This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: pure/const function attribute and memoization
- From: Richard Biener <richard dot guenther at gmail dot com>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: gcc <gcc at gcc dot gnu dot org>
- Date: Wed, 15 May 2013 12:01:03 +0200
- Subject: Re: pure/const function attribute and memoization
- References: <51933E30 dot 1040900 at redhat dot com> <CAFiYyc2=ZBhtbn4JLaaD0xcpvJ5dbN2os6YAX=9xHs0OO_7Hiw at mail dot gmail dot com> <5193516B dot 3040503 at redhat dot com>
On Wed, May 15, 2013 at 11:12 AM, Florian Weimer <fweimer@redhat.com> wrote:
> On 05/15/2013 11:01 AM, Richard Biener wrote:
>>
>> Now - if there would ever be an architecture where special call-site
>> preparation
>> is required for a callee to write to global memory then marking a function
>> 'const'
>> when it does in fact write to global memory then GCC may choose to
>> optimize
>> the call site to not do that call-site preparation. At least that
>> would be valid according to the current documentation.
>
>
> That's a good point.
>
> The more immediate concern is that the compiler could apply the const
> attribute to the function definition itself and deduct that code paths with
> global memory references are unreachable. Apparently, this is something
> that Clang does in some cases.
We don't do that. The only attribute I am aware of that does this is
the nonnull attribute annotating function parameters. But yes, probably
a detail that should be documented as well (the current documentation
does not prohibit GCC from replacing all global memory accesses in
const functions with __builtin_unreachable (), nor does it prohibit
GCC to derive 'const' attributes for all called functions in a 'const' function,
even if the calls may not be executed at runtime)
Richard.
>
>> Which means, annotating a function as const / pure in the way you mean to
>> is safe currently, but to make it safe in the future can you try to
>> formulate
>> an amendmend to the documentation that defines such annotations as valid?
>
>
> I'll think about it. It's not something I can extemporize,
>
>
> --
> Florian Weimer / Red Hat Product Security Team