[RFC] qemu: fix hot remove assigned device

Message ID	1244481435-17224-1-git-send-email-weidong.han@intel.com (mailing list archive)
State	New, archived
Headers	show Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by demeter.kernel.org (8.14.2/8.14.2) with ESMTP id n589IEPh005843 for <patchwork-kvm@patchwork.kernel.org>; Mon, 8 Jun 2009 09:18:14 GMT From: Weidong Han <weidong.han@intel.com> To: avi@redhat.com, paul@codesourcery.com Cc: kvm@vger.kernel.org, Weidong Han <weidong.han@intel.com> Subject: [PATCH RFC] qemu: fix hot remove assigned device Date: Tue, 9 Jun 2009 01:17:15 +0800 Message-Id: <1244481435-17224-1-git-send-email-weidong.han@intel.com> Sender: kvm-owner@vger.kernel.org Precedence: bulk

Message ID

1244481435-17224-1-git-send-email-weidong.han@intel.com (mailing list archive)

State

New, archived

Headers

From: Weidong Han <weidong.han@intel.com>
To: avi@redhat.com, paul@codesourcery.com
Cc: kvm@vger.kernel.org, Weidong Han <weidong.han@intel.com>
Subject: [PATCH RFC] qemu: fix hot remove assigned device
Date: Tue,  9 Jun 2009 01:17:15 +0800
Message-Id: <1244481435-17224-1-git-send-email-weidong.han@intel.com>
Sender: kvm-owner@vger.kernel.org
Precedence: bulk

Commit Message

Han, Weidong June 8, 2009, 5:17 p.m. UTC

When hot remove an assigned device, segmentation fault was triggered
by qemu_free(&pci_dev->qdev) in pci_unregister_device().
pci_register_device() doesn't initialize or set pci_dev->qdev. For an
assigned device, qdev variable isn't touched at all. So segmentation
fault happens when to free a non-initialized qdev.

Paul,
you introduced the code to free qdev in pci_unregiser_device. Did you
miss something?

Following patch changes the code back to free pci_dev, and fixes the
hot remove issue.

Signed-off-by: Weidong Han <weidong.han@intel.com>
---
 hw/pci.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

Comments

Paul Brook June 8, 2009, 2:38 p.m. UTC | #1

On Monday 08 June 2009, Weidong Han wrote:
> When hot remove an assigned device, segmentation fault was triggered
> by qemu_free(&pci_dev->qdev) in pci_unregister_device().
> pci_register_device() doesn't initialize or set pci_dev->qdev. For an
> assigned device, qdev variable isn't touched at all. So segmentation
> fault happens when to free a non-initialized qdev.

Better would be to just disable hot remove for devices still using the legacy 
pci_register_device API.

Paul
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Han, Weidong June 9, 2009, 2:45 a.m. UTC | #2

Paul Brook wrote:
> On Monday 08 June 2009, Weidong Han wrote:
>> When hot remove an assigned device, segmentation fault was triggered
>> by qemu_free(&pci_dev->qdev) in pci_unregister_device().
>> pci_register_device() doesn't initialize or set pci_dev->qdev. For an
>> assigned device, qdev variable isn't touched at all. So segmentation
>> fault happens when to free a non-initialized qdev.
> 
> Better would be to just disable hot remove for devices still using
> the legacy pci_register_device API.
> 

PCI passthrough uses pci_register_device to register assigned device to qemu. Is there newer API to do so?

Regards,
Weidong

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Paul Brook June 9, 2009, 2:51 p.m. UTC | #3

On Tuesday 09 June 2009, Han, Weidong wrote:
> Paul Brook wrote:
> > On Monday 08 June 2009, Weidong Han wrote:
> >> When hot remove an assigned device, segmentation fault was triggered
> >> by qemu_free(&pci_dev->qdev) in pci_unregister_device().
> >> pci_register_device() doesn't initialize or set pci_dev->qdev. For an
> >> assigned device, qdev variable isn't touched at all. So segmentation
> >> fault happens when to free a non-initialized qdev.
> >
> > Better would be to just disable hot remove for devices still using
> > the legacy pci_register_device API.
>
> PCI passthrough uses pci_register_device to register assigned device to
> qemu. Is there newer API to do so?

Yes. See e.g. LSI scsi emulation.

Paul
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Gerd Hoffmann June 9, 2009, 3:37 p.m. UTC | #4

On 06/09/09 16:51, Paul Brook wrote:
> On Tuesday 09 June 2009, Han, Weidong wrote:
>> Paul Brook wrote:
>>> On Monday 08 June 2009, Weidong Han wrote:
>>>> When hot remove an assigned device, segmentation fault was triggered
>>>> by qemu_free(&pci_dev->qdev) in pci_unregister_device().
>>>> pci_register_device() doesn't initialize or set pci_dev->qdev. For an
>>>> assigned device, qdev variable isn't touched at all. So segmentation
>>>> fault happens when to free a non-initialized qdev.
>>> Better would be to just disable hot remove for devices still using
>>> the legacy pci_register_device API.
>> PCI passthrough uses pci_register_device to register assigned device to
>> qemu. Is there newer API to do so?
>
> Yes. See e.g. LSI scsi emulation.

Well.  Except that you can't (yet) register pci config read/write 
callbacks using the qdev-based API.

cheers,
   Gerd

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/hw/pci.c b/hw/pci.c
index 25581a4..77d63d8 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -377,7 +377,7 @@  int pci_unregister_device(PCIDevice *pci_dev)
     qemu_free_irqs(pci_dev->irq);
     pci_irq_index--;
     pci_dev->bus->devices[pci_dev->devfn] = NULL;
-    qdev_free(&pci_dev->qdev);
+    qemu_free(pci_dev);
     return 0;
 }

[RFC] qemu: fix hot remove assigned device

Commit Message

Comments

Patch