Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 807916

Summary: boot from the USB storage core dumped after press "ctrl-alt-delete"
Product: Red Hat Enterprise Linux 6 Reporter: Sibiao Luo <sluo>
Component: qemu-kvmAssignee: Gerd Hoffmann <kraxel>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 6.3CC: acathrow, areis, bcao, bsarathy, chayang, dyasny, flang, juzhang, michen, minovotn, mkenneth, qzhang, shu, virt-maint, wdai, wquan, xfu, xigao
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: qemu-kvm-0.12.1.2-2.268.el6 Doc Type: Bug Fix
Doc Text:
Cause: qemu had a bogous assert() in the ehci emulation code. Consequence: qemu dumps core for no reason. Fix: remove assert() Resolution: core dumps are gone.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 11:45:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Sibiao Luo 2012-03-29 07:01:55 UTC 
Description of problem:
boot the guest with "-boot menu=on", and set bootindex of emulated USB storage to 1, press F12 during POST and select booting from emulated USB storage, after fail to boot, then press "ctrl-alt-delete" to reset system, core dumped occur.

Version-Release number of selected component (if applicable):
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-251.el6.x86_64
qemu-kvm-0.12.1.2-2.265.el6rhev.x86_64
# rpm -qa | grep seabios
seabios-0.6.1.2-15.el6.x86_64
guest info:
guest_name: RHEL-Server-6.3-64
# uname -r
2.6.32-251.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1.boot the guest with "-boot menu=on", and set "bootindex=1" to the emulated USB storage.
CLI: # /usr/libexec/qemu-kvm -M rhel6.3.0 -cpu SandyBridge -enable-kvm -smp 8,sockets=1,cores=8,threads=1 -m 4G -usb -device usb-tablet,id=input0 -name RHEL-Server-6.3-64 -uuid `uuidgen` -device usb-ehci,id=ehci -drive file=/home/lv_seabios/usb-storage.qcow2,if=none,format=qcow2,cache=none,werror=stop,rerror=stop,aio=native,id=usb-stick -device usb-storage,bus=ehci.0,drive=usb-stick,bootindex=1 -device virtio-balloon-pci,id=ballooning -spice port=5931,disable-ticketing -vga qxl -monitor stdio -boot menu=on -nodefaults
2.press F12 during POST and select booting from emulated USB storage.
3.press "ctrl-alt-delete" to reset system.
  
Actual results:
after the step 3,
(qemu) Request for more bytes than allowed
processing error - resetting ehci HC
qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2007: ehci_advance_state: Assertion `0' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff57788a5 in raise () from /lib64/libc.so.6

(gdb) bt
#0  0x00007ffff57788a5 in raise () from /lib64/libc.so.6
#1  0x00007ffff577a085 in abort () from /lib64/libc.so.6
#2  0x00007ffff5771a1e in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007ffff5771ae0 in __assert_fail () from /lib64/libc.so.6
#4  0x00007ffff7f31fe5 in ehci_advance_state (ehci=0x7ffff9d0a3f0, async=1) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2007
#5  0x00007ffff7f33365 in ehci_advance_async_state (opaque=0x7ffff9d0a3f0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2049
#6  ehci_frame_timer (opaque=0x7ffff9d0a3f0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2178
#7  0x00007ffff7deb36a in qemu_run_timers (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:1323
#8  main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4019
#9  0x00007ffff7e0c86a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
#10 0x00007ffff7dedc9c in main_loop (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4202
#11 main (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6427
(gdb)

Expected results:
the system should be reset (restarted) successfully.

Additional info:
Comment 3 Gerd Hoffmann 2012-03-30 11:49:00 UTC 
Patch posted.
Comment 7 Sibiao Luo 2012-04-18 12:32:07 UTC 
Reproduced and verified this issue with the same steps.

Reproduced this issue with the environment and test results as following: 
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-262.el6.x86_64
qemu-kvm-0.12.1.2-2.261.el6.x86_64
guest info:
RHEL-6.3-Beta-1.0-x86_64

Actual results:
processing error - resetting ehci HC
qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2007: ehci_advance_state: Assertion `0' failed.

Program received signal SIGABRT, Aborted.
0x00007ffff577b8a5 in raise () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff577b8a5 in raise () from /lib64/libc.so.6
#1  0x00007ffff577d085 in abort () from /lib64/libc.so.6
#2  0x00007ffff5774a1e in __assert_fail_base () from /lib64/libc.so.6
#3  0x00007ffff5774ae0 in __assert_fail () from /lib64/libc.so.6
#4  0x00007ffff7f33a85 in ehci_advance_state (ehci=0x7ffff9d0b3f0, async=1) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2007
#5  0x00007ffff7f34e05 in ehci_advance_async_state (opaque=0x7ffff9d0b3f0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2049
#6  ehci_frame_timer (opaque=0x7ffff9d0b3f0) at /usr/src/debug/qemu-kvm-0.12.1.2/hw/usb-ehci.c:2178
#7  0x00007ffff7deee7a in qemu_run_timers (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:1323
#8  main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4019
#9  0x00007ffff7e1035a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
#10 0x00007ffff7df17ac in main_loop (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4202
#11 main (argc=20, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6427
(gdb) q

Verified this issue with the environment and test results as following: 
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-262.el6.x86_64
qemu-kvm-0.12.1.2-2.277.el6.x86_64
guest info:
RHEL-6.3-Beta-1.0-x86_64

Actual results:
press F12 during POST and select booting from emulated USB storage, then press "ctrl-alt-delete" to reset system successfully.

Above all, this issue has been fixed.
Comment 9 Michal Novotny 2012-05-04 13:17:20 UTC 
Gerd, could you please add Technical Notes to this bug?

Thanks!
Michal
Comment 10 Michal Novotny 2012-05-04 13:17:20 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
NEEDINFO
Comment 11 Gerd Hoffmann 2012-05-04 13:27:26 UTC 
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1 +1,7 @@
-NEEDINFO+Cause: qemu had a bogous assert() in the ehci emulation code.
+
+Consequence: qemu dumps core for no reason.
+
+Fix: remove assert()
+
+Resolution: core dumps are gone.
Comment 12 errata-xmlrpc 2012-06-20 11:45:48 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0746.html