virtio spec says that devices must not touch VQs before DRIVER_OK is set. Additionally, balloon must not touch stats VQ unless the stats feature bit has been negotiated.
Cc: Ladi Prosek <lpro...@redhat.com> Signed-off-by: Michael S. Tsirkin <m...@redhat.com> --- hw/virtio/virtio-balloon.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c index 65457e9..7189260 100644 --- a/hw/virtio/virtio-balloon.c +++ b/hw/virtio/virtio-balloon.c @@ -427,6 +427,7 @@ static void virtio_balloon_vmstate_cb(void *opaque, int running, RunState state) { VirtIOBalloon *s = opaque; + VirtIODevice *vdev = VIRTIO_DEVICE(s); if (!running) { /* put the stats element back if the VM is not running */ @@ -436,7 +437,8 @@ static void virtio_balloon_vmstate_cb(void *opaque, int running, s->stats_vq_elem = NULL; } - } else { + } else if (balloon_stats_supported(s) && + (vdev->status & VIRTIO_CONFIG_S_DRIVER_OK)) { /* poll stats queue for the element we may have discarded * when the VM was stopped */ virtio_balloon_receive_stats(VIRTIO_DEVICE(s), s->svq); -- MST