From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 3B93D460FF; Thu, 23 Jan 2025 17:12:30 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id B930C40B8D; Thu, 23 Jan 2025 17:12:29 +0100 (CET) Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com [209.85.216.41]) by mails.dpdk.org (Postfix) with ESMTP id 8996440261 for ; Thu, 23 Jan 2025 17:12:28 +0100 (CET) Received: by mail-pj1-f41.google.com with SMTP id 98e67ed59e1d1-2ee50ffcf14so3762721a91.0 for ; Thu, 23 Jan 2025 08:12:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20230601.gappssmtp.com; s=20230601; t=1737648747; x=1738253547; darn=dpdk.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=xdb4K35lO1UoC+xUlRXmJI/3w3pDxl5dUSXNBzUNu4Q=; b=Mb7/5kjyDTlifTl7qhjIKRwftl5pgs4wzgPC0BCmOkbKBMUVS49ljtKHcfCOzkk5Ph eauAGlA5AKjNtt1IP2umnfkiyuPVgHVCJ51//v/dK+FvFra+ccc32xLdWhP4WvIe+HwS /a2y+KNMbP/s6Opzg4NjtmV+FpzaxdP6OCQzDi2Ld535rmnlA+ioUEgWLCPjtPONmvxo pe0QX2KH2a4lOtdxtfn+kUualRvaWoIaBEzfKAVvfSpXmZ3TV7iBzaFMobwya1vK8VAC J4Zu4izoeI+r5UOVIg3cPOgNYtP2/Q1c9Scqsgc1C9bPY0UQ07ICVIQnlCwsE0fksMH0 Ehkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737648747; x=1738253547; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xdb4K35lO1UoC+xUlRXmJI/3w3pDxl5dUSXNBzUNu4Q=; b=lI6T/tbrQgX0j4NAkwxaoPGmf8X2S3I2x2RtF+eXSxwKPJ23x9JhP79ln1MEVfpdzS Ish9lzZ10srkmQqzzZ2xgzWx4jcI4FAtU0cvYEB4QMvVK59MuMz7d3Beh4ho4wsKwwud SrFwYi4s+YaY8K8IyBqy7Fr5xd2FSVWgwa+5JwFiYu8ogCx4Quxu4d05JFopUt6kWJcn jdPOOVzyxccXgkbZAK+rpZLlYgO11pss6tcH5nIrhmC0JPvpvWtziXyaYL2sZthyK6h6 VLAxAz2HibC48Q2qn5LPfXFxOa0l6JX2l1IwDU2CF8rTsENpcYrWJ+vKQBNiXMFo41eE Scnw== X-Forwarded-Encrypted: i=1; AJvYcCW/8pRyNmT5dcyTU5lhhcloW7Cnh0ShAKgC8V8eJrN5HcDfnKNsD1S11IdgJQ1uRJcFzkc=@dpdk.org X-Gm-Message-State: AOJu0YxFsBROpBB13Ib0bZiKtGZHvdnKTtysQKThqgh+L9a/zfTp26qI wUYmBzvjYg68JPzgukY5T/9M1ymg7PBT2j+CxzjlUz5v9bhgYSg37qMlxc6gD3Y= X-Gm-Gg: ASbGnctm5GPlioymNtb/aA8I82bucIE0asP8DUS9FgHnDk74YXqwup0tw7wB8/E20gm Uq8EmFID+G7R1/NcXp0UzVD/p9wl6UZ6USpSc/XTeRNdIQWF11t84UucKuVffF2jfxbEBU5un4J yGqz4kTMVyZJQoEUV7XiALuyAhzB+9Rek8A0W615EUSfedll1Wp5rjxyX3ZsUzbio9BElN6yV4f WrZYa2Miwa6WsleM8ozcOfZjwK12nMfFKze8FKgF3kUkRiBw3MGH1m32yPC21gMEWHuZvbz7yVR xcGwp9QY6X7vCfoggTcjFEXalojZd+zeuBkwQdoLBAjyFFskX7OqyB9b6Q== X-Google-Smtp-Source: AGHT+IFDHIS75Mpro9kPDQtvSUQUXq3yWWEp0zVj7L4NQZxPVHc8a1LIbXMrrHsZII9JpmTkPUbtKQ== X-Received: by 2002:aa7:8496:0:b0:725:d64c:f122 with SMTP id d2e1a72fcca58-72f7d1cfd07mr6050960b3a.2.1737648746913; Thu, 23 Jan 2025 08:12:26 -0800 (PST) Received: from hermes.local (204-195-96-226.wavecable.com. [204.195.96.226]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a69fdfasm102314b3a.9.2025.01.23.08.12.