On 20/02/2023 13:44, Jonathan Wakely wrote: > On Mon, 20 Feb 2023 at 12:59, Xi Ruoyao <xry111@xxxxxxxxxxx> wrote: >> >> On Mon, 2023-02-20 at 11:30 +0000, Jonny Grant wrote: >> >>> Thank you for the suggestion, I gave that nonnull attribute a try, but >>> it doesn't appear to warn for this example. >>> >>> https://godbolt.org/z/boqTj6oWE >> >> Ouch... The optimizer inlined make_std_string so both -Wnonnull and - >> fanalyzer fails to catch the issue here. >> >> Adding noipa attribute for make_std_string will work, but will also >> cause the generated code stupidly slow. Maybe: >> >> #ifdef WANT_DIAGNOSTIC >> #define MAKE_STD_STRING_ATTR __attribute__ ((noipa, nonnull)) >> #else >> #define MAKE_STD_STRING_ATTR >> #endif >> >> std::string make_std_string(const char * const str) MAKE_STD_STRING_ATTR; >> >> It still looks very stupid though. >> >>> Feels useful to get build warnings if compiler knows nullptr is going >>> to be dereferenced, as clang does. >> >> The problem is in this case nullptr is not dereferenced, at all. So if >> we want a warning here we'll have to invent some new __builtin or >> __attribute__ to give the compiler a hint. AFAIK there is no such >> facility now. > > I think __attribute__((access(read_only, 1))) should do it. I tried here, but no luck, is this example the way you mean? gcc trunk. https://godbolt.org/z/haq18bvPP Kind regards Jonny
