[RFC] Support for nonzero attribute
Before becoming a "C" programmer, I spent few years building simulations in
Pascal. I still remember (and long for) the ability to define integer with
range constraints:
var foobar: 10..50 ; // Accept 10, 11, 12, ..., 49, 50
The specific non-zero constraint is a specific implementation of the range
operator (with some exception see below). Wanted to suggest going for
more ambitious goal: add min and max attributes to (integer) types and
variables. This will address the specific case of non-zero, but has a lot
of potential to be built upon: can be used for compile time testing, run
time parameter checking, storage optimization (similar to packed), run time
optimization (e.g. eliminating runtime tests), Also expected range
information can have a positive impact on code safety/validation.
typedef int postivieInt __attribute__ (minValue(1), maxValue(INTMAX) ;
typedef int foobar __attribute__ ((minValue(10), maxValue(50)) ;
If this can be implemented, it will provide for much more
flexibility (e.g., ability to specify that any specific parameter must be
non-zero).
int foo (int x __attribute__ (minValue(1)), int y, int z __attribute__
(minValue(1)) ;
int foo (positiveInt x, int y, positiveInt y) ;
Assuming this can be implemented, compile time tests should be automatic,
whenever possible. Run time tests should be enabled with flags (to allow
optimized code to run without expensive run time tests).
Note1:
While for many use cases non-zero (including forcing ENUM value, and
minValue(1) are the same, the above does not cover the user case where a
signed int does not accept a zero. For this use case, I believe the nonZero
attribute is still needed.
typedef int limitedInt __attribute((minValue(-20)), maxValue(+20), nonZero)
I do recall that few other languages had similar abilities (Ada, Java (via
annotations), ...)
Yair
>
>
>
> -- Forwarded message --
> From: Miika
> To: "gcc@gcc.gnu.org"
> Cc:
> Bcc:
> Date: Fri, 03 Jun 2022 16:34:48 +
> Subject: [RFC] Support for nonzero attribute
> Hello,
>
> I would like to add support for new attribute: nonzero.
> Nonzero attribute works the same way as nonnull but instead of checking for
> NULL, it checks for integer or enum with value 0.
>
> Nonzero attribute would issue warnings with new compiler flag
> -Wnonzero and -Wnonzero-compare.
>
> Nonzero could be useful when user wants to make sure that for example enum
> with value of 0 is not used or flag argument is not set to 0.
>
>
> For example compiling following code with "gcc -Wnonzero -Wnonzero-compare
> foo.c"
>
> #include
> enum bar{NONE, SOME};
>
> void foo(int d, enum bar b) __attribute__ ((nonzero (1, 2)));
> void foo(int d, enum bar b) {
> printf("%d\n", d == 0);
> printf("%d\n", b == NONE);
> }
>
> int main() {
> foo(0, NONE);
> }
>
>
> Would give the following error
>
> foo.c: In function 'main':
> foo.c:11:9: warning: zero argument where nonzero required (argument 1)
> [-Wnonzero]
>11 | foo(0, NONE);
> | ^~~
> ...
[RFC] Support for nonzero attribute
Thank you for the feedback! On Friday, June 3rd, 2022 at 7:45 PM, Jakub Jelinek wrote: > For some functions, 0 could be a value it wants to avoid, for others > such value could be -1, negative value, positive, whatever else... > IMHO if we want to add anything like this, it should be more generic, > specify that a particular argument must have value in a specific range. That's a really good point. Making it generic makes a lot more sense. I'll try to design some kind of a range attribute and see how it feels.
[RFC] Support for nonzero attribute
On Saturday, June 4th, 2022 at 1:26 PM, Yair Lenga via Gcc wrote: > The specific non-zero constraint is a specific implementation of the range > operator (with some exception see below). Wanted to suggest going for > more ambitious goal: add min and max attributes to (integer) types and > variables. This will address the specific case of non-zero, but has a lot > of potential to be built upon: can be used for compile time testing, run > time parameter checking, storage optimization (similar to packed), run time > optimization (e.g. eliminating runtime tests), Also expected range > information can have a positive impact on code safety/validation. I like this idea a lot too. I'll definitely look into adding a "range" variable attribute after the work with function attributes is done. I'm not that familiar with GCC's optimizer but basic compiler warnings should be fairly easy to implement. Miika
Re: [RFC] Support for nonzero attribute
Static checks will be a good starting point! On Sat, Jun 4, 2022 at 7:55 AM Miika wrote: > On Saturday, June 4th, 2022 at 1:26 PM, Yair Lenga via Gcc < > gcc@gcc.gnu.org> wrote: > > The specific non-zero constraint is a specific implementation of the > range > > operator (with some exception see below). Wanted to suggest going for > > more ambitious goal: add min and max attributes to (integer) types and > > variables. This will address the specific case of non-zero, but has a lot > > of potential to be built upon: can be used for compile time testing, run > > time parameter checking, storage optimization (similar to packed), run > time > > optimization (e.g. eliminating runtime tests), Also expected range > > information can have a positive impact on code safety/validation. > > > I like this idea a lot too. I'll definitely look into adding a "range" > variable attribute after the work with function attributes is done. > I'm not that familiar with GCC's optimizer but basic compiler warnings > should be fairly easy to implement. > > Miika >
gcc-12-20220604 is now available
Snapshot gcc-12-20220604 is now available on https://gcc.gnu.org/pub/gcc/snapshots/12-20220604/ and on various mirrors, see http://gcc.gnu.org/mirrors.html for details. This snapshot has been generated from the GCC 12 git branch with the following options: git://gcc.gnu.org/git/gcc.git branch releases/gcc-12 revision 6947c045af7aaed189b0f84f74c3a82d74c60c27 You'll find: gcc-12-20220604.tar.xz Complete GCC SHA256=3acf33a6436667d1a6eacb7733d2ce2285806ca4c402f0cc4e2856dcda1c3160 SHA1=a9c4e9b5b26d30711e28cba68bd1e82908ead46e Diffs from 12-20220528 are available in the diffs/ subdirectory. When a particular snapshot is ready for public consumption the LATEST-12 link is updated and a message is sent to the gcc list. Please do not use a snapshot before it has been announced that way.
