aboutsummaryrefslogtreecommitdiff
path: root/util
diff options
context:
space:
mode:
authorStefan Hajnoczi <stefanha@redhat.com>2023-04-26 17:26:39 -0400
committerStefan Hajnoczi <stefanha@redhat.com>2023-08-30 07:39:59 -0400
commit87ec6f55af38e29be5b2b65a8acf84da73e06d06 (patch)
treea8a63419dadb9c1e678d45d669c4abcf18662b76 /util
parente2f938265e0aa8486303d260f3cb13d5bb9e9d6a (diff)
downloadqemu-87ec6f55af38e29be5b2b65a8acf84da73e06d06.zip
qemu-87ec6f55af38e29be5b2b65a8acf84da73e06d06.tar.gz
qemu-87ec6f55af38e29be5b2b65a8acf84da73e06d06.tar.bz2
aio-posix: zero out io_uring sqe user_data
liburing does not clear sqe->user_data. We must do it ourselves to avoid undefined behavior in process_cqe() when user_data is used. Note that fdmon-io_uring is currently disabled, so this is a latent bug that does not affect users. Let's merge this fix now to make it easier to enable fdmon-io_uring in the future (and I'm working on that). Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-ID: <20230426212639.82310-1-stefanha@redhat.com>
Diffstat (limited to 'util')
-rw-r--r--util/fdmon-io_uring.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/util/fdmon-io_uring.c b/util/fdmon-io_uring.c
index 17ec18b..16054c5 100644
--- a/util/fdmon-io_uring.c
+++ b/util/fdmon-io_uring.c
@@ -184,6 +184,7 @@ static void add_poll_remove_sqe(AioContext *ctx, AioHandler *node)
#else
io_uring_prep_poll_remove(sqe, node);
#endif
+ io_uring_sqe_set_data(sqe, NULL);
}
/* Add a timeout that self-cancels when another cqe becomes ready */
@@ -197,6 +198,7 @@ static void add_timeout_sqe(AioContext *ctx, int64_t ns)
sqe = get_sqe(ctx);
io_uring_prep_timeout(sqe, &ts, 1, 0);
+ io_uring_sqe_set_data(sqe, NULL);
}
/* Add sqes from ctx->submit_list for submission */
generated by cgit v1.1 at 2024-09-27 16:27:33 +0000