aboutsummaryrefslogtreecommitdiff
path: root/include/hw/virtio
diff options
context:
space:
mode:
authorStefan Hajnoczi <stefanha@redhat.com>2020-11-02 16:57:09 +0000
committerMichael S. Tsirkin <mst@redhat.com>2020-11-03 16:39:05 -0500
commitb7c1bd9d78480481455678602c9a8505cc8adadd (patch)
tree99d11975694d364d0e2fef692ec0b1a614ae0bfa /include/hw/virtio
parent1bc211a166be2c98f98852124b6fdb61e0b0be32 (diff)
downloadqemu-b7c1bd9d78480481455678602c9a8505cc8adadd.zip
qemu-b7c1bd9d78480481455678602c9a8505cc8adadd.tar.gz
qemu-b7c1bd9d78480481455678602c9a8505cc8adadd.tar.bz2
Revert "vhost-blk: set features before setting inflight feature"
This reverts commit adb29c027341ba095a3ef4beef6aaef86d3a520e. The commit broke -device vhost-user-blk-pci because the vhost_dev_prepare_inflight() function it introduced segfaults in vhost_dev_set_features() when attempting to access struct vhost_dev's vdev pointer before it has been assigned. To reproduce the segfault simply launch a vhost-user-blk device with the contrib vhost-user-blk device backend: $ build/contrib/vhost-user-blk/vhost-user-blk -s /tmp/vhost-user-blk.sock -r -b /var/tmp/foo.img $ build/qemu-system-x86_64 \ -device vhost-user-blk-pci,id=drv0,chardev=char1,addr=4.0 \ -object memory-backend-memfd,id=mem,size=1G,share=on \ -M memory-backend=mem,accel=kvm \ -chardev socket,id=char1,path=/tmp/vhost-user-blk.sock Segmentation fault (core dumped) Cc: Jin Yu <jin.yu@intel.com> Cc: Raphael Norwitz <raphael.norwitz@nutanix.com> Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20201102165709.232180-1-stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Diffstat (limited to 'include/hw/virtio')
-rw-r--r--include/hw/virtio/vhost.h1
1 files changed, 0 insertions, 1 deletions
diff --git a/include/hw/virtio/vhost.h b/include/hw/virtio/vhost.h
index 839bfb1..9458506 100644
--- a/include/hw/virtio/vhost.h
+++ b/include/hw/virtio/vhost.h
@@ -141,7 +141,6 @@ void vhost_dev_reset_inflight(struct vhost_inflight *inflight);
void vhost_dev_free_inflight(struct vhost_inflight *inflight);
void vhost_dev_save_inflight(struct vhost_inflight *inflight, QEMUFile *f);
int vhost_dev_load_inflight(struct vhost_inflight *inflight, QEMUFile *f);
-int vhost_dev_prepare_inflight(struct vhost_dev *hdev);
int vhost_dev_set_inflight(struct vhost_dev *dev,
struct vhost_inflight *inflight);
int vhost_dev_get_inflight(struct vhost_dev *dev, uint16_t queue_size,