Polyspace 2015a orange check IDP (Illegally dereferenced pointer)
古いコメントを表示
Hello,
Can someone explain me the following Polyspace warning, especially the text in bold?
Warning: pointer may be outside its bounds of expression (pointer to const unsigned int 8, size: 8 bits): pointer is not null ( but may not be allocated memory) points to 1 bytes at offset 27 or [1051 .. 3099] in buffer of 4096 bytes, so is within bounds (if memory is allocated) may point to variable or field of variable in: {DrvEep_PolyspaceNvmStartAddress}
NvM_sectionPointer is array of 4 elements which are pointers to uint8
uint8 const * NvM_sectionPointer[( ( 4 ) )];
There is another array containing 4096 bytes divided to 1024-bytes blocks:
volatile uint8 DrvEep_PolyspaceNvmStartAddress[( 1024 )( 4 )];*
NvM_sectionPointer[0] points to DrvEep_PolyspaceNvmStartAddress[0].
NvM_sectionPointer[1] points to DrvEep_PolyspaceNvmStartAddress[1024].
NvM_sectionPointer[2] points to DrvEep_PolyspaceNvmStartAddress[2048].
NvM_sectionPointer[3] points to DrvEep_PolyspaceNvmStartAddress[3072].
I don't understand how to interpret the words *pointer is not null (* *but may not be allocated memory)*.
Thanks and Best Regards Dimo Petkov
採用された回答
Alexandre De Barros
2016 年 1 月 22 日
Hi !
You can see this message for example when a memory buffer is allocated by malloc then used as an array but without checking if the malloc operation was ok. Example:
uint8 * my_tab;
my_tab = (uint8 *)malloc(100);
data = my_tab[10];
Here my_tab is used as an array but the malloc operation has not been checked for a potential failure. So it "may not be allocated memory". In this situation, when accessing my_tab, you will see this message.
Please note that this message disappears if the pointer is tested for nullity before being accessed:
uint8 * my_tab;
my_tab = (uint8 *)malloc(100);
if (my_tab != NULL)
data = my_tab[10];
For your specific example, I'm not able to reproduce this message with this reproduction code:
uint8 const * NvM_sectionPointer[( ( 4 ) )];
volatile uint8 DrvEep_PolyspaceNvmStartAddress[( 1024 )*( 4 )];
void f() {
uint8 data;
NvM_sectionPointer[0] = &DrvEep_PolyspaceNvmStartAddress[0];
NvM_sectionPointer[1] = &DrvEep_PolyspaceNvmStartAddress[1024];
NvM_sectionPointer[2] = &DrvEep_PolyspaceNvmStartAddress[2048];
NvM_sectionPointer[3] = &DrvEep_PolyspaceNvmStartAddress[3072];
data = NvM_sectionPointer[1][27];
}
There is no allocation here so no reason to see this message. But I guess that your code is more complex and there are probably more write accesses to NvM_sectionPointer than in this example.
NvM_sectionPointer is probably a global array so in order to better understand why polypace gives this message, it may be interesting to see how it is accessed by using the Variable Access view : each write and read access to any global variable is displayed in this view so you can precisely trace the accesses of global variables.
Alex
1 件のコメント
Anirban
2022 年 5 月 23 日
To learn in general about Illegally dereferenced pointers in Polyspace Code Prover, see https://www.mathworks.com/help/codeprover/ref/illegallydereferencedpointer.html .
その他の回答 (3 件)
カテゴリ
ヘルプ センター および File Exchange で Code Prover Analysis in Polyspace Platform User Interface についてさらに検索
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!
Translated by 
