@@ -905,8 +905,20 @@ static void vfio_disable_msi_common(VFIODevice *vdev)
static void vfio_disable_msix(VFIODevice *vdev)
{
+ int i;
+
msix_unset_vector_notifiers(&vdev->pdev);
+ /*
+ * MSI-X will only release vectors if MSI-X is still enabled on the
+ * device, check through the rest and release it ourselves if necessary.
+ */
+ for (i = 0; i < vdev->nr_vectors; i++) {
+ if (vdev->msi_vectors[i].use) {
+ vfio_msix_vector_release(&vdev->pdev, i);
+ }
+ }
+
if (vdev->nr_vectors) {
vfio_disable_irqindex(vdev, VFIO_PCI_MSIX_IRQ_INDEX);
}
We were relying on msix_unset_vector_notifiers() to release all the vectors when we disable MSI-X, but this only happens when MSI-X is still enabled on the device. Perform further cleanup by releasing any remaining vectors listed as in-use after this call. This caused a leak of IRQ routes on hotplug depending on how the guest OS prepared the device for removal. Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Cc: qemu-stable@nongnu.org --- hw/misc/vfio.c | 12 ++++++++++++ 1 file changed, 12 insertions(+)