[Bug c/16351] NULL dereference warnings

Fri, 07 Aug 2015 11:10:44 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=16351

--- Comment #35 from Manuel López-Ibáñez <manu at gcc dot gnu.org> ---
(In reply to Manuel López-Ibáñez from comment #34)
> (In reply to David Binderman from comment #33)
> > I found that using -g -O2 -Wall didn't enable this warning.
> > Some of the documentation says it does.

Enabling this option with -Wall or -Wextra triggers errors in gcc bootstrap:

/home/manuel/test1/226719M/build/./prev-gcc/xg++
-B/home/manuel/test1/226719M/build/./prev-gcc/
-B/home/manuel/test1/./226719M/install/x86_64-pc-linux-gnu/bin/ -nostdinc++
-B/home/manuel/test1/226719M/build/prev-x86_64-pc-linux-gnu/libstdc++-v3/src/.libs
-B/home/manuel/test1/226719M/build/prev-x86_64-pc-linux-gnu/libstdc++-v3/libsupc++/.libs

-I/home/manuel/test1/226719M/build/prev-x86_64-pc-linux-gnu/libstdc++-v3/include/x86_64-pc-linux-gnu

-I/home/manuel/test1/226719M/build/prev-x86_64-pc-linux-gnu/libstdc++-v3/include
 -I/home/manuel/test1/src/libstdc++-v3/libsupc++
-L/home/manuel/test1/226719M/build/prev-x86_64-pc-linux-gnu/libstdc++-v3/src/.libs
-L/home/manuel/test1/226719M/build/prev-x86_64-pc-linux-gnu/libstdc++-v3/libsupc++/.libs
 -I/home/manuel/test1/src/libcpp -I. -I/home/manuel/test1/src/libcpp/../include
-I/home/manuel/test1/src/libcpp/include  -g -O2 -gtoggle -W -Wall
-Wno-narrowing -Wwrite-strings -Wmissing-format-attribute -pedantic
-Wno-long-long -Werror -fno-exceptions -fno-rtti
-I/home/manuel/test1/src/libcpp -I. -I/home/manuel/test1/src/libcpp/../include
-I/home/manuel/test1/src/libcpp/include   -c -o line-map.o -MT line-map.o -MMD
-MP -MF .deps/line-map.Tpo /home/manuel/test1/src/libcpp/line-map.c
-fdump-tree-isolate-paths-all-lineno
In file included from /home/manuel/test1/src/libcpp/line-map.c:24:0:
/home/manuel/test1/src/libcpp/include/line-map.h: In function ‘const line_map*
linemap_add(line_maps*, lc_reason, unsigned int, const char*, linenum_type)’:
/home/manuel/test1/src/libcpp/include/line-map.h:927:60: error: potential null
pointer dereference [-Werror=null-dereference]
    : LINEMAPS_ORDINARY_MAP_AT (set, ord_map->included_from));
                                                            ^
/home/manuel/test1/src/libcpp/line-map.c: In function ‘source_location
linemap_line_start(line_maps*, linenum_type, unsigned int)’:
/home/manuel/test1/src/libcpp/line-map.c:591:18: error: potential null pointer
dereference [-Werror=null-dereference]
     (linemap_add (set, LC_RENAME,
                  ^
cc1plus: error: potential null pointer dereference [-Werror=null-dereference]
/home/manuel/test1/src/libcpp/line-map.c:595:37: error: potential null pointer
dereference [-Werror=null-dereference]
       map->column_bits = column_bits;
                                     ^
cc1plus: all warnings being treated as errors


The reason is code like:

     map = linemap_check_ordinary
                (const_cast <line_map *>
                  (linemap_add (set, LC_RENAME,
                                ORDINARY_MAP_IN_SYSTEM_HEADER_P (map),
                                ORDINARY_MAP_FILE_NAME (map),
                                to_line)));
     map->column_bits = column_bits;

where linemap_check_ordinary is inlined as:

inline line_map_ordinary *
linemap_check_ordinary (struct line_map *map)
{
  linemap_assert (!map || map->reason != LC_ENTER_MACRO);
  return (line_map_ordinary *)map;
}

which means that there is a path through which a null pointer could be
potentially dereferenced. However, this actually cannot happen because
linemap_add will not return NULL in this case.

I fear this case might be quite common and lead to many false positives that
are then quite hard to understand due to the poor location info in the
middle-end.

Reply via email to