From: Ferruh Yigit <ferruh.yigit@amd.com>
To: David Marchand <david.marchand@redhat.com>
Cc: Ankur Dwivedi <adwivedi@marvell.com>,
dev@dpdk.org, Thomas Monjalon <thomas@monjalon.net>,
jerinj@marvell.com, Ali Alnubani <alialnu@nvidia.com>,
"Li, WeiyuanX" <weiyuanx.li@intel.com>
Subject: Re: [PATCH v1 1/2] ethdev: fix null pointer dereference
Date: Tue, 28 Feb 2023 12:46:12 +0000 [thread overview]
Message-ID: <a7ce44f2-394f-69a1-62fd-ccf77f8eefa6@amd.com> (raw)
In-Reply-To: <CAJFAV8ysr7_A22VmrRN65bA1Zd+vT85ip6i=ChaRt4WtN+qo7A@mail.gmail.com>
On 2/28/2023 11:29 AM, David Marchand wrote:
> On Tue, Feb 28, 2023 at 12:05 PM Ferruh Yigit <ferruh.yigit@amd.com> wrote:
>>
>> On 2/23/2023 12:30 PM, Ankur Dwivedi wrote:
>>> The speed_fec_capa pointer can be null. So dereferencing the pointer is
>>> removed and only the pointer is captured in trace function.
>>> Fixed few more trace functions in which null pointer can be dereferenced.
>>>
>>> Coverity issue: 383238
>>> Bugzilla ID: 1162
>>> Fixes: 6679cf21d608 ("ethdev: add trace points")
>>> Fixes: ed04fd4072e9 ("ethdev: add trace points for flow")
>>>
>>> Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
>>
>> Hi Ankur,
>>
>> There is another bug report: https://bugs.dpdk.org/show_bug.cgi?id=1167
>>
>>
>> As far as I can see that is caused by '__rte_trace_point_register()' is
>> calling 'register_fn()' [1].
>>
>> At registering trace point stage, most of the pointers can be invalid,
>> and this can crash other locations too.
>
> I remember hitting this issue when running with UBsan.
>
>>
>> Why 'register_fn()' called withing the trace point register? Can we
>> remove it?
>
> IIRC, this is used to evaluate the size of the trace point event.
>
>
Yes, as checked with Jerin, it is used to evaluate size and some sanity
checks fro size.
We need either find a way to calculate size without really reading the
pointer content during register phase, all convert all pointer tracing
to emit_ptr().
I prefer first option if we can.
next prev parent reply other threads:[~2023-02-28 12:46 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-23 12:30 [PATCH v1 0/2] bug fix in ethdev trace Ankur Dwivedi
2023-02-23 12:30 ` [PATCH v1 1/2] ethdev: fix null pointer dereference Ankur Dwivedi
2023-02-28 11:04 ` Ferruh Yigit
2023-02-28 11:29 ` David Marchand
2023-02-28 12:46 ` Ferruh Yigit [this message]
2023-02-28 13:17 ` Jerin Jacob
2023-02-28 13:39 ` Ferruh Yigit
2023-02-28 15:01 ` Ferruh Yigit
2023-02-28 15:40 ` [EXT] " Ankur Dwivedi
2023-02-28 16:08 ` Ferruh Yigit
2023-02-28 16:27 ` Ferruh Yigit
2023-03-02 9:58 ` Ferruh Yigit
2023-03-02 16:49 ` Ankur Dwivedi
2023-02-23 12:30 ` [PATCH v1 2/2] ethdev: pass structure pointer Ankur Dwivedi
2023-02-28 15:01 ` Ferruh Yigit
2023-03-03 11:31 ` [PATCH v2 0/2] bug fix in ethdev trace Ankur Dwivedi
2023-03-03 11:31 ` [PATCH v2 1/2] ethdev: fix null pointer dereference Ankur Dwivedi
2023-03-03 13:38 ` Ferruh Yigit
2023-03-03 11:31 ` [PATCH v2 2/2] ethdev: pass structure pointer Ankur Dwivedi
2023-03-03 13:39 ` [PATCH v2 0/2] bug fix in ethdev trace Ferruh Yigit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a7ce44f2-394f-69a1-62fd-ccf77f8eefa6@amd.com \
--to=ferruh.yigit@amd.com \
--cc=adwivedi@marvell.com \
--cc=alialnu@nvidia.com \
--cc=david.marchand@redhat.com \
--cc=dev@dpdk.org \
--cc=jerinj@marvell.com \
--cc=thomas@monjalon.net \
--cc=weiyuanx.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.