Hi David,
I've changed the space into tabs in v3 and suppressed this one.
Thanks a lot
BR. Bing
> -----Original Message-----
> From: David Marchand <david.march...@redhat.com>
> Sent: Thursday, May 7, 2020 8:12 PM
> To: Burakov, Anatoly <anatoly.bura...@intel.com>; Bing Zhao
> <bi...@mellanox.com>
> Cc: Thomas Monjalon <tho...@monjalon.net>; dev <dev@dpdk.org>;
> dpdk stable <sta...@dpdk.org>; sergio.gonzalez.mon...@intel.com
> Subject: Re: [dpdk-stable] [PATCH v2] mem: fix the alloc size roundup
> overflow
>
> On Thu, May 7, 2020 at 1:55 PM Burakov, Anatoly
> <anatoly.bura...@intel.com> wrote:
> >
> > On 07-May-20 8:41 AM, Bing Zhao wrote:
> > > The size checking is done in the caller. The size parameter is an
> > > unsigned (64b wide) right now, so the comparison with zero should
> be
> > > enough in most cases. But it won't help in the following case.
> > > If the allocating request input a huge number by mistake, e.g.,
> some
> > > overflow after the calculation (especially subtraction), the
> > > checking in the caller will succeed since it is not zero. Indeed,
> > > there is not enough space in the system to support such huge
> memory allocation.
> > > Usually it will return failure in the following code. But if the
> > > input size is just a little smaller than the UINT64_MAX, like -2 in
> > > signed type.
> > > The roundup will cause an overflow and then "reset" the size to 0,
> > > and then only a header (128B now) with zero length will be
> returned.
> > > The following will be the previous allocation header.
> > > It should be OK in most cases if the application won't access the
> > > memory body. Or else, some critical issue will be caused and not
> > > easy to debug. So this issue should be prevented at the beginning,
> > > like other big size failure, NULL pointer should be returned also.
> > >
> > > Fixes: fdf20fa7bee9 ("add prefix to cache line macros")
> > > Cc: sta...@dpdk.org
> > >
> > > Signed-off-by: Bing Zhao <bi...@mellanox.com>
> > > ---
> > > v2: add unit test for this case
> > > ---
> > > app/test/test_malloc.c | 12 ++++++++++++
> > > lib/librte_eal/common/malloc_heap.c | 3 +++
> > > 2 files changed, 15 insertions(+)
> > >
> > > diff --git a/app/test/test_malloc.c b/app/test/test_malloc.c index
> > > 40a2f50..a96c060 100644
> > > --- a/app/test/test_malloc.c
> > > +++ b/app/test/test_malloc.c
> > > @@ -846,6 +846,18 @@
> > > if (bad_ptr != NULL)
> > > goto err_return;
> > >
> > > + /* rte_malloc expected to return null with size will cause
> overflow */
> > > + align = RTE_CACHE_LINE_SIZE;
> > > + size = (size_t)-8;
> > > +
> > > + bad_ptr = rte_malloc(type, size, align);
> > > + if (bad_ptr != NULL)
> > > + goto err_return;
> > > +
> > > + bad_ptr = rte_realloc(NULL, size, align);
> > > + if (bad_ptr != NULL)
> > > + goto err_return;
> >
> > You're mixing space and tabs as indentation here.
>
> Will fix while applying.
>
> >
> > Otherwise,
> >
> > Reviewed-by: Anatoly Burakov <anatoly.bura...@intel.com>
>
> You acked the v1, so I will go with it.
> Thanks for the work Bing, Anatoly.
>
>
> --
> David Marchand
