Re: RFA: Fix potential NULL pointer dereference

[Jakub Jelinek <jakub at redhat dot com>]

Hi!

On Wed, Nov 02, 2011 at 09:28:52PM -0600, Jeff Law wrote:
> This was caught by some prototype code to warn for potential NULL
> pointer dereferences.

Clearly we have a set of vec.h operations that require the vector to be
non-NULL.
Seems it is last, index (which already have such check in their VEC_ASSERT),
then the 7 ops you've changed, embedded_init which I think you've missed
and splice which you've changed which requires dst to be non-NULL, but src
may be NULL.  For checking builds I'd say it is ok to add those to the
VEC_ASSERT, but don't we have to do anything about the non-ENABLE_CHECKING
case?  We will still have code like:
  (VEC_rtx_base_replace(((reg_base_value) ? &(reg_base_value)->base : 0),(rhs_regno(reg1)),((rhs_regno(reg2)) < (VEC_rtx_base_length(((reg_base_value) ? &(reg_base_value)->base : 0))) ? (VEC_rtx_base_index(((reg_base_value) ? &(reg_base_value)->base : 0),(rhs_regno(reg2)) )) : 0) ));
with
static __inline__ rtx
VEC_rtx_base_replace (VEC_rtx_base * vec_, unsigned ix_, rtx obj_)
{
  rtx old_obj_;
  (void) (vec_ && ix_ < vec_->prefix.num);
  old_obj_ = vec_->vec[ix_];
  vec_->vec[ix_] = obj_;
  return old_obj_;
}

Shouldn't we for non-ENABLE_CHECKING just call it with
(&(reg_base_value)->base) instead of
((reg_base_value) ? &(reg_base_value)->base : 0)
?
We could do that with:
/* Convert to base type.  */
#define VEC_BASE(P)  ((P) ? &(P)->base : 0)
#if ENABLE_CHECKING
#define VEC_BASE_NONNULL(P) VEC_BASE (P)
#else
#define VEC_BASE_NUNNULL(P) (&(P)->base)
#endif
and use VEC_BASE_NONNULL in the macros where appropriate.

> 	* vec.h (splice): Assert DST_ is non-null.
> 	(quick_push, pop, replace, quick_insert): Similarly for VEC_.
> 	(ordered_remove, unordered_remove, block_remove): Likewise.
> 	

	Jakub