From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LTkHA-0003G8-Hs for qemu-devel@nongnu.org; Sun, 01 Feb 2009 16:54:48 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LTkH9-0003Fo-1p for qemu-devel@nongnu.org; Sun, 01 Feb 2009 16:54:48 -0500 Received: from [199.232.76.173] (port=60515 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LTkH8-0003Fj-Ts for qemu-devel@nongnu.org; Sun, 01 Feb 2009 16:54:46 -0500 Received: from mail-fx0-f20.google.com ([209.85.220.20]:44012) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LTkH7-0002Y1-UV for qemu-devel@nongnu.org; Sun, 01 Feb 2009 16:54:46 -0500 Received: by fxm13 with SMTP id 13so1235459fxm.10 for ; Sun, 01 Feb 2009 13:54:43 -0800 (PST) MIME-Version: 1.0 In-Reply-To: <83a4d4ca0901301240s75bb2b7au77b60a4bdb136076@mail.gmail.com> References: <83a4d4ca0901301240s75bb2b7au77b60a4bdb136076@mail.gmail.com> Date: Sun, 1 Feb 2009 22:54:43 +0100 Message-ID: <83a4d4ca0902011354r6d9aea22m714ceb55095fd274@mail.gmail.com> From: Eduardo Felipe Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] Re: [PATCH] Fix regression introduced by 6398 Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel 2009/1/30 Eduardo Felipe : > Hi, > > After commit 6398 some of my guests started to SEGFAULT at boot time. > Reverting these two lines fixes the problem for me: > > signed-off-by: Eduardo Felipe > > --- a/hw/ide.c Fri Jan 30 21:15:15 2009 > +++ b/hw/ide.c Fri Jan 30 21:13:49 2009 > @@ -1084,7 +1084,7 @@ > #ifdef DEBUG_AIO > printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n); > #endif > - bm->aiocb = bdrv_aio_readv(s->bs, sector_num, &s->iovec, n, > + bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n, > ide_read_dma_cb, bm); > ide_dma_submit_check(s, ide_read_dma_cb, bm); > } > @@ -1212,7 +1212,7 @@ > #ifdef DEBUG_AIO > printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n); > #endif > - bm->aiocb = bdrv_aio_writev(s->bs, sector_num, &s->iovec, n, > + bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n, > ide_write_dma_cb, bm); > ide_dma_submit_check(s, ide_write_dma_cb, bm); > } > > > Can anybody take a look at it? > > Thanks, > Edu > Please, ignore my previous mail. I traced the problem to the qemu_free call in bdrv_aio_rw_vector_cb. It fails when s->bounce is exactly 65536 bytes long (128 sectors). This change seems to do the trick: --- a/block.c Sun Feb 01 22:25:18 2009 +++ b/block.c Sun Feb 01 22:24:00 2009 @@ -1286,7 +1286,7 @@ s->this_aiocb = aiocb; s->iov = iov; - s->bounce = qemu_memalign(512, nb_sectors * 512); + s->bounce = qemu_memalign(512, nb_sectors * 512 + 4); s->is_write = is_write; if (is_write) { qemu_iovec_to_buffer(s->iov, s->bounce); I've seen a similar hack in ide_init2 when calling qemu_memalign. Are these four bytes used in any way or it's just a way to avoid allocating exactly a 64k multiple buffer? My host is Win32. Can anybody confirm if this happens in any other platform? Regards, Edu