Commit ba7eadb5 authored by Greg Kurz's avatar Greg Kurz Committed by Michael S. Tsirkin
Browse files

virtio-net: handle virtio_net_handle_ctrl() error 



This error is caused by a buggy guest: let's switch the device to the
broken state instead of terminating QEMU. Also we detach the element
from the virtqueue and free it.

Signed-off-by: default avatarGreg Kurz <groug@kaod.org>
Reviewed-by: default avatarStefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: default avatarMichael S. Tsirkin <mst@redhat.com>
Signed-off-by: default avatarMichael S. Tsirkin <mst@redhat.com>
parent 20ea686a

hw/net/virtio-net.c

+5 −2
Original line number Diff line number Diff line
@@ -880,6 +880,7 @@ static int virtio_net_handle_mq(VirtIONet *n, uint8_t cmd, 


    return VIRTIO_NET_OK;

}



static void virtio_net_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)

{

    VirtIONet *n = VIRTIO_NET(vdev);
@@ -897,8 +898,10 @@ static void virtio_net_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq) 
        }

        if (iov_size(elem->in_sg, elem->in_num) < sizeof(status) ||

            iov_size(elem->out_sg, elem->out_num) < sizeof(ctrl)) {

            error_report("virtio-net ctrl missing headers");

            exit(1);

            virtio_error(vdev, "virtio-net ctrl missing headers");

            virtqueue_detach_element(vq, elem, 0);

            g_free(elem);

            break;

        }



        iov_cnt = elem->out_num;