[dpdk-dev] [PATCH 2/5] vhost: refactor virtio_dev_rx

[Rich Lane]

On Wed, Dec 2, 2015 at 10:06 PM, Yuanhan Liu <yuanhan.liu at linux.intel.com>
wrote:

> +static inline int __attribute__((always_inline))
> +copy_mbuf_to_desc(struct virtio_net *dev, struct vhost_virtqueue *vq,
> +                 struct rte_mbuf *m, uint16_t desc_idx, uint32_t *copied)
> +{
> ...
> +       while (1) {
> +               /* done with current mbuf, fetch next */
> +               if (mbuf_avail == 0) {
> +                       m = m->next;
> +                       if (m == NULL)
> +                               break;
> +
> +                       mbuf_offset = 0;
> +                       mbuf_avail  = rte_pktmbuf_data_len(m);
> +               }
> +
> +               /* done with current desc buf, fetch next */
> +               if (desc_avail == 0) {
> +                       if ((desc->flags & VRING_DESC_F_NEXT) == 0) {
> +                               /* Room in vring buffer is not enough */
> +                               return -1;
> +                       }
> +
> +                       desc = &vq->desc[desc->next];
> +                       desc_addr   = gpa_to_vva(dev, desc->addr);
> +                       desc_offset = 0;
> +                       desc_avail  = desc->len;
> +               }
> +
> +               COPY(desc_addr + desc_offset,
> +                       rte_pktmbuf_mtod_offset(m, uint64_t, mbuf_offset));
> +               PRINT_PACKET(dev, (uintptr_t)(desc_addr + desc_offset),
> +                            cpy_len, 0);
> +       }
> +       *copied = rte_pktmbuf_pkt_len(m);
>

AFAICT m will always be NULL at this point so the call to rte_pktmbuf_len
will segfault.