[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[RFC PATCH v11bis 18/26] hw/xen: Avoid crash when backend watch fires to
|
From: |
David Woodhouse |
|
Subject: |
[RFC PATCH v11bis 18/26] hw/xen: Avoid crash when backend watch fires too early |
|
Date: |
Thu, 16 Feb 2023 09:44:28 +0000 |
From: Paul Durrant <pdurrant@amazon.com>
The xen-block code ends up calling aio_poll() through blkconf_geometry(),
which means we see watch events during the indirect call to
xendev_class->realize() in xen_device_realize(). Unfortunately this call
is made before populating the initial frontend and backend device nodes
in xenstore and hence xen_block_frontend_changed() (which is called from
a watch event) fails to read the frontend's 'state' node, and hence
believes the device is being torn down. This in-turn sets the backend
state to XenbusStateClosed and causes the device to be deleted before it
is fully set up, leading to the crash.
By simply moving the call to xendev_class->realize() after the initial
xenstore nodes are populated, this sorry state of affairs is avoided.
Reported-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Paul Durrant <pdurrant@amazon.com>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
---
hw/xen/xen-bus.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/hw/xen/xen-bus.c b/hw/xen/xen-bus.c
index e8d9adeb3e..83121c5a43 100644
--- a/hw/xen/xen-bus.c
+++ b/hw/xen/xen-bus.c
@@ -1031,13 +1031,6 @@ static void xen_device_realize(DeviceState *dev, Error
**errp)
goto unrealize;
}
- if (xendev_class->realize) {
- xendev_class->realize(xendev, errp);
- if (*errp) {
- goto unrealize;
- }
- }
-
xen_device_backend_printf(xendev, "frontend", "%s",
xendev->frontend_path);
xen_device_backend_printf(xendev, "frontend-id", "%u",
@@ -1056,6 +1049,13 @@ static void xen_device_realize(DeviceState *dev, Error
**errp)
xen_device_frontend_set_state(xendev, XenbusStateInitialising, true);
}
+ if (xendev_class->realize) {
+ xendev_class->realize(xendev, errp);
+ if (*errp) {
+ goto unrealize;
+ }
+ }
+
xendev->exit.notify = xen_device_exit;
qemu_add_exit_notifier(&xendev->exit);
return;
--
2.39.0
- [RFC PATCH v11bis 00/26] Emulated XenStore and PV backend support, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 23/26] hw/xen: Map guest XENSTORE_PFN grant in emulated Xenstore, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 18/26] hw/xen: Avoid crash when backend watch fires too early,
David Woodhouse <=
- [RFC PATCH v11bis 24/26] hw/xen: Implement soft reset for emulated gnttab, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 15/26] hw/xen: Use XEN_PAGE_SIZE in PV backend drivers, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 17/26] hw/xen: Build PV backend drivers for CONFIG_XEN_BUS, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 25/26] hw/xen: Subsume xen_be_register_common() into xen_be_init(), David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 21/26] hw/xen: Add emulated implementation of grant table operations, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 19/26] hw/xen: Only advertise ring-page-order for xen-block if gnttab supports it, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 14/26] hw/xen: Move xenstore_store_pv_console_info to xen_console.c, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 04/26] hw/xen: Implement XenStore transactions, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 26/26] i386/xen: Initialize Xen backends from pc_basic_device_init() for emulation, David Woodhouse, 2023/02/16
- [RFC PATCH v11bis 06/26] xenstore perms WIP, David Woodhouse, 2023/02/16