public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "redi at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug c++/106434] [12/13 Regression] Spurious -Wnull-dereference when using std::unique_copy() since r12-5187-g1ae8edf5f73ca5c3 Date: Wed, 30 Nov 2022 14:29:54 +0000 [thread overview] Message-ID: <bug-106434-4-Cm2fsiVJag@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-106434-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106434 --- Comment #8 from Jonathan Wakely <redi at gcc dot gnu.org> --- So initially iin.iter._M_current is indeed null, because unique.begin() returns _M_start (which is null) when the vector is empty: std::insert_iterator iin(unique, unique.begin()); But when the vector is empty, this condition is always false: if (this->_M_impl._M_finish != this->_M_impl._M_end_of_storage) if (__position == end()) It's impossible for _M_start to be null unless _M_finish and _M_end_of_storage are also null. After the first insertion into the vector all three of _M_start, _M_finish and _M_end_of_storage are non-null. But after the first insertion iin.iter._M_current is also non-null. So we need to add a hint so the compiler knows that the jump threaded "__position is null but finish != end_of_storage" case is nonsense. It's not _impossible_, because a dumb user could make it happen, but it violates the function precondition so is UB. i.e. this would take that code path: std::vector<int> v{1,2,3}; // non-empty vector std::vector<int>::const_iterator null; v.insert(null, 1); // try to insert at invalid position But that's UB. This seems to work (the __glibcxx_assert isn't needed to stop the warning, but might be a useful assertion). --- a/libstdc++-v3/include/bits/vector.tcc +++ b/libstdc++-v3/include/bits/vector.tcc @@ -137,8 +137,14 @@ _GLIBCXX_BEGIN_NAMESPACE_CONTAINER insert(iterator __position, const value_type& __x) #endif { + __glibcxx_assert(capacity() == 0 || __position != const_iterator()); + const size_type __n = __position - begin(); if (this->_M_impl._M_finish != this->_M_impl._M_end_of_storage) + { + if (__position == const_iterator()) + __builtin_unreachable(); + if (__position == end()) { _GLIBCXX_ASAN_ANNOTATE_GROW(1); @@ -159,6 +165,7 @@ _GLIBCXX_BEGIN_NAMESPACE_CONTAINER _M_insert_aux(__position, __x); #endif } + } else #if __cplusplus >= 201103L _M_realloc_insert(begin() + (__position - cbegin()), __x);
next prev parent reply other threads:[~2022-11-30 14:29 UTC|newest] Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-07-25 14:46 [Bug c++/106434] New: Spurious -Wnull-dereference when using std::unique_copy() vz-gcc at zeitlins dot org 2022-07-27 8:23 ` [Bug c++/106434] [12/13 Regression] Spurious -Wnull-dereference when using std::unique_copy() since r12-5187-g1ae8edf5f73ca5c3 marxin at gcc dot gnu.org 2022-08-12 6:59 ` rguenth at gcc dot gnu.org 2022-08-13 2:56 ` joshua.r.marshall.1991 at gmail dot com 2022-08-13 8:19 ` redi at gcc dot gnu.org 2022-08-13 8:25 ` redi at gcc dot gnu.org 2022-11-30 14:00 ` rguenth at gcc dot gnu.org 2022-11-30 14:06 ` rguenth at gcc dot gnu.org 2022-11-30 14:29 ` redi at gcc dot gnu.org [this message] 2022-11-30 14:36 ` redi at gcc dot gnu.org 2022-11-30 14:44 ` redi at gcc dot gnu.org 2022-12-06 21:36 ` cvs-commit at gcc dot gnu.org 2023-05-08 12:25 ` [Bug c++/106434] [12 " rguenth at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-106434-4-Cm2fsiVJag@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).