* [Qemu-devel] [Bug 1833053] [NEW] qemu guest crashes on spice client USB redirected device removal
@ 2019-06-17 9:42 Nikolay Kichukov
2019-06-24 6:06 ` [Qemu-devel] [Bug 1833053] " Alex
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Nikolay Kichukov @ 2019-06-17 9:42 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
Hello,
I am experiencing guest crashes, which cannot be reproduced at all
times, but are pretty frequent (4 out of 5 tries it would crash). The
guest crashes when a previously attached USB redirected device through
SPICE has been removed by the client.
Steps to reproduce:
1.) Start windows 10 guest with display driver Spice
2.) Connect to the console with remote-viewer spice://IP:PORT or via virt-viewer (tunnelled through SSH)
3.) Attach a client USB device, for example storage device, iPhone or Android phone
4.) Observe the guest OS detects it and sets it up
5.) Go back to 'USB device selection' and untick the USB device
6.) Observe the guest VM crashed and the below assertion was printed in the qemu log for this virtual machine:
qemu-system-x86_64: /var/tmp/portage/app-emulation/qemu-4.0.0-r3/work/qemu-4.0.0/hw/usb/core.c:720: usb_ep_get: Assertion `dev != NULL' failed.
2019-06-17 09:25:09.160+0000: shutting down, reason=crashed
Versions of related packages on the host:
app-emulation/qemu-4.0.0-r3
app-emulation/spice-0.14.0-r2:0
app-emulation/spice-protocol-0.12.14:0
net-misc/spice-gtk-0.35:0
Kernel: 5.1.7-gentoo on Intel x86_64 CPU
Version of the spice-tools on the guest:
virtio-win 0.1-126
QXL 0.1-21
mingw-vdagent-win 0.8.0
QEMU command line (generated by libvirt):
/usr/bin/qemu-system-x86_64 -name guest=W10VM,debug-threads=on -S
-object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-41-W10VM
/master-key.aes -machine pc-i440fx-2.12,accel=kvm,usb=off,vmport=off
,dump-guest-core=off -cpu
qemu64,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,hv_synic,hv_stimer
-m 4500 -realtime mlock=off -smp 2,maxcpus=4,sockets=4,cores=1,threads=1
-uuid b39afae2-5085-4659-891c-b3c65e65af2e -no-user-config -nodefaults
-chardev socket,id=charmonitor,fd=26,server,nowait -mon
chardev=charmonitor,id=monitor,mode=control -rtc
base=localtime,driftfix=slew -no-hpet -global kvm-
pit.lost_tick_policy=delay -no-shutdown -global PIIX4_PM.disable_s3=1
-global PIIX4_PM.disable_s4=1 -boot menu=off,strict=on -device ich9-usb-
ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-
uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5
-device ich9-usb-
uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9
-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x8 -device virtio-serial-pci,id
=virtio-serial0,bus=pci.0,addr=0x6 -drive
file=/libvirt/images/W10VM.qcow2,format=qcow2,if=none,id=drive-
scsi0-0-0-1,cache=unsafe,discard=unmap,detect-zeroes=unmap -device scsi-
hd,bus=scsi0.0,channel=0,scsi-id=0,lun=1,device_id=drive-
scsi0-0-0-1,drive=drive-scsi0-0-0-1,id=scsi0-0-0-1,bootindex=1,write-
cache=on -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=29 -device
virtio-net-
pci,netdev=hostnet0,id=net0,mac=52:54:00:44:f6:21,bus=pci.0,addr=0x3
-chardev spicevmc,id=charchannel0,name=vdagent -device
virtserialport,bus=virtio-
serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
-chardev socket,id=charchannel1,fd=30,server,nowait -device
virtserialport,bus=virtio-
serial0.0,nr=3,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
-chardev spiceport,id=charchannel2,name=org.spice-space.webdav.0 -device
virtserialport,bus=virtio-
serial0.0,nr=2,chardev=charchannel2,id=channel2,name=org.spice-
space.webdav.0 -spice port=5901,addr=0.0.0.0,seamless-migration=on
-device qxl-
vga,id=video0,ram_size=134217728,vram_size=134217728,vram64_size_mb=0,vgamem_mb=64,max_outputs=1,bus=pci.0,addr=0x2
-device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-
duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev
spicevmc,id=charredir0,name=usbredir -device usb-
redir,chardev=charredir0,id=redir0,bus=usb.0,port=1 -chardev
spicevmc,id=charredir1,name=usbredir -device usb-
redir,chardev=charredir1,id=redir1,bus=usb.0,port=2 -device virtio-
balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny
-msg timestamp=on
I have attempted to collect a backtrace, but will need direction as I am not sure on which thread to listen and where to set the breakpoint, 'thread apply all backtrace' does not seem to work well with the qemu process...
