Showing error 1848

User: Jiri Slaby
Error type: Invalid Pointer Dereference
Error type description: A pointer which is invalid is being dereferenced
File location: drivers/scsi/scsi_debug.c
Line in file: 2775
Project: Linux Kernel
Project version: 2.6.28
Tools: Smatch (1.59)
Entered: 2013-09-11 08:47:26 UTC

Source: 

2745        if (target == SCpnt->device->host->hostt->this_id) {
2746                printk(KERN_INFO "scsi_debug: initiator's id used as "
2747                       "target!\n");
2748                return schedule_resp(SCpnt, NULL, done,
2749                                     DID_NO_CONNECT << 16, 0);
2750        }
2751
2752        if ((SCpnt->device->lun >= scsi_debug_max_luns) &&
2753            (SCpnt->device->lun != SAM2_WLUN_REPORT_LUNS))
2754                return schedule_resp(SCpnt, NULL, done,
2755                                     DID_NO_CONNECT << 16, 0);
2756        devip = devInfoReg(SCpnt->device);
2757        if (NULL == devip)
2758                return schedule_resp(SCpnt, NULL, done,
2759                                     DID_NO_CONNECT << 16, 0);
2760
2761        if ((scsi_debug_every_nth != 0) &&
2762            (++scsi_debug_cmnd_count >= abs(scsi_debug_every_nth))) {
2763                scsi_debug_cmnd_count = 0;
2764                if (scsi_debug_every_nth < -1)
2765                        scsi_debug_every_nth = -1;
2766                if (SCSI_DEBUG_OPT_TIMEOUT & scsi_debug_opts)
2767                        return 0; /* ignore command causing timeout */
2768                else if (SCSI_DEBUG_OPT_RECOVERED_ERR & scsi_debug_opts)
2769                        inj_recovered = 1; /* to reads and writes below */
2770                else if (SCSI_DEBUG_OPT_TRANSPORT_ERR & scsi_debug_opts)
2771                        inj_transport = 1; /* to reads and writes below */
2772        }
2773
2774        if (devip->wlun) {
2775                switch (*cmd) {
2776                case INQUIRY:
2777                case REQUEST_SENSE:
2778                case TEST_UNIT_READY:
2779                case REPORT_LUNS:
2780                        break;  /* only allowable wlun commands */
2781                default:
2782                        if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
2783                                printk(KERN_INFO "scsi_debug: Opcode: 0x%x "
2784                                       "not supported for wlun\n", *cmd);
2785                        mk_sense_buffer(devip, ILLEGAL_REQUEST,
Show full sources