From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id E9F9C460FF for ; Thu, 23 Jan 2025 17:12:31 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 15A7240B91; Thu, 23 Jan 2025 17:12:31 +0100 (CET) Received: from mail-pj1-f54.google.com (mail-pj1-f54.google.com [209.85.216.54]) by mails.dpdk.org (Postfix) with ESMTP id A4F894028A for ; Thu, 23 Jan 2025 17:12:28 +0100 (CET) Received: by mail-pj1-f54.google.com with SMTP id 98e67ed59e1d1-2ee50ffcf14so3762722a91.0 for ; Thu, 23 Jan 2025 08:12:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20230601.gappssmtp.com; s=20230601; t=1737648747; x=1738253547; darn=dpdk.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=xdb4K35lO1UoC+xUlRXmJI/3w3pDxl5dUSXNBzUNu4Q=; b=Mb7/5kjyDTlifTl7qhjIKRwftl5pgs4wzgPC0BCmOkbKBMUVS49ljtKHcfCOzkk5Ph eauAGlA5AKjNtt1IP2umnfkiyuPVgHVCJ51//v/dK+FvFra+ccc32xLdWhP4WvIe+HwS /a2y+KNMbP/s6Opzg4NjtmV+FpzaxdP6OCQzDi2Ld535rmnlA+ioUEgWLCPjtPONmvxo pe0QX2KH2a4lOtdxtfn+kUualRvaWoIaBEzfKAVvfSpXmZ3TV7iBzaFMobwya1vK8VAC J4Zu4izoeI+r5UOVIg3cPOgNYtP2/Q1c9Scqsgc1C9bPY0UQ07ICVIQnlCwsE0fksMH0 Ehkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737648747; x=1738253547; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xdb4K35lO1UoC+xUlRXmJI/3w3pDxl5dUSXNBzUNu4Q=; b=lbWNGtsFHPOfkVZnd+3aYUkmsw7TLDxW0d6kcpsyJylAWTOLl/ENx6Rgqjcc5YZ9VF i+sKCqxMA9AXuV2KmgS+7QSzX12qVDAJcC6vzBSK0eA9AG+7Qil0aOl8U187L9dJG5R4 dgryETcnCxANGVYSVNcNWx43tUS9Th8T4dPjJka4/zGkqTt49L2p6JLN9vI2rgj51WUr tX8j552STvcKK8zty068gHx1IBBvufizOjPii7Nt1jdaRcRqHGGytU906LJskhXrwLx2 rsQwDAWEct741phuaiW1xgGugZ8kCittnNu06brD8l3Ba4HZeCzWqoa/YO7qEKGD267J 3eZw== X-Forwarded-Encrypted: i=1; AJvYcCWCdYpEjL76bdLgoQrPNeuGPwhdvMHjsPAhpd2uWLAvXpw97enfD5OrIT2Auj4IcD38pTXSJx0=@dpdk.org X-Gm-Message-State: AOJu0YyReea7De+2UE0unaUWcT0q5nUMs4DtrDWvX2ZXCtZJKBZRZQNW sHyY+zk/0Zyhem2HPLn2LlbNN2TYxUBsvlKuF+icHS6Ud0Z+UQURzFcJaWOcJOE= X-Gm-Gg: ASbGncvwaJcl3kFjaQRcCwkJp813jer+NieWA6XvUYdVfk51UqZuZqxVVEu0ZsB9Csv H6Ot16RPmW/MIuEsE3oE4O6ZOT99Hq8DY44WBtm1zIsV/pixH+TIitxDHkpni5FeH0eYmgXOKzK ua9M1e9TwJTrlY5rDzwgnp0PSH23hY0fRhRXnxM9k2vCWz7S83E02N5QkuRCNbzwZjWQBY3T/ul 7DPjS8R5k1+WZPuf+/4uwYY/8P6Ufshja8U5by4/iGqZHnrF+bslPSevMTczTcjrU6/QnuBWdAP Kcr54YpHPTfhEclH0wMq7ri9ukf1RHBlIjDXRsTxIzGkXNSDK54q6knXow== X-Google-Smtp-Source: AGHT+IFDHIS75Mpro9kPDQtvSUQUXq3yWWEp0zVj7L4NQZxPVHc8a1LIbXMrrHsZII9JpmTkPUbtKQ== X-Received: by 2002:aa7:8496:0:b0:725:d64c:f122 with SMTP id d2e1a72fcca58-72f7d1cfd07mr6050960b3a.2.1737648746913; Thu, 23 Jan 2025 08:12:26 -0800 (PST) Received: from hermes.local (204-195-96-226.wavecable.com. [204.195.96.226]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a69fdfasm102314b3a.9.2025.01.23.08.12.