Fix gcc 9 warnings #16995
Fix gcc 9 warnings #16995
Conversation
6810868 to
108f285
Compare
108f285 to
0515216
Compare
Commented #16992 (comment) |
|
ACK 0515216, tested on Fedora 30: $ gcc --version | grep gcc
gcc (GCC) 9.2.1 20190827 (Red Hat 9.2.1-1)
$ git checkout master
$ make clean && make 2>~/master
$ git checkout pr16995
$ make clean && make 2>~/pr16995
$ diff ~/master ~/pr16995
6,23d5
< In file included from /usr/include/string.h:494,
< from ./serialize.h:20,
< from ./netaddress.h:13,
< from ./protocol.h:13,
< from protocol.cpp:6:
< In function ‘char* strncpy(char*, const char*, size_t)’,
< inlined from ‘CMessageHeader::CMessageHeader(const unsigned char (&)[4], const char*, unsigned int)’ at protocol.cpp:91:12:
< /usr/include/bits/string_fortified.h:106:34: warning: ‘char* __builtin_strncpy(char*, const char*, long unsigned int)’ specified bound 12 equals destination size [-Wstringop-truncation]
< 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
< | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
< psbt.cpp: In function ‘TransactionError CombinePSBTs(PartiallySignedTransaction&, const std::vector<PartiallySignedTransaction>&)’:
< psbt.cpp:335:19: warning: implicitly-declared ‘PartiallySignedTransaction& PartiallySignedTransaction::operator=(const PartiallySignedTransaction&)’ is deprecated [-Wdeprecated-copy]
< 335 | out = psbtxs[0]; // Copy the first one
< | ^
< In file included from psbt.cpp:5:
< ./psbt.h:398:5: note: because ‘PartiallySignedTransaction’ has user-provided ‘PartiallySignedTransaction::PartiallySignedTransaction(const PartiallySignedTransaction&)’
< 398 | PartiallySignedTransaction(const PartiallySignedTransaction& psbt_in) : tx(psbt_in.tx), inputs(psbt_in.inputs), outputs(psbt_in.outputs), unknown(psbt_in.unknown) {}
< | ^~~~~~~~~~~~~~~~~~~~~~~~~~DISCLAIMER: My ACK is for 4da0a26 commit, not for my own 0515216. |
4e5bc74 to
0515216
Compare
|
Pushed a fix for the third warning (inspired by https://cgit.freedesktop.org/libreoffice/core/commit/?id=dc06c8f4989fc28d0c31ebd333e53dfe0e0f5f66). |
|
A lot of code to fix dumb compiler warnings. I might prefer the warning over the additional code. |
|
You mean for the But I think the net message code is an improvement, warning or not. I remember @practicalswift has done a similar thing in the past (to make a static checking tool happy), and it's been 'fixed' a few time it's time to just bite the bullet there, otherwise you can be sure to get PR after PR for it when GCC9 is in more common use. |
|
I haven't tested this, but another workaround for the std::move warning might be: --- a/src/interfaces/chain.cpp
+++ b/src/interfaces/chain.cpp
@@ -242,11 +242,9 @@ class ChainImpl : public Chain
public:
std::unique_ptr<Chain::Lock> lock(bool try_lock) override
{
- auto result = MakeUnique<LockImpl>(::cs_main, "cs_main", __FILE__, __LINE__, try_lock);
+ std::unique_ptr<Chain::Lock> result = MakeUnique<LockImpl>(::cs_main, "cs_main", __FILE__, __LINE__, try_lock);
if (try_lock && result && !*result) return {};
- // std::move necessary on some compilers due to conversion from
- // LockImpl to Lock pointer
- return std::move(result);
+ return result;
}
bool findBlock(const uint256& hash, CBlock* block, int64_t* time, int64_t* time_max) override
{This avoids the conversion from |
That doesn't work, |
Oh, I thought it at least compiled, but I missed the error in the build output. The workaround would have to look like: --- a/src/interfaces/chain.cpp
+++ b/src/interfaces/chain.cpp
@@ -242,11 +242,10 @@ class ChainImpl : public Chain
public:
std::unique_ptr<Chain::Lock> lock(bool try_lock) override
{
- auto result = MakeUnique<LockImpl>(::cs_main, "cs_main", __FILE__, __LINE__, try_lock);
- if (try_lock && result && !*result) return {};
- // std::move necessary on some compilers due to conversion from
- // LockImpl to Lock pointer
- return std::move(result);
+ auto lock = MakeUnique<LockImpl>(::cs_main, "cs_main", __FILE__, __LINE__, try_lock);
