In the C programming language, <code>restrict</code> is a type qualifier that can be applied to a pointer to hint to the compiler that for the lifetime of that pointer, no other pointer will be used to access the same pointed-to object. This limits the effects of pointer aliasing, which can allow the compiler to make optimizations (such as vectorization) that would not otherwise be possible. Undefined behaviour results if the declaration of intent is not followed and the object is accessed by an independent pointer.
The <code>restrict</code> keyword was introduced by the C99 standard. Despite C++ supporting most features of C, <code>restrict</code> is not included in standard C++.
If the compiler knows that there is only one pointer to a memory block, it can produce better optimized code. For instance, in a function which adds a value to both its arguments:
In the above code, the pointers <code>ptrA</code>, <code>ptrB</code>, and <code>val</code> might refer to the same memory location, so the compiler may generate less optimal code:
However, if the <code>restrict</code> keyword is used and the above function is declared as
then the compiler is allowed to assume that <code>ptrA</code>, <code>ptrB</code>, and <code>val</code> point to different locations and updating the memory location referenced by one pointer will not affect the memory locations referenced by the other pointers. The programmer, not the compiler, is responsible for ensuring that the pointers do not point to identical locations. The compiler can e.g. rearrange the code, first loading all memory locations, then performing the operations before committing the results back to memory.
The above assembly code is shorter because <code>val</code> is loaded only once. Without <code>val</code> being restricted, its possible for <code>ptrA</code> to alias with it. This would result in <code>val</code> changing on the first addition, when <code>ptrA</code> is updated, and thus needing to be reloaded. The above assembly code is also faster, since the compiler can rearrange the code more freely. In the second version of the above example, the <code>store</code> operations are all taking place after the <code>load</code> operations, ensuring that the processor won't have to block in the middle of the code to wait until the <code>store</code> operations are complete. This reordering is enabled because pointers <code>ptrA</code> and <code>ptrB</code> were marked with <code>restrict</code>, which ensures that the user won't call the function with these pointers aliased, expecting <code>val</code> to be added twice to the integer they both refer to.
Note that the real generated code may have different behaviors, depending on how the compiler uses the additional information. The benefit with the above mini-example may be small, and in real-life cases large loops doing heavy memory access tends to be what is really helped by restrict.
As mentioned above, how incorrect code behaves is undefined. The compiler only ensures the generated code works properly if the code follows the declaration of intent, and the optimizations it enables will likely cause the code to behave incorrectly when the pointers are aliased. Compilers may detect and warn in some cases where pointers are aliased, but are not required to.
C++ does not have standard support for <code>restrict</code>, but many compilers have equivalents that usually work in both C++ and C, such as the GCC's and Clang's <code>__restrict__</code>, and Visual C++'s <code>__declspec(restrict)</code>. In addition, <code>__restrict</code> is supported by those three compilers. The exact interpretation of these alternative keywords vary by the compiler:
To help prevent incorrect code, some compilers and other tools try to detect when overlapping arguments have been passed to functions with parameters marked . The CERT C Coding Standard considers misuse of and library functions marked with it (EXP43-C) a probable source of software bugs, although as of November 2019 no vulnerabilities are known to have been caused by this.