From nobody Sun May 5 04:31:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1512976979804834.0391219344704; Sun, 10 Dec 2017 23:22:59 -0800 (PST) Received: from localhost ([::1]:51120 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eOIQN-0001JQ-EU for importer@patchew.org; Mon, 11 Dec 2017 02:22:51 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33031) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eOIOu-0000Ao-F5 for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:21 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eOIOr-0003hz-TJ for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:20 -0500 Received: from mx1.redhat.com ([209.132.183.28]:56960) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eOIOr-0003gd-MT for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:17 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D730E4ACA4; Mon, 11 Dec 2017 07:21:16 +0000 (UTC) Received: from dhcp-1-107.brq.redhat.com (unknown [10.43.2.157]) by smtp.corp.redhat.com (Postfix) with ESMTP id 87DF65C660; Mon, 11 Dec 2017 07:21:15 +0000 (UTC) From: Ladi Prosek To: qemu-devel@nongnu.org Date: Mon, 11 Dec 2017 08:21:07 +0100 Message-Id: <20171211072110.9058-2-lprosek@redhat.com> In-Reply-To: <20171211072110.9058-1-lprosek@redhat.com> References: <20171211072110.9058-1-lprosek@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Mon, 11 Dec 2017 07:21:16 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v4 1/4] ivshmem: Don't update non-existent MSI routes X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: geoff@hostfission.com, pbonzini@redhat.com, armbru@redhat.com, marcandre.lureau@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" As of commit 660c97eef6f8 ("ivshmem: use kvm irqfd for msi notifications"), QEMU crashes with: kvm_irqchip_commit_routes: Assertion `ret =3D=3D 0' failed. if the ivshmem device is configured with more vectors than what the server supports. This is caused by the ivshmem_vector_unmask() being called on vectors that have not been initialized by ivshmem_add_kvm_msi_virq(). This commit fixes it by adding a simple check to the mask and unmask callbacks. Note that the opposite mismatch, if the server supplies more vectors than what the device is configured for, is already handled and leads to output like: Too many eventfd received, device has 1 vectors To reproduce the assert, run: ivshmem-server -n 0 and QEMU with: -device ivshmem-doorbell,chardev=3Div -chardev socket,path=3D/tmp/ivshmem_socket,id=3Div then load the Windows driver, at the time of writing available at: https://github.com/virtio-win/kvm-guest-drivers-windows/tree/master/ivshmem The issue is believed to have been masked by other guest drivers, notably Linux ones, not enabling MSI-X on the device. Fixes: 660c97eef6f8 ("ivshmem: use kvm irqfd for msi notifications") Signed-off-by: Ladi Prosek Reviewed-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Markus Armbruster --- hw/misc/ivshmem.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/hw/misc/ivshmem.c b/hw/misc/ivshmem.c index a5a46827fe..6e46669744 100644 --- a/hw/misc/ivshmem.c +++ b/hw/misc/ivshmem.c @@ -317,6 +317,10 @@ static int ivshmem_vector_unmask(PCIDevice *dev, unsig= ned vector, int ret; =20 IVSHMEM_DPRINTF("vector unmask %p %d\n", dev, vector); + if (!v->pdev) { + error_report("ivshmem: vector %d route does not exist", vector); + return -EINVAL; + } =20 ret =3D kvm_irqchip_update_msi_route(kvm_state, v->virq, msg, dev); if (ret < 0) { @@ -331,12 +335,16 @@ static void ivshmem_vector_mask(PCIDevice *dev, unsig= ned vector) { IVShmemState *s =3D IVSHMEM_COMMON(dev); EventNotifier *n =3D &s->peers[s->vm_id].eventfds[vector]; + MSIVector *v =3D &s->msi_vectors[vector]; int ret; =20 IVSHMEM_DPRINTF("vector mask %p %d\n", dev, vector); + if (!v->pdev) { + error_report("ivshmem: vector %d route does not exist", vector); + return; + } =20 - ret =3D kvm_irqchip_remove_irqfd_notifier_gsi(kvm_state, n, - s->msi_vectors[vector].vir= q); + ret =3D kvm_irqchip_remove_irqfd_notifier_gsi(kvm_state, n, v->virq); if (ret !