Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Handling null pointers on AIX with GCC C

Tags:

c

aix

gcc

We have a code written in C that sometimes doesn’t handle zero pointers very well.

The code was originally written on Solaris and such pointers cause a segmentation fault. Not ideal but better than ploughing on.

Our experience is that if you read from a null pointer on AIX you get 0. If you use the xlc compiler you can add an option -qcheck=all to trap these pointers. But we use gcc (and want to continue using that compiler). Does gcc provide such an option?

like image 781
justintime Avatar asked Jan 24 '12 16:01

justintime


2 Answers

Does gcc provide such an option?

I'm sheepishly volunteering the answer no, it doesn't. Although I can't cite the absence of information regarding gcc and runtime NULL checks.

The problem you're tackling is that you're trying to make undefined behavior a little more defined in a program that's poorly-written.

I recommend that you bite the bullet and either switch to xlc or manually add NULL checks to the code until the bad behavior has been found and removed.

Consider:

  • Making a macro to null-check a pointer
  • Adding that macro after pointer assignments
  • Adding that macro to the entry point of functions that accept pointers

As bugs are removed, you can begin to remove these checks.

like image 66
Drew Dormann Avatar answered Sep 24 '22 23:09

Drew Dormann


  1. Please do us all a favor and add proper NULL checks to your code. Not only will you have a slight gain in performance by checking for NULL only when needed, rather than having the compiler perform the check everywhere, but your code will be more portable to other platforms.

    And let's not mention the fact that you will be more likely to print a proper error message rather than have the compiler drop some incomprehensible stack dump/source code location/error code that will not help your users at all.

  2. AIX uses the concept of a NULL page. Essentially, NULL (i.e. virtual address 0x0) is mapped to a location that contains a whole bunch of zeros. This allows string manipulation code e.t.c. to continue despite encountering a NULL pointer.

    This is contrary to most other Unix-like systems, but it is not in violation of the C standard, which considers dereferencing NULL an undefined operation. In my opinion, though, this is woefully broken: it takes an application that would crash violently and turns it into one that ignores programming errors silently, potentially producing totally incorrect results.

  3. As far as I know, GCC has no options to work around fundamentally broken code. Even historically supported patterns, such as writable string literals, have been slowly phased out in newer GCC versions.

    There might be some support when using memory debugging options such as -fmudflap, but I don't really know - in any case you should not use debugging code in production systems, especially for forcing broken code to work.

Bottom line: I don't think that you can avoid adding explicit NULL checks.

Unfortunately we now come to the basic question: Where should the NULL checks be added?. I suppose having the compiler add such checks indiscriminately would help, provided that you add an explicit check when you discover an issue.

Unfortunately, there is no Valgrind support for AIX. If you have the cash, you might want to have a look at IBM Rational Purify Plus for AIX - it might catch such errors.

It might also be possible to use xlc on a testing system and gcc for everything else, but unfortunately they are not fully compatible.

like image 39
thkala Avatar answered Sep 22 '22 23:09

thkala