Re: [ovs-discuss] Possible double-free on ofproto.c:delete_flows_loose

2014-10-20 Thread Ben Pfaff
I applied this commit to branch-2.1 and it will be in the next release from that branch. Sorry it took me so long to get back to this. On Wed, Sep 17, 2014 at 05:17:17PM -0400, Anup Khadka wrote: > Yes, I got a crash with 100 rules which led me to inspect the code. > > The collect_rule function

Re: [ovs-discuss] Possible double-free on ofproto.c:delete_flows_loose

2014-09-17 Thread Ben Pfaff
Thanks for reporting the bug. I'll look into backporting the fix. On Wed, Sep 17, 2014 at 2:17 PM, Anup Khadka wrote: > Yes, I got a crash with 100 rules which led me to inspect the code. > > The collect_rule function inside collect_rules_loose returns > OFPROTO_POSTPONE if rule->pending is non-

Re: [ovs-discuss] Possible double-free on ofproto.c:delete_flows_loose

2014-09-17 Thread Anup Khadka
Yes, I got a crash with 100 rules which led me to inspect the code. The collect_rule function inside collect_rules_loose returns OFPROTO_POSTPONE if rule->pending is non-zero (this is possible if the ofproto vendor class in not done inserting the rules). In such cases, collect_rules_loose functio

Re: [ovs-discuss] Possible double-free on ofproto.c:delete_flows_loose

2014-09-17 Thread Ben Pfaff
According to the commit message, the bug could not cause a real problem in practice. Do you see a way that it could? On Wed, Sep 17, 2014 at 04:50:04PM -0400, Anup Khadka wrote: > Looks like this code was added in July: > https://github.com/openvswitch/ovs/commit/bfd3dbf6a0c978ceb20faf292bca51 >

Re: [ovs-discuss] Possible double-free on ofproto.c:delete_flows_loose

2014-09-17 Thread Anup Khadka
Looks like this code was added in July: https://github.com/openvswitch/ovs/commit/bfd3dbf6a0c978ceb20faf292bca51 3a63e2b68c I was using an older code-base. Thanks, Anup On Wed, Sep 17, 2014 at 4:37 PM, Ben Pfaff wrote: > On Wed, Sep 17, 2014 at 02:58:50PM -0400, Anup Khadka wrote: > > On Tue, Se

Re: [ovs-discuss] Possible double-free on ofproto.c:delete_flows_loose

2014-09-17 Thread Ben Pfaff
On Wed, Sep 17, 2014 at 02:58:50PM -0400, Anup Khadka wrote: > On Tue, Sep 16, 2014 at 3:30 PM, Anup Khadka wrote: > > > It looks like OVS tries to double-free in delete_flows_loose if the > > rules->rules (inside struct rule_collection *rules is not equal to > > rules->stub). > > > > A little mo

Re: [ovs-discuss] Possible double-free on ofproto.c:delete_flows_loose

2014-09-17 Thread Anup Khadka
On Tue, Sep 16, 2014 at 3:30 PM, Anup Khadka wrote: > It looks like OVS tries to double-free in delete_flows_loose if the > rules->rules (inside struct rule_collection *rules is not equal to > rules->stub). > > A little more detail: > In the function delete_flows_loose, the call to the function >