aboutsummaryrefslogtreecommitdiff
path: root/hw/virtio
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2013-09-20 14:10:26 +0200
committerPaolo Bonzini <pbonzini@redhat.com>2013-12-09 21:46:48 +0100
commit06a1307379fcd6c551185ad87679cd7ed896b9ea (patch)
treefe5261c40d362e495507fe290dfafa481a13b643 /hw/virtio
parent7bb6edb0e3dd78d74e0ac980cf6c0a07307f61bf (diff)
downloadqemu-06a1307379fcd6c551185ad87679cd7ed896b9ea.zip
qemu-06a1307379fcd6c551185ad87679cd7ed896b9ea.tar.gz
qemu-06a1307379fcd6c551185ad87679cd7ed896b9ea.tar.bz2
virtio-pci: add device_unplugged callback
This fixes a crash in hot-unplug of virtio-pci devices behind a PCIe switch. The crash happens because the ioeventfd is still set whent the child is destroyed (destruction happens in postorder). Then the proxy tries to unset to ioeventfd, but the virtqueue structure that holds the EventNotifier has been trashed in the meanwhile. kvm_set_ioeventfd_pio does not expect failure and aborts. The fix is simply to move parts of uninitialization to a new device_unplugged callback, which is called before the child is destroyed. Cc: qemu-stable@nongnu.org Acked-by: Andreas Faerber <afaerber@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'hw/virtio')
-rw-r--r--hw/virtio/virtio-pci.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 15b92e9..30c9f2b 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1002,6 +1002,15 @@ static void virtio_pci_device_plugged(DeviceState *d)
proxy->host_features);
}
+static void virtio_pci_device_unplugged(DeviceState *d)
+{
+ PCIDevice *pci_dev = PCI_DEVICE(d);
+ VirtIOPCIProxy *proxy = VIRTIO_PCI(d);
+
+ virtio_pci_stop_ioeventfd(proxy);
+ msix_uninit_exclusive_bar(pci_dev);
+}
+
static int virtio_pci_init(PCIDevice *pci_dev)
{
VirtIOPCIProxy *dev = VIRTIO_PCI(pci_dev);
@@ -1016,9 +1025,7 @@ static int virtio_pci_init(PCIDevice *pci_dev)
static void virtio_pci_exit(PCIDevice *pci_dev)
{
VirtIOPCIProxy *proxy = VIRTIO_PCI(pci_dev);
- virtio_pci_stop_ioeventfd(proxy);
memory_region_destroy(&proxy->bar);
- msix_uninit_exclusive_bar(pci_dev);
}
static void virtio_pci_reset(DeviceState *qdev)
@@ -1553,6 +1560,7 @@ static void virtio_pci_bus_class_init(ObjectClass *klass, void *data)
k->set_guest_notifiers = virtio_pci_set_guest_notifiers;
k->vmstate_change = virtio_pci_vmstate_change;
k->device_plugged = virtio_pci_device_plugged;
+ k->device_unplugged = virtio_pci_device_unplugged;
}
static const TypeInfo virtio_pci_bus_info = {