From: Jonathan Wakely <jwakely@redhat.com>
To: "François Dumont" <frs.dumont@gmail.com>
Cc: "libstdc++@gcc.gnu.org" <libstdc++@gcc.gnu.org>
Subject: Re: [PATCH][_GLIBCXX_DEBUG] Add basic_string::starts_with/ends_with checks
Date: Fri, 26 Aug 2022 10:33:06 +0100 [thread overview]
Message-ID: <CACb0b4=tKL=SbJq17e-xhnL-_y5SX6MHYYxpFv3VU-U+VGU62A@mail.gmail.com> (raw)
In-Reply-To: <10daf589-f064-5d82-3093-9efe3d5af910@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1416 bytes --]
On Thu, 25 Aug 2022 at 17:12, François Dumont via Libstdc++
<libstdc++@gcc.gnu.org> wrote:
>
> I spent more time on this.
>
> Is there some discussion in the C++ Standard Committee to do something
> like what I've done ? I guess adding nullptr_t overloads for all the
> methods taking pointer is not an option, is it ?
No, I don't think so. That doesn't really help anyway, it would only
trigger if somebody calls the function with the nullptr literal, which
seems unlikely. It wouldn't help for starts_with((const char*)0) or
passing a pointer variable that happens to be null. Passing a literal
nullptr to those functions is just dumb, I don't think we should waste
our time (and slow down compilation) by handling it.
If they cannot be called with a null pointer then they should use
__attribute__((__nonnull__)), and let the compiler handle it. That's
more reliable, works without assertions enabled, and handles (const
char*)0 as well as literal nullptr constants.
I'll test the attached patch, which does that.
> Note that compilation fails but despite the dg-do xfail the test ends up
> FAIL and not XFAIL. Is this the correct syntax:
> // { dg-do compile { target c++2a xfail *-*-* } }
> ?
No, xfail means fails at runtime.
You would want to use just { target c++20 ) and then add dg-error to
the lines that are expected to trigger errors, or dg-warning for
warnings.
[-- Attachment #2: patch.txt --]
[-- Type: text/plain, Size: 4862 bytes --]
commit c1a5d9ebe73b6a7512757c5cb247d20689fa6cb6
Author: Jonathan Wakely <jwakely@redhat.com>
Date: Fri Aug 26 09:43:32 2022
libstdc++: Add nonnull to starts_with/ends_with/contains string members
Ideally this wouldn't be needed, because eventually these pointers all
get passed to either the basic_string_view(const CharT*) constructor, or
to basic_string_view::find(const CharT*), both of which already have the
attribute. But for that to work requires optimization, so that the null
value gets propagated through the call chain.
Adding it explicitly to each member that requires a non-null pointer
makes the diagnostics more reliable even without optimization. It's
better to give a diagnostic earlier anyway, at the actual problematic
call in the user's code.
libstdc++-v3/ChangeLog:
* include/bits/basic_string.h (starts_with, ends_with, contains):
Add nonnull attribute.
* include/bits/cow_string.h (starts_with, ends_with, contains):
Likewise.
* include/std/string_view (starts_with, ends_with, contains):
Likewise.
