[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1687309] Re: Assertion !usb_packet_is_inflight(p) fail
|
From: |
Henrik Pitkala |
|
Subject: |
[Qemu-devel] [Bug 1687309] Re: Assertion !usb_packet_is_inflight(p) fails in OHCI |
|
Date: |
Sun, 30 Apr 2017 18:43:07 -0000 |
** Description changed:
I'm trying to get a USB web camera working in Qemu & Raspbian. USB works
and V4L shows device info correctly and capturing frames from the camera
works sometimes, but mostly it crashes with error message:
qemu-system-arm: hw/usb/core.c:558: usb_packet_setup: Assertion
`!usb_packet_is_inflight(p)' failed.
This looks similar to the previous bug which also caused a crash on the
same kind of assertion but the culprit was XHCI:
https://bugs.launchpad.net/qemu/+bug/1653384
-
== Versions ==
QEMU emulator version 2.9.50 (v2.9.0-303-g81b2d5c-dirty),
configured with
./configure --target-list=arm-softmmu,arm-linux-user,armeb-linux-user
--enable-libusb --enable-libssh2 --enable-debug
libusb: 1.0.21
Guest: 2017-04-10-raspbian-jessie-lite.img with kernel 4.4.34 for
Raspbian on Qemu
+ Host: Ubuntu 16.04.2 LTS, kernel 4.4.0-72-generic
+
Command: /usr/local/bin/qemu-system-arm -kernel qemu-rpi-kernel/kernel-
qemu-4.4.34-v4lm-jessie -cpu arm1176 -m 256 -M versatilepb -no-reboot
-append "root=/dev/sda2 panic=1" -drive format=raw,file=2017-04-10
-raspbian-jessie-lite.img -usb -usbdevice host:046d:0928 -net
nic,model=virtio -net user,hostfwd=tcp::2222-:22
Web camera is an old Logitech QuickCam Express Etch2 (046d:0928). It
works otherwise without problems.
-
== GDB Backtrace ==
qemu-system-arm: hw/usb/core.c:558: usb_packet_setup: Assertion
`!usb_packet_is_inflight(p)' failed.
Thread 1 "qemu-system-arm" received signal SIGABRT, Aborted.
0x00007fffdea6f428 in __GI_raise (address@hidden) at
../sysdeps/unix/sysv/linux/raise.c:54
54 ../sysdeps/unix/sysv/linux/raise.c: Tiedostoa tai hakemistoa ei ole.
(gdb) bt full
#0 0x00007fffdea6f428 in __GI_raise (address@hidden) at
../sysdeps/unix/sysv/linux/raise.c:54
- resultvar = 0
- pid = 16526
- selftid = 16526
+ resultvar = 0
+ pid = 16526
+ selftid = 16526
#1 0x00007fffdea7102a in __GI_abort () at abort.c:89
- save_stage = 2
- act = {__sigaction_handler = {sa_handler = 0x4, sa_sigaction = 0x4},
sa_mask = {__val = {140737488345776,
- 140737488351076, 140737488345856, 48702688480, 140737352876032,
93825001457954, 558, 93825001458576, 0, 0,
- 140736929192332, 140736930289240, 140736930302896, 260615966,
140736930289240, 93825001457954}},
- sa_flags = -135479296, sa_restorer = 0x555555e20922}
- sigs = {__val = {32, 0 <repeats 15 times>}}
- #2 0x00007fffdea67bd7 in __assert_fail_base (fmt=<optimized out>,
- address@hidden "!usb_packet_is_inflight(p)",
- address@hidden "hw/usb/core.c", address@hidden,
- address@hidden <__PRETTY_FUNCTION__.27044> "usb_packet_setup") at
assert.c:92
- str = 0x5555573e0800 ""
- total = 4096
- #3 0x00007fffdea67c82 in __GI___assert_fail (assertion=0x555555e20922
"!usb_packet_is_inflight(p)",
- file=0x555555e20686 "hw/usb/core.c", line=558,
- function=0x555555e20b90 <__PRETTY_FUNCTION__.27044> "usb_packet_setup")
at assert.c:101
+ save_stage = 2
+ act = {__sigaction_handler = {sa_handler = 0x4, sa_sigaction = 0x4},
sa_mask = {__val = {140737488345776,
+ 140737488351076, 140737488345856, 48702688480, 140737352876032,
93825001457954, 558, 93825001458576, 0, 0,
+ 140736929192332, 140736930289240, 140736930302896, 260615966,
140736930289240, 93825001457954}},
+ sa_flags = -135479296, sa_restorer = 0x555555e20922}
+ sigs = {__val = {32, 0 <repeats 15 times>}}
+ #2 0x00007fffdea67bd7 in __assert_fail_base (fmt=<optimized out>,
+ address@hidden "!usb_packet_is_inflight(p)",
+ address@hidden "hw/usb/core.c", address@hidden,
+ address@hidden <__PRETTY_FUNCTION__.27044> "usb_packet_setup") at assert.c:92
+ str = 0x5555573e0800 ""
+ total = 4096
+ #3 0x00007fffdea67c82 in __GI___assert_fail (assertion=0x555555e20922
"!usb_packet_is_inflight(p)",
+ file=0x555555e20686 "hw/usb/core.c", line=558,
+ function=0x555555e20b90 <__PRETTY_FUNCTION__.27044> "usb_packet_setup")
at assert.c:101
No locals.
