Project

General

Profile

Bug #12925

Updated by Jason King over 1 year ago

If a virtio device fails to attach and calls @virtio_fini(vio, B_TRUE)@, the following sequence occurs: 

 <pre> 
 void 
 virtio_fini(virtio_t *vio, boolean_t failed) 
 { 
	 mutex_enter(&vio->vio_mutex); 
 ... 
	 if (failed) { 
		 /* 
		  * Signal to the host that device setup failed. 
		  */ 
		 virtio_set_status(vio, VIRTIO_STATUS_FAILED); 
	 } else { 
		 virtio_device_reset_locked(vio); 
	 } 
 ... 
 static void 
 virtio_set_status(virtio_t *vio, uint8_t status) 
 { 
	 VERIFY3U(status, !=, 0); 

	 mutex_enter(&vio->vio_mutex); 

	 uint8_t old = virtio_get8(vio, VIRTIO_LEGACY_DEVICE_STATUS); 
	 virtio_put8(vio, VIRTIO_LEGACY_DEVICE_STATUS, status | old); 

	 mutex_exit(&vio->vio_mutex); 
 } 
 </pre> 

 I'm not sure if we can just drop the mutex prior to the call to virtio_set_status() (and let it reacquire it), or if we just need to have a locked path when updating the status and hold the mutex. 

 Additionally, the @d_errstats@ are never cleaned up -- @bd_detach@ never gets called on attach failure, so the code to release the memory is never called.

Back