* [PATCH 0/2] fix a segfault when call callback
@ 2022-05-21 7:05 Min Hu (Connor)
2022-05-21 7:05 ` [PATCH 1/2] bus/pci: " Min Hu (Connor)
2022-05-21 7:05 ` [PATCH 2/2] bus/vdev: " Min Hu (Connor)
0 siblings, 2 replies; 4+ messages in thread
From: Min Hu (Connor) @ 2022-05-21 7:05 UTC (permalink / raw)
To: dev; +Cc: Min Hu (Connor)
This patch set fix a segfault when call callback for pci and vdev.
Huisong Li (2):
bus/pci: fix a segfault when call callback
bus/vdev: fix a segfault when call callback
drivers/bus/pci/pci_common.c | 13 +++++++++++--
drivers/bus/vdev/vdev.c | 11 +++++++++--
2 files changed, 20 insertions(+), 4 deletions(-)
--
2.33.0
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 1/2] bus/pci: fix a segfault when call callback
2022-05-21 7:05 [PATCH 0/2] fix a segfault when call callback Min Hu (Connor)
@ 2022-05-21 7:05 ` Min Hu (Connor)
2022-06-07 17:38 ` Thomas Monjalon
2022-05-21 7:05 ` [PATCH 2/2] bus/vdev: " Min Hu (Connor)
1 sibling, 1 reply; 4+ messages in thread
From: Min Hu (Connor) @ 2022-05-21 7:05 UTC (permalink / raw)
To: dev; +Cc: Huisong Li, stable, Min Hu, Gaetan Rivet
From: Huisong Li <lihuisong@huawei.com>
After the driver probe is executed, the callback in application will
be called. The callback in application may call some APIs which access the
rte_pci_driver::driver by the device::driver pointer to get driver
information. If the rte_pci_device::device::driver pointer isn't pointed to
rte_pci_driver::driver in rte_pci_probe_one_driver, a segfault will occur.
For example, when ethdev driver probe completes, the callback in
application call rte_eth_dev_info_get which use dev->device->driver->name.
So rte_pci_device::device::driver should point to rte_pci_driver::driver
before executing the driver probe.
Fixes: c752998b5e2e ("pci: introduce library and driver")
Cc: stable@dpdk.org
Signed-off-by: Huisong Li <lihuisong@huawei.com>
Signed-off-by: Min Hu (Connor) <humin29@huawei.com>
---
drivers/bus/pci/pci_common.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/drivers/bus/pci/pci_common.c b/drivers/bus/pci/pci_common.c
index 4a3a87f24f..507a654779 100644
--- a/drivers/bus/pci/pci_common.c
+++ b/drivers/bus/pci/pci_common.c
@@ -265,11 +265,22 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr,
dr->driver.name, dev->id.vendor_id, dev->id.device_id,
loc->domain, loc->bus, loc->devid, loc->function,
dev->device.numa_node);
+
+ /*
+ * After the driver probe is executed, the callback in application will
+ * be called. The callback in application may call some APIs which use
+ * dev->device.driver to get some driver information. If the driver
+ * pointer isn't pointed to driver->driver here, a segfault will occur.
+ */
+ if (!already_probed)
+ dev->device.driver = &dr->driver;
+
/* call the driver probe() function */
ret = dr->probe(dr, dev);
if (already_probed)
return ret; /* no rollback if already succeeded earlier */
if (ret) {
+ dev->device.driver = NULL;
dev->driver = NULL;
if ((dr->drv_flags & RTE_PCI_DRV_NEED_MAPPING) &&
/* Don't unmap if device is unsupported and
@@ -282,8 +293,6 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr,
dev->vfio_req_intr_handle = NULL;
rte_intr_instance_free(dev->intr_handle);
dev->intr_handle = NULL;
- } else {
- dev->device.driver = &dr->driver;
}
return ret;
--
2.33.0
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 2/2] bus/vdev: fix a segfault when call callback
2022-05-21 7:05 [PATCH 0/2] fix a segfault when call callback Min Hu (Connor)
2022-05-21 7:05 ` [PATCH 1/2] bus/pci: " Min Hu (Connor)
@ 2022-05-21 7:05 ` Min Hu (Connor)
1 sibling, 0 replies; 4+ messages in thread
From: Min Hu (Connor) @ 2022-05-21 7:05 UTC (permalink / raw)
To: dev
Cc: Huisong Li, stable, Min Hu, Thomas Monjalon, Shreyansh Jain,
Andrew Rybchenko
From: Huisong Li <lihuisong@huawei.com>
After the driver probe is executed, the callback in application will be
called. And this callback may call some APIs which access the driver in
struct rte_vdev_driver by the device::driver pointer to get some driver
information. If the rte_vdev_device::device::driver pointer isn't pointed
to the rte_vdev_driver::driver before executing driver probe, a segfault
will occur.
