Public bug reported: QEMU git hash = 51db2d7cf2
Running guest OS using: $ gdb --args /extra/qemu/bin/qemu-system-i386 -M q35,accel=kvm -m 4096 -net user,hostfwd=tcp::8888-:22 -net nic -drive id=udisk,file=/dev/sdd,format=raw,if=none -device ide- drive,drive=udisk,bootindex=1 -curses ... root@zamhurd:~# .ahcisata0 channel 5: setting WDCTL_RST failed for drive 0 Thread 1 "qemu-system-i38" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff4f7bf00 (LWP 590666)] ahci_commit_buf (dma=0x555557335870, tx_bytes=2048) at ../hw/ide/ahci.c:1462 1462 tx_bytes += le32_to_cpu(ad->cur_cmd->status); (gdb) bt full #0 ahci_commit_buf (dma=0x555557335870, tx_bytes=2048) at ../hw/ide/ahci.c:1462 ad = 0x555557335870 #1 0x0000555555893171 in dma_buf_commit (s=0x555557335930, tx_bytes=2048) at ../hw/ide/core.c:805 #2 0x00005555558934f8 in ide_dma_cb (opaque=0x555557335930, ret=0) at ../hw/ide/core.c:887 s = 0x555557335930 n = 4 sector_num = 4491160 offset = 140732794753312 stay_active = false prep_size = 0 __PRETTY_FUNCTION__ = "ide_dma_cb" #3 0x0000555555830720 in dma_complete (dbs=0x7ffee83d5120, ret=0) at ../softmmu/dma-helpers.c:121 __PRETTY_FUNCTION__ = "dma_complete" #4 0x00005555558307cd in dma_blk_cb (opaque=0x7ffee83d5120, ret=0) at ../softmmu/dma-helpers.c:139 dbs = 0x7ffee83d5120 cur_addr = 140732794753408 cur_len = 93825013280880 mem = 0x7ffeeccfef00 __PRETTY_FUNCTION__ = "dma_blk_cb" #5 0x0000555555d92bce in blk_aio_complete (acb=0x7ffee847bbe0) at ../block/block-backend.c:1412 #6 0x0000555555d92df0 in blk_aio_read_entry (opaque=0x7ffee847bbe0) at ../block/block-backend.c:1466 acb = 0x7ffee847bbe0 rwco = 0x7ffee847bc08 qiov = 0x7ffee83d5180 __PRETTY_FUNCTION__ = "blk_aio_read_entry" #7 0x0000555555e85580 in coroutine_trampoline (i0=-398117056, i1=32766) at ../util/coroutine-ucontext.c:173 arg = {p = 0x7ffee8453740, i = {-398117056, 32766}} self = 0x7ffee8453740 co = 0x7ffee8453740 fake_stack_save = 0x0 #8 0x00007ffff6544020 in __start_context () at /lib64/libc.so.6 #9 0x00007ffeefdfd680 in () #10 0x0000000000000000 in () (gdb) (gdb) l 1457 */ 1458 static void ahci_commit_buf(const IDEDMA *dma, uint32_t tx_bytes) 1459 { 1460 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); 1461 1462 tx_bytes += le32_to_cpu(ad->cur_cmd->status); 1463 ad->cur_cmd->status = cpu_to_le32(tx_bytes); 1464 } 1465 1466 static int ahci_dma_rw_buf(const IDEDMA *dma, bool is_write) (gdb) p ad $1 = (AHCIDevice *) 0x555557335870 (gdb) p ad->cur_cmd $2 = (AHCICmdHdr *) 0x0 (gdb) ** Affects: qemu Importance: Undecided Status: New -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1917442 Title: [AHCI] crash when running a GNU/Hurd guest Status in QEMU: New Bug description: QEMU git hash = 51db2d7cf2 Running guest OS using: $ gdb --args /extra/qemu/bin/qemu-system-i386 -M q35,accel=kvm -m 4096 -net user,hostfwd=tcp::8888-:22 -net nic -drive id=udisk,file=/dev/sdd,format=raw,if=none -device ide- drive,drive=udisk,bootindex=1 -curses ... root@zamhurd:~# .ahcisata0 channel 5: setting WDCTL_RST failed for drive 0 Thread 1 "qemu-system-i38" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff4f7bf00 (LWP 590666)] ahci_commit_buf (dma=0x555557335870, tx_bytes=2048) at ../hw/ide/ahci.c:1462 1462 tx_bytes += le32_to_cpu(ad->cur_cmd->status); (gdb) bt full #0 ahci_commit_buf (dma=0x555557335870, tx_bytes=2048) at ../hw/ide/ahci.c:1462 ad = 0x555557335870 #1 0x0000555555893171 in dma_buf_commit (s=0x555557335930, tx_bytes=2048) at ../hw/ide/core.c:805 #2 0x00005555558934f8 in ide_dma_cb (opaque=0x555557335930, ret=0) at ../hw/ide/core.c:887 s = 0x555557335930 n = 4 sector_num = 4491160 offset = 140732794753312 stay_active = false prep_size = 0 __PRETTY_FUNCTION__ = "ide_dma_cb" #3 0x0000555555830720 in dma_complete (dbs=0x7ffee83d5120, ret=0) at ../softmmu/dma-helpers.c:121 __PRETTY_FUNCTION__ = "dma_complete" #4 0x00005555558307cd in dma_blk_cb (opaque=0x7ffee83d5120, ret=0) at ../softmmu/dma-helpers.c:139 dbs = 0x7ffee83d5120 cur_addr = 140732794753408 cur_len = 93825013280880 mem = 0x7ffeeccfef00 __PRETTY_FUNCTION__ = "dma_blk_cb" #5 0x0000555555d92bce in blk_aio_complete (acb=0x7ffee847bbe0) at ../block/block-backend.c:1412 #6 0x0000555555d92df0 in blk_aio_read_entry (opaque=0x7ffee847bbe0) at ../block/block-backend.c:1466 acb = 0x7ffee847bbe0 rwco = 0x7ffee847bc08 qiov = 0x7ffee83d5180 __PRETTY_FUNCTION__ = "blk_aio_read_entry" #7 0x0000555555e85580 in coroutine_trampoline (i0=-398117056, i1=32766) at ../util/coroutine-ucontext.c:173 arg = {p = 0x7ffee8453740, i = {-398117056, 32766}} self = 0x7ffee8453740 co = 0x7ffee8453740 fake_stack_save = 0x0 #8 0x00007ffff6544020 in __start_context () at /lib64/libc.so.6 #9 0x00007ffeefdfd680 in () #10 0x0000000000000000 in () (gdb) (gdb) l 1457 */ 1458 static void ahci_commit_buf(const IDEDMA *dma, uint32_t tx_bytes) 1459 { 1460 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); 1461 1462 tx_bytes += le32_to_cpu(ad->cur_cmd->status); 1463 ad->cur_cmd->status = cpu_to_le32(tx_bytes); 1464 } 1465 1466 static int ahci_dma_rw_buf(const IDEDMA *dma, bool is_write) (gdb) p ad $1 = (AHCIDevice *) 0x555557335870 (gdb) p ad->cur_cmd $2 = (AHCICmdHdr *) 0x0 (gdb) To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1917442/+subscriptions