[Arm,CMSE] Add warn_unused_return attribute to cmse functions

Message ID 050ee67e-4b18-dced-49bd-717d1aeb5f17@arm.com
State New
Headers show
Series
  • [Arm,CMSE] Add warn_unused_return attribute to cmse functions
Related show

Commit Message

Joel Hutton July 17, 2019, 11:19 a.m.
At present it is possible to call the CMSE functions for checking 
addresses (such as cmse_check_address_range) and  forget to check/use 
the return value. This patch makes the interfaces more robust against 
programmer error by marking these functions with the warn_unused_result 
attribute. With this set, any use of these functions that does not use 
the result will produce a warning.

This produces a warning on default warn levels when the result of the 
cmse functions is not used.

For the following function:
void foo()
{
     int *data;
     cmse_check_address_range((int*)data, 0, 0);
}
The following warning is emitted:
warning: ignoring return value of 'cmse_check_address_range' declared 
with attribute 'warn_unused_result' [-Wunused-result]
     6 |  cmse_check_address_range((int*)data, 0, 0);
        |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gcc/ChangeLog:

2019-07-10  Joel Hutton  <Joel.Hutton@arm.com>

         * config/arm/arm_cmse.h (cmse_nonsecure_caller): Add 
warn_unused_result attribute.
         (cmse_check_address_range): Add warn_unused_result attribute.

libgcc/ChangeLog:

2019-07-10  Joel Hutton  <Joel.Hutton@arm.com>

         * config/arm/cmse.c (cmse_check_address_range): Add 
warn_unused_result attribute.

2019-07-10  Joel Hutton  <Joel.Hutton@arm.com>

         * gcc.target/arm/cmse/cmse-17.c: New test.

Comments

Kyrill Tkachov July 31, 2019, 8:57 a.m. | #1
Hi Joel,

On 7/17/19 12:19 PM, Joel Hutton wrote:
> At present it is possible to call the CMSE functions for checking

> addresses (such as cmse_check_address_range) and  forget to check/use

> the return value. This patch makes the interfaces more robust against

> programmer error by marking these functions with the warn_unused_result

> attribute. With this set, any use of these functions that does not use

> the result will produce a warning.

>

> This produces a warning on default warn levels when the result of the

> cmse functions is not used.

>

> For the following function:

> void foo()

> {

>      int *data;

>      cmse_check_address_range((int*)data, 0, 0);

> }

> The following warning is emitted:

> warning: ignoring return value of 'cmse_check_address_range' declared

> with attribute 'warn_unused_result' [-Wunused-result]

>      6 |  cmse_check_address_range((int*)data, 0, 0);

>         |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>

> gcc/ChangeLog:

>

> 2019-07-10  Joel Hutton  <Joel.Hutton@arm.com>

>

>          * config/arm/arm_cmse.h (cmse_nonsecure_caller): Add

> warn_unused_result attribute.

>          (cmse_check_address_range): Add warn_unused_result attribute.

>

> libgcc/ChangeLog:

>

> 2019-07-10  Joel Hutton  <Joel.Hutton@arm.com>

>

>          * config/arm/cmse.c (cmse_check_address_range): Add

> warn_unused_result attribute.

>

> 2019-07-10  Joel Hutton  <Joel.Hutton@arm.com>

>

>          * gcc.target/arm/cmse/cmse-17.c: New test.



Thanks for the patch. Approved and applied on your behalf as r273924.

For the future, it would help speed up review to CC the relevant 
maintainers on your patch submissions. You can find them in the 
MAINTAINERS file in the source tree.

Thanks,

Kyrill

Patch

From 628070faaf157934e6b4c8d7d2d288244467bea6 Mon Sep 17 00:00:00 2001
From: Joel Hutton <Joel.Hutton@arm.com>
Date: Wed, 10 Jul 2019 09:59:58 +0100
Subject: [PATCH] CMSE warn unused result

---
 gcc/config/arm/arm_cmse.h                   |  2 ++
 gcc/testsuite/gcc.target/arm/cmse/cmse-17.c | 10 ++++++++++
 libgcc/config/arm/cmse.c                    |  1 +
 3 files changed, 13 insertions(+)
 create mode 100644 gcc/testsuite/gcc.target/arm/cmse/cmse-17.c

diff --git a/gcc/config/arm/arm_cmse.h b/gcc/config/arm/arm_cmse.h
index b543cbfe455ae57487be199f7c918eb87db30bf2..a72c46f1a954bd3ba4aefcdbb7a31085d0f583c0 100644
--- a/gcc/config/arm/arm_cmse.h
+++ b/gcc/config/arm/arm_cmse.h
@@ -164,6 +164,7 @@  __CMSE_TT_ASM (at)
 
 /* FIXME: diagnose use outside cmse_nonsecure_entry functions.  */
 __extension__ static __inline int __attribute__ ((__always_inline__))
+__attribute__ ((warn_unused_result))
 cmse_nonsecure_caller (void)
 {
   return __builtin_arm_cmse_nonsecure_caller ();
@@ -184,6 +185,7 @@  cmse_nonsecure_caller (void)
 #define CMSE_MPU_READ		8
 
 __extension__ void *
+__attribute__ ((warn_unused_result))
 cmse_check_address_range (void *, size_t, int);
 
 #define cmse_check_pointed_object(p, f) \
diff --git a/gcc/testsuite/gcc.target/arm/cmse/cmse-17.c b/gcc/testsuite/gcc.target/arm/cmse/cmse-17.c
new file mode 100644
index 0000000000000000000000000000000000000000..a2cce09afae590461b86397e73e9b98649bed95a
--- /dev/null
+++ b/gcc/testsuite/gcc.target/arm/cmse/cmse-17.c
@@ -0,0 +1,10 @@ 
+/* { dg-do compile } */
+/* { dg-options "-mcmse"}  */
+
+#include <arm_cmse.h>
+
+void foo()
+{
+	int *data;
+	cmse_check_address_range((int*)data, 0, 0); /* { dg-warning "ignoring return value" } */
+}
diff --git a/libgcc/config/arm/cmse.c b/libgcc/config/arm/cmse.c
index 34a46fde2d2fcd9dc181bf5a74dd698de2ebc9bd..0c5a3eaefab49ae07e67b82481fdd0d8dd100227 100644
--- a/libgcc/config/arm/cmse.c
+++ b/libgcc/config/arm/cmse.c
@@ -30,6 +30,7 @@ 
    address range.  See ACLE changes for ARMv8-M.  */
 
 void *
+__attribute__ ((warn_unused_result))
 cmse_check_address_range (void *p, size_t size, int flags)
 {
   cmse_address_info_t permb, perme;
-- 
2.17.1