879096 – qemu should disable hot-unplug usb-ehci controller and give a prompt if not support

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 879096 - qemu should disable hot-unplug usb-ehci controller and give a prompt if not support

Summary: qemu should disable hot-unplug usb-ehci controller and give a prompt if not s...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	qemu-kvm
Sub Component:
Version:	6.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Gerd Hoffmann
QA Contact:	Virtualization Bugs
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	896324 (view as bug list)
Depends On:
Blocks:	879434
TreeView+	depends on / blocked

Reported:	2012-11-22 03:30 UTC by Sibiao Luo
Modified:	2013-11-21 05:57 UTC (History)
CC List:	14 users (show)
Fixed In Version:	qemu-kvm-0.12.1.2-2.362.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	879434 (view as bug list)
Environment:
Last Closed:	2013-11-21 05:57:00 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2013:1553	0	normal	SHIPPED_LIVE	Important: qemu-kvm security, bug fix, and enhancement update	2013-11-20 21:40:29 UTC

Description Sibiao Luo 2012-11-22 03:30:21 UTC

Description of problem:
I meet hot-plug/unplug usb-ehci issue by chance since i forget that qemu not support hot-unplug usb-ehci. I donot know users whether will meet it. 
Add a usb-ehci controller in cli, and hot-unplug usb-ehci after the guest boot up, then hot-plug it again, qemu will core dump. The qemu should disable hot-unplug usb-ehci controller and give a prompt if not support. 
But anyway, core dump is unacceptable. 

Version-Release number of selected component (if applicable):
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-342.el6.x86_64
qemu-kvm-0.12.1.2-2.334.el6.x86_64
guest info:
RHEL6.4-20121106.0-6.4-x86_64
windows_7_ultimate_sp1_x64

How reproducible:
100%

Steps to Reproduce:
1.boot a guest with usb-ehci controller.
eg:...-device usb-ehci,id=ehci
2.hot-unplug usb-ehci after the guest boot up.
(qemu) device_del ehci
3.hot-plug the usb-ehci controller.
(qemu) device_add usb-ehci,id=ehci
  
Actual results:
after the step 3, qemu segmentation fault( core dump ),
(qemu) device_add usb-ehci,id=ehci

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7e3d3b8 in qdict_destroy_obj (obj=<value optimized out>) at qdict.c:470
470	            QLIST_REMOVE(entry, next);
(gdb) bt
#0  0x00007ffff7e3d3b8 in qdict_destroy_obj (obj=<value optimized out>) at qdict.c:470
#1  0x00007ffff7dee72a in monitor_command_cb (mon=0x7ffff88e3310, cmdline=<value optimized out>, opaque=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4877
#2  0x00007ffff7e4a41d in readline_handle_byte (rs=0x7ffff9316ee0, ch=<value optimized out>) at readline.c:369
#3  0x00007ffff7dee950 in monitor_read (opaque=<value optimized out>, buf=0x7fffffffb760 "\r", size=1) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4863
#4  0x00007ffff7e604db in qemu_chr_read (opaque=0x7ffff86dc9f0) at qemu-char.c:180
#5  fd_chr_read (opaque=0x7ffff86dc9f0) at qemu-char.c:688
#6  0x00007ffff7de190f in main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:3975
#7  0x00007ffff7e038ca in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
#8  0x00007ffff7de4678 in main_loop (argc=61, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4187
#9  main (argc=61, argv=<value optimized out>, envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6524
(gdb)

Expected results:
qemu should disable hot-unplug usb-ehci controller and give a prompt if not support.

Additional info:

Comment 2 Sibiao Luo 2012-11-22 07:34:08 UTC

Hi Gerd,

    Should i need to also open a bug for rhel7 that either disable hot-unplug usb-ehci controller and give a prompt if not support or fix it to work ?

Best Regards.
sluo

Comment 3 Gerd Hoffmann 2012-11-22 13:38:25 UTC

yes, please clone for for rhel7

Comment 5 juzhang 2013-01-17 03:40:44 UTC

FYI
Bug 896324 - Segmentation fault after guest(win8-32) unhotplug ehci controller then guest reboot

Comment 7 Gerd Hoffmann 2013-04-02 10:39:23 UTC

Note to self: upstream commit 6c2d1c32d084320081b0cd047f8cacd6e722d03a

Comment 8 Gerd Hoffmann 2013-04-02 10:40:26 UTC

*** Bug 896324 has been marked as a duplicate of this bug. ***

Comment 15 Qunfang Zhang 2013-06-25 07:08:21 UTC

Reproduce this issue on qemu-kvm-0.12.1.2-2.355.el6.x86_64.

Steps:
1. Boot up a guest with "-device usb-ehci,id=ehci,bus=pci.0,addr=0x8".

