oe-kbuild-all.lists.linux.dev archive mirror
 help / color / mirror / Atom feed
* [cel:topic-the-not-so-distant-future 55/82] net/sunrpc/svc.c:1466 svc_process() error: we previously assumed 'p' could be null (see line 1454)
@ 2022-12-06  6:37 Dan Carpenter
  2022-12-06 15:07 ` Chuck Lever III
  0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2022-12-06  6:37 UTC (permalink / raw)
  To: oe-kbuild, Chuck Lever; +Cc: lkp, oe-kbuild-all

tree:   git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux topic-the-not-so-distant-future
head:   f8e9d79160e851ed451ae369605a41aa7e8eb41d
commit: 3dde04ad0247bb28b707b6f2cfeec67ed229da03 [55/82] SUNRPC: Hoist svcxdr_init_decode() into svc_process()
config: i386-randconfig-m021-20221205
compiler: gcc-11 (Debian 11.3.0-8) 11.3.0

If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Reported-by: Dan Carpenter <error27@gmail.com>

smatch warnings:
net/sunrpc/svc.c:1466 svc_process() error: we previously assumed 'p' could be null (see line 1454)

vim +/p +1466 net/sunrpc/svc.c

1cad7ea6fe98dc Ricardo Labiaga 2009-04-01  1448  	rqstp->rq_res.buflen = PAGE_SIZE;
1cad7ea6fe98dc Ricardo Labiaga 2009-04-01  1449  	rqstp->rq_res.tail[0].iov_base = NULL;
1cad7ea6fe98dc Ricardo Labiaga 2009-04-01  1450  	rqstp->rq_res.tail[0].iov_len = 0;
1cad7ea6fe98dc Ricardo Labiaga 2009-04-01  1451  
3dde04ad0247bb Chuck Lever     2022-11-06  1452  	svcxdr_init_decode(rqstp);
3dde04ad0247bb Chuck Lever     2022-11-06  1453  	p = xdr_inline_decode(&rqstp->rq_arg_stream, XDR_UNIT * 2);
3dde04ad0247bb Chuck Lever     2022-11-06 @1454  	if (unlikely(!p))
81593c4dff3226 Chuck Lever     2022-09-12  1455  		goto out_baddir;
                                                                ^^^^^^^^^^^^^^^^
p is NULL


3dde04ad0247bb Chuck Lever     2022-11-06  1456  	rqstp->rq_xid = *p++;
3dde04ad0247bb Chuck Lever     2022-11-06  1457  	if (unlikely(*p != rpc_call))
3dde04ad0247bb Chuck Lever     2022-11-06  1458  		goto out_baddir;
3dde04ad0247bb Chuck Lever     2022-11-06  1459  
d9ca78fb91eb62 Chuck Lever     2022-11-06  1460  	if (!svc_process_common(rqstp, resv))
860a0d9e511f27 Jeff Layton     2014-10-28  1461  		goto out_drop;
0b9547bf6b9431 Chuck Lever     2018-03-27  1462  	return svc_send(rqstp);
860a0d9e511f27 Jeff Layton     2014-10-28  1463  
81593c4dff3226 Chuck Lever     2022-09-12  1464  out_baddir:
81593c4dff3226 Chuck Lever     2022-09-12  1465  	svc_printk(rqstp, "bad direction 0x%08x, dropping request\n",
3dde04ad0247bb Chuck Lever     2022-11-06 @1466  		   be32_to_cpu(*p));
                                                                               ^^
Dereferenced

81593c4dff3226 Chuck Lever     2022-09-12  1467  	rqstp->rq_server->sv_stats->rpcbadfmt++;
860a0d9e511f27 Jeff Layton     2014-10-28  1468  out_drop:
4b5b3ba16be1b1 Andy Adamson    2011-01-06  1469  	svc_drop(rqstp);
4b5b3ba16be1b1 Andy Adamson    2011-01-06  1470  	return 0;
4b5b3ba16be1b1 Andy Adamson    2011-01-06  1471  }

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp


^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [cel:topic-the-not-so-distant-future 55/82] net/sunrpc/svc.c:1466 svc_process() error: we previously assumed 'p' could be null (see line 1454)
  2022-12-06  6:37 [cel:topic-the-not-so-distant-future 55/82] net/sunrpc/svc.c:1466 svc_process() error: we previously assumed 'p' could be null (see line 1454) Dan Carpenter
@ 2022-12-06 15:07 ` Chuck Lever III
  0 siblings, 0 replies; 2+ messages in thread
From: Chuck Lever III @ 2022-12-06 15:07 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: oe-kbuild, lkp, oe-kbuild-all



