patches for DPDK stable branches
 help / color / mirror / Atom feed
From: Bing Zhao <bingz@mellanox.com>
To: David Marchand <david.marchand@redhat.com>,
	"Burakov, Anatoly" <anatoly.burakov@intel.com>
Cc: Thomas Monjalon <thomas@monjalon.net>, dev <dev@dpdk.org>,
	dpdk stable <stable@dpdk.org>,
	"sergio.gonzalez.monroy@intel.com"
	<sergio.gonzalez.monroy@intel.com>
Subject: Re: [dpdk-stable] [PATCH v2] mem: fix the alloc size roundup overflow
Date: Thu, 7 May 2020 12:16:09 +0000
Message-ID: <VI1PR05MB4192EBCFADC1DF2545315F43DDA50@VI1PR05MB4192.eurprd05.prod.outlook.com> (raw)
In-Reply-To: <CAJFAV8zm=cEMSN2swGRMpmzDt4B6m_ZN1+jrFTXpGM6S=2etKQ@mail.gmail.com>

Hi David,
I've changed the space into tabs in v3 and suppressed this one.

Thanks a lot

BR. Bing

> -----Original Message-----
> From: David Marchand <david.marchand@redhat.com>
> Sent: Thursday, May 7, 2020 8:12 PM
> To: Burakov, Anatoly <anatoly.burakov@intel.com>; Bing Zhao
> <bingz@mellanox.com>
> Cc: Thomas Monjalon <thomas@monjalon.net>; dev <dev@dpdk.org>;
> dpdk stable <stable@dpdk.org>; sergio.gonzalez.monroy@intel.com
> Subject: Re: [dpdk-stable] [PATCH v2] mem: fix the alloc size roundup
> overflow
> 
> On Thu, May 7, 2020 at 1:55 PM Burakov, Anatoly
> <anatoly.burakov@intel.com> wrote:
> >
> > On 07-May-20 8:41 AM, Bing Zhao wrote:
> > > The size checking is done in the caller. The size parameter is an
> > > unsigned (64b wide) right now, so the comparison with zero should
> be
> > > enough in most cases. But it won't help in the following case.
> > > If the allocating request input a huge number by mistake, e.g.,
> some
> > > overflow after the calculation (especially subtraction), the
> > > checking in the caller will succeed since it is not zero. Indeed,
> > > there is not enough space in the system to support such huge
> memory allocation.
> > > Usually it will return failure in the following code. But if the
> > > input size is just a little smaller than the UINT64_MAX, like -2 in
> > > signed type.
> > > The roundup will cause an overflow and then "reset" the size to 0,
> > > and then only a header (128B now) with zero length will be
> returned.
> > > The following will be the previous allocation header.
> > > It should be OK in most cases if the application won't access the
> > > memory body. Or else, some critical issue will be caused and not
> > > easy to debug. So this issue should be prevented at the beginning,
> > > like other big size failure, NULL pointer should be returned also.
> > >
> > > Fixes: fdf20fa7bee9 ("add prefix to cache line macros")
> > > Cc: stable@dpdk.org
> > >
> > > Signed-off-by: Bing Zhao <bingz@mellanox.com>
> > > ---
> > > v2: add unit test for this case
> > > ---
> > >   app/test/test_malloc.c              | 12 ++++++++++++
> > >   lib/librte_eal/common/malloc_heap.c |  3 +++
> > >   2 files changed, 15 insertions(+)
> > >
> > > diff --git a/app/test/test_malloc.c b/app/test/test_malloc.c index
> > > 40a2f50..a96c060 100644
> > > --- a/app/test/test_malloc.c
> > > +++ b/app/test/test_malloc.c
> > > @@ -846,6 +846,18 @@
> > >       if (bad_ptr != NULL)
> > >               goto err_return;
> > >
> > > +     /* rte_malloc expected to return null with size will cause
> overflow */
> > > +     align = RTE_CACHE_LINE_SIZE;
> > > +     size = (size_t)-8;
> > > +
> > > +     bad_ptr = rte_malloc(type, size, align);
> > > +     if (bad_ptr != NULL)
> > > +             goto err_return;
> > > +
> > > +     bad_ptr = rte_realloc(NULL, size, align);
> > > +        if (bad_ptr != NULL)
> > > +                goto err_return;
> >
> > You're mixing space and tabs as indentation here.
> 
> Will fix while applying.
> 
> >
> > Otherwise,
> >
> > Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>
> 
> You acked the v1, so I will go with it.
> Thanks for the work Bing, Anatoly.
> 
> 
> --
> David Marchand


  reply	other threads:[~2020-05-07 12:16 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-07 10:46 [dpdk-stable] [PATCH] " Bing Zhao
2020-04-20 11:39 ` Burakov, Anatoly
2020-04-21  3:18   ` Bing Zhao
2020-05-07  7:39 ` [dpdk-stable] [PATCH v2] " Bing Zhao
2020-05-07  7:41 ` Bing Zhao
2020-05-07  8:02   ` [dpdk-stable] [PATCH v3] " Bing Zhao
2020-05-11 14:52     ` [dpdk-stable] [dpdk-dev] " David Marchand
2020-05-07 11:55   ` [dpdk-stable] [PATCH v2] " Burakov, Anatoly
2020-05-07 12:12     ` David Marchand
2020-05-07 12:16       ` Bing Zhao [this message]
2020-05-07 12:18         ` David Marchand

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=VI1PR05MB4192EBCFADC1DF2545315F43DDA50@VI1PR05MB4192.eurprd05.prod.outlook.com \
    --to=bingz@mellanox.com \
    --cc=anatoly.burakov@intel.com \
    --cc=david.marchand@redhat.com \
    --cc=dev@dpdk.org \
    --cc=sergio.gonzalez.monroy@intel.com \
    --cc=stable@dpdk.org \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

patches for DPDK stable branches

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.dpdk.org/stable/0 stable/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 stable stable/ https://inbox.dpdk.org/stable \
		stable@dpdk.org
	public-inbox-index stable

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.stable


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git