While this is not expected to happen, it could still
be that a vhost_dev did not set its nvqs member.
Since `vhost_dev_start` access the device's vqs array
later without checking its size, it would cause a
Segmentation fault when nvqs is 0.
To avoid this `rare` case and made the code safer,
add a clause that ensures nvqs has been set, and
warn the user if it has not.
Signed-off-by: Albert Esteve <aest...@redhat.com>
---
hw/virtio/vhost.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
index e2f6ffb446..78805fe5b7 100644
--- a/hw/virtio/vhost.c
+++ b/hw/virtio/vhost.c
@@ -1935,6 +1935,11 @@ int vhost_dev_start(struct vhost_dev *hdev, VirtIODevice
*vdev, bool vrings)
hdev->started = true;
hdev->vdev = vdev;
+ if (!hdev->nvqs) {
+ error_report("device nvqs not set");
+ goto fail_nvqs;
+ }
+
r = vhost_dev_set_features(hdev, hdev->log_enabled);
if (r < 0) {
goto fail_features;
@@ -2028,6 +2033,7 @@ fail_mem:
if (vhost_dev_has_iommu(hdev)) {
memory_listener_unregister(&hdev->iommu_listener);
}
+fail_nvqs:
fail_features:
vdev->vhost_started = false;
hdev->started = false;
--
2.41.0
