On Mon, Apr 28, 2008 at 03:04:56PM -0400, Diego Novillo wrote: > [ Apologies if this comes out twice. I posted this message last week, > but I think it was rejected because of a .pdf attachment. ] > > We have been bouncing ideas for a new mechanism to describe the behavior > of function calls so that optimizers can be more aggressive at call > sites. Currently, GCC supports the notion of pure/impure, > const/non-const, but that is not enough for various cases. > > The main application for this would be stable library code like libc, > that the compiler generally doesn't get to process. ... > The main idea is to add a variety of attributes to describe contracts > for function calls. When the optimizers read in the function > declaration, they can take advantage of the attributes and adjust the > clobbering effects of call sites.
Such a facility can have other uses, particularly for static analysis, by allowing simple preconditions and postconditions to be specified. For example: * a returned pointer is guaranteed to be non-null. * a supplied pointer is always dereferenced. * a supplied pointer must be dereferenceable on input, and that pointer is no longer dereferenceable after return, e.g. free(). Of course, there's a tradeoff between implementation complexity and features, as always. While these facilities might help the optimizer, the compiler could also issue warnings if it detects that a precondition must be violated (and this can also be used to check the correctness of any user-supplied annotations).
