Re: Null pointer analysis in C

torbenm@app-5.diku.dk (Torben =?iso-8859-1?Q?=C6gidius?= Mogensen)
Mon, 25 Feb 2008 11:48:05 +0100

          From comp.compilers

Related articles
Null pointer analysis in C naseer.naseer@gmail.com (2008-01-20)
Null pointer analysis in C naseer.naseer@gmail.com (Naseer) (2008-02-24)
Re: Null pointer analysis in C dnovillo@acm.org (Diego Novillo) (2008-02-24)
Re: Null pointer analysis in C torbenm@app-5.diku.dk (2008-02-25)
| List of all articles for this month |

From: torbenm@app-5.diku.dk (Torben =?iso-8859-1?Q?=C6gidius?= Mogensen)
Newsgroups: comp.compilers
Date: Mon, 25 Feb 2008 11:48:05 +0100
Organization: Department of Computer Science, University of Copenhagen
References: 08-02-073
Keywords: C, analysis
Posted-Date: 25 Feb 2008 09:58:05 EST

Naseer <naseer.naseer@gmail.com> writes:


> What are the issues/problems of Null pointer in C and how they can be
> resolved "statically". i.e. while doing static analysis(compile time)
> how can we find whether a pointer is null or not.


Such an analysis can only be approximate, as a precise determination
is equivalent to the halting problem. You can choose which side you
want to err, so you can make an analysis that has no false positives
(but it will have false negatives) or an analysis that has no false
negatives (but it will have false positives). You can, of course,
make an analysis that has both fasle positives and false negatives,
but you can't use this for much.


Some languages have type systems that distinguish pointers that can be
null from pointers that can't, and some of the languages have type
inference (so you don't have to specify this). But the inference will
sometimes use "may be null" types for variables that can, in fact,
never be null, as this is the "safe" assumption: Optimisations that
depend on a pointer never being null (such as following the pointer
without testing for null) should not be applied to pointer that may be
null, but all you lose by not doing the optimisation on a variable
that can never be null is a little speed. Some languages (like SML)
have as an invariant that pointers are never null (no program can ever
create a null pointer). When compiling to an abstract machine (such
as JVM or .NET) that enforces null-pointer checks at every pointer
dereference, this knowledge can, however, not be exploited fully.


There are pointer analyses available for C which, in addition to
detecting aliasing, can also detect potential null-pointers.


Torben


Post a followup to this message

Return to the comp.compilers page.
Search the comp.compilers archives again.