Debian Bug report logs - #855659
qemu-kvm: USB passthrough causes VM to terminate

version graph

Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>;

Reported by: Alistair Phipps <debbugs9@alistairphipps.com>

Date: Tue, 21 Feb 2017 01:15:02 UTC

Severity: normal

Tags: patch, upstream

Found in version qemu/1:2.8+dfsg-1

Fixed in version qemu/1:2.8+dfsg-3

Done: Michael Tokarev <mjt@tls.msk.ru>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, debbugs9@alistairphipps.com, Michael Tokarev <mjt@tls.msk.ru>:
Bug#855659; Package qemu-kvm. (Tue, 21 Feb 2017 01:15:04 GMT) (full text, mbox, link).

Acknowledgement sent to Alistair Phipps <debbugs9@alistairphipps.com>:
New Bug report received and forwarded. Copy sent to debbugs9@alistairphipps.com, Michael Tokarev <mjt@tls.msk.ru>. (Tue, 21 Feb 2017 01:15:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Alistair Phipps <debbugs9@alistairphipps.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: qemu-kvm: USB passthrough causes VM to terminate
Date: Tue, 21 Feb 2017 01:13:23 +0000
Package: qemu-kvm
Version: 1:2.8+dfsg-2~bpo8+1
Severity: normal
Tags: patch upstream

Dear Maintainer,

qemu-kvm 2.8 (from jessie-backports) has an issue that breaks USB device passthrough to guests.  See:

https://bugs.launchpad.net/qemu/+bug/1653384

The VM crashes as soon as USB access occurs.  This error shows in the libvirt log:

qemu-system-x86_64: /build/qemu-m5GCLa/qemu-2.8+dfsg/hw/usb/core.c:619: usb_packet_cleanup: Assertion `!usb_packet_is_inflight(p)' failed.

The following patch seems to fix it (taken from the above URL):

--- qemu-2.8+dfsg.orig/hw/usb/hcd-xhci.c
+++ qemu-2.8+dfsg/hw/usb/hcd-xhci.c
@@ -2198,7 +2198,9 @@ static void xhci_kick_epctx(XHCIEPContex
             xhci_complete_packet(xfer);
         }
         assert(!xfer->running_retry);
-        xhci_ep_free_xfer(epctx->retry);
+        if (xfer->complete) {
+            xhci_ep_free_xfer(epctx->retry);
+        }
         epctx->retry = NULL;
     }

Thanks!

-- System Information:
Debian Release: 8.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages qemu-kvm depends on:
ii  qemu-system-x86  1:2.8+dfsg-2~bpo8+1

qemu-kvm recommends no packages.

qemu-kvm suggests no packages.

-- no debconf information

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#855659; Package qemu-kvm. (Tue, 21 Feb 2017 08:33:03 GMT) (full text, mbox, link).

Acknowledgement sent to Michael Tokarev <mjt@tls.msk.ru>:
Extra info received and forwarded to list. (Tue, 21 Feb 2017 08:33:03 GMT) (full text, mbox, link).

Message #10 received at 855659@bugs.debian.org (full text, mbox, reply):

From: Michael Tokarev <mjt@tls.msk.ru>
To: Alistair Phipps <debbugs9@alistairphipps.com>, 855659@bugs.debian.org
Subject: Re: Bug#855659: qemu-kvm: USB passthrough causes VM to terminate
Date: Tue, 21 Feb 2017 11:31:30 +0300
Control: reassign -1 src:qemu 1:2.8+dfsg-1

21.02.2017 04:13, Alistair Phipps wrote:
> qemu-kvm 2.8 (from jessie-backports) has an issue that breaks USB device passthrough to guests.  See:

The same obviously applies to the stretch version.

Please note that qemu-kvm is a dummy package which contains
just a shell wrapper. But this is not important.

There are numerous bugs exists in qemu affecting usb, this is one
of them.  The actual commit fixing this is:

commit f94d18d6c6df388fde196d3ab252f57e33843a8b
Author: Gerd Hoffmann <kraxel@redhat.com>
Date:   Mon Jan 30 16:36:44 2017 +0100

    xhci: only free completed transfers

    Most callsites check already, one was missed.

