From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefano Stabellini Subject: RE: [PATCH]vtd: Fix for irq bind failure after PCI attaching 32 times Date: Thu, 27 Jan 2011 11:16:00 +0000 Message-ID: References: <1A42CE6F5F474C41B63392A5F80372B231F6DFF6@shsmsx501.ccr.corp.intel.com> <1A42CE6F5F474C41B63392A5F80372B231F6E499@shsmsx501.ccr.corp.intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Return-path: In-Reply-To: <1A42CE6F5F474C41B63392A5F80372B231F6E499@shsmsx501.ccr.corp.intel.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: "Zhang, Fengzhe" Cc: "xen-devel@lists.xensource.com" , "Zhang, Xiantao" , Stefano Stabellini List-Id: xen-devel@lists.xenproject.org On Thu, 27 Jan 2011, Zhang, Fengzhe wrote: > Hi, Stefano, > > Here is the calling graph that cause the bug: > > unregister_real_device (ioemu) > | > +----> pt_msix_disable (ioemu) > | > +----> xc_domain_unbind_msi_irq (ioemu) > | | > | +----> do_domctl (xen) ----> arch_do_domctl (xen) ----> pt_irq_destroy_bind_vtd (xen) > | | > | +----> unmap_domain_pirq_emuirq (xen) //freed pirq_to_emuirq > | > +----> xc_physdev_unmap_pirq (ioemu) > | > +----> do_physdev_op (xen) > | > +----> physdev_unmap_pirq (xen) > | > +----> unmap_domain_pirq_emuirq (xen) //found pirq_to_emuirq already freed, abort > | > +----> unmap_domain_pirq (xen) //not called > > The code path you mentioned is not taken for VF dev as its ptdev->machine_irq is 0. > Thank you for the clarification. I think your patch is correct and should be applied. I was just wondering if it is possible to think of another scenario that would trigger the same kind of bug calling several times pt_reset_interrupt_and_io_mapping in ioemu, because it seems to me that there is no xc_physdev_unmap_pirq call there if ptdev->machine_irq != 0.