boot: 0.579
graphic: 0.565
device: 0.387
instruction: 0.250
semantic: 0.199
socket: 0.174
other: 0.138
vnc: 0.118
network: 0.111
mistranslation: 0.111
assembly: 0.026
KVM: 0.018

Recent regression: segfault on startup with -snapshot

As of git revision 041ccc922ee474693a2869d4e3b59e920c739bc0, qemu segfaults on startup when I try to boot a hard disk image with the -snapshot option.

To reproduce:

  wget http://wiki.qemu.org/download/linux-0.2.img.bz2
  bunzip2 linux-0.2.img.bz2 
  qemu-system-i386 -hda linux-0.2.img -snapshot

When I run this, qemu-system-i386 crashes with a segmentation fault. This is on a Debian 7 amd64 host.

git bisect implicates the following commit:

commit a464982499b2f637f6699e3d03e0a9d2e0b5288b
Author: Paolo Bonzini <email address hidden>
Date:   Wed Feb 11 17:15:18 2015 +0100

    rcu: run RCU callbacks under the BQL

    This needs to go away sooner or later, but one complication is the
    complex VFIO data structures that are modified in instance_finalize.
    Take a shortcut for now.

    Reviewed-by: Michael Roth <email address hidden>
    Tested-by: Michael Roth <email address hidden>
    Signed-off-by: Paolo Bonzini <email address hidden>

I believe this was resolved in:

commit 6b49809c597331803ea941eadda813e5bb4e8fe2
Author: Paolo Bonzini <email address hidden>
Date:   Fri Feb 27 19:58:23 2015 +0100

    cpus: fix deadlock and segfault in qemu_mutex_lock_iothread

The problem cannot be reproduced in qemu.git/master (fc85cf4a8199a657fdfd5fb902f1835973406454).