Bug 211804

Summary: lib/libc/rpc/rpc_test:raw fails with "Can't decode result"
Product: Base System Reporter: Enji Cooper <ngie>
Component: testsAssignee: Enji Cooper <ngie>
Status: Closed FIXED    
Severity: Affects Only Me CC: brooks
Priority: ---    
Version: CURRENT   
Hardware: Any   
OS: Any   
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216954

Description Enji Cooper freebsd_committer freebsd_triage 2016-08-13 05:59:34 UTC 
lib/libc/rpc/rpc_test:raw fails like so:

$ kyua test -k /usr/tests/lib/libc/rpc/Kyuafile rpc_test:raw
rpc_test:raw  ->  failed: /usr/src/svn/contrib/netbsd-tests/lib/libc/rpc/t_rpc.c:164: clnt_call: RPC: Can't decode result  [0.005s]

Results file id is usr_tests_lib_libc_rpc.20160813-055822-281469
Results saved to /home/ngie/.kyua/store/results.usr_tests_lib_libc_rpc.20160813-055822-281469.db

0/1 passed (1 failed)

Isolated to ^/projects/netbsd-tests-update-12 for now.
Comment 1 Enji Cooper freebsd_committer freebsd_triage 2016-08-13 06:07:55 UTC 
Seems to be related to this section of code in lib/libc/rpc/clnt_raw.c:

190         if (! xdr_replymsg(xdrs, &msg)) {
191                 /*
192                  * It's possible for xdr_replymsg() to fail partway
193                  * through its attempt to decode the result from the
194                  * server. If this happens, it will leave the reply
195                  * structure partially populated with dynamically
196                  * allocated memory. (This can happen if someone uses
197                  * clntudp_bufcreate() to create a CLIENT handle and
198                  * specifies a receive buffer size that is too small.)
199                  * This memory must be free()ed to avoid a leak.
200                  */
201                 int op = xdrs->x_op;
202                 xdrs->x_op = XDR_FREE;
203                 xdr_replymsg(xdrs, &msg);
204                 xdrs->x_op = op;
205                 return (RPC_CANTDECODERES);
206         }
Comment 2 commit-hook freebsd_committer freebsd_triage 2016-08-13 06:12:40 UTC 
A commit references this bug:

Author: ngie
Date: Sat Aug 13 06:11:53 UTC 2016
New revision: 304038
URL: https://svnweb.freebsd.org/changeset/base/304038

Log:
  Expect :raw to fail on FreeBSD

  clnt_raw fails with `RPC_CANTDECODERES` today with the testcase
  provided by NetBSD.

  PR:		211804
  Sponsored by:	EMC / Isilon Storage Division

Changes:
  projects/netbsd-tests-update-12/contrib/netbsd-tests/lib/libc/rpc/t_rpc.c
Comment 3 Brooks Davis freebsd_committer freebsd_triage 2017-04-27 23:43:47 UTC 
I've found the problem and posted a possible solution in https://reviews.freebsd.org/D10528.
Comment 4 commit-hook freebsd_committer freebsd_triage 2017-05-01 20:04:37 UTC 
A commit references this bug:

Author: brooks
Date: Mon May  1 20:04:07 UTC 2017
New revision: 317660
URL: https://svnweb.freebsd.org/changeset/base/317660

Log:
  Support clnt_raw's use of FD_SETSIZE as a fake file descriptor.

  Accomplish this by allocating space for it in __svc_xports and allowing
  it to be registered.  The failure to allocate space was causing an
  out-of-bounds read in svc_getreq_common().  The failure to register
  caused PR 211804.

  The bug was found with CHERI bounds checking.

  PR:		211804
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Reviewed by:	ngie
  MFC after:	2 weeks
  Differential Revision:	https://reviews.freebsd.org/D10528

Changes:
  head/lib/libc/rpc/svc.c
Comment 5 commit-hook freebsd_committer freebsd_triage 2017-05-02 22:15:02 UTC 
A commit references this bug:

Author: brooks
Date: Tue May  2 22:14:56 UTC 2017
New revision: 317710
URL: https://svnweb.freebsd.org/changeset/base/317710

Log:
  Remove expected failure now that it was fixed in r317660.

  PR:		211804
  Reviewed by:	ngie
  Obtained from:	CheriBSD
  MFC after:	2 weeks
  Sponsored by:	DARPA, AFRL
  Differential Revision:	https://reviews.freebsd.org/D10576

Changes:
  head/contrib/netbsd-tests/lib/libc/rpc/t_rpc.c
Comment 6 commit-hook freebsd_committer freebsd_triage 2017-05-15 22:41:37 UTC 
A commit references this bug:

Author: brooks
Date: Mon May 15 22:41:02 UTC 2017
New revision: 318322
URL: https://svnweb.freebsd.org/changeset/base/318322

Log:
  MFC r317660, r317710

  r317660:
  Support clnt_raw's use of FD_SETSIZE as a fake file descriptor.

