Bug 34362
| Summary: | Error-valued pointer dereferences | ||
|---|---|---|---|
| Product: | File System | Reporter: | Cindy Rubio (crubio) |
| Component: | ReiserFS | Assignee: | ReiseFS developers team (reiserfs-devel) |
| Status: | NEW --- | ||
| Severity: | normal | CC: | alan, szg00000, xerofoify |
| Priority: | P1 | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Kernel Version: | 2.6.38.3 | Subsystem: | |
| Regression: | No | Bisected commit-id: | |
| Attachments: | Sample traces describing error-valued pointer dereferences | ||
Created attachment 56552 [details] Sample traces describing error-valued pointer dereferences We have statically analyzed ReiserFS, VFS and the memory management module to find error-valued pointers that are dereferenced. We have found five potential error-valued pointer dereferences: fs/inode.c:1436: Dereferencing variable iput#inode, which may contain one of the following error codes: ENOMEM* fs/reiserfs/super.c:249: Dereferencing variable finish_unfinished#inode, which may contain one of the following error codes: ENOMEM* fs/reiserfs/super.c:259: Dereferencing variable finish_unfinished#inode, which may contain one of the following error codes: ENOMEM* fs/reiserfs/super.c:279: Dereferencing variable finish_unfinished#inode, which may contain one of the following error codes: ENOMEM* fs/super.c:205: Dereferencing variable deactivate_super#s, which may contain one of the following error codes: ENOMEM* For each potential error-valued pointer dereference, our tool produces a complete sample trace and the corresponding slice. The complete sample trace illustrates how one error code may reach the program point at which the variable is dereferenced. The slice summarizes the complete sample trace by including only relevant program points at which the error code is transferred from variable to variable or returned by a function. Sample traces and slices are attached.