From: Zhenzhong Duan <zhenzhong.duan@intel.com>
To: qemu-devel@nongnu.org
Cc: alex.williamson@redhat.com, clg@redhat.com,
joao.m.martins@oracle.com, avihaih@nvidia.com,
chao.p.peng@intel.com
Subject: [PATCH v4 1/5] vfio/pci: Fix a segfault in vfio_realize
Date: Thu, 29 Jun 2023 16:40:38 +0800 [thread overview]
Message-ID: <20230629084042.86502-2-zhenzhong.duan@intel.com> (raw)
In-Reply-To: <20230629084042.86502-1-zhenzhong.duan@intel.com>
The kvm irqchip notifier is only registered if the device supports
INTx, however it's unconditionally removed in vfio realize error
path. If the assigned device does not support INTx, this will cause
QEMU to crash when vfio realize fails. Change it to conditionally
remove the notifier only if the notify hook is setup.
Before fix:
(qemu) device_add vfio-pci,host=81:11.1,id=vfio1,bus=root1,xres=1
Connection closed by foreign host.
After fix:
(qemu) device_add vfio-pci,host=81:11.1,id=vfio1,bus=root1,xres=1
Error: vfio 0000:81:11.1: xres and yres properties require display=on
(qemu)
Fixes: c5478fea27ac ("vfio/pci: Respond to KVM irqchip change notifier")
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
---
hw/vfio/pci.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
index 73e19a04b2bf..48df517f79ee 100644
--- a/hw/vfio/pci.c
+++ b/hw/vfio/pci.c
@@ -3221,7 +3221,9 @@ static void vfio_realize(PCIDevice *pdev, Error **errp)
out_deregister:
pci_device_set_intx_routing_notifier(&vdev->pdev, NULL);
- kvm_irqchip_remove_change_notifier(&vdev->irqchip_change_notifier);
+ if (vdev->irqchip_change_notifier.notify) {
+ kvm_irqchip_remove_change_notifier(&vdev->irqchip_change_notifier);
+ }
out_teardown:
vfio_teardown_msi(vdev);
vfio_bars_exit(vdev);
--
2.34.1
next prev parent reply other threads:[~2023-06-29 8:54 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-29 8:40 [PATCH v4 0/5] VFIO migration related refactor and bug fix Zhenzhong Duan
2023-06-29 8:40 ` Zhenzhong Duan [this message]
2023-06-29 10:57 ` [PATCH v4 1/5] vfio/pci: Fix a segfault in vfio_realize Joao Martins
2023-06-29 13:06 ` Cédric Le Goater
2023-06-29 8:40 ` [PATCH v4 2/5] vfio/pci: Free leaked timer in vfio_realize error path Zhenzhong Duan
2023-06-29 10:59 ` Joao Martins
2023-06-29 13:09 ` Cédric Le Goater
2023-06-29 8:40 ` [PATCH v4 3/5] vfio/pci: Disable INTx " Zhenzhong Duan
2023-06-29 11:24 ` Joao Martins
2023-06-29 15:13 ` Cédric Le Goater
2023-06-29 15:33 ` Joao Martins
2023-06-30 1:19 ` Duan, Zhenzhong
2023-06-29 8:40 ` [PATCH v4 4/5] vfio/pci: Free resources when vfio_migration_realize fails Zhenzhong Duan
2023-06-29 11:45 ` Joao Martins
2023-06-29 15:23 ` Cédric Le Goater
2023-06-30 1:23 ` Duan, Zhenzhong
2023-06-29 8:40 ` [PATCH v4 5/5] vfio/migration: Refactor and fix print of "Migration disabled" Zhenzhong Duan
2023-06-29 12:44 ` Joao Martins
2023-06-29 15:20 ` Avihai Horon
2023-06-29 15:42 ` Joao Martins
2023-06-29 22:12 ` Alex Williamson
2023-06-30 1:38 ` Duan, Zhenzhong
2023-06-29 16:40 ` Cédric Le Goater
2023-06-30 1:40 ` Duan, Zhenzhong
2023-06-30 6:01 ` [PATCH v4 0/5] VFIO migration related refactor and bug fix Cédric Le Goater
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230629084042.86502-2-zhenzhong.duan@intel.com \
--to=zhenzhong.duan@intel.com \
--cc=alex.williamson@redhat.com \
--cc=avihaih@nvidia.com \
--cc=chao.p.peng@intel.com \
--cc=clg@redhat.com \
--cc=joao.m.martins@oracle.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).