From mboxrd@z Thu Jan  1 00:00:00 1970
From: Amos Kong <akong@redhat.com>
Subject: [RFC] [PATCH v2] kvm tools: Make virt_queue__available return
 false if queue is not initialized.
Date: Sun, 10 Apr 2011 16:33:39 +0800
Message-ID: <20110410083339.GC3253@t400>
References: <1302411665-5349-1-git-send-email-asias.hejun@gmail.com>
 <BANLkTi=LR6NXqipSzzzPD-UcxX9AaVX-1Q@mail.gmail.com>
Reply-To: Amos Kong <akong@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Cc: Asias He <asias.hejun@gmail.com>,
	Cyrill Gorcunov <gorcunov@gmail.com>,
	Ingo Molnar <mingo@elte.hu>, kvm@vger.kernel.org
To: Pekka Enberg <penberg@kernel.org>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:10981 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753145Ab1DJIdv (ORCPT <rfc822;kvm@vger.kernel.org>);
	Sun, 10 Apr 2011 04:33:51 -0400
Content-Disposition: inline
In-Reply-To: <BANLkTi=LR6NXqipSzzzPD-UcxX9AaVX-1Q@mail.gmail.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>


virtio_console__inject_interrupt tries to use virt queues before guest
tell us to initialize them.

(gdb) r run -i linux-0.2.img -k ./vmlinuz-2.6.38-rc6+ -r ./initrd.img-2.6.38-rc6+ -p=init=1 -m 500 -c
Starting program: /project/rh/kvm-tools/tools/kvm/kvm run -i linux-0.2.img -k ./vmlinuz-2.6.38-rc6+ -r ./initrd.img-2.6.38-rc6+ -p=init=1 -m 500 -c
[Thread debugging using libthread_db enabled]
[New Thread 0x7fffd6e2d700 (LWP 19280)]
  Warning: request type 8

Program received signal SIGSEGV, Segmentation fault.
0x00000000004026ca in virt_queue__available (vq=0x60d3c8) at include/kvm/virtio.h:31
31              return vq->vring.avail->idx !=  vq->last_avail_idx;
(gdb)
(gdb) bt
(gdb) p *vq
$2 = {vring = {num = 0, desc = 0x0, avail = 0x0, used = 0x0}, pfn = 0, last_avail_idx = 0}

include/kvm/virtio-console.h:
 59 void virtio_console__inject_interrupt(struct kvm *self)
....
 71         if (term_readable(CONSOLE_VIRTIO) && virt_queue__available(vq)) {
 72                 head = virt_queue__get_iov(vq, iov, &out, &in, self);
                           ^^^^ then this block will not be executed if
                                virtio_queue is unavaiable.


Changes from v1:
- move the check of virt_queue out of virt_queue__get_iov()

Reported-by: Amos Kong <akong@redhat.com>
Signed-off-by: Asias He <asias.hejun@gmail.com>
Signed-off-by: Amos Kong <akong@redhat.com>

---
 tools/kvm/include/kvm/virtio.h |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/tools/kvm/include/kvm/virtio.h b/tools/kvm/include/kvm/virtio.h
index 9f892a1..c8ff376 100644
--- a/tools/kvm/include/kvm/virtio.h
+++ b/tools/kvm/include/kvm/virtio.h
@@ -28,6 +28,8 @@ static inline struct vring_desc *virt_queue__get_desc(struct virt_queue *queue,
 
 static inline bool virt_queue__available(struct virt_queue *vq)
 {
+        if (!vq->vring.avail)
+		 return 0;
 	return vq->vring.avail->idx !=  vq->last_avail_idx;
 }
 
-- 
1.7.1