diff mbox

[dpdk-dev,v2] mbuf:using sanity checks do not panic on null mbuf

Message ID 20180109142928.81687-1-keith.wiles@intel.com (mailing list archive)
State Superseded, archived
Delegated to: Thomas Monjalon
Headers

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/Intel-compilation success Compilation OK

Commit Message

Wiles, Keith Jan. 9, 2018, 2:29 p.m. UTC 
  The rte_pktmbuf_free() allows for NULL mbuf pointer, but
when sanity check is enabled it will panic with null pointer.

Signed-off-by: Keith Wiles <keith.wiles@intel.com>
---
 lib/librte_mbuf/rte_mbuf.c | 10 ++++++++--
 test/test/test_mbuf.c      |  4 +---
 2 files changed, 9 insertions(+), 5 deletions(-)

Comments

Olivier Matz Jan. 16, 2018, 2:04 p.m. UTC | #1 
On Tue, Jan 09, 2018 at 08:29:28AM -0600, Keith Wiles wrote:
> The rte_pktmbuf_free() allows for NULL mbuf pointer, but
> when sanity check is enabled it will panic with null pointer.
> 
> Signed-off-by: Keith Wiles <keith.wiles@intel.com>
> ---
>  lib/librte_mbuf/rte_mbuf.c | 10 ++++++++--
>  test/test/test_mbuf.c      |  4 +---
>  2 files changed, 9 insertions(+), 5 deletions(-)
> 
> diff --git a/lib/librte_mbuf/rte_mbuf.c b/lib/librte_mbuf/rte_mbuf.c
> index 7543662f7..621679c92 100644
> --- a/lib/librte_mbuf/rte_mbuf.c
> +++ b/lib/librte_mbuf/rte_mbuf.c
> @@ -205,8 +205,9 @@ rte_mbuf_sanity_check(const struct rte_mbuf *m, int is_header)
>  	const struct rte_mbuf *m_seg;
>  	unsigned int nb_segs;
>  
> -	if (m == NULL)
> -		rte_panic("mbuf is NULL\n");
> +	/* Calling with NULL is valid in the API */
> +	if (!m)
> +		return;
>  
>  	/* generic checks */
>  	if (m->pool == NULL)
> @@ -243,6 +244,11 @@ rte_pktmbuf_dump(FILE *f, const struct rte_mbuf *m, unsigned dump_len)
>  
>  	__rte_mbuf_sanity_check(m, 1);
>  
> +	if (!m) {
> +		fprintf(stderr, "MBUF pointer is NULL\n");
> +		return;
> +	}
> +
>  	fprintf(f, "dump mbuf at %p, iova=%"PRIx64", buf_len=%u\n",
>  	       m, (uint64_t)m->buf_iova, (unsigned)m->buf_len);
>  	fprintf(f, "  pkt_len=%"PRIu32", ol_flags=%"PRIx64", nb_segs=%u, "
> diff --git a/test/test/test_mbuf.c b/test/test/test_mbuf.c
> index 9e82a20be..146eaf0e5 100644
> --- a/test/test/test_mbuf.c
> +++ b/test/test/test_mbuf.c
> @@ -864,10 +864,8 @@ test_failing_mbuf_sanity_check(struct rte_mempool *pktmbuf_pool)
>  
>  	printf("Now checking for error conditions\n");
>  
> -	if (verify_mbuf_check_panics(NULL)) {
> -		printf("Error with NULL mbuf test\n");
> +	if (verify_mbuf_check_panics(NULL) != -1)
>  		return -1;
> -	}
>  
>  	badbuf = *buf;
>  	badbuf.pool = NULL;
> -- 
> 2.14.1
> 

The problem is a panic when rte_pktmbuf_free(NULL) when mbuf debug is enabled,
right?

A NULL mbuf is only valid in case of a free because it is convenient, but for
most (all ?) other mbuf functions, the mbuf must not be NULL.

What about this patch instead:

  --- a/lib/librte_mbuf/rte_mbuf.h
  +++ b/lib/librte_mbuf/rte_mbuf.h
  @@ -1413,13 +1413,14 @@ rte_pktmbuf_free_seg(struct rte_mbuf *m)
    * segment is added back into its original mempool.
    *
    * @param m
  - *   The packet mbuf to be freed.
  + *   The packet mbuf to be freed. If NULL, the function does nothing.
    */
   static inline void rte_pktmbuf_free(struct rte_mbuf *m)
   {
          struct rte_mbuf *m_next;
  
  -       __rte_mbuf_sanity_check(m, 1);
  +       if (m != NULL)
  +               __rte_mbuf_sanity_check(m, 1);
  
