From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from xry111.site (xry111.site [IPv6:2001:470:683e::1]) by sourceware.org (Postfix) with ESMTPS id 129433858C74 for ; Mon, 20 Feb 2023 10:26:56 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 129433858C74 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=xry111.site Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=xry111.site DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xry111.site; s=default; t=1676888814; bh=2MlqNmDixuaDchtu7ZDztHU805eWzTdfn6lMCmIScF4=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=K3uM8S70TBsL6W7UQhEdSu04sLFMc+XMkOLaLrzkwEHKbW5pXv5yYZv3xoAkuJIWH QIp+oV0bdjf1VNyjeV4mwy8yZGhblTGeVJvm94rFXvI/S9Mo59j7wXhOHx2/ctBhhU HhLdWYfD5XD3wmacYgdwUtARs66sLQQ3vodVtHuM= Received: from [IPv6:240e:358:11cb:bb00:dc73:854d:832e:6] (unknown [IPv6:240e:358:11cb:bb00:dc73:854d:832e:6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) (Authenticated sender: xry111@xry111.site) by xry111.site (Postfix) with ESMTPSA id 4879B65A6E; Mon, 20 Feb 2023 05:26:51 -0500 (EST) Message-ID: <96f99315a6ffd3dd3919b23a4ade2597747a580a.camel@xry111.site> Subject: Re: std::string add nullptr attribute From: Xi Ruoyao To: Jonny Grant , Jonathan Wakely Cc: gcc-help Date: Mon, 20 Feb 2023 18:26:48 +0800 In-Reply-To: References: <7e6e3bbf-0dac-0632-0e8f-372bd32a6923@jguk.org> <6e30ed8e6c6f08407a5b8259e73fd18a492376b5.camel@xry111.site> <8cfbab8b-07e8-7dab-c829-6de77cc8cf39@jguk.org> <6b530d67-723a-a0c9-15bc-12b7341653a7@jguk.org> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.46.4 MIME-Version: 1.0 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,LIKELY_SPAM_FROM,SPF_HELO_PASS,SPF_PASS,TXREP autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Sun, 2023-02-19 at 21:33 +0000, Jonny Grant wrote: > I noticed -Wanalyzer-null-dereference reports at build time a > dereference. Also works if a function parameter. I wondered why > std::string isn't detected by this static analyser option. Because the analyzer does not know the C++ standard disallows to use NULL here. It just analyzes the code. The code in libstdc++ reads: basic_string(const _CharT* __s, const _Alloc& __a =3D _Alloc()) : _M_dataplus(_M_local_data(), __a) { =20 // NB: Not required, but considered best practice. if (__s =3D=3D 0) std::__throw_logic_error(__N("basic_string: " "construction from null is not valid= ")); const _CharT* __end =3D __s + traits_type::length(__s); _M_construct(__s, __end, forward_iterator_tag()); } =20 As you can see yourself, though the standard implies using NULL here is a UB, libstdc++ does not really code a UB here. So the analyzer will consider the code absolutely valid. Note that throwing a C++ exception is not a programming error. It's perfectly legal to catch the exception elsewhere. It's also perfectly legal not to catch it and treat it as an abort() (calling abort is also not a programming error). > It's not pretty, but this wrapper catches NULL passed at compile time: >=20 > std::string make_std_string(const char * const str) > { > =C2=A0=C2=A0=C2=A0 // This line ensures: warning: dereference of NULL '0'= [CWE-476] > [-Wanalyzer-null-dereference] > =C2=A0=C2=A0=C2=A0 char b =3D *str;=20 You are invoking an undefined behavior here if str is NULL, so it's essentially same as using a nonnull attribute for make_std_string. --=20 Xi Ruoyao School of Aerospace Science and Technology, Xidian University