807916 – boot from the USB storage core dumped after press "ctrl-alt-delete"

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 807916 - boot from the USB storage core dumped after press "ctrl-alt-delete"

Summary: boot from the USB storage core dumped after press "ctrl-alt-delete"

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	qemu-kvm
Sub Component:
Version:	6.3
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Gerd Hoffmann
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-03-29 07:01 UTC by Sibiao Luo
Modified:	2012-06-20 11:45 UTC (History)
CC List:	18 users (show)
Fixed In Version:	qemu-kvm-0.12.1.2-2.268.el6
Doc Type:	Bug Fix
Doc Text:	Cause: qemu had a bogous assert() in the ehci emulation code. Consequence: qemu dumps core for no reason. Fix: remove assert() Resolution: core dumps are gone.
Clone Of:
Environment:
Last Closed:	2012-06-20 11:45:48 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2012:0746	0	normal	SHIPPED_LIVE	qemu-kvm bug fix and enhancement update	2012-06-19 19:31:48 UTC

Description Sibiao Luo 2012-03-29 07:01:55 UTC

Description of problem:
boot the guest with "-boot menu=on", and set bootindex of emulated USB storage to 1, press F12 during POST and select booting from emulated USB storage, after fail to boot, then press "ctrl-alt-delete" to reset system, core dumped occur.

Version-Release number of selected component (if applicable):
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-251.el6.x86_64
qemu-kvm-0.12.1.2-2.265.el6rhev.x86_64
# rpm -qa | grep seabios
seabios-0.6.1.2-15.el6.x86_64
guest info:
guest_name: RHEL-Server-6.3-64
# uname -r
2.6.32-251.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1.boot the guest with "-boot menu=on", and set "bootindex=1" to the emulated USB storage.
CLI: # /usr/libexec/qemu-kvm -M rhel6.3.0 -cpu SandyBridge -enable-kvm -smp 8,sockets=1,cores=8,threads=1 -m 4G -usb -device usb-tablet,id=input0 -name RHEL-Server-6.3-64 -uuid `uuidgen` -device usb-ehci,id=ehci -drive file=/home/lv_seabios/usb-storage.qcow2,if=none,format=qcow2,cache=none,werror=stop,rerror=stop,aio=native,id=usb-stick -device usb-storage,bus=ehci.0,drive=usb-stick,bootindex=1 -device virtio-balloon-pci,id=ballooning -spice port=5931,disable-ticketing -vga qxl -monitor stdio -boot menu=on -nodefaults
2.press F12 during POST and select booting from emulated USB storage.
3.press "ctrl-alt-delete" to reset system.
  
Actual results:
after the step 3,
(qemu) Request for more bytes than allowed
processing error - resetting ehci HC
qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2007: ehci_advance_state: Assertion `0' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff57788a5 in raise () from /lib64/libc.so.6

(gdb) bt
#0  0x00007ffff57788a5 in raise () from /lib64/libc.so.6
#1  0x00007ffff577a085 in abort () from /lib64/libc.so.6
#2  0x00007ffff5771a1e in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007ffff5771ae0 in __assert_fail () from /lib64/libc.so.6
#4  0x00007ffff7f31fe5 in ehci_advance_state (ehci=0x7ffff9d0a3f0, async=1) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2007
#5  0x00007ffff7f33365 in ehci_advance_async_state (opaque=0x7ffff9d0a3f0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2049
#6  ehci_frame_timer (opaque=0x7ffff9d0a3f0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2178
#7  0x00007ffff7deb36a in qemu_run_timers (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:1323
#8  main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4019
#9  0x00007ffff7e0c86a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
#10 0x00007ffff7dedc9c in main_loop (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4202
#11 main (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6427
(gdb)

Expected results:
the system should be reset (restarted) successfully.

Additional info:

Comment 3 Gerd Hoffmann 2012-03-30 11:49:00 UTC

Patch posted.

Comment 7 Sibiao Luo 2012-04-18 12:32:07 UTC

Reproduced and verified this issue with the same steps.

Reproduced this issue with the environment and test results as following: 
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-262.el6.x86_64
qemu-kvm-0.12.1.2-2.261.el6.x86_64
guest info:
RHEL-6.3-Beta-1.0-x86_64

Actual results:
processing error - resetting ehci HC
qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2007: ehci_advance_state: Assertion `0' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff577b8a5 in raise () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff577b8a5 in raise () from /lib64/libc.so.6
#1  0x00007ffff577d085 in abort () from /lib64/libc.so.6
#2  0x00007ffff5774a1e in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007ffff5774ae0 in __assert_fail () from /lib64/libc.so.6
#4  0x00007ffff7f33a85 in ehci_advance_state (ehci=0x7ffff9d0b3f0, async=1) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2007
#5  0x00007ffff7f34e05 in ehci_advance_async_state (opaque=0x7ffff9d0b3f0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2049
#6  ehci_frame_timer (opaque=0x7ffff9d0b3f0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2178
#7  0x00007ffff7deee7a in qemu_run_timers (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:1323
#8  main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4019
#9  0x00007ffff7e1035a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
#10 0x00007ffff7df17ac in main_loop (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4202
#11 main (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6427
(gdb) q

Verified this issue with the environment and test results as following: 
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-262.el6.x86_64
qemu-kvm-0.12.1.2-2.277.el6.x86_64
guest info:
RHEL-6.3-Beta-1.0-x86_64

Actual results:
press F12 during POST and select booting from emulated USB storage, then press "ctrl-alt-delete" to reset system successfully.

Above all, this issue has been fixed.

Comment 9 Michal Novotny 2012-05-04 13:17:20 UTC

Gerd, could you please add Technical Notes to this bug?

Thanks!
Michal

Comment 10 Michal Novotny 2012-05-04 13:17:20 UTC

    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
NEEDINFO

Comment 11 Gerd Hoffmann 2012-05-04 13:27:26 UTC

    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1 +1,7 @@
-NEEDINFO+Cause: qemu had a bogous assert() in the ehci emulation code.
+
+Consequence: qemu dumps core for no reason.
+
+Fix: remove assert()
+
+Resolution: core dumps are gone.

Comment 12 errata-xmlrpc 2012-06-20 11:45:48 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0746.html

Note You need to log in before you can comment on or make changes to this bug.