    Cc: 1653384@bugs.launchpad.net
    Fixes: 94b037f2a451b3dc855f9f2c346e5049a361bd55
    Reported-by: Fabian Lesniak <fabian@lesniak-it.de>
    Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
    Message-id: 1485790607-31399-2-git-send-email-kraxel@redhat.com

Thanks,

/mjt

Bug reassigned from package 'qemu-kvm' to 'src:qemu'. Request was from Michael Tokarev <mjt@tls.msk.ru> to 855659-submit@bugs.debian.org. (Tue, 21 Feb 2017 08:33:03 GMT) (full text, mbox, link).

No longer marked as found in versions qemu/1:2.8+dfsg-2~bpo8+1. Request was from Michael Tokarev <mjt@tls.msk.ru> to 855659-submit@bugs.debian.org. (Tue, 21 Feb 2017 08:33:04 GMT) (full text, mbox, link).

Marked as found in versions qemu/1:2.8+dfsg-1. Request was from Michael Tokarev <mjt@tls.msk.ru> to 855659-submit@bugs.debian.org. (Tue, 21 Feb 2017 08:33:05 GMT) (full text, mbox, link).

Added tag(s) pending. Request was from <mjt@tls.msk.ru> to control@bugs.debian.org. (Tue, 28 Feb 2017 08:42:04 GMT) (full text, mbox, link).

Reply sent to Michael Tokarev <mjt@tls.msk.ru>:
You have taken responsibility. (Wed, 01 Mar 2017 10:06:35 GMT) (full text, mbox, link).

Notification sent to Alistair Phipps <debbugs9@alistairphipps.com>:
Bug acknowledged by developer. (Wed, 01 Mar 2017 10:06:35 GMT) (full text, mbox, link).

Message #23 received at 855659-close@bugs.debian.org (full text, mbox, reply):

From: Michael Tokarev <mjt@tls.msk.ru>
To: 855659-close@bugs.debian.org
Subject: Bug#855659: fixed in qemu 1:2.8+dfsg-3
Date: Wed, 01 Mar 2017 10:04:15 +0000
Source: qemu
Source-Version: 1:2.8+dfsg-3

