* dereferencing freed variable in "add basic DIO read/write support"
@ 2010-05-28 10:33 Dan Carpenter
2010-05-28 12:54 ` Chris Mason
0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2010-05-28 10:33 UTC (permalink / raw)
To: Josef Bacik; +Cc: linux-btrfs
Hello,
Smatch complains about a possible freed pointer deref introduced by:
4b46fce2334 "Btrfs: add basic DIO read/write support". Could you take a
look?
fs/btrfs/inode.c +5716 btrfs_submit_direct(79)
5705 out_err:
5706 kfree(dip->csums);
5707 kfree(dip);
^^^^^^^^^^^
dip is freed here.
5708 free_ordered:
5709 /*
5710 * If this is a write, we need to clean up the reserved space and kill
5711 * the ordered extent.
5712 */
5713 if (write) {
5714 struct btrfs_ordered_extent *ordered;
5715 ordered = btrfs_lookup_ordered_extent(inode,
5716 dip->logical_offset);
^^^^^^^^^^^^^^^^^^^
dereferenced here. Actually, dip could also be null here if the
kmalloc failed()
regards,
dan carpenter
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-05-28 12:54 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-05-28 10:33 dereferencing freed variable in "add basic DIO read/write support" Dan Carpenter
2010-05-28 12:54 ` Chris Mason
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).