Version-Release number of selected component: qemu-system-x86-1.6.0-6.fc20 Additional info: reporter: libreport-2.1.6 backtrace_rating: 4 cmdline: /usr/bin/qemu-system-x86_64 -machine accel=kvm -name boxes-unknown -S -machine pc-i440fx-1.6,accel=kvm,usb=off -cpu Penryn,+osxsave,+xsave,+pdcm,+xtpr,+tm2,+est,+smx,+vmx,+ds_cpl,+monitor,+dtes64,+pbe,+tm,+ht,+ss,+acpi,+ds,+vme -m 1054 -realtime mlock=off -smp 2,sockets=1,cores=2,threads=1 -uuid 8d32e017-7756-400a-871f-e5a604a4e1fc -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/home/frieben/.config/libvirt/qemu/lib/boxes-unknown.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -no-kvm-pit-reinjection -no-shutdown -global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x6 -device usb-ccid,id=ccid0 -drive file=/home/frieben/.local/share/gnome-boxes/images/boxes-unknown,if=none,id=drive-ide0-0-0,format=qcow2,cache=none -device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 -drive file=/home/frieben/Downloads/iso/ReactOS/ReactOS-BootCD.iso,if=none,id=drive-ide0-1-0,readonly=on,format=raw -device ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -netdev user,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=52:54:00:f5:fb:e9,bus=pci.0,addr=0x3 -chardev spicevmc,id=charsmartcard0,name=smartcard -device ccid-card-passthru,chardev=charsmartcard0,id=smartcard0,bus=ccid0.0 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev spicevmc,id=charchannel0,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 -device usb-tablet,id=input0 -spice port=5900,addr=127.0.0.1,disable-ticketing,image-compression=off,seamless-migration=on -device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,bus=pci.0,addr=0x2 -device AC97,id=sound0,bus=pci.0,addr=0x4 -chardev spicevmc,id=charredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0 -chardev spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1 -chardev spicevmc,id=charredir2,name=usbredir -device usb-redir,chardev=charredir2,id=redir2 -chardev spicevmc,id=charredir3,name=usbredir -device usb-redir,chardev=charredir3,id=redir3 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x7 crash_function: object_dynamic_cast_assert executable: /usr/bin/qemu-system-x86_64 kernel: 3.11.0-3.fc20.x86_64 runlevel: 5 3 uid: 1001 Truncated backtrace: Thread no. 1 (10 frames) #2 object_dynamic_cast_assert at qom/object.c:456 #3 ehci_process_itd at hw/usb/hcd-ehci.c:1489 #4 ehci_state_fetchitd at hw/usb/hcd-ehci.c:1759 #5 ehci_advance_state at hw/usb/hcd-ehci.c:2096 #6 ehci_advance_periodic_state at hw/usb/hcd-ehci.c:2251 #7 ehci_frame_timer at hw/usb/hcd-ehci.c:2333 #8 qemu_run_timers at qemu-timer.c:394 #10 qemu_run_all_timers at qemu-timer.c:452 #11 main_loop_wait at main-loop.c:471 #12 main_loop at vl.c:2090
Created attachment 795139 [details] File: backtrace
Created attachment 795140 [details] File: cgroup
Created attachment 795141 [details] File: core_backtrace
Created attachment 795142 [details] File: dso_list
Created attachment 795143 [details] File: environ
Created attachment 795144 [details] File: limits
Created attachment 795145 [details] File: maps
Created attachment 795146 [details] File: open_fds
Created attachment 795147 [details] File: proc_pid_status
Christoph, what were you doing when the crash happened? What OS is this? Traceback from ehci, CCing gerd and hans
As stated in the initial report, qemu was launched with boot option -drive file=/home/frieben/Downloads/iso/ReactOS/ReactOS-BootCD.iso , thus from the standard ReactOS 0.3.15 install media. The crash occurred after confirming that the OS was to be installed to drive C: However, GNOME Boxes also crashes when booting from the corresponding image file ReactOS.vmdk.
Ah, good catch, thanks for the bug-report. This is a regression in the qemu ehci code in 1.6.0, I've managed to reproduce this, and I've just completed writing a fix for it. I'll attach the patch fixing this. Cole can you please add this patch to the F20+ qemu builds? I'll try to get it into qemu-1.6.1 .
Created attachment 795526 [details] [PATCH] ehci: Fix crash with isoc usb packets
Created attachment 795576 [details] [PATCH v2] ehci: save device pointer in EHCIState Upstream discussion has led to a slightly different patch.
commit adbecc89731cf3e0ae656d50ea9fa58c589c4bdc
qemu-1.6.0-8.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/qemu-1.6.0-8.fc20
Package qemu-1.6.0-8.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing qemu-1.6.0-8.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-17670/qemu-1.6.0-8.fc20 then log in and leave karma (feedback).
qemu-1.6.0-8.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.