On Wed, Jul 24, 2019 at 09:48:38AM +0100, Steven Whitehouse wrote: > Hi, > > On 24/07/2019 09:43, Jia-Ju Bai wrote: > > In gfs2_alloc_inode(), when kmem_cache_alloc() on line 1724 returns > > NULL, ip is assigned to NULL. In this case, "return &ip->i_inode" will > > cause a null-pointer dereference. > > > > To fix this null-pointer dereference, NULL is returned when ip is NULL. > > > > This bug is found by a static analysis tool STCheck written by us. > > The bug is in the tool I'm afraid. Since i_inode is the first element of ip, > there is no NULL dereference here. A pointer to ip->i_inode and a pointer to > ip are one and the same (bar the differing types) which is the reason that > we return &ip->i_inode rather than just ip,
But that doesn't help if ip is NULL, as dereferencing a field in in still remains invalid behavior.
