Re: [PATCH] net: ipv4: Fix uninitialized pointer warning in fnhe_remove_oldest

From: Purva Yeshi
Date: Fri Apr 18 2025 - 05:47:32 EST

Next message: syzbot: "Re: [syzbot] Re: [syzbot] [jfs?] KASAN: null-ptr-deref Read in drop_buffers (3)"
Previous message: Nuno Sá: "Re: [PATCH] iio: adc: Revoke valid channel for error path"
In reply to: David Ahern: "Re: [PATCH] net: ipv4: Fix uninitialized pointer warning in fnhe_remove_oldest"
Next in thread: Purva Yeshi: "Re: [PATCH] net: ipv4: Fix uninitialized pointer warning in fnhe_remove_oldest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 18/04/25 10:33, David Ahern wrote:

On 4/17/25 4:00 PM, Kuniyuki Iwashima wrote:

From: Purva Yeshi <purvayeshi550@xxxxxxxxx>
Date: Thu, 17 Apr 2025 15:11:26 +0530

Fix Smatch-detected issue:
net/ipv4/route.c:605 fnhe_remove_oldest() error:
uninitialized symbol 'oldest_p'.

Initialize oldest_p to NULL to avoid uninitialized pointer warning in
fnhe_remove_oldest.

How does it remain uninitialised ?

update_or_create_fnhe() ensures the bucket is not empty before
calling fnhe_remove_oldest().

agreed. Not the simplest logic, but I do not see how oldest_p can be
unset after the loop.

Hi David,

The loop always sets oldest_p when the list has at least one entry, which the caller guarantees. Smatch doesn't catch that context, so it flags a false positive.

Best regards,
Purva

Next message: syzbot: "Re: [syzbot] Re: [syzbot] [jfs?] KASAN: null-ptr-deref Read in drop_buffers (3)"
Previous message: Nuno Sá: "Re: [PATCH] iio: adc: Revoke valid channel for error path"
In reply to: David Ahern: "Re: [PATCH] net: ipv4: Fix uninitialized pointer warning in fnhe_remove_oldest"
Next in thread: Purva Yeshi: "Re: [PATCH] net: ipv4: Fix uninitialized pointer warning in fnhe_remove_oldest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]