Thank you
** Affects: qemu
Importance: Undecided
Status: New
** Tags: crash qemu spice usbredir
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1833053
Title:
qemu guest crashes on spice client USB redirected device removal
Status in QEMU:
New
Bug description:
Hello,
I am experiencing guest crashes, which cannot be reproduced at all
times, but are pretty frequent (4 out of 5 tries it would crash). The
guest crashes when a previously attached USB redirected device through
SPICE has been removed by the client.
Steps to reproduce:
1.) Start windows 10 guest with display driver Spice
2.) Connect to the console with remote-viewer spice://IP:PORT or via virt-viewer (tunnelled through SSH)
3.) Attach a client USB device, for example storage device, iPhone or Android phone
4.) Observe the guest OS detects it and sets it up
5.) Go back to 'USB device selection' and untick the USB device
6.) Observe the guest VM crashed and the below assertion was printed in the qemu log for this virtual machine:
qemu-system-x86_64: /var/tmp/portage/app-emulation/qemu-4.0.0-r3/work/qemu-4.0.0/hw/usb/core.c:720: usb_ep_get: Assertion `dev != NULL' failed.
2019-06-17 09:25:09.160+0000: shutting down, reason=crashed
Versions of related packages on the host:
app-emulation/qemu-4.0.0-r3
app-emulation/spice-0.14.0-r2:0
app-emulation/spice-protocol-0.12.14:0
net-misc/spice-gtk-0.35:0
Kernel: 5.1.7-gentoo on Intel x86_64 CPU
Version of the spice-tools on the guest:
virtio-win 0.1-126
QXL 0.1-21
mingw-vdagent-win 0.8.0
QEMU command line (generated by libvirt):
/usr/bin/qemu-system-x86_64 -name guest=W10VM,debug-threads=on -S
-object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-41-W10VM
/master-key.aes -machine pc-i440fx-2.12,accel=kvm,usb=off,vmport=off
,dump-guest-core=off -cpu
qemu64,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,hv_synic,hv_stimer
-m 4500 -realtime mlock=off -smp
2,maxcpus=4,sockets=4,cores=1,threads=1 -uuid b39afae2-5085-4659-891c-
b3c65e65af2e -no-user-config -nodefaults -chardev
socket,id=charmonitor,fd=26,server,nowait -mon
chardev=charmonitor,id=monitor,mode=control -rtc
base=localtime,driftfix=slew -no-hpet -global kvm-
pit.lost_tick_policy=delay -no-shutdown -global PIIX4_PM.disable_s3=1
-global PIIX4_PM.disable_s4=1 -boot menu=off,strict=on -device ich9
-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-
uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5
-device ich9-usb-
uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9
-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x8 -device virtio-serial-
pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive
file=/libvirt/images/W10VM.qcow2,format=qcow2,if=none,id=drive-
scsi0-0-0-1,cache=unsafe,discard=unmap,detect-zeroes=unmap -device
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=1,device_id=drive-
scsi0-0-0-1,drive=drive-scsi0-0-0-1,id=scsi0-0-0-1,bootindex=1,write-
cache=on -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=29 -device
virtio-net-
pci,netdev=hostnet0,id=net0,mac=52:54:00:44:f6:21,bus=pci.0,addr=0x3
-chardev spicevmc,id=charchannel0,name=vdagent -device
virtserialport,bus=virtio-
serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
-chardev socket,id=charchannel1,fd=30,server,nowait -device
virtserialport,bus=virtio-
serial0.0,nr=3,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
-chardev spiceport,id=charchannel2,name=org.spice-space.webdav.0
-device virtserialport,bus=virtio-
serial0.0,nr=2,chardev=charchannel2,id=channel2,name=org.spice-
space.webdav.0 -spice port=5901,addr=0.0.0.0,seamless-migration=on
-device qxl-
vga,id=video0,ram_size=134217728,vram_size=134217728,vram64_size_mb=0,vgamem_mb=64,max_outputs=1,bus=pci.0,addr=0x2
-device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-
duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev
spicevmc,id=charredir0,name=usbredir -device usb-
redir,chardev=charredir0,id=redir0,bus=usb.0,port=1 -chardev
spicevmc,id=charredir1,name=usbredir -device usb-
redir,chardev=charredir1,id=redir1,bus=usb.0,port=2 -device virtio-
balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny
-msg timestamp=on
I have attempted to collect a backtrace, but will need direction as I am not sure on which thread to listen and where to set the breakpoint, 'thread apply all backtrace' does not seem to work well with the qemu process...
