Re: Apply function attributes (e.g., [[gnu::access()]]) to pointees too

Thu, 11 Jul 2024 09:34:26 -0700 

Hi Martin, David,

On Thu, Jul 11, 2024 at 06:08:38PM GMT, David Brown wrote:
> On 11/07/2024 11:58, Martin Uecker via Gcc wrote:
> > >   [[gnu::access(read_write, 1)]]
> > >   [[gnu::access(read_only, 2)]]
> > >   [[gnu::nonnull(1, 2)]]
> > >   [[gnu::null_terminated_string_arg(2)]]
> > >   char *
> > >   strsep(char **restrict sp, const char *delim);
> > 
> > The main problem from a user perspective is that
> > these are attributes on the function declaration
> > and not on the argument (type).
> > 
> > > 
> > > I was thinking that with floating numbers, one could specify the number
> > > of dereferences with a number after the decimal point.  It's a bit
> > > weird, since the floating point is interpreted as two separate integer
> > > numbers separated by a '.', but could work.  In this case:
> > > 
> > >   [[gnu::access(read_write, 1)]]
> > >   [[gnu::access(read_write, 1.1)]]
> > >   [[gnu::access(read_only, 2)]]
> > >   [[gnu::nonnull(1, 2)]]
> > >   [[gnu::null_terminated_string_arg(1.1)]]
> > >   [[gnu::null_terminated_string_arg(2)]]
> > >   char *
> > >   strsep(char **restrict sp, const char *delim);
> > > 
> > > Which would mark the pointer *sp as read_write and a string.  What do
> > > you think about it?
> > 
> > If the attributes could be applied to the type, then
> > one could attach them directly at an intermediate
> > pointer level, which would be more intuitive and
> > less fragile.
> > 
> 
> That would be a huge improvement (IMHO).  Then you could write :
> 
> #define RW [[gnu::access(read_write)]]
> #define RO [[gnu::access(read_only)]]
> #define NONNULL [[gnu::nonnull]]
> #define CSTRING [[gnu::null_terminated_string_arg]]
> 
> char * strsep(char * RW * RW NONNULL CSTRING restrict sp,
>       const char * RO NUNNULL CSTRING delim);

Yup; if that could be done, it would be interesting.  Martin, can it be
done?  I'm worried that it might get ambiguous in some cases.  Is there
any summary of positions where C23 attributes can go and their meanings?
I always have a hard time finding all the possible combinations.

Should such a new attribute go to the left of the '*', or to the right?

> It would be even better if the characteristics could be tied into a typedef.
> 
> typedef const char * [[gnu::access(read_only)]] [[gnu::nonnull]]
> [[gnu::null_terminated_string_arg]] const_cstring;

Hmmmm.

> David

Cheers,
Alex

-- 
<https://www.alejandro-colomar.es/>

Attachment: signature.asc
Description: PGP signature

Reply via email to