RIOT/pktbuf_static at 8a75d8d1891758f43cb3df0e1e3508a5d14120c1 - RIOT

mirror of https://github.com/RIOT-OS/RIOT.git synced 2025-01-18 12:52:44 +01:00

History

Martine Lenders 8a75d8d189 gnrc_pktbuf_static: fix alignment issue / leaks This fixes an alignment issue I encountered in the static version of the packet buffer. The bug is caused by a race-condition where a certain order of operations leads to a chunk being released according to the byte-alignment of the platform, but overlapping potential space for a future `_unused_t` struct e.g. (x mark allocated regions): Future leak of size sizeof(_unused_t) Time v \| +------------+-----+--------------------+ \| \|xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\| + +------------+-----+--------------------+ \| \| +------------+--+--+--------------------+ \| \| \|xxxxxxxxxxxxxxxxxxxxxxx\| + +------------+--+--+--------------------+ \| \| +-----+------+--+--+--------------------+ \| \|xxxxx\| \|xxxxxxxxxxxxxxxxxxxxxxx\| + +-----+------+--+--+--------------------+ \| \| +-----+------+-----+---------+----------+ \| \|xxxxx\| \|xxxxxxxxxx\| + +-----+------+-----+---------+----------+ \| \| +-----+------+-----+--------------------+ \| \|xxxxx\| \|xxxxxxxxxxxxxxxxxxxxxxxxxx\| + +-----+------+-----+--------------------+ \| \| +------------+-----+--------------------+ \| \|xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\| + +------------+-----+--------------------+ \| \| +------------+-----+--------------------+ \| \|xxxxxxxxxxxxxxxxxx\| \| + +------------+-----+--------------------+ \| \| +------------+-----+--------------------+ \| \| \|xxxxx\| \| + +------------+-----+--------------------+ \| v Sadly, I wasn't able to create a reproducable unittest that show-cases this corner-case, since I don't understand the order of operations that cause this one 100%, but the bug is reproducable (but also not reliably) by sending large (i.e. fragmented) packets to a 6Lo-enabled host from more than 1 host simultaneously (use `gnrc_pktbuf_cmd` to check). By making the size of `_unused_t` the only condition for alignment, this bug is fixed.	2018-06-27 17:18:24 +02:00
..
gnrc_pktbuf_static.c	gnrc_pktbuf_static: fix alignment issue / leaks	2018-06-27 17:18:24 +02:00
Makefile	gnrc: make all gnrc modules sub-modules of gnrc	2015-08-18 23:00:07 +02:00

Martine Lenders 8a75d8d189 gnrc_pktbuf_static: fix alignment issue / leaks

This fixes an alignment issue I encountered in the static version of
the packet buffer.

The bug is caused by a race-condition where a certain order of
operations leads to a chunk being released according to the
byte-alignment of the platform, but overlapping potential space for
a future `_unused_t` struct e.g. (x mark allocated regions):

                    Future leak of size sizeof(_unused_t)       Time
                    v                                            |
    +------------+-----+--------------------+                    |
    |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx|                    +
    +------------+-----+--------------------+                    |
                                                                 |
    +------------+--+--+--------------------+                    |
    |               |xxxxxxxxxxxxxxxxxxxxxxx|                    +
    +------------+--+--+--------------------+                    |
                                                                 |
    +-----+------+--+--+--------------------+                    |
    |xxxxx|         |xxxxxxxxxxxxxxxxxxxxxxx|                    +
    +-----+------+--+--+--------------------+                    |
                                                                 |
    +-----+------+-----+---------+----------+                    |
    |xxxxx|                      |xxxxxxxxxx|                    +
    +-----+------+-----+---------+----------+                    |
                                                                 |
    +-----+------+-----+--------------------+                    |
    |xxxxx|      |xxxxxxxxxxxxxxxxxxxxxxxxxx|                    +
    +-----+------+-----+--------------------+                    |
                                                                 |
    +------------+-----+--------------------+                    |
    |xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx|                    +
    +------------+-----+--------------------+                    |
                                                                 |
    +------------+-----+--------------------+                    |
    |xxxxxxxxxxxxxxxxxx|                    |                    +
    +------------+-----+--------------------+                    |
                                                                 |
    +------------+-----+--------------------+                    |
    |            |xxxxx|                    |                    +
    +------------+-----+--------------------+                    |
                                                                 v

Sadly, I wasn't able to create a reproducable unittest that show-cases
this corner-case, since I don't understand the order of operations that
cause this one 100%, but the bug is reproducable (but also not
reliably) by sending large (i.e. fragmented) packets to a 6Lo-enabled
host from more than 1 host simultaneously (use `gnrc_pktbuf_cmd` to
check).

By making the size of `_unused_t` the only condition for alignment,
this bug is fixed.

2018-06-27 17:18:24 +02:00

gnrc_pktbuf_static.c

gnrc_pktbuf_static: fix alignment issue / leaks

2018-06-27 17:18:24 +02:00

Makefile

gnrc: make all gnrc modules sub-modules of gnrc

2015-08-18 23:00:07 +02:00