https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109548
Jonathan Wakely <redi at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Last reconfirmed| |2023-04-19
Status|UNCONFIRMED |NEW
Ever confirmed|0 |1
--- Comment #1 from Jonathan Wakely <redi at gcc dot gnu.org> ---
We could special-case std::basic_string::c_str() here but maybe it would be
better to add an attribute for describing the lifetime of pointers/references
returned from member functions.
We could annotate string::c_str() and string::data() and string::begin() etc.
to indicate that they share the lifetime of *this:
[[gnu::lifetime(this)]]
const charT*
basic_string<charT, traits, Alloc>::c_str() const noexcept;
And maybe annotate member functions of view-like types to say that they _don't_
share the lifetime of *this:
[[gnu::lifetime(!this)]]
T*
span<T, E>::data() const noexcept;
(!this) is not visually distinct from (this) though, so a different syntax
would be better. Maybe lifetime(nullptr) or lifetime(0)?
It might not be possible to use lifetime(this) annotations for non-trivial
analysis, because of cases like this:
std::string s = "abc";
auto p = s.c_str(); // OK
s.clear(); // p now dangles
*p; // ERR
Without creating a DSL for describing iterator invalidation of members like
string::clear() and string::insert() we can probably only use such an attribute
to allow the front-end to diagnose the simplest cases like foo().c_str() in
comment 0.
