* [PATCH 0/2] fix a segfault when call callback @ 2022-05-21 7:05 Min Hu (Connor) 2022-05-21 7:05 ` [PATCH 1/2] bus/pci: " Min Hu (Connor) 2022-05-21 7:05 ` [PATCH 2/2] bus/vdev: " Min Hu (Connor) 0 siblings, 2 replies; 4+ messages in thread From: Min Hu (Connor) @ 2022-05-21 7:05 UTC (permalink / raw) To: dev; +Cc: Min Hu (Connor) This patch set fix a segfault when call callback for pci and vdev. Huisong Li (2): bus/pci: fix a segfault when call callback bus/vdev: fix a segfault when call callback drivers/bus/pci/pci_common.c | 13 +++++++++++-- drivers/bus/vdev/vdev.c | 11 +++++++++-- 2 files changed, 20 insertions(+), 4 deletions(-) -- 2.33.0 ^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 1/2] bus/pci: fix a segfault when call callback 2022-05-21 7:05 [PATCH 0/2] fix a segfault when call callback Min Hu (Connor) @ 2022-05-21 7:05 ` Min Hu (Connor) 2022-06-07 17:38 ` Thomas Monjalon 2022-05-21 7:05 ` [PATCH 2/2] bus/vdev: " Min Hu (Connor) 1 sibling, 1 reply; 4+ messages in thread From: Min Hu (Connor) @ 2022-05-21 7:05 UTC (permalink / raw) To: dev; +Cc: Huisong Li, stable, Min Hu, Gaetan Rivet From: Huisong Li <lihuisong@huawei.com> After the driver probe is executed, the callback in application will be called. The callback in application may call some APIs which access the rte_pci_driver::driver by the device::driver pointer to get driver information. If the rte_pci_device::device::driver pointer isn't pointed to rte_pci_driver::driver in rte_pci_probe_one_driver, a segfault will occur. For example, when ethdev driver probe completes, the callback in application call rte_eth_dev_info_get which use dev->device->driver->name. So rte_pci_device::device::driver should point to rte_pci_driver::driver before executing the driver probe. Fixes: c752998b5e2e ("pci: introduce library and driver") Cc: stable@dpdk.org Signed-off-by: Huisong Li <lihuisong@huawei.com> Signed-off-by: Min Hu (Connor) <humin29@huawei.com> --- drivers/bus/pci/pci_common.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/bus/pci/pci_common.c b/drivers/bus/pci/pci_common.c index 4a3a87f24f..507a654779 100644 --- a/drivers/bus/pci/pci_common.c +++ b/drivers/bus/pci/pci_common.c @@ -265,11 +265,22 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr, dr->driver.name, dev->id.vendor_id, dev->id.device_id, loc->domain, loc->bus, loc->devid, loc->function, dev->device.numa_node); + + /* + * After the driver probe is executed, the callback in application will + * be called. The callback in application may call some APIs which use + * dev->device.driver to get some driver information. If the driver + * pointer isn't pointed to driver->driver here, a segfault will occur. + */ + if (!already_probed) + dev->device.driver = &dr->driver; + /* call the driver probe() function */ ret = dr->probe(dr, dev); if (already_probed) return ret; /* no rollback if already succeeded earlier */ if (ret) { + dev->device.driver = NULL; dev->driver = NULL; if ((dr->drv_flags & RTE_PCI_DRV_NEED_MAPPING) && /* Don't unmap if device is unsupported and @@ -282,8 +293,6 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr, dev->vfio_req_intr_handle = NULL; rte_intr_instance_free(dev->intr_handle); dev->intr_handle = NULL; - } else { - dev->device.driver = &dr->driver; } return ret; -- 2.33.0 ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] bus/pci: fix a segfault when call callback 2022-05-21 7:05 ` [PATCH 1/2] bus/pci: " Min Hu (Connor) @ 2022-06-07 17:38 ` Thomas Monjalon 0 siblings, 0 replies; 4+ messages in thread From: Thomas Monjalon @ 2022-06-07 17:38 UTC (permalink / raw) To: Min Hu; +Cc: dev, Huisong Li, stable, Gaetan Rivet 21/05/2022 09:05, Min Hu (Connor): > From: Huisong Li <lihuisong@huawei.com> > > After the driver probe is executed, the callback in application will > be called. The callback in application may call some APIs which access the What is the "callback in application" ? Do you mean the callback on probing event like RTE_ETH_EVENT_NEW? > rte_pci_driver::driver by the device::driver pointer to get driver > information. If the rte_pci_device::device::driver pointer isn't pointed to > rte_pci_driver::driver in rte_pci_probe_one_driver, a segfault will occur. > For example, when ethdev driver probe