Re: [PATCH] namespace: Added pointer check in copy_mnt_ns()

From: Matthew Wilcox
Date: Wed Nov 16 2022 - 13:17:01 EST

Next message: Linus Torvalds: "Re: [PATCH mm-unstable v1 20/20] mm: rename FOLL_FORCE to FOLL_PTRACE"
Previous message: Andy Lutomirski: "Re: [PATCH v9 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit"
In reply to: Denis Arefev: "[PATCH] namespace: Added pointer check in copy_mnt_ns()"
Next in thread: Dan Carpenter: "Re: [PATCH] namespace: Added pointer check in copy_mnt_ns()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 16, 2022 at 12:12:55PM +0300, Denis Arefev wrote:
> Return value of a function 'next_mnt' is dereferenced at
> namespace.c:3377 without checking for null,
> but it is usually checked for this function
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.

You need to do human analysis, not just send the results from a bot.
What conditions can lead to this function returning NULL? Do we
already know those conditions can or cannot hold?

Next message: Linus Torvalds: "Re: [PATCH mm-unstable v1 20/20] mm: rename FOLL_FORCE to FOLL_PTRACE"
Previous message: Andy Lutomirski: "Re: [PATCH v9 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit"
In reply to: Denis Arefev: "[PATCH] namespace: Added pointer check in copy_mnt_ns()"
Next in thread: Dan Carpenter: "Re: [PATCH] namespace: Added pointer check in copy_mnt_ns()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]