From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 60208A0C41; Thu, 4 Nov 2021 15:21:03 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2D0FC42725; Thu, 4 Nov 2021 15:21:03 +0100 (CET) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mails.dpdk.org (Postfix) with ESMTP id 59E6F42723 for ; Thu, 4 Nov 2021 15:21:01 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1636035660; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=WBcH+XJiaAcLAw9nIbTGRKqHlQa4Nag0PdIddbmqNwo=; b=aMU+d+tqPD7eYxEdCtZsAPSpmLiJpOkct+5Ff/zw2lEJrRSg8GmkX75fTjrU8Z4uOmwJol BnkJ2e3EAZ+3IwdiNvibqFUcGQUnaXcz+fcMKAJ51DM2MIXdFGOAsbSGAJreMTL0Jy2LyQ eVKnOlU5J4VtKGGXJruQaJ5wbceyL0g= Received: from mail-lj1-f199.google.com (mail-lj1-f199.google.com [209.85.208.199]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-328-Kks70uYVOeS4MBIvDf6KCg-1; Thu, 04 Nov 2021 10:20:59 -0400 X-MC-Unique: Kks70uYVOeS4MBIvDf6KCg-1 Received: by mail-lj1-f199.google.com with SMTP id v23-20020a2e87d7000000b0021768392240so2283474ljj.23 for ; Thu, 04 Nov 2021 07:20:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WBcH+XJiaAcLAw9nIbTGRKqHlQa4Nag0PdIddbmqNwo=; b=CvoD4OgbPFT0qk1VqeBrpJvh0//sV6nleWOLRggSiv/UTlgkOz4yRXmRkDBGmpskbh nOKpVGb8VBrOh3Vstey8dtE8V1svQasDT7oVtFl2hNtiIz/taPvE7qQWYbHTKzhy+udY gyuyzXpQFdi+eVMMPM89IsDeacn6Qjm/9TkCDX9Kby6wMf23pgCbnDTuv0kE6z1HLXPC czCw5fs5Jtwu55c/yWZHDwbnVPig3VZd63ISzt9saou4tYT7esrFSopl8Av6C4gmGuvk vJx6x91sajnb+FNpSgqrcVqpqHXtWGnMZPA5lBkBdteKFNNm4rYAVQ8EGTx3N+e9G/+b uXtg== X-Gm-Message-State: AOAM530wUK7BFM6rlCozJuE/Ba+dbRGpG6UbOq/1CjKoitb5LNYJ14DH vHOMOUTA5DuwpMfVivIA3EcqAtQavV1eah2bE/PcgDFCq0Rz44xHlzhdeH/ojhPzZaFoUb9E/Zz ddFo30x1CNKHZyMW9XBo= X-Received: by 2002:a2e:7f1b:: with SMTP id a27mr52700068ljd.55.1636035658108; Thu, 04 Nov 2021 07:20:58 -0700 (PDT) X-Google-Smtp-Source: ABdhPJysbT9c3ELNsdt71xBGSEZtQWjtliLqfX2l/hmniydfr99rzfqeD8VLltx0NFBjwPPfynVc9KV9Dntwn2X7QkE= X-Received: by 2002:a2e:7f1b:: with SMTP id a27mr52700049ljd.55.1636035657890; Thu, 04 Nov 2021 07:20:57 -0700 (PDT) MIME-Version: 1.0 References: <20211102184020.438-1-david.marchand@redhat.com> <9cfb072b-5fd7-7c1e-0050-6c18776e1a4c@redhat.com> In-Reply-To: <9cfb072b-5fd7-7c1e-0050-6c18776e1a4c@redhat.com> From: David Marchand Date: Thu, 4 Nov 2021 15:20:46 +0100 Message-ID: To: David Marchand Cc: dev , Yu Jiang , Maxime Coquelin , Yan Xia , Zhihong Peng Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=dmarchan@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Subject: Re: [dpdk-dev] [PATCH] eal/linux: fix uevent message parsing X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On Thu, Nov 4, 2021 at 3:00 PM Maxime Coquelin wrote: > On 11/2/21 19:40, David Marchand wrote: > > Caught with ASan: > > ==9727==ERROR: AddressSanitizer: stack-buffer-overflow on address > > 0x7f0daa2fc0d0 at pc 0x7f0daeefacb2 bp 0x7f0daa2fadd0 sp 0x7f0daa2fa578 > > READ of size 1 at 0x7f0daa2fc0d0 thread T1 > > #0 0x7f0daeefacb1 (/lib64/libasan.so.5+0xbacb1) > > #1 0x115eba1 in dev_uev_parse ../lib/eal/linux/eal_dev.c:167 > > #2 0x115f281 in dev_uev_handler ../lib/eal/linux/eal_dev.c:248 > > #3 0x1169b91 in eal_intr_process_interrupts > > ../lib/eal/linux/eal_interrupts.c:1026 > > #4 0x116a3a2 in eal_intr_handle_interrupts > > ../lib/eal/linux/eal_interrupts.c:1100 > > #5 0x116a7f0 in eal_intr_thread_main > > ../lib/eal/linux/eal_interrupts.c:1172 > > #6 0x112640a in ctrl_thread_init > > ../lib/eal/common/eal_common_thread.c:202 > > #7 0x7f0dade27159 in start_thread (/lib64/libpthread.so.0+0x8159) > > #8 0x7f0dadb58f72 in clone (/lib64/libc.so.6+0xfcf72) > > > > Address 0x7f0daa2fc0d0 is located in stack of thread T1 at offset 4192 > > in frame > > #0 0x115f0c9 in dev_uev_handler ../lib/eal/linux/eal_dev.c:226 > > > > This frame has 2 object(s): > > [32, 48) 'uevent' > > [96, 4192) 'buf' <== Memory access at offset 4192 overflows this > > variable > > HINT: this may be a false positive if your program uses some custom > > stack unwind mechanism or swapcontext > > (longjmp and C++ exceptions *are* supported) > > Thread T1 created by T0 here: > > #0 0x7f0daee92ea3 in __interceptor_pthread_create > > (/lib64/libasan.so.5+0x52ea3) > > #1 0x1126542 in rte_ctrl_thread_create > > ../lib/eal/common/eal_common_thread.c:228 > > #2 0x116a8b5 in rte_eal_intr_init > > ../lib/eal/linux/eal_interrupts.c:1200 > > #3 0x1159dd1 in rte_eal_init ../lib/eal/linux/eal.c:1044 > > #4 0x7a22f8 in main ../app/test-pmd/testpmd.c:4105 > > #5 0x7f0dada7f802 in __libc_start_main (/lib64/libc.so.6+0x23802) > > Bugzilla ID: 792 Fixes: 0d0f478d0483 ("eal/linux: add uevent parse and process") Cc: stable@dpdk.org > > Signed-off-by: David Marchand Tested-by: Yan Xia > Reviewed-by: Maxime Coquelin Applied, thanks. -- David Marchand