Open melroy89 opened 2 years ago
Most of these warnings seem to come from -Wconversion
which I wouldn't recommend personally.
Most of these warnings seem to come from
-Wconversion
which I wouldn't recommend personally.
There are indeed a lot of warnings coming from sign-conversion. But also dozens of warnings from the other flags.
Maybe you want to explain why you do not recommend that specific flag?
Edit: the output I show is just a very small output of the whole warning list. So try to build it yourself, to see the WHOLE build log.
Maybe you want to explain why you do not recommend that specific flag?
-Wconversion
typically generates hundreds of warnings which are subsequently "fixed" by adding explicit casts. But adding an explicit cast doesn't change the compiler output at all, it only codifies a potential programming error. Even worse, after you added explicit casts, there's no way to easily find the original implicit casts again, for example during an audit. AFAIK, explicit casts also disable UBSan checks like -fsanitize=implicit-conversion
which would be absolutely counterproductive.
You'd really have to carefully audit each and every case -Wconversion
warns about and ideally add an assertion if you're not absolutely sure no truncation can happen. This is mostly useless and simply too much work for typical open-source projects. These days, fuzzing with sanitizers will catch most of the real-world issues anyway.
But also dozens of warnings from the other flags.
I only get about three or four, depending on the compiler.
-Wstrict-prototypes
warnings. These should be fixed and the warning option should be added to the build.-Wformat-nonliteral
. In my experience you only want -Wformat=2
if you also annotate your code with format attributes.Regarding the other options you propose:
-Wall -Wextra -Wuninitialized
We use these already. -Wuninitialized
is enabled by -Wextra
.
-Wcast-align
Should be a no-op on x86. You really want -Wcast-align=strict
. This doesn't seem to produce any warnings now. Might be added as a precaution but can also report false positives.
-Wshadow
Could be added as a precaution.
-Werror=incompatible-pointer-types
This warning is enabled by default. Why should it be made into an error? In my opinion, -Werror
should only be used for CI tests.
In general, -Wall -Wextra
is a good default. If a specific warning isn't part of this set, there's typically a good reason. It's up to you to make a case why a specific warning should be enabled. You can't just take a seemingly random list of warnings and ask us to enable them.
Wauw, this is really helpful thanks for your insides and explanation!
I saw you already made some changes https://github.com/commonmark/cmark/pull/436/files
In my opinion, -Werror should only be used for CI tests.
I got conflicting answers on that discussion:
"You should really compile with -Werror which will prevent your compiler from generating code that segfaults"
https://github.com/gpakosz/whereami/issues/33#issuecomment-1019284523
Try to build with the following C flags and improve your code:
You will get some nice warnings, function declarations isnt' a prototype, unused-parameters and quite a lot of sign-conversion warnings.
Maybe it's worth looking into those warnings! Those are there for a reason... Those warnings can now be spotted and fixed, improving your code quality.
Small snippet from the output (NOT the full output):