public inbox for gcc-cvs@sourceware.org help / color / mirror / Atom feed
From: Alexandre Oliva <aoliva@gcc.gnu.org> To: gcc-cvs@gcc.gnu.org Subject: [gcc(refs/users/aoliva/heads/testme)] Expose expected_throw attribute Date: Thu, 8 Jun 2023 04:47:45 +0000 (GMT) [thread overview] Message-ID: <20230608044745.82DB1385700C@sourceware.org> (raw) https://gcc.gnu.org/g:162a958ba3638f43b292fb4c339ebd9a223b668a commit 162a958ba3638f43b292fb4c339ebd9a223b668a Author: Alexandre Oliva <oliva@adacore.com> Date: Wed Oct 19 20:36:25 2022 -0300 Expose expected_throw attribute Mark exception-raising subprograms with expected_throw attribute. Document the use of the attribute in Control Flow Redundancy. for gcc/ada/ChangeLog * libgnat/a-except.ads (Raise_Exception): Mark expected_throw. (Reraise_Occurrence): Likewise. (Raise_Exception_Always): Likewise. (Raise_From_Controlled_Operation): Likewise. (Reraise_Occurrence_Always): Likewise. (Reraise_Occurrence_No_Defer): Likewise. * doc/gnat_rm/security_hardening_features.rt (Control Flow Hardening): Note the influence of expected_throw. Diff: --- gcc/ada/doc/gnat_rm/security_hardening_features.rst | 4 +++- gcc/ada/libgnat/a-except.ads | 8 ++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/gcc/ada/doc/gnat_rm/security_hardening_features.rst b/gcc/ada/doc/gnat_rm/security_hardening_features.rst index 1cbd7fd6705..5c45fc2d42a 100644 --- a/gcc/ada/doc/gnat_rm/security_hardening_features.rst +++ b/gcc/ada/doc/gnat_rm/security_hardening_features.rst @@ -489,7 +489,9 @@ gets modified as follows: Verification may also be performed before No_Return calls, whether all of them, with :switch:`-fhardcfr-check-noreturn-calls=always`; all but -internal subprograms involved in exception-raising or -reraising, with +internal subprograms involved in exception-raising or -reraising or +subprograms explicitly marked with both :samp:`No_Return` and +:samp:`Machine_Attribute` :samp:`expected_throw` pragmas, with :switch:`-fhardcfr-check-noreturn-calls=not-always` (default); only nothrow ones, with :switch:`-fhardcfr-check-noreturn-calls=nothrow`; or none, with :switch:`-fhardcfr-check-noreturn-calls=never`. diff --git a/gcc/ada/libgnat/a-except.ads b/gcc/ada/libgnat/a-except.ads index 7949b5907b6..897c68a6101 100644 --- a/gcc/ada/libgnat/a-except.ads +++ b/gcc/ada/libgnat/a-except.ads @@ -79,11 +79,13 @@ package Ada.Exceptions is procedure Raise_Exception (E : Exception_Id; Message : String := ""); pragma No_Return (Raise_Exception); + pragma Machine_Attribute (Raise_Exception, "expected_throw"); -- Note: In accordance with AI-466, CE is raised if E = Null_Id function Exception_Message (X : Exception_Occurrence) return String; procedure Reraise_Occurrence (X : Exception_Occurrence); + pragma Machine_Attribute (Reraise_Occurrence, "expected_throw"); -- Note: it would be really nice to give a pragma No_Return for this -- procedure, but it would be wrong, since Reraise_Occurrence does return -- if the argument is the null exception occurrence. See also procedure @@ -177,6 +179,7 @@ private procedure Raise_Exception_Always (E : Exception_Id; Message : String := ""); pragma No_Return (Raise_Exception_Always); + pragma Machine_Attribute (Raise_Exception_Always, "expected_throw"); pragma Export (Ada, Raise_Exception_Always, "__gnat_raise_exception"); -- This differs from Raise_Exception only in that the caller has determined -- that for sure the parameter E is not null, and that therefore no check @@ -195,6 +198,9 @@ private "__gnat_raise_from_controlled_operation"); -- Raise Program_Error, providing information about X (an exception raised -- during a controlled operation) in the exception message. + pragma Machine_Attribute (Raise_From_Controlled_Operation, + "expected_throw"); + -- Mark it like internal exception-raising subprograms procedure Reraise_Library_Exception_If_Any; pragma Export @@ -205,6 +211,7 @@ private procedure Reraise_Occurrence_Always (X : Exception_Occurrence); pragma No_Return (Reraise_Occurrence_Always); + pragma Machine_Attribute (Reraise_Occurrence_Always, "expected_throw"); -- This differs from Raise_Occurrence only in that the caller guarantees -- that for sure the parameter X is not the null occurrence, and that -- therefore this procedure cannot return. The expander uses this routine @@ -212,6 +219,7 @@ private procedure Reraise_Occurrence_No_Defer (X : Exception_Occurrence); pragma No_Return (Reraise_Occurrence_No_Defer); + pragma Machine_Attribute (Reraise_Occurrence_No_Defer, "expected_throw"); -- Exactly like Reraise_Occurrence, except that abort is not deferred -- before the call and the parameter X is known not to be the null -- occurrence. This is used in generated code when it is known that abort
next reply other threads:[~2023-06-08 4:47 UTC|newest] Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top 2023-06-08 4:47 Alexandre Oliva [this message] -- strict thread matches above, loose matches on Subject: below -- 2023-06-23 20:13 Alexandre Oliva 2023-06-23 20:12 Alexandre Oliva 2023-06-09 8:07 Alexandre Oliva 2023-06-09 6:17 Alexandre Oliva 2023-06-09 6:16 Alexandre Oliva 2023-06-08 10:58 Alexandre Oliva 2023-06-08 10:58 Alexandre Oliva 2023-06-08 10:43 Alexandre Oliva 2023-06-08 10:43 Alexandre Oliva 2023-06-08 9:17 Alexandre Oliva 2023-06-08 9:17 Alexandre Oliva 2023-06-08 4:47 Alexandre Oliva 2022-10-25 2:52 Alexandre Oliva 2022-10-25 2:52 Alexandre Oliva 2022-10-20 22:32 Alexandre Oliva 2022-10-20 22:32 Alexandre Oliva 2022-10-20 4:09 Alexandre Oliva 2022-10-20 4:09 Alexandre Oliva 2022-10-20 4:09 Alexandre Oliva
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20230608044745.82DB1385700C@sourceware.org \ --to=aoliva@gcc.gnu.org \ --cc=gcc-cvs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).