+ if (try_lock && lock && !*lock) return {};
+ std::unique_ptr<Chain::Lock> result = std::move(lock); // Temporary to avoid CWG 1579
+ return result;
}
bool findBlock(const uint256& hash, CBlock* block, int64_t* time, int64_t* time_max) override
{ |
That does seem to avoid the warning. |
|
@ryanofsky @laanwj FWIW, versions prior to Clang 3.9 and GCC 5.1 would try to produce copies. You might want to compile with Edited for clarity. |
|
I don't think a Lock is even copyable (it shouldn't be at least)... and neither should a unique_ptr, by definition |
|
Prior to the resolution of a defect report against ISO C++11, local variable |
|
Ok, I'm getting lost in the C++ issues here closing this. Have to agree a warning is better than a bug. |
There's no case where result would have been copied because it's not possible to copy a unique_ptr. Prior to the defect report, returning without std::move would result in a compile error, not a buggy copy, which is why I had to add std::move to avoid the error. Wladimir's workaround preserves the std::move, so his workaround is also safe and there is no copy on older compilers. My suggested workaround #16995 (comment) preserves the std::move and changes the return statement type so it is safe as well. |
|
@ryanofsky The text is literally the warning emitted by Clang For more information about |
|
The text is correct if you interpret "would have been copied" to mean "would have been copied if copyable, otherwise result in an error." It does NOT mean "would have been copied even if not copyable", which is how Wladimir interpreted your comment what led him to close the PR. |
|
@ryanofsky Entirely correct :) My only point was that |
|
All right, and in any case this can be tagged up for grabs. The current workaround in the PR which avoids warnings is safe, and so is the other workaround for warnings suggested #16995 (comment). There is no need for any concern that "a warning is better than a bug" if someone using GCC 9 wants to make use of this PR. |
|
Changing this to @ryanofsky's solution |
Replace the memset/strncpy dance in `CMessageHeader::CMessageHeader` with explicit code that copies then name and asserts the length. This removes a warning in g++ 9.1.1 and IMO makes the code more readable by not relying on strncpy padding and silent truncation behavior.
92bd4b9 to
6a942f2
Compare
Use std::move workaround for unique_ptr, for when the C++ compiler lacks a fix for this issue: http://www.open-std.org/jtc1/sc22/wg21/docs/cwg_defects.html#1579 Do this in a way that avoids a GCC 9 `-Wredundant-move` warning.
6a942f2 to
ff9c671
Compare
| size_t i = 0; | ||
| for (; i < COMMAND_SIZE && pszCommand[i] != 0; ++i) pchCommand[i] = pszCommand[i]; | ||
| assert(pszCommand[i] == 0); // Assert that the command name passed in is not longer than COMMAND_SIZE | ||
| for (; i < COMMAND_SIZE; ++i) pchCommand[i] = 0; |
There was a problem hiding this comment.
In commit "net: Fail instead of truncate command name in CMessageHeader" (b837b33)
I don't want to second guess your code style preferences, but I believe you could just add parentheses around strncpy to silence the warning. IMO, following would be the simplest way of filling the buffer:
(strncpy(pchCommand, pszCommand, COMMAND_SIZE));
assert(pchCommand[COMMAND_SIZE-1] == '\0');Definitely good to drop the memset in either case. That is completely pointless and doesn't do anything.
There was a problem hiding this comment.
@ryanofsky The memset used to be necessary to zero-pad the copy, no?
There was a problem hiding this comment.
I mean—this is pretty trivial code to review, only a few bytes are copied, no high performance platform specific implementation is needed. This also adds an extra (although run-time) assertion that the passed-in string is not truncated (also, pchCommand is not 0-terminated if the length of the command is exactly COMMAND_SIZE).
I don't think we need to rely on any C string functions here. But if you prefer that, sure…
There was a problem hiding this comment.
