On Fri, Nov 15, 2019 at 10:28 PM Martin Sebor <mse...@gmail.com> wrote: > > Thanks for the suggestion. I will do that for GCC 11. I take > Richard's point that the attributes' semantics need to be clearly > and carefully specified before they're put to use for optimization.
Before they are exposed to users please. It doesn't help if we specify the same attribute for optimization later when uses are out in the wild "guessing" at what the possible interpretation is. Maybe we can name your attributes maybe_readonly and friends to clearly indicate that this is only a guess by the user so at most usable for diagnostics but never for optimization. Since we have quite costly attribute lookup I also prefer something that translates to less attributes - how about __attribute__((diag_argspec(1, readonly), diag_argspec(2, writeonly))) to indicate argument 1 is maybe readonly, 2 is writeonly? We can then merge this into a single diag_arspec attribute instance we can lookup. > > > > I don't see anything terribly concerning. Looking forward to the final > > iteration here. > > Attached is a subset of the original patch that just adds the three > attributes and uses them to do buffer overflow checking. I have > also enhanced the detection of invalid arguments (null pointers, > negative sizes). > > Retested on x86_64-linux. > > Martin
