* [dpdk-stable] [PATCH 15/21] vhost: don't dereference invalid dev pointer after its reallocation
[not found] <20170831095023.21037-1-maxime.coquelin@redhat.com>
@ 2017-08-31 9:50 ` Maxime Coquelin
2017-09-04 13:58 ` [dpdk-stable] [dpdk-dev] " Remy Horton
0 siblings, 1 reply; 2+ messages in thread
From: Maxime Coquelin @ 2017-08-31 9:50 UTC (permalink / raw)
To: dev, yliu, jfreiman, tiwei.bie
Cc: mst, vkaplans, jasowang, Maxime Coquelin, stable
numa_realloc() reallocates the virtio_net device structure and
updates the vhost_devices[] table with the new pointer if the rings
are allocated different NUMA node.
Problem is that vhost_user_msg_handler() still derenferences old
pointer afterward.
This patch prevents this by fetching again the dev pointer in
vhost_devices[] after messages have been handled.
Cc: stable@dpdk.org
Fixes: af295ad4698c ("vhost: realloc device and queues to same numa node as vring desc")
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
lib/librte_vhost/vhost_user.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index 4f9273fe7..a0c7c2f86 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -1158,6 +1158,12 @@ vhost_user_msg_handler(int vid, int fd)
}
+ /*
+ * The virtio_net struct might have been reallocated on a different
+ * NUMA node, so dev pointer might no more be valid.
+ */
+ dev = get_device(vid);
+
if (msg.flags & VHOST_USER_NEED_REPLY) {
msg.payload.u64 = !!ret;
msg.size = sizeof(msg.payload.u64);
--
2.13.3
^ permalink raw reply [flat|nested] 2+ messages in thread