Re: Null pointer analysis in C

---

• From: "Diego Novillo" <dnovillo@xxxxxxx>
• Date: Sun, 24 Feb 2008 12:43:41 -0500

---

On Sun, Feb 24, 2008 at 12:04 PM, Naseer <naseer.naseer@xxxxxxxxx> wrote:

What are the issues/problems of Null pointer in C and how they can be
resolved "statically". i.e. while doing static analysis(compile time)
how can we find whether a pointer is null or not.

During constant and value-range propagation, the compiler can infer
non-NULL values for a pointer. For instance

*ptr = 4;
if (ptr)
....

If the compiler knows that dereferencing a NULL pointer causes the
program to halt with an exception, the if (ptr) will always succeed,
so it can be folded away. In GCC this is performed by the value-range
propagation pass (in gcc/tree-vrp.c if you download the GCC sources).

Another opportunity during constant propagation, happens with code of
the form:

ptr = &var;
if (ptr)
*ptr = 3;

Assuming that 'var' is a local variable, constant propagation can do
two things here: (1) propagate the value &var to all the uses of
'ptr', (2) realize that 'if (&var)' is always true (since addresses of
local variables are always at an address different than 0).

This has other consequences for variable 'var', since the compiler can
now determine that its address has not been taken, which usually opens
more optimization opportunities for 'var'.

Diego.
[The general problem of telling when a pointer will have a null value
is intractable, but there are certainly lots of useful subcases that
a compiler can catch with dataflow analysis. -John]

.

---

• References:
  • Null pointer analysis in C
    • From: Naseer

• Prev by Date: Null pointer analysis in C
• Next by Date: Re: Why nfa-epsilon?
• Previous by thread: Null pointer analysis in C
• Next by thread: Re: Null pointer analysis in C
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: passing data to functions in other units ... Under the hood by-reference (Var) just passes a pointer to the formal ... But the compiler takes care of all of that, ... (alt.comp.lang.borland-delphi) Re: Common Problems that Compilers Dont Catch ... The compiler did not even warn. ... The first case was passing directly a variable of type char **. ... The problem with the above is that the pointer is never initialized. ... informing me that "var may be used ... (comp.lang.c) Re: Mex Overflow Error Using Free Borland Compiler ... >>>would clean up a lot of code by eliminating the pointer dereferences. ... >>>guaranteed by the standard and should not be relied on. ... >>>You can try the GNU C compiler available on mingw or cygwin. ... >>>the Constraints are then both operands shall have arithmetic type. ... (comp.soft-sys.matlab) Re: Anybody here endure C/Cpp? (.h to .inc conversion) ... Pascal or Stdcall convention... ... "PFNGLPOINTPARAMETERFEXTPROC" to be a type that's a pointer to a function ... DWORD, using a 32-bit compiler, with an address in it...adding the ... this is working on the premise that OpenGL does it like most others ... (alt.lang.asm) Re: OO programming - illumination? - whoopsie ... > represented by a host of loosely related arrays. ... > compiler and the memory allocators. ... A pointer is usually a word. ... organs can be further modeled to include cells and so on and so forth. ... (comp.lang.java.programmer)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

newsgroups.derkeiler.com  > Archive  > Comp  > comp.compilers  > 2008-02