On 24/05/2018 15:35, Alberto Garcia wrote: > On Mon 05 Jun 2017 02:39:08 PM CEST, Paolo Bonzini wrote: >> @@ -102,6 +107,8 @@ static void block_account_one_io(BlockAcctStats *stats, >> BlockAcctCookie *cookie, >> >> assert(cookie->type < BLOCK_MAX_IOTYPE); >> >> + qemu_mutex_lock(&stats->lock); > > QEMU crashes because this lock is not initialized if you do aio_read > directly from a BDS not attached to a BlockBackend (should that > operation be legal at all?) > > $ qemu-system-x86_64 -monitor stdio \ > -blockdev driver=qcow2,file.driver=file,file.filename=hd0.img,node-name=hd0 > > (qemu) qemu-io hd0 "aio_read 0 1M" > qemu-system-x86_64: util/qemu-thread-posix.c:64: qemu_mutex_lock_impl: > Assertion `mutex->initialized' failed. > Aborted
The lock is initialized but it has been destroyed via qemu_mutex_destroy before you reach this point. So the bug is actually much more than just the uninitialized lock! The destruction happens when blk_delete calls block_acct_cleanup. It should be fixed by Greg Kurz's patch that adds a bdrv_drained_begin/end pair to bdrv_root_unref_child. Thanks, Paolo