=3D 0) { error_report("remove_irqfd_notifier_gsi failed"); } --=20 2.13.6 From nobody Sun May 5 04:31:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1512976979787929.1473120210737; Sun, 10 Dec 2017 23:22:59 -0800 (PST) Received: from localhost ([::1]:51121 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eOIQR-0001WQ-QG for importer@patchew.org; Mon, 11 Dec 2017 02:22:55 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33046) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eOIOu-0000Aq-T1 for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:21 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eOIOt-0003k6-JL for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:20 -0500 Received: from mx1.redhat.com ([209.132.183.28]:57374) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eOIOt-0003j0-BR for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:19 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 922D7C0587FA; Mon, 11 Dec 2017 07:21:18 +0000 (UTC) Received: from dhcp-1-107.brq.redhat.com (unknown [10.43.2.157]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2BF795C6C5; Mon, 11 Dec 2017 07:21:17 +0000 (UTC) From: Ladi Prosek To: qemu-devel@nongnu.org Date: Mon, 11 Dec 2017 08:21:08 +0100 Message-Id: <20171211072110.9058-3-lprosek@redhat.com> In-Reply-To: <20171211072110.9058-1-lprosek@redhat.com> References: <20171211072110.9058-1-lprosek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Mon, 11 Dec 2017 07:21:18 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v4 2/4] ivshmem: Always remove irqfd notifiers X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: geoff@hostfission.com, pbonzini@redhat.com, armbru@redhat.com, marcandre.lureau@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" As of commit 660c97eef6f8 ("ivshmem: use kvm irqfd for msi notifications"), QEMU crashes with: ivshmem: msix_set_vector_notifiers failed msix_unset_vector_notifiers: Assertion `dev->msix_vector_use_notifier && de= v->msix_vector_release_notifier' failed. if MSI-X is repeatedly enabled and disabled on the ivshmem device, for exam= ple by loading and unloading the Windows ivshmem driver. This is because msix_unset_vector_notifiers() doesn't call any of the release notifier call= backs since MSI-X is already disabled at that point (msix_enabled() returning fal= se is how this transition is detected in the first place). Thus ivshmem_vector= _mask() doesn't run and when MSI-X is subsequently enabled again ivshmem_vector_unm= ask() fails. This is fixed by keeping track of unmasked vectors and making sure that ivshmem_vector_mask() always runs on MSI-X disable. Fixes: 660c97eef6f8 ("ivshmem: use kvm irqfd for msi notifications") Signed-off-by: Ladi Prosek Reviewed-by: Markus Armbruster --- hw/misc/ivshmem.c | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/hw/misc/ivshmem.c b/hw/misc/ivshmem.c index 6e46669744..91364d8364 100644 --- a/hw/misc/ivshmem.c +++ b/hw/misc/ivshmem.c @@ -77,6 +77,7 @@ typedef struct Peer { typedef struct MSIVector { PCIDevice *pdev; int virq; + bool unmasked; } MSIVector; =20 typedef struct IVShmemState { @@ -321,6 +322,7 @@ static int ivshmem_vector_unmask(PCIDevice *dev, unsign= ed vector, error_report("ivshmem: vector %d route does not exist", vector); return -EINVAL; } + assert(!v->unmasked); =20 ret =3D kvm_irqchip_update_msi_route(kvm_state, v->virq, msg, dev); if (ret < 0) { @@ -328,7 +330,13 @@ static int ivshmem_vector_unmask(PCIDevice *dev, unsig= ned vector, } kvm_irqchip_commit_routes(kvm_state); =20 - return kvm_irqchip_add_irqfd_notifier_gsi(kvm_state, n, NULL, v->virq); + ret =3D kvm_irqchip_add_irqfd_notifier_gsi(kvm_state, n, NULL, v->virq= ); + if (ret < 0) { + return ret; + } + v->unmasked =3D true; + + return 0; } =20 static void ivshmem_vector_mask(PCIDevice *dev, unsigned vector) @@ -343,11 +351,14 @@ static void ivshmem_vector_mask(PCIDevice *dev, unsig= ned vector) error_report("ivshmem: vector %d route does not exist", vector); return; } + assert(v->unmasked); =20 ret =3D kvm_irqchip_remove_irqfd_notifier_gsi(kvm_state, n, v->virq); - if (ret !