Il 08/04/2013 17:53, Stefan Hajnoczi ha scritto:
> On Fri, Apr 05, 2013 at 11:30:00AM -0700, Venkatesh Srinivas wrote:
>> When a Linux guest does a simple 'sg_verify /dev/<scsi disk on a
>> virtio-scsi HBA>', qemu (-master from git) crashes, tripping an
>> assertion in scsi-disk.c:scsi_dma_complete(), that the completing DMA
>> command has no IOCB.
>>
>> The callpath is:
>> scsi_dma_complete
>> dma_complete
>> dma_bdrv_cb
>> dma_bdrv_io
>> dma_bdrv_read
>> scsi_do_read
>> bdrv_co_em_bh
>> aio_bh_poll
>> aio_poll.
>>
>> At the assertion, we have a zero-element iovector and the request has
>> a status of -1.
> 
> CCing Paolo Bonzini and Asias He.  See the ./MAINTAINERS file to find
> people that can help with specific QEMU subsystems.
> 
> It would be nice to include a full gdb backtrace when possible since
> that may include extra information like that value of arguments in the
> call stack.

The bug should actually be quite trivial, but I will only test the
attached patch tomorrow.

Thanks,

Paolo