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 23 Jan 2025 08:12:26 -0800 (PST) Date: Thu, 23 Jan 2025 08:12:23 -0800 From: Stephen Hemminger To: David Marchand Cc: Bruce Richardson , Praveen Shetty , dev@dpdk.org, stable@dpdk.org Subject: Re: [PATCH v1] common/idpf: fix heap use after free error Message-ID: <20250123081223.0286dc1f@hermes.local> In-Reply-To: References: <20250113085404.1447006-1-praveen.shetty@intel.com> <20250113083001.611db94d@hermes.local> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org On Thu, 23 Jan 2025 12:43:50 +0100 David Marchand wrote: > On Thu, Jan 23, 2025 at 12:18=E2=80=AFPM Bruce Richardson > wrote: > > > > On Mon, Jan 20, 2025 at 02:32:49PM +0000, Bruce Richardson wrote: =20 > > > On Mon, Jan 13, 2025 at 08:30:01AM -0800, Stephen Hemminger wrote: =20 > > > > On Mon, 13 Jan 2025 08:54:04 +0000 > > > > Praveen Shetty wrote: > > > > =20 > > > > > Heap use after free error is detected in AddressSanitizer while q= uitting > > > > > the testpmd application.Issue is due to accessing the empty contr= ol > > > > > queue in the idpf_ctlq_deinit function.idpf_ctlq_deinit function = is called > > > > > during the rte_eal_cleanup routine. > > > > > This patch will fix this issue. > > > > > > > > > > Fixes: fb4ac04e9bfa ("common/idpf: introduce common library") > > > > > Cc: stable@dpdk.org > > > > > > > > > > Signed-off-by: Praveen Shetty =20 > > > > > > > > This should not be needed. LIST_FOR_EACH_ENTRY_SAFE part, don't und= erstand. =20 > > > > > > I would tend to agree. Is there an actual confirmed bug here? If so, = then > > > either our standard list macros are broken, or the code using them is= doing > > > something rather strange. > > > =20 > > > > I followed up on with with Praveen, and he went through the code and > > possible solutions with me. The issue flagged by ASAN is correct, becau= se > > it turns out that the version of the _SAFE macro provided in this > > particular driver is not actually safe! :-( > > > > There are therefore two options to fixing this: 1) fix the macro/use a > > different copy of the macro, or 2) rework the code as in this patch and= drop > > the macro. Copies of the driver in other OS use the style given in this= patch, > > so we will go with the second option. However, we will do a v2 to inclu= de > > the removal of the bad macro, alongside fixing this. That should hopefu= lly > > prevent this issue from reoccurring. > > > > Praveen, will review v2 when you send it. =20 >=20 > Sorry, I am not following. >=20 > 1) seems the best way as it does not require touching base driver code. > Afaiu, the LIST_FOR_EACH_ENTRY_SAFE macro is defined in the > "abstraction" header that is DPDK specific > (drivers/common/idpf/base/idpf_osdep.h). >=20 > There is already an implementation of LIST_FOR_EACH_ENTRY_SAFE in > driver/net/ice/base/ice_osdep.h. >=20 > (note that it may be worth providing such a macro in a common place in > DPDK and remove copies of it in various drivers). Yes, all the variants of LIST and TAILQ macros from FreeBSD should be added, maybe a DPDK version of queue.h?