From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.ciao.gmane.io!not-for-mail
From: Paul Eggert <eggert@cs.ucla.edu>
Newsgroups: gmane.emacs.devel
Subject: Re: Emacs 27.0.90 is out!
Date: Wed, 4 Mar 2020 13:51:03 -0800
Organization: UCLA Computer Science Department
Message-ID: <d351bf38-8cd6-b58b-f31d-931c038d0a91@cs.ucla.edu>
References: <87wo814p3a.fsf@petton.fr> <874kv5o8t1.fsf@moondust.localdomain>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="------------6BC67FA43FA0C676E8345615"
Injection-Info: ciao.gmane.io; posting-host="ciao.gmane.io:159.69.161.202";
	logging-data="39869"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.5.0
Cc: Emacs Devel <emacs-devel@gnu.org>
To: "N. Jackson" <nljlistbox2@gmail.com>, Nicolas Petton <nico@petton.fr>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Wed Mar 04 22:51:44 2020
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1j9bva-000AFI-EX
	for ged-emacs-devel@m.gmane-mx.org; Wed, 04 Mar 2020 22:51:42 +0100
Original-Received: from localhost ([::1]:40260 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1j9bvZ-0005L4-Fc
	for ged-emacs-devel@m.gmane-mx.org; Wed, 04 Mar 2020 16:51:41 -0500
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:55425)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <eggert@cs.ucla.edu>) id 1j9bv4-0004sq-0I
 for emacs-devel@gnu.org; Wed, 04 Mar 2020 16:51:11 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eggert@cs.ucla.edu>) id 1j9bv2-0006qY-0B
 for emacs-devel@gnu.org; Wed, 04 Mar 2020 16:51:09 -0500
Original-Received: from zimbra.cs.ucla.edu ([131.179.128.68]:52760)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <eggert@cs.ucla.edu>) id 1j9bv1-0006lm-Jw
 for emacs-devel@gnu.org; Wed, 04 Mar 2020 16:51:07 -0500
Original-Received: from localhost (localhost [127.0.0.1])
 by zimbra.cs.ucla.edu (Postfix) with ESMTP id E9C651600D0;
 Wed,  4 Mar 2020 13:51:04 -0800 (PST)
Original-Received: from zimbra.cs.ucla.edu ([127.0.0.1])
 by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10032)
 with ESMTP id Miagy2VxxNLN; Wed,  4 Mar 2020 13:51:03 -0800 (PST)
Original-Received: from localhost (localhost [127.0.0.1])
 by zimbra.cs.ucla.edu (Postfix) with ESMTP id 580931600D3;
 Wed,  4 Mar 2020 13:51:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at zimbra.cs.ucla.edu
Original-Received: from zimbra.cs.ucla.edu ([127.0.0.1])
 by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id gSxxGWR3_kfS; Wed,  4 Mar 2020 13:51:03 -0800 (PST)
Original-Received: from Penguin.CS.UCLA.EDU (Penguin.CS.UCLA.EDU [131.179.64.200])
 by zimbra.cs.ucla.edu (Postfix) with ESMTPSA id 37CCB1600D0;
 Wed,  4 Mar 2020 13:51:03 -0800 (PST)
In-Reply-To: <874kv5o8t1.fsf@moondust.localdomain>
Content-Language: en-US
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x
X-Received-From: 131.179.128.68
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: "Emacs-devel"
 <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Xref: news.gmane.io gmane.emacs.devel:245244
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/245244>

This is a multi-part message in MIME format.
--------------6BC67FA43FA0C676E8345615
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit

On 3/3/20 5:40 AM, N. Jackson wrote:
> It's very nice to build an Emacs with so few warnings!  Are the
> -Walloc-size-larger-than= warnings expected?

Not really. I reproduced the problem in master (along with some other 
warnings) and installed the attached patch to master to fix them. I 
doubt whether this is worth backporting to Emacs 27. If you compile with 
-O2 rather than -O3 the false alarms (and one true alarm :-) should go away.

