On 06/13/2016 07:52 AM, Tim Ruehsen wrote:
Especially -Wlong-long and -pedantic floods the screen with warnings and notes
from gnulib modules. Finding any warnings emanated by Wget sources becomes
very tedious. Some example output below.
What do you suggest to avoid the verbose output from gnulib modules ?
These days to be frank C89 is lower priority. Gnulib still supports C89
but I think most downstream projects have switched to C99 or later. The
issue you mention is merely about compile-time-diagnostics, not about
correctness, which makes it lower-priority still. That being said....
../lib/xalloc-oversized.h:41:5: warning: ISO C forbids braced-groups within
expressions [-Wpedantic]
({ size_t __xalloc_size; __builtin_mul_overflow (n, s, &__xalloc_size);
})
I fixed that by installing the attached patch. I'd been meaning to do
something in that area anyway, to accommodate the forthcoming GCC 7, so
I did both at the same time.
../lib/intprops.h:85:28: warning: ISO C90 does not support 'long long' [-
Wlong-long]
verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
I wouldn't worry about these. Any C89 compiler that defines LLONG_MAX
without implementing 'long long' is (in a practical sense) busted
anyway. I suggest adding -Wno-long-long to your compile-time options.
You could tack it onto the end of the existing options, e.g.:
./configure CFLAGS="-std=c89 -pedantic -O2 -g -Wall -Wextra
-Wstrict-prototypes -Wold-style-definition -Wwrite-strings -Wshadow
-Wformat -Wformat-security -Wunreachable-code -Wstrict-prototypes
-Wmissing-prototypes -Wold-style-definition -Wno-long-long"
Or perhaps wget should start using Gnulib's manywarnings module, which
does a better job of this sort of thing anyway.
From 097a5928a785bae77ed1255e57b6553dd1912efe Mon Sep 17 00:00:00 2001
From: Paul Eggert <[email protected]>
Date: Mon, 13 Jun 2016 11:17:03 -0700
Subject: [PATCH] xalloc-oversized: port to GCC 7; fewer warnings
GCC 7 will have a better way to deal with integer overflow.
Plus, fix a warnings problem reported by Tim Ruehsen in:
http://lists.gnu.org/archive/html/bug-gnulib/2016-06/msg00022.html
* lib/xalloc-oversized.h (__xalloc_oversized): New macro.
(xalloc_oversized): Use plain __builtin_mul_overflow if GCC 7 or later.
For GCC 5, use __xalloc_oversized if both args are constants,
or if pedantic.
---
ChangeLog | 11 +++++++++++
lib/xalloc-oversized.h | 42 +++++++++++++++++++++++++++++++++---------
2 files changed, 44 insertions(+), 9 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 4e935da..8a83350 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2016-06-13 Paul Eggert <[email protected]>
+
+ xalloc-oversized: port to GCC 7; fewer warnings
+ GCC 7 will have a better way to deal with integer overflow.
+ Plus, fix a warnings problem reported by Tim Ruehsen in:
+ http://lists.gnu.org/archive/html/bug-gnulib/2016-06/msg00022.html
+ * lib/xalloc-oversized.h (__xalloc_oversized): New macro.
+ (xalloc_oversized): Use plain __builtin_mul_overflow if GCC 7 or later.
+ For GCC 5, use __xalloc_oversized if both args are constants,
+ or if pedantic.
+
2016-06-08 Paul Eggert <[email protected]>
regex: port to Sun C
diff --git a/lib/xalloc-oversized.h b/lib/xalloc-oversized.h
index d81a847..44f1644 100644
--- a/lib/xalloc-oversized.h
+++ b/lib/xalloc-oversized.h
@@ -20,15 +20,13 @@
#include <stddef.h>
+/* Default for (non-Clang) compilers that lack __has_builtin. */
#ifndef __has_builtin
# define __has_builtin(x) 0
#endif
-/* Return 1 if an array of N objects, each of size S, cannot exist due
- to size arithmetic overflow. S must be positive and N must be
- nonnegative. This is a macro, not a function, so that it
- works correctly even when SIZE_MAX < N.
-
+/* True if N * S would overflow in a size calculation.
+ This expands to a constant expression if N and S are both constants.
By gnulib convention, SIZE_MAX represents overflow in size
calculations, so the conservative dividend to use here is
SIZE_MAX - 1, since SIZE_MAX might represent an overflowed value.
@@ -36,12 +34,38 @@
sizeof (ptrdiff_t) <= sizeof (size_t), so do not bother to test for
exactly-SIZE_MAX allocations on such hosts; this avoids a test and
branch when S is known to be 1. */
-#if 5 <= __GNUC__ || __has_builtin (__builtin_mul_overflow)
+#define __xalloc_oversized(n, s) \
+ ((size_t) (sizeof (ptrdiff_t) <= sizeof (size_t) ? -1 : -2) / (s) < (n))
+
+
+/* Return 1 if an array of N objects, each of size S, cannot exist due
+ to size arithmetic overflow. S must be positive and N must be
+ nonnegative. This is a macro, not a function, so that it
+ works correctly even when SIZE_MAX < N. */
+
+/* GCC 7 __builtin_mul_overflow should easily compute this. See:
+ https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68120 */
+#if 7 <= __GNUC__
+# define xalloc_oversized(n, s) __builtin_mul_overflow (n, s, (size_t *) NULL)
+
+/* GCC 5 and Clang __builtin_mul_overflow needs a temporary, and
+ should be used only for non-constant operands, so that
+ xalloc_oversized is a constant expression if both arguments are.
+ Do not use this if pedantic, since pedantic GCC issues a diagnostic
+ for ({ ... }). */
+#elif ((5 <= __GNUC__ \
+ || (__has_builtin (__builtin_mul_overflow) \
+ && __has_builtin (__builtin_constant_p))) \
+ && !__STRICT_ANSI__)
# define xalloc_oversized(n, s) \
- ({ size_t __xalloc_size; __builtin_mul_overflow (n, s, &__xalloc_size); })
+ (__builtin_constant_p (n) && __builtin_constant_p (s) \
+ ? __xalloc_oversized (n, s) \
+ : ({ size_t __xalloc_size; __builtin_mul_overflow (n, s, &__xalloc_size); }))
+
+/* Other compilers use integer division; this may be slower but is
+ more portable. */
#else
-# define xalloc_oversized(n, s) \
- ((size_t) (sizeof (ptrdiff_t) <= sizeof (size_t) ? -1 : -2) / (s) < (n))
+# define xalloc_oversized(n, s) __xalloc_oversized (n, s)
#endif
#endif /* !XALLOC_OVERSIZED_H_ */
--
2.5.5