=3D 0) { + if (ret < 0) { error_report("remove_irqfd_notifier_gsi failed"); + return; } + v->unmasked =3D false; } =20 static void ivshmem_vector_poll(PCIDevice *dev, @@ -817,11 +828,20 @@ static void ivshmem_disable_irqfd(IVShmemState *s) PCIDevice *pdev =3D PCI_DEVICE(s); int i; =20 - for (i =3D 0; i < s->peers[s->vm_id].nb_eventfds; i++) { - ivshmem_remove_kvm_msi_virq(s, i); - } - msix_unset_vector_notifiers(pdev); + + for (i =3D 0; i < s->peers[s->vm_id].nb_eventfds; i++) { + /* + * MSI-X is already disabled here so msix_unset_vector_notifiers() + * didn't call our release notifier. Do it now to keep our masks = and + * unmasks balanced. + */ + if (s->msi_vectors[i].unmasked) { + ivshmem_vector_mask(pdev, i); + } + ivshmem_remove_kvm_msi_virq(s, i); + } + } =20 static void ivshmem_write_config(PCIDevice *pdev, uint32_t address, --=20 2.13.6 From nobody Sun May 5 04:31:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1512976982596760.6402357136684; Sun, 10 Dec 2017 23:23:02 -0800 (PST) Received: from localhost ([::1]:51122 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eOIQU-0001dv-4N for importer@patchew.org; Mon, 11 Dec 2017 02:22:58 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33072) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eOIOw-0000Ba-Dl for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:23 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eOIOv-0003lY-CV for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:22 -0500 Received: from mx1.redhat.com ([209.132.183.28]:56970) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eOIOv-0003kv-3f for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:21 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 59FB54E02A; Mon, 11 Dec 2017 07:21:20 +0000 (UTC) Received: from dhcp-1-107.brq.redhat.com (unknown [10.43.2.157]) by smtp.corp.redhat.com (Postfix) with ESMTP id DB90B5C660; Mon, 11 Dec 2017 07:21:18 +0000 (UTC) From: Ladi Prosek To: qemu-devel@nongnu.org Date: Mon, 11 Dec 2017 08:21:09 +0100 Message-Id: <20171211072110.9058-4-lprosek@redhat.com> In-Reply-To: <20171211072110.9058-1-lprosek@redhat.com> References: <20171211072110.9058-1-lprosek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Mon, 11 Dec 2017 07:21:20 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v4 3/4] ivshmem: Improve MSI irqfd error handling X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: geoff@hostfission.com, pbonzini@redhat.com, armbru@redhat.com, marcandre.lureau@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Adds a rollback path to ivshmem_enable_irqfd() and fixes ivshmem_disable_irqfd() to bail if irqfd has not been enabled. To reproduce, run: ivshmem-server -n 0 and QEMU with: -device ivshmem-doorbell,chardev=3Div -chardev socket,path=3D/tmp/ivshmem_socket,id=3Div then load, unload, and load again the Windows driver, at the time of writing available at: https://github.com/virtio-win/kvm-guest-drivers-windows/tree/master/ivshmem The issue is believed to have been masked by other guest drivers, notably Linux ones, not enabling MSI-X on the device. Signed-off-by: Ladi Prosek Reviewed-by: Markus Armbruster --- hw/misc/ivshmem.c | 37 ++++++++++++++++++++++++------------- 1 file changed, 24 insertions(+), 13 deletions(-) diff --git a/hw/misc/ivshmem.c b/hw/misc/ivshmem.c index 91364d8364..d1bb246d12 100644 --- a/hw/misc/ivshmem.c +++ b/hw/misc/ivshmem.c @@ -786,6 +786,20 @@ static int ivshmem_setup_interrupts(IVShmemState *s, E= rror **errp) return 0; } =20 +static void ivshmem_remove_kvm_msi_virq(IVShmemState *s, int vector) +{ + IVSHMEM_DPRINTF("ivshmem_remove_kvm_msi_virq vector:%d\n", vector); + + if (s->msi_vectors[vector].pdev =3D=3D NULL) { + return; + } + + /* it was cleaned when masked in the frontend. */ + kvm_irqchip_release_virq(kvm_state, s->msi_vectors[vector].virq); + + s->msi_vectors[vector].pdev =3D NULL; +} + static void ivshmem_enable_irqfd(IVShmemState *s) { PCIDevice *pdev =3D PCI_DEVICE(s); @@ -797,7 +811,7 @@ static void ivshmem_enable_irqfd(IVShmemState *s) ivshmem_add_kvm_msi_virq(s, i, &err); if (err) { error_report_err(err); - /* TODO do we need to handle the error? */ + goto undo; } } =20 @@ -806,21 +820,14 @@ static void ivshmem_enable_irqfd(IVShmemState *s) ivshmem_vector_mask, ivshmem_vector_poll)) { error_report("ivshmem: msix_set_vector_notifiers failed"); + goto undo; } -} + return; =20 -static void ivshmem_remove_kvm_msi_virq(IVShmemState *s, int vector) -{ - IVSHMEM_DPRINTF("ivshmem_remove_kvm_msi_virq vector:%d\n", vector); - - if (s->msi_vectors[vector].pdev =3D=3D NULL) { - return; +undo: + while (--i >=3D 0) { + ivshmem_remove_kvm_msi_virq(s, i); } - - /* it was cleaned when masked in the frontend. */ - kvm_irqchip_release_virq(kvm_state, s->msi_vectors[vector].virq); - - s->msi_vectors[vector].pdev =3D NULL; } =20 static void ivshmem_disable_irqfd(IVShmemState *s) @@ -828,6 +835,10 @@ static void ivshmem_disable_irqfd(IVShmemState *s) PCIDevice *pdev =3D PCI_DEVICE(s); int i; =20 + if (!pdev->msix_vector_use_notifier) { + return; + } + msix_unset_vector_notifiers(pdev); =20 for (i =3D 0; i < s->peers[s->vm_id].nb_eventfds; i++) { --=20 2.13.6 From nobody Sun May 5 04:31:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1512977096809748.7802905921952; Sun, 10 Dec 2017 23:24:56 -0800 (PST) Received: from localhost ([::1]:51134 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eOISL-0003mt-Ew for importer@patchew.org; Mon, 11 Dec 2017 02:24:53 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33103) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eOIOx-0000Cs-Qj for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:24 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eOIOw-0003mV-Vk for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:23 -0500 Received: from mx1.redhat.com ([209.132.183.28]:34320) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eOIOw-0003ls-Pa for qemu-devel@nongnu.org; Mon, 11 Dec 2017 02:21:22 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id F3D038553F; Mon, 11 Dec 2017 07:21:21 +0000 (UTC) Received: from dhcp-1-107.brq.redhat.com (unknown [10.43.2.157]) by smtp.corp.redhat.com (Postfix) with ESMTP id A3B2D5C6C5; Mon, 11 Dec 2017 07:21:20 +0000 (UTC) From: Ladi Prosek To: qemu-devel@nongnu.org Date: Mon, 11 Dec 2017 08:21:10 +0100 Message-Id: <20171211072110.9058-5-lprosek@redhat.com> In-Reply-To: <20171211072110.9058-1-lprosek@redhat.com> References: <20171211072110.9058-1-lprosek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Mon, 11 Dec 2017 07:21:22 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v4 4/4] ivshmem: Disable irqfd on device reset X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: geoff@hostfission.com, pbonzini@redhat.com, armbru@redhat.com, marcandre.lureau@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The effects of ivshmem_enable_irqfd() was not undone on device reset. This manifested as: ivshmem_add_kvm_msi_virq: Assertion `!s->msi_vectors[vector].pdev' failed. when irqfd was enabled before reset and then enabled again after reset, mak= ing ivshmem_enable_irqfd() run for the second time. To reproduce, run: ivshmem-server and QEMU with: -device ivshmem-doorbell,chardev=3Div -chardev socket,path=3D/tmp/ivshmem_socket,id=3Div then install the Windows driver, at the time of writing available at: https://github.com/virtio-win/kvm-guest-drivers-windows/tree/master/ivshmem and crash-reboot the guest by inducing a BSOD. Signed-off-by: Ladi Prosek Reviewed-by: Markus Armbruster --- hw/misc/ivshmem.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hw/misc/ivshmem.c b/hw/misc/ivshmem.c index d1bb246d12..9c7e74ef12 100644 --- a/hw/misc/ivshmem.c +++ b/hw/misc/ivshmem.c @@ -758,10 +758,14 @@ static void ivshmem_msix_vector_use(IVShmemState *s) } } =20 +static void ivshmem_disable_irqfd(IVShmemState *s); + static void ivshmem_reset(DeviceState *d) { IVShmemState *s =3D IVSHMEM_COMMON(d); =20 + ivshmem_disable_irqfd(s); + s->intrstatus =3D 0; s->intrmask =3D 0; if (ivshmem_has_feature(s, IVSHMEM_MSI)) { --=20 2.13.6