ACK ff9c671, tested on Fedora 31:
$ gcc --version | grep gcc
gcc (GCC) 9.2.1 20190827 (Red Hat 9.2.1-1)
$ git switch master
$ make clean && make 2>~/master
$ git switch pr16995merge-20200206
$ make clean && make 2>~/pr16995
$ diff ~/master ~/pr16995
1,15d0
< interfaces/chain.cpp: In member function ‘virtual std::unique_ptr<interfaces::Chain::Lock> interfaces::{anonymous}::ChainImpl::lock(bool)’:
< interfaces/chain.cpp:243:25: warning: redundant move in return statement [-Wredundant-move]
< 243 | return std::move(result);
< | ~~~~~~~~~^~~~~~~~
< interfaces/chain.cpp:243:25: note: remove ‘std::move’ call
< In file included from /usr/include/string.h:495,
< from ./serialize.h:19,
< from ./netaddress.h:13,
< from ./protocol.h:13,
< from protocol.cpp:6:
< In function ‘char* strncpy(char*, const char*, size_t)’,
< inlined from ‘CMessageHeader::CMessageHeader(const unsigned char (&)[4], const char*, unsigned int)’ at protocol.cpp:89:12:
< /usr/include/bits/string_fortified.h:106:34: warning: ‘char* __builtin_strncpy(char*, const char*, long unsigned int)’ specified bound 12 equals destination size [-Wstringop-truncation]
< 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
< | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~The only remained warnings are UPDATE: no warnings at all if built on top of current master (b5c7665).leveldb related.
|
ACK ff9c671 -- patch looks correct |
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsNo conflicts as of last run. |
|
utACK ff9c671 I've restarted the s390 travis job that failed due to out of disk space. |
|
re-run ci |
|
The s390x job was removed and I think the only way to tell this to travis is to force push or to close/open. See #15847 (comment) |
ff9c671 refactor: Work around GCC 9 `-Wredundant-move` warning (Russell Yanofsky) b837b33 net: Fail instead of truncate command name in CMessageHeader (Wladimir J. van der Laan) Pull request description: Fixes all 3 from bitcoin#16992 (see commits) - net: Fail instead of truncate command name in CMessageHeader - refactor: Use std::move workaround for unique_ptr upcast only when necessary ACKs for top commit: practicalswift: ACK ff9c671 -- patch looks correct sipa: utACK ff9c671 ryanofsky: Code review ACK ff9c671. Looks good and seems to pass travis, modulo a timeout on one build hebasto: ACK ff9c671, tested on Fedora 31: Tree-SHA512: 52d8c13aaf0d56f9bc546a98d7f853eae21f7e325b202fdeb2286b19a9a0ee308634c644b039f60ad8043421e382381cbf1bce58d9f807547f928621c7d245d0
- Fix gcc 9 warnings bitcoin#16995 - guix: Remove now-unnecessary gcc make flag bitcoin#18320 - build: Remove workaround for ancient libtool bitcoin#17066 - build: Add variable printing target to Makefiles bitcoin#17087 - Disable _FORTIFY_SOURCE when enable-debug bitcoin#17033
…geHeader Summary: Replace the memset/strncpy dance in `CMessageHeader::CMessageHeader` with explicit code that copies then name and asserts the length. This removes a warning in g++ 9.1.1 and IMO makes the code more readable by not relying on strncpy padding and silent truncation behavior. bitcoin/bitcoin@b837b33 --- This is a partial backport of Core [[bitcoin/bitcoin#16995 | PR16995]] Test Plan: ninja check Reviewers: #bitcoin_abc, jasonbcox Reviewed By: #bitcoin_abc, jasonbcox Subscribers: jasonbcox Differential Revision: https://reviews.bitcoinabc.org/D6164
Summary: Use std::move workaround for unique_ptr, for when the C++ compiler lacks a fix for this issue: http://www.open-std.org/jtc1/sc22/wg21/docs/cwg_defects.html#1579 Do this in a way that avoids a GCC 9 `-Wredundant-move` warning. bitcoin/bitcoin@ff9c671 --- This completes the backport of Core [[bitcoin/bitcoin#16995 | PR16995]] Test Plan: ninja check Reviewers: #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Subscribers: deadalnix Differential Revision: https://reviews.bitcoinabc.org/D6165