Thank you
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1833053/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Qemu-devel] [Bug 1833053] Re: qemu guest crashes on spice client USB redirected device removal
2019-06-17 9:42 [Qemu-devel] [Bug 1833053] [NEW] qemu guest crashes on spice client USB redirected device removal Nikolay Kichukov
@ 2019-06-24 6:06 ` Alex
2020-11-25 16:26 ` Thomas Huth
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Alex @ 2019-06-24 6:06 UTC (permalink / raw)
To: qemu-devel
Hello,
I have the same qemu behaviour. It happens every time I have unplugged physical usb device attached to guest from the host system. My device is USB GSM dongle. Some times it disconnects and reconnects again for unknown reason, may be power loss... With version 3.1.0 qemu (gentoo linux) this disconnects had normal USB device disconnects in guest system. But with version 4.0.0 it gets guest VM to crash.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1833053
Title:
qemu guest crashes on spice client USB redirected device removal
Status in QEMU:
New
Bug description:
Hello,
I am experiencing guest crashes, which cannot be reproduced at all
times, but are pretty frequent (4 out of 5 tries it would crash). The
guest crashes when a previously attached USB redirected device through
SPICE has been removed by the client.
Steps to reproduce:
1.) Start windows 10 guest with display driver Spice
2.) Connect to the console with remote-viewer spice://IP:PORT or via virt-viewer (tunnelled through SSH)
3.) Attach a client USB device, for example storage device, iPhone or Android phone
4.) Observe the guest OS detects it and sets it up
5.) Go back to 'USB device selection' and untick the USB device
6.) Observe the guest VM crashed and the below assertion was printed in the qemu log for this virtual machine:
qemu-system-x86_64: /var/tmp/portage/app-emulation/qemu-4.0.0-r3/work/qemu-4.0.0/hw/usb/core.c:720: usb_ep_get: Assertion `dev != NULL' failed.
2019-06-17 09:25:09.160+0000: shutting down, reason=crashed
Versions of related packages on the host:
app-emulation/qemu-4.0.0-r3
app-emulation/spice-0.14.0-r2:0
app-emulation/spice-protocol-0.12.14:0
net-misc/spice-gtk-0.35:0
Kernel: 5.1.7-gentoo on Intel x86_64 CPU
Version of the spice-tools on the guest:
virtio-win 0.1-126
QXL 0.1-21
mingw-vdagent-win 0.8.0
QEMU command line (generated by libvirt):
/usr/bin/qemu-system-x86_64 -name guest=W10VM,debug-threads=on -S
-object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-41-W10VM
/master-key.aes -machine pc-i440fx-2.12,accel=kvm,usb=off,vmport=off
,dump-guest-core=off -cpu
qemu64,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,hv_synic,hv_stimer
-m 4500 -realtime mlock=off -smp
2,maxcpus=4,sockets=4,cores=1,threads=1 -uuid b39afae2-5085-4659-891c-
b3c65e65af2e -no-user-config -nodefaults -chardev
socket,id=charmonitor,fd=26,server,nowait -mon
chardev=charmonitor,id=monitor,mode=control -rtc
base=localtime,driftfix=slew -no-hpet -global kvm-
pit.lost_tick_policy=delay -no-shutdown -global PIIX4_PM.disable_s3=1
-global PIIX4_PM.disable_s4=1 -boot menu=off,strict=on -device ich9
-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-
uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5
-device ich9-usb-
uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9
-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x8 -device virtio-serial-
pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive
file=/libvirt/images/W10VM.qcow2,format=qcow2,if=none,id=drive-
scsi0-0-0-1,cache=unsafe,discard=unmap,detect-zeroes=unmap -device
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=1,device_id=drive-
scsi0-0-0-1,drive=drive-scsi0-0-0-1,id=scsi0-0-0-1,bootindex=1,write-
cache=on -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=29 -device
virtio-net-
pci,netdev=hostnet0,id=net0,mac=52:54:00:44:f6:21,bus=pci.0,addr=0x3
-chardev spicevmc,id=charchannel0,name=vdagent -device
virtserialport,bus=virtio-
serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
-chardev socket,id=charchannel1,fd=30,server,nowait -device
virtserialport,bus=virtio-
serial0.0,nr=3,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
-chardev spiceport,id=charchannel2,name=org.spice-space.webdav.0
-device virtserialport,bus=virtio-
serial0.0,nr=2,chardev=charchannel2,id=channel2,name=org.spice-
space.webdav.0 -spice port=5901,addr=0.0.0.0,seamless-migration=on
-device qxl-
vga,id=video0,ram_size=134217728,vram_size=134217728,vram64_size_mb=0,vgamem_mb=64,max_outputs=1,bus=pci.0,addr=0x2
-device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-
duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev
spicevmc,id=charredir0,name=usbredir -device usb-
redir,chardev=charredir0,id=redir0,bus=usb.0,port=1 -chardev
spicevmc,id=charredir1,name=usbredir -device usb-
redir,chardev=charredir1,id=redir1,bus=usb.0,port=2 -device virtio-
balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny
-msg timestamp=on
I have attempted to collect a backtrace, but will need direction as I am not sure on which thread to listen and where to set the breakpoint, 'thread apply all backtrace' does not seem to work well with the qemu process...
