From: Andrew Melnychenko <andrew@daynix.com>
There is an issue when callback may be called with invalid vdev.
It happens on unplug when vdev already deleted and VirtIOPciProxy is not.
So now, callbacks accept proxy device, and vdev retrieved from it.
Technically memio callbacks should be removed during the flatview update,
but memoryregions remain til PCI device(and it's address space) completely deleted.
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1716352
Signed-off-by: Andrew Melnychenko <andrew@daynix.com>
---
hw/virtio/virtio-pci.c | 34 ++++++++++++++++++++++++----------
1 file changed, 24 insertions(+), 10 deletions(-)
diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
index 7bc8c1c056..904010f1cc 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
@@ -1321,11 +1321,12 @@ static uint64_t virtio_pci_notify_read(void *opaque, hwaddr addr,
static void virtio_pci_notify_write(void *opaque, hwaddr addr,
uint64_t val, unsigned size)
{
- VirtIODevice *vdev = opaque;
- VirtIOPCIProxy *proxy = VIRTIO_PCI(DEVICE(vdev)->parent_bus->parent);
+ VirtIOPCIProxy *proxy = opaque;
+ VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
unsigned queue = addr / virtio_pci_queue_mem_mult(proxy);
- if (queue < VIRTIO_QUEUE_MAX) {
+ if (vdev != NULL && queue < VIRTIO_QUEUE_MAX) {
virtio_queue_notify(vdev, queue);
}
}
@@ -1333,10 +1334,12 @@ static void virtio_pci_notify_write(void *opaque, hwaddr addr,
static void virtio_pci_notify_write_pio(void *opaque, hwaddr addr,
uint64_t val, unsigned size)
{
- VirtIODevice *vdev = opaque;
+ VirtIOPCIProxy *proxy = opaque;
+ VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
unsigned queue = val;
- if (queue < VIRTIO_QUEUE_MAX) {
+ if (vdev != NULL && queue < VIRTIO_QUEUE_MAX) {
virtio_queue_notify(vdev, queue);
}
}
@@ -1360,9 +1363,14 @@ static void virtio_pci_isr_write(void *opaque, hwaddr addr,
static uint64_t virtio_pci_device_read(void *opaque, hwaddr addr,
unsigned size)
{
- VirtIODevice *vdev = opaque;
+ VirtIOPCIProxy *proxy = opaque;
+ VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
uint64_t val = 0;
+ if (vdev == NULL) {
+ return val;
+ }
+
switch (size) {
case 1:
val = virtio_config_modern_readb(vdev, addr);
@@ -1380,7 +1388,13 @@ static uint64_t virtio_pci_device_read(void *opaque, hwaddr addr,
static void virtio_pci_device_write(void *opaque, hwaddr addr,
uint64_t val, unsigned size)
{
- VirtIODevice *vdev = opaque;
+ VirtIOPCIProxy *proxy = opaque;
+ VirtIODevice *vdev = virtio_bus_get_device(&proxy->bus);
+
+ if (vdev == NULL) {
+ return;
+ }
+
switch (size) {
case 1:
virtio_config_modern_writeb(vdev, addr, val);
@@ -1457,19 +1471,19 @@ static void virtio_pci_modern_regions_init(VirtIOPCIProxy *proxy)
memory_region_init_io(&proxy->device.mr, OBJECT(proxy),
&device_ops,
- virtio_bus_get_device(&proxy->bus),
+ proxy,
"virtio-pci-device",
proxy->device.size);
memory_region_init_io(&proxy->notify.mr, OBJECT(proxy),
¬ify_ops,
- virtio_bus_get_device(&proxy->bus),
+ proxy,
"virtio-pci-notify",
proxy->notify.size);
memory_region_init_io(&proxy->notify_pio.mr, OBJECT(proxy),
¬ify_pio_ops,
- virtio_bus_get_device(&proxy->bus),
+ proxy,
"virtio-pci-notify-pio",
proxy->notify_pio.size);
}
--
2.27.0