--------------6BC67FA43FA0C676E8345615
Content-Type: text/x-patch; charset=UTF-8;
 name="0001-Pacify-GCC-9.2.1-20190927-O3.patch"
Content-Disposition: attachment;
 filename="0001-Pacify-GCC-9.2.1-20190927-O3.patch"
Content-Transfer-Encoding: quoted-printable

>From c9b58a8c5b6be347c84d847c45d4178e61e298e6 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Wed, 4 Mar 2020 13:48:26 -0800
Subject: [PATCH] Pacify GCC 9.2.1 20190927 -O3
MIME-Version: 1.0
Content-Type: text/plain; charset=3DUTF-8
Content-Transfer-Encoding: 8bit

Original problem report by N. Jackson in:
https://lists.gnu.org/r/emacs-devel/2020-03/msg00047.html
I found some other warnings when I used gcc, and fixed them
with this patch.
* lib-src/etags.c: Include verify.h.
(xnmalloc, xnrealloc): Tell the compiler that NITEMS is
nononnegative and ITEM_SIZE is positive.
* src/conf_post.h (__has_attribute_returns_nonnull)
(ATTRIBUTE_RETURNS_NONNULL): New macros.
* src/editfns.c (Fuser_full_name): Don=E2=80=99t assume Fuser_login_name
returns non-nil.
* src/intervals.c (rotate_right, rotate_left, update_interval):
* src/intervals.h (LENGTH, LEFT_TOTAL_LENGTH, RIGHT_TOTAL_LENGTH):
Use TOTAL_LENGTH0 or equivalent on intervals that might be null.
* src/intervals.h (TOTAL_LENGTH): Assume arg is nonnull.
(TOTAL_LENGTH0): New macro, with the old TOTAL_LENGTH meaning.
(make_interval, split_interval_right): Add ATTRIBUTE_RETURNS_NONNULL.
* src/pdumper.c (dump_check_dump_off): Now returns void, since
no caller uses the return value.  Redo assert to pacify GCC.
(decode_emacs_reloc): Add a seemingly-random eassume to pacify GCC.
Ugly, and I suspect due to a bug in GCC.
---
 lib-src/etags.c |  5 +++++
 src/conf_post.h |  7 +++++++
 src/editfns.c   | 19 +++++++++++--------
 src/intervals.c | 12 ++++++------
 src/intervals.h | 24 ++++++++++++++----------
 src/pdumper.c   |  9 ++++-----
 6 files changed, 47 insertions(+), 29 deletions(-)

