[LLVMdev] Dereferencing NULL pointer in IndVarSimplify.cpp?
netcasper at gmail.com
Fri Oct 24 14:49:34 PDT 2014
On Fri, Oct 24, 2014 at 8:28 AM, Duncan P. N. Exon Smith
<dexonsmith at apple.com> wrote:
>> On 2014-Oct-23, at 20:32, Andrew Trick <atrick at apple.com> wrote:
>>> On Oct 17, 2014, at 5:21 PM, Liang Wang <netcasper at gmail.com> wrote:
>>> Here is the code in IndVarSimplify.cpp.
>>> SmallVector<WeakVH, 16> DeadInsts;
>>> while (!DeadInsts.empty())
>>> if (Instruction *Inst =
>>> RecursivelyDeleteTriviallyDeadInstructions(Inst, TLI);
>>> Since DeadInsts.pop_back_val() is WeakVH which could hold a NULL
>>> pointer, the expression, &*DeadInsts.pop_back_val(), could be &*NULL.
>>> Then NULL pointer is dereferenced here.
>>> I wrote a small test case and it works just fine. But is this a
>>> well-defined behavior in the standard?
> This is UB, but `&*nullptr` often "works" so I'm not surprised you
> couldn't expose it with a testcase.
Thanks, Duncan and Andrew. This confused (and surprised) me quite a
>> Try clang-dev or a c++ list for questions about the standard.
>> I think it would have been nicer to write (Value*)DeadInsts.pop_back_val()
> +1 (or `static_cast<Value *>(DeadInsts.pop_back_val())`).
More information about the llvm-dev