From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@lists.01.org, Rao Shoaib <rao.shoaib@oracle.com>
Cc: lkp@intel.com, kbuild-all@lists.01.org, linux-kernel@vger.kernel.org
Subject: net/unix/af_unix.c:2471 manage_oob() warn: returning freed memory 'skb'
Date: Tue, 12 Jul 2022 11:57:48 +0300 [thread overview]
Message-ID: <202207090117.Ub3gbT5M-lkp@intel.com> (raw)
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: e8a4e1c1bb697b1d9fc48f0e56dc0f50bc024bee
commit: 314001f0bf927015e459c9d387d62a231fe93af3 af_unix: Add OOB support
config: m68k-randconfig-m031-20220708 (https://download.01.org/0day-ci/archive/20220709/202207090117.Ub3gbT5M-lkp@intel.com/config)
compiler: m68k-linux-gcc (GCC) 11.3.0
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
net/unix/af_unix.c:2471 manage_oob() warn: returning freed memory 'skb'
vim +/skb +2471 net/unix/af_unix.c
314001f0bf9270 Rao Shoaib 2021-08-01 2446 static struct sk_buff *manage_oob(struct sk_buff *skb, struct sock *sk,
314001f0bf9270 Rao Shoaib 2021-08-01 2447 int flags, int copied)
314001f0bf9270 Rao Shoaib 2021-08-01 2448 {
314001f0bf9270 Rao Shoaib 2021-08-01 2449 struct unix_sock *u = unix_sk(sk);
314001f0bf9270 Rao Shoaib 2021-08-01 2450
314001f0bf9270 Rao Shoaib 2021-08-01 2451 if (!unix_skb_len(skb) && !(flags & MSG_PEEK)) {
314001f0bf9270 Rao Shoaib 2021-08-01 2452 skb_unlink(skb, &sk->sk_receive_queue);
314001f0bf9270 Rao Shoaib 2021-08-01 2453 consume_skb(skb);
314001f0bf9270 Rao Shoaib 2021-08-01 2454 skb = NULL;
314001f0bf9270 Rao Shoaib 2021-08-01 2455 } else {
314001f0bf9270 Rao Shoaib 2021-08-01 2456 if (skb == u->oob_skb) {
314001f0bf9270 Rao Shoaib 2021-08-01 2457 if (copied) {
314001f0bf9270 Rao Shoaib 2021-08-01 2458 skb = NULL;
314001f0bf9270 Rao Shoaib 2021-08-01 2459 } else if (sock_flag(sk, SOCK_URGINLINE)) {
314001f0bf9270 Rao Shoaib 2021-08-01 2460 if (!(flags & MSG_PEEK)) {
314001f0bf9270 Rao Shoaib 2021-08-01 2461 u->oob_skb = NULL;
314001f0bf9270 Rao Shoaib 2021-08-01 2462 consume_skb(skb);
It's so weird that we're sending warnings about 2021 code... I looked
at this warning on Aug 10, 2021 but for some reason I didn't send it.
314001f0bf9270 Rao Shoaib 2021-08-01 2463 }
314001f0bf9270 Rao Shoaib 2021-08-01 2464 } else if (!(flags & MSG_PEEK)) {
314001f0bf9270 Rao Shoaib 2021-08-01 2465 skb_unlink(skb, &sk->sk_receive_queue);
314001f0bf9270 Rao Shoaib 2021-08-01 2466 consume_skb(skb);
314001f0bf9270 Rao Shoaib 2021-08-01 2467 skb = skb_peek(&sk->sk_receive_queue);
314001f0bf9270 Rao Shoaib 2021-08-01 2468 }
314001f0bf9270 Rao Shoaib 2021-08-01 2469 }
314001f0bf9270 Rao Shoaib 2021-08-01 2470 }
314001f0bf9270 Rao Shoaib 2021-08-01 @2471 return skb;
314001f0bf9270 Rao Shoaib 2021-08-01 2472 }
--
0-DAY CI Kernel Test Service
https://01.org/lkp
next reply other threads:[~2022-07-12 8:58 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-12 8:57 Dan Carpenter [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-11-30 13:04 net/unix/af_unix.c:2471 manage_oob() warn: returning freed memory 'skb' Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202207090117.Ub3gbT5M-lkp@intel.com \
--to=dan.carpenter@oracle.com \
--cc=kbuild-all@lists.01.org \
--cc=kbuild@lists.01.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@intel.com \
--cc=rao.shoaib@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox