RE: [PATCH v5 1/4] eal: add nonnull and access function attributes

DPDK patches and discussions
 help / color / mirror / Atom feed

From: "Morten Brørup" <mb@smartsharesystems.com>
To: "Thomas Monjalon" <thomas@monjalon.net>
Cc: <dev@dpdk.org>, <roretzla@linux.microsoft.com>,
	<rmody@marvell.com>, <timothy.mcdaniel@intel.com>,
	<matan@nvidia.com>, <viacheslavo@nvidia.com>,
	<ruifeng.wang@arm.com>, <zhoumin@loongson.cn>,
	<drc@linux.vnet.ibm.com>, <kda@semihalf.com>,
	<bruce.richardson@intel.com>, <konstantin.v.ananyev@yandex.ru>
Subject: RE: [PATCH v5 1/4] eal: add nonnull and access function attributes
Date: Mon, 9 Jan 2023 13:16:54 +0100	[thread overview]
Message-ID: <98CBD80474FA8B44BF855DF32C47DC35D87640@smartserver.smartshare.dk> (raw)
In-Reply-To: <5925056.DvuYhMxLoT@thomas>

> From: Thomas Monjalon [mailto:thomas@monjalon.net]
> Sent: Monday, 9 January 2023 12.09
> 
> 28/12/2022 16:10, Morten Brørup:
> > Add "nonnull" function attribute to help the compiler detect a NULL
> > pointer being passed to a function not accepting NULL pointers as an
> > argument at build time.
> >
> > Add "access" function attribute to tell the compiler how a function
> > accesses its pointer arguments.
> 
> Why access specification is needed?
> Isn't it enough to have the const keyword?

No, it the const keyword is not enough. The read_only access attribute implies a stronger guarantee than the const qualifier which, when cast away from a pointer, does not prevent the pointed-to object from being modified [1].

[1]: https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html

These attributes help finding bugs at build time (which I consider rather important). Proof: The other patches in the series are bugs revealed by using this attribute - bugs that were completely undetected without these attributes.

I guess they might also somehow help the optimizer, similar to "const" and "restrict". I noticed that we define __rte_weak, but not __rte_pure, so perhaps I should add that too?

> I'm afraid we are going to make the code ugly to read with such
> attribute.

The same can be said about ASAN. Ugly, but helpful.

In the extreme, the same could be said about the "const" and "restrict" keywords... The more decoration on the functions, the uglier the code. :-)

If you prefer, I could split the __rte_access_param(access_mode, ...) up into one macro per access mode, so this:

+__rte_nonnull_params(1, 2)
+__rte_access_param(write_only, 1, 3)
+__rte_access_param(read_only, 2, 3)
 static inline void *
 rte_memcpy_func(void *dst, const void *src, size_t n)

would be shortened to this instead:

+__rte_params_nonnull(1, 2)
+__rte_param_writeonly(1, 3)
+__rte_param_readonly(2, 3)
 static inline void *
 rte_memcpy_func(void *dst, const void *src, size_t n)

or something else.

But I don't think it's the improvement you are hoping for. In essence, it is only a change of the names of the macros.

Please note: I prefer keeping the word "params" in the _nonnull macro, so we are prepared for defining an __rte_nonnull macro (without parameters) to be used with function parameters like the C22 NonNull keyword. Keeping "param" in the name(s) of the access macro(s) would ensure similar future proofing. That, and the similarity with the __rte_nonnull_params() name was the reason for the access macro name to include "param".

next prev parent reply	other threads:[~2023-01-09 12:16 UTC|newest]

Thread overview: 77+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-02 15:34 [PATCH] " Morten Brørup
2022-12-02 20:02 ` Tyler Retzlaff
2022-12-03 14:22 ` [PATCH v2] " Morten Brørup
2022-12-05 10:17   ` Ruifeng Wang
2022-12-12  7:40   ` Morten Brørup
2022-12-28 10:27 ` [PATCH v3 1/2] " Morten Brørup
2022-12-28 10:27   ` [PATCH v3 2/2] net/bnx2x: fix warnings about rte_memcopy lengths Morten Brørup
2022-12-28 11:40 ` [PATCH v4 1/2] eal: add nonnull and access function attributes Morten Brørup
2022-12-28 11:40   ` [PATCH v4 2/2] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2022-12-28 15:10 ` [PATCH v5 1/4] eal: add nonnull and access function attributes Morten Brørup
2022-12-28 15:10   ` [PATCH v5 2/4] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2022-12-28 16:13     ` Stanisław Kardach
2022-12-28 16:38       ` Morten Brørup
2022-12-28 17:03         ` Stephen Hemminger
2022-12-28 17:37           ` Morten Brørup
2023-01-09 10:36             ` David Marchand
2022-12-28 15:10   ` [PATCH v5 3/4] event/dlb2: remove superfluous rte_memcpy Morten Brørup
2022-12-28 17:01     ` Stephen Hemminger
2022-12-28 15:10   ` [PATCH v5 4/4] net/mlx5: fix warning about rte_memcpy length Morten Brørup
2023-01-09 11:08   ` [PATCH v5 1/4] eal: add nonnull and access function attributes Thomas Monjalon
2023-01-09 12:16     ` Morten Brørup [this message]
2023-01-09 11:22   ` David Marchand
2023-01-09 12:28     ` Morten Brørup
2023-01-16 12:49     ` Morten Brørup
2023-01-16 12:44 ` [PATCH v6 1/4] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2023-01-16 12:44   ` [PATCH v6 2/4] event/dlb2: remove superfluous rte_memcpy Morten Brørup
2023-01-16 12:44   ` [PATCH v6 3/4] net/mlx5: fix warning about rte_memcpy length Morten Brørup
2023-01-16 12:44   ` [PATCH v6 4/4] eal: add nonnull and access function attributes Morten Brørup
2023-01-16 13:07 ` [PATCH v7 1/4] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2023-01-16 13:07   ` [PATCH v7 2/4] event/dlb2: remove superfluous rte_memcpy Morten Brørup
2023-02-09 16:51     ` Morten Brørup
2023-02-09 18:50       ` Sevincer, Abdullah
2023-02-10  7:43         ` Morten Brørup
2024-02-23 13:19           ` Jerin Jacob
2024-02-23 13:49             ` [PATCH v8] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2024-02-23 14:00             ` [PATCH v9] " Morten Brørup
2024-02-26  8:34               ` Jerin Jacob
2024-02-26 14:47                 ` Morten Brørup
2024-02-27 11:00                   ` Jerin Jacob
2024-02-27 11:27                     ` Morten Brørup
2024-02-27 19:06                       ` Stephen Hemminger
2024-02-28  9:02                         ` Bruce Richardson
2024-02-28  8:27                       ` Raslan Darawsheh
2024-02-26 21:45               ` Stephen Hemminger
2023-01-16 13:07   ` [PATCH v7 3/4] net/mlx5: fix warning about rte_memcpy length Morten Brørup
2023-02-09 16:54     ` Morten Brørup
2023-02-10  9:13       ` Slava Ovsiienko
2024-03-13 10:00     ` Raslan Darawsheh
2023-01-16 13:07   ` [PATCH v7 4/4] eal: add nonnull and access function attributes Morten Brørup
2023-01-16 17:02     ` Ferruh Yigit
2023-01-17  8:19       ` Morten Brørup
2023-01-17 21:16         ` Tyler Retzlaff
2023-01-18  8:31           ` Morten Brørup
2023-01-18 17:23             ` Stephen Hemminger
2023-01-31 11:14             ` David Marchand
2023-01-31 12:23               ` Morten Brørup
2023-01-31 18:26                 ` Tyler Retzlaff
2023-01-31 22:52                   ` Thomas Monjalon
2023-02-01 12:50                     ` Morten Brørup
2023-02-01 13:15                       ` Thomas Monjalon
2023-02-06 16:11                         ` David Marchand
2023-02-06 16:49                           ` Morten Brørup
2023-02-06 17:28                             ` Tyler Retzlaff
2023-05-08 12:32                               ` Morten Brørup
2023-10-13 23:31                                 ` Morten Brørup
2023-04-04 13:41     ` Morten Brørup
2023-04-04 13:51       ` David Marchand
2023-04-04 14:01         ` Morten Brørup
2023-04-04 14:19           ` David Marchand
2023-02-09 16:49   ` [PATCH v7 1/4] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2023-02-26  9:21     ` Marvell QLogic bnx2x PMD support status Morten Brørup
2023-03-09 10:25     ` [PATCH v7 1/4] net/bnx2x: fix warnings about rte_memcpy lengths David Marchand
2023-03-09 10:33       ` Thomas Monjalon
2023-03-09 16:11         ` [EXT] " Akhil Goyal
     [not found]           ` <SJ0PR18MB390039A8C34E485F8D2D518EA1B59@SJ0PR18MB3900.namprd18.prod.outlook.com>
2023-03-09 16:19             ` Devendra Singh Rawat
2023-03-09 16:23     ` Stephen Hemminger
2024-02-23 12:39       ` Jerin Jacob

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=98CBD80474FA8B44BF855DF32C47DC35D87640@smartserver.smartshare.dk \
    --to=mb@smartsharesystems.com \
    --cc=bruce.richardson@intel.com \
    --cc=dev@dpdk.org \
    --cc=drc@linux.vnet.ibm.com \
    --cc=kda@semihalf.com \
    --cc=konstantin.v.ananyev@yandex.ru \
    --cc=matan@nvidia.com \
    --cc=rmody@marvell.com \
    --cc=roretzla@linux.microsoft.com \
    --cc=ruifeng.wang@arm.com \
    --cc=thomas@monjalon.net \
    --cc=timothy.mcdaniel@intel.com \
    --cc=viacheslavo@nvidia.com \
    --cc=zhoumin@loongson.cn \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).