> The queue allocation was changed, from allocating one queue-pair at a
> time to one queue at a time. Most of the changes have been done, but
> just with one being missed: the size of coping the old queue is still
> based on queue-pair at numa_realloc(), which leads to overwritten issue.
> As a result, crash may happen.
>
> Fix it by specifying the right copy size. Also, the net queue macros
> are not used any more. Remove them.
>
> Fixes: ab4d7b9f1afc ("vhost: turn queue pair to vring")
>
> Cc: sta...@dpdk.org
> Reported-by: Ciara Loftus <ciara.lof...@intel.com>
> Signed-off-by: Yuanhan Liu <yuanhan....@linux.intel.com>
Tested-by: Ciara Loftus <ciara.lof...@intel.com>
> ---
> lib/librte_vhost/vhost_user.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
> index 5c8058b..e486b78 100644
> --- a/lib/librte_vhost/vhost_user.c
> +++ b/lib/librte_vhost/vhost_user.c
> @@ -238,8 +238,6 @@ numa_realloc(struct virtio_net *dev, int index)
> struct vhost_virtqueue *old_vq, *vq;
> int ret;
>
> - enum {VIRTIO_RXQ, VIRTIO_TXQ, VIRTIO_QNUM};
> -
> old_dev = dev;
> vq = old_vq = dev->virtqueue[index];
>
> @@ -261,7 +259,7 @@ numa_realloc(struct virtio_net *dev, int index)
> if (!vq)
> return dev;
>
> - memcpy(vq, old_vq, sizeof(*vq) * VIRTIO_QNUM);
> + memcpy(vq, old_vq, sizeof(*vq));
> rte_free(old_vq);
> }
>
> --
> 2.8.1