> On Dec 6, 2022, at 1:37 AM, Dan Carpenter <error27@gmail.com> wrote:
> 
> tree:   git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux topic-the-not-so-distant-future
> head:   f8e9d79160e851ed451ae369605a41aa7e8eb41d
> commit: 3dde04ad0247bb28b707b6f2cfeec67ed229da03 [55/82] SUNRPC: Hoist svcxdr_init_decode() into svc_process()
> config: i386-randconfig-m021-20221205
> compiler: gcc-11 (Debian 11.3.0-8) 11.3.0
> 
> If you fix the issue, kindly add following tag where applicable
> | Reported-by: kernel test robot <lkp@intel.com>
> | Reported-by: Dan Carpenter <error27@gmail.com>
> 
> smatch warnings:
> net/sunrpc/svc.c:1466 svc_process() error: we previously assumed 'p' could be null (see line 1454)

Agreed, that's a bug. Fix squashed into this commit.


> vim +/p +1466 net/sunrpc/svc.c
> 
> 1cad7ea6fe98dc Ricardo Labiaga 2009-04-01  1448  	rqstp->rq_res.buflen = PAGE_SIZE;
> 1cad7ea6fe98dc Ricardo Labiaga 2009-04-01  1449  	rqstp->rq_res.tail[0].iov_base = NULL;
> 1cad7ea6fe98dc Ricardo Labiaga 2009-04-01  1450  	rqstp->rq_res.tail[0].iov_len = 0;
> 1cad7ea6fe98dc Ricardo Labiaga 2009-04-01  1451  
> 3dde04ad0247bb Chuck Lever     2022-11-06  1452  	svcxdr_init_decode(rqstp);
> 3dde04ad0247bb Chuck Lever     2022-11-06  1453  	p = xdr_inline_decode(&rqstp->rq_arg_stream, XDR_UNIT * 2);
> 3dde04ad0247bb Chuck Lever     2022-11-06 @1454  	if (unlikely(!p))
> 81593c4dff3226 Chuck Lever     2022-09-12  1455  		goto out_baddir;
>                                                                ^^^^^^^^^^^^^^^^
> p is NULL
> 
> 
> 3dde04ad0247bb Chuck Lever     2022-11-06  1456  	rqstp->rq_xid = *p++;
> 3dde04ad0247bb Chuck Lever     2022-11-06  1457  	if (unlikely(*p != rpc_call))
> 3dde04ad0247bb Chuck Lever     2022-11-06  1458  		goto out_baddir;
> 3dde04ad0247bb Chuck Lever     2022-11-06  1459  
> d9ca78fb91eb62 Chuck Lever     2022-11-06  1460  	if (!svc_process_common(rqstp, resv))
> 860a0d9e511f27 Jeff Layton     2014-10-28  1461  		goto out_drop;
> 0b9547bf6b9431 Chuck Lever     2018-03-27  1462  	return svc_send(rqstp);
> 860a0d9e511f27 Jeff Layton     2014-10-28  1463  
> 81593c4dff3226 Chuck Lever     2022-09-12  1464  out_baddir:
> 81593c4dff3226 Chuck Lever     2022-09-12  1465  	svc_printk(rqstp, "bad direction 0x%08x, dropping request\n",
> 3dde04ad0247bb Chuck Lever     2022-11-06 @1466  		   be32_to_cpu(*p));
>                                                                               ^^
> Dereferenced
> 
> 81593c4dff3226 Chuck Lever     2022-09-12  1467  	rqstp->rq_server->sv_stats->rpcbadfmt++;
> 860a0d9e511f27 Jeff Layton     2014-10-28  1468  out_drop:
> 4b5b3ba16be1b1 Andy Adamson    2011-01-06  1469  	svc_drop(rqstp);
> 4b5b3ba16be1b1 Andy Adamson    2011-01-06  1470  	return 0;
> 4b5b3ba16be1b1 Andy Adamson    2011-01-06  1471  }
> 
> -- 
> 0-DAY CI Kernel Test Service
> https://01.org/lkp
> 

--
Chuck Lever




^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-12-06 16:01 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-06  6:37 [cel:topic-the-not-so-distant-future 55/82] net/sunrpc/svc.c:1466 svc_process() error: we previously assumed 'p' could be null (see line 1454) Dan Carpenter
2022-12-06 15:07 ` Chuck Lever III

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).