Hello Johannes Berg,
This is a semi-automatic email about new static checker warnings.
The patch d648c23024bd: "wifi: nl80211: support MLO in auth/assoc"
from May 31, 2022, leads to the following Smatch complaint:
net/wireless/mlme.c:328 cfg80211_mlme_assoc()
warn: variable dereferenced before check 'req->bss' (see line 324)
net/wireless/mlme.c
323
324 err = rdev_assoc(rdev, dev, req);
^^^
req->bss dereferenced inside the function call
325 if (!err) {
326 int link_id;
327
328 if (req->bss) {
^^^^^^^^
Check for NULL is too late
329 cfg80211_ref_bss(&rdev->wiphy, req->bss);
330 cfg80211_hold_bss(bss_from_pub(req->bss));
regards,
dan carpenter
On Wed, 2022-06-22 at 10:03 +0300, Dan Carpenter wrote:
> The patch d648c23024bd: "wifi: nl80211: support MLO in auth/assoc"
> from May 31, 2022, leads to the following Smatch complaint:
>
> net/wireless/mlme.c:328 cfg80211_mlme_assoc()
> warn: variable dereferenced before check 'req->bss' (see line 324)
>
> net/wireless/mlme.c
> 323
> 324 err = rdev_assoc(rdev, dev, req);
> ^^^
> req->bss dereferenced inside the function call
>
> 325 if (!err) {
> 326 int link_id;
> 327
> 328 if (req->bss) {
> ^^^^^^^^
> Check for NULL is too late
>
I was writing why all of this is correct but now I realized that
literally in rdev_assoc() we dereference it ... that's obviously
garbage, I need to adjust the tracing for all of this.
But anyway I should move that into the tracing.
For now this is fine because you can't get here with req->bss == NULL
(which would imply req->link[i] != NULL for some value(s) of i) because
no driver advertises MLO support.
Thanks for the report!
johannes