Showing error 1663

User: Jiri Slaby
Error type: Invalid Pointer Dereference
Error type description: A pointer which is invalid is being dereferenced
File location: fs/xfs/xfs_da_btree.c
Line in file: 1624
Project: Linux Kernel
Project version: 2.6.28
Tools: Smatch (1.59)
Entered: 2013-09-10 07:54:05 UTC

Source: 

1594        /*
1595         * Try mapping it in one filesystem block.
1596         */
1597        nmap = 1;
1598        ASSERT(args->firstblock != NULL);
1599        if ((error = xfs_bmapi(tp, dp, bno, count,
1600                        XFS_BMAPI_AFLAG(w)|XFS_BMAPI_WRITE|XFS_BMAPI_METADATA|
1601                        XFS_BMAPI_CONTIG,
1602                        args->firstblock, args->total, &map, &nmap,
1603                        args->flist, NULL))) {
1604                return error;
1605        }
1606        ASSERT(nmap <= 1);
1607        if (nmap == 1) {
1608                mapp = &map;
1609                mapi = 1;
1610        }
1611        /*
1612         * If we didn't get it and the block might work if fragmented,
1613         * try without the CONTIG flag.  Loop until we get it all.
1614         */
1615        else if (nmap == 0 && count > 1) {
1616                mapp = kmem_alloc(sizeof(*mapp) * count, KM_SLEEP);
1617                for (b = bno, mapi = 0; b < bno + count; ) {
1618                        nmap = MIN(XFS_BMAP_MAX_NMAP, count);
1619                        c = (int)(bno + count - b);
1620                        if ((error = xfs_bmapi(tp, dp, b, c,
1621                                        XFS_BMAPI_AFLAG(w)|XFS_BMAPI_WRITE|
1622                                        XFS_BMAPI_METADATA,
1623                                        args->firstblock, args->total,
1624                                        &mapp[mapi], &nmap, args->flist,
1625                                        NULL))) {
1626                                kmem_free(mapp);
1627                                return error;
1628                        }
1629                        if (nmap < 1)
1630                                break;
1631                        mapi += nmap;
1632                        b = mapp[mapi - 1].br_startoff +
1633                            mapp[mapi - 1].br_blockcount;
1634                }
Show full sources