From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:43472)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1SeUBn-000499-3j
	for qemu-devel@nongnu.org; Tue, 12 Jun 2012 12:43:36 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1SeUBi-0006NE-AD
	for qemu-devel@nongnu.org; Tue, 12 Jun 2012 12:43:30 -0400
Received: from mail-pz0-f45.google.com ([209.85.210.45]:64773)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1SeUBi-0006JA-27
	for qemu-devel@nongnu.org; Tue, 12 Jun 2012 12:43:26 -0400
Received: by mail-pz0-f45.google.com with SMTP id v2so7789080dad.4
	for <qemu-devel@nongnu.org>; Tue, 12 Jun 2012 09:43:25 -0700 (PDT)
Sender: Paolo Bonzini <paolo.bonzini@gmail.com>
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 12 Jun 2012 18:42:42 +0200
Message-Id: <1339519362-18852-11-git-send-email-pbonzini@redhat.com>
In-Reply-To: <1339519362-18852-1-git-send-email-pbonzini@redhat.com>
References: <1339519362-18852-1-git-send-email-pbonzini@redhat.com>
Subject: [Qemu-devel] [PATCH 10/10] virtio-scsi: do not crash on adding
	buffers to the event queue
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Bryan Venteicher <bryanv@daemoninthecloset.org>

The event queue is not supported yet and the handler does not
have to do much anyway when buffers are added.  However, the
handler is called unconditionally by the virtio layer, and this
results in a crash as soon as buffers are added to the event
queue because we pass NULL.

Reported-by: Bryan Venteicher <bryanv@daemoninthecloset.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 hw/virtio-scsi.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/hw/virtio-scsi.c b/hw/virtio-scsi.c
index 5e39ce9..1841a71 100644
--- a/hw/virtio-scsi.c
+++ b/hw/virtio-scsi.c
@@ -405,6 +405,10 @@ static void virtio_scsi_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
     }
 }
 
+static void virtio_scsi_handle_event(VirtIODevice *vdev, VirtQueue *vq)
+{
+}
+
 static void virtio_scsi_command_complete(SCSIRequest *r, uint32_t status,
                                          size_t resid)
 {
@@ -609,7 +613,7 @@ VirtIODevice *virtio_scsi_init(DeviceState *dev, VirtIOSCSIConf *proxyconf)
     s->ctrl_vq = virtio_add_queue(&s->vdev, VIRTIO_SCSI_VQ_SIZE,
                                    virtio_scsi_handle_ctrl);
     s->event_vq = virtio_add_queue(&s->vdev, VIRTIO_SCSI_VQ_SIZE,
-                                   NULL);
+                                   virtio_scsi_handle_event);
     for (i = 0; i < s->conf->num_queues; i++) {
         s->cmd_vqs[i] = virtio_add_queue(&s->vdev, VIRTIO_SCSI_VQ_SIZE,
                                          virtio_scsi_handle_cmd);
-- 
1.7.10.2