diff --git a/libstdc++-v3/include/bits/basic_string.h b/libstdc++-v3/include/bits/basic_string.h
index b04fba95678..9d8b415302b 100644
--- a/libstdc++-v3/include/bits/basic_string.h
+++ b/libstdc++-v3/include/bits/basic_string.h
@@ -3400,6 +3400,7 @@ _GLIBCXX_BEGIN_NAMESPACE_CXX11
starts_with(_CharT __x) const noexcept
{ return __sv_type(this->data(), this->size()).starts_with(__x); }
+ [[__gnu__::__nonnull__]]
constexpr bool
starts_with(const _CharT* __x) const noexcept
{ return __sv_type(this->data(), this->size()).starts_with(__x); }
@@ -3412,6 +3413,7 @@ _GLIBCXX_BEGIN_NAMESPACE_CXX11
ends_with(_CharT __x) const noexcept
{ return __sv_type(this->data(), this->size()).ends_with(__x); }
+ [[__gnu__::__nonnull__]]
constexpr bool
ends_with(const _CharT* __x) const noexcept
{ return __sv_type(this->data(), this->size()).ends_with(__x); }
@@ -3426,6 +3428,7 @@ _GLIBCXX_BEGIN_NAMESPACE_CXX11
contains(_CharT __x) const noexcept
{ return __sv_type(this->data(), this->size()).contains(__x); }
+ [[__gnu__::__nonnull__]]
constexpr bool
contains(const _CharT* __x) const noexcept
{ return __sv_type(this->data(), this->size()).contains(__x); }
diff --git a/libstdc++-v3/include/bits/cow_string.h b/libstdc++-v3/include/bits/cow_string.h
index f16e33ac1ef..f5f03338eec 100644
--- a/libstdc++-v3/include/bits/cow_string.h
+++ b/libstdc++-v3/include/bits/cow_string.h
@@ -3012,6 +3012,7 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
starts_with(_CharT __x) const noexcept
{ return __sv_type(this->data(), this->size()).starts_with(__x); }
+ [[__gnu__::__nonnull__]]
bool
starts_with(const _CharT* __x) const noexcept
{ return __sv_type(this->data(), this->size()).starts_with(__x); }
@@ -3024,6 +3025,7 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
ends_with(_CharT __x) const noexcept
{ return __sv_type(this->data(), this->size()).ends_with(__x); }
+ [[__gnu__::__nonnull__]]
bool
ends_with(const _CharT* __x) const noexcept
{ return __sv_type(this->data(), this->size()).ends_with(__x); }
@@ -3038,6 +3040,7 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
contains(_CharT __x) const noexcept
{ return __sv_type(this->data(), this->size()).contains(__x); }
+ [[__gnu__::__nonnull__]]
bool
contains(const _CharT* __x) const noexcept
{ return __sv_type(this->data(), this->size()).contains(__x); }
diff --git a/libstdc++-v3/include/std/string_view b/libstdc++-v3/include/std/string_view
index 30ff136b1cb..5b96ffeecd6 100644
--- a/libstdc++-v3/include/std/string_view
+++ b/libstdc++-v3/include/std/string_view
@@ -360,6 +360,7 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
starts_with(_CharT __x) const noexcept
{ return !this->empty() && traits_type::eq(this->front(), __x); }
+ [[__gnu__::__nonnull__]]
constexpr bool
starts_with(const _CharT* __x) const noexcept
{ return this->starts_with(basic_string_view(__x)); }
@@ -377,6 +378,7 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
ends_with(_CharT __x) const noexcept
{ return !this->empty() && traits_type::eq(this->back(), __x); }
+ [[__gnu__::__nonnull__]]
constexpr bool
ends_with(const _CharT* __x) const noexcept
{ return this->ends_with(basic_string_view(__x)); }
@@ -392,6 +394,7 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
contains(_CharT __x) const noexcept
{ return this->find(__x) != npos; }
+ [[__gnu__::__nonnull__]]
constexpr bool
contains(const _CharT* __x) const noexcept
{ return this->find(__x) != npos; }
next prev parent reply other threads:[~2022-08-26 9:33 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-14 15:32 François Dumont
2022-08-15 20:26 ` François Dumont
2022-08-25 16:11 ` François Dumont
2022-08-26 9:33 ` Jonathan Wakely [this message]
2022-08-26 9:31 ` Jonathan Wakely
2022-08-31 4:38 ` [PATCH][_GLIBCXX_DEBUG] Review null string assertions (was: Add basic_string::starts_with/ends_with checks) François Dumont
2022-08-31 9:25 ` Jonathan Wakely
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CACb0b4=tKL=SbJq17e-xhnL-_y5SX6MHYYxpFv3VU-U+VGU62A@mail.gmail.com' \
--to=jwakely@redhat.com \
--cc=frs.dumont@gmail.com \
--cc=libstdc++@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).