Thank you
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1833053/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug 1833053] Re: qemu guest crashes on spice client USB redirected device removal
2019-06-17 9:42 [Qemu-devel] [Bug 1833053] [NEW] qemu guest crashes on spice client USB redirected device removal Nikolay Kichukov
2019-06-24 6:06 ` [Qemu-devel] [Bug 1833053] " Alex
@ 2020-11-25 16:26 ` Thomas Huth
2020-11-25 20:47 ` Nikolay Kichukov
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Thomas Huth @ 2020-11-25 16:26 UTC (permalink / raw)
To: qemu-devel
The QEMU project is currently considering to move its bug tracking to another system. For this we need to know which bugs are still valid and which could be closed already. Thus we are setting older bugs to "Incomplete" now.
If you still think this bug report here is valid, then please switch the state back to "New" within the next 60 days, otherwise this report will be marked as "Expired". Or mark it as "Fix Released" if the problem has been solved with a newer version of QEMU already. Thank you and sorry for the inconvenience.
** Changed in: qemu
Status: New => Incomplete
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1833053
Title:
qemu guest crashes on spice client USB redirected device removal
Status in QEMU:
Incomplete
Bug description:
Hello,
I am experiencing guest crashes, which cannot be reproduced at all
times, but are pretty frequent (4 out of 5 tries it would crash). The
guest crashes when a previously attached USB redirected device through
SPICE has been removed by the client.
Steps to reproduce:
1.) Start windows 10 guest with display driver Spice
2.) Connect to the console with remote-viewer spice://IP:PORT or via virt-viewer (tunnelled through SSH)
3.) Attach a client USB device, for example storage device, iPhone or Android phone
4.) Observe the guest OS detects it and sets it up
5.) Go back to 'USB device selection' and untick the USB device
6.) Observe the guest VM crashed and the below assertion was printed in the qemu log for this virtual machine:
qemu-system-x86_64: /var/tmp/portage/app-emulation/qemu-4.0.0-r3/work/qemu-4.0.0/hw/usb/core.c:720: usb_ep_get: Assertion `dev != NULL' failed.
2019-06-17 09:25:09.160+0000: shutting down, reason=crashed
Versions of related packages on the host:
app-emulation/qemu-4.0.0-r3
app-emulation/spice-0.14.0-r2:0
app-emulation/spice-protocol-0.12.14:0
net-misc/spice-gtk-0.35:0
Kernel: 5.1.7-gentoo on Intel x86_64 CPU
Version of the spice-tools on the guest:
virtio-win 0.1-126
QXL 0.1-21
mingw-vdagent-win 0.8.0
QEMU command line (generated by libvirt):
/usr/bin/qemu-system-x86_64 -name guest=W10VM,debug-threads=on -S
-object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-41-W10VM
/master-key.aes -machine pc-i440fx-2.12,accel=kvm,usb=off,vmport=off
,dump-guest-core=off -cpu
qemu64,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,hv_synic,hv_stimer
-m 4500 -realtime mlock=off -smp
2,maxcpus=4,sockets=4,cores=1,threads=1 -uuid b39afae2-5085-4659-891c-
b3c65e65af2e -no-user-config -nodefaults -chardev
socket,id=charmonitor,fd=26,server,nowait -mon
chardev=charmonitor,id=monitor,mode=control -rtc
base=localtime,driftfix=slew -no-hpet -global kvm-
pit.lost_tick_policy=delay -no-shutdown -global PIIX4_PM.disable_s3=1
-global PIIX4_PM.disable_s4=1 -boot menu=off,strict=on -device ich9
-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-
uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5
-device ich9-usb-
uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9
