commit a65179dedd6415134029de00a17c218af647fb1a
Author:     Roger Pau Monné <[hidden email]>
AuthorDate: Wed May 16 16:28:46 2018 +0200
Commit:     Jan Beulich <[hidden email]>
CommitDate: Wed May 16 16:28:46 2018 +0200

    vpci/msi: fix unbind loop
    The current unbind loop on failure in vpci_msi_enable is wrong and
    will only work correctly if the initial pirq is 0. Fix this by adding
    a proper bound.
    Reported-by: Jan Beulich <[hidden email]>
    Signed-off-by: Roger Pau Monné <[hidden email]>
    Reviewed-by: Jan Beulich <[hidden email]>
    Release-acked-by: Juergen Gross <[hidden email]>
 xen/arch/x86/hvm/vmsi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xen/arch/x86/hvm/vmsi.c b/xen/arch/x86/hvm/vmsi.c
index 900d4f67d4..5ab7387d78 100644
--- a/xen/arch/x86/hvm/vmsi.c
+++ b/xen/arch/x86/hvm/vmsi.c
@@ -710,7 +710,7 @@ static int vpci_msi_enable(const struct pci_dev *pdev, uint32_t data,
                      "%04x:%02x:%02x.%u: failed to bind PIRQ %u: %d\n",
                      pdev->seg, pdev->bus, PCI_SLOT(pdev->devfn),
                      PCI_FUNC(pdev->devfn), pirq + i, rc);
-            while ( bind.machine_irq-- )
+            while ( bind.machine_irq-- > pirq )
                 pt_irq_destroy_bind(pdev->domain, &bind);
             unmap_domain_pirq(pdev->domain, pirq);
