Polyspace 2015a orange check IDP (Illegally dereferenced pointer)
17 views (last 30 days)
Show older comments
Hello,
Can someone explain me the following Polyspace warning, especially the text in bold?
Warning: pointer may be outside its bounds of expression (pointer to const unsigned int 8, size: 8 bits): pointer is not null ( but may not be allocated memory) points to 1 bytes at offset 27 or [1051 .. 3099] in buffer of 4096 bytes, so is within bounds (if memory is allocated) may point to variable or field of variable in: {DrvEep_PolyspaceNvmStartAddress}
NvM_sectionPointer is array of 4 elements which are pointers to uint8
uint8 const * NvM_sectionPointer[( ( 4 ) )];
There is another array containing 4096 bytes divided to 1024-bytes blocks:
volatile uint8 DrvEep_PolyspaceNvmStartAddress[( 1024 )( 4 )];*
NvM_sectionPointer[0] points to DrvEep_PolyspaceNvmStartAddress[0].
NvM_sectionPointer[1] points to DrvEep_PolyspaceNvmStartAddress[1024].
NvM_sectionPointer[2] points to DrvEep_PolyspaceNvmStartAddress[2048].
NvM_sectionPointer[3] points to DrvEep_PolyspaceNvmStartAddress[3072].
I don't understand how to interpret the words *pointer is not null (* *but may not be allocated memory)*.
Thanks and Best Regards Dimo Petkov
0 Comments
Accepted Answer
Alexandre De Barros
on 22 Jan 2016
Hi !
You can see this message for example when a memory buffer is allocated by malloc then used as an array but without checking if the malloc operation was ok. Example:
uint8 * my_tab;
my_tab = (uint8 *)malloc(100);
data = my_tab[10];
Here my_tab is used as an array but the malloc operation has not been checked for a potential failure. So it "may not be allocated memory". In this situation, when accessing my_tab, you will see this message.
Please note that this message disappears if the pointer is tested for nullity before being accessed:
uint8 * my_tab;
my_tab = (uint8 *)malloc(100);
if (my_tab != NULL)
data = my_tab[10];
For your specific example, I'm not able to reproduce this message with this reproduction code:
uint8 const * NvM_sectionPointer[( ( 4 ) )];
volatile uint8 DrvEep_PolyspaceNvmStartAddress[( 1024 )*( 4 )];
void f() {
uint8 data;
NvM_sectionPointer[0] = &DrvEep_PolyspaceNvmStartAddress[0];
NvM_sectionPointer[1] = &DrvEep_PolyspaceNvmStartAddress[1024];
NvM_sectionPointer[2] = &DrvEep_PolyspaceNvmStartAddress[2048];
NvM_sectionPointer[3] = &DrvEep_PolyspaceNvmStartAddress[3072];
data = NvM_sectionPointer[1][27];
}
There is no allocation here so no reason to see this message. But I guess that your code is more complex and there are probably more write accesses to NvM_sectionPointer than in this example.
NvM_sectionPointer is probably a global array so in order to better understand why polypace gives this message, it may be interesting to see how it is accessed by using the Variable Access view : each write and read access to any global variable is displayed in this view so you can precisely trace the accesses of global variables.
Alex
1 Comment
Anirban
on 23 May 2022
To learn in general about Illegally dereferenced pointers in Polyspace Code Prover, see https://www.mathworks.com/help/codeprover/ref/illegallydereferencedpointer.html .
More Answers (3)
NIKHIL PUNNOOSE
on 14 Apr 2021
Do we have any way to supress these warning in the code itself
0 Comments
See Also
Categories
Find more on Code Prover Analysis in Polyspace Platform User Interface in Help Center and File Exchange
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!