OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
bd437c960f
qemu-e2k/hw
History
Yajun Wu bd437c960f vhost-user: Fix out of order vring host notification handling 
vhost backend sends host notification for every VQ. If backend creates
VQs in parallel, the VHOST_USER_SLAVE_VRING_HOST_NOTIFIER_MSG may
arrive to QEMU in different order than incremental queue index order.

For example VQ 1's message arrive earlier than VQ 0's:
After alloc VhostUserHostNotifier for VQ 1. GPtrArray becomes

    [ nil, VQ1 pointer ]

After alloc VhostUserHostNotifier for VQ 0. GPtrArray becomes

    [ VQ0 pointer, nil, VQ1 pointer ]

This is wrong. fetch_notifier will return NULL for VQ 1 in
vhost_user_get_vring_base, causes host notifier miss removal(leak).

The fix is to remove current element from GPtrArray, make the right
position for element to insert.

Fixes: 503e355465 ("virtio/vhost-user: dynamically assign VhostUserHostNotifiers")
Signed-off-by: Yajun Wu <yajunw@nvidia.com>
Acked-by: Parav Pandit <parav@nvidia.com>

Message-Id: <20221018023651.1359420-1-yajunw@nvidia.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-11-07 13:12:20 -05:00
..
9pfs Pull request 2022-10-25 11:37:17 -04:00
acpi acpi: fadt: support revision 6.0 of the ACPI specification 2022-11-07 13:12:19 -05:00
adc
alpha hw: Remove unused MAX_IDE_BUS define 2022-10-31 11:32:07 +01:00
arm acpi: arm/virt: madt: bump to revision 4 accordingly to ACPI 6.0 Errata A 2022-11-07 13:12:19 -05:00
audio
avr
block ppc patch queue for 2022-10-29: 2022-10-31 06:28:43 -04:00
char Drop useless casts from g_malloc() & friends to pointer 2022-10-22 23:15:40 +02:00
core virtio: core: vq reset feature negotation support 2022-11-07 13:12:20 -05:00
cpu
cris
cxl hw/cxl/cdat: CXL CDAT Data Object Exchange implementation 2022-11-07 13:12:19 -05:00
display Drop useless casts from g_malloc() & friends to pointer 2022-10-22 23:15:40 +02:00
dma treewide: Remove the unnecessary space before semicolon 2022-10-24 13:41:10 +02:00
gpio hw/gpio/meson: Introduce dedicated config switch for hw/gpio/mpc8xxx 2022-10-17 16:15:09 -03:00
hppa hw: Remove unused MAX_IDE_BUS define 2022-10-31 11:32:07 +01:00
hyperv hw/hyperv/hyperv.c: Use device_cold_reset() instead of device_legacy_reset() 2022-10-27 10:27:23 +01:00
i2c hw/i2c/aspeed: Fix old reg slave receive 2022-10-24 11:20:15 +02:00
i386 hw/i386/e820: remove legacy reserved entries for e820 2022-11-02 06:56:31 -04:00
ide hw/ppc/mac.h: Rename to include/hw/nvram/mac_nvram.h 2022-10-31 18:48:23 +00:00
input
intc hw/ppc/mac.h: Rename to include/hw/nvram/mac_nvram.h 2022-10-31 18:48:23 +00:00
ipack
ipmi ipmi:smbus: Add a check around a memcpy 2022-08-01 06:40:50 -05:00
isa hw/isa/piix4: Move pci_ide_create_devs() call to board code 2022-10-31 11:32:07 +01:00
loongarch hw/arm, loongarch: Move load_image_to_fw_cfg() to common location 2022-10-14 14:29:50 +10:00
m68k m68k/q800: do not re-randomize RNG seed on snapshot load 2022-10-27 11:34:31 +01:00
mem hw/mem/cxl-type3: Add CXL CDAT Data Object Exchange 2022-11-07 13:12:19 -05:00
microblaze hw/microblaze: pass random seed to fdt 2022-09-21 19:59:56 +02:00
mips hw/mips/malta: Use bootloader helper to set BAR registers 2022-10-31 11:32:56 +01:00
misc mac_nvram: Use NVRAM_SIZE constant 2022-10-31 18:48:23 +00:00
net virtio-net: enable vq reset feature 2022-11-07 13:12:20 -05:00
nios2 hw/nios2: set machine->fdt in nios2_load_dtb() 2022-10-17 16:15:10 -03:00
nubus
nvme hw/nvme: do not enable ioeventfd by default 2022-08-01 12:01:21 +02:00
nvram hw/ppc/mac.h: Rename to include/hw/nvram/mac_nvram.h 2022-10-31 18:48:23 +00:00
openrisc openrisc: re-randomize rng-seed on reboot 2022-10-27 11:34:31 +01:00
pci hw/pci: PCIe Data Object Exchange emulation 2022-11-07 13:12:19 -05:00
pci-bridge hw/pci-bridge/cxl-upstream: Add a CDAT table access DOE 2022-11-07 13:12:19 -05:00
pci-host hw/ppc/mac.h: Rename to include/hw/nvram/mac_nvram.h 2022-10-31 18:48:23 +00:00
pcmcia
ppc mac_newworld: Turn CORE99_VIA_CONFIG defines into an enum 2022-10-31 18:48:23 +00:00
rdma
remote Use g_new() & friends where that makes obvious sense 2022-10-04 00:10:11 +02:00
riscv riscv: re-randomize rng-seed on reboot 2022-10-27 11:34:31 +01:00
rtc goldfish_rtc: Add big-endian property 2022-09-04 07:02:56 +01:00
rx rx: re-randomize rng-seed on reboot 2022-10-27 11:34:31 +01:00
s390x * Fix and test the VISTR instruction on s390x 2022-10-31 06:19:54 -04:00
scsi hw/scsi/vmw_pvscsi.c: Use device_cold_reset() to reset SCSI devices 2022-10-18 13:58:04 +02:00
sd hw/sd/sdhci: Rename ESDHC_* defines to USDHC_* 2022-10-28 13:26:20 -03:00
sensor
sh4
smbios hw/smbios: support for type 8 (port connector) 2022-10-09 16:38:45 -04:00
sparc
sparc64 hw: Remove unused MAX_IDE_BUS define 2022-10-31 11:32:07 +01:00
ssi aspeed/smc: Cache AspeedSMCClass 2022-10-24 11:20:15 +02:00
timer target/imx: reload cmp timer outside of the reload ptimer transaction 2022-10-27 10:27:23 +01:00
tpm tpm_crb: Avoid backend startup just before shutdown under Xen 2022-09-09 17:55:59 -04:00
tricore
usb hw/usb: dev-mtp: Use g_mkdir() 2022-10-31 20:37:58 +00:00
vfio vfio/common: Fix vfio_iommu_type1_info use after free 2022-09-27 14:26:42 -06:00
virtio vhost-user: Fix out of order vring host notification handling 2022-11-07 13:12:20 -05:00
watchdog watchdog: remove -watchdog option 2022-09-29 11:40:28 +02:00
xen hw/xen: set pci Atomic Ops requests for passthrough device 2022-09-27 14:23:23 +01:00
xenpv
xtensa
Kconfig
meson.build