Safety: Use proper ref specifiers on methods that returns reference to members

[danmar]

A method that returns a reference to member data will be dangerous to use on temporary objects. Use ref specifiers we can prevent that these methods are used on temporary objects.

This example code does not compile:

#include <string>
#include <vector>

struct C {
    const std::string& getx(int i) & { return x.at(i); }
    std::vector<std::string> x{"abc", "def"};
};

int main() {
    const std::string& x = C().getx(0);  // This is dangerous
    if (x=="abc") {}
    return 0;
}

[firewave]

The descriptions at the usual sources for standard references are quite vague on this. This explanation seems more straight forward: https://andreasfertig.blog/2022/07/the-power-of-ref-qualifiers/.

[chrchr-github]

Can we use = delete here?

[firewave]

I do no think we should add/use && unless absolutely necessary.

Especially in this case it makes no sense at all since as this class will only exist once as an global instance.

[firewave]

I would prefer if the addition of this were tool-driven instead of being added manually.

Similar to this we could also add/suggest [[clang::lifetimebound]] for parameters which are being referenced in the constructed object.

[danmar]

@firewave @chrchr-github thanks for your feedback.

These changes don't turn out well as far as I see. They solve the problem with temporaries but then introduce other problems instead. I will let this misra c++ rule be suppressed for a while.

[firewave]

These changes don't turn out well as far as I see. They solve the problem with temporaries but then introduce other problems instead.

What are those issues?

[danmar]

Well if I return by value then the dead reference problem is solved but vode like this will not work instead:

 For (it=expr().begin(); it != expr().end(); ++it)

expr() must not return by value there.