On Sat, Feb 13, 2016 at 11:48:39PM -0500, Oleg Drokin wrote:
> so far the biggest class of issues here is when we allocate something, but check for errptr, and there exists another path
> that does not allocate anything and exit code path checks for NULL to see if the allocation needs to be unwinded (transaction stopped and such).
> I do not think assuming IS_ERR is also NULL pointer check is such a great idea since that might fail to find some bugs where we can get NULL or err ptr?
>
> Kind of like:
> ptr *handle = NULL;
>
> if (something) {
> handle = transaction_start(blah);
> if (IS_ERR(handle))
> goto err;
> do_some_stuff(handle);
> …
> }
>
> if (handle) <== false positive hits here.
> transaction_stop(handle);
>
> err:
> ...
That test is only supposed to complain where every path leading to the
check dereferences the pointer.
Can you give me something I can test myself?
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe smatch" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
