On Wed, Sep 11, 2019 at 02:18:29PM -0700, Yifeng Sun wrote:
> Valgrind reported that match.wc was not initialized, as below:
>
> 1176: ofproto-dpif - fragment handling - actions
>
> ==21214== Conditional jump or move depends on uninitialised value(s)
> ==21214==at 0x4B77C1: odp_flow_key_from_flow__ (odp-util.c:6143)
> ==21214==by 0x46DB58: dp_netdev_upcall (dpif-netdev.c:6239)
> ==21214==by 0x4774A7: handle_packet_upcall (dpif-netdev.c:6608)
> ==21214==by 0x4774A7: fast_path_processing (dpif-netdev.c:6726)
> ==21214==by 0x47933C: dp_netdev_input__ (dpif-netdev.c:6814)
> ==21214==by 0x479AB8: dp_netdev_input (dpif-netdev.c:6852)
> ==21214==by 0x479AB8: dp_netdev_process_rxq_port (dpif-netdev.c:4287)
> ==21214==by 0x47A6A9: dpif_netdev_run (dpif-netdev.c:5264)
> ==21214==by 0x4324E7: type_run (ofproto-dpif.c:342)
> ==21214==by 0x41C5FE: ofproto_type_run (ofproto.c:1734)
> ==21214==by 0x40BAAC: bridge_run__ (bridge.c:2965)
> ==21214==by 0x410CF3: bridge_run (bridge.c:3029)
> ==21214==by 0x407614: main (ovs-vswitchd.c:127)
> ==21214== Uninitialised value was created by a stack allocation
> ==21214==at 0x4769C3: fast_path_processing (dpif-netdev.c:6672)
>
> 'match' is allocated on stack but its 'wc' is accessed in
> odp_flow_key_from_flow__ without proper initialization.
> This patch fixes it.
>
> Signed-off-by: Yifeng Sun
LGTM
Acked-by: William Tu
> ---
> lib/dpif-netdev.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/lib/dpif-netdev.c b/lib/dpif-netdev.c
> index a88a78f8a688..6be6e47ed127 100644
> --- a/lib/dpif-netdev.c
> +++ b/lib/dpif-netdev.c
> @@ -6600,6 +6600,7 @@ handle_packet_upcall(struct dp_netdev_pmd_thread *pmd,
>
> match.tun_md.valid = false;
> miniflow_expand(&key->mf, &match.flow);
> +memset(&match.wc, 0, sizeof match.wc);
>
> ofpbuf_clear(actions);
> ofpbuf_clear(put_actions);
> --
> 2.7.4
>
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
