From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.droids-corp.org (zoll.droids-corp.org [94.23.50.67]) by dpdk.org (Postfix) with ESMTP id 54F9A5692 for ; Mon, 25 Jul 2016 18:30:55 +0200 (CEST) Received: from alille-653-1-523-220.w90-58.abo.wanadoo.fr ([90.58.223.220] helo=[192.168.1.13]) by mail.droids-corp.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1bRiot-0003kg-RO; Mon, 25 Jul 2016 18:33:32 +0200 To: Sergio Gonzalez Monroy , dev@dpdk.org References: <1469203278-91363-1-git-send-email-sergio.gonzalez.monroy@intel.com> <1469203278-91363-2-git-send-email-sergio.gonzalez.monroy@intel.com> Cc: thomas.monjalon@6wind.com From: Olivier Matz Message-ID: Date: Mon, 25 Jul 2016 18:30:46 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.1.0 MIME-Version: 1.0 In-Reply-To: <1469203278-91363-2-git-send-email-sergio.gonzalez.monroy@intel.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] [PATCH 2/2] mempool: fix unsafe tailq element removal X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jul 2016 16:30:55 -0000 Hi Sergio, On 07/22/2016 06:01 PM, Sergio Gonzalez Monroy wrote: > Potentially user provided function could remove/free tailq elements. > Doing so within a TAILQ_FOREACH loop is not safe. > > Use _SAFE versions of _FOREACH macros. > > Signed-off-by: Sergio Gonzalez Monroy > --- > lib/librte_mempool/rte_mempool.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > > diff --git a/lib/librte_mempool/rte_mempool.c b/lib/librte_mempool/rte_mempool.c > index 8806633..394154a 100644 > --- a/lib/librte_mempool/rte_mempool.c > +++ b/lib/librte_mempool/rte_mempool.c > @@ -157,10 +157,10 @@ rte_mempool_obj_iter(struct rte_mempool *mp, > rte_mempool_obj_cb_t *obj_cb, void *obj_cb_arg) > { > struct rte_mempool_objhdr *hdr; > - void *obj; > + void *obj, *temp; > unsigned n = 0; > > - STAILQ_FOREACH(hdr, &mp->elt_list, next) { > + STAILQ_FOREACH_SAFE(hdr, &mp->elt_list, next, temp) { > obj = (char *)hdr + sizeof(*hdr); > obj_cb(mp, obj_cb_arg, obj, n); > n++; > @@ -176,8 +176,9 @@ rte_mempool_mem_iter(struct rte_mempool *mp, > { > struct rte_mempool_memhdr *hdr; > unsigned n = 0; > + void *temp; > > - STAILQ_FOREACH(hdr, &mp->mem_list, next) { > + STAILQ_FOREACH_SAFE(hdr, &mp->mem_list, next, temp) { > mem_cb(mp, mem_cb_arg, hdr, n); > n++; > } Not sure it is required to use the _SAFE() variant here. The object or mem_chunk should be considered as const, because these objects are not allocated/freed by the user but by the mempool functions. > @@ -1283,12 +1284,13 @@ void rte_mempool_walk(void (*func)(struct rte_mempool *, void *), > { > struct rte_tailq_entry *te = NULL; > struct rte_mempool_list *mempool_list; > + void *temp; > > mempool_list = RTE_TAILQ_CAST(rte_mempool_tailq.head, rte_mempool_list); > > rte_rwlock_read_lock(RTE_EAL_MEMPOOL_RWLOCK); > > - TAILQ_FOREACH(te, mempool_list, next) { > + TAILQ_FOREACH_SAFE(te, mempool_list, next, temp) { > (*func)((struct rte_mempool *) te->data, arg); > } > > I think this one is legitimate and we should have it for 16.07. So only this hunk would be required, and the patch 1/2 may be dropped if we remove the first 2 chunks. Regards, Olivier