[Qemu-devel] [PULL 12/30] virtio-pci: add device_unplugged callback

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: cornelia.huck@de.ibm.com, qemu-stable@nongnu.org,
	afaerber@suse.de, mst@redhat.com
Subject: [Qemu-devel] [PULL 12/30] virtio-pci: add device_unplugged callback
Date: Mon,  9 Dec 2013 21:48:14 +0100	[thread overview]
Message-ID: <1386622112-27257-13-git-send-email-pbonzini@redhat.com> (raw)
In-Reply-To: <1386622112-27257-1-git-send-email-pbonzini@redhat.com>

This fixes a crash in hot-unplug of virtio-pci devices behind a PCIe
switch.  The crash happens because the ioeventfd is still set whent the
child is destroyed (destruction happens in postorder).  Then the proxy
tries to unset to ioeventfd, but the virtqueue structure that holds the
EventNotifier has been trashed in the meanwhile.  kvm_set_ioeventfd_pio
does not expect failure and aborts.

The fix is simply to move parts of uninitialization to a new
device_unplugged callback, which is called before the child is destroyed.

Cc: qemu-stable@nongnu.org
Acked-by: Andreas Faerber <afaerber@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 hw/virtio/virtio-pci.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 15b92e9..30c9f2b 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1002,6 +1002,15 @@ static void virtio_pci_device_plugged(DeviceState *d)
                                                       proxy->host_features);
 }
 
+static void virtio_pci_device_unplugged(DeviceState *d)
+{
+    PCIDevice *pci_dev = PCI_DEVICE(d);
+    VirtIOPCIProxy *proxy = VIRTIO_PCI(d);
+
+    virtio_pci_stop_ioeventfd(proxy);
+    msix_uninit_exclusive_bar(pci_dev);
+}
+
 static int virtio_pci_init(PCIDevice *pci_dev)
 {
     VirtIOPCIProxy *dev = VIRTIO_PCI(pci_dev);
@@ -1016,9 +1025,7 @@ static int virtio_pci_init(PCIDevice *pci_dev)
 static void virtio_pci_exit(PCIDevice *pci_dev)
 {
     VirtIOPCIProxy *proxy = VIRTIO_PCI(pci_dev);
-    virtio_pci_stop_ioeventfd(proxy);
     memory_region_destroy(&proxy->bar);
-    msix_uninit_exclusive_bar(pci_dev);
 }
 
 static void virtio_pci_reset(DeviceState *qdev)
@@ -1553,6 +1560,7 @@ static void virtio_pci_bus_class_init(ObjectClass *klass, void *data)
     k->set_guest_notifiers = virtio_pci_set_guest_notifiers;
     k->vmstate_change = virtio_pci_vmstate_change;
     k->device_plugged = virtio_pci_device_plugged;
+    k->device_unplugged = virtio_pci_device_unplugged;
 }
 
 static const TypeInfo virtio_pci_bus_info = {
-- 
1.8.4.2

next prev parent reply	other threads:[~2013-12-09 20:49 UTC|newest]

Thread overview: 37+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-12-09 20:48 [Qemu-devel] [PULL 00/30] virtio conversion to realize and hotplug/unplug fixes Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 01/30] virtio-ccw: move virtio_ccw_stop_ioeventfd to virtio_ccw_busdev_unplug Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 02/30] virtio-bus: remove vdev field Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 03/30] virtio-ccw: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 04/30] virtio-pci: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 05/30] virtio-bus: cleanup plug/unplug interface Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 06/30] virtio-blk: switch exit callback to VirtioDeviceClass Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 07/30] virtio-serial: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 08/30] virtio-net: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 09/30] virtio-scsi: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 10/30] virtio-balloon: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 11/30] virtio-rng: " Paolo Bonzini
2013-12-09 20:48 ` Paolo Bonzini [this message]
2013-12-09 20:48 ` [Qemu-devel] [PULL 13/30] virtio-blk-dataplane: Improve error reporting Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 14/30] virtio-9p: QOM realize preparations Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 15/30] virtio-blk: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 16/30] virtio-serial: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 17/30] virtio-net: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 18/30] virtio-balloon: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 19/30] virtio-rng: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 20/30] virtio-scsi: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 21/30] virtio: Start converting VirtioDevice to QOM realize Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 22/30] virtio-9p: Convert " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 23/30] virtio-blk: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 24/30] virtio-serial: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 25/30] virtio-net: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 26/30] virtio-balloon: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 27/30] virtio-rng: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 28/30] virtio-scsi: " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 29/30] virtio: Complete converting VirtioDevice " Paolo Bonzini
2013-12-09 20:48 ` [Qemu-devel] [PULL 30/30] virtio: Convert exit to unrealize Paolo Bonzini
2013-12-19 15:25   ` Stefan Hajnoczi
2013-12-19 15:32     ` Paolo Bonzini
2013-12-11  0:12 ` [Qemu-devel] [PULL 00/30] virtio conversion to realize and hotplug/unplug fixes Anthony Liguori
2013-12-11  7:45   ` Paolo Bonzini
2013-12-13 15:50     ` Paolo Bonzini
2013-12-13 16:37       ` Anthony Liguori

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:15b92e9 dfblob:30c9f2b )
 OR (
bs:"[Qemu-devel] [PULL 12/30] virtio-pci: add device_unplugged callback" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1386622112-27257-13-git-send-email-pbonzini@redhat.com \
    --to=pbonzini@redhat.com \
    --cc=afaerber@suse.de \
    --cc=cornelia.huck@de.ibm.com \
    --cc=mst@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-stable@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).