From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6821F4606C; Mon, 13 Jan 2025 09:54:14 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 36D96402A7; Mon, 13 Jan 2025 09:54:14 +0100 (CET) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) by mails.dpdk.org (Postfix) with ESMTP id 951DB40261; Mon, 13 Jan 2025 09:54:12 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1736758453; x=1768294453; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=WXFh6FgIlNLIBvkf1wwHwY0mzt51BKtkffsKOAzr2UA=; b=FcHuBINEtfcjezEmonLXkfxNdg4k3WjEzLnWCnY5Uacufa7SHF214CjV QE9YGMtGrhahcEnNI9FjUIhOzz/OGIHRQ1eC7a7mpJ9Ex4koDgm7+WzSe pK40QAMy1lcqb7tgRPYzZdrkpGXGgzMSpYZbabl1NxxTgam3bdMQifLQ9 80HtCrp/dPrEjF9Ja/k5jt3c8OCrjiYpHJ/fAUTEZuWrM9LkN53V/UTOe M6h1NSPnlJqkT//feqOIdu0GdTITf5bn71neoysMMpkuaBFCcmS6xSrVA wzbRBB3IqOeSj9AHNICZrMwGub7AYd0wch4GsSxmW5ZlckVuFea0oTUHJ A==; X-CSE-ConnectionGUID: Aa0ALWHJSl2V4XYLZTeLfg== X-CSE-MsgGUID: w2C/CNcVQ22hMqdOV9eSKw== X-IronPort-AV: E=McAfee;i="6700,10204,11313"; a="39821216" X-IronPort-AV: E=Sophos;i="6.12,310,1728975600"; d="scan'208";a="39821216" Received: from fmviesa002.fm.intel.com ([10.60.135.142]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jan 2025 00:54:12 -0800 X-CSE-ConnectionGUID: CpSqc+ibS6qhDNYtZDAPYA== X-CSE-MsgGUID: fzSkABmJR1uX/oz5paUImw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,224,1728975600"; d="scan'208";a="127660891" Received: from silpixa00401164.ir.intel.com ([10.55.128.231]) by fmviesa002.fm.intel.com with ESMTP; 13 Jan 2025 00:54:11 -0800 From: Praveen Shetty To: bruce.richardson@intel.com Cc: dev@dpdk.org, stable@dpdk.org Subject: [PATCH v1] common/idpf: fix heap use after free error Date: Mon, 13 Jan 2025 08:54:04 +0000 Message-Id: <20250113085404.1447006-1-praveen.shetty@intel.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Heap use after free error is detected in AddressSanitizer while quitting the testpmd application.Issue is due to accessing the empty control queue in the idpf_ctlq_deinit function.idpf_ctlq_deinit function is called during the rte_eal_cleanup routine. This patch will fix this issue. Fixes: fb4ac04e9bfa ("common/idpf: introduce common library") Cc: stable@dpdk.org Signed-off-by: Praveen Shetty --- drivers/common/idpf/base/idpf_controlq.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/drivers/common/idpf/base/idpf_controlq.c b/drivers/common/idpf/base/idpf_controlq.c index 4f47759a4f..8f404d3083 100644 --- a/drivers/common/idpf/base/idpf_controlq.c +++ b/drivers/common/idpf/base/idpf_controlq.c @@ -248,9 +248,10 @@ int idpf_ctlq_init(struct idpf_hw *hw, u8 num_q, return 0; init_destroy_qs: - LIST_FOR_EACH_ENTRY_SAFE(cq, tmp, &hw->cq_list_head, - idpf_ctlq_info, cq_list) + while (!LIST_EMPTY(&hw->cq_list_head)) { + cq = LIST_FIRST(&hw->cq_list_head); idpf_ctlq_remove(hw, cq); + } return err; } @@ -263,9 +264,10 @@ void idpf_ctlq_deinit(struct idpf_hw *hw) { struct idpf_ctlq_info *cq = NULL, *tmp = NULL; - LIST_FOR_EACH_ENTRY_SAFE(cq, tmp, &hw->cq_list_head, - idpf_ctlq_info, cq_list) + while (!LIST_EMPTY(&hw->cq_list_head)) { + cq = LIST_FIRST(&hw->cq_list_head); idpf_ctlq_remove(hw, cq); + } } /** -- 2.34.1