https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111351
Bug ID: 111351
Summary: constexpr std::string objects permitted to escape
constant evaluation when SSO
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
Assignee: unassigned at gcc dot gnu.org
Reporter: foom at fuhm dot net
Target Milestone: ---
In C++20, libstdc++ currently allows an std::string instance to escape from
constant evaluation to runtime, as long as the string fit within the SSO
length.
E.g., as a global variable, compiled with -std=c++20:
constexpr std::string s1; // OK
constexpr std::string s1 = ""; // OK
constexpr std::string s1 = "0123456789abcde"; // OK
constexpr std::string s2 = "0123456789abcdef"; // FAIL
I believe all of the above ought to fail to compile.
This will result in user code which can be built or not based on whether their
string happens to fit within the SSO string length. I find that quite
unfortunate, since it is supposed to be an internal implementation
detail/optimization, and this makes it effectively part of the API that code
will grow to depend on.
As comparison, libc++ rejects all the above examples, by forcing the SSO-size
to zero in constant evaluation context, so that a pointer to an external
allocation is always used.
This was brought to my attention from
https://quuxplusone.github.io/blog/2023/09/08/constexpr-string-firewall/
