* [musl] New C Qualifier Idea
@ 2026-01-30 9:55 Eleanor Bartle
2026-01-30 17:35 ` Szabolcs Nagy
0 siblings, 1 reply; 2+ messages in thread
From: Eleanor Bartle @ 2026-01-30 9:55 UTC (permalink / raw)
To: musl
Hello. I had an idea for a new C type qualifier for a future standard, but don’t know where to share it for feedback. Apologies if this is the wrong place.
The qualifier is 'confine', and it would work as follows:
confine char *postfix (confine char *str, uintptr_t from) {
// ERROR: shared outside function
// global_var = str;
// OK: returned to caller
return *str[from];
}
// ...
char *post = postfix(str, 10);
// ERROR: returned from function
return post;
The 'confine' qualifier annotates pointers to stack-allocated values in higher scopes. it would prevent these values from being shared outside the function, but not from being returned from the function; a returned 'confine' pointer behaves as a pointer to local in the calling scope, i.e. returning or saving it becomes a detectable error.
Ideally the sense would be inverted, i.e. there would be a 'permit' qualifier that denotes the opposite meaning and no qualifier would mean 'confine', but that horse has long since bolted.
Prior art is D's 'scope' and 'return scope' qualifiers, and Zig once entertained the idea under the name 'nocopy'.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [musl] New C Qualifier Idea
2026-01-30 9:55 [musl] New C Qualifier Idea Eleanor Bartle
@ 2026-01-30 17:35 ` Szabolcs Nagy
0 siblings, 0 replies; 2+ messages in thread
From: Szabolcs Nagy @ 2026-01-30 17:35 UTC (permalink / raw)
To: Eleanor Bartle; +Cc: musl
* Eleanor Bartle <eleanor@eleanor-nb.com> [2026-01-30 20:55:31 +1100]:
> Hello. I had an idea for a new C type qualifier for a future standard, but don’t know where to share it for feedback. Apologies if this is the wrong place.
>
sc22wg14 @ open-std.org is the discussion list of the standard.
you will likey need to implement it in a compiler, so gcc or
clang issue tracker can be another place to start if you have
compelling reasons why others should look into it.
a libc list cannot help much.
the proposal below is not detailed enough, does not use standard
terms and not clear what it tries to achieve at what cost.
> The qualifier is 'confine', and it would work as follows:
>
> confine char *postfix (confine char *str, uintptr_t from) {
> // ERROR: shared outside function
> // global_var = str;
>
> // OK: returned to caller
> return *str[from];
> }
>
> // ...
> char *post = postfix(str, 10);
>
> // ERROR: returned from function
> return post;
>
> The 'confine' qualifier annotates pointers to stack-allocated values in higher scopes. it would prevent these values from being shared outside the function, but not from being returned from the function; a returned 'confine' pointer behaves as a pointer to local in the calling scope, i.e. returning or saving it becomes a detectable error.
>
> Ideally the sense would be inverted, i.e. there would be a 'permit' qualifier that denotes the opposite meaning and no qualifier would mean 'confine', but that horse has long since bolted.
>
> Prior art is D's 'scope' and 'return scope' qualifiers, and Zig once entertained the idea under the name 'nocopy'.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-01-30 17:35 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-01-30 9:55 [musl] New C Qualifier Idea Eleanor Bartle
2026-01-30 17:35 ` Szabolcs Nagy
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).