  Accomplish this by allocating space for it in __svc_xports and allowing
  it to be registered.  The failure to allocate space was causing an
  out-of-bounds read in svc_getreq_common().  The failure to register
  caused PR 211804.

  The bug was found with CHERI bounds checking.

  PR:		211804
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Reviewed by:	ngie
  Differential Revision:	https://reviews.freebsd.org/D10528

  r317710:
  Remove expected failure now that it was fixed in r317660.

  PR:		211804
  Reviewed by:	ngie
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Differential Revision:	https://reviews.freebsd.org/D10576

Changes:
_U  stable/11/
  stable/11/contrib/netbsd-tests/lib/libc/rpc/t_rpc.c
  stable/11/lib/libc/rpc/svc.c
Comment 7 commit-hook freebsd_committer freebsd_triage 2017-05-15 22:41:38 UTC 
A commit references this bug:

Author: brooks
Date: Mon May 15 22:41:02 UTC 2017
New revision: 318322
URL: https://svnweb.freebsd.org/changeset/base/318322

Log:
  MFC r317660, r317710

  r317660:
  Support clnt_raw's use of FD_SETSIZE as a fake file descriptor.

  Accomplish this by allocating space for it in __svc_xports and allowing
  it to be registered.  The failure to allocate space was causing an
  out-of-bounds read in svc_getreq_common().  The failure to register
  caused PR 211804.

  The bug was found with CHERI bounds checking.

  PR:		211804
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Reviewed by:	ngie
  Differential Revision:	https://reviews.freebsd.org/D10528

  r317710:
  Remove expected failure now that it was fixed in r317660.

  PR:		211804
  Reviewed by:	ngie
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Differential Revision:	https://reviews.freebsd.org/D10576

Changes:
_U  stable/11/
  stable/11/contrib/netbsd-tests/lib/libc/rpc/t_rpc.c
  stable/11/lib/libc/rpc/svc.c
Comment 8 commit-hook freebsd_committer freebsd_triage 2017-05-15 23:14:05 UTC 
A commit references this bug:

Author: brooks
Date: Mon May 15 23:13:50 UTC 2017
New revision: 318327
URL: https://svnweb.freebsd.org/changeset/base/318327

Log:
  MFC r317660, r317710

  r317660:
  Support clnt_raw's use of FD_SETSIZE as a fake file descriptor.

  Accomplish this by allocating space for it in __svc_xports and allowing
  it to be registered.  The failure to allocate space was causing an
  out-of-bounds read in svc_getreq_common().  The failure to register
  caused PR 211804.

  The bug was found with CHERI bounds checking.

  PR:		211804
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Reviewed by:	ngie
  Differential Revision:	https://reviews.freebsd.org/D10528

  r317710:
  Remove expected failure now that it was fixed in r317660.

  PR:		211804
  Reviewed by:	ngie
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Differential Revision:	https://reviews.freebsd.org/D10576

Changes:
_U  stable/10/
  stable/10/contrib/netbsd-tests/lib/libc/rpc/t_rpc.c
  stable/10/lib/libc/rpc/svc.c
Comment 9 commit-hook freebsd_committer freebsd_triage 2017-05-15 23:14:06 UTC 
A commit references this bug:

Author: brooks
Date: Mon May 15 23:13:50 UTC 2017
New revision: 318327
URL: https://svnweb.freebsd.org/changeset/base/318327

Log:
  MFC r317660, r317710

  r317660:
  Support clnt_raw's use of FD_SETSIZE as a fake file descriptor.

  Accomplish this by allocating space for it in __svc_xports and allowing
  it to be registered.  The failure to allocate space was causing an
  out-of-bounds read in svc_getreq_common().  The failure to register
  caused PR 211804.

  The bug was found with CHERI bounds checking.

  PR:		211804
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Reviewed by:	ngie
  Differential Revision:	https://reviews.freebsd.org/D10528

  r317710:
  Remove expected failure now that it was fixed in r317660.

  PR:		211804
  Reviewed by:	ngie
  Obtained from:	CheriBSD
  Sponsored by:	DARPA, AFRL
  Differential Revision:	https://reviews.freebsd.org/D10576

Changes:
_U  stable/10/
  stable/10/contrib/netbsd-tests/lib/libc/rpc/t_rpc.c
  stable/10/lib/libc/rpc/svc.c