On Fri, 18 Oct 2013, Jeff Law wrote:
On 10/18/13 14:31, Marc Glisse wrote:
But once you have that pointer defined by a PHI containing a zero, you
look at all its uses, trying to find one that proves the pointer is
non-zero
What are you going to do with that information?
Uh? I must have been very unclear in my post, this sentence was supposed
to describe what *your* patch is doing...
The only use I can see for this pass would be discovering more
statements that, if a NULL value flows in, result in undefined
behaviour.
Yes, precisely. All I was talking about was separating the predicate:
"this statement results in UB if that SSA_NAME pointer is NULL" into its
own function, and we happen to already have a function in VRP which does
that.
The comment about the non-null attribute refers to cases where we've
decorated an argument as "must be non-null". If we see a NULL flowing into
such a call, then we've crossed the line into undefined behaviour. We'd want
to treat the call just like *0 -- isolate the path with NULL flowing to that
call and turn the call into a trap.
Yes, and I think you would get that for free if you called the VRP
function instead of manually checking if the statement is an indirection.
Similarly if we find a NULL flowing to a return statement in a function
decorated as never returning NULL.
Good idea.
Sorry for the misunderstandings...
--
Marc Glisse
