[dpdk-dev] [PATCH] Correctly handle malloc

DPDK patches and discussions
 help / color / mirror / Atom feed

* [dpdk-dev] [PATCH] Correctly handle malloc_elem resize with padding
@ 2017-05-31  0:09 Jamie Lavigne
  2017-05-31  0:16 ` [dpdk-dev] [PATCH v2] " Jamie Lavigne
  0 siblings, 1 reply; 7+ messages in thread
From: Jamie Lavigne @ 2017-05-31  0:09 UTC (permalink / raw)
  To: dev; +Cc: Jamie Lavigne

Currently when a malloc_elem is split after resizing, any padding
present in the elem is ignored.  This causes the resized elem to be too
small when padding is present, and user data can overwrite the beginning
of the following malloc_elem.

Solve this by including the size of the padding when computing where to
split the malloc_elem.

Signed-off-by: Jamie Lavigne <lavignen@amazon.com>
---
 lib/librte_eal/common/malloc_elem.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/librte_eal/common/malloc_elem.c b/lib/librte_eal/common/malloc_elem.c
index 42568e1..2ed1942 100644
--- a/lib/librte_eal/common/malloc_elem.c
+++ b/lib/librte_eal/common/malloc_elem.c
@@ -333,9 +333,11 @@ malloc_elem_resize(struct malloc_elem *elem, size_t size)
 	elem_free_list_remove(next);
 	join_elem(elem, next);
 
-	if (elem->size - new_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD){
+	const size_t new_total_size = new_size + elem->pad;
+
+	if (elem->size - new_total_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD){
 		/* now we have a big block together. Lets cut it down a bit, by splitting */
-		struct malloc_elem *split_pt = RTE_PTR_ADD(elem, new_size);
+		struct malloc_elem *split_pt = RTE_PTR_ADD(elem, new_total_size);
 		split_pt = RTE_PTR_ALIGN_CEIL(split_pt, RTE_CACHE_LINE_SIZE);
 		split_elem(elem, split_pt);
 		malloc_elem_free_list_insert(split_pt);
-- 
2.7.3.AMZN

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [dpdk-dev] [PATCH v2] Correctly handle malloc_elem resize with padding
  2017-05-31  0:09 [dpdk-dev] [PATCH] Correctly handle malloc_elem resize with padding Jamie Lavigne
@ 2017-05-31  0:16 ` Jamie Lavigne
  2017-06-06 14:18   ` Sergio Gonzalez Monroy
  2017-06-08 19:12   ` [dpdk-dev] [PATCH v3] mem: fix " Jamie Lavigne
  0 siblings, 2 replies; 7+ messages in thread
From: Jamie Lavigne @ 2017-05-31  0:16 UTC (permalink / raw)
  To: dev; +Cc: Jamie Lavigne

Currently when a malloc_elem is split after resizing, any padding
present in the elem is ignored.  This causes the resized elem to be too
small when padding is present, and user data can overwrite the beginning
of the following malloc_elem.

Solve this by including the size of the padding when computing where to
split the malloc_elem.

Signed-off-by: Jamie Lavigne <lavignen@amazon.com>
---
 lib/librte_eal/common/malloc_elem.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/librte_eal/common/malloc_elem.c b/lib/librte_eal/common/malloc_elem.c
index 42568e1..8766fa8 100644
--- a/lib/librte_eal/common/malloc_elem.c
+++ b/lib/librte_eal/common/malloc_elem.c
@@ -333,9 +333,11 @@ malloc_elem_resize(struct malloc_elem *elem, size_t size)
 	elem_free_list_remove(next);
 	join_elem(elem, next);
 
-	if (elem->size - new_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD){
+	const size_t new_total_size = new_size + elem->pad;
+
+	if (elem->size - new_total_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD) {
 		/* now we have a big block together. Lets cut it down a bit, by splitting */
-		struct malloc_elem *split_pt = RTE_PTR_ADD(elem, new_size);
+		struct malloc_elem *split_pt = RTE_PTR_ADD(elem, new_total_size);
 		split_pt = RTE_PTR_ALIGN_CEIL(split_pt, RTE_CACHE_LINE_SIZE);
 		split_elem(elem, split_pt);
 		malloc_elem_free_list_insert(split_pt);
-- 
2.7.3.AMZN