          while (m != NULL) {
                  m_next = m->next;
Wiles, Keith Jan. 16, 2018, 2:19 p.m. UTC | #2 
> On Jan 16, 2018, at 8:04 AM, Olivier Matz <olivier.matz@6wind.com> wrote:
> 
> On Tue, Jan 09, 2018 at 08:29:28AM -0600, Keith Wiles wrote:
>> The rte_pktmbuf_free() allows for NULL mbuf pointer, but
>> when sanity check is enabled it will panic with null pointer.
>> 
>> Signed-off-by: Keith Wiles <keith.wiles@intel.com>
>> ---
>> lib/librte_mbuf/rte_mbuf.c | 10 ++++++++--
>> test/test/test_mbuf.c      |  4 +---
>> 2 files changed, 9 insertions(+), 5 deletions(-)
>> 
>> diff --git a/lib/librte_mbuf/rte_mbuf.c b/lib/librte_mbuf/rte_mbuf.c
>> index 7543662f7..621679c92 100644
>> --- a/lib/librte_mbuf/rte_mbuf.c
>> +++ b/lib/librte_mbuf/rte_mbuf.c
>> @@ -205,8 +205,9 @@ rte_mbuf_sanity_check(const struct rte_mbuf *m, int is_header)
>> 	const struct rte_mbuf *m_seg;
>> 	unsigned int nb_segs;
>> 
>> -	if (m == NULL)
>> -		rte_panic("mbuf is NULL\n");
>> +	/* Calling with NULL is valid in the API */
>> +	if (!m)
>> +		return;
>> 
>> 	/* generic checks */
>> 	if (m->pool == NULL)
>> @@ -243,6 +244,11 @@ rte_pktmbuf_dump(FILE *f, const struct rte_mbuf *m, unsigned dump_len)
>> 
>> 	__rte_mbuf_sanity_check(m, 1);
>> 
>> +	if (!m) {
>> +		fprintf(stderr, "MBUF pointer is NULL\n");
>> +		return;
>> +	}
>> +
>> 	fprintf(f, "dump mbuf at %p, iova=%"PRIx64", buf_len=%u\n",
>> 	       m, (uint64_t)m->buf_iova, (unsigned)m->buf_len);
>> 	fprintf(f, "  pkt_len=%"PRIu32", ol_flags=%"PRIx64", nb_segs=%u, "
>> diff --git a/test/test/test_mbuf.c b/test/test/test_mbuf.c
>> index 9e82a20be..146eaf0e5 100644
>> --- a/test/test/test_mbuf.c
>> +++ b/test/test/test_mbuf.c
>> @@ -864,10 +864,8 @@ test_failing_mbuf_sanity_check(struct rte_mempool *pktmbuf_pool)
>> 
>> 	printf("Now checking for error conditions\n");
>> 
>> -	if (verify_mbuf_check_panics(NULL)) {
>> -		printf("Error with NULL mbuf test\n");
>> +	if (verify_mbuf_check_panics(NULL) != -1)
>> 		return -1;
>> -	}
>> 
>> 	badbuf = *buf;
>> 	badbuf.pool = NULL;
>> -- 
>> 2.14.1
>> 
> 
> The problem is a panic when rte_pktmbuf_free(NULL) when mbuf debug is enabled,
> right?
> 
> A NULL mbuf is only valid in case of a free because it is convenient, but for
> most (all ?) other mbuf functions, the mbuf must not be NULL.
> 
> What about this patch instead:
> 
>  --- a/lib/librte_mbuf/rte_mbuf.h
>  +++ b/lib/librte_mbuf/rte_mbuf.h
>  @@ -1413,13 +1413,14 @@ rte_pktmbuf_free_seg(struct rte_mbuf *m)
>    * segment is added back into its original mempool.
>    *
>    * @param m
>  - *   The packet mbuf to be freed.
>  + *   The packet mbuf to be freed. If NULL, the function does nothing.
>    */
>   static inline void rte_pktmbuf_free(struct rte_mbuf *m)
>   {
>          struct rte_mbuf *m_next;
> 
>  -       __rte_mbuf_sanity_check(m, 1);
>  +       if (m != NULL)
>  +               __rte_mbuf_sanity_check(m, 1);
> 
>          while (m != NULL) {
>                  m_next = m->next;

Looks good to me I would ack that one. :-)


> 

Regards,
Keith
diff mbox

Patch

diff --git a/lib/librte_mbuf/rte_mbuf.c b/lib/librte_mbuf/rte_mbuf.c
index 7543662f7..621679c92 100644
--- a/lib/librte_mbuf/rte_mbuf.c
+++ b/lib/librte_mbuf/rte_mbuf.c
@@ -205,8 +205,9 @@  rte_mbuf_sanity_check(const struct rte_mbuf *m, int is_header)
 	const struct rte_mbuf *m_seg;
 	unsigned int nb_segs;
 
-	if (m == NULL)
-		rte_panic("mbuf is NULL\n");
+	/* Calling with NULL is valid in the API */
+	if (!m)
+		return;
 
 	/* generic checks */
 	if (m->pool == NULL)
@@ -243,6 +244,11 @@  rte_pktmbuf_dump(FILE *f, const struct rte_mbuf *m, unsigned dump_len)
 
 	__rte_mbuf_sanity_check(m, 1);
 
+	if (!m) {
+		fprintf(stderr, "MBUF pointer is NULL\n");
+		return;
+	}
+
 	fprintf(f, "dump mbuf at %p, iova=%"PRIx64", buf_len=%u\n",
 	       m, (uint64_t)m->buf_iova, (unsigned)m->buf_len);
 	fprintf(f, "  pkt_len=%"PRIu32", ol_flags=%"PRIx64", nb_segs=%u, "
diff --git a/test/test/test_mbuf.c b/test/test/test_mbuf.c
index 9e82a20be..146eaf0e5 100644
--- a/test/test/test_mbuf.c
+++ b/test/test/test_mbuf.c
@@ -864,10 +864,8 @@  test_failing_mbuf_sanity_check(struct rte_mempool *pktmbuf_pool)
 
 	printf("Now checking for error conditions\n");
 
-	if (verify_mbuf_check_panics(NULL)) {
-		printf("Error with NULL mbuf test\n");
+	if (verify_mbuf_check_panics(NULL) != -1)
 		return -1;
-	}
 
 	badbuf = *buf;
 	badbuf.pool = NULL;