Showing error 1759

User: Jiri Slaby
Error type: Invalid Pointer Dereference
Error type description: A pointer which is invalid is being dereferenced
File location: fs/namespace.c
Line in file: 1996
Project: Linux Kernel
Project version: 2.6.28
Tools: Smatch (1.59)
Entered: 2013-09-10 20:24:52 UTC

Source: 

1966/*
1967 * Allocate a new namespace structure and populate it with contents
1968 * copied from the namespace of the passed in task structure.
1969 */
1970static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns,
1971                struct fs_struct *fs)
1972{
1973        struct mnt_namespace *new_ns;
1974        struct vfsmount *rootmnt = NULL, *pwdmnt = NULL;
1975        struct vfsmount *p, *q;
1976
1977        new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL);
1978        if (!new_ns)
1979                return ERR_PTR(-ENOMEM);
1980
1981        atomic_set(&new_ns->count, 1);
1982        INIT_LIST_HEAD(&new_ns->list);
1983        init_waitqueue_head(&new_ns->poll);
1984        new_ns->event = 0;
1985
1986        down_write(&namespace_sem);
1987        /* First pass: copy the tree topology */
1988        new_ns->root = copy_tree(mnt_ns->root, mnt_ns->root->mnt_root,
1989                                        CL_COPY_ALL | CL_EXPIRE);
1990        if (!new_ns->root) {
1991                up_write(&namespace_sem);
1992                kfree(new_ns);
1993                return ERR_PTR(-ENOMEM);;
1994        }
1995        spin_lock(&vfsmount_lock);
1996        list_add_tail(&new_ns->list, &new_ns->root->mnt_list);
1997        spin_unlock(&vfsmount_lock);
1998
1999        /*
2000         * Second pass: switch the tsk->fs->* elements and mark new vfsmounts
2001         * as belonging to new namespace.  We have already acquired a private
2002         * fs_struct, so tsk->fs->lock is not needed.
2003         */
2004        p = mnt_ns->root;
2005        q = new_ns->root;
2006        while (p) {
Show full sources