public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "redi at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug c++/106926] string_view construction from literal string containing null/zero should warn Date: Thu, 15 Sep 2022 20:21:46 +0000 [thread overview] Message-ID: <bug-106926-4-FEp7v8h0tJ@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-106926-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106926 --- Comment #3 from Jonathan Wakely <redi at gcc dot gnu.org> --- (In reply to John Zwinck from comment #2) > I agree the same problem could happen with std::string. As for your idea to > add an attribute, I assume you mean something like this: > > string_view(const char* s __attribute__((does_strlen))); Yes. > I think this would work but it seems like the attribute would have to be > added in many places. Why? I don't think there are that many places. > Instead, the compiler could statically determine that > the length of the string is lost in code like this: > > string_view foo("bad\0string"); How would it determine that? By inlining the eventual call to strlen (several function calls down from the location of the literal)? > And maybe even here: > > const char* bar = "another\0one"; > > Though that may be a step too far because someone could hard-code the length > 12 elsewhere, and there probably is code in the wild doing that. I agree that's not a good idea. > In general the diagnostic could apply wherever the compiler knows the > contents will be copied. But that doesn't apply to string_view, there's no copying. And such a warning would require optimization and inlining to be effective. How would the compiler know that? That's why I suggested an attribute, because the call site can give a warning without having to know what happens inside the function, and everything that it calls. Relying on arbitrarily deep inlining doesn't sound like it will be very effective, nor does expecting the compiler to just "know" which functions this applies to. > Since that's not always possible to know, maybe it > could assume copying will happen when the literal is passed to an > out-of-line function. That seems like a bad idea too. Every function is "an out of line function" at -O0.
next prev parent reply other threads:[~2022-09-15 20:21 UTC|newest] Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-09-13 12:27 [Bug c++/106926] New: " jzwinck at gmail dot com 2022-09-13 14:48 ` [Bug c++/106926] " redi at gcc dot gnu.org 2022-09-15 18:21 ` jzwinck at gmail dot com 2022-09-15 20:21 ` redi at gcc dot gnu.org [this message] 2022-09-16 14:24 ` jzwinck at gmail dot com
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-106926-4-FEp7v8h0tJ@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).