CodeSonar : pvm3.4.6 : Null Pointer Dereference

pvm3.4.6 : pvm3.4.6 analysis 2 : Null Pointer Dereference at task.c:837

Categories:	LANG.MEM.NPD CWE:476
Warning ID:	82.28672
Procedure:	task_cleanup
Trace:	view
Modified:	Thu Nov 26 11:27:20 2009 show details hide details

Priority:	None
State:	None
Finding:	None
Owner:	None
	edit properties

Legend	[ X ]
Warning Location Contributes Parse Error Other Warning Two or More Loop Iterations On Execution Path Comment Macro Preprocessor Include Keyword Preprocessed Away

Legend
Warning Location	Contributes	Parse Error
Other Warning	Two or More Loop Iterations	On Execution Path
Comment	Macro	Preprocessor
Include	Keyword	Preprocessed Away

Source | Language: C

Hide Legend

Problem	Line	Source

			/kat0/fletcher/SATE/2010/pvm3/src/task.c

			Enter task_cleanup

task_cleanup(tp)

struct task *tp;

{

struct pmsg *mp;

struct waitc *wp, *wp2;

665

struct task *tp2;

666

struct pvmmentry *ep;

struct hostd *hp;

struct pmsg *mpd;

char buf[512];

int hh;

/* notify anyone who asked */

673

674

if (tp->t_tid) {

675

if (pvmdebmask & PDMTASK)

676

pvmlogprintf("task_cleanup() t%x\n", tp->t_tid );

677

678

for (wp = waitlist->wa_link; wp != waitlist; wp = wp->wa_link) {

679

680

/* waits depending on this task */

681

682

if (wp->wa_on == tp->t_tid) {

683

switch (wp->wa_kind) {

case WT_HOSTSTART:

busyadding = 0;

free_waitc_add((struct waitc_add *)wp->wa_spec );

688

pkint(wp->wa_mesg, PvmDSysErr );

689

sendmessage(wp->wa_mesg );

690

wp->wa_mesg = 0;

691

if (pvmdebmask & (PDMTASK|PDMSTARTUP))

692

pvmlogprintf(

693

"task_cleanup() hoster t%x takes wid %d with it\n",

694

tp->t_tid, wp->wa_wid );

break;

case WT_TASKSTART:

if (wp->wa_tid) {

if (pvmdebmask & PDMTASK) {

700

pvmlogprintf(

701

"task_cleanup() tasker t%x takes t%x with it\n",

702

tp->t_tid, wp->wa_tid );

703

}

704

if (tp2 = task_find (wp->wa_tid )) {

wp->wa_tid = 0;

task_cleanup(tp2 );

task_free(tp2 );

}

}

break;

case WT_TASKX:

if (wp->wa_tid && wp->wa_mesg) {

714

sendmessage(wp->wa_mesg );

wp->wa_mesg = 0;

}

mb_tidy(tp->t_tid );

break;

case WT_RESET:

if (wp->wa_tid && wp->wa_mesg) {

722

sendmessage(wp->wa_mesg );

723

wp->wa_mesg = 0;

724

}

725

mb_tidy_reset(tp->t_tid );

break;

case WT_RECVINFO:

/* clean up pending recvinfo */

730

ep = (struct pvmmentry *) wp->wa_spec;

731

if ( ep->me_msg ) /* class name (overload :-Q) */

732

PVM_FREE( ep->me_msg );

PVM_FREE( ep );

break;

case WT_HOSTA:

break;

default:

pvmlogprintf(

"task_cleanup() can't deal with wait kind %d\n",

wp->wa_kind );

break;

}

wp2 = wp;

wp = wp->wa_rlink;

wait_delete(wp2 );

continue;

}

/* waits this task was waiting on */

752

753

if (wp->wa_tid == tp->t_tid) {

754

switch (wp->wa_kind) {

case WT_HOSTF:

case WT_HOSTA:

case WT_TASKX:

case WT_ROUTEA:

case WT_ROUTED:

case WT_TASKSTART:

wp2 = wp; /* some kinds we can toss now */

wp = wp->wa_rlink;

wait_delete(wp2 );

break;

default:

wp->wa_tid = 0; /* in case tid gets recycled */

break;

}

}

}

/* notify the scheduler */

775

776

if ((tp->t_sched)&&(tp->t_schedlmsg!=SM_TASKX)) {

777

mp = mesg_new (0);

778

mp->m_dst = tp->t_sched; /* Null Pointer Dereference (ID: 83.28673) */

779

mp->m_tag = SM_TASKX;

780

tp->t_schedlmsg = SM_TASKX;

781

if (pvmdebmask & PDMSCHED) {

782

pvmlogprintf("task_cleanup() taskx to t%x status = 0x%x\n",

783

tp->t_sched, tp->t_status );

