From nobody Tue Feb 10 17:31:23 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1511156666701365.3035242076247; Sun, 19 Nov 2017 21:44:26 -0800 (PST) Received: from localhost ([::1]:55506 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eGesO-0001f2-Az for importer@patchew.org; Mon, 20 Nov 2017 00:44:12 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:60636) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eGer5-00010x-5I for qemu-devel@nongnu.org; Mon, 20 Nov 2017 00:42:52 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eGer4-0004AW-4W for qemu-devel@nongnu.org; Mon, 20 Nov 2017 00:42:51 -0500 Received: from ozlabs.org ([2401:3900:2:1::2]:45883) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eGer3-0004A0-Bz; Mon, 20 Nov 2017 00:42:50 -0500 Received: by ozlabs.org (Postfix, from userid 1007) id 3ygHg71Jn2z9s71; Mon, 20 Nov 2017 16:42:42 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gibson.dropbear.id.au; s=201602; t=1511156563; bh=Kgvcm4+463avMLqw4CxX+ZHg+eQXEM4N99eX3UqSa/c=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=pDM0DVz/yqaptUakBSE2ASjNs8fZsoud/dwPTzQJFsEFpz3sEYkiIp/B7J436ie2d Wj92OivGGQlKWbMMI3bS6r6f+FS5tcm2Caqkhg4g39fZTKC2JxFImUJfJeWwVjfey+ O0QxZc2cdMkdqtUdZQvJfRSJCRPIeLCHoeIQzGlw= From: David Gibson To: peter.maydell@linaro.org Date: Mon, 20 Nov 2017 16:42:39 +1100 Message-Id: <20171120054239.8739-3-david@gibson.dropbear.id.au> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20171120054239.8739-1-david@gibson.dropbear.id.au> References: <20171120054239.8739-1-david@gibson.dropbear.id.au> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2401:3900:2:1::2 Subject: [Qemu-devel] [PULL 2/2] spapr: reset DRCs after devices X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-devel@nongnu.org, David Gibson , qemu-ppc@nongnu.org, agraf@suse.de, groug@kaod.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Greg Kurz A DRC with a pending unplug request releases its associated device at machine reset time. In the case of LMB, when all DRCs for a DIMM device have been reset, the DIMM gets unplugged, causing guest memory to disappear. This may be very confusing for anything still using this memory. This is exactly what happens with vhost backends, and QEMU aborts with: qemu-system-ppc64: used ring relocated for ring 2 qemu-system-ppc64: qemu/hw/virtio/vhost.c:649: vhost_commit: Assertion `r >=3D 0' failed. The issue is that each DRC registers a QEMU reset handler, and we don't control the order in which these handlers are called (ie, a LMB DRC will unplug a DIMM before the virtio device using the memory on this DIMM could stop its vhost backend). To avoid such situations, let's reset DRCs after all devices have been reset. Reported-by: Mallesh N. Koti Signed-off-by: Greg Kurz Reviewed-by: Daniel Henrique Barboza Reviewed-by: Michael Roth Signed-off-by: David Gibson --- hw/ppc/spapr.c | 21 +++++++++++++++++++++ hw/ppc/spapr_drc.c | 7 ------- 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 6841bd294b..6285f7211f 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1411,6 +1411,19 @@ static void find_unknown_sysbus_device(SysBusDevice = *sbdev, void *opaque) } } =20 +static int spapr_reset_drcs(Object *child, void *opaque) +{ + sPAPRDRConnector *drc =3D + (sPAPRDRConnector *) object_dynamic_cast(child, + TYPE_SPAPR_DR_CONNECTOR); + + if (drc) { + spapr_drc_reset(drc); + } + + return 0; +} + static void ppc_spapr_reset(void) { MachineState *machine =3D MACHINE(qdev_get_machine()); @@ -1434,6 +1447,14 @@ static void ppc_spapr_reset(void) } =20 qemu_devices_reset(); + + /* DRC reset may cause a device to be unplugged. This will cause troub= les + * if this device is used by another device (eg, a running vhost backe= nd + * will crash QEMU if the DIMM holding the vring goes away). To avoid = such + * situations, we reset DRCs after all devices have been reset. + */ + object_child_foreach_recursive(object_get_root(), spapr_reset_drcs, NU= LL); + spapr_clear_pending_events(spapr); =20 /* diff --git a/hw/ppc/spapr_drc.c b/hw/ppc/spapr_drc.c index 915e9b51c4..e3b122968e 100644 --- a/hw/ppc/spapr_drc.c +++ b/hw/ppc/spapr_drc.c @@ -455,11 +455,6 @@ void spapr_drc_reset(sPAPRDRConnector *drc) } } =20 -static void drc_reset(void *opaque) -{ - spapr_drc_reset(SPAPR_DR_CONNECTOR(opaque)); -} - bool spapr_drc_needed(void *opaque) { sPAPRDRConnector *drc =3D (sPAPRDRConnector *)opaque; @@ -518,7 +513,6 @@ static void realize(DeviceState *d, Error **errp) } vmstate_register(DEVICE(drc), spapr_drc_index(drc), &vmstate_spapr_drc, drc); - qemu_register_reset(drc_reset, drc); trace_spapr_drc_realize_complete(spapr_drc_index(drc)); } =20 @@ -529,7 +523,6 @@ static void unrealize(DeviceState *d, Error **errp) gchar *name; =20 trace_spapr_drc_unrealize(spapr_drc_index(drc)); - qemu_unregister_reset(drc_reset, drc); vmstate_unregister(DEVICE(drc), &vmstate_spapr_drc, drc); root_container =3D container_get(object_get_root(), DRC_CONTAINER_PATH= ); name =3D g_strdup_printf("%x", spapr_drc_index(drc)); --=20 2.14.3