https://gcc.gnu.org/bugzilla/show_bug.cgi?id=122705
--- Comment #5 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
(In reply to Alejandro Colomar from comment #0)
> I propose [[gnu::returns_input_ptr(1)]] for strcpy(3),
> and [[gnu::returns_derived_ptr(1)]] for strstr(3),
> where in both attributes, the '1' is a parameter index, indicating
> which parameter is the provenance of the returned pointer.
And GCC already has code to special case some builtins:
```
/* Return the argument that the call STMT to a built-in function returns
(including with an offset) or null if it doesn't. */
tree
pass_waccess::gimple_call_return_arg (gcall *call)
{
/* Check for attribute fn spec to see if the function returns one
of its arguments. */
attr_fnspec fnspec = gimple_call_fnspec (call);
unsigned int argno;
if (!fnspec.returns_arg (&argno))
{
if (gimple_call_num_args (call) < 1)
return NULL_TREE;
if (!gimple_call_builtin_p (call, BUILT_IN_NORMAL))
return NULL_TREE;
tree fndecl = gimple_call_fndecl (call);
switch (DECL_FUNCTION_CODE (fndecl))
{
case BUILT_IN_MEMPCPY:
case BUILT_IN_MEMPCPY_CHK:
case BUILT_IN_MEMCHR:
case BUILT_IN_STRCHR:
case BUILT_IN_STRRCHR:
case BUILT_IN_STRSTR:
case BUILT_IN_STPCPY:
case BUILT_IN_STPCPY_CHK:
case BUILT_IN_STPNCPY:
case BUILT_IN_STPNCPY_CHK:
argno = 0;
break;
default:
return NULL_TREE;
}
}
if (gimple_call_num_args (call) <= argno)
return NULL_TREE;
return gimple_call_arg (call, argno);
}
```
Exposing this might be useful but it might also get abused incorrectly ...