- #4 0x0000555555b4015a in usb_packet_setup (p=0x555556e81bc8, pid=105,
ep=0x55555733e180, stream=0, id=260615936,
- short_not_ok=false, int_req=false) at hw/usb/core.c:558
- __PRETTY_FUNCTION__ = "usb_packet_setup"
+ #4 0x0000555555b4015a in usb_packet_setup (p=0x555556e81bc8, pid=105,
ep=0x55555733e180, stream=0, id=260615936,
+ short_not_ok=false, int_req=false) at hw/usb/core.c:558
+ __PRETTY_FUNCTION__ = "usb_packet_setup"
#5 0x0000555555b4f2ee in ohci_service_iso_td (ohci=0x555556e814c0,
ed=0x7fffffffdda0, completion=0)
- at hw/usb/hcd-ohci.c:852
- int_req = false
- dir = 2
- len = 1023
- str = 0x555555e233cf "in"
- pid = 105
- ret = -8788
- i = -8912
- dev = 0x55555733d070
- ep = 0x55555733e180
- iso_td = {flags = 4039218540, bp = 251170816, next = 260615872, be =
251173880, offset = {59386, 0, 6, 0, 53328,
- 53376, 0, 0}}
- addr = 260615936
- starting_frame = 38252
- relative_frame_number = 0
- frame_count = 0
- start_offset = 59386
- next_offset = 0
- end_offset = 0
- start_addr = 251172858
- end_addr = 251173880
+ at hw/usb/hcd-ohci.c:852
+ int_req = false
+ dir = 2
+ len = 1023
+ str = 0x555555e233cf "in"
+ pid = 105
+ ret = -8788
+ i = -8912
+ dev = 0x55555733d070
+ ep = 0x55555733e180
+ iso_td = {flags = 4039218540, bp = 251170816, next = 260615872, be =
251173880, offset = {59386, 0, 6, 0, 53328,
+ 53376, 0, 0}}
+ addr = 260615936
+ starting_frame = 38252
+ relative_frame_number = 0
+ frame_count = 0
+ start_offset = 59386
+ next_offset = 0
+ end_offset = 0
+ start_addr = 251172858
+ end_addr = 251173880
#6 0x0000555555b5055c in ohci_service_ed_list (ohci=0x555556e814c0,
head=260608080, completion=0)
- at hw/usb/hcd-ohci.c:1239
- ed = {flags = 67080322, tail = 260614272, head = 260615936, next = 0}
- next_ed = 0
- cur = 260608080
- active = 1
- link_cnt = 1
+ at hw/usb/hcd-ohci.c:1239
+ ed = {flags = 67080322, tail = 260614272, head = 260615936, next = 0}
+ next_ed = 0
+ cur = 260608080
+ active = 1
+ link_cnt = 1
#7 0x0000555555b50857 in ohci_frame_boundary (opaque=0x555556e814c0) at
hw/usb/hcd-ohci.c:1304
- n = 12
- ohci = 0x555556e814c0
- hcca = {intr = {260608080 <repeats 32 times>}, frame = 38252, pad =
0, done = 0}
+ n = 12
+ ohci = 0x555556e814c0
+ hcca = {intr = {260608080 <repeats 32 times>}, frame = 38252, pad =
0, done = 0}
#8 0x0000555555d12050 in timerlist_run_timers (timer_list=0x555556939600) at
util/qemu-timer.c:536
- ts = 0x555556ebc9b0
- current_time = 224991592167
- progress = false
- cb = 0x555555b50778 <ohci_frame_boundary>
- opaque = 0x555556e814c0
+ ts = 0x555556ebc9b0
+ current_time = 224991592167
+ progress = false
+ cb = 0x555555b50778 <ohci_frame_boundary>
+ opaque = 0x555556e814c0
#9 0x0000555555d1209c in qemu_clock_run_timers (type=QEMU_CLOCK_VIRTUAL) at
util/qemu-timer.c:547
No locals.
