From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4F0A2C433B4 for ; Fri, 14 May 2021 19:37:45 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id EE25E613D3 for ; Fri, 14 May 2021 19:37:44 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EE25E613D3 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=bugs.launchpad.net Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:58214 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lhdd1-0001YI-Tn for qemu-devel@archiver.kernel.org; Fri, 14 May 2021 15:37:43 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60146) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lhdax-0007Ab-EK for qemu-devel@nongnu.org; Fri, 14 May 2021 15:35:35 -0400 Received: from indium.canonical.com ([91.189.90.7]:44886) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lhdav-0000en-6h for qemu-devel@nongnu.org; Fri, 14 May 2021 15:35:35 -0400 Received: from loganberry.canonical.com ([91.189.90.37]) by indium.canonical.com with esmtp (Exim 4.93 #5 (Debian)) id 1lhdat-0003Mu-PJ for ; Fri, 14 May 2021 19:35:31 +0000 Received: from loganberry.canonical.com (localhost [127.0.0.1]) by loganberry.canonical.com (Postfix) with ESMTP id B99A52E804B for ; Fri, 14 May 2021 19:35:31 +0000 (UTC) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Date: Fri, 14 May 2021 19:28:07 -0000 From: Thomas Huth <1907042@bugs.launchpad.net> To: qemu-devel@nongnu.org X-Launchpad-Notification-Type: bug X-Launchpad-Bug: product=qemu; status=Expired; importance=Undecided; assignee=None; X-Launchpad-Bug-Tags: usb X-Launchpad-Bug-Information-Type: Public X-Launchpad-Bug-Private: no X-Launchpad-Bug-Security-Vulnerability: no X-Launchpad-Bug-Commenters: a1xndr hades0506 th-huth v1nke X-Launchpad-Bug-Reporter: Gaoning Pan (hades0506) X-Launchpad-Bug-Modifier: Thomas Huth (th-huth) References: <160732123417.11736.2125519707622289865.malonedeb@soybean.canonical.com> Message-Id: <162102048793.21058.3468607023114385538.malone@soybean.canonical.com> Subject: [Bug 1907042] Re: assert issue locates in hw/usb/core.c:727: usb_ep_get: Assertion `pid == USB_TOKEN_IN || pid == USB_TOKEN_OUT' failed X-Launchpad-Message-Rationale: Subscriber (QEMU) @qemu-devel-ml X-Launchpad-Message-For: qemu-devel-ml Precedence: bulk X-Generated-By: Launchpad (canonical.com); Revision="5321c3f40fa4d4b847f4e47fb766e7b95ed5036c"; Instance="production" X-Launchpad-Hash: f727dc3d3d6a877979ab4ded003e53d4c7517870 Received-SPF: none client-ip=91.189.90.7; envelope-from=bounces@canonical.com; helo=indium.canonical.com X-Spam_score_int: -65 X-Spam_score: -6.6 X-Spam_bar: ------ X-Spam_report: (-6.6 / 5.0 requ) BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Bug 1907042 <1907042@bugs.launchpad.net> Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" This is an automated cleanup. This bug report has been moved to QEMU's new bug tracker on gitlab.com and thus gets marked as 'expired' now. Please continue with the discussion here: https://gitlab.com/qemu-project/qemu/-/issues/303 ** Changed in: qemu Status: New =3D> Expired ** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #303 https://gitlab.com/qemu-project/qemu/-/issues/303 -- = You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1907042 Title: assert issue locates in hw/usb/core.c:727: usb_ep_get: Assertion `pid =3D=3D USB_TOKEN_IN || pid =3D=3D USB_TOKEN_OUT' failed Status in QEMU: Expired Bug description: Hello, An assertion failure was found in hw/usb/core.c:727 in latest version 5.2.0. Reproduced environment is as follows: Host: ubuntu 18.04 Guest: ubuntu 18.04 QEMU boot command line: qemu-system-x86_64 -enable-kvm -boot c -m 4G -drive format=3Dqcow2,file= =3D./ubuntu.img -nic user,hostfwd=3Dtcp:0.0.0.0:5555-:22 -device pci-ohci,i= d=3Dohci -device usb-tablet,bus=3Dohci.0,port=3D1,id=3Dusbdev1 -trace usb\* Backtrace is as follows: #0 0x00007f13fff14438 in __GI_raise (sig=3Dsig@entry=3D6) at ../sysdeps/= unix/sysv/linux/raise.c:54 #1 0x00007f13fff1603a in __GI_abort () at abort.c:89 #2 0x00007f13fff0cbe7 in __assert_fail_base (fmt=3D, asse= rtion=3Dassertion@entry=3D0x55f97745ffe0 "pid =3D=3D USB_TOKEN_IN || pid = =3D=3D USB_TOKEN_OUT", file=3Dfile@entry=3D0x55f97745f6c0 "../hw/usb/core.c= ", line=3Dline@entry=3D727, function=3Dfunction@entry=3D0x55f9774606e0 <__P= RETTY_FUNCTION__.22877> "usb_ep_get") at assert.c:92 #3 0x00007f13fff0cc92 in __GI___assert_fail (assertion=3D0x55f97745ffe0 = "pid =3D=3D USB_TOKEN_IN || pid =3D=3D USB_TOKEN_OUT", file=3D0x55f97745f6c= 0 "../hw/usb/core.c", line=3D727, function=3D0x55f9774606e0 <__PRETTY_FUNCT= ION__.22877> "usb_ep_get") at assert.c:101 #4 0x000055f975bfc9b2 in usb_ep_get (dev=3D0x62300000c500, pid=3D45, ep= =3D1) at ../hw/usb/core.c:727 #5 0x000055f975f945db in ohci_service_td (ohci=3D0x6270000191f0, ed=3D0x= 7ffcd9308410) at ../hw/usb/hcd-ohci.c:1044 #6 0x000055f975f95d5e in ohci_service_ed_list (ohci=3D0x6270000191f0, he= ad=3D857580576, completion=3D0) at ../hw/usb/hcd-ohci.c:1200 #7 0x000055f975f9656d in ohci_process_lists (ohci=3D0x6270000191f0, comp= letion=3D0) at ../hw/usb/hcd-ohci.c:1238 #8 0x000055f975f9725c in ohci_frame_boundary (opaque=3D0x6270000191f0) a= t ../hw/usb/hcd-ohci.c:1281 #9 0x000055f977212494 in timerlist_run_timers (timer_list=3D0x60b00005b0= 60) at ../util/qemu-timer.c:574 #10 0x000055f9772126db in qemu_clock_run_timers (type=3DQEMU_CLOCK_VIRTUA= L) at ../util/qemu-timer.c:588 #11 0x000055f977212fde in qemu_clock_run_all_timers () at ../util/qemu-ti= mer.c:670 #12 0x000055f9772d5717 in main_loop_wait (nonblocking=3D0) at ../util/mai= n-loop.c:531 #13 0x000055f97695100c in qemu_main_loop () at ../softmmu/vl.c:1677 #14 0x000055f9758f7601 in main (argc=3D16, argv=3D0x7ffcd9308888, envp=3D= 0x7ffcd9308910) at ../softmmu/main.c:50 #15 0x00007f13ffeff840 in __libc_start_main (main=3D0x55f9758f75b0
= , argc=3D16, argv=3D0x7ffcd9308888, init=3D, fini=3D, rtld_fini=3D, stack_end=3D0x7ffcd9308878) at ../csu= /libc-start.c:291 #16 0x000055f9758f74a9 in _start () = The poc is attached. Thanks. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1907042/+subscriptions