This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Proposal: readable and writable attributes on variables

From: Jens Bauer <jens-lists at gpio dot dk>
To: gcc at gcc dot gnu dot org
Date: Tue, 30 Aug 2016 14:22:14 +0200
Subject: Proposal: readable and writable attributes on variables
Authentication-results: sourceware.org; auth=none

Hi all.

I know it's possible to declare a variable 'read-only' by using 'const'.

When working with microcontrollers (small ICs, which often requires you to write your code at driver-level), you need to be able to declare a structure member 'read-only', 'write-only' or 'read+write'.
In addition to that, it would definitely be handy to declare variables 'no access'

So I'd like to propose the following two attributes, which is 'off' by default (eg. read access + write access):
__attribute__((not_readable))
__attribute__((not_writable))

Any combination of those allowed.

This could help prevent ugly bugs, which were caused by reading a memory location, which is only writable.
Such memory locations exist on microcontrollers (hardware registers): some are only readable, some are only writable, some are both readable, some are neither.
Writing a location, which is not writable on a microcontroller may result in an exception (crash).
Reading a location, which is not readable on a microcontroller may result in an exception (crash).

(Note: All hardware registers in microcontrollers should always be declared volatile, but volatile has nothing to do with this proposal).

In addition to being useful on microcontrollers and being useful for device-driver designers (for instance for Linux, Windows, Un*x and so on), it would be useful for restricting direct access to structure members or variables.
Eg. one could prevent access to a uint32, which is of "unknown format", so that only a converter function may be used to set or get the value of that uint32.
That would force the code to call a 'setter' or 'getter' function (or force the programmer to hack his way through, eh).

'const' could simply be 'reduced' to just setting the 'not_writable' attribute.

For some real-world examples, see the file core_cm0.h, core_cm3.h, core_cm4.h in the CMSIS includes.
CMSIS define __IO, __I and __O, but they're all writable, which is not really desired.
Reserved sections should be declared 'no_access' (eg not_readable, not_writable).

Love
Jens

Follow-Ups:
- Re: Proposal: readable and writable attributes on variables
  - From: Martin Sebor

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]