Only accesses to the MSI-X table must trigger a call to
msix_handle_mask_update or a notifier invocation.
Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx>
---
hw/msix.c | 16 ++++++++++------
1 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/hw/msix.c b/hw/msix.c
index 2c4de21..33cb716 100644
--- a/hw/msix.c
+++ b/hw/msix.c
@@ -264,18 +264,22 @@ static void msix_mmio_write(void *opaque, target_phys_addr_t addr,
{
PCIDevice *dev = opaque;
unsigned int offset = addr & (MSIX_PAGE_SIZE - 1) & ~0x3;
- int vector = offset / PCI_MSIX_ENTRY_SIZE;
+ unsigned int vector = offset / PCI_MSIX_ENTRY_SIZE;
int was_masked = msix_is_masked(dev, vector);
pci_set_long(dev->msix_table_page + offset, val);
if (kvm_enabled() && kvm_irqchip_in_kernel()) {
kvm_msix_update(dev, vector, was_masked, msix_is_masked(dev, vector));
}
- if (was_masked != msix_is_masked(dev, vector) && dev->msix_mask_notifier) {
- int r = dev->msix_mask_notifier(dev, vector,
- msix_is_masked(dev, vector));
- assert(r >= 0);
+
+ if (vector < dev->msix_entries_nr) {
+ if (was_masked != msix_is_masked(dev, vector) &&
+ dev->msix_mask_notifier) {
+ int r = dev->msix_mask_notifier(dev, vector,
+ msix_is_masked(dev, vector));
+ assert(r >= 0);
+ }
+ msix_handle_mask_update(dev, vector);
}
- msix_handle_mask_update(dev, vector);
}
static const MemoryRegionOps msix_mmio_ops = {
--
1.7.3.4
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
