From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <olivier.matz@6wind.com>
Received: from mail.droids-corp.org (zoll.droids-corp.org [94.23.50.67])
by dpdk.org (Postfix) with ESMTP id 54F9A5692
for <dev@dpdk.org>; Mon, 25 Jul 2016 18:30:55 +0200 (CEST)
Received: from alille-653-1-523-220.w90-58.abo.wanadoo.fr ([90.58.223.220]
helo=[192.168.1.13])
by mail.droids-corp.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.84_2) (envelope-from <olivier.matz@6wind.com>)
id 1bRiot-0003kg-RO; Mon, 25 Jul 2016 18:33:32 +0200
To: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>, dev@dpdk.org
References: <1469203278-91363-1-git-send-email-sergio.gonzalez.monroy@intel.com>
<1469203278-91363-2-git-send-email-sergio.gonzalez.monroy@intel.com>
Cc: thomas.monjalon@6wind.com
From: Olivier Matz <olivier.matz@6wind.com>
Message-ID: <b7fe1c73-aba2-f6e8-0526-fcfd8824905a@6wind.com>
Date: Mon, 25 Jul 2016 18:30:46 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
Icedove/45.1.0
MIME-Version: 1.0
In-Reply-To: <1469203278-91363-2-git-send-email-sergio.gonzalez.monroy@intel.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [dpdk-dev] [PATCH 2/2] mempool: fix unsafe tailq element removal
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
<mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jul 2016 16:30:55 -0000
Hi Sergio,
On 07/22/2016 06:01 PM, Sergio Gonzalez Monroy wrote:
> Potentially user provided function could remove/free tailq elements.
> Doing so within a TAILQ_FOREACH loop is not safe.
>
> Use _SAFE versions of _FOREACH macros.
>
> Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
> ---
> lib/librte_mempool/rte_mempool.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/lib/librte_mempool/rte_mempool.c b/lib/librte_mempool/rte_mempool.c
> index 8806633..394154a 100644
> --- a/lib/librte_mempool/rte_mempool.c
> +++ b/lib/librte_mempool/rte_mempool.c
> @@ -157,10 +157,10 @@ rte_mempool_obj_iter(struct rte_mempool *mp,
> rte_mempool_obj_cb_t *obj_cb, void *obj_cb_arg)
> {
> struct rte_mempool_objhdr *hdr;
> - void *obj;
> + void *obj, *temp;
> unsigned n = 0;
>
> - STAILQ_FOREACH(hdr, &mp->elt_list, next) {
> + STAILQ_FOREACH_SAFE(hdr, &mp->elt_list, next, temp) {
> obj = (char *)hdr + sizeof(*hdr);
> obj_cb(mp, obj_cb_arg, obj, n);
> n++;
> @@ -176,8 +176,9 @@ rte_mempool_mem_iter(struct rte_mempool *mp,
> {
> struct rte_mempool_memhdr *hdr;
> unsigned n = 0;
> + void *temp;
>
> - STAILQ_FOREACH(hdr, &mp->mem_list, next) {
> + STAILQ_FOREACH_SAFE(hdr, &mp->mem_list, next, temp) {
> mem_cb(mp, mem_cb_arg, hdr, n);
> n++;
> }
Not sure it is required to use the _SAFE() variant here.
The object or mem_chunk should be considered as const, because these
objects are not allocated/freed by the user but by the mempool functions.
> @@ -1283,12 +1284,13 @@ void rte_mempool_walk(void (*func)(struct rte_mempool *, void *),
> {
> struct rte_tailq_entry *te = NULL;
> struct rte_mempool_list *mempool_list;
> + void *temp;
>
> mempool_list = RTE_TAILQ_CAST(rte_mempool_tailq.head, rte_mempool_list);
>
> rte_rwlock_read_lock(RTE_EAL_MEMPOOL_RWLOCK);
>
> - TAILQ_FOREACH(te, mempool_list, next) {
> + TAILQ_FOREACH_SAFE(te, mempool_list, next, temp) {
> (*func)((struct rte_mempool *) te->data, arg);
> }
>
>
I think this one is legitimate and we should have it for 16.07.
So only this hunk would be required, and the patch 1/2 may be dropped if
we remove the first 2 chunks.
Regards,
Olivier