2

I have a compiler warning I would like to get rid off.

warning: the argument to '__builtin_assume' has side effects that will be discarded [-Wassume]

C:\Keil_v5\ARM\ARMCLANG\Bin..\include\assert.h(72): note: expanded from macro 'assert'

define assert(e) ((e) ? (void)0 : _CLIBNS _aeabi_assert(e, _FILE__, _LINE__), (__ARM_PROMISE)((e)?1:0))

The idea is to have no warning when compiled with warning set to "pedantic". The cause is a recently added pointer check function to my embedded code. The idea is to improve the following:

void foo(int* const val)
{    assert(val != NULL);

     /*Use val etc.*/
}

to something along the lines of:

void foo(int* const val)
{    assert(checkPtr(val) == OK);

     /*Use val etc.*/
}

This is because automatic variables are not zero intialised. Thus, it is likely that an uninitialised pointer will not be NULL. This is a coding mistake that I would like to detect (not necessarily my own doing), hence the checks. The following is not perfect, but does seem to pick up more pointer errors (not dangling ones unfortunately).

I have the following code in a header file to implement this:

#define INTERNAL_RAM_START ((uintptr_t)0x2000000UL)
#define INTERNAL_RAM_END (INTERNAL_RAM_START + (uintptr_t)0x20000UL)
#define INTERNAL_ROM_START ((uintptr_t)0x8000000UL)
#define INTERNAL_ROM_END (INTERNAL_ROM_START + (uintptr_t)0x100000UL)

typedef enum{OK, NOT_OK}Status_t;

static inline Status_t checkPtr(const void* const ptrToCheck)
{
    if(ptr == NULL)
        return NOT_OK;

    const uintptr_t ptr = (uintptr_t)ptrToCheck;

    if((ptr >= INTERNAL_RAM_START) && (ptr < INTERNAL_RAM_END))
        return OK;

    if((ptr >= INTERNAL_ROM_START) && (ptr < INTERNAL_ROM_END))
        return OK;

    return NOT_OK
}

I don't have any warnings with ARMCC 5.06 in my code. From what I can see, my checkPtr function does not have any side effects. It does not access any variables other than the pointer that was passed to it.

Flip
  • 881
  • 7
  • 13
  • Casting to `const uintptr_t` keeps constness of the pointer, but discards constness of the pointee. – Benoit Jul 20 '16 at 08:41
  • Did you look for -Wno-assume or similar? – 2501 Jul 20 '16 at 08:45
  • @2501 I don't want to disable the warning. Rather fix the code so that there isn't a warning. – Flip Jul 20 '16 at 08:58
  • @Benoit The pointer is never dereferenced, I'm only interested in the pointer value itself. Would using uint8_t pointers work? I.e. `const uint8_t* const ptr = (uint8_t*)pointerToCheck;` work? – Flip Jul 20 '16 at 09:03

1 Answers1

2

The documentation suggests that armclang supports the __attribute__ ((pure)) and __attribute__ ((const)) function attributes. These attributes are for functions that don't have any side effect, their return value is based on the input parameters. A pure function can also read global state, while a const function can only examine its function parameters.

Adding one of these attributes to your checkPtr declaration and definition should silence the warning.

Andrew
  • 3,770
  • 15
  • 22
  • `__attribute__ ((pure))` and `__attribute__ ((const))` both seem to fix the issue. – Flip Jul 20 '16 at 09:32
  • @Flip I have extended the answer to also mention the const attribute. Thanks for pointing that out. – Andrew Jul 20 '16 at 09:58