On 7/27/20 8:33 AM, Laurent Vivier wrote:
> In legacy mode, virtio_pci_queue_enabled() falls back to
> virtio_queue_enabled() to know if the queue is enabled.
>
> But virtio_queue_enabled() calls again virtio_pci_queue_enabled()
> if k->queue_enabled is set. This ends in a crash after a stack
> overflow.
>
> The problem can be reproduced with
> "-device virtio-net-pci,disable-legacy=off,disable-modern=true
> -net tap,vhost=on"
>
> And a look to the backtrace is very explicit:
>
> ...
> #4 0x000000010029a438 in virtio_queue_enabled ()
> #5 0x0000000100497a9c in virtio_pci_queue_enabled ()
> ...
> #130902 0x000000010029a460 in virtio_queue_enabled ()
> #130903 0x0000000100497a9c in virtio_pci_queue_enabled ()
> #130904 0x000000010029a460 in virtio_queue_enabled ()
> #130905 0x0000000100454a20 in vhost_net_start ()
> ...
>
> This patch fixes the problem by introducing a new function
> for the legacy case and calls it from virtio_pci_queue_enabled().
> It also calls it from virtio_queue_enabled() to avoid code duplication.
>
> Fixes: f19bcdfedd53 ("virtio-pci: implement queue_enabled method")
> Cc: Jason Wang <jasow...@redhat.com>
> Cc: Cindy Lu <l...@redhat.com>
> CC: Michael S. Tsirkin <m...@redhat.com>
> Signed-off-by: Laurent Vivier <lviv...@redhat.com>
> ---
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
r~
