On Fri, Jan 30, 2015 at 02:32:25PM -0500, Max Reitz wrote: > Kevin, Stefan: The real problem is that block/nbd.c stores a BDRVNBDState > object in bs->opaque and passes &BDRVNBDState.client (an NbdClientSession > object) to the block/nbd-client.c functions. Those functions then receive > the BDS pointer from client->bs. If an NBD BDS is a root BDS (as in this > case), at some point a bdrv_swap() may happen (and it does happen here) > which leads to ((BDRVNBDState *)bs->opaque)->client.bs != bs, and that's > where the segfault comes from (bdrv_get_aio_context() returns NULL). > > One way to fix this real problem is to remove the BDS pointer from the > NbdClientSession and to always pass the BDS explicitly to the > block/nbd-client.c functions; the other is to always update the BDS pointer > in NbdClientSession in block/nbd.c. I'll try the former, and if it doesn't > work, will do the latter (if you don't object).
Sounds good. On a related note I asked John Snow to look at QED and vvfat's .bdrv_rebind() usage. I think we can get rid of that API after propagating BlockDriverState *bs arguments to QED and vvfat functions. Stefan
pgpcj71etu2uK.pgp
Description: PGP signature
