* [ammarfaizi2-block:dhowells/linux-fs/rxrpc-ringless-5 29/79] net/rxrpc/io_thread.c:52 rxrpc_error_report() error: uninitialized symbol 'skb'.
@ 2022-11-07 8:02 Dan Carpenter
2022-11-16 13:57 ` David Howells
0 siblings, 1 reply; 3+ messages in thread
From: Dan Carpenter @ 2022-11-07 8:02 UTC (permalink / raw)
To: oe-kbuild, David Howells
Cc: lkp, oe-kbuild-all, Ammar Faizi, GNU/Weeb Mailing List
tree: https://github.com/ammarfaizi2/linux-block dhowells/linux-fs/rxrpc-ringless-5
head: ae32660a904fd27bf548d6bb4a3fc340645da2ca
commit: ea8a55f838fb351b99eb2558a82492dc41246871 [29/79] rxrpc: Move error processing into the local endpoint I/O thread
config: openrisc-randconfig-m031-20221106
compiler: or1k-linux-gcc (GCC) 12.1.0
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <[email protected]>
| Reported-by: Dan Carpenter <[email protected]>
New smatch warnings:
net/rxrpc/io_thread.c:52 rxrpc_error_report() error: uninitialized symbol 'skb'.
Old smatch warnings:
net/rxrpc/io_thread.c:210 rxrpc_input_packet() warn: passing freed memory 'skb'
vim +/skb +52 net/rxrpc/io_thread.c
ea8a55f838fb35 David Howells 2022-10-10 43 void rxrpc_error_report(struct sock *sk)
ea8a55f838fb35 David Howells 2022-10-10 44 {
ea8a55f838fb35 David Howells 2022-10-10 45 struct rxrpc_local *local;
ea8a55f838fb35 David Howells 2022-10-10 46 struct sk_buff *skb;
ea8a55f838fb35 David Howells 2022-10-10 47
ea8a55f838fb35 David Howells 2022-10-10 48 rcu_read_lock();
ea8a55f838fb35 David Howells 2022-10-10 49 local = rcu_dereference_sk_user_data(sk);
ea8a55f838fb35 David Howells 2022-10-10 50 if (unlikely(!local)) {
ea8a55f838fb35 David Howells 2022-10-10 51 rcu_read_unlock();
ea8a55f838fb35 David Howells 2022-10-10 @52 kfree_skb(skb);
"skb" is uninitialized.
ea8a55f838fb35 David Howells 2022-10-10 53 return;
ea8a55f838fb35 David Howells 2022-10-10 54 }
ea8a55f838fb35 David Howells 2022-10-10 55
ea8a55f838fb35 David Howells 2022-10-10 56 while ((skb = skb_dequeue(&sk->sk_error_queue))) {
ea8a55f838fb35 David Howells 2022-10-10 57 skb->mark = RXRPC_SKB_MARK_ERROR;
ea8a55f838fb35 David Howells 2022-10-10 58 rxrpc_new_skb(skb, rxrpc_skb_received);
ea8a55f838fb35 David Howells 2022-10-10 59 skb_queue_tail(&local->rx_queue, skb);
ea8a55f838fb35 David Howells 2022-10-10 60 }
ea8a55f838fb35 David Howells 2022-10-10 61
ea8a55f838fb35 David Howells 2022-10-10 62 rxrpc_wake_up_io_thread(local);
ea8a55f838fb35 David Howells 2022-10-10 63 rcu_read_unlock();
ea8a55f838fb35 David Howells 2022-10-10 64 }
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [ammarfaizi2-block:dhowells/linux-fs/rxrpc-ringless-5 29/79] net/rxrpc/io_thread.c:52 rxrpc_error_report() error: uninitialized symbol 'skb'.
2022-11-07 8:02 [ammarfaizi2-block:dhowells/linux-fs/rxrpc-ringless-5 29/79] net/rxrpc/io_thread.c:52 rxrpc_error_report() error: uninitialized symbol 'skb' Dan Carpenter
@ 2022-11-16 13:57 ` David Howells
2022-11-16 18:49 ` Dan Carpenter
0 siblings, 1 reply; 3+ messages in thread
From: David Howells @ 2022-11-16 13:57 UTC (permalink / raw)
To: Dan Carpenter
Cc: dhowells, oe-kbuild, lkp, oe-kbuild-all, Ammar Faizi,
GNU/Weeb Mailing List
Dan Carpenter <[email protected]> wrote:
> New smatch warnings:
> net/rxrpc/io_thread.c:52 rxrpc_error_report() error: uninitialized symbol 'skb'.
Fixed that.
> Old smatch warnings:
> net/rxrpc/io_thread.c:210 rxrpc_input_packet() warn: passing freed memory 'skb'
Do you know if that's still there? "Old" in what sense?
David
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [ammarfaizi2-block:dhowells/linux-fs/rxrpc-ringless-5 29/79] net/rxrpc/io_thread.c:52 rxrpc_error_report() error: uninitialized symbol 'skb'.
2022-11-16 13:57 ` David Howells
@ 2022-11-16 18:49 ` Dan Carpenter
0 siblings, 0 replies; 3+ messages in thread
From: Dan Carpenter @ 2022-11-16 18:49 UTC (permalink / raw)
To: David Howells
Cc: oe-kbuild, lkp, oe-kbuild-all, Ammar Faizi, GNU/Weeb Mailing List
On Wed, Nov 16, 2022 at 01:57:43PM +0000, David Howells wrote:
> Dan Carpenter <[email protected]> wrote:
>
> > New smatch warnings:
> > net/rxrpc/io_thread.c:52 rxrpc_error_report() error: uninitialized symbol 'skb'.
>
> Fixed that.
>
> > Old smatch warnings:
> > net/rxrpc/io_thread.c:210 rxrpc_input_packet() warn: passing freed memory 'skb'
>
> Do you know if that's still there? "Old" in what sense?
>
The file name has changed so it took me a while to track this down.
This is fine. The "skb" pointer here is just used for tracing and not
dereferenced.
net/rxrpc/input.c
563 /* Unshare the packet so that it can be modified for in-place
564 * decryption.
565 */
566 if (sp->hdr.securityIndex != 0) {
567 struct sk_buff *nskb = skb_unshare(skb, GFP_ATOMIC);
^^^
There is still a reference to "skb" somewhere but we drop ours.
568 if (!nskb) {
569 rxrpc_eaten_skb(skb, rxrpc_skb_unshared_nomem);
^^^
This would be a bug if it were dereferenced but it's just tracing stuff
that doesn't dereference the "skb" pointer.
570 return;
571 }
572
573 if (nskb != skb) {
574 rxrpc_eaten_skb(skb, rxrpc_skb_received);
575 skb = nskb;
576 rxrpc_new_skb(skb, rxrpc_skb_unshared);
577 sp = rxrpc_skb(skb);
578 }
579 }
regards,
dan carpenter
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-11-16 18:49 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-11-07 8:02 [ammarfaizi2-block:dhowells/linux-fs/rxrpc-ringless-5 29/79] net/rxrpc/io_thread.c:52 rxrpc_error_report() error: uninitialized symbol 'skb' Dan Carpenter
2022-11-16 13:57 ` David Howells
2022-11-16 18:49 ` Dan Carpenter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox