From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id 63D10431FAF for ; Thu, 29 Nov 2012 06:23:13 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: 0 X-Spam-Level: X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ox3NmJXXXAbj for ; Thu, 29 Nov 2012 06:23:12 -0800 (PST) Received: from guru.guru-group.fi (guru.guru-group.fi [46.183.73.34]) by olra.theworths.org (Postfix) with ESMTP id 26627431FAE for ; Thu, 29 Nov 2012 06:23:12 -0800 (PST) Received: from guru.guru-group.fi (localhost [IPv6:::1]) by guru.guru-group.fi (Postfix) with ESMTP id 78A681000E5; Thu, 29 Nov 2012 16:23:09 +0200 (EET) From: Tomi Ollila To: Jani Nikula , Ethan Glasser-Camp , notmuch@notmuchmail.org Subject: Re: [PATCH] lib: fix warnings when building with clang In-Reply-To: References: <1349076971-2065-1-git-send-email-jani@nikula.org> <87pq4c61hc.fsf@betacantrips.com> <87vce3vf5q.fsf@nikula.org> User-Agent: Notmuch/0.14+116~g29fcdb5 (http://notmuchmail.org) Emacs/24.2.1 (x86_64-unknown-linux-gnu) X-Face: HhBM'cA~ MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Nov 2012 14:23:13 -0000 On Mon, Oct 22 2012, Tomi Ollila wrote: > On Sun, Oct 21 2012, Jani Nikula wrote: > >> On Sun, 21 Oct 2012, Ethan Glasser-Camp wrote: >>> Jani Nikula writes: >>> >>>> Building notmuch with CC=clang and CXX=clang++ produces the warnings: >>>> >>>> CC -O2 lib/tags.o >>>> lib/tags.c:43:5: warning: expression result unused [-Wunused-value] >>>> talloc_steal (tags, list); >>>> ^~~~~~~~~~~~~~~~~~~~~~~~~ >>>> /usr/include/talloc.h:345:143: note: expanded from: >>>> ...__location__); __talloc_steal_ret; }) >>>> ^~~~~~~~~~~~~~~~~~ >>>> 1 warning generated. >>>> >>>> CXX -O2 lib/message.o >>>> lib/message.cc:791:5: warning: expression result unused [-Wunused-value] >>>> talloc_reference (message, message->tag_list); >>>> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >>>> /usr/include/talloc.h:932:36: note: expanded from: >>>> ...(_TALLOC_TYPEOF(ptr))_talloc_reference_loc((ctx),(ptr), __location__) >>>> ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >>>> 1 warning generated. >>>> >>>> Check talloc_reference() return value, and explicitly ignore >>>> talloc_steal() return value as it has no failure modes, to silence the >>>> warnings. >>>> --- >>>> lib/message.cc | 4 +++- >>>> lib/tags.c | 2 +- >>>> 2 files changed, 4 insertions(+), 2 deletions(-) >>>> >>>> diff --git a/lib/message.cc b/lib/message.cc >>>> index 978de06..320901f 100644 >>>> --- a/lib/message.cc >>>> +++ b/lib/message.cc >>>> @@ -788,7 +788,9 @@ notmuch_message_get_tags (notmuch_message_t *message) >>>> * possible to modify the message tags (which talloc_unlink's the >>>> * current list from the message) while still iterating because >>>> * the iterator will keep the current list alive. */ >>>> - talloc_reference (message, message->tag_list); >>>> + if (!talloc_reference (message, message->tag_list)) >>>> + return NULL; >>>> + >>>> return tags; >>>> } >>> >>> Hi! What you did with talloc_steal is obviously fine. >>> >>> I'd be happier about what you did with talloc_reference() if there were >>> precedent, or a clearly-articulated convention for notmuch. Instead this >>> is the third use in the codebase that I can see, and the other two are >>> each unique to themselves. In mime-node.c we print an "out-of-memory" >>> error and in lib/filenames.c we cast (void) talloc_reference (...), I >>> guess figuring that we're pretty much hosed anyhow if we run out of >>> memory. >>> >>> Why return NULL here? It seems like if talloc_reference fails, we're >>> going to crash eventually, so we should print an error to explain our >>> impending doom. I'd guess you're uneasy printing anything from lib/, but >>> still want to signal an error, and the only way you can do so is to >>> return NULL. I guess that silences the compiler warning, but it's not >>> really the correct way to handle the error IMO. On the other hand, it's >>> such a weird corner case that I don't even think it merits a FIXME >>> comment. >>> >>> How about an assert instead of a return NULL? >> >> No. I don't think a library should assert, exit, or print to stderr on >> this sort of thing. It's up to the calling application. Even if it >> probably doesn't have many choices left, given how much memory >> talloc_reference needs (not much). >> >> Ignoring the talloc_reference return value with (void) is just wrong, >> and the caller of notmuch_message_get_tags should anticipate a NULL >> return. So IMHO that's the pragmatic thing to do in this mostly >> theoretical situation, the biggest change being silencing the warning. > > I agree that the best library can do is to return NULL (if talloc had > a place in ctx to store error indication that could be used but I did > not see any in quick look -- and using global there is not a good idea) > > but, before returning NULL should 'tags' be freed. Ah, this is talloc() stuff, so the patch is good in this part. > Additionally, should lib/filenames.c be changed to have code: > > if (unlikely (talloc_reference(filenames, list) == NULL)) { > talloc_free (filenames); > return NULL; > } More like if (unlikely (talloc_reference(filenames, list) == NULL)) return NULL; But that is out of scope of this patch... so, +1 Tomi >> BR, >> Jani. > > (btw, what are the chances that program crashes before returning NULL > due to page fault in stack frame allocation ???) > > Tomi