This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Possible NULL pointer dereference in GCC's vec code?

From: Jeff Law <law at redhat dot com>
To: Ian Lance Taylor <iant at google dot com>
Cc: Jeff Law <suzanne dot jeff dot law at gmail dot com>, GCC <gcc at gcc dot gnu dot org>
Date: Mon, 11 Feb 2013 21:07:51 -0700
Subject: Re: Possible NULL pointer dereference in GCC's vec code?
References: <51194AF9.7040201@gmail.com> <CAKOQZ8zQXiE9xsfz_DUB_FjTUicB8oJ73d+OcczZAuHDpjJNCw@mail.gmail.com>

On 02/11/13 16:46, Ian Lance Taylor wrote:


But those cases are passing 1 to vec_safe_reserve, which in turn
passes 1 to calculate_allocation, so calculate_allocation can not
return 0, so vec_reserve can not return NULL.

At least that is how it seems to me.

Yes, you're right. I got too deep into looking at just what was visible in the preprocessed code (c-common I think) and didn't look at calculate_allocation from vec.c.

So this a false positive for my null pointer dereference checker. There's nothing to propagate the fact that calculate_allocation can not return null if reserve is > 0.

This is also a good example of code which can be improved by isolating the unexecutable paths where the calls to vec_safe_reserve return NULL.

Thanks for the sanity check...

Jeff

References:
- Possible NULL pointer dereference in GCC's vec code?
  - From: Jeff Law
- Re: Possible NULL pointer dereference in GCC's vec code?
  - From: Ian Lance Taylor

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]