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 23 Jan 2025 08:12:26 -0800 (PST) Date: Thu, 23 Jan 2025 08:12:23 -0800 From: Stephen Hemminger To: David Marchand Cc: Bruce Richardson , Praveen Shetty , dev@dpdk.org, stable@dpdk.org Subject: Re: [PATCH v1] common/idpf: fix heap use after free error Message-ID: <20250123081223.0286dc1f@hermes.local> In-Reply-To: References: <20250113085404.1447006-1-praveen.shetty@intel.com> <20250113083001.611db94d@hermes.local> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On Thu, 23 Jan 2025 12:43:50 +0100 David Marchand wrote: > On Thu, Jan 23, 2025 at 12:18=E2=80=AFPM Bruce Richardson > wrote: > > > > On Mon, Jan 20, 2025 at 02:32:49PM +0000, Bruce Richardson wrote: =20 > > > On Mon, Jan 13, 2025 at 08:30:01AM -0800, Stephen Hemminger wrote: =20 > > > > On Mon, 13 Jan 2025 08:54:04 +0000 > > > > Praveen Shetty wrote: > > > > =20 > > > > > Heap use after free error is detected in AddressSanitizer while q= uitting > > > > > the testpmd application.Issue is due to accessing the empty contr= ol > > > > > queue in the idpf_ctlq_deinit function.idpf_ctlq_deinit function = is called > > > > > during the rte_eal_cleanup routine. > > > > > This patch will fix this issue. > > > > > > > > > > Fixes: fb4ac04e9bfa ("common/idpf: introduce common library") > > > > > Cc: stable@dpdk.org > > > > > > > > > > Signed-off-by: Praveen Shetty =20 > > > > > > > > This should not be needed. LIST_FOR_EACH_ENTRY_SAFE part, don't und= erstand. =20 > > > > > > I would tend to agree. Is there an actual confirmed bug here? If so, = then > > > either our standard list macros are broken, or the code using them is= doing > > > something rather strange. > > > =20 > > > > I followed up on with with Praveen, and he went through the code and > > possible solutions with me. The issue flagged by ASAN is correct, becau= se > > it turns out that the version of the _SAFE macro provided in this > > particular driver is not actually safe! :-( > > > > There are therefore two options to fixing this: 1) fix the macro/use a > > different copy of the macro, or 2) rework the code as in this patch and= drop > > the macro. Copies of the driver in other OS use the style given in this= patch, > > so we will go with the second option. However, we will do a v2 to inclu= de > > the removal of the bad macro, alongside fixing this. That should hopefu= lly > > prevent this issue from reoccurring. > > > > Praveen, will review v2 when you send it. =20 >=20 > Sorry, I am not following. >=20 > 1) seems the best way as it does not require touching base driver code. > Afaiu, the LIST_FOR_EACH_ENTRY_SAFE macro is defined in the > "abstraction" header that is DPDK specific > (drivers/common/idpf/base/idpf_osdep.h). >=20 > There is already an implementation of LIST_FOR_EACH_ENTRY_SAFE in > driver/net/ice/base/ice_osdep.h. >=20 > (note that it may be worth providing such a macro in a common place in > DPDK and remove copies of it in various drivers). Yes, all the variants of LIST and TAILQ macros from FreeBSD should be added, maybe a DPDK version of queue.h?