All of lore.kernel.org
 help / color / mirror / Atom feed
* [Bug 1901981] [NEW] assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status
@ 2020-10-29  6:02 Gaoning Pan
  2020-11-03  1:58 ` [Bug 1901981] " Gaoning Pan
                   ` (6 more replies)
  0 siblings, 7 replies; 8+ messages in thread
From: Gaoning Pan @ 2020-10-29  6:02 UTC (permalink / raw)
  To: qemu-devel

Public bug reported:

Hello,

I found an assertion failure through hw/usb/dev-storage.c.

This was found in latest version 5.1.0.

--------

qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
[1]    29544 abort      sudo  -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic

To reproduce the assertion failure, please run the QEMU with following
command line.


$ qemu-system-x86_64 -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic user,model=rtl8139,hostfwd=tcp:0.0.0.0:5555-:22 -device piix4-usb-uhci,id=uhci -device usb-storage,drive=mydrive -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none

The poc is attached.

** Affects: qemu
     Importance: Undecided
         Status: New

** Attachment added: "dev-storage-assert.zip"
   https://bugs.launchpad.net/bugs/1901981/+attachment/5428811/+files/dev-storage-assert.zip

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1901981

Title:
  assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status

Status in QEMU:
  New

Bug description:
  Hello,

  I found an assertion failure through hw/usb/dev-storage.c.

  This was found in latest version 5.1.0.

  --------

  qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
  [1]    29544 abort      sudo  -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic

  To reproduce the assertion failure, please run the QEMU with following
  command line.

  
  $ qemu-system-x86_64 -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic user,model=rtl8139,hostfwd=tcp:0.0.0.0:5555-:22 -device piix4-usb-uhci,id=uhci -device usb-storage,drive=mydrive -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none

  The poc is attached.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1901981/+subscriptions


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Bug 1901981] Re: assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status
  2020-10-29  6:02 [Bug 1901981] [NEW] assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status Gaoning Pan
@ 2020-11-03  1:58 ` Gaoning Pan
  2020-11-04 10:24 ` Gerd Hoffmann
                   ` (5 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: Gaoning Pan @ 2020-11-03  1:58 UTC (permalink / raw)
  To: qemu-devel

** Changed in: qemu
     Assignee: (unassigned) => Gaoning Pan (hades0506)

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1901981

Title:
  assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status

Status in QEMU:
  New

Bug description:
  Hello,

  I found an assertion failure through hw/usb/dev-storage.c.

  This was found in latest version 5.1.0.

  --------

  qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
  [1]    29544 abort      sudo  -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic

  To reproduce the assertion failure, please run the QEMU with following
  command line.

  
  $ qemu-system-x86_64 -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic user,model=rtl8139,hostfwd=tcp:0.0.0.0:5555-:22 -device piix4-usb-uhci,id=uhci -device usb-storage,drive=mydrive -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none

  The poc is attached.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1901981/+subscriptions


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Bug 1901981] Re: assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status
  2020-10-29  6:02 [Bug 1901981] [NEW] assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status Gaoning Pan
  2020-11-03  1:58 ` [Bug 1901981] " Gaoning Pan
@ 2020-11-04 10:24 ` Gerd Hoffmann
  2020-11-04 10:54 ` Gaoning Pan
                   ` (4 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: Gerd Hoffmann @ 2020-11-04 10:24 UTC (permalink / raw)
  To: qemu-devel

poc doens't run on fedora:
uhci: common.c:59: gva_to_gpa: Assertion `gfn != -1' failed.

Can you build qemu with DEBUG_MSD enabled (see hw/usb/dev-storage.c),
then attach both stderr log and stacktrace?

thanks.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1901981

Title:
  assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status

Status in QEMU:
  New

Bug description:
  Hello,

  I found an assertion failure through hw/usb/dev-storage.c.

  This was found in latest version 5.1.0.