diff --git a/lib-src/etags.c b/lib-src/etags.c
index 174c33a7a5..eee2c59626 100644
--- a/lib-src/etags.c
+++ b/lib-src/etags.c
@@ -124,6 +124,7 @@ Copyright (C) 1984, 1987-1989, 1993-1995, 1998-2020 F=
ree Software
 #include <binary-io.h>
 #include <intprops.h>
 #include <unlocked-io.h>
+#include <verify.h>
 #include <c-ctype.h>
 #include <c-strcase.h>
=20
@@ -7310,6 +7311,8 @@ xmalloc (ptrdiff_t size)
 xnmalloc (ptrdiff_t nitems, ptrdiff_t item_size)
 {
   ptrdiff_t nbytes;
+  assume (0 <=3D nitems);
+  assume (0 < item_size);
   if (INT_MULTIPLY_WRAPV (nitems, item_size, &nbytes))
     memory_full ();
   return xmalloc (nbytes);
@@ -7319,6 +7322,8 @@ xnmalloc (ptrdiff_t nitems, ptrdiff_t item_size)
 xnrealloc (void *pa, ptrdiff_t nitems, ptrdiff_t item_size)
 {
   ptrdiff_t nbytes;
+  assume (0 <=3D nitems);
+  assume (0 < item_size);
   if (INT_MULTIPLY_WRAPV (nitems, item_size, &nbytes) || SIZE_MAX < nbyt=
es)
     memory_full ();
   void *result =3D realloc (pa, nbytes);
diff --git a/src/conf_post.h b/src/conf_post.h
index 2f8d19fdca..eb8fb18c00 100644
--- a/src/conf_post.h
+++ b/src/conf_post.h
@@ -78,6 +78,7 @@ Copyright (C) 1988, 1993-1994, 1999-2002, 2004-2020 Fre=
e Software
 # define __has_attribute_no_address_safety_analysis false
 # define __has_attribute_no_sanitize_address GNUC_PREREQ (4, 8, 0)
 # define __has_attribute_no_sanitize_undefined GNUC_PREREQ (4, 9, 0)
+# define __has_attribute_returns_nonnull GNUC_PREREQ (4, 9, 0)
 # define __has_attribute_warn_unused_result GNUC_PREREQ (3, 4, 0)
 #endif
=20
@@ -321,6 +322,12 @@ #define ATTRIBUTE_SECTION(name)
=20
 #define ATTRIBUTE_MALLOC_SIZE(args) ATTRIBUTE_MALLOC ATTRIBUTE_ALLOC_SIZ=
E (args)
=20
+#if __has_attribute (returns_nonnull)
+# define ATTRIBUTE_RETURNS_NONNULL __attribute__ ((returns_nonnull))
+#else
+# define ATTRIBUTE_RETURNS_NONNULL
+#endif
+
 /* Work around GCC bug 59600: when a function is inlined, the inlined
    code may have its addresses sanitized even if the function has the
    no_sanitize_address attribute.  This bug is fixed in GCC 4.9.0 and
diff --git a/src/editfns.c b/src/editfns.c
index ddf190b175..eb15566fb4 100644
--- a/src/editfns.c
+++ b/src/editfns.c
@@ -1262,14 +1262,17 @@ DEFUN ("user-full-name", Fuser_full_name, Suser_f=
ull_name, 0, 1, 0,
   if (q)
     {
       Lisp_Object login =3D Fuser_login_name (INT_TO_INTEGER (pw->pw_uid=
));
-      USE_SAFE_ALLOCA;
-      char *r =3D SAFE_ALLOCA (strlen (p) + SBYTES (login) + 1);
-      memcpy (r, p, q - p);
-      char *s =3D lispstpcpy (&r[q - p], login);
-      r[q - p] =3D upcase ((unsigned char) r[q - p]);
-      strcpy (s, q + 1);
-      full =3D build_string (r);
-      SAFE_FREE ();
+      if (!NILP (login))
+	{
+	  USE_SAFE_ALLOCA;
+	  char *r =3D SAFE_ALLOCA (strlen (p) + SBYTES (login) + 1);
+	  memcpy (r, p, q - p);
+	  char *s =3D lispstpcpy (&r[q - p], login);
+	  r[q - p] =3D upcase ((unsigned char) r[q - p]);
+	  strcpy (s, q + 1);
+	  full =3D build_string (r);
+	  SAFE_FREE ();
+	}
     }
 #endif /* AMPERSAND_FULL_NAME */
=20
diff --git a/src/intervals.c b/src/intervals.c
index a66594ceea..594d8924eb 100644
--- a/src/intervals.c
+++ b/src/intervals.c
@@ -298,7 +298,7 @@ rotate_right (INTERVAL A)
     set_interval_parent (c, A);
=20
   /* A's total length is decreased by the length of B and its left child=
.  */
-  A->total_length -=3D B->total_length - TOTAL_LENGTH (c);
+  A->total_length -=3D TOTAL_LENGTH (B) - TOTAL_LENGTH0 (c);
   eassert (TOTAL_LENGTH (A) > 0);
   eassert (LENGTH (A) > 0);
=20
@@ -349,7 +349,7 @@ rotate_left (INTERVAL A)
     set_interval_parent (c, A);
=20
   /* A's total length is decreased by the length of B and its right chil=
d.  */
-  A->total_length -=3D B->total_length - TOTAL_LENGTH (c);
+  A->total_length -=3D TOTAL_LENGTH (B) - TOTAL_LENGTH0 (c);
   eassert (TOTAL_LENGTH (A) > 0);
   eassert (LENGTH (A) > 0);
=20
@@ -723,13 +723,13 @@ #define SET_PARENT_POSITION(i)                     =
             \
       i->position - LEFT_TOTAL_LENGTH (i)                       \
       - LENGTH (INTERVAL_PARENT (i))
=20
-/* Find the interval containing POS, given some non-NULL INTERVAL in
+/* Find the interval containing POS, given some interval I in
    the same tree.  Note that we update interval->position in each
    interval we traverse, assuming it is already correctly set for the
    argument I.  We don't assume that any other interval already has a
    correctly set ->position.  */
 INTERVAL
-update_interval (register INTERVAL i, ptrdiff_t pos)
+update_interval (INTERVAL i, ptrdiff_t pos)
 {
   if (!i)
     return NULL;
@@ -739,7 +739,7 @@ update_interval (register INTERVAL i, ptrdiff_t pos)
       if (pos < i->position)
 	{
 	  /* Move left.  */
-	  if (pos >=3D i->position - TOTAL_LENGTH (i->left))
+	  if (pos >=3D i->position - LEFT_TOTAL_LENGTH (i))
 	    {
 	      i->left->position =3D i->position - TOTAL_LENGTH (i->left)
 		+ LEFT_TOTAL_LENGTH (i->left);
@@ -757,7 +757,7 @@ update_interval (register INTERVAL i, ptrdiff_t pos)
       else if (pos >=3D INTERVAL_LAST_POS (i))
 	{
 	  /* Move right.  */
-	  if (pos < INTERVAL_LAST_POS (i) + TOTAL_LENGTH (i->right))
+	  if (pos < INTERVAL_LAST_POS (i) + RIGHT_TOTAL_LENGTH (i))
 	    {
 	      i->right->position =3D INTERVAL_LAST_POS (i)
 	        + LEFT_TOTAL_LENGTH (i->right);
diff --git a/src/intervals.h b/src/intervals.h
index a93b10e9ff..9a7ba910a1 100644
--- a/src/intervals.h
+++ b/src/intervals.h
@@ -96,24 +96,27 @@ #define ONLY_INTERVAL_P(i) (ROOT_INTERVAL_P (i) && LE=
AF_INTERVAL_P (i))
 /* True if this interval has both left and right children.  */
 #define BOTH_KIDS_P(i) ((i)->left !=3D NULL && (i)->right !=3D NULL)
=20
-/* The total size of all text represented by this interval and all its
-   children in the tree.   This is zero if the interval is null.  */
-#define TOTAL_LENGTH(i) ((i) =3D=3D NULL ? 0 : (i)->total_length)
+/* The total size of all text represented by the nonnull interval I
+   and all its children in the tree.  */
+#define TOTAL_LENGTH(i) ((i)->total_length)
+
+/* Likewise, but also defined to be zero if I is null.  */
+#define TOTAL_LENGTH0(i) ((i) ? TOTAL_LENGTH (i) : 0)
=20
 /* The size of text represented by this interval alone.  */
-#define LENGTH(i) ((i)->total_length			\
-		   - TOTAL_LENGTH ((i)->right)		\
-		   - TOTAL_LENGTH ((i)->left))
+#define LENGTH(i) (TOTAL_LENGTH (i)		\
+		   - RIGHT_TOTAL_LENGTH (i)	\
+		   - LEFT_TOTAL_LENGTH (i))
=20
 /* The position of the character just past the end of I.  Note that
    the position cache i->position must be valid for this to work.  */
 #define INTERVAL_LAST_POS(i) ((i)->position + LENGTH (i))
=20
 /* The total size of the left subtree of this interval.  */
-#define LEFT_TOTAL_LENGTH(i) ((i)->left ? (i)->left->total_length : 0)
+#define LEFT_TOTAL_LENGTH(i) TOTAL_LENGTH0 ((i)->left)
=20
 /* The total size of the right subtree of this interval.  */
-#define RIGHT_TOTAL_LENGTH(i) ((i)->right ? (i)->right->total_length : 0=
)
+#define RIGHT_TOTAL_LENGTH(i) TOTAL_LENGTH0 ((i)->right)
=20
 /* These macros are for dealing with the interval properties.  */
=20
@@ -234,7 +237,7 @@ #define TEXT_PROP_MEANS_INVISIBLE(prop)					\
=20
 /* Declared in alloc.c.  */
=20
-extern INTERVAL make_interval (void);
+extern INTERVAL make_interval (void) ATTRIBUTE_RETURNS_NONNULL;
=20
 /* Declared in intervals.c.  */
=20
@@ -246,7 +249,8 @@ #define TEXT_PROP_MEANS_INVISIBLE(prop)					\
                                 Lisp_Object);
 extern void traverse_intervals_noorder (INTERVAL,
 					void (*) (INTERVAL, void *), void *);
-extern INTERVAL split_interval_right (INTERVAL, ptrdiff_t);
+extern INTERVAL split_interval_right (INTERVAL, ptrdiff_t)
+  ATTRIBUTE_RETURNS_NONNULL;
 extern INTERVAL split_interval_left (INTERVAL, ptrdiff_t);
 extern INTERVAL find_interval (INTERVAL, ptrdiff_t);
 extern INTERVAL next_interval (INTERVAL);
diff --git a/src/pdumper.c b/src/pdumper.c
index 4d81203f46..e52163cdae 100644
--- a/src/pdumper.c
+++ b/src/pdumper.c
@@ -3604,14 +3604,12 @@ dump_unwind_cleanup (void *data)
   Vprocess_environment =3D ctx->old_process_environment;
 }
=20
-/* Return DUMP_OFFSET, making sure it is within the heap.  */
-static dump_off
+/* Check that DUMP_OFFSET is within the heap.  */
+static void
 dump_check_dump_off (struct dump_context *ctx, dump_off dump_offset)
 {
   eassert (dump_offset > 0);
-  if (ctx)
-    eassert (dump_offset < ctx->end_heap);
-  return dump_offset;
+  eassert (!ctx || dump_offset < ctx->end_heap);
 }
=20
 static void
@@ -3734,6 +3732,7 @@ decode_emacs_reloc (struct dump_context *ctx, Lisp_=
Object lreloc)
           }
         else
           {
+	    eassume (ctx); /* Pacify GCC 9.2.1 -O3 -Wnull-dereference.  */
             eassert (!dump_object_emacs_ptr (target_value));
             reloc.u.dump_offset =3D dump_recall_object (ctx, target_valu=
e);
             if (reloc.u.dump_offset <=3D 0)
--=20
2.24.1


--------------6BC67FA43FA0C676E8345615--