From: Dan Carpenter Subject: dereference before check in ext4_move_extents() Date: Sun, 13 May 2012 21:43:21 +0300 Message-ID: <20120513184321.GA16541@elgon.mountain> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Akira Fujita To: linux-ext4@vger.kernel.org Return-path: Received: from rcsinet15.oracle.com ([148.87.113.117]:33093 "EHLO rcsinet15.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752256Ab2EMSnh (ORCPT ); Sun, 13 May 2012 14:43:37 -0400 Content-Disposition: inline Sender: linux-ext4-owner@vger.kernel.org List-ID: Hi, going through some static checker warnings and reporting bugs. These were introduced a long time ago. The patch 748de6736c1e: "ext4: online defrag -- Add EXT4_IOC_MOVE_EXT ioctl" from Jun 17, 2009, leads to the following Smatch complaint: fs/ext4/move_extent.c:1381 ext4_move_extents() warn: variable dereferenced before check 'holecheck_path' (see line 1292) fs/ext4/move_extent.c 1291 ext_prev = ext_cur; 1292 last_extent = mext_next_extent(orig_inode, holecheck_path, ^^^^^^^^^^^^^^ Dereferenced unconditionally inside the mext_next_extent() function. 1293 &ext_cur); 1294 if (last_extent < 0) { 1295 ret1 = last_extent; 1296 break; 1297 } [snip] 1376 double_down_write_data_sem(orig_inode, donor_inode); 1377 if (ret1 < 0) 1378 break; 1379 1380 /* Decrease buffer counter */ 1381 if (holecheck_path) ^^^^^^^^^^^^^^ Checked here. 1382 ext4_ext_drop_refs(holecheck_path); 1383 ret1 = get_ext_path(orig_inode, seq_start, &holecheck_path); regards, dan carpenter