Date: Fri, 21 Jul 2023 22:53:25 +0300
On 7/21/23 22:40, Ville Voutilainen via Std-Proposals wrote:
> On Fri, 21 Jul 2023 at 22:36, Jonathan Wakely via Std-Proposals
> <std-proposals_at_[hidden]> wrote:
>>
>>
>>
>> On Fri, 21 Jul 2023, 18:16 Arthur O'Dwyer via Std-Proposals, <std-proposals_at_[hidden]> wrote:
>>>
>>> On Fri, Jul 21, 2023 at 12:59 PM Jerry Coffin via Std-Proposals <std-proposals_at_[hidden]> wrote:
>>>>
>>>> There's a corner case for which the current specification of `std::string::append` will frequently lead to undefined behavior.
>>>>
>>>> Consider something like:
>>>>
>>>> ```cpp
>>>> std::strings = "A long enough string that two copies of it probably won't fit into the currently allocated storage";
>>>> s.append(s);
>>>> ```
>>>
>>>
>>> Even more natural:
>>> s += s;
>>> which is equivalent to
>>> s.append(s)
>>> which is equivalent to
>>> s.append(s.data(), s.size())
>>> which has the following effects ([string.append]/8):
>>>> Appends a copy of the range [s, s + n) to the string.
>>>
>>> However — it is not clear to me that this wording gives the implementation permission to append anything other than [s, s+n) to the string in the case that the appending operation itself causes [s, s+n) to become invalidated.
>>
>>
>> This is absolutely required to work. The string can detect that the argument aliases its current content and deal with it.
>>
>> It also has to work for s.insert(pos1, s, pos2, n) and s.replace(pos1, n1, s, pos2, n2) which is trickier, but has to work.
>>
>> The only time the implementation doesn't have to deal with this is if the string parameters is an rvalue reference, in which case it can assume no aliasing.
>
> Doesn't the proper handling of this case almost fall out from the
> exception safety requirements?
The case with buffer reallocation is easy and not a problem - you
allocate the new buffer and compose the resulting string in it. Aliasing
is not an issue in this case.
The tricky case is when you *don't* reallocate. There's no exception in
this case, and the implementation has to be careful wrt. aliasing as it
has to modify the string in-place. That is, unless the implementation is
lazy and does reallocation anyway in case of aliasing.
> On Fri, 21 Jul 2023 at 22:36, Jonathan Wakely via Std-Proposals
> <std-proposals_at_[hidden]> wrote:
>>
>>
>>
>> On Fri, 21 Jul 2023, 18:16 Arthur O'Dwyer via Std-Proposals, <std-proposals_at_[hidden]> wrote:
>>>
>>> On Fri, Jul 21, 2023 at 12:59 PM Jerry Coffin via Std-Proposals <std-proposals_at_[hidden]> wrote:
>>>>
>>>> There's a corner case for which the current specification of `std::string::append` will frequently lead to undefined behavior.
>>>>
>>>> Consider something like:
>>>>
>>>> ```cpp
>>>> std::strings = "A long enough string that two copies of it probably won't fit into the currently allocated storage";
>>>> s.append(s);
>>>> ```
>>>
>>>
>>> Even more natural:
>>> s += s;
>>> which is equivalent to
>>> s.append(s)
>>> which is equivalent to
>>> s.append(s.data(), s.size())
>>> which has the following effects ([string.append]/8):
>>>> Appends a copy of the range [s, s + n) to the string.
>>>
>>> However — it is not clear to me that this wording gives the implementation permission to append anything other than [s, s+n) to the string in the case that the appending operation itself causes [s, s+n) to become invalidated.
>>
>>
>> This is absolutely required to work. The string can detect that the argument aliases its current content and deal with it.
>>
>> It also has to work for s.insert(pos1, s, pos2, n) and s.replace(pos1, n1, s, pos2, n2) which is trickier, but has to work.
>>
>> The only time the implementation doesn't have to deal with this is if the string parameters is an rvalue reference, in which case it can assume no aliasing.
>
> Doesn't the proper handling of this case almost fall out from the
> exception safety requirements?
The case with buffer reallocation is easy and not a problem - you
allocate the new buffer and compose the resulting string in it. Aliasing
is not an issue in this case.
The tricky case is when you *don't* reallocate. There's no exception in
this case, and the implementation has to be careful wrt. aliasing as it
has to modify the string in-place. That is, unless the implementation is
lazy and does reallocation anyway in case of aliasing.
Received on 2023-07-21 19:53:28