Subject: Re: CVS commit: src/sys/ufs/lfs
To: None <rtr@omicron-persei-8.net>
From: Ben Harris <bjh21@netbsd.org>
List: source-changes
Date: 03/19/2006 14:51:51
In article <441D69CC.6060305@omicron-persei-8.net> you write:
>Manuel Bouyer wrote:
>
>>Then maybe NULL should be defined to something else than 0 on those
>>platforms ? I wonder how much things will break if we have NULL != 0
>>though ...
>
>my guess is more things would break, just think of all the code that does:
>char * ptr;
>ptr = NULL;
> 
>if (ptr)
>   ...;

Um, that's guaranteed to work even if the representation of a null 
pointer isn't all-bits-zero.  I can't currently remember the full rules, 
though.

>I was merely presenting it as a way to catch derefs of bad pointers at a 
>more convenient time.  If I wrote code with this kind of bug I'd want it 
>to crash sooner and give me a useful backtrace rather than later and 
>possibly a misleading backtrace.

In that case, KASSERT(thing != NULL) is probably what you wanted (along 
with initialisation to NULL, maybe inside #ifdef DIAGNOSTIC).

>Even on ARM the early init to NULL would likely be better given it would 
>at least die on the next page fault as Ben says it would.

It's not always that nice.  I've had all sorts of interesting failures
from vector table corruption.  Now I come to think of it, though, the
arm32 ports write-protect their vector page most of the time, so of the
ARM ports, it's probably only acorn26 that allows kernel writes through
null pointers.

-- 
Ben Harris