lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CANn89i+muzNH6nEZvPmEq5pUZbq3B-ZprFrLVw8mPd2iH8BNLw@mail.gmail.com>
Date:   Tue, 31 Aug 2021 08:13:56 -0700
From:   Eric Dumazet <edumazet@...gle.com>
To:     kernel test robot <yujie.liu@...el.com>
Cc:     Eric Dumazet <eric.dumazet@...il.com>,
        "David S . Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>, llvm@...ts.linux.dev,
        kbuild-all@...ts.01.org, netdev <netdev@...r.kernel.org>,
        Willy Tarreau <w@....eu>, Keyu Man <kman001@....edu>,
        David Ahern <dsahern@...nel.org>
Subject: Re: [PATCH net 2/2] ipv4: make exception cache less predictible

Honestly this report seems wrong to me.

Please kernel test robot, improve your automation.

The function is only called when we know there are at least 6 items in
the list, I do not think you took this into account.

On Tue, Aug 31, 2021 at 12:48 AM kernel test robot <yujie.liu@...el.com> wrote:
>
> Hi Eric,
>
> I love your patch! Perhaps something to improve:
>
> [auto build test WARNING on net/master]
>
> url:    https://github.com/0day-ci/linux/commits/Eric-Dumazet/inet-make-exception-handling-less-predictible/20210830-061726
> base:   https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git 57f780f1c43362b86fd23d20bd940e2468237716
> :::::: branch date: 19 hours ago
> :::::: commit date: 19 hours ago
> config: x86_64-randconfig-c007-20210830 (attached as .config)
> compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 4b1fde8a2b681dad2ce0c082a5d6422caa06b0bc)
> reproduce (this is a W=1 build):
>          wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
>          chmod +x ~/bin/make.cross
>          # https://github.com/0day-ci/linux/commit/adf305d00ec06cb771dc960f0d7bd62d07561371
>          git remote add linux-review https://github.com/0day-ci/linux
>          git fetch --no-tags linux-review Eric-Dumazet/inet-make-exception-handling-less-predictible/20210830-061726
>          git checkout adf305d00ec06cb771dc960f0d7bd62d07561371
>          # save the attached .config to linux build tree
>          COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
>
> If you fix the issue, kindly add following tag as appropriate
> Reported-by: kernel test robot <lkp@...el.com>
>
>
> clang-analyzer warnings: (new ones prefixed by >>)
>
>  >> net/ipv4/route.c:575:7: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
>             rt = rcu_dereference(fnhe->fnhe_rth_input);
>                  ^
>     net/ipv4/route.c:592:34: note: 'oldest' initialized to a null pointer value
>             struct fib_nh_exception *fnhe, *oldest = NULL;
>                                             ^~~~~~
>     net/ipv4/route.c:594:2: note: Loop condition is true.  Entering loop body
>             for (fnhe_p = &hash->chain; ; fnhe_p = &fnhe->fnhe_next) {
>             ^
>     net/ipv4/route.c:595:10: note: Assuming the condition is false
>                     fnhe = rcu_dereference_protected(*fnhe_p,
>                            ^
>     include/linux/rcupdate.h:587:2: note: expanded from macro 'rcu_dereference_protected'
>             __rcu_dereference_protected((p), (c), __rcu)
>             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>     include/linux/rcupdate.h:396:19: note: expanded from macro '__rcu_dereference_protected'
>             RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_protected() usage"); \
>             ~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>     include/linux/rcupdate.h:318:8: note: expanded from macro 'RCU_LOCKDEP_WARN'
>                     if ((c) && debug_lockdep_rcu_enabled() && !__warned) {  \
>                          ^
>     net/ipv4/route.c:595:10: note: Left side of '&&' is false
>                     fnhe = rcu_dereference_protected(*fnhe_p,
