From: Jeff Law <law@redhat.com>
To: "Patrick Palka" <patrick@parcs.ath.cx>,
"Manuel López-Ibáñez" <lopezibanez@gmail.com>
Cc: Gcc Patch List <gcc-patches@gcc.gnu.org>,
Jason Merrill <jason@redhat.com>,
"Joseph S. Myers" <joseph@codesourcery.com>
Subject: Re: PR c/16351 Extend Wnonnull for returns_nonnull
Date: Sat, 25 Jul 2015 01:29:00 -0000 [thread overview]
Message-ID: <55B2DCC2.40507@redhat.com> (raw)
In-Reply-To: <CA+C-WL8EFO-YdiFLF24AdQ-NJRACFtBL9Ef+PN6F0zGcvTrVSA@mail.gmail.com>
On 07/24/2015 04:17 PM, Patrick Palka wrote:
> On Fri, Jul 24, 2015 at 5:55 PM, Manuel López-Ibáñez
> <lopezibanez@gmail.com> wrote:
>> On 24 July 2015 at 21:30, Jeff Law <law@redhat.com> wrote:
>>> On 07/24/2015 07:45 AM, Manuel López-Ibáñez wrote:
>>>>
>>>> On 23 July 2015 at 19:43, Jeff Law <law@redhat.com> wrote:
>>>>>
>>>>> Warning in the front-ends like this can generate false positives (such as
>>>>> a
>>>>> NULL return in an unreachable path and miss cases where the NULL has to
>>>>> be
>>>>> propagated into the return by later optimizations.
>>>>
>>>>
>>>> False positives (for the warning as proposed right now) would be
>>>> strange, since it would mean that a returns_nonnull function returns
>>>> an explicit NULL in some code-path that is not meant to be executed.
>>>> That sounds like a bug waiting to happen.
>>>
>>> Depends on how you choose to look at things. It's quite common via macros &
>>> such to have unexecutable/unreachable paths. Whether or not to warn about
>>> something found on such a path is a matter of personal preference.
>>
>> I think it is also a matter of the particular warning and on the
>> balance of true positives vs. false positives in typical code-bases.
>> In this case, returning NULL in any code-path from a returns_nonnull
>> function, even if the path is currently unreachable via some macro
>> configuration, seems a bad idea. Of course, I'm open to be proven
>> wrong :-)
>>
>>>> Moreover, this warning works in exactly the same cases as
>>>> __attribute__((nonnull)) does for function arguments, and so far those
>>>> haven't been a source of false positives.
>>>
>>> I'm sure I could write one ;-) And given that a FE based version of this
>>> will only catch explicit NULLs in argument lists, I consider it so weak as
>>> to be virtually useless.
>>
>> Well, it is catching exactly all the cases that you were testing for
>> in your original -Wnull-attribute patch ;-)
>>
>>>> I'm very much in favour of this, but only for things that cannot
>>>> reliably be warned from the FE. Clang has shown that it is possible to
>>>> improve much more the accuracy of warnings in the FE and still compile
>>>> faster than GCC by performing some kind of fast CCP (and VRP?) in the
>>>> FE (or make the CCP and VRP passes occur earlier and even without
>>>> optimization):
>>>
>>> And my assertion is that for things like we're discussing, you need the
>>> analysis & optimizations both to expose the non-trivial cases and prune away
>>> those which are false positives. I consider exposing the non-trivial cases
>>> and pruning away false positives the most important aspect of this kind of
>>> work.
>>
>> Based on my experience, I'm not convinced that moving warnings to the
>> middle-end is a good idea. The middle-end does a very poor job
>> keeping sensible locations when doing transformations and it will not
>> only introduce false positives, it will also remove true positives.
>> The diagnostics often refer to the wrong variable or code that is not
>> what the user originally wrote, which makes very hard to understand
>> the problem. One only has to read all the reports we have about
>> -Warray-bounds, -Wuninitialized, -Wstrict-overflow and other
>> middle-end warnings.
>>
>> For example, Clang is currently able to warn about the following case
>> without any optimization, while GCC cannot at any optimization level:
>>
>> int f(bool b) {
>> int n;
>> if (b)
>> n = 1;
>> return n;
>> }
>
> Is there a PR for this particular test case? I am interested in
> improving the uninit analysis for gcc 6 so this potentially seems up
> my alley.
To fix this you have to stop the reduction of degenerate PHIs when the
RHS has a single real value and one or more undefined values. One of
the advantages of the two pass scheme I suggested years ago is it would
allow us to detect this before the optimizers collapsed the degenerate PHI.
jeff
>
next prev parent reply other threads:[~2015-07-25 0:48 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-22 15:44 Manuel López-Ibáñez
2015-07-23 17:52 ` Jeff Law
2015-07-23 23:19 ` Bernhard Reutner-Fischer
2015-07-24 7:05 ` Jeff Law
2015-07-24 8:09 ` Bernhard Reutner-Fischer
2015-07-24 19:11 ` Jeff Law
2015-07-24 14:26 ` Manuel López-Ibáñez
2015-07-24 19:56 ` Jeff Law
2015-07-24 22:17 ` Manuel López-Ibáñez
2015-07-24 22:26 ` Patrick Palka
2015-07-24 23:15 ` Manuel López-Ibáñez
2015-07-25 2:20 ` Jeff Law
2015-07-25 1:29 ` Jeff Law [this message]
2015-07-25 0:01 ` Trevor Saunders
2015-07-25 0:48 ` Manuel López-Ibáñez
2015-07-25 6:54 ` Jeff Law
2015-07-25 18:43 ` Bernhard Reutner-Fischer
2015-07-25 0:50 ` Jeff Law
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55B2DCC2.40507@redhat.com \
--to=law@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=jason@redhat.com \
--cc=joseph@codesourcery.com \
--cc=lopezibanez@gmail.com \
--cc=patrick@parcs.ath.cx \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).