This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [wwwdocs] document new options in gcc-8/changes.html
Attached is an updated diff rebased on top of the latest revision
of the file. This new version fixes the typos Paolo pointed out
(thanks) and adds a few more options:
-Wmissing-attributes, -Wif-not-aligned, and -Wpacked-not-aligned.
I used a spell-checker this time to (hopefully) minimize the typos.
The rest of the changes are described here:
https://gcc.gnu.org/ml/gcc-patches/2018-04/msg00121.html
Martin
Index: changes.html
===================================================================
RCS file: /cvs/gcc/wwwdocs/htdocs/gcc-8/changes.html,v
retrieving revision 1.52
diff -u -r1.52 changes.html
--- changes.html 4 Apr 2018 17:43:03 -0000 1.52
+++ changes.html 4 Apr 2018 22:21:49 -0000
@@ -1,4 +1,4 @@
-<html>
+<!doctype html system>
<head>
<title>GCC 8 Release Series — Changes, New Features, and Fixes</title>
@@ -9,7 +9,7 @@
-->
<body>
-<h1>GCC 8 Release Series<br />Changes, New Features, and Fixes</h1>
+<h1>GCC 8 Release Series<br>Changes, New Features, and Fixes</h1>
<p>
This page is a "brief" summary of some of the huge number of improvements
@@ -113,6 +113,20 @@
possible for the user to have a finer-grained control over the loop
unrolling optimization.
</li>
+ <li>
+ GCC has been enhanced to detect more instances of meaningless or
+ mutually exclusive attribute specifications and handle such conflicts
+ more consistently. Mutually exclusive attribute specifications are
+ ignored with a warning regardless of whether they appear on the same
+ declaration or on distinct declarations of the same entity. For
+ example, because the <code>noreturn</code> attribute on the second
+ declaration below is mutually exclusive with the <code>malloc</code>
+ attribute on the first, it is ignored and a warning is issued.
+ <pre>
+ void* __attribute__ ((malloc)) f (unsigned);
+ void* __attribute__ ((noreturn)) f (unsigned);
+
+ <span class="boldmagenta">warning: </span>ignoring attribute '<b>noreturn</b>' because it conflicts with attribute '<b>malloc</b>' [<span class="boldmagenta">-Wattributes</span>]</pre></li>
</ul>
@@ -172,10 +186,77 @@
<ul>
<li>New command-line options have been added for the C and C++ compilers:
<ul>
- <li><code>-Wmultistatement-macros</code> warns about unsafe macros
- expanding to multiple statements used as a body of a clause such
- as <code>if</code>, <code>else</code>, <code>while</code>,
- <code>switch</code>, or <code>for</code>.</li>
+ <li><code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html#index-Wmultistatement-macros">-Wmultistatement-macros</a></code>
+ warns about unsafe macros expanding to multiple statements used
+ as a body of a statement such as <code>if</code>, <code>else</code>,
+ <code>while</code>, <code>switch</code>, or <code>for</code>.</li>
+ <li><code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html#index-Wstringop-truncation">-Wstringop-truncation</a></code>
+ warns for calls to bounded string manipulation functions such as
+ <code>strncat</code>, <code>strncpy</code>, and <code>stpncpy</code>
+ that might either truncate the copied string or leave the destination
+ unchanged. For example, the following call to <code>strncat</code>
+ is diagnosed because it appends just three of the four characters
+ from the source string.<pre>
+ void append (char *buf, size_t bufsize)
+ {
+ strncat (buf, ".txt", 3);
+ }
+ <span class="boldmagenta">warning: '</span><b>strncat</b>' output truncated copying 3 bytes from a string of length 4 [<span class="boldmagenta">-Wstringop-truncation</span>]</pre>
+ Similarly, in the following example, the call to <code>strncpy</code>
+ specifies the size of the destination buffer as the bound. If the
+ length of the source string is equal to or greater than this size
+ the result of the copy will not be NUL-terminated. Therefore,
+ the call is also diagnosed. To avoid the warning, specify
+ <code>sizeof buf - 1</code> as the bound and set the last element of
+ the buffer to NUL.<pre>
+ void copy (const char *s)
+ {
+ char buf[80];
