diff mbox series

[v2] vhost: fix double-free with zero-copy

Message ID	20200721121057.32597-1-patrick.fu@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	Ferruh Yigit
Headers	IronPort-SDR: ISTnJAbpI5V3HYxC1Afd+aL2i7MmOxFwVajEia8ZY5f2aDWxOFCXx4Mxw2ZZHOOgUFcvf3Pi6/ DwzRmpOd87pg== IronPort-SDR: 7c6qp9xrt+6d8mwHVDJ3Bg7BkPM4HP830I+WSKU7wKd0X8I3dK3UP6/AeSEF30hqPF7BDYQCCf 4034Cgwn+eWA== From: patrick.fu@intel.com To: dev@dpdk.org, maxime.coquelin@redhat.com, chenbo.xia@intel.com Cc: Patrick Fu <patrick.fu@intel.com> Date: Tue, 21 Jul 2020 12:10:57 +0000 Message-Id: <20200721121057.32597-1-patrick.fu@intel.com> In-Reply-To: <20200715155848.9501-1-patrick.fu@intel.com> References: <20200715155848.9501-1-patrick.fu@intel.com> Subject: [dpdk-dev] [PATCH v2] vhost: fix double-free with zero-copy Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	[v2] vhost: fix double-free with zero-copy \| [v2] vhost: fix double-free with zero-copy

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/travis-robot	success	Travis build: passed
ci/iol-intel-Performance	success	Performance Testing PASS
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/Intel-compilation	success	Compilation OK
ci/iol-testing	success	Testing PASS

Commit Message

Patrick Fu July 21, 2020, 12:10 p.m. UTC

  From: Patrick Fu <patrick.fu@intel.com>

zmbufs should be set to NULL when getting freed to avoid double free on
the same buffer pointer

Fixes: b0a985d1f340 ("vhost: add dequeue zero copy")

Signed-off-by: Patrick Fu <patrick.fu@intel.com>
---
v2:
 - revise commit message title

 lib/librte_vhost/vhost_user.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Maxime Coquelin July 21, 2020, 9:16 a.m. UTC | #1

On 7/21/20 2:10 PM, patrick.fu@intel.com wrote:
> From: Patrick Fu <patrick.fu@intel.com>
> 
> zmbufs should be set to NULL when getting freed to avoid double free on
> the same buffer pointer
> 
> Fixes: b0a985d1f340 ("vhost: add dequeue zero copy")
> 
> Signed-off-by: Patrick Fu <patrick.fu@intel.com>
> ---
> v2:
>  - revise commit message title
> 
>  lib/librte_vhost/vhost_user.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
> index df0db8a07..9ddeae362 100644
> --- a/lib/librte_vhost/vhost_user.c
> +++ b/lib/librte_vhost/vhost_user.c
> @@ -1934,6 +1934,7 @@ free_zmbufs(struct vhost_virtqueue *vq)
>  	drain_zmbuf_list(vq);
>  
>  	rte_free(vq->zmbufs);
> +	vq->zmbufs = NULL;
>  }
>  
>  /*
> 

Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>

Thanks,
Maxime

Ferruh Yigit July 21, 2020, 2:58 p.m. UTC | #2

On 7/21/2020 10:16 AM, Maxime Coquelin wrote:
> 
> 
> On 7/21/20 2:10 PM, patrick.fu@intel.com wrote:
>> From: Patrick Fu <patrick.fu@intel.com>
>>
>> zmbufs should be set to NULL when getting freed to avoid double free on
>> the same buffer pointer
>>
>> Fixes: b0a985d1f340 ("vhost: add dequeue zero copy")
>>
>> Signed-off-by: Patrick Fu <patrick.fu@intel.com>
> 
> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
> 

Applied to dpdk-next-net/master, thanks.

diff mbox series

Patch

diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index df0db8a07..9ddeae362 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -1934,6 +1934,7 @@  free_zmbufs(struct vhost_virtqueue *vq)
 	drain_zmbuf_list(vq);
 
 	rte_free(vq->zmbufs);
+	vq->zmbufs = NULL;
 }
 
 /*