  --------

  qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
  [1]    29544 abort      sudo  -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic

  To reproduce the assertion failure, please run the QEMU with following
  command line.

  
  $ qemu-system-x86_64 -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic user,model=rtl8139,hostfwd=tcp:0.0.0.0:5555-:22 -device piix4-usb-uhci,id=uhci -device usb-storage,drive=mydrive -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none

  The poc is attached.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1901981/+subscriptions


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Bug 1901981] Re: assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status
  2020-10-29  6:02 [Bug 1901981] [NEW] assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status Gaoning Pan
  2020-11-03  1:58 ` [Bug 1901981] " Gaoning Pan
  2020-11-04 10:24 ` Gerd Hoffmann
@ 2020-11-04 10:54 ` Gaoning Pan
  2020-11-04 13:55 ` Gerd Hoffmann
                   ` (3 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: Gaoning Pan @ 2020-11-04 10:54 UTC (permalink / raw)
  To: qemu-devel

Sorry, my reproduced environment is as follows:
    Host: ubuntu 18.04
    Guest: ubuntu 18.04

Stderr log is as follows:
usb-msd: Reset
usb-msd: Command on LUN 0
usb-msd: Command tag 0x0 flags 00000000 len 0 data 0
[scsi.0 id=0] INQUIRY 0x00 0x00 0x00 0x01 0x00 - from-dev len=1
usb-msd: Deferring packet 0x6110002d2d40 [wait status]
usb-msd: Command status 0 tag 0x0, len 256
qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
[1]    643 abort      sudo  -enable-kvm -boot c -m 4G -drive format=qcow2,file=./ubuntu.img -nic


Backtrace is as follows:
#0  0x00007f8b36a63f47 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007f8b36a658b1 in __GI_abort () at abort.c:79
#2  0x00007f8b36a5542a in __assert_fail_base (fmt=0x7f8b36bdca38 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x55aef41e7440 "s->csw.sig == cpu_to_le32(0x53425355)", file=file@entry=0x55aef41e7180 "hw/usb/dev-storage.c", line=line@entry=248, function=function@entry=0x55aef41e7980 <__PRETTY_FUNCTION__.29124> "usb_msd_send_status") at assert.c:92
#3  0x00007f8b36a554a2 in __GI___assert_fail (assertion=assertion@entry=0x55aef41e7440 "s->csw.sig == cpu_to_le32(0x53425355)", file=file@entry=0x55aef41e7180 "hw/usb/dev-storage.c", line=line@entry=248, function=function@entry=0x55aef41e7980 <__PRETTY_FUNCTION__.29124> "usb_msd_send_status") at assert.c:101
#4  0x000055aef32226d5 in usb_msd_send_status (s=0x623000001d00, p=0x6110002e3500) at hw/usb/dev-storage.c:248
#5  0x000055aef322804e in usb_msd_handle_data (dev=0x623000001d00, p=0x6110002e3500) at hw/usb/dev-storage.c:525
#6  0x000055aef30bc46a in usb_device_handle_data (dev=dev@entry=0x623000001d00, p=p@entry=0x6110002e3500) at hw/usb/bus.c:179
#7  0x000055aef30a0ab4 in usb_process_one (p=p@entry=0x6110002e3500) at hw/usb/core.c:387
#8  0x000055aef30a9db0 in usb_handle_packet (dev=0x623000001d00, p=p@entry=0x6110002e3500) at hw/usb/core.c:419
#9  0x000055aef30fe890 in uhci_handle_td (s=s@entry=0x61f000002a80, q=0x6060000c9200, q@entry=0x0, qh_addr=qh_addr@entry=0, td=td@entry=0x7ffd88f90620, td_addr=<optimized out>, int_mask=int_mask@entry=0x7ffd88f905a0) at hw/usb/hcd-uhci.c:899
#10 0x000055aef3104c6f in uhci_process_frame (s=s@entry=0x61f000002a80) at hw/usb/hcd-uhci.c:1075
#11 0x000055aef31098e0 in uhci_frame_timer (opaque=0x61f000002a80) at hw/usb/hcd-uhci.c:1174
#12 0x000055aef3ae5f95 in timerlist_run_timers (timer_list=0x60b000051be0) at util/qemu-timer.c:572
#13 0x000055aef3ae619b in qemu_clock_run_timers (type=QEMU_CLOCK_VIRTUAL) at util/qemu-timer.c:586
#14 0x000055aef3ae6922 in qemu_clock_run_all_timers () at util/qemu-timer.c:672
#15 0x000055aef3aca63d in main_loop_wait (nonblocking=0) at util/main-loop.c:523
#16 0x000055aef1f320f5 in qemu_main_loop () at /home/zjusvn/new-hyper/qemu-5.1.0/softmmu/vl.c:1676
#17 0x000055aef397475c in main (argc=18, argv=0x7ffd88f90e98, envp=0x7ffd88f90f30) at /home/zjusvn/new-hyper/qemu-5.1.0/softmmu/main.c:49
#18 0x00007f8b36a46b97 in __libc_start_main (main=0x55aef397471d <main>, argc=18, argv=0x7ffd88f90e98, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffd88f90e88) at ../csu/libc-start.c:310
#19 0x000055aef1a3481a in _start ()

