Dan Carpenter
2011-Nov-08 14:59 UTC
smatch stuff: potential NULL dereference in btrfs_rm_device()
Hi Yan,
Smatch complains about this code from 2008.
fs/btrfs/volumes.c +1417 btrfs_rm_device(157)
error: we previously assumed ''fs_devices'' could be null (see
line 1412)
1412 while (fs_devices) {
^^^^^^^^^^
checked here.
1413 if (fs_devices->seed == cur_devices)
1414 break;
1415 fs_devices = fs_devices->seed;
1416 }
1417 fs_devices->seed = cur_devices->seed;
^^^^^^^^^^^^
dereferenced here.
If we don''t hit the break statement, then at the end of the loop
we''d
oops.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs"
in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Ilya Dryomov
2011-Nov-08 15:16 UTC
Re: smatch stuff: potential NULL dereference in btrfs_rm_device()
On Tue, Nov 08, 2011 at 05:59:45PM +0300, Dan Carpenter wrote:> Hi Yan, > > Smatch complains about this code from 2008. > > fs/btrfs/volumes.c +1417 btrfs_rm_device(157) > error: we previously assumed ''fs_devices'' could be null (see line 1412) > > 1412 while (fs_devices) { > ^^^^^^^^^^ > checked here. > > 1413 if (fs_devices->seed == cur_devices) > 1414 break; > 1415 fs_devices = fs_devices->seed; > 1416 } > 1417 fs_devices->seed = cur_devices->seed; > ^^^^^^^^^^^^ > dereferenced here. > > If we don''t hit the break statement, then at the end of the loop we''d > oops.I don''t think Zheng works for Oracle (and on Btrfs) any more. I''ll look into it. Thanks, Ilya -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html