Bug 983814 - Attempting to use USB device in guest, causes guest to abruptly shut down: hw/usb/core.c:413: usb_handle_packet: Assertion
Summary: Attempting to use USB device in guest, causes guest to abruptly shut down: hw...
Keywords:
Status: CLOSED DUPLICATE of bug 981459
Alias: None
Product: Fedora
Classification: Fedora
Component: qemu
Version: 19
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Fedora Virtualization Maintainers
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-07-12 02:39 UTC by Alex G.
Modified: 2013-07-27 19:59 UTC (History)
19 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-07-27 19:59:57 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
Log of VM starting up with problem USB device connected (2.43 KB, text/plain)
2013-07-24 23:24 UTC, Alex G. 		no flags Details
View All

Description Alex G. 2013-07-12 02:39:51 UTC 
Description of problem:
As soon a guest OS tries to communicate with a USB device, the host freezes up. There is no message in dmesg or /var/log/mesages, if wireshark is running, capturing packets, nothing appears, if there is sound playing, it starts looping.

Version-Release number of selected component (if applicable):
qemu-1.4.2-4.fc19.x86_64
kernel-3.9.9-301.fc19.x86_64
virt-manager-0.10.0-1.fc19.noarch
libvirt-1.0.5.2-1.fc19.x86_64


How reproducible:
always

Steps to Reproduce:
1. Create a VM with virt-manager and install a guest OS
2. Use the "Add Hardware" button in virt-manager to redirect a host USB device to the guest.
3. If needed, load the drivers in the guest. The guest needs to attempt to use the USB device for the freeze to happen

Actual results:
DUH!

Expected results:
DUH!

Additional info:
N/A
Comment 1 Alex G. 2013-07-18 20:57:20 UTC 
I can cause this on a host with kvm-intel (Nehalem CPU), but not on a host with kvm-amd (A10-4600M CPU).
Comment 2 Cole Robinson 2013-07-23 17:07:54 UTC 
Does the latest F19 kernel make any difference? There were several host freezer/crasher issues resolved recently.
Comment 3 Alex G. 2013-07-23 22:12:12 UTC 
I can't make it freeze again with any reasonable effort. Instead of the host freezing, the guest shuts down. I think the guest was crapping itself and shut down, and the actual shutdown caused the freeze.

In light of this new discovery, I believe this is a duplicate of bug 986049.
Comment 4 Cole Robinson 2013-07-24 17:35:12 UTC 
Can you post /var/log/libvirt/qemu/$vmname.log ?
And details about the USB device you are using
Comment 5 Alex G. 2013-07-24 23:24:30 UTC 
Created attachment 778014 [details]
Log of VM starting up with problem USB device connected

The device is a CDCACM usb to serial bridge

$ sudo lsusb -d c03e:b007 -vvv
[sudo] password for mrnuke: 

Bus 009 Device 063: ID c03e:b007  
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB              20.00
  bDeviceClass            2 Communications
  bDeviceSubClass         0 
  bDeviceProtocol         0 
  bMaxPacketSize0        64
  idVendor           0xc03e 
  idProduct          0xb007 
  bcdDevice           20.00
  iManufacturer           1 libopencm3
  iProduct                2 usb_to_serial_cdcacm
  iSerial                 3 none
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           67
    bNumInterfaces          2
    bConfigurationValue     1
    iConfiguration          0 
    bmAttributes         0x80
      (Bus Powered)
    MaxPower              100mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           1
      bInterfaceClass         2 Communications
      bInterfaceSubClass      2 Abstract (modem)
      bInterfaceProtocol      1 AT-commands (v.25ter)
      iInterface              0 
      CDC Header:
        bcdCDC               1.10
      CDC Call Management:
        bmCapabilities       0x00
        bDataInterface          1
      CDC ACM:
        bmCapabilities       0x02
          line coding and serial state
      CDC Union:
        bMasterInterface        0
        bSlaveInterface         1 
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x83  EP 3 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0010  1x 16 bytes
        bInterval               1
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        1
      bAlternateSetting       0
      bNumEndpoints           2
      bInterfaceClass        10 CDC Data
      bInterfaceSubClass      0 Unused
      bInterfaceProtocol      0 
      iInterface              0 
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x01  EP 1 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               1
Device Status:     0x0000
  (Bus Powered)
Comment 6 Cole Robinson 2013-07-25 20:42:56 UTC 
Here's the log file:

LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin QEMU_AUDIO_DRV=spice /usr/bin/qemu-kvm -name Shitdows -S -machine pc-0.15,accel=kvm,usb=off -m 1024 -smp 3,sockets=3,cores=1,threads=1 -uuid 70076225-269b-aaf1-bb9d-e4f8113f4fbc -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/Shitdows.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=localtime -no-shutdown -boot order=cd,menu=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x8.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x8 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x8.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x8.0x2 -device lsi,id=scsi0,bus=pci.0,addr=0x7 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x5 -drive file=/media/Mr_Nuke/Soft/OS Archive/Windows OS attempts/virtio-win-0.1-59.iso,if=none,id=drive-ide0-0-0,readonly=on,format=raw,cache=none -device ide-cd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive file=/media/Storage/VM/crapdows.img,if=none,id=drive-ide0-0-1,format=raw,cache=none -device ide-hd,bus=ide.0,unit=1,drive=drive-ide0-0-1,id=ide0-0-1 -drive file=/media/Mr_Nuke/Soft/OS Archive/Windows OS attempts/virtio-win-0.1-59.iso,if=none,id=drive-ide0-1-0,readonly=on,format=raw,cache=none -device ide-cd,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -netdev tap,fd=24,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=52:54:00:1c:18:fe,bus=pci.0,addr=0x3 -chardev spicevmc,id=charchannel0,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 -device usb-tablet,id=input0 -spice port=5900,addr=127.0.0.1,disable-ticketing,seamless-migration=on -vga qxl -global qxl-vga.ram_size=67108864 -global qxl-vga.vram_size=67108864 -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -device usb-host,hostbus=9,hostaddr=63,id=hostdev0 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6
main_channel_link: add main channel client
main_channel_handle_parsed: net test: latency 0.141000 ms, bitrate 25600000000 bps (24414.062500 Mbps)
red_dispatcher_set_cursor_peer: 
inputs_connect: inputs channel client create
qemu-system-x86_64: hw/usb/core.c:413: usb_handle_packet: Assertion `p->ep->type != 3 || (dev->flags & USB_DEV_FLAG_IS_HOST)' failed.
2013-07-24 23:19:35.007+0000: shutting down

Notice the assertion at the end. CC'ing USB guys
Comment 7 Alex G. 2013-07-25 20:46:33 UTC 
Do you also need a capture with wireshark?
Comment 8 Gerd Hoffmann 2013-07-26 10:27:06 UTC 
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=628e54857a82a3cb65ef96c12640c30d6307a064

Didn't made 1.5.1 unfortunately, should show up in 1.5.2.
Comment 9 Hans de Goede 2013-07-27 19:59:57 UTC 
We also have an abrt bug for this, marking this as a dup of the abrt bug, since that is where most people which are impacted this are (automatically) added to the CC.

*** This bug has been marked as a duplicate of bug 981459 ***
Note You need to log in before you can comment on or make changes to this bug.