacketSize 0x0b00 2x 768 bytes
bInterval 1
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 5
bNumEndpoints 1
bInterfaceClass 14 Video
bInterfaceSubClass 2 Video Streaming
bInterfaceProtocol 0
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 5
Transfer Type Isochronous
Synch Type Asynchronous
Usage Type Data
wMaxPacketSize 0x0c00 2x 1024 bytes
bInterval 1
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 6
bNumEndpoints 1
bInterfaceClass 14 Video
bInterfaceSubClass 2 Video Streaming
bInterfaceProtocol 0
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 5
Transfer Type Isochronous
Synch Type Asynchronous
Usage Type Data
wMaxPacketSize 0x1380 3x 896 bytes
bInterval 1
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 7
bNumEndpoints 1
bInterfaceClass 14 Video
bInterfaceSubClass 2 Video Streaming
bInterfaceProtocol 0
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 5
Transfer Type Isochronous
Synch Type Asynchronous
Usage Type Data
wMaxPacketSize 0x1400 3x 1024 bytes
bInterval 1
Device Qualifier (for other device speed):
bLength 10
bDescriptorType 6
bcdUSB 2.00
bDeviceClass 239 Miscellaneous Device
bDeviceSubClass 2 ?
bDeviceProtocol 1 Interface Association
bMaxPacketSize0 64
bNumConfigurations 1
Device Status: 0x0000
(Bus Powered)
hit the same issue with passthrough the usb-kbd to guest var xhci controller.
# lsusb | grep Keyboard
Bus 003 Device 004: ID 03f0:0024 Hewlett-Packard KU-0316 Keyboard
# /usr/libexec/qemu-kvm -M q35 -cpu SandyBridge -enable-kvm -m 4096 -smp 4,sockets=2,cores=2,threads=1 -no-kvm-pit-reinjection... -device nec-usb-xhci,id=xhci,bus=bridge1,addr=0x8 -device usb-host,hostbus=3,hostaddr=4,id=hostdev,bus=xhci.0
(qemu) info usqemu-kvm: hw/usb/core.c:413: usb_handle_packet: Assertion `p->ep->type != 3 || (dev->flags & (1 << USB_DEV_FLAG_IS_HOST))' failed.
Aborted (core dumped)
(gdb) bt
#0 0x00007f2bf9864a19 in raise () from /lib64/libc.so.6
#1 0x00007f2bf9866128 in abort () from /lib64/libc.so.6
#2 0x00007f2bf985d986 in __assert_fail_base () from /lib64/libc.so.6
#3 0x00007f2bf985da32 in __assert_fail () from /lib64/libc.so.6
#4 0x00007f2bfe07ad37 in usb_handle_packet (dev=<optimized out>, p=p@entry=0x7f2be40051b0) at hw/usb/core.c:412
#5 0x00007f2bfe08e29b in xhci_submit (epctx=0x7f2be4005180, xfer=0x7f2be40051a8, xhci=0x7f2be1d38010)
at hw/usb/hcd-xhci.c:1861
#6 xhci_fire_transfer (epctx=0x7f2be4005180, xfer=0x7f2be40051a8, xhci=0x7f2be1d38010) at hw/usb/hcd-xhci.c:1873
#7 xhci_kick_ep (xhci=0x7f2be1d38010, slotid=1, epid=3, streamid=0) at hw/usb/hcd-xhci.c:1995
#8 0x00007f2bfe16dc62 in access_with_adjusted_size (addr=addr@entry=4, value=value@entry=0x7f2bf122ea40,
size=size@entry=4, access_size_min=<optimized out>, access_size_max=<optimized out>, access=access@entry=
0x7f2bfe16e220 <memory_region_write_accessor>, opaque=opaque@entry=0x7f2be1d38a30)
at /usr/src/debug/qemu-1.5.1/memory.c:364
#9 0x00007f2bfe172bfb in memory_region_dispatch_write (size=4, data=3, addr=4, mr=0x7f2be1d38a30)
at /usr/src/debug/qemu-1.5.1/memory.c:916
#10 io_mem_write (mr=0x7f2be1d38a30, addr=4, val=<optimized out>, size=4) at /usr/src/debug/qemu-1.5.1/memory.c:1597
#11 0x00007f2bfe16dc62 in access_with_adjusted_size (addr=addr@entry=4, value=value@entry=0x7f2bf122eaf0,
size=size@entry=4, access_size_min=<optimized out>, access_size_max=<optimized out>, access=access@entry=
0x7f2bfe16e220 <memory_region_write_accessor>, opaque=opaque@entry=0x7f2bdc04f6e0)
at /usr/src/debug/qemu-1.5.1/memory.c:364
#12 0x00007f2bfe172bfb in memory_region_dispatch_write (size=4, data=3, addr=4, mr=0x7f2bdc04f6e0)
at /usr/src/debug/qemu-1.5.1/memory.c:916
#13 io_mem_write (mr=0x7f2bdc04f6e0, addr=4, val=<optimized out>, size=size@entry=4)
at /usr/src/debug/qemu-1.5.1/memory.c:1597
#14 0x00007f2bfe1211dd in address_space_rw (as=as@entry=0x7f2bfee35fc0 <address_space_memory>, addr=4272168964,
buf=buf@entry=0x7f2bfdf2d028 <Address 0x7f2bfdf2d028 out of bounds>, len=4, is_write=true)
---Type <return> to continue, or q <return> to quit---
at /usr/src/debug/qemu-1.5.1/exec.c:1916
#15 0x00007f2bfe1212d5 in cpu_physical_memory_rw (addr=<optimized out>,
buf=buf@entry=0x7f2bfdf2d028 <Address 0x7f2bfdf2d028 out of bounds>, len=<optimized out>, is_write=<optimized out>)
at /usr/src/debug/qemu-1.5.1/exec.c:1998
#16 0x00007f2bfe16c6f5 in kvm_cpu_exec (env=env@entry=0x7f2bff093520) at /usr/src/debug/qemu-1.5.1/kvm-all.c:1643
#17 0x00007f2bfe117dd5 in qemu_kvm_cpu_thread_fn (arg=0x7f2bff093520) at /usr/src/debug/qemu-1.5.1/cpus.c:759
#18 0x00007f2bfc19dc53 in start_thread () from /lib64/libpthread.so.0
#19 0x00007f2bf992413d in clone () from /lib64/libc.so.6
(gdb)
*** This bug has been marked as a duplicate of bug 981183 *** |