DPDK patches and discussions
 help / color / mirror / Atom feed
* [PATCH v1] common/idpf: fix heap use after free error
@ 2025-01-13  8:54 Praveen Shetty
  2025-01-13 16:30 ` Stephen Hemminger
  0 siblings, 1 reply; 2+ messages in thread
From: Praveen Shetty @ 2025-01-13  8:54 UTC (permalink / raw)
  To: bruce.richardson; +Cc: dev, stable

Heap use after free error is detected in AddressSanitizer while quitting
the testpmd application.Issue is due to accessing the empty control
queue in the idpf_ctlq_deinit function.idpf_ctlq_deinit function is called
during the rte_eal_cleanup routine.
This patch will fix this issue.

Fixes: fb4ac04e9bfa ("common/idpf: introduce common library")
Cc: stable@dpdk.org

Signed-off-by: Praveen Shetty <praveen.shetty@intel.com>
---
 drivers/common/idpf/base/idpf_controlq.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/drivers/common/idpf/base/idpf_controlq.c b/drivers/common/idpf/base/idpf_controlq.c
index 4f47759a4f..8f404d3083 100644
--- a/drivers/common/idpf/base/idpf_controlq.c
+++ b/drivers/common/idpf/base/idpf_controlq.c
@@ -248,9 +248,10 @@ int idpf_ctlq_init(struct idpf_hw *hw, u8 num_q,
 	return 0;
 
 init_destroy_qs:
-	LIST_FOR_EACH_ENTRY_SAFE(cq, tmp, &hw->cq_list_head,
-				 idpf_ctlq_info, cq_list)
+	while (!LIST_EMPTY(&hw->cq_list_head)) {
+		cq = LIST_FIRST(&hw->cq_list_head);
 		idpf_ctlq_remove(hw, cq);
+	}
 
 	return err;
 }
@@ -263,9 +264,10 @@ void idpf_ctlq_deinit(struct idpf_hw *hw)
 {
 	struct idpf_ctlq_info *cq = NULL, *tmp = NULL;
 
-	LIST_FOR_EACH_ENTRY_SAFE(cq, tmp, &hw->cq_list_head,
-				 idpf_ctlq_info, cq_list)
+	while (!LIST_EMPTY(&hw->cq_list_head)) {
+		cq = LIST_FIRST(&hw->cq_list_head);
 		idpf_ctlq_remove(hw, cq);
+	}
 }
 
 /**
-- 
2.34.1


^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [PATCH v1] common/idpf: fix heap use after free error
  2025-01-13  8:54 [PATCH v1] common/idpf: fix heap use after free error Praveen Shetty
@ 2025-01-13 16:30 ` Stephen Hemminger
  0 siblings, 0 replies; 2+ messages in thread
From: Stephen Hemminger @ 2025-01-13 16:30 UTC (permalink / raw)
  To: Praveen Shetty; +Cc: bruce.richardson, dev, stable

On Mon, 13 Jan 2025 08:54:04 +0000
Praveen Shetty <praveen.shetty@intel.com> wrote:

> Heap use after free error is detected in AddressSanitizer while quitting
> the testpmd application.Issue is due to accessing the empty control
> queue in the idpf_ctlq_deinit function.idpf_ctlq_deinit function is called
> during the rte_eal_cleanup routine.
> This patch will fix this issue.
> 
> Fixes: fb4ac04e9bfa ("common/idpf: introduce common library")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Praveen Shetty <praveen.shetty@intel.com>

This should not be needed. LIST_FOR_EACH_ENTRY_SAFE part, don't understand.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-01-13 16:30 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-01-13  8:54 [PATCH v1] common/idpf: fix heap use after free error Praveen Shetty
2025-01-13 16:30 ` Stephen Hemminger

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).