| User: | Jiri Slaby |
| Error type: | Invalid Pointer Dereference |
| Error type description: | A pointer which is invalid is being dereferenced |
| File location: | fs/xfs/xfs_log_recover.c |
| Line in file: | 1623 |
| Project: | Linux Kernel |
| Project version: | 2.6.28 |
| Tools: |
Smatch
(1.59)
|
| Entered: | 2013-09-10 07:54:05 UTC |
1593 ushort flags = 0; 1594 1595 switch (buf_f->blf_type) { 1596 case XFS_LI_BUF: 1597 blkno = buf_f->blf_blkno; 1598 len = buf_f->blf_len; 1599 flags = buf_f->blf_flags; 1600 break; 1601 } 1602 1603 /* 1604 * If this isn't a cancel buffer item, then just return. 1605 */ 1606 if (!(flags & XFS_BLI_CANCEL)) 1607 return; 1608 1609 /* 1610 * Insert an xfs_buf_cancel record into the hash table of 1611 * them. If there is already an identical record, bump 1612 * its reference count. 1613 */ 1614 bucket = &log->l_buf_cancel_table[(__uint64_t)blkno % 1615 XLOG_BC_TABLE_SIZE]; 1616 /* 1617 * If the hash bucket is empty then just insert a new record into 1618 * the bucket. 1619 */ 1620 if (*bucket == NULL) { 1621 bcp = (xfs_buf_cancel_t *)kmem_alloc(sizeof(xfs_buf_cancel_t), 1622 KM_SLEEP); 1623 bcp->bc_blkno = blkno; 1624 bcp->bc_len = len; 1625 bcp->bc_refcount = 1; 1626 bcp->bc_next = NULL; 1627 *bucket = bcp; 1628 return; 1629 } 1630 1631 /* 1632 * The hash bucket is not empty, so search for duplicates of our 1633 * record. If we find one them just bump its refcount. If not