Fixes: e9d159c3d534 ("eal: allow probing a device again")
Cc: stable@dpdk.org
Signed-off-by: Huisong Li <lihuisong@huawei.com>
Signed-off-by: Min Hu (Connor) <humin29@huawei.com>
---
drivers/bus/vdev/vdev.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/drivers/bus/vdev/vdev.c b/drivers/bus/vdev/vdev.c
index a8d8b2327e..dea3937607 100644
--- a/drivers/bus/vdev/vdev.c
+++ b/drivers/bus/vdev/vdev.c
@@ -209,9 +209,16 @@ vdev_probe_all_drivers(struct rte_vdev_device *dev)
return -1;
}
+ /*
+ * After the driver probe is executed, the callback in application will
+ * be called. The callback in application may call some APIs which use
+ * dev->device.driver to get some driver information. If the driver
+ * pointer isn't pointed to driver->driver here, a segfault will occur.
+ */
+ dev->device.driver = &driver->driver;
ret = driver->probe(dev);
- if (ret == 0)
- dev->device.driver = &driver->driver;
+ if (ret != 0)
+ dev->device.driver = NULL;
return ret;
}
--
2.33.0
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] bus/pci: fix a segfault when call callback
2022-05-21 7:05 ` [PATCH 1/2] bus/pci: " Min Hu (Connor)
@ 2022-06-07 17:38 ` Thomas Monjalon
0 siblings, 0 replies; 4+ messages in thread
From: Thomas Monjalon @ 2022-06-07 17:38 UTC (permalink / raw)
To: Min Hu; +Cc: dev, Huisong Li, stable, Gaetan Rivet
21/05/2022 09:05, Min Hu (Connor):
> From: Huisong Li <lihuisong@huawei.com>
>
> After the driver probe is executed, the callback in application will
> be called. The callback in application may call some APIs which access the
What is the "callback in application" ?
Do you mean the callback on probing event like RTE_ETH_EVENT_NEW?
> rte_pci_driver::driver by the device::driver pointer to get driver
> information. If the rte_pci_device::device::driver pointer isn't pointed to
> rte_pci_driver::driver in rte_pci_probe_one_driver, a segfault will occur.
> For example, when ethdev driver probe completes, the callback in
> application call rte_eth_dev_info_get which use dev->device->driver->name.
> So rte_pci_device::device::driver should point to rte_pci_driver::driver
> before executing the driver probe.
I understand the need and I approve the move.
> Fixes: c752998b5e2e ("pci: introduce library and driver")
> Cc: stable@dpdk.org
>
> Signed-off-by: Huisong Li <lihuisong@huawei.com>
> Signed-off-by: Min Hu (Connor) <humin29@huawei.com>
> ---
> drivers/bus/pci/pci_common.c | 13 +++++++++++--
> 1 file changed, 11 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/bus/pci/pci_common.c b/drivers/bus/pci/pci_common.c
> index 4a3a87f24f..507a654779 100644
> --- a/drivers/bus/pci/pci_common.c
> +++ b/drivers/bus/pci/pci_common.c
> @@ -265,11 +265,22 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr,
> dr->driver.name, dev->id.vendor_id, dev->id.device_id,
> loc->domain, loc->bus, loc->devid, loc->function,
> dev->device.numa_node);
> +
> + /*
> + * After the driver probe is executed, the callback in application will
> + * be called. The callback in application may call some APIs which use
> + * dev->device.driver to get some driver information. If the driver
> + * pointer isn't pointed to driver->driver here, a segfault will occur.
> + */
I would like to make this comment simpler
once I'm sure we share the same understanding.
> + if (!already_probed)
> + dev->device.driver = &dr->driver;
> +
> /* call the driver probe() function */
> ret = dr->probe(dr, dev);
> if (already_probed)
> return ret; /* no rollback if already succeeded earlier */
> if (ret) {
> + dev->device.driver = NULL;
> dev->driver = NULL;
> if ((dr->drv_flags & RTE_PCI_DRV_NEED_MAPPING) &&
> /* Don't unmap if device is unsupported and
> @@ -282,8 +293,6 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr,
> dev->vfio_req_intr_handle = NULL;
> rte_intr_instance_free(dev->intr_handle);
> dev->intr_handle = NULL;
> - } else {
> - dev->device.driver = &dr->driver;
> }
>
> return ret;
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-06-07 17:38 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-21 7:05 [PATCH 0/2] fix a segfault when call callback Min Hu (Connor)
2022-05-21 7:05 ` [PATCH 1/2] bus/pci: " Min Hu (Connor)
2022-06-07 17:38 ` Thomas Monjalon
2022-05-21 7:05 ` [PATCH 2/2] bus/vdev: " Min Hu (Connor)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).