On Mon, Oct 2, 2017 at 6:31 PM, Paul Eggert <egg...@cs.ucla.edu> wrote: > On 10/02/2017 06:24 PM, Jim Meyering wrote: >> >> Given all of the comments on that function, I'd be tempted to suppress >> this warning in that function. > > That would work. Another possibility would be to include verify.h and add > something like this to the start of timespec_cmp: > > assume (-1 <= a.tv_nsec && a.tv_nsec <= 2 * TIMESPEC_RESOLUTION); > > assume (-1 <= b.tv_nsec && b.tv_nsec <= 2 * TIMESPEC_RESOLUTION); > > We might be able to make these 'assume' calls fancier, to exactly match the > comments, but I'm not sure it's worth the bother.
Thanks. I prefer that. Here's a proposed patch:
From c587f5cff388417f5c584a7125cc886df9750c9b Mon Sep 17 00:00:00 2001 From: Jim Meyering <meyer...@fb.com> Date: Fri, 27 Oct 2017 21:28:47 -0700 Subject: [PATCH] timespec.h: use "assure" to avoid a spurious warning * lib/timespec.h: Include "assure.h" and use it to help gcc7's -Wstrict-overflow avoid a false positive warning for a use in coreutils' ls.c. Suggested by Paul Eggert in https://lists.gnu.org/r/bug-gnulib/2017-10/msg00007.html * modules/timespec (Depends-on): Add assure. --- ChangeLog | 9 +++++++++ lib/timespec.h | 6 ++++++ modules/timespec | 1 + 3 files changed, 16 insertions(+) diff --git a/ChangeLog b/ChangeLog index 7ce63c22f..e31bb6dc4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +2017-10-27 Jim Meyering <meyer...@fb.com> + + timespec.h: use "assure" to avoid a spurious warning + * lib/timespec.h: Include "assure.h" and use it to help + gcc7's -Wstrict-overflow avoid a false positive warning + for a use in coreutils' ls.c. Suggested by Paul Eggert in + https://lists.gnu.org/r/bug-gnulib/2017-10/msg00007.html + * modules/timespec (Depends-on): Add assure. + 2017-10-26 Bruno Haible <br...@clisp.org> havelib: Fix value of LD for 32-bit compilation on NetBSD/sparc64. diff --git a/lib/timespec.h b/lib/timespec.h index 383130157..61cfebbea 100644 --- a/lib/timespec.h +++ b/lib/timespec.h @@ -33,6 +33,8 @@ _GL_INLINE_HEADER_BEGIN extern "C" { #endif +#include "assure.h" + /* Resolution of timespec timestamps (in units per second), and log base 10 of the resolution. */ @@ -81,6 +83,10 @@ make_timespec (time_t s, long int ns) _GL_TIMESPEC_INLINE int _GL_ATTRIBUTE_PURE timespec_cmp (struct timespec a, struct timespec b) { + /* These assure calls teach gcc7 enough so that its + -Wstrict-overflow does not complain about the following code. */ + assure (-1 <= a.tv_nsec && a.tv_nsec <= 2 * TIMESPEC_RESOLUTION); + assure (-1 <= b.tv_nsec && b.tv_nsec <= 2 * TIMESPEC_RESOLUTION); return (a.tv_sec < b.tv_sec ? -1 : a.tv_sec > b.tv_sec ? 1 : (int) (a.tv_nsec - b.tv_nsec)); diff --git a/modules/timespec b/modules/timespec index d18d1464f..01ab6add2 100644 --- a/modules/timespec +++ b/modules/timespec @@ -7,6 +7,7 @@ lib/timespec.c m4/timespec.m4 Depends-on: +assure extern-inline time -- 2.14.1.729.g59c0ea183
