Bug 15458

Summary: [cppcheck] found a possible null pointer dereference in sunrpc (linux-2.6/net/sunrpc/xprt.c)
Product: File System Reporter: Martin Ettl (ettl.martin)
Component: NFSAssignee: Trond Myklebust (trondmy)
Status: RESOLVED OBSOLETE    
Severity: normal CC: alan
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: Subsystem:
Regression: No Bisected commit-id:
Attachments: patch that removes the redundant nullpointer checking

Description Martin Ettl 2010-03-06 12:58:57 UTC 
during a check of the current git head of the linux kernel with the static code
analysis tool cppcheck
(http://sourceforge.net/apps/mediawiki/cppcheck/index.php?title=Main_Page) the
tool discoverd a possible nullpointer derefefence in linux-2.6/net/sunrpc/xprt.c. Cppcheck printed the following message:

Possible null pointer dereference: req - otherwise it is redundant to check if req is null at line 209

Take a look at the source:
....
	struct rpc_rqst *req = task->tk_rqstp;
#199	struct rpc_xprt	*xprt = req->rq_xprt;

	if (test_and_set_bit(XPRT_LOCKED, &xprt->state)) {
		if (task == xprt->snd_task)
			return 1;
		if (task == NULL)
			return 0;
		goto out_sleep;
	}
	xprt->snd_task = task;
#209	if (req) {
		req->rq_bytes_sent = 0;
		req->rq_ntrans++;
	}
	return 1;
....

As you can see, at line 199 the pointer req is allready dereferenced, so there is no need to check for a nullpointer at line 209. In order to make the code more stable, i would recommend to move the nullpointer check to line 199!

Best regards

Ettl Martin
Comment 1 Trond Myklebust 2010-03-06 14:54:11 UTC 
We should just remove that check. If something is trying to lock the socket without first having got a slot, then we have bigger issues, and I'd prefer to see the Oops.
Comment 2 Martin Ettl 2010-03-06 15:21:58 UTC 
Created attachment 25389 [details]
patch that removes the redundant nullpointer checking

Here is a patch that removes the checking of a nullpointer at line 207
Comment 3 Trond Myklebust 2010-03-08 20:05:27 UTC 
Can you please mail the patch to the NFS list (linux-nfs@vger.kernel.org) and Cc myself (Trond.Myklebust@netapp.com).
Please don't forget to include a signed-off-by line as per the SubmittingPatches document.

Thanks!