From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by dpdk.org (Postfix) with ESMTP id 84B211BCDC; Thu, 20 Dec 2018 15:18:26 +0100 (CET) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id BB78321D45; Thu, 20 Dec 2018 09:18:25 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Thu, 20 Dec 2018 09:18:25 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=monjalon.net; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding:content-type; s=mesmtp; bh=8FpzbM7Y15l8qGC4Vs6DnK38a6IeA7jvPOcNc0DNi8E=; b=czDSSZiamoRI G55+RK5fLkmSFcsxufEBRVv6i5b+dhwfNUKwxao8yqCH6YrNx+dU5uSBsNM0u1T6 MOcHbs1uFTv+LwVxPqMNOpW8SZNPLxE/efJDWG3H4nKrZzyDI81bWRDg12J5spUj ImB76Y+ydEvfMiOlzJ1zLWm05elKjAI= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=8FpzbM7Y15l8qGC4Vs6DnK38a6IeA7jvPOcNc0DNi 8E=; b=Mm/mFNRO0F0IJsnubIp/T6GHLAdrqPNmOGeP3WFN11ojksEMtO6hjRdNq rxuzb9CT7OHFz78o2a44PuScV8w0R46dEsF1nc4iMvyO0eHSwwvsPqxtMGyG5BN8 A7AaUvYtnKBPBtnJ1CICHgcBeKa8Z9yEO2KpwE8qzno8IoOWOYZ924/K7NF/lXJ9 CbVDb7118PM2ocWWk0BGb5hiICS5A7HI6zyqDm9TrBIZNTsQ4jJZCTB1KLMQ0y9Q aVtYhafDllRHw3FtjpjI8EVxhDtS7Yy4Imz6ENo+brU/OBqe8XWTtrez8iU8iwvK Lp5Bonk7aEU19CEYnvLxUBaYKXJWQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtkedrudejfedgieegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfquhhtnecuuegrihhlohhuthemucef tddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvffufffkjg hfggfgtgesthfuredttddtvdenucfhrhhomhepvfhhohhmrghsucfoohhnjhgrlhhonhcu oehthhhomhgrshesmhhonhhjrghlohhnrdhnvghtqeenucfkphepjeejrddufeegrddvtd efrddukeegnecurfgrrhgrmhepmhgrihhlfhhrohhmpehthhhomhgrshesmhhonhhjrghl ohhnrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from xps.localnet (184.203.134.77.rev.sfr.net [77.134.203.184]) by mail.messagingengine.com (Postfix) with ESMTPA id 615A1E4445; Thu, 20 Dec 2018 09:18:24 -0500 (EST) From: Thomas Monjalon To: Yongseok Koh Cc: stable@dpdk.org, "Burakov, Anatoly" , dev@dpdk.org Date: Thu, 20 Dec 2018 15:18:23 +0100 Message-ID: <2873251.GVQA5Hj5eQ@xps> In-Reply-To: <1812ed89-fc60-1298-d789-201bd8a80471@intel.com> References: <20181212111054.35935-1-yskoh@mellanox.com> <1812ed89-fc60-1298-d789-201bd8a80471@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Subject: Re: [dpdk-stable] [PATCH] malloc: fix finding maximum contiguous IOVA size X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Dec 2018 14:18:26 -0000 12/12/2018 12:26, Burakov, Anatoly: > On 12-Dec-18 11:10 AM, Yongseok Koh wrote: > > malloc_elem_find_max_iova_contig() could return invalid size due to a > > missing sanity check. The following gdb output shows how 'cur_size' can be > > invalid in find_biggest_element(). > > > > (gdb) p/x cur_size > > $4 = 0xffffffffffe42900 > > (gdb) p elem > > $1 = (struct malloc_elem *) 0x12e842000 > > (gdb) p *elem > > $2 = {heap = 0x7ffff7ff387c, prev = 0x12e831fc0, next = > > 0x12e842900, free_list = {le_next = 0x109538000, le_prev = > > 0x7ffff7ff3894}, msl = 0x7ffff7ff107c, state = ELEM_FREE, > > pad = 0, size = 2304} > > (gdb) p *elem->msl > > $5 = {{base_va = 0x100200000, addr_64 = 4297064448}, page_sz = > > 2097152, socket_id = 0, version = 790, len = 17179869184, > > external = 0, memseg_arr = {name = "memseg-2048k-0-0", > > '\000' , count = 493, len = 8192, elt_sz > > = 48, data = 0x10002e000, rwlock = {cnt = 0}}} > > > > Fixes: 9fe6bceafd51 ("malloc: add finding biggest free IOVA-contiguous element") > > Cc: stable@dpdk.org > > Cc: anatoly.burakov@intel.com > > > > Signed-off-by: Yongseok Koh > > --- > > Acked-by: Anatoly Burakov Applied, thanks