thanks.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1901981

Title:
  assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status

Status in QEMU:
  New

Bug description:
  Hello,

  I found an assertion failure through hw/usb/dev-storage.c.

  This was found in latest version 5.1.0.

  --------

  qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
  [1]    29544 abort      sudo  -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic

  To reproduce the assertion failure, please run the QEMU with following
  command line.

  
  $ qemu-system-x86_64 -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic user,model=rtl8139,hostfwd=tcp:0.0.0.0:5555-:22 -device piix4-usb-uhci,id=uhci -device usb-storage,drive=mydrive -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none

  The poc is attached.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1901981/+subscriptions


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Bug 1901981] Re: assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status
  2020-10-29  6:02 [Bug 1901981] [NEW] assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status Gaoning Pan
                   ` (2 preceding siblings ...)
  2020-11-04 10:54 ` Gaoning Pan
@ 2020-11-04 13:55 ` Gerd Hoffmann
  2020-11-05  2:23 ` Gaoning Pan
                   ` (2 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: Gerd Hoffmann @ 2020-11-04 13:55 UTC (permalink / raw)
  To: qemu-devel

https://git.kraxel.org/cgit/qemu/log/?h=sirius/usb-asserts
can you try that branch?

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1901981

Title:
  assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status

Status in QEMU:
  New

Bug description:
  Hello,

  I found an assertion failure through hw/usb/dev-storage.c.

  This was found in latest version 5.1.0.

  --------

  qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
  [1]    29544 abort      sudo  -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic

  To reproduce the assertion failure, please run the QEMU with following
  command line.

  
  $ qemu-system-x86_64 -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic user,model=rtl8139,hostfwd=tcp:0.0.0.0:5555-:22 -device piix4-usb-uhci,id=uhci -device usb-storage,drive=mydrive -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none

  The poc is attached.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1901981/+subscriptions


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Bug 1901981] Re: assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status
  2020-10-29  6:02 [Bug 1901981] [NEW] assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status Gaoning Pan
                   ` (3 preceding siblings ...)
  2020-11-04 13:55 ` Gerd Hoffmann
@ 2020-11-05  2:23 ` Gaoning Pan
  2020-11-06  1:07 ` Gaoning Pan
  2020-12-10  9:06 ` Thomas Huth
  6 siblings, 0 replies; 8+ messages in thread
From: Gaoning Pan @ 2020-11-05  2:23 UTC (permalink / raw)
  To: qemu-devel

OK, It seems to be fixed now.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1901981

Title:
  assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status

Status in QEMU:
  New

Bug description:
  Hello,

  I found an assertion failure through hw/usb/dev-storage.c.

