[v2] vhost: fix double-free with zero-copy
Checks
Commit Message
From: Patrick Fu <patrick.fu@intel.com>
zmbufs should be set to NULL when getting freed to avoid double free on
the same buffer pointer
Fixes: b0a985d1f340 ("vhost: add dequeue zero copy")
Signed-off-by: Patrick Fu <patrick.fu@intel.com>
---
v2:
- revise commit message title
lib/librte_vhost/vhost_user.c | 1 +
1 file changed, 1 insertion(+)
Comments
On 7/21/20 2:10 PM, patrick.fu@intel.com wrote:
> From: Patrick Fu <patrick.fu@intel.com>
>
> zmbufs should be set to NULL when getting freed to avoid double free on
> the same buffer pointer
>
> Fixes: b0a985d1f340 ("vhost: add dequeue zero copy")
>
> Signed-off-by: Patrick Fu <patrick.fu@intel.com>
> ---
> v2:
> - revise commit message title
>
> lib/librte_vhost/vhost_user.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
> index df0db8a07..9ddeae362 100644
> --- a/lib/librte_vhost/vhost_user.c
> +++ b/lib/librte_vhost/vhost_user.c
> @@ -1934,6 +1934,7 @@ free_zmbufs(struct vhost_virtqueue *vq)
> drain_zmbuf_list(vq);
>
> rte_free(vq->zmbufs);
> + vq->zmbufs = NULL;
> }
>
> /*
>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Thanks,
Maxime
On 7/21/2020 10:16 AM, Maxime Coquelin wrote:
>
>
> On 7/21/20 2:10 PM, patrick.fu@intel.com wrote:
>> From: Patrick Fu <patrick.fu@intel.com>
>>
>> zmbufs should be set to NULL when getting freed to avoid double free on
>> the same buffer pointer
>>
>> Fixes: b0a985d1f340 ("vhost: add dequeue zero copy")
>>
>> Signed-off-by: Patrick Fu <patrick.fu@intel.com>
>
> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
>
Applied to dpdk-next-net/master, thanks.
@@ -1934,6 +1934,7 @@ free_zmbufs(struct vhost_virtqueue *vq)
drain_zmbuf_list(vq);
rte_free(vq->zmbufs);
+ vq->zmbufs = NULL;
}
/*