From: "Min Hu (Connor)" <humin29@huawei.com>
To: "Burakov, Anatoly" <anatoly.burakov@intel.com>,
Ferruh Yigit <ferruh.yigit@intel.com>, <hemant.agrawal@nxp.com>,
Ajit Khaparde <ajit.khaparde@broadcom.com>,
Jerin Jacob <jerinjacobk@gmail.com>
Cc: "Ananyev, Konstantin" <konstantin.ananyev@intel.com>,
Thomas Monjalon <thomas@monjalon.net>,
Andrew Rybchenko <Andrew.Rybchenko@oktetlabs.ru>,
"dev@dpdk.org" <dev@dpdk.org>,
"olivier.matz@6wind.com" <olivier.matz@6wind.com>,
"david.marchand@redhat.com" <david.marchand@redhat.com>,
"jerinj@marvell.com" <jerinj@marvell.com>,
"Richardson, Bruce" <bruce.richardson@intel.com>
Subject: Re: [dpdk-dev] Questions about API with no parameter check
Date: Thu, 8 Apr 2021 09:06:33 +0800 [thread overview]
Message-ID: <cf752a15-1a98-649c-104f-4c8c28c41038@huawei.com> (raw)
In-Reply-To: <3865dae6-1245-c2be-7b9c-3eb6e1a8c0d4@intel.com>
Thanks all,
Well, Most people who replied support input verification for APIs.
As the APIs are in control path APIs, so checking all input is OK.
This is a large project because there are so many APIs and libs in DPDK.
I will send a set of patches to fix that.
Thomas, Ferruh, and others, any opinions ?
Thanks.
在 2021/4/8 0:26, Burakov, Anatoly 写道:
> On 07-Apr-21 5:10 PM, Ferruh Yigit wrote:
>> On 4/7/2021 4:25 PM, Hemant Agrawal wrote:
>>>
>>> On 4/7/2021 8:10 PM, Ajit Khaparde wrote:
>>>> On Wed, Apr 7, 2021 at 6:20 AM Jerin Jacob <jerinjacobk@gmail.com>
>>>> wrote:
>>>>> On Wed, Apr 7, 2021 at 5:23 PM Ananyev, Konstantin
>>>>> <konstantin.ananyev@intel.com> wrote:
>>>>>>
>>>>>>
>>>>>>> 07/04/2021 13:28, Min Hu (Connor):
>>>>>>>> Hi, all,
>>>>>>>> Many APIs in DPDK does not check if the pointer parameter is
>>>>>>>> NULL or not. For example, in 'rte_ethdev.c':
>>>>>>>> int
>>>>>>>> rte_eth_rx_queue_setup(uint16_t port_id, uint16_t rx_queue_id,
>>>>>>>> uint16_t nb_rx_desc, unsigned int socket_id,
>>>>>>>> const struct rte_eth_rxconf *rx_conf,
>>>>>>>> struct rte_mempool *mp)
>>>>>>>>
>>>>>>>> int
>>>>>>>> rte_eth_link_get(uint16_t port_id, struct rte_eth_link *eth_link)
>>>>>>>>
>>>>>>>> int
>>>>>>>> rte_eth_stats_get(uint16_t port_id, struct rte_eth_stats *stats)
>>>>>>>>
>>>>>>>> int
>>>>>>>> rte_eth_dev_info_get(uint16_t port_id, struct rte_eth_dev_info
>>>>>>>> *dev_info)
>>>>>>>>
>>>>>>>> As these APIs could be used by any APPs, if the APP give NULL as
>>>>>>>> the pointer parameter, segmetation default will occur.
>>>>>>>>
>>>>>>>> So, my question is, should we add check in the API? like that,
>>>>>>>> int rte_eth_stats_get(uint16_t port_id, struct rte_eth_stats
>>>>>>>> *stats)
>>>>>>>> {
>>>>>>>> if (stats == NULL)
>>>>>>>> return -EINVAL;
>>>>>>>> ...
>>>>>>>> }
>>>>>>>>
>>>>>>>> Or, that is redundant, the parameter correctness should be
>>>>>>>> guaranteed by
>>>>>>>> the APP?
>>>>>>>>
>>>>>>>> What's your opinion? Hope for your reply.
>>>>>>> I remember it has been discussed in the past (many years ago),
>>>>>>> and the opinion was to not clutter the code for something that
>>>>>>> is a basic fault from the app.
>>>>>>>
>>>>>>> I don't have a strong opinion.
>>>>>>> What is your opinion? Others?
>>>>>> As I can see these are control path functions.
>>>>>> So some extra formal parameters check wouldn't hurt.
>>>>>> +1 from me to add them.
>>>>> +1 to add more sanity checks in control path APIs
>>>> +1
>>>> But are we going to check all parameters?
>>>
>>> +1
>>>
>>> It may be better to limit the number of checks.
>>>
>>
>> +1 to verify input for APIs.
>>
>> Why not do all, what is the downside of checking all input for control
>> path APIs?
>>
>
> +1
>
> Don't have anything useful to add that hasn't already been said, but
> seems like a nice +1-train going on here, so i thought i'd hop on board :D
>
next prev parent reply other threads:[~2021-04-08 1:06 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-07 11:28 Min Hu (Connor)
2021-04-07 11:40 ` Thomas Monjalon
2021-04-07 11:48 ` Liang Ma
2021-04-07 11:53 ` Ananyev, Konstantin
2021-04-07 13:19 ` Jerin Jacob
2021-04-07 14:40 ` Ajit Khaparde
2021-04-07 15:25 ` Hemant Agrawal
2021-04-07 16:10 ` Ferruh Yigit
2021-04-07 16:26 ` Burakov, Anatoly
2021-04-08 1:06 ` Min Hu (Connor) [this message]
2021-04-08 8:22 ` Thomas Monjalon
2021-04-08 9:00 ` Min Hu (Connor)
2021-04-29 16:16 ` Tyler Retzlaff
2021-04-29 18:49 ` Dmitry Kozlyuk
2021-04-30 0:15 ` Tyler Retzlaff
2021-05-03 15:19 ` Morten Brørup
2021-05-04 9:36 ` Ananyev, Konstantin
2021-05-05 15:58 ` Tyler Retzlaff
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cf752a15-1a98-649c-104f-4c8c28c41038@huawei.com \
--to=humin29@huawei.com \
--cc=Andrew.Rybchenko@oktetlabs.ru \
--cc=ajit.khaparde@broadcom.com \
--cc=anatoly.burakov@intel.com \
--cc=bruce.richardson@intel.com \
--cc=david.marchand@redhat.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
--cc=hemant.agrawal@nxp.com \
--cc=jerinj@marvell.com \
--cc=jerinjacobk@gmail.com \
--cc=konstantin.ananyev@intel.com \
--cc=olivier.matz@6wind.com \
--cc=thomas@monjalon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).