2. Hot unplug the echi controller:
(qemu) device_del ehci

3. Hot plug the controller:
(qemu) device_add usb-ehci,id=ehci

As a result after step 3:



(qemu) device_add usb-ehci,id=ehci

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7e3d118 in qdict_destroy_obj (obj=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/qdict.c:470
470	            QLIST_REMOVE(entry, next);
Missing separate debuginfos, use: debuginfo-install alsa-lib-1.0.22-3.el6.x86_64 celt051-0.5.1.3-0.el6.x86_64 cyrus-sasl-lib-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-md5-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-plain-2.1.23-13.el6_3.1.x86_64 db4-4.7.25-17.el6.x86_64 dbus-libs-1.2.24-7.el6_3.x86_64 flac-1.2.1-6.1.el6.x86_64 glib2-2.22.5-7.el6.x86_64 glibc-2.12-1.107.el6.x86_64 gnutls-2.8.5-10.el6.x86_64 keyutils-libs-1.4-4.el6.x86_64 krb5-libs-1.10.3-10.el6.x86_64 libICE-1.0.6-1.el6.x86_64 libSM-1.2.1-2.el6.x86_64 libX11-1.5.0-4.el6.x86_64 libXau-1.0.6-4.el6.x86_64 libXext-1.3.1-2.el6.x86_64 libXi-1.6.1-3.el6.x86_64 libXtst-1.2.1-2.el6.x86_64 libaio-0.3.107-10.el6.x86_64 libasyncns-0.8-1.1.el6.x86_64 libcom_err-1.41.12-14.el6.x86_64 libgcrypt-1.4.5-9.el6_2.2.x86_64 libgpg-error-1.7-4.el6.x86_64 libjpeg-turbo-1.2.1-1.el6.x86_64 libogg-1.1.4-2.1.el6.x86_64 libselinux-2.0.94-5.3.el6.x86_64 libsndfile-1.0.20-5.el6.x86_64 libtasn1-2.3-3.el6_2.1.x86_64 libuuid-2.17.2-12.9.el6.x86_64 libvorbis-1.2.3-4.el6_2.1.x86_64 libxcb-1.8.1-1.el6.x86_64 nss-softokn-freebl-3.12.9-11.el6.x86_64 openssl-1.0.0-27.el6.x86_64 pulseaudio-libs-0.9.21-14.el6_3.x86_64 tcp_wrappers-libs-7.6-57.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0  0x00007ffff7e3d118 in qdict_destroy_obj (obj=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/qdict.c:470
#1  0x00007ffff7dec1ea in monitor_command_cb (mon=0x7ffff891f740, 
    cmdline=<value optimized out>, opaque=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:5001
#2  0x00007ffff7e49fcd in readline_handle_byte (rs=0x7ffff9cf0df0, ch=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/readline.c:369
#3  0x00007ffff7dec410 in monitor_read (opaque=<value optimized out>, 
    buf=0x7fffffffb9a0 "\r", size=1) at /usr/src/debug/qemu-kvm-0.12.1.2/monitor.c:4987
#4  0x00007ffff7e600db in qemu_chr_read (opaque=0x7ffff86dcb70)
    at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-char.c:180
#5  fd_chr_read (opaque=0x7ffff86dcb70) at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-char.c:688
#6  0x00007ffff7ddf29f in main_loop_wait (timeout=1000)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:3975
#7  0x00007ffff7e0197a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2244
#8  0x00007ffff7de2008 in main_loop (argc=58, argv=<value optimized out>, 
    envp=<value optimized out>) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4187
#9  main (argc=58, argv=<value optimized out>, envp=<value optimized out>)
    at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6525
(gdb) 


Verified the issue on qemu-kvm-0.12.1.2-2.376.el6.x86_64 with the same steps as above. 

After step 2:

(qemu) device_del ehci
Device 'usb-ehci' does not support hotplugging
(qemu) 

After step 3:

(qemu) device_add usb-ehci,id=ehci-2,bus=pci.0,addr=0x9
Device 'usb-ehci' does not support hotplugging
Device 'usb-ehci' could not be initialized
(qemu) 

So the core dump issue is fixed. But in the step 2, the prompt is a little unsuitable. Replace "hotplugging" to "hotunpluging" will be better. 

Hi, Gerd,
Could we fix the prompt in step 2?  The step 3 is correct. But in step 2, better to replace "hotplugging" to "hotunplugging".

Thanks,
Qunfang

Comment 16 Gerd Hoffmann 2013-06-25 10:22:57 UTC

Message is fine IMHO.  As I understand it "hotplugging" refers to both plug-in and plug-out.  I'm not a native english speaker though ...

Comment 17 Qunfang Zhang 2013-06-26 00:33:01 UTC

Ok, then set to verified as the original bug is fixed correctly.

Comment 22 errata-xmlrpc 2013-11-21 05:57:00 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-1553.html

Note You need to log in before you can comment on or make changes to this bug.