3

We recently turned on -Wstrict-overflow=5 for a large codebase, and are trying to understand the ~500 warnings when optimization is turned on. Some seem legitimate, but then there are things like this:

std::vector<std::string> files;

// ...

void Add (const std::string file)
{
  if (std::find(files.begin(), files.end(), file) == files.end())
  {
    files.push_back(file);
  }
}

which produces the warning:

example.cc: In member function ‘void Add(std::string)’:
example.cc:465:8: error: assuming signed overflow does not occur when changing X +- C1 cmp C2 to X cmp C2 -+ C1 [-Werror=strict-overflow]
void Add (const std::string file)
    ^

I assume the comparison is in std::find(), and exposed by inlining the Add() function.

How am I supposed to fix this?

Yes, I've read the other Stack Overflow questions, but nothing very helpful:

23020208 std::find on a std::set. Answer: GCC bug, turn off the warning

18521501 Refactor conditionals

22798709 Edge case in signed integers

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
pdbj
  • 573
  • 5
  • 9
  • The answer to the first question explains why this is happening, and suggests how to work around it. – Barmar Sep 10 '16 at 00:46
  • 1
    The correct and authoritative answer is "not very helpful"? Not sure what new information you're expecting to magically materialise just because you re-asked the question! – Lightness Races in Orbit Sep 10 '16 at 00:57
  • "How am I supposed to fix this?" -- That assumes you already understand the problem. You don't. The problem you're trying to fix is one that shouldn't be regarded as a problem at all and doesn't need fixing. The problem you actually have is using compiler flags without understanding what they do and what their intended use is, without learning what they're for, making your own misguided assumptions about them, and not being willing to accept that those assumptions were wrong when you find out they are. This is not a technical problem that we can help you solve. –  Sep 10 '16 at 02:26
  • "Turn off the warning" doesn't help me use the warning to find real issues, so no, not very helpful. @hvd: duh, if I understood, I wouldn't be asking the question. Please point out my mistaken assumptions; that would be a technical contribution to the conversation, rather than just snarky bashing of inexperience. – pdbj Sep 12 '16 at 19:51
  • @pdbj There are no real issues. This warning option is not designed to only point out real issues. Since there are no real issues, turning off the warning is the correct thing to do. The mistaken assumption is in what this warning option is for. Now you *may* still want to go through the rest of your hundreds of warnings to find if some of the other ones *do* point to real issues, but it'll take a while... –  Sep 12 '16 at 20:28
  • @hvd: Exactly. I should have said "there are no real issues *here*, but there are issues elsewhere." The whole point of turning on the warning is to examine (and fix) each true positive. In this SO question I'd like to figure out how to fix/suppress this warning when it's a false positive. This won't be the last time we do this review on a rapidly evolving code; it would be nice not to have to revisit each false positive each time. – pdbj Sep 12 '16 at 23:51

1 Answers1

1

How am I supposed to fix this?

Since they are false positives caused by something you have no control over (i.e., GCC), you'll need to adjust to it:

  1. Take them one by one (this is why you enabled them in the first place, to detect where overflow may happen, right?)
  2. for those places where the compiler is right, apply corrections
  3. for the places where this is a false positive, use a #pragma to locally disable the warning - the presence of that #pragma will mean: "Due dilligence paid, I checked and there isn't any way something may overflow here".

(The serenity prayer may help.)

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Adrian Colomitchi
  • 3,974
  • 1
  • 14
  • 23
  • Thanks for the useful reply. Yes for 1, and of course 2. For 3, however, see my new comment on 23020208: the warning is due to stuff at the call site, not in my code. So I have to litter with 5 lines of preprocessor every place triggered by callers? Yuck. – pdbj Sep 12 '16 at 19:46
  • @pdbj "Yuck" I sympathize. Other options include: "accept the risk, turn off warning" or "find another ways to make sure your code doesn't cause overflow - macro, template etc to use in your code - (thus not accepting the risk) and turn off the warning" or "convince the boss to get an intern to do it and don't turn off the warning" – Adrian Colomitchi Sep 12 '16 at 23:23