[PATCH dpdk] net/tap: fix interrupt callback crash after failed start

Stephen Hemminger stephen at networkplumber.org
Sat Oct 18 01:38:54 CEST 2025

Previous message (by thread): [PATCH dpdk] net/tap: fix interrupt callback crash after failed start
Next message (by thread): [PATCH dpdk] net/tap: fix interrupt callback crash after failed start
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 17 Oct 2025 14:19:47 +0200
Robin Jarry <rjarry at redhat.com> wrote:

> After moving a tap linux net device to a different namespace,
> tap_link_set_up fails with an -ENODEV error. Indeed it relies on an
> ioctl call using the interface name as argument:
> 
> 	/* with ifr->ifrn_name = "dtapX" */
> 	ioctl(pmd->ioctl_sock, SIOCGIFFLAGS, ifr)
> 
> This causes rte_eth_dev_stop() to do nothing since the device is not
> seen as started. And then, when removing the device, the interrupt
> callbacks are left there.
> 
> If they are invoked, they will be so with a "freed" device pointer:
> 
> Thread 2 "dpdk-intr" hit Breakpoint 1, tap_dev_intr_handler
>     at ../drivers/net/tap/rte_eth_tap.c:1689
> 1689            struct pmd_internals *pmd = dev->data->dev_private;
> (gdb) p *dev
> $2 = {
>   ...
>   data = 0x0,
>   ...
>   state = RTE_ETH_DEV_UNUSED,
>   security_ctx = 0x0
> }
> 
> This causes a crash when dereferencing the data pointer.
> 
> When tap_link_set_up fails, ensure to unregister the interrupt callbacks
> that were just reinstalled.
> 
> Cc: stable at dpdk.org
> Fixes: c0bddd3a057f ("net/tap: add link status notification")
> 
> Signed-off-by: Robin Jarry <rjarry at redhat.com>

Queued to next-net

Previous message (by thread): [PATCH dpdk] net/tap: fix interrupt callback crash after failed start
Next message (by thread): [PATCH dpdk] net/tap: fix interrupt callback crash after failed start
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list