lifetimebound compile attribute #20493

issue MarcoFalke openend this issue on November 25, 2020
  1. MarcoFalke commented at 2:24 pm on November 25, 2020: member

    (copied from #19387 (comment) ):

    There are a lot more cases in the codebase where a data type stores a reference or pointer to another object provided to the constructor exist. For example:

    • In src/stream.h: OverrideStream, CVectorReader, BitStreamReader, BitStreamWriter
    • In src/script/sign.h: MutableTransactionSignatureCreator (#19426).
    • In src/script/interpreter.h: GenericTransactionSignatureChecker
    • In src/serialize.h: Wrapper, Using
    • In src/wallet/rpcwallet.cpp: DescribeWalletAddressVisitor
    • In src/key_io.cpp: DestinationEncoder
    • In src/dbwrapper.h: CDBBatch, CDBIterator
    • In src/flatfile.h: FlatFileSeq
    • In src/hash.h: CHashVerifier
    • In src/miner.h: CBlockAssembler
    • In src/net_processing.h: PeerLogicValidation
    • In src/scheduler.h: SingleThreadedSchedulerClient (#25040)
    • In src/sync.h: CSemaphoreGrant
    • In src/validation.h: CScriptCheck, ChainstateManager, CChainState

    Several of these accept const lvalue references, and store them, and are at risk already. Others take in a mutable lvalue reference or pointers, but would make sense to support rvalue/universal references as input (so that temporaries can be passed to it). In all those cases, having a lifetimebound attribute would be useful.

    So I think that means we should just put it in attributes.h. There is plenty of potential for it.

  2. MarcoFalke added the label Brainstorming on Nov 25, 2020
  3. laanwj commented at 10:57 am on April 5, 2022: member
    Concept ACK.
  4. MarcoFalke commented at 6:11 pm on April 29, 2022: member

    Looks like LIFETIMEBOUND does not work for function parameters that are not references or pointers. So for example, it does not tie to std::string_view, but it does tie to const std::string_view&. However, it will then treat any temporary as a violation. For example, TrimStringView(view.substr(6)) is a violation.

    See also: https://docs.google.com/document/d/e/2PACX-1vRZr-HJcYmf2Y76DhewaiJOhRNpjGHCxliAQTBhFxzv1QTae9o8mhBmDl32CRIuaWZLt5kVeH9e9jXv/pub

  5. MarcoFalke commented at 12:40 pm on May 12, 2022: member
    Closing for now, but improvements are welcome
  6. MarcoFalke closed this on May 12, 2022
  7. MarcoFalke commented at 4:01 pm on June 6, 2022: member
    Another observation is that this attribute might not help for mutable references, as the language already forbids initializing them with temporaries and the compilers offer no further warnings on top of that (using the attribute), it seems.
  8. DrahtBot locked this on Jun 6, 2023


MarcoFalke laanwj

Labels
Brainstorming

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-11-17 12:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me