State of C++ Static Analysis circa 2020

栏目: IT技术 · 发布时间: 4年前

内容简介:Take the following code:All three functions

Take the following code:

#include <string_view>

int * f1()
{
    int x = 5;
    return &x;
}

struct V
{
    int * p;
};

V f2()
{
    int x = 5;
    return { &x };
}

std::string_view f3()
{
    char tmp[] = "tmp";
    return tmp;
}

All three functions obviously return dangling pointers to local stack variables. Let’s see what a few major compilers have to say on the matter.

g++ 10.1 -O2 -std=c++2a -fanalyzer -Wall -Wextra ( link ):

f1():
        xor     eax, eax
        ret
f2():
        lea     rax, [rsp-4]
        ret
f3():
        mov     eax, 3
        lea     rdx, [rsp-4]
        ret
<source>: In function 'int* f1()':
<source>:6:12: warning: address of local variable 'x' returned [-Wreturn-local-addr]
    6 |     return &x;
      |            ^~

In addition to the warning in f1 , it even zapped the pointer to nullptr . An interesting choice, with which not everyone agrees, but in my opinion returning a null pointer is much better than returning a dangling pointer to just-deallocated stack memory… which is exactly what happens in f2 and f3 .

Let’s try Microsoft cl.exe 19.24 /O2 /std:c++latest /W4 /analyze ( link ):

<source>(6) : warning C4172: returning address of local variable or temporary: x
<source>(17) : warning C4172: returning address of local variable or temporary: x

That’s better, but not better enough. std::string_view is a rather important type, and a potential rich source of lifetime mistakes.

Maybe Intel icc 19.0.1 -O2 -std=c++17 -Wall -Wextra ( link ) will fare better?

<source>(6): warning #1251: returning pointer to local variable
      return &x;
             ^

Sadly, not really. clang++ 10.0.0 -O2 -std=c++2a -Wall -Wextra ( link ) is our last hope.

<source>:6:13: warning: address of stack memory associated with local variable 'x' returned [-Wreturn-stack-address]
    return &x;
            ^
<source>:17:15: warning: address of stack memory associated with local variable 'x' returned [-Wreturn-stack-address]
    return { &x };
              ^

Good but not still good enough.

Everything is lost, then? We’ll never have compilers that catch obvious lifetime mistakes?

Maybe not. Let’s try our real last hope, the experimental -Wlifetime build of clang ( link ):

<source>:6:13: warning: address of stack memory associated with local variable 'x' returned [-Wreturn-stack-address]
    return &x;
            ^
<source>:6:5: warning: returning a dangling pointer [-Wlifetime]
    return &x;
    ^~~~~~~~~
<source>:6:5: note: pointee 'x' left the scope here
    return &x;
    ^~~~~~~~~
<source>:17:15: warning: address of stack memory associated with local variable 'x' returned [-Wreturn-stack-address]
    return { &x };
              ^
<source>:23:12: warning: address of stack memory associated with local variable 'tmp' returned [-Wreturn-stack-address]
    return tmp;
           ^~~
<source>:23:5: warning: returning a dangling pointer [-Wlifetime]
    return tmp;
    ^~~~~~~~~~
<source>:23:5: note: pointee 'tmp' left the scope here
    return tmp;
    ^~~~~~~~~~

Interesting. Not only did -Wlifetime catch f1 and f3 (but not f2 for some reason!), the normal -Wreturn-stack-address warning caught f3 this time as well, in addition to f1 and f2 .

(Herb Sutter has an interesting post about the experimental -Wlifetime compiler . It can’t arrive soon enough if you ask me.)


以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

天涯虚拟社区

天涯虚拟社区

刘华芹 / 民族出版社 / 2005-11 / 23.00元

网络空间很复杂,好多人并不完全了解或者只是了解到一些皮毛。比如说好多人对于见网友一事总是抱着浪漫或者暖昧的想法,而事实却并不总是想象的那样。作者在做虚拟社区研究甚至是在有这个想法之前并不常呆在网上,互联网对于作者来说就是查查资料、收发信年、看看新闻的工具。担是看着越来越多的人把时间花在网上,一处文化上的直觉告诉作者:有一种新的生活方式产生了。强烈的好奇心驱使着作者走到了网上,走到了天涯虚拟社区,并......一起来看看 《天涯虚拟社区》 这本书的介绍吧!

JSON 在线解析
JSON 在线解析

在线 JSON 格式化工具

随机密码生成器
随机密码生成器

多种字符组合密码

RGB CMYK 转换工具
RGB CMYK 转换工具

RGB CMYK 互转工具