784

}

785

pkint(mp, tp->t_tid );

786

pkint(mp, tp->t_status );

787

pkint(mp, (int)tp->t_utime.tv_sec );

788

pkint(mp, (int)tp->t_utime.tv_usec );

789

pkint(mp, (int)tp->t_stime.tv_sec );

790

pkint(mp, (int)tp->t_stime.tv_usec );

sendmessage(mp );

}

/* check if it's the hoster */

795

796

if (tp->t_tid == hostertid) {

797

if (pvmdebmask & (PDMTASK|PDMSTARTUP)) {

798

pvmlogprintf("task_cleanup() unreg hoster t%x\n", tp->t_tid );

}

hostertid = 0;

}

/* check if it's the tasker */

804

805

if (tp->t_tid == taskertid) {

806

if (pvmdebmask & PDMTASK) {

807

pvmlogprintf("task_cleanup() unreg tasker t%x\n", tp->t_tid );

}

taskertid = 0;

}

/* check if it's the tracer */

813

814

if (tp->t_tid == pvmtracer.trctid) {

815

816

if (pvmdebmask & PDMTASK) {

817

pvmlogprintf("task_cleanup() unreg tracer t%x\n",

tp->t_tid );

}

pvmtracer.trctid = 0;

822

pvmtracer.trcctx = 0;

823

pvmtracer.trctag = 0;

824

pvmtracer.outtid = 0;

825

pvmtracer.outctx = 0;

826

pvmtracer.outtag = 0;

827

TEV_MASK_INIT(pvmtracer.tmask);

828

pvmtracer.trcbuf = 0;

829

pvmtracer.trcopt = 0;

830

831

/* tell the other pvmds */

832

833

for (hh = hosts->ht_last; hh > 0; hh--) {

834

if (hh != hosts->ht_local

835

&& (hp = hosts->ht_hosts[hh])) {

mpd = mesg_new (0);

mpd->m_tag = DM_SLCONF; /* Null Pointer Dereference */

838

mpd->m_dst = hp->hd_hostpart | TIDPVMD;

839

pkint(mpd, DM_SLCONF_TRACE );

840

sprintf(buf, "%x %d %d %x %d %d %d %d %s",

841

pvmtracer.trctid, pvmtracer.trcctx,

842

pvmtracer.trctag,

843

pvmtracer.outtid, pvmtracer.outctx,

844

pvmtracer.outtag,

845

pvmtracer.trcbuf, pvmtracer.trcopt,

846

pvmtracer.tmask);

847

pkstr(mpd, buf );

848

sendmessage(mpd );

Preconditions

&$unknown_148003 != waitlist
tp->t_tid = pvmtracer.trctid
tp->t_sched != 0
tp->t_schedlmsg != -2147221493
hosts->ht_hosts[1] != 0
((char*)&((char*)$unknown_148003)[36])[20] <= 1
hosts->ht_local != 1
hosts->ht_last >= 2
waitlist->wa_link != waitlist
$unknown_148003 >= 0
((char*)&$unknown_148003)[16] != hostertid
((char*)&$unknown_148003)[28] >= 0
((char*)&$unknown_148003)[12] = 14
hostertid != 0
hostertid = taskertid
pvmtracer.trctid = taskertid

Postconditions

((char*)&((char*)((char*)$unknown_148003)[36])[12])[24]' = ((char*)&((char*)((char*)$unknown_148003)[36])[12])[24] - 1
((char*)&((char*)$unknown_148003)[36])[20]' = ((char*)&((char*)$unknown_148003)[36])[20] - 1
((char*)$unknown_148009)[4]' = ((char*)&$unknown_148009)[4]
((char*)$unknown_148009)[4]' = $unknown_148009
$unknown_148003' is freed
errno' != 0
freepmsgs.m_link' = &freepmsgs.m_link
freepmsgs.m_rlink' = &freepmsgs.m_link
hh' = 1
hostertid' = 0
hp' = hosts->ht_hosts[1]
mp' = &$unknown_148009
mpd' = 0
numpmsgs' = 0
pvmtracer.trctid' = 0
pvmtracer.outctx' = 0
pvmtracer.outtag' = 0
pvmtracer.trcbuf' = 0
pvmtracer.trcopt' = 0
strlen(&pvmtracer.tmask[0])' != 0
pvmtracer.trcctx' = 0
pvmtracer.tmask[35]' = 0
pvmtracer.trctag' = 0
pvmtracer.outtid' = 0
taskertid' = 0
tev_init_mask_i' = -1
wp' = waitlist
wp2' = &$unknown_148003

Change Warning 82.28672 : Null Pointer Dereference

Priority:
State:
Finding:
Owner:
Note: