From nobody Tue Feb 22 23:27:01 2022 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 8CD2D19C8890; Tue, 22 Feb 2022 23:27:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4K3FgT3KW9z3sls; Tue, 22 Feb 2022 23:27:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1645572421; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ci6mBKfK3dmJLOqDWVbznykQzvsQEDQ0XYSh+So0ynQ=; b=oMihmQw8iAwakgFNwldZwzuGdQoWU4S1s2LCueUyZRDoo2yFKWUZQQVgfsOy1kmKHsrpW6 dao02HEdzEYRJOrIUCmL6eYvRoDt2z0iv/2maJ4E5uRxvHmidaMhDcZCjkNnbF4h4k1WJl cGTz1X4pCKvv/LeQ06hUBjlci0ZXpDfeKwj66EfIsVBdz4gYIdeQBEELgXgswOWuMekUvX Qrv6cWhZauopK+NG35CuqOsLiDmceovKTY8qERp1YXNzNPcctT++cQJpIp1TsF6H0OCS2K NPtfE1J4+jxQvmpKcjxGqdFAs0GWq9aJl9St/yLiPbDP9MxSxtRz8M01eughEw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4D8265467; Tue, 22 Feb 2022 23:27:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 21MNR1sP011503; Tue, 22 Feb 2022 23:27:01 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 21MNR1FQ011502; Tue, 22 Feb 2022 23:27:01 GMT (envelope-from git) Date: Tue, 22 Feb 2022 23:27:01 GMT Message-Id: <202202222327.21MNR1FQ011502@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Michael Tuexen Subject: git: 7c17c354ffed - stable/13 - sctp: add some asserts, no functional changes intended List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: tuexen X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 7c17c354ffed79418f518feed11c974503109d9e Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1645572421; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ci6mBKfK3dmJLOqDWVbznykQzvsQEDQ0XYSh+So0ynQ=; b=e1AmfhPO+elrCEtQOlqw+4gL4ZbWOudThLks8RK+qCI3d1yjDN496yeTe1rc+rwlTTYRpg 7FX2ndxgvD78NA5uzGxG7BTXMLMeQP3vsQMD1SqQboptEjxV/2I/gjz3Of+LqoFPTSzu35 uBcW7zB1JJjuB/jU1QzOY0pfSgC5TnUeYaFvUweCn2c4ur8Y7i3Lj/yyxdBdRxtB74O+CA BSKwtXPWgJSfQWX0NyPK1Nrr5RgyHNmquMNczleiR+gevUvr4scEsai05wpdRw80kxezIT uO7r4wxohScTip4DKzmkfgyQdyvUWYqbNroKqs57/IkK5cZYK93r1oib7lpGOw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1645572421; a=rsa-sha256; cv=none; b=sOXU0HPcjwc2+8SvuLW0nwKGmQ6N/kmQNQXtM61GgrF6x9n8PUhG7U6Z5LuRpTqN7TJVvd vtWgE6Bx3jk2IJFA/hMxmtrDEZllpDzTM9XDG8tTLlAUIk7qTUGrp4R88ZRBiAQv2m/6Tc 2zdHE9ZL7bJUacqNJFY8wjDcoqoWsT1CFgK3Wi1lkaP8XSp4BZzUFL/9rpNKgHUW9Fg4nn +ZA7Ff3EnsJkPwZNWWL4HIT5fT7dKOQW6ePFk2os1DxhhGYO+EC9ZkqWaWBtDOEgQSPsvd 2g3RcKdpR1kUz/vnKOWWWVfUHDSWvTp+IbBX9nDBIFhAbfBkMdAtKv/didaNUg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=7c17c354ffed79418f518feed11c974503109d9e commit 7c17c354ffed79418f518feed11c974503109d9e Author: Michael Tuexen AuthorDate: 2021-11-26 11:19:33 +0000 Commit: Michael Tuexen CommitDate: 2022-02-22 23:26:35 +0000 sctp: add some asserts, no functional changes intended This might help in narrowing down https://syzkaller.appspot.com/bug?id=fbd79abaec55f5aede63937182f4247006ea883b (cherry picked from commit 0906362646546843f371bebccb51d5578a99cc7c) --- sys/netinet/sctputil.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/sys/netinet/sctputil.c b/sys/netinet/sctputil.c index 9283b1288dae..738f68af7799 100644 --- a/sys/netinet/sctputil.c +++ b/sys/netinet/sctputil.c @@ -1519,7 +1519,7 @@ select_a_new_ep: SCTP_INP_RUNLOCK(it->inp); goto no_stcb; } - while (it->stcb) { + while (it->stcb != NULL) { SCTP_TCB_LOCK(it->stcb); if (it->asoc_state && ((it->stcb->asoc.state & it->asoc_state) != it->asoc_state)) { /* not in the right state... keep looking */ @@ -1566,16 +1566,23 @@ select_a_new_ep: KASSERT(it->inp == it->stcb->sctp_ep, ("%s: stcb %p does not belong to inp %p, but inp %p", __func__, it->stcb, it->inp, it->stcb->sctp_ep)); + SCTP_INP_RLOCK_ASSERT(it->inp); + SCTP_TCB_LOCK_ASSERT(it->stcb); /* run function on this one */ (*it->function_assoc) (it->inp, it->stcb, it->pointer, it->val); + SCTP_INP_RLOCK_ASSERT(it->inp); + SCTP_TCB_LOCK_ASSERT(it->stcb); /* * we lie here, it really needs to have its own type but * first I must verify that this won't effect things :-0 */ - if (it->no_chunk_output == 0) + if (it->no_chunk_output == 0) { sctp_chunk_output(it->inp, it->stcb, SCTP_OUTPUT_FROM_T3, SCTP_SO_NOT_LOCKED); + SCTP_INP_RLOCK_ASSERT(it->inp); + SCTP_TCB_LOCK_ASSERT(it->stcb); + } SCTP_TCB_UNLOCK(it->stcb); next_assoc: