qemu-system-x86_64: ../softmmu/memory.c:1111: memory_region_transaction_commit: Assertion `qemu_mutex_iothread_locked()' failed.
Description of problem:
While testing master build, I have the following crash on shutdown of the VM:
qemu-system-x86_64: ../softmmu/memory.c:1111: memory_region_transaction_commit: Assertion `qemu_mutex_iothread_locked()' failed.
Steps to reproduce:
1. Run VM
2. Once booted, do poweroff inside the Linux VM
3. When poweroff completes, qemu crashes.
Additional information:
```(gdb) bt full
#0  0x00007ffff29edacf in raise () at /lib64/libc.so.6
#1  0x00007ffff29c0ea5 in abort () at /lib64/libc.so.6
#2  0x00007ffff29c0d79 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
#3  0x00007ffff29e6426 in  () at /lib64/libc.so.6
#4  0x0000555555bed6d3 in memory_region_transaction_commit () at ../softmmu/memory.c:1111
        as = <optimized out>
        __PRETTY_FUNCTION__ = "memory_region_transaction_commit"
#5  0x0000555555bef2bf in memory_region_add_eventfd (mr=mr@entry=0x555557c318a0, addr=<optimized out>, size=size@entry=0, match_data=<optimized out>, data=<optimized out>, e=<optimized out>) at ../softmmu/memory.c:2583
        mrfd = {addr = {start = 0, size = 0}, match_data = false, data = 0, e = 0x555557c41aa4}
        i = <optimized out>
#6  0x0000555555a2c85c in virtio_pci_ioeventfd_assign (d=0x555557c30a00, notifier=0x555557c41aa4, n=0, assign=<optimized out>) at ../hw/virtio/virtio-pci.c:347
        proxy = 0x555557c30a00
        vdev = <optimized out>
        vq = <optimized out>
        legacy = true
        modern = <optimized out>
        fast_mmio = true
        modern_pio = false
        modern_mr = <optimized out>
        modern_notify_mr = 0x555557c319c0
        legacy_mr = 0x555557c31430
        modern_addr = <optimized out>
#7  0x0000555555a2be78 in virtio_bus_set_host_notifier (bus=0x555557c38d50, n=n@entry=0, assign=assign@entry=true) at ../hw/virtio/virtio-bus.c:296
        vdev = <optimized out>
        k = 0x555556a7b620
        proxy = 0x555557c30a00
        vq = 0x555557c41a30
        notifier = 0x555557c41aa4
        r = <optimized out>
        __func__ = "virtio_bus_set_host_notifier"
#8  0x0000555555ba1595 in virtio_scsi_set_host_notifier (s=s@entry=0x555557c38dd0, n=n@entry=0, vq=<optimized out>) at /root/qemu/include/hw/virtio/virtio-bus.h:35
        qbus = <optimized out>
        rc = <optimized out>
#9  0x0000555555ba1860 in virtio_scsi_dataplane_start (vdev=<optimized out>) at ../hw/scsi/virtio-scsi-dataplane.c:130
        i = <optimized out>
        rc = <optimized out>
        vq_init_count = 0
        qbus = 0x555557c38d50
        k = 0x555556a7b620
        vs = 0x555557c38dd0
        s = 0x555557c38dd0
#10 0x0000555555a2bbd2 in virtio_bus_start_ioeventfd (bus=0x555557c38d50) at ../hw/virtio/virtio-bus.c:236
        k = <optimized out>
        proxy = 0x555557c30a00
        vdev = 0x555557c38dd0
        vdc = 0x555556a19cc0
        r = <optimized out>
        __func__ = "virtio_bus_start_ioeventfd"
#11 0x0000555555bc0739 in virtio_device_start_ioeventfd (vdev=vdev@entry=0x555557c38dd0) at ../hw/virtio/virtio.c:3741
        qbus = <optimized out>
        vbus = <optimized out>
#12 0x0000555555b9fc80 in virtio_scsi_defer_to_dataplane (s=0x555557c38dd0) at ../hw/scsi/virtio-scsi.c:614
        s = 0x555557c38dd0
#13 0x0000555555b9fc80 in virtio_scsi_defer_to_dataplane (s=0x555557c38dd0) at ../hw/scsi/virtio-scsi.c:608
        s = 0x555557c38dd0
#14 0x0000555555b9fc80 in virtio_scsi_handle_event (vdev=<optimized out>, vq=<optimized out>) at ../hw/scsi/virtio-scsi.c:1011
        s = 0x555557c38dd0
#15 0x0000555555bba2af in virtio_queue_notify_vq (vq=0x555557c41ac8) at ../hw/virtio/virtio.c:2248
        vdev = 0x555557c38dd0
#16 0x0000555555de7b08 in aio_dispatch_handler (ctx=ctx@entry=0x555556c2c130, node=0x555557ffbff0) at ../util/aio-posix.c:356
        progress = false
        poll_ready = true
        revents = <optimized out>
#17 0x0000555555de861c in aio_dispatch_ready_handlers (ready_list=0x7fffde952fe8, ctx=0x555556c2c130) at ../util/aio-posix.c:401
        progress = false
        node = <optimized out>
        ready_list = {lh_first = 0x0}
        progress = true
        use_notify_me = <optimized out>
        timeout = <optimized out>
        start = <optimized out>
        __PRETTY_FUNCTION__ = "aio_poll"
#18 0x0000555555de861c in aio_poll (ctx=0x555556c2c130, blocking=blocking@entry=true) at ../util/aio-posix.c:723
        ready_list = {lh_first = 0x0}
        progress = true
        use_notify_me = <optimized out>
        timeout = <optimized out>
        start = <optimized out>
        __PRETTY_FUNCTION__ = "aio_poll"
#19 0x0000555555ca9ae6 in iothread_run (opaque=opaque@entry=0x555556943200) at ../iothread.c:63
        iothread = 0x555556943200
#20 0x0000555555deaf6a in qemu_thread_start (args=<optimized out>) at ../util/qemu-thread-posix.c:541
        __cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {93825016192880, 1094026140696841148, 140737488341294, 140737488341295, 140737488341440, 140736927707584, 6520036150746942396, 1094028099712322492}, __mask_was_saved = 0}}, __pad = {0x7fffde953110, 0x0, 0x0, 0x0}}
        __cancel_routine = 0x555555deafc0 <qemu_thread_atexit_notify>
        __not_first_call = <optimized out>
        qemu_thread_args = <optimized out>
        start_routine = 0x555555ca9aa0 <iothread_run>
        arg = 0x555556943200
        r = <optimized out>
#21 0x00007ffff2d6c1ca in start_thread () at /lib64/libpthread.so.0
#22 0x00007ffff29d8e73 in clone () at /lib64/libc.so.6
```