Bug 739678 - qemu hits assert on usb-host device hot add
Summary: qemu hits assert on usb-host device hot add
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: qemu
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Fedora Virtualization Maintainers
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-09-19 19:17 UTC by Chris Wright
Modified: 2013-01-10 00:21 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-06-17 22:01:38 UTC


Attachments (Terms of Use)

Description Chris Wright 2011-09-19 19:17:20 UTC
Description of problem:

When hot adding usb host device to guest, qemu hits assert.

Version-Release number of selected component (if applicable):

Upstream qemu including usb/usb.27 changes from kraxel's tree.

How reproducible:

100%

Steps to Reproduce and Actual results:

Hotplug usb-host device (phone):

(qemu) device_add usb-host,hostbus=2,hostport=1,bus=usb.0
 
Hits this assert:
 
qemu-system-x86_64: /home/chrisw/git/qemu/qemu/hw/usb.c:349:
usb_packet_complete: Assertion `p->owner != ((void *)0)' failed.

And hotplug usb-host device (mouse):
 
(qemu) device_add usb-host,hostbus=6,hostaddr=11,bus=usb.0

Hits this assert:
 
qemu-system-x86_64: savevm.c:1260: vmstate_register_with_alias_id:
Assertion `!se->compat || se->instance_id == 0' failed.


Expected results:

Device is added and functional.

Additional info:

This works on qemu-system-x86.0.15.0-4
This doesn't work on upstream commit:

530889f sun4u: don't set up isa_mem_base

Or with usb/usb.27 merged in to that upstream base.

Comment 1 Gerd Hoffmann 2011-09-20 08:10:52 UTC
Can you attach a stacktrace for the assert please?

Comment 2 Gerd Hoffmann 2011-10-28 10:01:27 UTC
Can you retest with latest master?

Comment 3 Paul Bolle 2012-01-25 11:09:18 UTC
0) I ran into this with 0.15.1:
$ qemu -usb -snapshot -fda 2880.img
husb: open device 1.6
husb: config #1 need -1
husb: 1 interfaces claimed for configuration 1
husb: grabbed usb device 1.6
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
husb: config #1 need 1
husb: 1 interfaces claimed for configuration 1
qemu: /builddir/build/BUILD/qemu-kvm-0.15.1/hw/usb.c:336: usb_packet_complete: Assertion `p->owner != ((void *)0)' failed.
Aborted (core dumped)

1) Backtrace (manually generated from abrt's directory for this crash), as asked to original submitter in comment #1:
(gdb) bt
#0  0x00007f0cb2a2d285 in raise () from /lib64/libc.so.6
#1  0x00007f0cb2a2eb9b in abort () from /lib64/libc.so.6
#2  0x00007f0cb2a25e9e in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007f0cb2a25f42 in __assert_fail () from /lib64/libc.so.6
#4  0x00007f0cb74ddd4a in usb_packet_complete (dev=<optimized out>, p=0x7f0cb8a4c040)
    at /usr/src/debug/qemu-kvm-0.15.1/hw/usb.c:336
#5  0x00007f0cb74e0ed0 in async_complete (opaque=0x7f0cb8a4d570) at usb-linux.c:360
#6  0x00007f0cb7503bfa in qemu_iohandler_poll (readfds=0x7fffe7fe0020, writefds=0x7fffe7fe00a0, 
    xfds=<optimized out>, ret=<optimized out>) at iohandler.c:158
#7  0x00007f0cb74815b9 in main_loop_wait (nonblocking=<optimized out>)
    at /usr/src/debug/qemu-kvm-0.15.1/vl.c:1348
#8  0x00007f0cb746c661 in main_loop () at /usr/src/debug/qemu-kvm-0.15.1/vl.c:1392
#9  main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>)
    at /usr/src/debug/qemu-kvm-0.15.1/vl.c:3378

2) Feel free to prod for more details, testing, etc.

Comment 4 Paul Bolle 2012-01-25 11:14:23 UTC
Mark as duplicate of bug #769625 ? That report has a (backported) patch attached, which is claimed to fix this issue.

Comment 5 Fedora Admin XMLRPC Client 2012-03-15 17:59:21 UTC
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Comment 6 Cole Robinson 2012-06-17 22:01:38 UTC
This should be fixed by qemu-1.0 in F17+, please reopen this report if you are still hitting issues.


Note You need to log in before you can comment on or make changes to this bug.