This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [doc,committed] clarify docs for function attribute "const"


On 11/26/18 8:45 PM, Sandra Loosemore wrote:
On 11/26/18 8:32 PM, Martin Sebor wrote:
On 11/26/18 11:13 AM, Sandra Loosemore wrote:
On 11/26/18 10:17 AM, Martin Sebor wrote:
On 11/25/18 6:40 PM, Sandra Loosemore wrote:
I've checked in the attached patch for PR79738.

I think we have lost something important with the clarification
of attribute const:

   The @code{const} attribute imposes greater restrictions on
   a function's definition than the similar @code{pure} attribute
   below because it additionally prohibits the function from reading
   memory except for constant global variables.

Permitting a const function to only read global constants means
it can't read local variables (including static const locals).
Something like the following should fix that:

   The @code{const} attribute prohibits a function from accessing
   objects whose value can change between successive invocations of
   the function.  Functions declared with the @code{const} attribute
   may access non-volatile constant objects with any storage duration.
   The attribute imposes greater restrictions on a function's definition
   than the similar @code{pure} attribute.

I have also removed the mention of global variables (since objects
at other scopes, including static locals or thread-local variables,
are also included) and instead of "reading" used the term "accessing"
since const functions can neither read nor write such objects.
  Finally, I've avoided describing the attribute in terms of pure
("additionally") and instead only mentioned pure for reference.

Let me know how this sounds.

Hmmm.  If we go with this wording, then the description of "pure" needs to be updated too, since it also uses the "constant global variables" language now to describe how it differs from "pure".  I think we do need some succinct summary of exactly how the two attributes differ to explain why it is an error to provide both attributes and help users choose which is more appropriate.  Using parallel language except in the particulars that differ is one way to accomplish that.

I admit I really struggled with the wording in coming up with the previous patch....  :-(  I thought I understood the difference, but I guess not.  :-(

I agree that both const and pure should be updated as well.  Let
me put together a patch for both.

Thanks.  I was going to take another stab at it myself after finishing some other stuff in my queue, but I'll wait and see what you suggest.

Attached is my proposed update.  The user's email suggested going
into a lot of detail that I'm not sure would be helpful.  I think
it's safer to keep it simple than to try to carefully outline tricky
conditions under which some const or pure functions might get away
with modifying program state.  At the same time, I tried not to
outright prohibit it so I phrased the restrictions in terms of
observable program state (as opposed to reading or writing
"global" variables and such).

I also made a few other changes, like move the example of
the square function from pure to const (since the function is
much more likely const), and made the const restrictions stand
on their own, rather than depending on pure.

Martin
PR 79738 - Documentation for __attribute__((const)) slightly misleading

	* doc/extend.texi (attribute const, pure): Clarify.

Index: /ssd/src/gcc/svn/gcc/doc/extend.texi
===================================================================
--- /ssd/src/gcc/svn/gcc/doc/extend.texi	(revision 266760)
+++ /ssd/src/gcc/svn/gcc/doc/extend.texi	(working copy)
@@ -2518,25 +2518,45 @@ are automatically detected and this attribute is i
 @item const
 @cindex @code{const} function attribute
 @cindex functions that have no side effects
-Many functions do not examine any values except their arguments, and
-have no effects except to return a value.  Calls to such functions lend
-themselves to optimization such as common subexpression elimination.
-The presence of the @code{const} attribute on a function declaration 
-allows GCC to emit more efficient code for some calls to the function.  
+Calls to functions whose return value is not affected by changes to
+the observable state of the program and that have no observable effects
+on such state other than to return a value may lend themselves to
+optimizations such as common subexpression elimination.  Declaring such
+functions with the @code{const} attribute allows GCC to emit more efficient
+code for consecutive calls to the function.
 
+The @code{const} attribute prohibits a function from reading objects
+that affect its return value between successive invocations.  However,
+functions declared with the attribute can safely read objects that do
+not affect their return value, such as non-volatile constants.
 The @code{const} attribute imposes greater restrictions on a function's
-definition than the similar @code{pure} attribute below because it
-additionally prohibits the function from reading memory except for
-constant global variables.  Decorating the same function with
-both the @code{const} and the @code{pure} attribute is diagnosed.
+definition than the similar @code{pure} attribute.  Declaring the same
+function with both the @code{const} and the @code{pure} attribute is
+diagnosed.  Because a const function cannot have any observable side
+effects it does not make sense for it to return @code{void}.  Declaring
+such a function is diagnosed.
 