-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x8 -device virtio-serial-
pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive
file=/libvirt/images/W10VM.qcow2,format=qcow2,if=none,id=drive-
scsi0-0-0-1,cache=unsafe,discard=unmap,detect-zeroes=unmap -device
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=1,device_id=drive-
scsi0-0-0-1,drive=drive-scsi0-0-0-1,id=scsi0-0-0-1,bootindex=1,write-
cache=on -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=29 -device
virtio-net-
pci,netdev=hostnet0,id=net0,mac=52:54:00:44:f6:21,bus=pci.0,addr=0x3
-chardev spicevmc,id=charchannel0,name=vdagent -device
virtserialport,bus=virtio-
serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
-chardev socket,id=charchannel1,fd=30,server,nowait -device
virtserialport,bus=virtio-
serial0.0,nr=3,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
-chardev spiceport,id=charchannel2,name=org.spice-space.webdav.0
-device virtserialport,bus=virtio-
serial0.0,nr=2,chardev=charchannel2,id=channel2,name=org.spice-
space.webdav.0 -spice port=5901,addr=0.0.0.0,seamless-migration=on
-device qxl-
vga,id=video0,ram_size=134217728,vram_size=134217728,vram64_size_mb=0,vgamem_mb=64,max_outputs=1,bus=pci.0,addr=0x2
-device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-
duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev
spicevmc,id=charredir0,name=usbredir -device usb-
redir,chardev=charredir0,id=redir0,bus=usb.0,port=1 -chardev
spicevmc,id=charredir1,name=usbredir -device usb-
redir,chardev=charredir1,id=redir1,bus=usb.0,port=2 -device virtio-
balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny
-msg timestamp=on
I have attempted to collect a backtrace, but will need direction as I am not sure on which thread to listen and where to set the breakpoint, 'thread apply all backtrace' does not seem to work well with the qemu process...
Thank you
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1833053/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug 1833053] Re: qemu guest crashes on spice client USB redirected device removal
2019-06-17 9:42 [Qemu-devel] [Bug 1833053] [NEW] qemu guest crashes on spice client USB redirected device removal Nikolay Kichukov
2019-06-24 6:06 ` [Qemu-devel] [Bug 1833053] " Alex
2020-11-25 16:26 ` Thomas Huth
@ 2020-11-25 20:47 ` Nikolay Kichukov
2021-04-29 9:54 ` Thomas Huth
2021-05-05 14:28 ` Thomas Huth
4 siblings, 0 replies; 6+ messages in thread
From: Nikolay Kichukov @ 2020-11-25 20:47 UTC (permalink / raw)
To: qemu-devel
** Changed in: qemu
Status: Incomplete => New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1833053
Title:
qemu guest crashes on spice client USB redirected device removal
Status in QEMU:
New
Bug description:
Hello,
I am experiencing guest crashes, which cannot be reproduced at all
times, but are pretty frequent (4 out of 5 tries it would crash). The
guest crashes when a previously attached USB redirected device through
SPICE has been removed by the client.
Steps to reproduce:
1.) Start windows 10 guest with display driver Spice
2.) Connect to the console with remote-viewer spice://IP:PORT or via virt-viewer (tunnelled through SSH)
3.) Attach a client USB device, for example storage device, iPhone or Android phone
4.) Observe the guest OS detects it and sets it up
5.) Go back to 'USB device selection' and untick the USB device
6.) Observe the guest VM crashed and the below assertion was printed in the qemu log for this virtual machine:
qemu-system-x86_64: /var/tmp/portage/app-emulation/qemu-4.0.0-r3/work/qemu-4.0.0/hw/usb/core.c:720: usb_ep_get: Assertion `dev != NULL' failed.
