The SIGINT/SIGTERM handler starts a graceful shutdown via
prompt_exit(), after which prompt() frees the cmdline object with
cmdline_stdin_exit(). A second signal delivered during or after
that free re-enters prompt_exit() and dereferences testpmd_cl,
producing a use-after-free.
Set SA_RESETHAND so the second signal terminates the process via
SIG_DFL instead of re-running the shutdown path. On Windows the
C runtime's signal() already resets the disposition after delivery,
so behavior is consistent without an #ifdef.
Fixes: f1d0993e034e ("app/testpmd: fix interactive mode on Windows")
Cc: [email protected]
Reported-by: Sunyang Wu <[email protected]>
Signed-off-by: Stephen Hemminger <[email protected]>
---
app/test-pmd/testpmd.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/app/test-pmd/testpmd.c b/app/test-pmd/testpmd.c
index e2569d9e30..d93c696057 100644
--- a/app/test-pmd/testpmd.c
+++ b/app/test-pmd/testpmd.c
@@ -4603,9 +4603,14 @@ main(int argc, char** argv)
signal(SIGINT, signal_handler);
signal(SIGTERM, signal_handler);
#else
- /* Want read() not to be restarted on signal */
+ /*
+ * Do not restart read() on signal (no SA_RESTART), and reset
+ * to SIG_DFL after first delivery so a second SIGINT/SIGTERM
+ * terminates instead of re-entering the shutdown path.
+ */
struct sigaction action = {
.sa_handler = signal_handler,
+ .sa_flags = SA_RESETHAND,
};
sigaction(SIGINT, &action, NULL);
--
2.53.0