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-dev] [PATCH v2] Correctly handle malloc_elem resize with padding
  2017-05-31  0:16 ` [dpdk-dev] [PATCH v2] " Jamie Lavigne
@ 2017-06-06 14:18   ` Sergio Gonzalez Monroy
  2017-06-08 19:07     ` Lavigne, Jamie
  2017-06-08 19:12   ` [dpdk-dev] [PATCH v3] mem: fix " Jamie Lavigne
  1 sibling, 1 reply; 7+ messages in thread
From: Sergio Gonzalez Monroy @ 2017-06-06 14:18 UTC (permalink / raw)
  To: dev, Jamie Lavigne

Hi Jamie,

On 31/05/2017 01:16, Jamie Lavigne wrote:
> Currently when a malloc_elem is split after resizing, any padding
> present in the elem is ignored.  This causes the resized elem to be too
> small when padding is present, and user data can overwrite the beginning
> of the following malloc_elem.
>
> Solve this by including the size of the padding when computing where to
> split the malloc_elem.

Nice catch!

Could you please rework commit format a bit:
- Add 'mem:' as prefix in your patch title
- I would mention in the title that this is a fix
- Provide 'Fixes' line in commit message

> Signed-off-by: Jamie Lavigne <lavignen@amazon.com>
> ---
>   lib/librte_eal/common/malloc_elem.c | 6 ++++--
>   1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/lib/librte_eal/common/malloc_elem.c b/lib/librte_eal/common/malloc_elem.c
> index 42568e1..8766fa8 100644
> --- a/lib/librte_eal/common/malloc_elem.c
> +++ b/lib/librte_eal/common/malloc_elem.c
> @@ -333,9 +333,11 @@ malloc_elem_resize(struct malloc_elem *elem, size_t size)
>   	elem_free_list_remove(next);
>   	join_elem(elem, next);
>   
> -	if (elem->size - new_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD){
> +	const size_t new_total_size = new_size + elem->pad;
> +
> +	if (elem->size - new_total_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD) {
>   		/* now we have a big block together. Lets cut it down a bit, by splitting */
> -		struct malloc_elem *split_pt = RTE_PTR_ADD(elem, new_size);
> +		struct malloc_elem *split_pt = RTE_PTR_ADD(elem, new_total_size);
>   		split_pt = RTE_PTR_ALIGN_CEIL(split_pt, RTE_CACHE_LINE_SIZE);
>   		split_elem(elem, split_pt);
>   		malloc_elem_free_list_insert(split_pt);

This indeed fixes the issue you have mentioned. I was thinking of the 
following fix instead:
- Add elem->pad to new_size
- Remove current_size var and instead use elem->size

I think those changes should have the same result while removing a 
couple of vars from the function, which I hope would be easier to read.

What do you think?

Thanks,
Sergio

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-dev] [PATCH v2] Correctly handle malloc_elem resize with padding
  2017-06-06 14:18   ` Sergio Gonzalez Monroy
@ 2017-06-08 19:07     ` Lavigne, Jamie
  0 siblings, 0 replies; 7+ messages in thread
From: Lavigne, Jamie @ 2017-06-08 19:07 UTC (permalink / raw)
  To: Sergio Gonzalez Monroy, dev

Hi Sergio,

> Hi Jamie, 
> 
> On 31/05/2017 01:16, Jamie Lavigne wrote: 
> > Currently when a malloc_elem is split after resizing, any padding 
> > present in the elem is ignored.  This causes the resized elem to be too 
> > small when padding is present, and user data can overwrite the beginning 
> > of the following malloc_elem. 
> > 
> > Solve this by including the size of the padding when computing where to 
> > split the malloc_elem. 
>  
> Nice catch! 
>  
> Could you please rework commit format a bit: 
> - Add 'mem:' as prefix in your patch title 
> - I would mention in the title that this is a fix 
> - Provide 'Fixes' line in commit message 

Updated.

