| Message ID | 20190111145718.10870-1-rajur@chelsio.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Jason Gunthorpe |
| Headers | show |
| Series | RDMA/iw_cxgb4: Fix the unchecked ep dereference | expand |
On Fri, Jan 11, 2019 at 08:27:18PM +0530, Raju Rangoju wrote: > The patch 944661dd97f4: "RDMA/iw_cxgb4: atomically lookup ep and get a > reference" from May 6, 2016, leads to the following Smatch > complaint: > > drivers/infiniband/hw/cxgb4/cm.c:2953 terminate() > error: we previously assumed 'ep' could be null (see line 2945) > > Fixes: 944661dd97f4 ("RDMA/iw_cxgb4: atomically lookup ep and get a > reference") > > Reported-by: Dan Carpenter <dan.carpenter@oracle.com> > Signed-off-by: Raju Rangoju <rajur@chelsio.com> > --- > drivers/infiniband/hw/cxgb4/cm.c | 17 ++++++++++------- > 1 file changed, 10 insertions(+), 7 deletions(-) Applied to for-next Thanks, Jason
diff --git a/drivers/infiniband/hw/cxgb4/cm.c b/drivers/infiniband/hw/cxgb4/cm.c index 8221813219e5..355a8cf8fbf4 100644 --- a/drivers/infiniband/hw/cxgb4/cm.c +++ b/drivers/infiniband/hw/cxgb4/cm.c @@ -2942,15 +2942,18 @@ static int terminate(struct c4iw_dev *dev, struct sk_buff *skb) ep = get_ep_from_tid(dev, tid); - if (ep && ep->com.qp) { - pr_warn("TERM received tid %u qpid %u\n", - tid, ep->com.qp->wq.sq.qid); - attrs.next_state = C4IW_QP_STATE_TERMINATE; - c4iw_modify_qp(ep->com.qp->rhp, ep->com.qp, - C4IW_QP_ATTR_NEXT_STATE, &attrs, 1); + if (ep) { + if(ep->com.qp) { + pr_warn("TERM received tid %u qpid %u\n", + tid, ep->com.qp->wq.sq.qid); + attrs.next_state = C4IW_QP_STATE_TERMINATE; + c4iw_modify_qp(ep->com.qp->rhp, ep->com.qp, + C4IW_QP_ATTR_NEXT_STATE, &attrs, 1); + } + + c4iw_put_ep(&ep->com); } else pr_warn("TERM received tid %u no ep/qp\n", tid); - c4iw_put_ep(&ep->com); return 0; }
The patch 944661dd97f4: "RDMA/iw_cxgb4: atomically lookup ep and get a reference" from May 6, 2016, leads to the following Smatch complaint: drivers/infiniband/hw/cxgb4/cm.c:2953 terminate() error: we previously assumed 'ep' could be null (see line 2945) Fixes: 944661dd97f4 ("RDMA/iw_cxgb4: atomically lookup ep and get a reference") Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Raju Rangoju <rajur@chelsio.com> --- drivers/infiniband/hw/cxgb4/cm.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-)