#10 0x0000555555d1244e in qemu_clock_run_all_timers () at
util/qemu-timer.c:662
- progress = false
- type = QEMU_CLOCK_VIRTUAL
+ progress = false
+ type = QEMU_CLOCK_VIRTUAL
#11 0x0000555555d12bf9 in main_loop_wait (nonblocking=0) at
util/main-loop.c:525
- ret = 0
- timeout = 499
- timeout_ns = 977642
+ ret = 0
+ timeout = 499
+ timeout_ns = 977642
#12 0x0000555555969440 in main_loop () at vl.c:1899
No locals.
#13 0x0000555555971229 in main (argc=21, argv=0x7fffffffe358,
envp=0x7fffffffe408) at vl.c:4717
- i = 0
- snapshot = 0
- linux_boot = 1
- initrd_filename = 0x0
- kernel_filename = 0x5555568d78c0
"qemu-rpi-kernel/kernel-qemu-4.4.34-v4lm-jessie"
- kernel_cmdline = 0x5555568d8c80 "root=/dev/sda2 panic=1 "
- boot_order = 0x0
- boot_once = 0x0
- ds = 0x55555718f750
- cyls = 0
- heads = 0
- secs = 0
- translation = 0
- opts = 0x0
- machine_opts = 0x5555568d8b20
- hda_opts = 0x0
- icount_opts = 0x0
- accel_opts = 0x0
- olist = 0x55555629fc80 <qemu_machine_opts>
- optind = 21
- optarg = 0x7fffffffe780 "user,hostfwd=tcp::2222-:22"
- loadvm = 0x0
- machine_class = 0x5555568eff50
- cpu_model = 0x7fffffffe6c2 "arm1176"
- vga_model = 0x555555d8d8c4 "std"
- qtest_chrdev = 0x0
- qtest_log = 0x0
- pid_file = 0x0
- incoming = 0x0
- defconfig = true
- userconfig = true
- nographic = false
- display_type = DT_GTK
- display_remote = 0
- log_mask = 0x0
- log_file = 0x0
- trace_file = 0x0
- maxram_size = 268435456
- ram_slots = 0
- vmstate_dump_file = 0x0
- main_loop_err = 0x0
- err = 0x0
- list_data_dirs = false
- bdo_queue = {sqh_first = 0x0, sqh_last = 0x7fffffffe140}
- __func__ = "main"
+ i = 0
+ snapshot = 0
+ linux_boot = 1
+ initrd_filename = 0x0
+ kernel_filename = 0x5555568d78c0
"qemu-rpi-kernel/kernel-qemu-4.4.34-v4lm-jessie"
+ kernel_cmdline = 0x5555568d8c80 "root=/dev/sda2 panic=1 "
+ boot_order = 0x0
+ boot_once = 0x0
+ ds = 0x55555718f750
+ cyls = 0
+ heads = 0
+ secs = 0
+ translation = 0
+ opts = 0x0
+ machine_opts = 0x5555568d8b20
+ hda_opts = 0x0
+ icount_opts = 0x0
+ accel_opts = 0x0
+ olist = 0x55555629fc80 <qemu_machine_opts>
+ optind = 21
+ optarg = 0x7fffffffe780 "user,hostfwd=tcp::2222-:22"
+ loadvm = 0x0
+ machine_class = 0x5555568eff50
+ cpu_model = 0x7fffffffe6c2 "arm1176"
+ vga_model = 0x555555d8d8c4 "std"
+ qtest_chrdev = 0x0
+ qtest_log = 0x0
+ pid_file = 0x0
+ incoming = 0x0
+ defconfig = true
+ userconfig = true
+ nographic = false
+ display_type = DT_GTK
+ display_remote = 0
+ log_mask = 0x0
+ log_file = 0x0
+ trace_file = 0x0
+ maxram_size = 268435456
+ ram_slots = 0
+ vmstate_dump_file = 0x0
+ main_loop_err = 0x0
+ err = 0x0
+ list_data_dirs = false
+ bdo_queue = {sqh_first = 0x0, sqh_last = 0x7fffffffe140}
+ __func__ = "main"
-
- (P.S. Tiedostoa tai hakemistoa ei ole = file or directory doesn't exist.)