>  
> > Signed-off-by: Jamie Lavigne <lavignen@amazon.com> 
> > --- 
> >   lib/librte_eal/common/malloc_elem.c | 6 ++++-- 
> >   1 file changed, 4 insertions(+), 2 deletions(-) 
> > 
> > diff --git a/lib/librte_eal/common/malloc_elem.c b/lib/librte_eal/common/malloc_elem.c 
> > index 42568e1..8766fa8 100644 
> > --- a/lib/librte_eal/common/malloc_elem.c 
> > +++ b/lib/librte_eal/common/malloc_elem.c 
> > @@ -333,9 +333,11 @@ malloc_elem_resize(struct malloc_elem *elem, size_t size) 
> >       elem_free_list_remove(next); 
> >       join_elem(elem, next); 
> > 
> > -     if (elem->size - new_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD){ 
> > +     const size_t new_total_size = new_size + elem->pad; 
> > + 
> > +     if (elem->size - new_total_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD) { 
> >               /* now we have a big block together. Lets cut it down a bit, by splitting */ 
> > -             struct malloc_elem *split_pt = RTE_PTR_ADD(elem, new_size); 
> > +             struct malloc_elem *split_pt = RTE_PTR_ADD(elem, new_total_size); 
> >               split_pt = RTE_PTR_ALIGN_CEIL(split_pt, RTE_CACHE_LINE_SIZE); 
> >               split_elem(elem, split_pt); 
> >               malloc_elem_free_list_insert(split_pt); 
>  
> This indeed fixes the issue you have mentioned. I was thinking of the 
> following fix instead: 
> - Add elem->pad to new_size 
> - Remove current_size var and instead use elem->size 
>  
> I think those changes should have the same result while removing a 
> couple of vars from the function, which I hope would be easier to read. 
>  
> What do you think? 

I like this.  It looks equivalent to my solution, but simpler.  I will post an updated patch.

Jamie

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [dpdk-dev] [PATCH v3] mem: fix malloc_elem resize with padding
  2017-05-31  0:16 ` [dpdk-dev] [PATCH v2] " Jamie Lavigne
  2017-06-06 14:18   ` Sergio Gonzalez Monroy
@ 2017-06-08 19:12   ` Jamie Lavigne
  2017-06-20 10:18     ` Sergio Gonzalez Monroy
  1 sibling, 1 reply; 7+ messages in thread
From: Jamie Lavigne @ 2017-06-08 19:12 UTC (permalink / raw)
  To: dev; +Cc: sergio.gonzalez.monroy, Jamie Lavigne

Currently when a malloc_elem is split after resizing, any padding
present in the elem is ignored.  This causes the resized elem to be too
small when padding is present, and user data can overwrite the beginning
of the following malloc_elem.

Solve this by including the size of the padding when computing where to
split the malloc_elem.

Fixes: af75078fece3 ("first public release")

Signed-off-by: Jamie Lavigne <lavignen@amazon.com>
---
 lib/librte_eal/common/malloc_elem.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/lib/librte_eal/common/malloc_elem.c b/lib/librte_eal/common/malloc_elem.c
index 42568e1..08516af 100644
--- a/lib/librte_eal/common/malloc_elem.c
+++ b/lib/librte_eal/common/malloc_elem.c
@@ -314,17 +314,16 @@ malloc_elem_free(struct malloc_elem *elem)
 int
 malloc_elem_resize(struct malloc_elem *elem, size_t size)
 {
-	const size_t new_size = size + MALLOC_ELEM_OVERHEAD;
+	const size_t new_size = size + elem->pad + MALLOC_ELEM_OVERHEAD;
 	/* if we request a smaller size, then always return ok */
-	const size_t current_size = elem->size - elem->pad;
-	if (current_size >= new_size)
+	if (elem->size >= new_size)
 		return 0;
 
 	struct malloc_elem *next = RTE_PTR_ADD(elem, elem->size);
 	rte_spinlock_lock(&elem->heap->lock);
 	if (next ->state != ELEM_FREE)
 		goto err_return;
-	if (current_size + next->size < new_size)
+	if (elem->size + next->size < new_size)
 		goto err_return;
 
