Proposal: using ref qualifiers to improve memory safety #534
JoostHouben
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
We recently had a tricky bug that was caused by lines of code looking more or less like this:
The meaning of
mySE3()
was changed: before it returned aconst SE3d&
, after it returned by value:SE3d
.Since
so3()
returns an lvalue ref to a member variable, this reference now binds to a dangling temporary.One possible solution to this is to change the definition of
SE3::so3()
so that it returns by value if*this
is an rvalue:Similarly, we can declare
data()
as deleted for rvalue objects:This will prevent these kinds of bug from happening, and it may fix and/or uncover some lurking bugs in existing code.
Of course, it would have to be rolled out to all of the Sophus accessors, not just
SE3::so3()
andSE3::data()
.Some discussion points:
std::optional<T>::value
, which returns an rvalue ref when called on an rvalue object. Clearly STL chose speed over safety. I don't think that would be the right trade-off for Sophus in this case: the STL has to account forT
being a large move-aware object; that's not the case for the objects we're talking about here.Beta Was this translation helpful? Give feedback.
All reactions