diff mbox series

xen-block: fix segv on unrealize

Message ID 20230606131605.55596-1-anthony.perard@citrix.com (mailing list archive)
State New, archived
Headers show
Series xen-block: fix segv on unrealize | expand

Commit Message

Anthony PERARD June 6, 2023, 1:16 p.m. UTC 
From: Anthony PERARD <anthony.perard@citrix.com>

Backtrace:
  qemu_lockcnt_lock (lockcnt=0xb4) at ../util/lockcnt.c:238
  aio_set_fd_handler (ctx=0x0, fd=51, is_external=true, io_read=0x0, io_write=0x0, io_poll=0x0, io_poll_ready=0x0, opaque=0x0) at ../util/aio-posix.c:119
  xen_device_unbind_event_channel (xendev=0x55c6da5b5000, channel=0x55c6da6c4c80, errp=0x7fff641ac608) at ../hw/xen/xen-bus.c:926
  xen_block_dataplane_stop (dataplane=0x55c6da6ddbe0) at ../hw/block/dataplane/xen-block.c:719
  xen_block_disconnect (xendev=0x55c6da5b5000, errp=0x0) at ../hw/block/xen-block.c:48
  xen_block_unrealize (xendev=0x55c6da5b5000) at ../hw/block/xen-block.c:154
  xen_device_unrealize (dev=0x55c6da5b5000) at ../hw/xen/xen-bus.c:956
  xen_device_exit (n=0x55c6da5b50d0, data=0x0) at ../hw/xen/xen-bus.c:985
  notifier_list_notify (list=0x55c6d91f9820 <exit_notifiers>, data=0x0) at ../util/notify.c:39
  qemu_run_exit_notifiers () at ../softmmu/runstate.c:760

Fixes: f6eac904f682 ("xen-block: implement BlockDevOps->drained_begin()")
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
--
CC: Stefan Hajnoczi <stefanha@redhat.com>
---
 hw/xen/xen-bus.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

Comments

Philippe Mathieu-Daudé June 6, 2023, 1:44 p.m. UTC | #1 
On 6/6/23 15:16, Anthony PERARD via wrote:
> From: Anthony PERARD <anthony.perard@citrix.com>
> 
> Backtrace:
>    qemu_lockcnt_lock (lockcnt=0xb4) at ../util/lockcnt.c:238
>    aio_set_fd_handler (ctx=0x0, fd=51, is_external=true, io_read=0x0, io_write=0x0, io_poll=0x0, io_poll_ready=0x0, opaque=0x0) at ../util/aio-posix.c:119
>    xen_device_unbind_event_channel (xendev=0x55c6da5b5000, channel=0x55c6da6c4c80, errp=0x7fff641ac608) at ../hw/xen/xen-bus.c:926
>    xen_block_dataplane_stop (dataplane=0x55c6da6ddbe0) at ../hw/block/dataplane/xen-block.c:719
>    xen_block_disconnect (xendev=0x55c6da5b5000, errp=0x0) at ../hw/block/xen-block.c:48
>    xen_block_unrealize (xendev=0x55c6da5b5000) at ../hw/block/xen-block.c:154
>    xen_device_unrealize (dev=0x55c6da5b5000) at ../hw/xen/xen-bus.c:956
>    xen_device_exit (n=0x55c6da5b50d0, data=0x0) at ../hw/xen/xen-bus.c:985
>    notifier_list_notify (list=0x55c6d91f9820 <exit_notifiers>, data=0x0) at ../util/notify.c:39
>    qemu_run_exit_notifiers () at ../softmmu/runstate.c:760
> 
> Fixes: f6eac904f682 ("xen-block: implement BlockDevOps->drained_begin()")
> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
> --
> CC: Stefan Hajnoczi <stefanha@redhat.com>
> ---
>   hw/xen/xen-bus.c | 6 ++++--
>   1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/hw/xen/xen-bus.c b/hw/xen/xen-bus.c
> index 1e08cf027a..ece8ec40cd 100644
> --- a/hw/xen/xen-bus.c
> +++ b/hw/xen/xen-bus.c
> @@ -923,8 +923,10 @@ void xen_device_unbind_event_channel(XenDevice *xendev,
>   
>       QLIST_REMOVE(channel, list);
>   
> -    aio_set_fd_handler(channel->ctx, qemu_xen_evtchn_fd(channel->xeh),
> -                       NULL, NULL, NULL, NULL, NULL);
> +    if (channel->ctx) {
> +        aio_set_fd_handler(channel->ctx, qemu_xen_evtchn_fd(channel->xeh),
> +                           NULL, NULL, NULL, NULL, NULL);
> +    }
>   
>       if (qemu_xen_evtchn_unbind(channel->xeh, channel->local_port) < 0) {
>           error_setg_errno(errp, errno, "xenevtchn_unbind failed");

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Stefan Hajnoczi June 6, 2023, 2:10 p.m. UTC | #2 
Sorry!

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
diff mbox series

Patch

diff --git a/hw/xen/xen-bus.c b/hw/xen/xen-bus.c
index 1e08cf027a..ece8ec40cd 100644
--- a/hw/xen/xen-bus.c
+++ b/hw/xen/xen-bus.c
@@ -923,8 +923,10 @@  void xen_device_unbind_event_channel(XenDevice *xendev,
 
     QLIST_REMOVE(channel, list);
 
-    aio_set_fd_handler(channel->ctx, qemu_xen_evtchn_fd(channel->xeh),
-                       NULL, NULL, NULL, NULL, NULL);
+    if (channel->ctx) {
+        aio_set_fd_handler(channel->ctx, qemu_xen_evtchn_fd(channel->xeh),
+                           NULL, NULL, NULL, NULL, NULL);
+    }
 
     if (qemu_xen_evtchn_unbind(channel->xeh, channel->local_port) < 0) {
         error_setg_errno(errp, errno, "xenevtchn_unbind failed");