 	/* we now know the element fits, so remove from free list,
@@ -333,7 +332,7 @@ malloc_elem_resize(struct malloc_elem *elem, size_t size)
 	elem_free_list_remove(next);
 	join_elem(elem, next);
 
-	if (elem->size - new_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD){
+	if (elem->size - new_size >= MIN_DATA_SIZE + MALLOC_ELEM_OVERHEAD) {
 		/* now we have a big block together. Lets cut it down a bit, by splitting */
 		struct malloc_elem *split_pt = RTE_PTR_ADD(elem, new_size);
 		split_pt = RTE_PTR_ALIGN_CEIL(split_pt, RTE_CACHE_LINE_SIZE);
-- 
2.7.3.AMZN

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-dev] [PATCH v3] mem: fix malloc_elem resize with padding
  2017-06-08 19:12   ` [dpdk-dev] [PATCH v3] mem: fix " Jamie Lavigne
@ 2017-06-20 10:18     ` Sergio Gonzalez Monroy
  2017-06-28 21:12       ` Thomas Monjalon
  0 siblings, 1 reply; 7+ messages in thread
From: Sergio Gonzalez Monroy @ 2017-06-20 10:18 UTC (permalink / raw)
  To: Jamie Lavigne, dev

On 08/06/2017 20:12, Jamie Lavigne wrote:
> Currently when a malloc_elem is split after resizing, any padding
> present in the elem is ignored.  This causes the resized elem to be too
> small when padding is present, and user data can overwrite the beginning
> of the following malloc_elem.
>
> Solve this by including the size of the padding when computing where to
> split the malloc_elem.
>
> Fixes: af75078fece3 ("first public release")
>
> Signed-off-by: Jamie Lavigne <lavignen@amazon.com>
> ---

Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-dev] [PATCH v3] mem: fix malloc_elem resize with padding
  2017-06-20 10:18     ` Sergio Gonzalez Monroy
@ 2017-06-28 21:12       ` Thomas Monjalon
  0 siblings, 0 replies; 7+ messages in thread
From: Thomas Monjalon @ 2017-06-28 21:12 UTC (permalink / raw)
  To: Jamie Lavigne; +Cc: dev, Sergio Gonzalez Monroy

20/06/2017 12:18, Sergio Gonzalez Monroy:
> On 08/06/2017 20:12, Jamie Lavigne wrote:
> > Currently when a malloc_elem is split after resizing, any padding
> > present in the elem is ignored.  This causes the resized elem to be too
> > small when padding is present, and user data can overwrite the beginning
> > of the following malloc_elem.
> >
> > Solve this by including the size of the padding when computing where to
> > split the malloc_elem.
> >
> > Fixes: af75078fece3 ("first public release")
> >
> > Signed-off-by: Jamie Lavigne <lavignen@amazon.com>
> 
> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>

Applied, thanks

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2017-06-28 21:12 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-05-31  0:09 [dpdk-dev] [PATCH] Correctly handle malloc_elem resize with padding Jamie Lavigne
2017-05-31  0:16 ` [dpdk-dev] [PATCH v2] " Jamie Lavigne
2017-06-06 14:18   ` Sergio Gonzalez Monroy
2017-06-08 19:07     ` Lavigne, Jamie
2017-06-08 19:12   ` [dpdk-dev] [PATCH v3] mem: fix " Jamie Lavigne
2017-06-20 10:18     ` Sergio Gonzalez Monroy
2017-06-28 21:12       ` Thomas Monjalon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).