mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8b81bb3b06
qemu/hw
History
Paolo Bonzini 8b81bb3b06 virtio-pci: fix MSI memory region use after free 
After memory region QOMification QEMU is stricter in detecting
wrong usage of the memory region API.  Here it detected a
memory_region_destroy done before the corresponding
memory_region_del_subregion; the memory_region_destroy is
done by msix_uninit_exclusive_bar, the memory_region_del_subregion
is done by the PCI core's pci_unregister_io_regions before
pc->exit is called.

The problem was introduced by
commit 06a1307379
    virtio-pci: add device_unplugged callback
As noted in that commit log, virtio device kick callbacks need to be
stopped before generic virtio is cleaned up. This is because these are
notifications from pci proxy to the generic virtio device so they need
to be stopped in the unplug call before the virtio device is unrealized.
However interrupts are notifications from the virtio device to
the pci proxy so they need to stay around while the device
is realized.

The memory API misuse caused an assertion when hot-unplugging virtio
devices.  Using the API correctly fixes the assertion.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2014-07-06 09:13:54 +03:00
..
9pfs virtio-9p: use virtio wrappers to access headers 2014-06-29 19:39:43 +03:00
acpi acpi: fix typo in memory hotplug MMIO region name 2014-07-06 09:13:54 +03:00
alpha machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
arm hw: Fix qemu_allocate_irqs() leaks 2014-06-30 21:13:30 +02:00
audio audio: fmopl: drop INLINE macro 2014-06-23 11:01:24 -04:00
block virtio-blk: remove need for explicit x-data-plane=on option 2014-07-01 09:15:02 +02:00
bt Preparation for usb-bt-dongle conditional build 2013-09-10 11:14:41 +02:00
char irq: Allocate IRQs individually 2014-07-01 04:02:53 +02:00
core qdev: Fix crash when using non-device class name on -global 2014-07-06 09:13:54 +03:00
cpu icc_bus: QOM'ify ICC 2013-12-24 18:02:18 +01:00
cris machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
display spice: fix 32bit build 2014-06-20 16:22:07 +01:00
dma hw: Fix qemu_allocate_irqs() leaks 2014-06-30 21:13:30 +02:00
gpio savevm: Remove all the unneeded version_minimum_id_old (arm) 2014-05-13 16:09:35 +01:00
i2c savevm: Remove all the unneeded version_minimum_id_old (rest) 2014-05-14 15:24:51 +02:00
i386 pc: make isapc and pc-0.10 to pc-0.13 have 1.7.0 memory layout 2014-06-29 18:59:41 +03:00
ide hw: Fix qemu_allocate_irqs() leaks 2014-06-30 21:13:30 +02:00
input input: fix jumpy mouse cursor with USB mouse emulation 2014-07-01 13:26:37 +02:00
intc xics: Implement xics_ics_free() 2014-06-27 13:48:26 +02:00
ipack irq: Allocate IRQs individually 2014-07-01 04:02:53 +02:00
isa acpi: implement ospm_status() method for PIIX4/ICH9_LPC devices 2014-06-19 18:44:22 +03:00
lm32 machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
m68k machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
mem pc-dimm: error out if memory hotplug is not enabled 2014-07-06 09:13:54 +03:00
microblaze ssi: Name the CS GPIO 2014-05-28 17:36:21 +02:00
mips gt64xxx_pci: Add VMStateDescription 2014-06-20 23:40:16 +02:00
misc hw: Fix qemu_allocate_irqs() leaks 2014-06-30 21:13:30 +02:00
moxie hw/moxie/moxiesim.c: Remove unused moxie_intc_create() 2014-06-24 20:01:24 +04:00
net vhost-net: disable when cross-endian 2014-06-29 19:39:43 +03:00
nvram spapr: Fix RTAS token numbers 2014-06-27 13:48:22 +02:00
openrisc machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
pci pci: assign devfn to pci_dev before calling pci_device_iommu_address_space() 2014-07-06 09:13:54 +03:00
pci-bridge hw/pcie: implement power controller functionality 2014-06-23 17:48:42 +03:00
pci-host uninorth: Fix PCI hole size 2014-06-27 13:48:24 +02:00
pcmcia hw: Fix qemu_allocate_irqs() leaks 2014-06-30 21:13:30 +02:00
ppc PPC: e500: Only create dt entries for existing serial ports 2014-06-27 13:48:27 +02:00
s390x virtio: move common virtio properties to bus class device 2014-07-06 09:13:54 +03:00
scsi virtio-scsi: scsi events must be converted to target endianness 2014-07-01 09:40:38 +02:00
sd hw: Fix qemu_allocate_irqs() leaks 2014-06-30 21:13:30 +02:00
sh4 hw: Fix qemu_allocate_irqs() leaks 2014-06-30 21:13:30 +02:00
sparc tcx: move initialisation from realizefn to initfn 2014-06-05 20:51:57 +01:00
sparc64 machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
ssi ssi: Name the CS GPIO 2014-05-28 17:36:21 +02:00
timer Merge remote-tracking branch 'remotes/bonzini/memory' into staging 2014-07-01 11:55:49 +01:00
tpm aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
unicore32 machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
usb ccid-card-emulated: use EventNotifier 2014-07-01 15:49:51 +02:00
virtio virtio-pci: fix MSI memory region use after free 2014-07-06 09:13:54 +03:00
watchdog qapi event: clean up in callers 2014-06-27 09:27:56 -04:00
xen trivial patches for 2014-05-07 2014-05-07 18:38:39 +01:00
xenpv machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
xtensa hw/xtensa/xtfpga: implement initrd loading 2014-06-29 02:32:42 +04:00
Makefile.objs pc: implement pc-dimm device abstraction 2014-06-19 16:41:47 +03:00