| User: | Jiri Slaby |
| Error type: | Invalid Pointer Dereference |
| Error type description: | A pointer which is invalid is being dereferenced |
| File location: | fs/xfs/xfs_dir2_leaf.c |
| Line in file: | 838 |
| Project: | Linux Kernel |
| Project version: | 2.6.28 |
| Tools: |
Smatch
(1.59)
|
| Entered: | 2013-09-10 07:54:05 UTC |
808 curoff = xfs_dir2_dataptr_to_byte(mp, *offset); 809 810 /* 811 * Force this conversion through db so we truncate the offset 812 * down to get the start of the data block. 813 */ 814 map_off = xfs_dir2_db_to_da(mp, xfs_dir2_byte_to_db(mp, curoff)); 815 /* 816 * Loop over directory entries until we reach the end offset. 817 * Get more blocks and readahead as necessary. 818 */ 819 while (curoff < XFS_DIR2_LEAF_OFFSET) { 820 /* 821 * If we have no buffer, or we're off the end of the 822 * current buffer, need to get another one. 823 */ 824 if (!bp || ptr >= (char *)bp->data + mp->m_dirblksize) { 825 /* 826 * If we have a buffer, we need to release it and 827 * take it out of the mapping. 828 */ 829 if (bp) { 830 xfs_da_brelse(NULL, bp); 831 bp = NULL; 832 map_blocks -= mp->m_dirblkfsbs; 833 /* 834 * Loop to get rid of the extents for the 835 * directory block. 836 */ 837 for (i = mp->m_dirblkfsbs; i > 0; ) { 838 j = MIN((int)map->br_blockcount, i); 839 map->br_blockcount -= j; 840 map->br_startblock += j; 841 map->br_startoff += j; 842 /* 843 * If mapping is done, pitch it from 844 * the table. 845 */ 846 if (!map->br_blockcount && --map_valid) 847 memmove(&map[0], &map[1], 848 sizeof(map[0]) *