On Thu, Jul 01, 2010 at 05:16:43PM +0400, Kulikov Vasiliy wrote: > - Sg_fd *sfp; > + Sg_fd *sfp = filp->private_data; ^^^^^^^^^^^^^^^^^^ Dereferenced here. > unsigned long req_sz, len, sa; > Sg_scatter_hold *rsv_schp; > int k, length; > > - if ((!filp) || (!vma) || (!(sfp = (Sg_fd *) filp->private_data))) > + if ((!filp) || (!vma) || !(sfp)) ^^^^^ Checked here. I obviously just spotted that during the review but another way would be to use smatch to catch these. (http://smatch.sf.net) $ /path/to/smatch_scripts/kchecker drivers/scsi/sg.c CHK include/linux/version.h CHK include/generated/utsrelease.h CALL scripts/checksyscalls.sh CHECK drivers/scsi/sg.c drivers/scsi/sg.c +1236 sg_mmap(7) warn: variable dereferenced before check 'filp' CC [M] drivers/scsi/sg.o $ You could also get rid of the extra parenthesis. + if (!filp || !vma || !sfp) > return -ENXIO; > req_sz = vma->vm_end - vma->vm_start; > SCSI_LOG_TIMEOUT(3, printk("sg_mmap starting, vm_start=%p, len=%d\n", Btw. These are _way_ better than when you sent them the first time. Thanks for doing resending them. regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html