tree: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git master head: 5a6bd84f815485800699f55c78f690b2ed35f0c5 commit: a60a2b1e0af1a7517ba41689b39e9df90ef09041 [903/970] net/smc: reduce active tcp_listen workers config: i386-randconfig-m021-20200911 (attached as .config) compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> Reported-by: Dan Carpenter <[email protected]> smatch warnings: net/smc/smc_close.c:214 smc_close_active() warn: variable dereferenced before check 'smc->clcsock' (see line 211) net/smc/smc_close.c:214 smc_close_active() warn: variable dereferenced before check 'smc->clcsock->sk' (see line 211) # https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=a60a2b1e0af1a7517ba41689b39e9df90ef09041 git remote add net-next https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git git fetch --no-tags net-next master git checkout a60a2b1e0af1a7517ba41689b39e9df90ef09041 vim +214 net/smc/smc_close.c b38d732477e4211 Ursula Braun 2017-01-09 189 int smc_close_active(struct smc_sock *smc) b38d732477e4211 Ursula Braun 2017-01-09 190 { b38d732477e4211 Ursula Braun 2017-01-09 191 struct smc_cdc_conn_state_flags *txflags = b38d732477e4211 Ursula Braun 2017-01-09 192 &smc->conn.local_tx_ctrl.conn_state_flags; b38d732477e4211 Ursula Braun 2017-01-09 193 struct smc_connection *conn = &smc->conn; b38d732477e4211 Ursula Braun 2017-01-09 194 struct sock *sk = &smc->sk; b38d732477e4211 Ursula Braun 2017-01-09 195 int old_state; 8c96feeeb39ba0b Ursula Braun 2017-09-21 196 long timeout; b38d732477e4211 Ursula Braun 2017-01-09 197 int rc = 0; b38d732477e4211 Ursula Braun 2017-01-09 198 8c96feeeb39ba0b Ursula Braun 2017-09-21 199 timeout = current->flags & PF_EXITING ? 8c96feeeb39ba0b Ursula Braun 2017-09-21 200 0 : sock_flag(sk, SOCK_LINGER) ? 8c96feeeb39ba0b Ursula Braun 2017-09-21 201 sk->sk_lingertime : SMC_MAX_STREAM_WAIT_TIMEOUT; b38d732477e4211 Ursula Braun 2017-01-09 202 b38d732477e4211 Ursula Braun 2017-01-09 203 old_state = sk->sk_state; bbb96bf2366e502 Ursula Braun 2018-01-24 204 again: bbb96bf2366e502 Ursula Braun 2018-01-24 205 switch (sk->sk_state) { b38d732477e4211 Ursula Braun 2017-01-09 206 case SMC_INIT: b38d732477e4211 Ursula Braun 2017-01-09 207 sk->sk_state = SMC_CLOSED; b38d732477e4211 Ursula Braun 2017-01-09 208 break; b38d732477e4211 Ursula Braun 2017-01-09 209 case SMC_LISTEN: b38d732477e4211 Ursula Braun 2017-01-09 210 sk->sk_state = SMC_CLOSED; a60a2b1e0af1a75 Ursula Braun 2020-09-10 @211 smc->clcsock->sk->sk_data_ready = smc->clcsk_data_ready; ^^^^^^^^^^^^^^^^^ Dereferences a60a2b1e0af1a75 Ursula Braun 2020-09-10 212 smc->clcsock->sk->sk_user_data = NULL; b38d732477e4211 Ursula Braun 2017-01-09 213 sk->sk_state_change(sk); /* wake up accept */ a60a2b1e0af1a75 Ursula Braun 2020-09-10 @214 if (smc->clcsock && smc->clcsock->sk) ^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^ Checks for NULL too late? b38d732477e4211 Ursula Braun 2017-01-09 215 rc = kernel_sock_shutdown(smc->clcsock, SHUT_RDWR); b38d732477e4211 Ursula Braun 2017-01-09 216 smc_close_cleanup_listen(sk); 3d502067599f0db Ursula Braun 2018-03-13 217 release_sock(sk); 3d502067599f0db Ursula Braun 2018-03-13 218 flush_work(&smc->tcp_listen_work); 3d502067599f0db Ursula Braun 2018-03-13 219 lock_sock(sk); b38d732477e4211 Ursula Braun 2017-01-09 220 break; b38d732477e4211 Ursula Braun 2017-01-09 221 case SMC_ACTIVE: b38d732477e4211 Ursula Braun 2017-01-09 222 smc_close_stream_wait(smc, timeout); --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected]
.config.gz
Description: application/gzip
