Re: GCC 6 -Wnonnull is too aggressive

On 02/19/2016 01:07 PM, Ralf Corsepius wrote: > On 02/19/2016 12:16 PM, Petr Spacek wrote: > >> It is not black-white question. > > Absolutely. > > But I say, there should not be any room for -Werror in production > SW/packages. I agree that blanket -Werror is questionable, especially with

Re: GCC 6 -Wnonnull is too aggressive

On Fri, 19 Feb 2016 13:07:53 +0100, Ralf Corsepius wrote: > But I say, there should not be any room for -Werror in production > SW/packages. > > The fact, > * different version of gcc raise different warnings > * gcc on different architectures raise different warnings. > * gcc raises warnings on

Re: GCC 6 -Wnonnull is too aggressive

On 19.2.2016 13:30, Jonathan Wakely wrote: > On 19/02/16 10:49 +0100, Petr Spacek wrote: >> The thing is that some developers (e.g. me and ISC :-)) do not think that >> assert() should be used only in debug builds. >> >> E.g. BIND itself is written in "Design by contract" spirit and asserts are >>

Re: GCC 6 -Wnonnull is too aggressive

On Fri, Feb 19, 2016 at 01:44:45PM +0100, Petr Spacek wrote: > > It's about checking whether "this", in C++, is NULL. Since any call on a > > null > > pointer is undefined behavior, any code relying on such checks is > > non-standard. > > Ah, okay. I was talking about pure C all the time, so I

Re: GCC 6 -Wnonnull is too aggressive

On 19.2.2016 13:08, Marek Polacek wrote: > On Fri, Feb 19, 2016 at 01:04:04PM +0100, Petr Spacek wrote: >> On 19.2.2016 08:50, Jakub Jelinek wrote: >>> On Fri, Feb 19, 2016 at 03:12:29AM +0100, Kevin Kofler wrote: Jakub Jelinek wrote: > ASSERT(this) is pointless, it is testing if

Re: GCC 6 -Wnonnull is too aggressive

On 19/02/16 10:49 +0100, Petr Spacek wrote: The thing is that some developers (e.g. me and ISC :-)) do not think that assert() should be used only in debug builds. E.g. BIND itself is written in "Design by contract" spirit and asserts are used all over the place to make sure that code which

Re: GCC 6 -Wnonnull is too aggressive

On 19/02/16 08:50 +0100, Jakub Jelinek wrote: On Fri, Feb 19, 2016 at 03:12:29AM +0100, Kevin Kofler wrote: Jakub Jelinek wrote: > ASSERT(this) is pointless, it is testing if undefined behavior didn't > happen after the fact, that is just too late. As I said, use > -fsanitize=undefined to make

Re: GCC 6 -Wnonnull is too aggressive

On 02/19/2016 12:16 PM, Petr Spacek wrote: It is not black-white question. Absolutely. But I say, there should not be any room for -Werror in production SW/packages. The fact, * different version of gcc raise different warnings * gcc on different architectures raise different warnings. *

Re: GCC 6 -Wnonnull is too aggressive

On Fri, Feb 19, 2016 at 01:04:04PM +0100, Petr Spacek wrote: > On 19.2.2016 08:50, Jakub Jelinek wrote: > > On Fri, Feb 19, 2016 at 03:12:29AM +0100, Kevin Kofler wrote: > >> Jakub Jelinek wrote: > >>> ASSERT(this) is pointless, it is testing if undefined behavior didn't > >>> happen after the

Re: GCC 6 -Wnonnull is too aggressive

On 19/02/16 12:04, Petr Spacek wrote: Could you elaborate on this, please? What is wrong with if (ptr != NULL) ? What standard says that it is wrong? That isn't what's wrong. What is wrong is the method call that got you there. You have a method like this: void foo() { if (this !=

Re: GCC 6 -Wnonnull is too aggressive

On 19.2.2016 08:50, Jakub Jelinek wrote: > On Fri, Feb 19, 2016 at 03:12:29AM +0100, Kevin Kofler wrote: >> Jakub Jelinek wrote: >>> ASSERT(this) is pointless, it is testing if undefined behavior didn't >>> happen after the fact, that is just too late. As I said, use >>> -fsanitize=undefined to

Re: GCC 6 -Wnonnull is too aggressive

On 17.2.2016 19:20, Ralf Corsepius wrote: > On 02/17/2016 06:51 PM, Jan Kratochvil wrote: >> On Wed, 17 Feb 2016 18:25:29 +0100, Ralf Corsepius wrote: >>> Remove -Werror. >> [...] >>> -Werror is useful to devs when actively working on code, but using it in >>> released production code to be used