  This was found in latest version 5.1.0.

  --------

  qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
  [1]    29544 abort      sudo  -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic

  To reproduce the assertion failure, please run the QEMU with following
  command line.

  
  $ qemu-system-x86_64 -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic user,model=rtl8139,hostfwd=tcp:0.0.0.0:5555-:22 -device piix4-usb-uhci,id=uhci -device usb-storage,drive=mydrive -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none

  The poc is attached.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1901981/+subscriptions


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Bug 1901981] Re: assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status
  2020-10-29  6:02 [Bug 1901981] [NEW] assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status Gaoning Pan
                   ` (4 preceding siblings ...)
  2020-11-05  2:23 ` Gaoning Pan
@ 2020-11-06  1:07 ` Gaoning Pan
  2020-12-10  9:06 ` Thomas Huth
  6 siblings, 0 replies; 8+ messages in thread
From: Gaoning Pan @ 2020-11-06  1:07 UTC (permalink / raw)
  To: qemu-devel

** Changed in: qemu
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1901981

Title:
  assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status

Status in QEMU:
  Confirmed

Bug description:
  Hello,

  I found an assertion failure through hw/usb/dev-storage.c.

  This was found in latest version 5.1.0.

  --------

  qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
  [1]    29544 abort      sudo  -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic

  To reproduce the assertion failure, please run the QEMU with following
  command line.

  
  $ qemu-system-x86_64 -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic user,model=rtl8139,hostfwd=tcp:0.0.0.0:5555-:22 -device piix4-usb-uhci,id=uhci -device usb-storage,drive=mydrive -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none

  The poc is attached.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1901981/+subscriptions


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [Bug 1901981] Re: assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status
  2020-10-29  6:02 [Bug 1901981] [NEW] assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status Gaoning Pan
                   ` (5 preceding siblings ...)
  2020-11-06  1:07 ` Gaoning Pan
@ 2020-12-10  9:06 ` Thomas Huth
  6 siblings, 0 replies; 8+ messages in thread
From: Thomas Huth @ 2020-12-10  9:06 UTC (permalink / raw)
  To: qemu-devel

Released with QEMU v5.2.0.

** Changed in: qemu
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1901981

Title:
  assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status

Status in QEMU:
  Fix Released

Bug description:
  Hello,

  I found an assertion failure through hw/usb/dev-storage.c.

  This was found in latest version 5.1.0.

  --------

  qemu-system-x86_64: hw/usb/dev-storage.c:248: usb_msd_send_status: Assertion `s->csw.sig == cpu_to_le32(0x53425355)' failed.
  [1]    29544 abort      sudo  -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic

  To reproduce the assertion failure, please run the QEMU with following
  command line.

  
  $ qemu-system-x86_64 -enable-kvm -boot c -m 2G -drive format=qcow2,file=./ubuntu.img -nic user,model=rtl8139,hostfwd=tcp:0.0.0.0:5555-:22 -device piix4-usb-uhci,id=uhci -device usb-storage,drive=mydrive -drive id=mydrive,file=null-co://,size=2M,format=raw,if=none

  The poc is attached.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1901981/+subscriptions


^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2020-12-10  9:38 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-29  6:02 [Bug 1901981] [NEW] assert issue locates in hw/usb/dev-storage.c:248: usb_msd_send_status Gaoning Pan
2020-11-03  1:58 ` [Bug 1901981] " Gaoning Pan
2020-11-04 10:24 ` Gerd Hoffmann
2020-11-04 10:54 ` Gaoning Pan
2020-11-04 13:55 ` Gerd Hoffmann
2020-11-05  2:23 ` Gaoning Pan
2020-11-06  1:07 ` Gaoning Pan
2020-12-10  9:06 ` Thomas Huth

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.