2019-06-17 09:25:09.160+0000: shutting down, reason=crashed
Versions of related packages on the host:
app-emulation/qemu-4.0.0-r3
app-emulation/spice-0.14.0-r2:0
app-emulation/spice-protocol-0.12.14:0
net-misc/spice-gtk-0.35:0
Kernel: 5.1.7-gentoo on Intel x86_64 CPU
Version of the spice-tools on the guest:
virtio-win 0.1-126
QXL 0.1-21
mingw-vdagent-win 0.8.0
QEMU command line (generated by libvirt):
/usr/bin/qemu-system-x86_64 -name guest=W10VM,debug-threads=on -S
-object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-41-W10VM
/master-key.aes -machine pc-i440fx-2.12,accel=kvm,usb=off,vmport=off
,dump-guest-core=off -cpu
qemu64,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,hv_synic,hv_stimer
-m 4500 -realtime mlock=off -smp
2,maxcpus=4,sockets=4,cores=1,threads=1 -uuid b39afae2-5085-4659-891c-
b3c65e65af2e -no-user-config -nodefaults -chardev
socket,id=charmonitor,fd=26,server,nowait -mon
chardev=charmonitor,id=monitor,mode=control -rtc
base=localtime,driftfix=slew -no-hpet -global kvm-
pit.lost_tick_policy=delay -no-shutdown -global PIIX4_PM.disable_s3=1
-global PIIX4_PM.disable_s4=1 -boot menu=off,strict=on -device ich9
-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-
uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5
-device ich9-usb-
uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9
-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x8 -device virtio-serial-
pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive
file=/libvirt/images/W10VM.qcow2,format=qcow2,if=none,id=drive-
scsi0-0-0-1,cache=unsafe,discard=unmap,detect-zeroes=unmap -device
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=1,device_id=drive-
scsi0-0-0-1,drive=drive-scsi0-0-0-1,id=scsi0-0-0-1,bootindex=1,write-
cache=on -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=29 -device
virtio-net-
pci,netdev=hostnet0,id=net0,mac=52:54:00:44:f6:21,bus=pci.0,addr=0x3
-chardev spicevmc,id=charchannel0,name=vdagent -device
virtserialport,bus=virtio-
serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
-chardev socket,id=charchannel1,fd=30,server,nowait -device
virtserialport,bus=virtio-
serial0.0,nr=3,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
-chardev spiceport,id=charchannel2,name=org.spice-space.webdav.0
-device virtserialport,bus=virtio-
serial0.0,nr=2,chardev=charchannel2,id=channel2,name=org.spice-
space.webdav.0 -spice port=5901,addr=0.0.0.0,seamless-migration=on
-device qxl-
vga,id=video0,ram_size=134217728,vram_size=134217728,vram64_size_mb=0,vgamem_mb=64,max_outputs=1,bus=pci.0,addr=0x2
-device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-
duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev
spicevmc,id=charredir0,name=usbredir -device usb-
redir,chardev=charredir0,id=redir0,bus=usb.0,port=1 -chardev
spicevmc,id=charredir1,name=usbredir -device usb-
redir,chardev=charredir1,id=redir1,bus=usb.0,port=2 -device virtio-
balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny
-msg timestamp=on
I have attempted to collect a backtrace, but will need direction as I am not sure on which thread to listen and where to set the breakpoint, 'thread apply all backtrace' does not seem to work well with the qemu process...
Thank you
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1833053/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug 1833053] Re: qemu guest crashes on spice client USB redirected device removal
2019-06-17 9:42 [Qemu-devel] [Bug 1833053] [NEW] qemu guest crashes on spice client USB redirected device removal Nikolay Kichukov
` (2 preceding siblings ...)
2020-11-25 20:47 ` Nikolay Kichukov
@ 2021-04-29 9:54 ` Thomas Huth
2021-05-05 14:28 ` Thomas Huth
4 siblings, 0 replies; 6+ messages in thread
From: Thomas Huth @ 2021-04-29 9:54 UTC (permalink / raw)
To: qemu-devel
** Tags removed: qemu
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1833053
Title:
qemu guest crashes on spice client USB redirected device removal
Status in QEMU:
New
Bug description:
Hello,
I am experiencing guest crashes, which cannot be reproduced at all
times, but are pretty frequent (4 out of 5 tries it would crash). The
guest crashes when a previously attached USB redirected device through
SPICE has been removed by the client.
Steps to reproduce:
1.) Start windows 10 guest with display driver Spice
2.) Connect to the console with remote-viewer spice://IP:PORT or via virt-viewer (tunnelled through SSH)
3.) Attach a client USB device, for example storage device, iPhone or Android phone
4.) Observe the guest OS detects it and sets it up
5.) Go back to 'USB device selection' and untick the USB device
6.) Observe the guest VM crashed and the below assertion was printed in the qemu log for this virtual machine:
qemu-system-x86_64: /var/tmp/portage/app-emulation/qemu-4.0.0-r3/work/qemu-4.0.0/hw/usb/core.c:720: usb_ep_get: Assertion `dev != NULL' failed.
