From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by dpdk.org (Postfix) with ESMTP id 4CAB728F2 for ; Tue, 26 Apr 2016 05:40:57 +0200 (CEST) Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga103.jf.intel.com with ESMTP; 25 Apr 2016 20:40:56 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.24,535,1455004800"; d="scan'208";a="962696493" Received: from yliu-dev.sh.intel.com (HELO yliu-dev) ([10.239.67.162]) by orsmga002.jf.intel.com with ESMTP; 25 Apr 2016 20:40:55 -0700 Date: Mon, 25 Apr 2016 20:43:09 -0700 From: Yuanhan Liu To: Jianfeng Tan Cc: dev@dpdk.org, huawei.xie@intel.com Message-ID: <20160426034309.GC7832@yliu-dev.sh.intel.com> References: <1461242170-146337-1-git-send-email-jianfeng.tan@intel.com> <1461551865-15930-1-git-send-email-jianfeng.tan@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1461551865-15930-1-git-send-email-jianfeng.tan@intel.com> User-Agent: Mutt/1.5.23 (2014-03-12) Subject: Re: [dpdk-dev] [PATCH v2] virtio: fix segfault when transmit pkts X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Apr 2016 03:40:57 -0000 On Mon, Apr 25, 2016 at 02:37:45AM +0000, Jianfeng Tan wrote: > Issue: when using virtio nic to transmit pkts, it causes segment fault. > > How to reproduce: > Basically, we need to construct a case with vm send packets to vhost-user, > and this issue does not happen when transmitting packets using indirect > desc. Besides, make sure all descriptors are exhausted before vhost > dequeues any packets. > > a. start testpmd with vhost. > $ testpmd -c 0x3 -n 4 --socket-mem 1024,0 --no-pci \ > --vdev 'eth_vhost0,iface=/tmp/sock0,queues=1' -- -i --nb-cores=1 > > b. start a qemu with a virtio nic connected with the vhost-user port, just > make sure mrg_rxbuf is enabled. > > c. enable testpmd on the host. > testpmd> set fwd io > testpmd> start (better without start vhost-user) > > d. start testpmd in VM. > $testpmd -c 0x3 -n 4 -m 1024 -- -i --disable-hw-vlan-filter --txqflags=0xf01 > testpmd> set fwd txonly > testpmd> start > > How to fix: this bug is because inside virtqueue_enqueue_xmit(), the flag of ^^^^^^^ > desc has been updated inside the do {} while (), not necessary to update after > the loop. That's not a right "because": you were stating a fact of the right way to do setup desc flags, but not the cause of this bug. > (And if we do that after the loop, if all descs could have run out, > idx is VQ_RING_DESC_CHAIN_END (32768), use this idx to reference the start_dp > array will lead to segment fault.) And that's the cause. So, you should state the cause first, then the fix (which we already have), but not in the verse order you just did. So, I'd like to reword the commit log a bit, to something like following. What do you think of it? If no objection, I could merge it soon. Thanks for the fix, BTW! --yliu --- Subject: virtio: fix segfault on Tx desc flags setup After the do-while loop, idx could be VQ_RING_DESC_CHAIN_END (32768) when it's the last vring desc buf we can get. Therefore, following expresssion could lead to a segfault error, as it tries to access beyond the desc memory boundary. start_dp[idx].flags &= ~VRING_DESC_F_NEXT; This bug could be reproduced easily with "set fwd txonly" in the guest PMD, where the dequeue on host is slower than the guest Tx, that running out of free desc buf is pretty easy. The fix is straightforward and easy, just remove it, as we have already set desc flags properly inside the do-while loop. Fixes: dd856dfcb9e ("virtio: use any layout on Tx")