std::string view is a reference-like data structure in the C++ Standard Template Library (STL) that enables fast and cheap processing of read-only strings. Due to its wide applicability and performance enhancing power, std::string view has been very popular since its introduction in the C++17 standard. However, its careless use can lead to serious memory management bugs. As the lifetime of a std::string view is not tied to the lifetime of the referenced string in any way, it is the user's responsibility to ensure that the view is only used while the viewed string is live and its buffer is not reallocated. This paper describes a static analysis tool that finds programming errors caused by the incorrect use of std::string view. Our work included modeling std::string view operations in the analysis, defining steps to detect lifetime errors, constructing user-friendly diagnostic messages, and performing an evaluation of the checker.
翻译:std::string_view是C++标准模板库(STL)中一种类引用的数据结构,能够实现对只读字符串的快速且低开销处理。由于其广泛的适用性和性能提升能力,自C++17标准引入以来,std::string_view已变得非常流行。然而,对其不当使用可能导致严重的内存管理错误。由于std::string_view的生命周期与所引用字符串的生命周期并无任何绑定关系,用户有责任确保仅在所查看字符串存活且其缓冲区未被重新分配时使用该视图。本文描述了一种静态分析工具,用于发现因错误使用std::string_view而导致的编程错误。我们的工作包括在分析中对std::string_view操作进行建模、定义检测生命周期错误的步骤、构建用户友好的诊断信息,并对该检查器进行了评估。