+ (P.S. Tiedostoa tai hakemistoa ei ole = file or directory doesn't
+ exist.)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1687309
Title:
Assertion !usb_packet_is_inflight(p) fails in OHCI
Status in QEMU:
New
Bug description:
I'm trying to get a USB web camera working in Qemu & Raspbian. USB
works and V4L shows device info correctly and capturing frames from
the camera works sometimes, but mostly it crashes with error message:
qemu-system-arm: hw/usb/core.c:558: usb_packet_setup: Assertion
`!usb_packet_is_inflight(p)' failed.
This looks similar to the previous bug which also caused a crash on
the same kind of assertion but the culprit was XHCI:
https://bugs.launchpad.net/qemu/+bug/1653384
== Versions ==
QEMU emulator version 2.9.50 (v2.9.0-303-g81b2d5c-dirty),
configured with
./configure --target-list=arm-softmmu,arm-linux-user,armeb-linux-user
--enable-libusb --enable-libssh2 --enable-debug
libusb: 1.0.21
Guest: 2017-04-10-raspbian-jessie-lite.img with kernel 4.4.34 for
Raspbian on Qemu
Host: Ubuntu 16.04.2 LTS, kernel 4.4.0-72-generic
Command: /usr/local/bin/qemu-system-arm -kernel qemu-rpi-kernel
/kernel-qemu-4.4.34-v4lm-jessie -cpu arm1176 -m 256 -M versatilepb
-no-reboot -append "root=/dev/sda2 panic=1" -drive
format=raw,file=2017-04-10-raspbian-jessie-lite.img -usb -usbdevice
host:046d:0928 -net nic,model=virtio -net user,hostfwd=tcp::2222-:22
Web camera is an old Logitech QuickCam Express Etch2 (046d:0928). It
works otherwise without problems.
== GDB Backtrace ==
qemu-system-arm: hw/usb/core.c:558: usb_packet_setup: Assertion
`!usb_packet_is_inflight(p)' failed.
Thread 1 "qemu-system-arm" received signal SIGABRT, Aborted.
0x00007fffdea6f428 in __GI_raise (address@hidden) at
../sysdeps/unix/sysv/linux/raise.c:54
54 ../sysdeps/unix/sysv/linux/raise.c: Tiedostoa tai hakemistoa ei ole.
(gdb) bt full
#0 0x00007fffdea6f428 in __GI_raise (address@hidden) at
../sysdeps/unix/sysv/linux/raise.c:54
resultvar = 0
pid = 16526
selftid = 16526
#1 0x00007fffdea7102a in __GI_abort () at abort.c:89
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x4, sa_sigaction = 0x4},
sa_mask = {__val = {140737488345776,
140737488351076, 140737488345856, 48702688480, 140737352876032,
93825001457954, 558, 93825001458576, 0, 0,
140736929192332, 140736930289240, 140736930302896, 260615966,
140736930289240, 93825001457954}},
sa_flags = -135479296, sa_restorer = 0x555555e20922}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007fffdea67bd7 in __assert_fail_base (fmt=<optimized out>,
address@hidden "!usb_packet_is_inflight(p)",
address@hidden "hw/usb/core.c", address@hidden,
address@hidden <__PRETTY_FUNCTION__.27044> "usb_packet_setup") at assert.c:92
str = 0x5555573e0800 ""
total = 4096
#3 0x00007fffdea67c82 in __GI___assert_fail (assertion=0x555555e20922
"!usb_packet_is_inflight(p)",
file=0x555555e20686 "hw/usb/core.c", line=558,
function=0x555555e20b90 <__PRETTY_FUNCTION__.27044> "usb_packet_setup")
at assert.c:101
No locals.
