From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1LjAkH-0003xL-HE
	for qemu-devel@nongnu.org; Mon, 16 Mar 2009 07:12:37 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1LjAkA-0003tO-OG
	for qemu-devel@nongnu.org; Mon, 16 Mar 2009 07:12:35 -0400
Received: from [199.232.76.173] (port=59436 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1LjAkA-0003tG-KH
	for qemu-devel@nongnu.org; Mon, 16 Mar 2009 07:12:30 -0400
Received: from mx2.redhat.com ([66.187.237.31]:57206)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <avi@redhat.com>) id 1LjAkA-0003dQ-7J
	for qemu-devel@nongnu.org; Mon, 16 Mar 2009 07:12:30 -0400
Message-ID: <49BE341C.9060900@redhat.com>
Date: Mon, 16 Mar 2009 13:12:28 +0200
From: Avi Kivity <avi@redhat.com>
MIME-Version: 1.0
References: <49BD5C3D.4070103@web.de>
In-Reply-To: <49BD5C3D.4070103@web.de>
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] Re: segfault in ide_read_dma_cb when resetting guest
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Jan Kiszka <jan.kiszka@web.de>
Cc: qemu-devel <qemu-devel@nongnu.org>, kvm-devel <kvm@vger.kernel.org>

Jan Kiszka wrote:
> Hi,
>
> maybe someone has an immediate idea or can reproduce, I'm currently
> lacking time to debug this: With latest kvm-userspace I'm seeing
> sporadic qemu crashes when hard-resetting a guest that currently does
> some I/O (qcow2 disk in snapshot mode). Below is the backtrace, s is
> null.
>
> So far the issue does not show up with -no-kvm or with upstream qemu
> (also without kvm as upstream's reset in kvm mode is not working yet).
>
>   

I think I broke it -- cancellation assumes aiocbs were generated by the 
block format driver, but there are now aiocbs that are generated by the  
generic code.

The problem is in upstream as well, don't know why you don't see it 
there (maybe you're seeing a different problem).

I'll come up with a patch.

-- 
error compiling committee.c: too many arguments to function