This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Arm][CMSE]Add warn_unused_return attribute to cmse functions

From: Joel Hutton <Joel dot Hutton at arm dot com>
To: GCC Patches <gcc-patches at gcc dot gnu dot org>
Cc: nd <nd at arm dot com>
Date: Wed, 17 Jul 2019 11:19:56 +0000
Subject: [Arm][CMSE]Add warn_unused_return attribute to cmse functions
Arc-authentication-results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=arm.com;dmarc=pass action=none header.from=arm.com;dkim=pass header.d=arm.com;arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LDqYUE8Px+UTltIJTET3sdxMLlr0/QYGQ1J8LkL0D5k=; b=YYmRSIL+dQ0ksDk3I/vO0A+bR5WqWI3704lhWtNeYrlnYin8t8KIiexueXlcosiOdG60JLo/CW8hI4Iy+gBS9BF9mF/d2PlBRolkP5QGnZlhUEN+ZKxBqBI0DFEnr6EDJsjcwjmw7SkJoblgUpxaKCuvTsn1bPA31wsQicmxnA/ruwxJmD8SQe/oW1yjHQ3FozlpKSyojw9pxuLc9UMRcM9CLm0byG3e5qljpw2ZpmEPga4V/4OkbWFKVYMuj4WocEFlbcUt7chhPPhIJr0NZhFKr/hLfF7c/l3zCpRs/hFPt+YmNR3SmbWY8BKPrYlBciLypTxvFpJYD2xZtdbcQw==
Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Bdv2uONSKkxkhFrCxygtH5irLCpTY6fCL0WF9gLQJo6Kbz3j7UsJXMApohqgDqAokPPqKErtNBorRm3S1wENOI2C+hm7ALA5GCPkV/Utcn4C5UPo5zj4iCqz7LNR2/KcXsdpvdmNNz+8/yUjQRNe6fa8uPoWXq4KPb0HC5GzILsJfW/JWqAt4sAF48DgOcmEzD+U4HUZqyT0XBISsvtX5y59+KDPe9pj7QR4SlnYojxy+gmd15mVavTevRPEh26hcmpU9lrvNpHUQyS6u672r6h1VEpf/NEu/OvhC7XTE4z7JrKZF90Gfdzx5sZkhhDHiqHnGKvgqH2FqP8r1KoYbQ==
Original-authentication-results: spf=none (sender IP is ) smtp.mailfrom=Joel dot Hutton at arm dot com;

At present it is possible to call the CMSE functions for checking 
addresses (such as cmse_check_address_range) and  forget to check/use 
the return value. This patch makes the interfaces more robust against 
programmer error by marking these functions with the warn_unused_result 
attribute. With this set, any use of these functions that does not use 
the result will produce a warning.

This produces a warning on default warn levels when the result of the 
cmse functions is not used.

For the following function:
void foo()
{
     int *data;
     cmse_check_address_range((int*)data, 0, 0);
}
The following warning is emitted:
warning: ignoring return value of 'cmse_check_address_range' declared 
with attribute 'warn_unused_result' [-Wunused-result]
     6 |  cmse_check_address_range((int*)data, 0, 0);
        |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gcc/ChangeLog:

2019-07-10  Joel Hutton  <Joel.Hutton@arm.com>

         * config/arm/arm_cmse.h (cmse_nonsecure_caller): Add 
warn_unused_result attribute.
         (cmse_check_address_range): Add warn_unused_result attribute.

libgcc/ChangeLog:

2019-07-10  Joel Hutton  <Joel.Hutton@arm.com>

         * config/arm/cmse.c (cmse_check_address_range): Add 
warn_unused_result attribute.

2019-07-10  Joel Hutton  <Joel.Hutton@arm.com>

         * gcc.target/arm/cmse/cmse-17.c: New test.

From 628070faaf157934e6b4c8d7d2d288244467bea6 Mon Sep 17 00:00:00 2001
From: Joel Hutton <Joel.Hutton@arm.com>
Date: Wed, 10 Jul 2019 09:59:58 +0100
Subject: [PATCH] CMSE warn unused result

---
 gcc/config/arm/arm_cmse.h                   |  2 ++
 gcc/testsuite/gcc.target/arm/cmse/cmse-17.c | 10 ++++++++++
 libgcc/config/arm/cmse.c                    |  1 +
 3 files changed, 13 insertions(+)
 create mode 100644 gcc/testsuite/gcc.target/arm/cmse/cmse-17.c

diff --git a/gcc/config/arm/arm_cmse.h b/gcc/config/arm/arm_cmse.h
index b543cbfe455ae57487be199f7c918eb87db30bf2..a72c46f1a954bd3ba4aefcdbb7a31085d0f583c0 100644
--- a/gcc/config/arm/arm_cmse.h
+++ b/gcc/config/arm/arm_cmse.h
@@ -164,6 +164,7 @@ __CMSE_TT_ASM (at)
 
 /* FIXME: diagnose use outside cmse_nonsecure_entry functions.  */
 __extension__ static __inline int __attribute__ ((__always_inline__))
+__attribute__ ((warn_unused_result))
 cmse_nonsecure_caller (void)
 {
   return __builtin_arm_cmse_nonsecure_caller ();
@@ -184,6 +185,7 @@ cmse_nonsecure_caller (void)
 #define CMSE_MPU_READ		8
 
 __extension__ void *
+__attribute__ ((warn_unused_result))
 cmse_check_address_range (void *, size_t, int);
 
 #define cmse_check_pointed_object(p, f) \
diff --git a/gcc/testsuite/gcc.target/arm/cmse/cmse-17.c b/gcc/testsuite/gcc.target/arm/cmse/cmse-17.c
new file mode 100644
index 0000000000000000000000000000000000000000..a2cce09afae590461b86397e73e9b98649bed95a
--- /dev/null
+++ b/gcc/testsuite/gcc.target/arm/cmse/cmse-17.c
@@ -0,0 +1,10 @@
+/* { dg-do compile } */
+/* { dg-options "-mcmse"}  */
+
+#include <arm_cmse.h>
+
+void foo()
+{
+	int *data;
+	cmse_check_address_range((int*)data, 0, 0); /* { dg-warning "ignoring return value" } */
+}
diff --git a/libgcc/config/arm/cmse.c b/libgcc/config/arm/cmse.c
index 34a46fde2d2fcd9dc181bf5a74dd698de2ebc9bd..0c5a3eaefab49ae07e67b82481fdd0d8dd100227 100644
--- a/libgcc/config/arm/cmse.c
+++ b/libgcc/config/arm/cmse.c
@@ -30,6 +30,7 @@
    address range.  See ACLE changes for ARMv8-M.  */
 
 void *
+__attribute__ ((warn_unused_result))
 cmse_check_address_range (void *p, size_t size, int flags)
 {
   cmse_address_info_t permb, perme;
-- 
2.17.1

Follow-Ups:
- Re: [Arm][CMSE]Add warn_unused_return attribute to cmse functions
  - From: Kyrill Tkachov

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]