[PATCH] drivers/net/pcap: fix segfault in pcap pmd

[PATCH] drivers/net/pcap: fix segfault in pcap pmd

[Reshma Pattan]

Testpmd application will crash in fclose() upon quit after running
the below command.

"sudo gdb --args ./x86_64-native-linuxapp-gcc/app/testpmd -c 0xf0 -n 4 --vdev
'eth_pcap0,tx_iface=enp1s0f1,rx_pcap=/tmp/test.pcap' -- --port-topology=chained -i"

The reason is, pcap vdev creation with tx stream type as "iface" as in above
command dont need member ''dumpers'' of "struct tx_pcaps", hence will not have
memory allocated. But contains a garbage values, as local object of struct tx_pcaps
is not initialized to 0 inside rte_pmd_pcap_dev_init(). So calling pcap_dump_close() on
dumper as part of eth_dev_stop() is causing segfault in fclose().

Fix is to initilize local object of struct tx_pcaps to 0.
Also initiliaze local object of stcruct rx_pcaps to 0.

So during eth_dev_stop(), pcap_dump_close() will not be called if dumper is NULL.

Fixes:4c173302("pcap: add new driver")

Signed-off-by: Reshma Pattan <reshma.pattan@intel.com>
---
 drivers/net/pcap/rte_eth_pcap.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/net/pcap/rte_eth_pcap.c b/drivers/net/pcap/rte_eth_pcap.c
index c98e234..c86f17b 100644
--- a/drivers/net/pcap/rte_eth_pcap.c
+++ b/drivers/net/pcap/rte_eth_pcap.c
@@ -978,8 +978,8 @@ rte_pmd_pcap_devinit(const char *name, const char *params)
 	unsigned numa_node, using_dumpers = 0;
 	int ret;
 	struct rte_kvargs *kvlist;
-	struct rx_pcaps pcaps;
-	struct tx_pcaps dumpers;
+	struct rx_pcaps pcaps = {0};
+	struct tx_pcaps dumpers = {0};
 
 	RTE_LOG(INFO, PMD, "Initializing pmd_pcap for %s\n", name);
 
-- 
2.5.0

Re: [PATCH] drivers/net/pcap: fix segfault in pcap pmd

[Ferruh Yigit]

On 5/26/2016 2:35 PM, Reshma Pattan wrote:
> Testpmd application will crash in fclose() upon quit after running
> the below command.
> 
> "sudo gdb --args ./x86_64-native-linuxapp-gcc/app/testpmd -c 0xf0 -n 4 --vdev
> 'eth_pcap0,tx_iface=enp1s0f1,rx_pcap=/tmp/test.pcap' -- --port-topology=chained -i"

checkpatch complain about long line (> 75 chars)

> 
> The reason is, pcap vdev creation with tx stream type as "iface" as in above
> command dont need member ''dumpers'' of "struct tx_pcaps", hence will not have

s/dont/don't, s/''/"

> memory allocated. But contains a garbage values, as local object of struct tx_pcaps
> is not initialized to 0 inside rte_pmd_pcap_dev_init(). So calling pcap_dump_close() on
> dumper as part of eth_dev_stop() is causing segfault in fclose().
> 
> Fix is to initilize local object of struct tx_pcaps to 0.

s/initilize/initialize

> Also initiliaze local object of stcruct rx_pcaps to 0.

s/initiliaze/initialize, s/stcruct/struct

> 
> So during eth_dev_stop(), pcap_dump_close() will not be called if dumper is NULL.
> 
> Fixes:4c173302("pcap: add new driver")
> 
> Signed-off-by: Reshma Pattan <reshma.pattan@intel.com>
> ---
>  drivers/net/pcap/rte_eth_pcap.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/net/pcap/rte_eth_pcap.c b/drivers/net/pcap/rte_eth_pcap.c
> index c98e234..c86f17b 100644
> --- a/drivers/net/pcap/rte_eth_pcap.c
> +++ b/drivers/net/pcap/rte_eth_pcap.c
> @@ -978,8 +978,8 @@ rte_pmd_pcap_devinit(const char *name, const char *params)
>  	unsigned numa_node, using_dumpers = 0;
>  	int ret;
>  	struct rte_kvargs *kvlist;
> -	struct rx_pcaps pcaps;
> -	struct tx_pcaps dumpers;
> +	struct rx_pcaps pcaps = {0};

I think this is not required to fix mentioned segfault.
But I am OK to keep this.

