* re: btrfs: fix check_shared for fiemap ioctl
@ 2016-06-07 17:18 Dan Carpenter
2016-06-08 1:10 ` Lu Fengqi
0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2016-06-07 17:18 UTC (permalink / raw)
To: lufq.fnst; +Cc: linux-btrfs
Hello Lu Fengqi,
The patch ac8332f0c3ac: "btrfs: fix check_shared for fiemap ioctl"
from Jun 1, 2016, leads to the following static checker warning:
fs/btrfs/backref.c:277 ref_tree_add()
error: dereferencing freed memory 'node'
fs/btrfs/backref.c
271 origin_count = node->ref_mod;
272 node->ref_mod += count;
273
274 if (!node->ref_mod)
275 ref_tree_remove(ref_tree, node);
^^^^
Freed here.
276
277 if (node->ref_mod > 0)
^^^^^^^^^^^^^
Use after free.
278 ref_tree->unique_refs += origin_count > 0 ? 0 : 1;
279 else if (node->ref_mod <= 0)
280 ref_tree->unique_refs += origin_count > 0 ? -1 : 0;
281
282 return 0;
regards,
dan carpenter
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: btrfs: fix check_shared for fiemap ioctl
2016-06-07 17:18 btrfs: fix check_shared for fiemap ioctl Dan Carpenter
@ 2016-06-08 1:10 ` Lu Fengqi
0 siblings, 0 replies; 2+ messages in thread
From: Lu Fengqi @ 2016-06-08 1:10 UTC (permalink / raw)
To: Dan Carpenter; +Cc: linux-btrfs
At 06/08/2016 01:18 AM, Dan Carpenter wrote:
> Hello Lu Fengqi,
>
> The patch ac8332f0c3ac: "btrfs: fix check_shared for fiemap ioctl"
> from Jun 1, 2016, leads to the following static checker warning:
>
> fs/btrfs/backref.c:277 ref_tree_add()
> error: dereferencing freed memory 'node'
>
> fs/btrfs/backref.c
> 271 origin_count = node->ref_mod;
> 272 node->ref_mod += count;
> 273
> 274 if (!node->ref_mod)
> 275 ref_tree_remove(ref_tree, node);
> ^^^^
> Freed here.
>
> 276
> 277 if (node->ref_mod > 0)
> ^^^^^^^^^^^^^
> Use after free.
>
> 278 ref_tree->unique_refs += origin_count > 0 ? 0 : 1;
> 279 else if (node->ref_mod <= 0)
> 280 ref_tree->unique_refs += origin_count > 0 ? -1 : 0;
> 281
> 282 return 0;
>
> regards,
> dan carpenter
>
>
Yes, this warning is right. I will update this patch to correct it.
--
Thanks,
Lu
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-06-08 1:10 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-06-07 17:18 btrfs: fix check_shared for fiemap ioctl Dan Carpenter
2016-06-08 1:10 ` Lu Fengqi
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.