From 098f949f8a70f7618f5390f9c1e9edfb9e5469c4 Mon Sep 17 00:00:00 2001 From: Danylo Vodopianov Date: Mon, 18 Nov 2024 19:03:23 +0100 Subject: [PATCH] app/testpmd: fix aged flow destroy port_flow_destroy() function never assumed that rule array can be freed when it's executing, and port_flow_aged() just violated that assumption. In case of flow async create failure, it tries to do a cleanup, but it wrongly removes a 1st flow (with id 0). pf->id is not set at this moment and it always is 0, thus 1st flow is removed. A local copy of flow->id must be used to call of port_flow_destroy() to avoid access and processing of flow->id after the flow is removed. Fixes: de956d5ecf08 ("app/testpmd: support age shared action context") Cc: stable@dpdk.org Signed-off-by: Danylo Vodopianov Acked-by: Dariusz Sosnowski --- app/test-pmd/config.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/app/test-pmd/config.c b/app/test-pmd/config.c index c831166431..28d45568ac 100644 --- a/app/test-pmd/config.c +++ b/app/test-pmd/config.c @@ -4160,8 +4160,10 @@ port_flow_aged(portid_t port_id, uint8_t destroy) } type = (enum age_action_context_type *)contexts[idx]; switch (*type) { - case ACTION_AGE_CONTEXT_TYPE_FLOW: + case ACTION_AGE_CONTEXT_TYPE_FLOW: { + uint64_t flow_id; ctx.pf = container_of(type, struct port_flow, age_type); + flow_id = ctx.pf->id; printf("%-20s\t%" PRIu64 "\t%" PRIu32 "\t%" PRIu32 "\t%c%c%c\t\n", "Flow", @@ -4172,9 +4174,10 @@ port_flow_aged(portid_t port_id, uint8_t destroy) ctx.pf->rule.attr->egress ? 'e' : '-', ctx.pf->rule.attr->transfer ? 't' : '-'); if (destroy && !port_flow_destroy(port_id, 1, - &ctx.pf->id, false)) + &flow_id, false)) total++; break; + } case ACTION_AGE_CONTEXT_TYPE_INDIRECT_ACTION: ctx.pia = container_of(type, struct port_indirect_action, age_type);