Commit e398dcda authored by Thanos Makatos's avatar Thanos Makatos Committed by Tomasz Zawadzki
Browse files

nvmf/vfio-user: don't use uninitialized refcount for admin CQ 



Signed-off-by: default avatarThanos Makatos <thanos.makatos@nutanix.com>
Change-Id: I16d511ac10b8ba4dfb2f7a7e5c144e2f2fe1bad5
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/15386


Tested-by: default avatarSPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: default avatarBen Walker <benjamin.walker@intel.com>
Reviewed-by: default avatarJim Harris <james.r.harris@intel.com>
Reviewed-by: default avatarChangpeng Liu <changpeng.liu@intel.com>
Reviewed-by: default avatarJohn Levon <levon@movementarian.org>
parent 25440c3b

lib/nvmf/vfio_user.c

+8 −5
Original line number Diff line number Diff line
@@ -329,7 +329,7 @@ struct nvmf_vfio_user_sq { 
struct nvmf_vfio_user_cq {

	struct spdk_nvmf_transport_poll_group	*group;

	struct spdk_thread			*thread;

	uint32_t				cq_ref;

	int					cq_ref;



	uint32_t				qid;

	/* Number of entries in queue. */
@@ -1763,10 +1763,8 @@ delete_sq_done(struct nvmf_vfio_user_ctrlr *vu_ctrlr, struct nvmf_vfio_user_sq * 
		SPDK_DEBUGLOG(nvmf_vfio, "%s: try to delete cqid:%u=%p\n", ctrlr_id(vu_ctrlr),

			      cq->qid, cq);



		if (cq->cq_ref) {

			cq->cq_ref--;

		}

		if (cq->cq_ref == 0) {

		assert(cq->cq_ref > 0);

		if (--cq->cq_ref == 0) {

			unmap_q(vu_ctrlr, &cq->mapping);

			cq->size = 0;

			cq->cq_state = VFIO_USER_CQ_DELETED;
@@ -4978,6 +4976,11 @@ handle_queue_connect_rsp(struct nvmf_vfio_user_req *req, void *cb_arg) 
	pthread_mutex_lock(&endpoint->lock);

	if (nvmf_qpair_is_admin_queue(&sq->qpair)) {

		admin_cq->thread = spdk_get_thread();

		/*

		 * The admin queue is special as SQ0 and CQ0 are created

		 * together.

		 */

		admin_cq->cq_ref = 1;

		start_ctrlr(vu_ctrlr, sq->qpair.ctrlr);

	} else {

		/* For I/O queues this command was generated in response to an