CPPCheck Null pointer dereference

Question

I maintain some embedded C code (No OS). I have made some updates an run CPPCheck on my changes.

CPPCheck has brought up the error 'Null pointer dereference: (volatile unsigned int*)0'. This is not in my code changes but I am keen to understand what is going on. As far as I understand the behaviour of dereferencing a null pointer is undefined.

'''

typedef void (*pfFunc_T)( void );

/* restart bootloader */
pfFunc_T  pfFunc;

__interrupt_disable();

pfFunc  = (pfFunc_T)( ( *(volatile U32*)0 ) );   /*CPPCheck error*/

if ( pfFunc != NULL )           /* no program loaded */
{
    pfFunc();
}

'''

It is memory mapped and the boot loader is first. Could it be calling the boot loader from a different application?

Well, on almost all systems a `NULL` pointer is a pointer to the address... *zero*. So when you use the address `0` it's the same as `NULL`. And you dereference that pointer, leading to the CPPCheck error. You might want to read the CPPCheck documentation to see if that check could be temporarily disabled. — Some programmer dude, Dec 09 '21 at 08:16
Does your program store the entry point of your application at address `0`? If you are dealing with embedded systems, sometimes accessing address `0` is required. Cppcheck probably does not know that and raises a warning. — Gerhardh, Dec 09 '21 at 08:16
So, having looked closer at the memory mapping I think the boot loader is at address '0'. This sits outside the application code (above). The above code is called when preparing to receive application software to update device. — ORYG, Dec 10 '21 at 11:32

score 0 · Answer 1 · answered Dec 09 '21 at 09:54

0

I guess that you are trying to assign a function pointer to contents found at memory address zero. This won't work with a conforming compiler - the C language doesn't allow access to absolute address zero, since that one is reserved for the special case of null pointers.

To solve this you need to have some manner of identifier linked to address zero, then use that identifier in your source.

answered Dec 09 '21 at 09:54

Lundin

195,001
40
254
396

To expand a little, the solution (to create an "identifier") is typically done by modifying the *linker script*. – Some programmer dude Dec 10 '21 at 06:32
1

@Someprogrammerdude Many toolchains also support a way to allocate a variable at a specific address using non-standard extensions. – Lundin Dec 10 '21 at 07:17

CPPCheck Null pointer dereference

1 Answers1