>                            ^
>     include/linux/rcupdate.h:587:2: note: expanded from macro 'rcu_dereference_protected'
>             __rcu_dereference_protected((p), (c), __rcu)
>             ^
>     include/linux/rcupdate.h:396:2: note: expanded from macro '__rcu_dereference_protected'
>             RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_protected() usage"); \
>             ^
>     include/linux/rcupdate.h:318:11: note: expanded from macro 'RCU_LOCKDEP_WARN'
>                     if ((c) && debug_lockdep_rcu_enabled() && !__warned) {  \
>                             ^
>     net/ipv4/route.c:595:10: note: Loop condition is false.  Exiting loop
>                     fnhe = rcu_dereference_protected(*fnhe_p,
>                            ^
>     include/linux/rcupdate.h:587:2: note: expanded from macro 'rcu_dereference_protected'
>             __rcu_dereference_protected((p), (c), __rcu)
>             ^
>     include/linux/rcupdate.h:396:2: note: expanded from macro '__rcu_dereference_protected'
>             RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_protected() usage"); \
>             ^
>     include/linux/rcupdate.h:316:2: note: expanded from macro 'RCU_LOCKDEP_WARN'
>             do {                                                            \
>             ^
>     net/ipv4/route.c:597:7: note: Assuming 'fnhe' is null
>                     if (!fnhe)
>                         ^~~~~
>     net/ipv4/route.c:597:3: note: Taking true branch
>                     if (!fnhe)
>                     ^
>     net/ipv4/route.c:598:4: note:  Execution continues on line 605
>                             break;
>                             ^
>     net/ipv4/route.c:605:20: note: Passing null pointer value via 1st parameter 'fnhe'
>             fnhe_flush_routes(oldest);
>                               ^~~~~~
>     net/ipv4/route.c:605:2: note: Calling 'fnhe_flush_routes'
>             fnhe_flush_routes(oldest);
>             ^~~~~~~~~~~~~~~~~~~~~~~~~
>     net/ipv4/route.c:575:7: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
>             rt = rcu_dereference(fnhe->fnhe_rth_input);
>                  ^
>
> vim +575 net/ipv4/route.c
>
> 4895c771c7f006 David S. Miller 2012-07-17  570
> 2ffae99d1fac27 Timo Teräs      2013-06-27  571  static void fnhe_flush_routes(struct fib_nh_exception *fnhe)
> 2ffae99d1fac27 Timo Teräs      2013-06-27  572  {
> 2ffae99d1fac27 Timo Teräs      2013-06-27  573          struct rtable *rt;
> 2ffae99d1fac27 Timo Teräs      2013-06-27  574
> 2ffae99d1fac27 Timo Teräs      2013-06-27 @575          rt = rcu_dereference(fnhe->fnhe_rth_input);
> 2ffae99d1fac27 Timo Teräs      2013-06-27  576          if (rt) {
> 2ffae99d1fac27 Timo Teräs      2013-06-27  577                  RCU_INIT_POINTER(fnhe->fnhe_rth_input, NULL);
> 95c47f9cf5e028 Wei Wang        2017-06-17  578                  dst_dev_put(&rt->dst);
> 0830106c539001 Wei Wang        2017-06-17  579                  dst_release(&rt->dst);
> 2ffae99d1fac27 Timo Teräs      2013-06-27  580          }
> 2ffae99d1fac27 Timo Teräs      2013-06-27  581          rt = rcu_dereference(fnhe->fnhe_rth_output);
> 2ffae99d1fac27 Timo Teräs      2013-06-27  582          if (rt) {
> 2ffae99d1fac27 Timo Teräs      2013-06-27  583                  RCU_INIT_POINTER(fnhe->fnhe_rth_output, NULL);
> 95c47f9cf5e028 Wei Wang        2017-06-17  584                  dst_dev_put(&rt->dst);
> 0830106c539001 Wei Wang        2017-06-17  585                  dst_release(&rt->dst);
> 2ffae99d1fac27 Timo Teräs      2013-06-27  586          }
> 2ffae99d1fac27 Timo Teräs      2013-06-27  587  }
> 2ffae99d1fac27 Timo Teräs      2013-06-27  588
>
> ---
> 0-DAY CI Kernel Test Service, Intel Corporation
> https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