completes, the callback in > application call rte_eth_dev_info_get which use dev->device->driver->name. > So rte_pci_device::device::driver should point to rte_pci_driver::driver > before executing the driver probe. I understand the need and I approve the move. > Fixes: c752998b5e2e ("pci: introduce library and driver") > Cc: stable@dpdk.org > > Signed-off-by: Huisong Li <lihuisong@huawei.com> > Signed-off-by: Min Hu (Connor) <humin29@huawei.com> > --- > drivers/bus/pci/pci_common.c | 13 +++++++++++-- > 1 file changed, 11 insertions(+), 2 deletions(-) > > diff --git a/drivers/bus/pci/pci_common.c b/drivers/bus/pci/pci_common.c > index 4a3a87f24f..507a654779 100644 > --- a/drivers/bus/pci/pci_common.c > +++ b/drivers/bus/pci/pci_common.c > @@ -265,11 +265,22 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr, > dr->driver.name, dev->id.vendor_id, dev->id.device_id, > loc->domain, loc->bus, loc->devid, loc->function, > dev->device.numa_node); > + > + /* > + * After the driver probe is executed, the callback in application will > + * be called. The callback in application may call some APIs which use > + * dev->device.driver to get some driver information. If the driver > + * pointer isn't pointed to driver->driver here, a segfault will occur. > + */ I would like to make this comment simpler once I'm sure we share the same understanding. > + if (!already_probed) > + dev->device.driver = &dr->driver; > + > /* call the driver probe() function */ > ret = dr->probe(dr, dev); > if (already_probed) > return ret; /* no rollback if already succeeded earlier */ > if (ret) { > + dev->device.driver = NULL; > dev->driver = NULL; > if ((dr->drv_flags & RTE_PCI_DRV_NEED_MAPPING) && > /* Don't unmap if device is unsupported and > @@ -282,8 +293,6 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr, > dev->vfio_req_intr_handle = NULL; > rte_intr_instance_free(dev->intr_handle); > dev->intr_handle = NULL; > - } else { > - dev->device.driver = &dr->driver; > } > > return ret; > ^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 2/2] bus/vdev: fix a segfault when call callback 2022-05-21 7:05 [PATCH 0/2] fix a segfault when call callback Min Hu (Connor) 2022-05-21 7:05 ` [PATCH 1/2] bus/pci: " Min Hu (Connor) @ 2022-05-21 7:05 ` Min Hu (Connor) 1 sibling, 0 replies; 4+ messages in thread From: Min Hu (Connor) @ 2022-05-21 7:05 UTC (permalink / raw) To: dev Cc: Huisong Li, stable, Min Hu, Thomas Monjalon, Shreyansh Jain, Andrew Rybchenko From: Huisong Li <lihuisong@huawei.com> After the driver probe is executed, the callback in application will be called. And this callback may call some APIs which access the driver in struct rte_vdev_driver by the device::driver pointer to get some driver information. If the rte_vdev_device::device::driver pointer isn't pointed to the rte_vdev_driver::driver before executing driver probe, a segfault will occur. Fixes: e9d159c3d534 ("eal: allow probing a device again") Cc: stable@dpdk.org Signed-off-by: Huisong Li <lihuisong@huawei.com> Signed-off-by: Min Hu (Connor) <humin29@huawei.com> --- drivers/bus/vdev/vdev.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/drivers/bus/vdev/vdev.c b/drivers/bus/vdev/vdev.c index a8d8b2327e..dea3937607 100644 --- a/drivers/bus/vdev/vdev.c +++ b/drivers/bus/vdev/vdev.c @@ -209,9 +209,16 @@ vdev_probe_all_drivers(struct rte_vdev_device *dev) return -1; } + /* + * After the driver probe is executed, the callback in application will + * be called. The callback in application may call some APIs which use + * dev->device.driver to get some driver information. If the driver + * pointer isn't pointed to driver->driver here, a segfault will occur. + */ + dev->device.driver = &driver->driver; ret = driver->probe(dev); - if (ret == 0) - dev->device.driver = &driver->driver; + if (ret != 0) + dev->device.driver = NULL; return ret; } -- 2.33.0 ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-06-07 17:38 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-05-21 7:05 [PATCH 0/2] fix a segfault when call callback Min Hu (Connor) 2022-05-21 7:05 ` [PATCH 1/2] bus/pci: " Min Hu (Connor) 2022-06-07 17:38 ` Thomas Monjalon 2022-05-21 7:05 ` [PATCH 2/2] bus/vdev: " Min Hu (Connor)
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).