+For example,
+
+@smallexample
+int square (int) __attribute__ ((const));
+@end smallexample
+
+@noindent
+tells GCC that subsequent calls to function @code{square} with the same
+argument value can be replaced by the result of the first call regardless
+of the statements in between.
+
 @cindex pointer arguments
 Note that a function that has pointer arguments and examines the data
-pointed to must @emph{not} be declared @code{const}.  Likewise, a
-function that calls a non-@code{const} function usually must not be
-@code{const}.  Because a @code{const} function cannot have any side
-effects it does not make sense for such a function to return @code{void}.
-Declaring such a function is diagnosed.
+pointed to must @emph{not} be declared @code{const} if the pointed-to
+data might change between successive invocations of the function.  In
+general, since a function cannot distinguish data that might change
+from data that cannot, @code{const} functions should never be
+pass-by-reference.  Likewise, a function that calls a non-@code{const}
+function usually must not be @code{const}.  Because a @code{const}
+function cannot have any side effects it does not make sense for such
+a function to return @code{void}. Declaring such a function is diagnosed.
 
 @item constructor
 @itemx destructor
@@ -3301,34 +3321,51 @@ to prevent recursion.
 @item pure
 @cindex @code{pure} function attribute
 @cindex functions that have no side effects
-Many functions have no effects except the return value and their
-return value depends only on the parameters and/or global variables.
-Calls to such functions can be subject
-to common subexpression elimination and loop optimization just as an
-arithmetic operator would be.  These functions should be declared
-with the attribute @code{pure}.  For example,
 
+Calls to functions that have no observable effects on the state of
+the program other than to return a value may lend themselves to optimizations
+such as common subexpression elimination.  Declaring such functions with
+the @code{pure} attribute allows GCC to emit more efficient code for
+consecutive calls to the function.
+
+The @code{pure} attribute prohibits a function from modifying the state
+of the program that is observable by means other than inspecting
+the function's return value.  However, functions declared with the @code{pure}
+attribute can safely read any non-volatile objects, and modify the value of
+objects in a way that does not affect their return value or the observable
+state of the program.  Declaring the same function with both the @code{const}
+and the @code{pure} attribute is diagnosed.
+
+For example,
+
 @smallexample
-int square (int) __attribute__ ((pure));
+int hash (char *) __attribute__ ((pure));
 @end smallexample
 
 @noindent
-says that the hypothetical function @code{square} is safe to call
-fewer times than the program says.
+tells GCC that subsequent calls to the function @code{hash} with the same
+string can be replaced by the result of the first call provided the state
+of the program observable by @code{hash}, including the contents of the array
+itself, does not change in between.  Even though @code{hash} takes a non-const
+pointer argument it must not modify the array it points to, or any other object
+whose value the rest of the program may depend on.  However, making changes to
+the array between successive calls to the function is permitted.  The restriction
+also applies to member objects referenced by the @code{this} pointer in C++
+non-static member functions.
 
 Some common examples of pure functions are @code{strlen} or @code{memcmp}.
 Interesting non-pure functions are functions with infinite loops or those
 depending on volatile memory or other system resource, that may change between
-two consecutive calls (such as @code{feof} in a multithreading environment).
+consecutive calls (such as the @code{feof} function in a multithreading
+environment).
 
 The @code{pure} attribute imposes similar but looser restrictions on
 a function's definition than the @code{const} attribute: @code{pure}
-allows the function to read any non-volatile memory, not just
-constant global variables.  Decorating the same function with
-both the @code{pure} and the @code{const} attribute is diagnosed.
-Because a @code{pure} function cannot have any side effects it does not
-make sense for such a function to return @code{void}.  Declaring such
-a function is diagnosed.
+allows the function to read any non-volatile memory.  Declaring
+the same function with both the @code{pure} and the @code{const} attribute
+is diagnosed.  Because a pure function cannot have any observable side effects
+it does not make sense for such a function to return @code{void}.  Declaring
+such a function is diagnosed.
 
 @item returns_nonnull
 @cindex @code{returns_nonnull} function attribute

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]