…geHeader Summary: Replace the memset/strncpy dance in `CMessageHeader::CMessageHeader` with explicit code that copies then name and asserts the length. This removes a warning in g++ 9.1.1 and IMO makes the code more readable by not relying on strncpy padding and silent truncation behavior. bitcoin/bitcoin@b837b33 --- This is a partial backport of Core [[bitcoin/bitcoin#16995 | PR16995]] Test Plan: ninja check Reviewers: #bitcoin_abc, jasonbcox Reviewed By: #bitcoin_abc, jasonbcox Subscribers: jasonbcox Differential Revision: https://reviews.bitcoinabc.org/D6164
…eader c223041 net: Fail instead of truncate command name in CMessageHeader (Wladimir J. van der Laan) Pull request description: Fix the `-Wstringop-truncation` warning reported in #2076, cherry-picking the first commit of bitcoin#16995 > Replace the memset/strncpy dance in `CMessageHeader::CMessageHeader` with explicit code that copies then name and asserts the length. > > This removes a warning in g++ 9.1.1 and IMO makes the code more readable by not relying on strncpy padding and silent truncation behavior. ACKs for top commit: furszy: utACK c223041 Fuzzbawls: utACK c223041 Tree-SHA512: 1c1fecc990f4d19fa5a1eb559132e81ee904af5557e3a63256d08741e201996de1f116267025317cf0c236872d121af958798a4de9bbc9a5afbcd601b768a9aa
ff9c671 refactor: Work around GCC 9 `-Wredundant-move` warning (Russell Yanofsky) b837b33 net: Fail instead of truncate command name in CMessageHeader (Wladimir J. van der Laan) Pull request description: Fixes all 3 from bitcoin#16992 (see commits) - net: Fail instead of truncate command name in CMessageHeader - refactor: Use std::move workaround for unique_ptr upcast only when necessary ACKs for top commit: practicalswift: ACK ff9c671 -- patch looks correct sipa: utACK ff9c671 ryanofsky: Code review ACK ff9c671. Looks good and seems to pass travis, modulo a timeout on one build hebasto: ACK ff9c671, tested on Fedora 31: Tree-SHA512: 52d8c13aaf0d56f9bc546a98d7f853eae21f7e325b202fdeb2286b19a9a0ee308634c644b039f60ad8043421e382381cbf1bce58d9f807547f928621c7d245d0
ff9c671 refactor: Work around GCC 9 `-Wredundant-move` warning (Russell Yanofsky) b837b33 net: Fail instead of truncate command name in CMessageHeader (Wladimir J. van der Laan) Pull request description: Fixes all 3 from bitcoin#16992 (see commits) - net: Fail instead of truncate command name in CMessageHeader - refactor: Use std::move workaround for unique_ptr upcast only when necessary ACKs for top commit: practicalswift: ACK ff9c671 -- patch looks correct sipa: utACK ff9c671 ryanofsky: Code review ACK ff9c671. Looks good and seems to pass travis, modulo a timeout on one build hebasto: ACK ff9c671, tested on Fedora 31: Tree-SHA512: 52d8c13aaf0d56f9bc546a98d7f853eae21f7e325b202fdeb2286b19a9a0ee308634c644b039f60ad8043421e382381cbf1bce58d9f807547f928621c7d245d0
ff9c671 refactor: Work around GCC 9 `-Wredundant-move` warning (Russell Yanofsky) b837b33 net: Fail instead of truncate command name in CMessageHeader (Wladimir J. van der Laan) Pull request description: Fixes all 3 from bitcoin#16992 (see commits) - net: Fail instead of truncate command name in CMessageHeader - refactor: Use std::move workaround for unique_ptr upcast only when necessary ACKs for top commit: practicalswift: ACK ff9c671 -- patch looks correct sipa: utACK ff9c671 ryanofsky: Code review ACK ff9c671. Looks good and seems to pass travis, modulo a timeout on one build hebasto: ACK ff9c671, tested on Fedora 31: Tree-SHA512: 52d8c13aaf0d56f9bc546a98d7f853eae21f7e325b202fdeb2286b19a9a0ee308634c644b039f60ad8043421e382381cbf1bce58d9f807547f928621c7d245d0
ff9c671 refactor: Work around GCC 9 `-Wredundant-move` warning (Russell Yanofsky) b837b33 net: Fail instead of truncate command name in CMessageHeader (Wladimir J. van der Laan) Pull request description: Fixes all 3 from bitcoin#16992 (see commits) - net: Fail instead of truncate command name in CMessageHeader - refactor: Use std::move workaround for unique_ptr upcast only when necessary ACKs for top commit: practicalswift: ACK ff9c671 -- patch looks correct sipa: utACK ff9c671 ryanofsky: Code review ACK ff9c671. Looks good and seems to pass travis, modulo a timeout on one build hebasto: ACK ff9c671, tested on Fedora 31: Tree-SHA512: 52d8c13aaf0d56f9bc546a98d7f853eae21f7e325b202fdeb2286b19a9a0ee308634c644b039f60ad8043421e382381cbf1bce58d9f807547f928621c7d245d0
Fixes all 3 from #16992 (see commits)