From 640601c7cb1b6b41d3e1a435b986266c2b71e9bc Mon Sep 17 00:00:00 2001 From: Marc-André Lureau Date: Wed, 3 May 2017 20:54:12 +0400 Subject: libvhost-user: fix crash when rings aren't ready MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Calling libvhost-user functions like vu_queue_get_avail_bytes() when the queue doesn't yet have addresses will result in the crashes like the following: Program received signal SIGSEGV, Segmentation fault. 0x000055c414112ce4 in vring_avail_idx (vq=0x55c41582fd68, vq=0x55c41582fd68) at /home/dgilbert/git/qemu/contrib/libvhost-user/libvhost-user.c:940 940 vq->shadow_avail_idx = vq->vring.avail->idx; (gdb) p vq $1 = (VuVirtq *) 0x55c41582fd68 (gdb) p vq->vring $2 = {num = 0, desc = 0x0, avail = 0x0, used = 0x0, log_guest_addr = 0, flags = 0} at /home/dgilbert/git/qemu/contrib/libvhost-user/libvhost-user.c:940 No locals. at /home/dgilbert/git/qemu/contrib/libvhost-user/libvhost-user.c:960 num_heads = out_bytes=out_bytes@entry=0x7fffd035d7c4, max_in_bytes=max_in_bytes@entry=0, max_out_bytes=max_out_bytes@entry=0) at /home/dgilbert/git/qemu/contrib/libvhost-user/libvhost-user.c:1034 Add a pre-condition checks on vring.avail before accessing it. Fix documentation and return type of vu_queue_empty() while at it. Signed-off-by: Marc-André Lureau Tested-by: Dr. David Alan Gilbert Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin --- contrib/libvhost-user/libvhost-user.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'contrib/libvhost-user/libvhost-user.h') diff --git a/contrib/libvhost-user/libvhost-user.h b/contrib/libvhost-user/libvhost-user.h index 156b50e989..af02a31ebe 100644 --- a/contrib/libvhost-user/libvhost-user.h +++ b/contrib/libvhost-user/libvhost-user.h @@ -327,13 +327,13 @@ void vu_queue_set_notification(VuDev *dev, VuVirtq *vq, int enable); bool vu_queue_enabled(VuDev *dev, VuVirtq *vq); /** - * vu_queue_enabled: + * vu_queue_empty: * @dev: a VuDev context * @vq: a VuVirtq queue * - * Returns: whether the queue is empty. + * Returns: true if the queue is empty or not ready. */ -int vu_queue_empty(VuDev *dev, VuVirtq *vq); +bool vu_queue_empty(VuDev *dev, VuVirtq *vq); /** * vu_queue_notify: -- cgit 1.4.1