When getting reqs from the avail ring, the id may exceed inflight queue size. Then the dpdk will crash forever.
Signed-off-by: Li Feng <fen...@smartx.com> --- lib/vhost/vhost_user.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c index 29a4c9af60..f09d0f6a48 100644 --- a/lib/vhost/vhost_user.c +++ b/lib/vhost/vhost_user.c @@ -1823,8 +1823,14 @@ vhost_check_queue_inflights_split(struct virtio_net *dev, last_io = inflight_split->last_inflight_io; if (inflight_split->used_idx != used->idx) { - inflight_split->desc[last_io].inflight = 0; - rte_atomic_thread_fence(__ATOMIC_SEQ_CST); + if (unlikely(last_io >= inflight_split->desc_num)) { + VHOST_LOG_CONFIG(ERR, "last_inflight_io '%"PRIu16"' exceeds inflight " + "queue size (%"PRIu16").\n", last_io, + inflight_split->desc_num); + } else { + inflight_split->desc[last_io].inflight = 0; + rte_atomic_thread_fence(__ATOMIC_SEQ_CST); + } inflight_split->used_idx = used->idx; } -- 2.31.1