> +	struct tx_pcaps dumpers = {0};
>  
>  	RTE_LOG(INFO, PMD, "Initializing pmd_pcap for %s\n", name);
>  
> 

please update patch subject tag from "drivers/net/pcap:" to "pcap:"

Can you please send a new version with above minor issues fixed?
You can keep my ack in new version.

Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>

[PATCH v2] pcap: fix segfault in pcap pmd

[Reshma Pattan]

Testpmd application will crash in fclose() upon quit after running
the below command.

"sudo gdb --args ./x86_64-native-linuxapp-gcc/app/testpmd -c 0xf0 -n 4
          --vdev 'eth_pcap0,tx_iface=enp1s0f1,rx_pcap=/tmp/test.pcap' --
          --port-topology=chained -i"

The reason is, pcap vdev creation with tx stream type as "iface"
as in above command don't need member ''dumpers'' of
"struct tx_pcaps", hence will not have memory allocated.
But contains a garbage values, as local object of struct tx_pcaps
is not initialized to 0 inside rte_pmd_pcap_dev_init().
So calling pcap_dump_close() on dumper as part of eth_dev_stop()
is causing segfault in fclose().

Fix is to initialize local object of struct tx_pcaps to 0.
Also initialize local object of struct rx_pcaps to 0.

So during eth_dev_stop(), pcap_dump_close() will not be called if dumper
is NULL.

Fixes:4c173302("pcap: add new driver")

Signed-off-by: Reshma Pattan <reshma.pattan@intel.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
---
v2:
Fixed typos in commit message.
Fixed commit message line length to 75.
Fixed subject line of the patch.
---
 drivers/net/pcap/rte_eth_pcap.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/net/pcap/rte_eth_pcap.c b/drivers/net/pcap/rte_eth_pcap.c
index c98e234..c86f17b 100644
--- a/drivers/net/pcap/rte_eth_pcap.c
+++ b/drivers/net/pcap/rte_eth_pcap.c
@@ -978,8 +978,8 @@ rte_pmd_pcap_devinit(const char *name, const char *params)
 	unsigned numa_node, using_dumpers = 0;
 	int ret;
 	struct rte_kvargs *kvlist;
-	struct rx_pcaps pcaps;
-	struct tx_pcaps dumpers;
+	struct rx_pcaps pcaps = {0};
+	struct tx_pcaps dumpers = {0};
 
 	RTE_LOG(INFO, PMD, "Initializing pmd_pcap for %s\n", name);
 
-- 
2.5.0

Re: [PATCH v2] pcap: fix segfault in pcap pmd

[Bruce Richardson]

On Fri, May 27, 2016 at 01:06:20PM +0100, Reshma Pattan wrote:
> Testpmd application will crash in fclose() upon quit after running
> the below command.
> 
> "sudo gdb --args ./x86_64-native-linuxapp-gcc/app/testpmd -c 0xf0 -n 4
>           --vdev 'eth_pcap0,tx_iface=enp1s0f1,rx_pcap=/tmp/test.pcap' --
>           --port-topology=chained -i"
> 
> The reason is, pcap vdev creation with tx stream type as "iface"
> as in above command don't need member ''dumpers'' of
> "struct tx_pcaps", hence will not have memory allocated.
> But contains a garbage values, as local object of struct tx_pcaps
> is not initialized to 0 inside rte_pmd_pcap_dev_init().
> So calling pcap_dump_close() on dumper as part of eth_dev_stop()
> is causing segfault in fclose().
> 
> Fix is to initialize local object of struct tx_pcaps to 0.
> Also initialize local object of struct rx_pcaps to 0.
> 
> So during eth_dev_stop(), pcap_dump_close() will not be called if dumper
> is NULL.
> 
> Fixes:4c173302("pcap: add new driver")
> 
> Signed-off-by: Reshma Pattan <reshma.pattan@intel.com>
> Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
> ---
> v2:
> Fixed typos in commit message.
> Fixed commit message line length to 75.
> Fixed subject line of the patch.

The subject line is still not the best, since the prefix is "pcap" having the
subject also finish with "in pcap pmd" is superfluous. I've fixed the title
to "pcap: fix segfault on close" on apply.

> ---
>  drivers/net/pcap/rte_eth_pcap.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
Applied to dpdk_next_net/rel_16_07

/Bruce