| User: | Jiri Slaby |
| Error type: | Invalid Pointer Dereference |
| Error type description: | A pointer which is invalid is being dereferenced |
| File location: | fs/ext3/inode.c |
| Line in file: | 865 |
| Project: | Linux Kernel |
| Project version: | 2.6.28 |
| Tools: |
Smatch
(1.59)
|
| Entered: | 2013-09-11 08:47:26 UTC |
835 836 if (blk == first_block + count) 837 count++; 838 else 839 break; 840 } 841 if (err != -EAGAIN) 842 goto got_it; 843 } 844 845 /* Next simple case - plain lookup or failed read of indirect block */ 846 if (!create || err == -EIO) 847 goto cleanup; 848 849 mutex_lock(&ei->truncate_mutex); 850 851 /* 852 * If the indirect block is missing while we are reading 853 * the chain(ext3_get_branch() returns -EAGAIN err), or 854 * if the chain has been changed after we grab the semaphore, 855 * (either because another process truncated this branch, or 856 * another get_block allocated this branch) re-grab the chain to see if 857 * the request block has been allocated or not. 858 * 859 * Since we already block the truncate/other get_block 860 * at this point, we will have the current copy of the chain when we 861 * splice the branch into the tree. 862 */ 863 if (err == -EAGAIN || !verify_chain(chain, partial)) { 864 while (partial > chain) { 865 brelse(partial->bh); 866 partial--; 867 } 868 partial = ext3_get_branch(inode, depth, offsets, chain, &err); 869 if (!partial) { 870 count++; 871 mutex_unlock(&ei->truncate_mutex); 872 if (err) 873 goto cleanup; 874 clear_buffer_new(bh_result); 875 goto got_it;