Re: [Qemu-devel] [PATCH v4 00/30] virtio: cleanup, fix hot-unplug, move to realize

[Paolo Bonzini]

Il 29/11/2013 11:17, Paolo Bonzini ha scritto:
> This series fixes hot-unplug of virtio devices, which can crash due to
> dangling pointer accesses.
> 
> The current implementation supports guest-initiated hot-unplug via the
> virtio_bus_destroy_device function, but not hot-unplugging the virtio
> device by virtue of unplugging its parent container device.
> 
> The problem is that the callback for the bus implementation to cleanup
> is placed in the wrong place; it is in virtio_bus_destroy_device, which
> should be called by the bus, instead of being somewhere in device code.
> We need to have the callback in device code (for example in dc->exit),
> so that we invoke it on every unplug action, no matter who starts it.
> 
> Thus, the series cleans up plugging and unplugging of virtio devices
> so that it does not need any help from the bus (patches 2-5).  It then
> stops the virtio devices' overriding of dc->exit, moving their cleanup
> code to the new exit callback in VirtioDeviceClass (patches 6-11).
> Finally, patch 12 can make virtio-pci implement the device_unplugged
> callback.
> 
> A similar dangling-pointer bug is exposed by this change in virtio-ccw.
> Patch 1 avoids this; it is kept at the beginning to ensure bisectability.
> 
> Patches 13-30 are Andreas's conversion of virtio to realize/unrealize,
> which has better error propagation as shown by the small testcase fix.

Conny,

I pushed this to github at git://github.com/bonzini/qemu.git, branch
refs/heads/virtio.

It would be great if you can give it a test in case I screwed up a rebase.

Paolo