From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40196)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mjt@tls.msk.ru>) id 1aACWA-0006tM-I4
	for qemu-devel@nongnu.org; Sat, 19 Dec 2015 03:05:31 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mjt@tls.msk.ru>) id 1aACW7-0002Di-CE
	for qemu-devel@nongnu.org; Sat, 19 Dec 2015 03:05:30 -0500
Received: from isrv.corpit.ru ([86.62.121.231]:32789)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mjt@tls.msk.ru>) id 1aACW7-0002BI-3z
	for qemu-devel@nongnu.org; Sat, 19 Dec 2015 03:05:27 -0500
From: Michael Tokarev <mjt@tls.msk.ru>
Message-ID: <56750FBC.6020106@msgid.tls.msk.ru>
Date: Sat, 19 Dec 2015 11:05:16 +0300
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] 9pfs is broken in 2.5 (SIGSEGV) (bisected)
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel <qemu-devel@nongnu.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>, "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>, Greg Kurz <gkurz@linux.vnet.ibm.com>

When trying to mount a 9p filesystem in guest in 2.5 qemu,
qemu immediately segfaults.

 qemu-system-x86_64 ...
  -fsdev local,security_model=none,id=fsd0,path=/tmp
  -device virtio-9p-pci,fsdev=fsd0,mount_tag=fsd0


 mount -t 9p -o trans=virtio,version=9p2000.u fsd0 /mnt
 (SIGSEGV)

The problem goes down to the following commit:

commit ebac1202c95a4f1b76b6ef3f0f63926fa76e753e
Author: Paolo Bonzini <pbonzini@redhat.com>
Date:   Fri Nov 27 12:43:06 2015 +0100

    virtio-9p: use QEMU thread pool

    The QEMU thread pool already has a mechanism to invoke callbacks in the main
    thread.  It does not need an EventNotifier and it is more efficient too.
    Use it instead of GAsyncQueue + GThreadPool + glue.

    As a side effect, it silences Coverity's complaint about an unchecked
    return value for event_notifier_init.

    Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
    Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
    (removed no more needed #include <glib.h> from virtio-9p-coth.h)
    Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>

This is a heads-up for now, digging further.

/mjt