From: Greg Kurz Date: Fri, 18 Dec 2020 10:33:58 +0000 (+0100) Subject: spapr: Use spapr_drc_reset_all() at machine reset X-Git-Tag: qemu-xen-4.16.0-rc4~409^2~9 X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=1105504100c0768d15d862acca8561e1d8d66211;p=qemu-xen.git spapr: Use spapr_drc_reset_all() at machine reset Documentation of object_child_foreach_recursive() clearly stipulates that "it is forbidden to add or remove children from @obj from the @fn callback". But this is exactly what we do during machine reset. The call to spapr_drc_reset() can finalize the hot-unplug sequence of a PHB or a PCI bridge, both of which will then in turn destroy their PCI DRCs. This could potentially invalidate the iterator used by do_object_child_foreach(). It is pure luck that this haven't caused any issues so far. Use spapr_drc_reset_all() since it can cope with DRC removal. Signed-off-by: Greg Kurz Message-Id: <20201218103400.689660-5-groug@kaod.org> Reviewed-by: Daniel Henrique Barboza Tested-by: Daniel Henrique Barboza Signed-off-by: David Gibson --- diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 9f89b1c298..2c403b574e 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1566,19 +1566,6 @@ void spapr_setup_hpt(SpaprMachineState *spapr) } } -static int spapr_reset_drcs(Object *child, void *opaque) -{ - SpaprDrc *drc = - (SpaprDrc *) object_dynamic_cast(child, - TYPE_SPAPR_DR_CONNECTOR); - - if (drc) { - spapr_drc_reset(drc); - } - - return 0; -} - static void spapr_machine_reset(MachineState *machine) { SpaprMachineState *spapr = SPAPR_MACHINE(machine); @@ -1633,7 +1620,7 @@ static void spapr_machine_reset(MachineState *machine) * will crash QEMU if the DIMM holding the vring goes away). To avoid such * situations, we reset DRCs after all devices have been reset. */ - object_child_foreach_recursive(object_get_root(), spapr_reset_drcs, NULL); + spapr_drc_reset_all(spapr); spapr_clear_pending_events(spapr);