We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 855659@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated qemu package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 28 Feb 2017 11:40:18 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.8+dfsg-3
Distribution: unstable
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
 qemu       - fast processor emulator
 qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Closes: 839986 846497 853002 853006 853996 854032 854729 854730 854731 854893 855159 855227 855611 855616 855659 855791
Changes:
 qemu (1:2.8+dfsg-3) unstable; urgency=high
 .
   * urgency high due to security fixes
 .
   [ Michael Tokarev ]
   * serial-fix-memory-leak-in-serial-exit-CVE-2017-5579.patch
     Closes: #853002, CVE-2017-5579
   * cirrus-ignore-source-pitch-as-needed-in-blit_is_unsafe.patch
     (needed for the next patch, CVE-2017-2620 fix)
   * cirrus-add-blit_is_unsafe-to-cirrus_bitblt_cputovideo-CVE-2017-2620.patch
     Closes: #855791, CVE-2017-2620
   * nbd_client-fix-drop_sync-CVE-2017-2630.diff
     Closes: #855227, CVE-2017-2630
   * sd-sdhci-check-transfer-mode-register-in-multi-block-CVE-2017-5987.patch
     Closes: #855159, CVE-2017-5987
   * vmxnet3-fix-memory-corruption-on-vlan-header-stripping-CVE-2017-6058.patch
     Closes: #855616, CVE-2017-6058
   * 3 CVE fixes from upstream for #853996:
     sd-sdhci-check-data-length-during-dma_memory_read-CVE-2017-5667.patch
     megasas-fix-guest-triggered-memory-leak-CVE-2017-5856.patch
     virtio-gpu-fix-resource-leak-in-virgl_cmd_resource-CVE-2017-5857.patch
     Closes: #853996, CVE-2017-5667, CVE-2017-5856, CVE-2017-5857
   * usb-ccid-check-ccid-apdu-length-CVE-2017-5898.patch
     Closes: #854729, CVE-2017-5898
   * virtio-crypto-fix-possible-integer-and-heap-overflow-CVE-2017-5931.patch
     Closes: #854730, CVE-2017-5931
   * xhci-apply-limits-to-loops-CVE-2017-5973.patch
     Closes: #855611, CVE-2017-5973
   * net-imx-limit-buffer-descriptor-count-CVE-2016-7907.patch
     Closes: #839986, CVE-2016-7907
   * cirrus-fix-oob-access-issue-CVE-2017-2615.patch
     Closes: #854731, CVE-2017-2615
   * 9pfs-symlink-attack-fixes-CVE-2016-9602.patch
     Closes: #853006
   * vnc-do-not-disconnect-on-EAGAIN.patch
     Closes: #854032
   * xhci-fix-event-queue-IRQ-handling.patch (win7 xhci issue fix)
   * xhci-only-free-completed-transfers.patch
     Closes: #855659
   * char-fix-ctrl-a-b-not-working.patch
     Closes: https://bugs.launchpad.net/bugs/1654137
   * char-drop-data-written-to-a-disconnected-pty.patch
     Closes: https://bugs.launchpad.net/bugs/1667033
   * s390x-use-qemu-cpu-model-in-user-mode.patch
     Closes: #854893
   * d/control is autogenerated, add comment
   * check if debootstrap is available in qemu-debootstrap
     Closes: #846497
 .
   [ Christian Ehrhardt ]
   * (ubuntu) no more skip enable libiscsi (now in main)
   * (ubuntu) Disable glusterfs (Universe dependency)
   * (ubuntu) have qemu-system-arm suggest: qemu-efi;
     this should be a stronger relationship, but qemu-efi is still
     in universe right now.
   * (ubuntu) change dependencies for fix of wrong acl for newly
     created device node on ubuntu
Checksums-Sha1:
 d5dc11d3538dd060f71fbc43045bef33368d70ee 5513 qemu_2.8+dfsg-3.dsc
 6dc97a4a9ac7940ad35955fd3b5061fb25b181df 92520 qemu_2.8+dfsg-3.debian.tar.xz
Checksums-Sha256:
 c59ce113cac6a8579d9c7c56b6ab47ae2412c3847262bee4a81804fff184c3b3 5513 qemu_2.8+dfsg-3.dsc
 3ac5b4bef0d983b319f3556ea3c5182956f7c99fb5cb4cacf30eca04063aeccd 92520 qemu_2.8+dfsg-3.debian.tar.xz
Files:
 b159f7aabda3b2ba51d9f7e2355778b0 5513 otherosfs optional qemu_2.8+dfsg-3.dsc
 3fbd6bce7e95f908a86d1ea695c219f0 92520 otherosfs optional qemu_2.8+dfsg-3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJYtpbQAAoJEHAbT2saaT5ZWMUH/3Ir5jIi/XP9f215Q1yPDSml
DVJuDmH8l+IHNFgq1Hi8rxj4FWT/dVZ4tCnJewiNBrDrZ33C/C7wY0mKrVUdczS/
74mv+qkTO5+85j39XvJCLvrL4D30EccRwrCHbPDW2RELaL6MO0fdlMiH3dUy93hT
fcR93oIjWv+3qfnlC+MLXom6MdYAJ+kSoUpOIUgx23J4yYkXoIgIG9d+LFURhEEv
/7FOaIJlwHF1Hd/sUnBsmsUHBj1h0tpJ5xyY36nuhzHmgapQg1x6/WWr/Z40Xa3Z
mM4w6fdWtOTpgaSP/UVjtPOpMisNk3Wqr13NfXlm2KHtREk+NR9/K2Q8EB3JMJs=
=U/A9
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 01 Apr 2017 07:29:07 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Nov 23 22:03:06 2023; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.