Hi Li,
Adding Jin Yu who introduced this function.
On 8/27/21 07:12, Li Feng wrote:
When getting reqs from the avail ring, the id may exceed inflight
queue size. Then the dpdk will crash forever.
You need to add Fixes tag and Cc sta...@dpdk.org so that it can be
backported.
Signed-off-by: Li Feng <fen...@smartx.com>
---
lib/vhost/vhost_user.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c
index 29a4c9af60..f09d0f6a48 100644
--- a/lib/vhost/vhost_user.c
+++ b/lib/vhost/vhost_user.c
@@ -1823,8 +1823,14 @@ vhost_check_queue_inflights_split(struct virtio_net *dev,
last_io = inflight_split->last_inflight_io;
if (inflight_split->used_idx != used->idx) {
- inflight_split->desc[last_io].inflight = 0;
- rte_atomic_thread_fence(__ATOMIC_SEQ_CST);
+ if (unlikely(last_io >= inflight_split->desc_num)) {
+ VHOST_LOG_CONFIG(ERR, "last_inflight_io '%"PRIu16"' exceeds
inflight "
+ "queue size (%"PRIu16").\n", last_io,
+ inflight_split->desc_num);
If such error happens, shouldn't we return RTE_VHOST_MSG_RESULT_ERR
instead of just logging an error?
+ } else {
+ inflight_split->desc[last_io].inflight = 0;
+ rte_atomic_thread_fence(__ATOMIC_SEQ_CST);
+ }
inflight_split->used_idx = used->idx;
}
Regards,
Maxime