Re: GCC 6 -Wnonnull is too aggressive

On 17.2.2016 18:43, Jakub Jelinek wrote: > On Wed, Feb 17, 2016 at 05:30:27PM +, Daniel P. Berrange wrote: >> Instead of using __attribute__((nonnull)) directly in the code, define a >> macro for it. When compiling normal builds with gcc, make the macro >> expand to nothing, but when compiling

Re: GCC 6 -Wnonnull is too aggressive

On Fri, Feb 19, 2016 at 03:12:29AM +0100, Kevin Kofler wrote: > Jakub Jelinek wrote: > > ASSERT(this) is pointless, it is testing if undefined behavior didn't > > happen after the fact, that is just too late. As I said, use > > -fsanitize=undefined to make sure you don't call methods on nullptr.

Re: GCC 6 -Wnonnull is too aggressive

Jakub Jelinek wrote: > ASSERT(this) is pointless, it is testing if undefined behavior didn't > happen after the fact, that is just too late. As I said, use > -fsanitize=undefined to make sure you don't call methods on nullptr. Doesn't -fno-delete-null-pointer-checks make such ASSERTs work (and

Re: GCC 6 -Wnonnull is too aggressive

On 02/17/2016 06:51 PM, Jan Kratochvil wrote: On Wed, 17 Feb 2016 18:25:29 +0100, Ralf Corsepius wrote: Remove -Werror. [...] -Werror is useful to devs when actively working on code, but using it in released production code to be used in packages is plain st***. -Werror has found me many

Re: GCC 6 -Wnonnull is too aggressive

On Wed, 17 Feb 2016 18:25:29 +0100, Ralf Corsepius wrote: > Remove -Werror. [...] > -Werror is useful to devs when actively working on code, but using it in > released production code to be used in packages is plain st***. -Werror has found me many times bugs in Fedora add-on patches not being up

Re: GCC 6 -Wnonnull is too aggressive

On Wed, Feb 17, 2016 at 05:30:27PM +, Daniel P. Berrange wrote: > Instead of using __attribute__((nonnull)) directly in the code, define a > macro for it. When compiling normal builds with gcc, make the macro > expand to nothing, but when compiling with coverity or other static analysis >

Re: GCC 6 -Wnonnull is too aggressive

On Wed, Feb 17, 2016 at 05:43:51PM +0100, Petr Spacek wrote: > Hello, > > I'm facing problems with new behavior in GCC 6. > > Let's assume we have trivial program like this: > > $ cat assert.c > #include > #include > > __attribute__((nonnull)) > int f(char *txt) { > assert(txt !=

Re: GCC 6 -Wnonnull is too aggressive

On 02/17/2016 05:43 PM, Petr Spacek wrote: Hello, And because upstream is paranoid, it is being compiled with: $ gcc -Werror -Wall Did anyone met similar problem? What did you do with it? Remove -Werror. __attribute__((nonnull)) is tremendously useful for static code analysis and helped

Re: GCC 6 -Wnonnull is too aggressive

On Wed, Feb 17, 2016 at 11:14:29AM -0600, Michael Catanzaro wrote: > El mié, 17-02-2016 a las 17:53 +0100, Jakub Jelinek escribió: > > That is wrong.  Even older gcc versions would just optimize away the > > assertion. > > Even in -O0 builds? Probably not, though the warning will be at -O0 too.

Re: GCC 6 -Wnonnull is too aggressive

El mié, 17-02-2016 a las 17:53 +0100, Jakub Jelinek escribió: > That is wrong.  Even older gcc versions would just optimize away the > assertion. Even in -O0 builds? We've been hesitantly removing ASSERT(this) statements from WebKit to avoid compiler warnings from clang. Our asserts are enabled

Re: GCC 6 -Wnonnull is too aggressive

On Wed, Feb 17, 2016 at 05:43:51PM +0100, Petr Spacek wrote: > __attribute__((nonnull)) is tremendously useful for static code analysis and > helped to uncover a lot of (not-yet triggered) issues in the code, so just > removing the attribute would not make me happy. Sure. > On the other hand,

Re: GCC 6 -Wnonnull is too aggressive

On 17 February 2016 at 16:43, Petr Spacek wrote: > I'm all ears to hear what is the best solution/workaround for this. Tell upstream that -Werror is an antisocial thing to do. Richard -- devel mailing list devel@lists.fedoraproject.org