#4 0x0000555555b4015a in usb_packet_setup (p=0x555556e81bc8, pid=105,
ep=0x55555733e180, stream=0, id=260615936,
short_not_ok=false, int_req=false) at hw/usb/core.c:558
__PRETTY_FUNCTION__ = "usb_packet_setup"
#5 0x0000555555b4f2ee in ohci_service_iso_td (ohci=0x555556e814c0,
ed=0x7fffffffdda0, completion=0)
at hw/usb/hcd-ohci.c:852
int_req = false
dir = 2
len = 1023
str = 0x555555e233cf "in"
pid = 105
ret = -8788
i = -8912
dev = 0x55555733d070
ep = 0x55555733e180
iso_td = {flags = 4039218540, bp = 251170816, next = 260615872, be =
251173880, offset = {59386, 0, 6, 0, 53328,
53376, 0, 0}}
addr = 260615936
starting_frame = 38252
relative_frame_number = 0
frame_count = 0
start_offset = 59386
next_offset = 0
end_offset = 0
start_addr = 251172858
end_addr = 251173880
#6 0x0000555555b5055c in ohci_service_ed_list (ohci=0x555556e814c0,
head=260608080, completion=0)
at hw/usb/hcd-ohci.c:1239
ed = {flags = 67080322, tail = 260614272, head = 260615936, next = 0}
next_ed = 0
cur = 260608080
active = 1
link_cnt = 1
#7 0x0000555555b50857 in ohci_frame_boundary (opaque=0x555556e814c0) at
hw/usb/hcd-ohci.c:1304
n = 12
ohci = 0x555556e814c0
hcca = {intr = {260608080 <repeats 32 times>}, frame = 38252, pad =
0, done = 0}
#8 0x0000555555d12050 in timerlist_run_timers (timer_list=0x555556939600) at
util/qemu-timer.c:536
ts = 0x555556ebc9b0
current_time = 224991592167
progress = false
cb = 0x555555b50778 <ohci_frame_boundary>
opaque = 0x555556e814c0
#9 0x0000555555d1209c in qemu_clock_run_timers (type=QEMU_CLOCK_VIRTUAL) at
util/qemu-timer.c:547
No locals.
#10 0x0000555555d1244e in qemu_clock_run_all_timers () at
util/qemu-timer.c:662
progress = false
type = QEMU_CLOCK_VIRTUAL
#11 0x0000555555d12bf9 in main_loop_wait (nonblocking=0) at
util/main-loop.c:525
ret = 0
timeout = 499
timeout_ns = 977642
#12 0x0000555555969440 in main_loop () at vl.c:1899
No locals.
#13 0x0000555555971229 in main (argc=21, argv=0x7fffffffe358,
envp=0x7fffffffe408) at vl.c:4717
i = 0
snapshot = 0
linux_boot = 1
initrd_filename = 0x0
kernel_filename = 0x5555568d78c0
"qemu-rpi-kernel/kernel-qemu-4.4.34-v4lm-jessie"
kernel_cmdline = 0x5555568d8c80 "root=/dev/sda2 panic=1 "
boot_order = 0x0
boot_once = 0x0
ds = 0x55555718f750
cyls = 0
heads = 0
secs = 0
translation = 0
opts = 0x0
machine_opts = 0x5555568d8b20
hda_opts = 0x0
icount_opts = 0x0
accel_opts = 0x0
olist = 0x55555629fc80 <qemu_machine_opts>
optind = 21
optarg = 0x7fffffffe780 "user,hostfwd=tcp::2222-:22"
loadvm = 0x0
machine_class = 0x5555568eff50
cpu_model = 0x7fffffffe6c2 "arm1176"
vga_model = 0x555555d8d8c4 "std"
qtest_chrdev = 0x0
qtest_log = 0x0
pid_file = 0x0
incoming = 0x0
defconfig = true
userconfig = true
nographic = false
display_type = DT_GTK
display_remote = 0
log_mask = 0x0
log_file = 0x0
trace_file = 0x0
maxram_size = 268435456
ram_slots = 0
vmstate_dump_file = 0x0
main_loop_err = 0x0
err = 0x0
list_data_dirs = false
bdo_queue = {sqh_first = 0x0, sqh_last = 0x7fffffffe140}
__func__ = "main"
(P.S. Tiedostoa tai hakemistoa ei ole = file or directory doesn't
exist.)
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1687309/+subscriptions