https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98465
--- Comment #19 from Jonathan Wakely <redi at gcc dot gnu.org> --- A new built-in seems like a very large hammer to solve this problem, which should really be implementable in quite simple pure C++. (In reply to Jakub Jelinek from comment #18) > So, can some template stuff ensure that the builtin would be only used when > using a standard allocator and not something that can say have a global: > char buffer[0x10000000]; and allocate from that? Yes, that's pretty easy. Just check it's std::allocator and the char_type is one of char, wchar_t, char16_t etc. Ugly, but easy. > Pass to the builtin all the needed info (e.g. > return __builtin_whatever_disjunct (_M_data(), this->size(), > _M_local_data(), __s); > ) and let it use points to info to fold it to false if the last pointer > can't point to either _M_local_data() pointed object or heap memory, > otherwise fold into pointer sized casts of the pointers and integral > comparisons as before? But isn't it going to be fairly common that __s points to heap memory? Or do we not care about that case, because the false positive warning only happens for non-heap memory? Tangentially, maybe we could improve _M_disjunct by passing it the length of __s, which all callers have available. If that length is larger than this->size() then we don't need the pointer comparisons. If __s points into the string, then it can't extend past the end of the string. Would the built-in be simpler and/or more useful elsewhere if it took two pointers and two lengths, and determined if one region is entirely contained within the other?