2019-06-17 09:25:09.160+0000: shutting down, reason=crashed
Versions of related packages on the host:
app-emulation/qemu-4.0.0-r3
app-emulation/spice-0.14.0-r2:0
app-emulation/spice-protocol-0.12.14:0
net-misc/spice-gtk-0.35:0
Kernel: 5.1.7-gentoo on Intel x86_64 CPU
Version of the spice-tools on the guest:
virtio-win 0.1-126
QXL 0.1-21
mingw-vdagent-win 0.8.0
QEMU command line (generated by libvirt):
/usr/bin/qemu-system-x86_64 -name guest=W10VM,debug-threads=on -S
-object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-41-W10VM
/master-key.aes -machine pc-i440fx-2.12,accel=kvm,usb=off,vmport=off
,dump-guest-core=off -cpu
qemu64,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,hv_synic,hv_stimer
-m 4500 -realtime mlock=off -smp
2,maxcpus=4,sockets=4,cores=1,threads=1 -uuid b39afae2-5085-4659-891c-
b3c65e65af2e -no-user-config -nodefaults -chardev
socket,id=charmonitor,fd=26,server,nowait -mon
chardev=charmonitor,id=monitor,mode=control -rtc
base=localtime,driftfix=slew -no-hpet -global kvm-
pit.lost_tick_policy=delay -no-shutdown -global PIIX4_PM.disable_s3=1
-global PIIX4_PM.disable_s4=1 -boot menu=off,strict=on -device ich9
-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-
uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5
-device ich9-usb-
uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9
-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x8 -device virtio-serial-
pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive
file=/libvirt/images/W10VM.qcow2,format=qcow2,if=none,id=drive-
scsi0-0-0-1,cache=unsafe,discard=unmap,detect-zeroes=unmap -device
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=1,device_id=drive-
scsi0-0-0-1,drive=drive-scsi0-0-0-1,id=scsi0-0-0-1,bootindex=1,write-
cache=on -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=29 -device
virtio-net-
pci,netdev=hostnet0,id=net0,mac=52:54:00:44:f6:21,bus=pci.0,addr=0x3
-chardev spicevmc,id=charchannel0,name=vdagent -device
virtserialport,bus=virtio-
serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
-chardev socket,id=charchannel1,fd=30,server,nowait -device
virtserialport,bus=virtio-
serial0.0,nr=3,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
-chardev spiceport,id=charchannel2,name=org.spice-space.webdav.0
-device virtserialport,bus=virtio-
serial0.0,nr=2,chardev=charchannel2,id=channel2,name=org.spice-
space.webdav.0 -spice port=5901,addr=0.0.0.0,seamless-migration=on
-device qxl-
vga,id=video0,ram_size=134217728,vram_size=134217728,vram64_size_mb=0,vgamem_mb=64,max_outputs=1,bus=pci.0,addr=0x2
-device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-
duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev
spicevmc,id=charredir0,name=usbredir -device usb-
redir,chardev=charredir0,id=redir0,bus=usb.0,port=1 -chardev
spicevmc,id=charredir1,name=usbredir -device usb-
redir,chardev=charredir1,id=redir1,bus=usb.0,port=2 -device virtio-
balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny
-msg timestamp=on
I have attempted to collect a backtrace, but will need direction as I am not sure on which thread to listen and where to set the breakpoint, 'thread apply all backtrace' does not seem to work well with the qemu process...
Thank you
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1833053/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug 1833053] Re: qemu guest crashes on spice client USB redirected device removal
2019-06-17 9:42 [Qemu-devel] [Bug 1833053] [NEW] qemu guest crashes on spice client USB redirected device removal Nikolay Kichukov
` (3 preceding siblings ...)
2021-04-29 9:54 ` Thomas Huth
@ 2021-05-05 14:28 ` Thomas Huth
4 siblings, 0 replies; 6+ messages in thread
From: Thomas Huth @ 2021-05-05 14:28 UTC (permalink / raw)
To: qemu-devel
This is an automated cleanup. This bug report has been moved to QEMU's
new bug tracker on gitlab.com and thus gets marked as 'expired' now.
Please continue with the discussion here:
https://gitlab.com/qemu-project/qemu/-/issues/179
** Changed in: qemu
Status: New => Expired
** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #179
https://gitlab.com/qemu-project/qemu/-/issues/179
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1833053
Title:
qemu guest crashes on spice client USB redirected device removal
Status in QEMU:
Expired
Bug description:
Hello,
I am experiencing guest crashes, which cannot be reproduced at all
times, but are pretty frequent (4 out of 5 tries it would crash). The
guest crashes when a previously attached USB redirected device through
SPICE has been removed by the client.
