Re: [dpdk-dev] [PATCH v4 1/2] hash table: fix a bug in rte_hash_iterate()

Tue, 09 Oct 2018 19:02:14 -0700 

Hi Qiaobin,

This patch: http://patchwork.dpdk.org/patch/46105/ covers the bug.  Honnappa 
suggested a fix that would work well for the lock free implementation as well.

>-----Original Message-----
>From: Qiaobin Fu [mailto:qiaob...@bu.edu]
>Sent: Tuesday, October 9, 2018 12:29 PM
>To: Richardson, Bruce <bruce.richard...@intel.com>; De Lara Guarch, Pablo 
><pablo.de.lara.gua...@intel.com>
>Cc: dev@dpdk.org; douce...@bu.edu; Wiles, Keith <keith.wi...@intel.com>; 
>Gobriel, Sameh <sameh.gobr...@intel.com>; Tai, Charlie
><charlie....@intel.com>; step...@networkplumber.org; n...@arm.com; 
>honnappa.nagaraha...@arm.com; Wang, Yipeng1
><yipeng1.w...@intel.com>; mic...@digirati.com.br; qiaob...@bu.edu
>Subject: [PATCH v4 1/2] hash table: fix a bug in rte_hash_iterate()
>
>In current implementation of rte_hash_iterate(), it
>tries to obtain the lock after the while loop. However,
>this may lead to a bug. Notice the following racing condition:
>
>1. The while loop above finishes because it finds
>   a not empty slot. But it does so without a lock.
>2. Then we get the lock.
>3. The position that was once not empty is now empty.
>   BUG because next_key is invalid.
>
>This patch fixes this small bug.
>
>Signed-off-by: Qiaobin Fu <qiaob...@bu.edu>
>Reviewed-by: Michel Machado <mic...@digirati.com.br>
>---
> lib/librte_hash/rte_cuckoo_hash.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
>diff --git a/lib/librte_hash/rte_cuckoo_hash.c 
>b/lib/librte_hash/rte_cuckoo_hash.c
>index f7b86c8c9..a3e76684d 100644
>--- a/lib/librte_hash/rte_cuckoo_hash.c
>+++ b/lib/librte_hash/rte_cuckoo_hash.c
>@@ -1317,16 +1317,18 @@ rte_hash_iterate(const struct rte_hash *h, const void 
>**key, void **data, uint32
>       bucket_idx = *next / RTE_HASH_BUCKET_ENTRIES;
>       idx = *next % RTE_HASH_BUCKET_ENTRIES;
>
>+      __hash_rw_reader_lock(h);
>       /* If current position is empty, go to the next one */
>       while (h->buckets[bucket_idx].key_idx[idx] == EMPTY_SLOT) {
>               (*next)++;
>               /* End of table */
>-              if (*next == total_entries)
>+              if (*next == total_entries) {
>+                      __hash_rw_reader_unlock(h);
>                       return -ENOENT;
>+              }
>               bucket_idx = *next / RTE_HASH_BUCKET_ENTRIES;
>               idx = *next % RTE_HASH_BUCKET_ENTRIES;
>       }
>-      __hash_rw_reader_lock(h);
>       /* Get position of entry in key table */
>       position = h->buckets[bucket_idx].key_idx[idx];
>       next_key = (struct rte_hash_key *) ((char *)h->key_store +
>--
>2.17.1

Reply via email to