[ovs-dev] [PATCH] ofp-parse: Correctly update bucket lists if they are empty

Ben Pfaff blp at nicira.com
Mon Jan 26 19:19:53 UTC 2015 

On Mon, Jan 26, 2015 at 02:44:07PM +0100, Thomas Graf wrote:
> On 01/26/15 at 05:30pm, Simon Horman wrote:
> > On Mon, Jan 26, 2015 at 04:40:49PM +0900, Simon Horman wrote:
> > > * Although somewhat cure the approach of setting the next field to NULL
> > 
> > s/cure/crude/
> > 
> > >   seems far less dangerous than trying to update the list infrastructure
> > >   to handle this case.
> 
> list_moved() not handling the list_empty() case is somewhat rude.
> Why not just handle that special case and call list_init() in
> list_moved() instead? I realize it's currently documented to fail in
> list_moved() but I don't see any side effect in handling this properly
> because any caller doing so right now would be buggy.

I'd prefer to handle that case in list_moved() but I don't know a safe
way to detect it, that is, a way that doesn't try to read from
possibly freed memory.

It's possible if we make list_moved() take the previous location of
the list, e.g. something like this (compile-tested only):

diff --git a/lib/list.h b/lib/list.h
index 15be0f8..a0c294e 100644
--- a/lib/list.h
+++ b/lib/list.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2009, 2010, 2011, 2013 Nicira, Inc.
+ * Copyright (c) 2008, 2009, 2010, 2011, 2013, 2015 Nicira, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -33,7 +33,7 @@ static inline void list_splice(struct ovs_list *before, struct ovs_list *first,
 static inline void list_push_front(struct ovs_list *, struct ovs_list *);
 static inline void list_push_back(struct ovs_list *, struct ovs_list *);
 static inline void list_replace(struct ovs_list *, const struct ovs_list *);
-static inline void list_moved(struct ovs_list *);
+static inline void list_moved(struct ovs_list *, const struct ovs_list *orig);
 static inline void list_move(struct ovs_list *dst, struct ovs_list *src);
 
 /* List removal. */
@@ -150,15 +150,16 @@ list_replace(struct ovs_list *element, const struct ovs_list *position)
 }
 
 /* Adjusts pointers around 'list' to compensate for 'list' having been moved
- * around in memory (e.g. as a consequence of realloc()).
- *
- * This always works if 'list' is a member of a list, or if 'list' is the head
- * of a non-empty list.  It fails badly, however, if 'list' is the head of an
- * empty list; just use list_init() in that case. */
+ * around in memory (e.g. as a consequence of realloc()), with original
+ * location 'orig'. */
 static inline void
-list_moved(struct ovs_list *list)
+list_moved(struct ovs_list *list, const struct ovs_list *orig)
 {
-    list->prev->next = list->next->prev = list;
+    if (list->next == orig) {
+        list_init(list);
+    } else {
+        list->prev->next = list->next->prev = list;
+    }
 }
 
 /* Initializes 'dst' with the contents of 'src', compensating for moving it
@@ -167,12 +168,8 @@ list_moved(struct ovs_list *list)
 static inline void
 list_move(struct ovs_list *dst, struct ovs_list *src)
 {
-    if (!list_is_empty(src)) {
-        *dst = *src;
-        list_moved(dst);
-    } else {
-        list_init(dst);
-    }
+    *dst = *src;
+    list_moved(dst, src);
 }
 
 /* Removes 'elem' from its list and returns the element that followed it.
diff --git a/lib/ofp-parse.c b/lib/ofp-parse.c
index 9acf6a4..6fc5af0 100644
--- a/lib/ofp-parse.c
+++ b/lib/ofp-parse.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2011, 2012, 2013, 2014 Nicira, Inc.
+ * Copyright (c) 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -1413,12 +1413,14 @@ parse_ofp_group_mod_file(const char *file_name, uint16_t command,
         char *error;
 
         if (*n_gms >= allocated_gms) {
+            struct ofputil_group_mod *new_gms;
             size_t i;
 
-            *gms = x2nrealloc(*gms, &allocated_gms, sizeof **gms);
+            new_gms = x2nrealloc(*gms, &allocated_gms, sizeof **gms);
             for (i = 0; i < *n_gms; i++) {
-                list_moved(&(*gms)[i].buckets);
+                list_moved(&new_gms[i].buckets, &(*gms)[i].buckets);
             }
+            *gms = new_gms;
         }
         error = parse_ofp_group_mod_str(&(*gms)[*n_gms], command, ds_cstr(&s),
                                         &usable);

More information about the dev mailing list