Steps to reproduce:
1.) Start windows 10 guest with display driver Spice
2.) Connect to the console with remote-viewer spice://IP:PORT or via virt-viewer (tunnelled through SSH)
3.) Attach a client USB device, for example storage device, iPhone or Android phone
4.) Observe the guest OS detects it and sets it up
5.) Go back to 'USB device selection' and untick the USB device
6.) Observe the guest VM crashed and the below assertion was printed in the qemu log for this virtual machine:
qemu-system-x86_64: /var/tmp/portage/app-emulation/qemu-4.0.0-r3/work/qemu-4.0.0/hw/usb/core.c:720: usb_ep_get: Assertion `dev != NULL' failed.
2019-06-17 09:25:09.160+0000: shutting down, reason=crashed
Versions of related packages on the host:
app-emulation/qemu-4.0.0-r3
app-emulation/spice-0.14.0-r2:0
app-emulation/spice-protocol-0.12.14:0
net-misc/spice-gtk-0.35:0
Kernel: 5.1.7-gentoo on Intel x86_64 CPU
Version of the spice-tools on the guest:
virtio-win 0.1-126
QXL 0.1-21
mingw-vdagent-win 0.8.0
QEMU command line (generated by libvirt):
/usr/bin/qemu-system-x86_64 -name guest=W10VM,debug-threads=on -S
-object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-41-W10VM
/master-key.aes -machine pc-i440fx-2.12,accel=kvm,usb=off,vmport=off
,dump-guest-core=off -cpu
qemu64,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,hv_synic,hv_stimer
-m 4500 -realtime mlock=off -smp
2,maxcpus=4,sockets=4,cores=1,threads=1 -uuid b39afae2-5085-4659-891c-
b3c65e65af2e -no-user-config -nodefaults -chardev
socket,id=charmonitor,fd=26,server,nowait -mon
chardev=charmonitor,id=monitor,mode=control -rtc
base=localtime,driftfix=slew -no-hpet -global kvm-
pit.lost_tick_policy=delay -no-shutdown -global PIIX4_PM.disable_s3=1
-global PIIX4_PM.disable_s4=1 -boot menu=off,strict=on -device ich9
-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-
uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5
-device ich9-usb-
uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9
-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device
virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x8 -device virtio-serial-
pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive
file=/libvirt/images/W10VM.qcow2,format=qcow2,if=none,id=drive-
scsi0-0-0-1,cache=unsafe,discard=unmap,detect-zeroes=unmap -device
scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=1,device_id=drive-
scsi0-0-0-1,drive=drive-scsi0-0-0-1,id=scsi0-0-0-1,bootindex=1,write-
cache=on -netdev tap,fd=28,id=hostnet0,vhost=on,vhostfd=29 -device
virtio-net-
pci,netdev=hostnet0,id=net0,mac=52:54:00:44:f6:21,bus=pci.0,addr=0x3
-chardev spicevmc,id=charchannel0,name=vdagent -device
virtserialport,bus=virtio-
serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.spice.0
-chardev socket,id=charchannel1,fd=30,server,nowait -device
virtserialport,bus=virtio-
serial0.0,nr=3,chardev=charchannel1,id=channel1,name=org.qemu.guest_agent.0
-chardev spiceport,id=charchannel2,name=org.spice-space.webdav.0
-device virtserialport,bus=virtio-
serial0.0,nr=2,chardev=charchannel2,id=channel2,name=org.spice-
space.webdav.0 -spice port=5901,addr=0.0.0.0,seamless-migration=on
-device qxl-
vga,id=video0,ram_size=134217728,vram_size=134217728,vram64_size_mb=0,vgamem_mb=64,max_outputs=1,bus=pci.0,addr=0x2
-device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-
duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev
spicevmc,id=charredir0,name=usbredir -device usb-
redir,chardev=charredir0,id=redir0,bus=usb.0,port=1 -chardev
spicevmc,id=charredir1,name=usbredir -device usb-
redir,chardev=charredir1,id=redir1,bus=usb.0,port=2 -device virtio-
balloon-pci,id=balloon0,bus=pci.0,addr=0x7 -sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny
-msg timestamp=on
I have attempted to collect a backtrace, but will need direction as I am not sure on which thread to listen and where to set the breakpoint, 'thread apply all backtrace' does not seem to work well with the qemu process...
Thank you
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1833053/+subscriptions
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-05-05 14:37 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-06-17 9:42 [Qemu-devel] [Bug 1833053] [NEW] qemu guest crashes on spice client USB redirected device removal Nikolay Kichukov
2019-06-24 6:06 ` [Qemu-devel] [Bug 1833053] " Alex
2020-11-25 16:26 ` Thomas Huth
2020-11-25 20:47 ` Nikolay Kichukov
2021-04-29 9:54 ` Thomas Huth
2021-05-05 14:28 ` Thomas Huth
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).