+ strncpy (buf, s, sizeof buf);
+ …
+ }
+ <span class="boldmagenta">warning: '</span><b>strncpy</b>' specified bound 80 equals destination size [<span class="boldmagenta">-Wstringop-truncation</span>]</pre>
+ The <code>-Wstringop-truncation</code> option is included in
+ <code>-Wall</code>.<br>
+ Note that due to GCC bug <a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82944" title="missing -Wstringop-truncation on strncpy due to system header macro">82944</a>, defining <code>strncat</code>, <code>strncpy</code>,
+ or <code>stpncpy</code> as a macro in a system header as some
+ implementations do suppresses the warning.</li>
+ <li><code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html#index-Wif-not-aligned">-Wif-not-aligned</a></code> controls warnings issued in response
+ to invalid uses of objects declared with attribute
+ <code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Common-Variable-Attributes.html#index-warn_005fif_005fnot_005faligned-variable-attribute">warn_if_not_aligned</a></code>.<br>
+ The <code>-Wif-not-aligned</code> option is included in
+ <code>-Wall</code>.</li>
+ <li><code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html#index-Wmissing-attributes">-Wmissing-attributes</a></code> warns
+ when a declaration of a function is missing one or more attributes
+ that a related function is declared with and whose absence may
+ adversely affect the correctness or efficiency of generated code.
+ For example, in C++, the warning is issued when an explicit
+ specialization of a primary template declared with attribute
+ <code>alloc_align</code>, <code>alloc_size</code>,
+ <code>assume_aligned</code>, <code>format</code>,
+ <code>format_arg</code>, <code>malloc</code>, or <code>nonnull</code>
+ is declared without it. Attributes <code>deprecated</code>,
+ <code>error</code>, and <code>warning</code> suppress the warning.
+ <br>
+ The <code>-Wmissing-attributes</code> option is included in
+ <code>-Wall</code>.</li>
+ <li><code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html#index-Wpacked-not-aligned">-Wpacked-not-aligned</a></code> warns
+ when a <code>struct</code> or <code>union</code> declared with
+ attribute <code>packed</code> defines a member with an explicitly
+ specified alignment greater than 1. Such a member will wind up
+ under-aligned. For example, a warning will be issued for
+ the definition of <code>struct A</code> in the following:
+ <pre>
+ struct __attribute__ ((aligned (8)))
+ S8 { char a[8]; };
+
+ struct __attribute__ ((packed)) A
+ {
+ struct S8 s8;
+ };
+ <span class="boldmagenta">warning: </span> alignment 1 of .<b>struct S</b>. is less than 8 [<span class="boldmagenta">-Wpacked-not-aligned</span></pre>
+ The <code>-Wpacked-not-aligned</code> option is included in
+ <code>-Wall</code>.</li>
</ul>
</li>
<li><code>-fno-strict-overflow</code> is now mapped to
@@ -183,6 +264,33 @@
is now undefined by default at all optimization levels. Using
<code>-fsanitize=signed-integer-overflow</code> is now the preferred
way to audit code, <code>-Wstrict-overflow</code> is deprecated.</li>
+ <li>The <code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html#index-Warray-bounds">-Warray-bounds</a></code> option has been
+ improved to detect more instances of out-of-bounds array indices and
+ pointer offsets. For example, negative or excessive indices into
+ flexible array members and string literals are detected.</li>
+ <li>The <code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html#index-Wrestrict">-Wrestrict</a></code> option introduced in
+ GCC 7 has been enhanced to detect many more instances of overlapping
+ accesses to objects via <code>restrict</code>-qualified arguments to
+ standard memory and string manipulation functions such as
+ <code>memcpy</code> and <code>strcpy</code>. For example,
+ the <code>strcpy</code> call in the function below attempts to truncate
+ the string by replacing its initial characters with the last four.
+ However, because the function writes the terminating NUL into
+ <code>a[4]</code>, the copies overlap and the call is diagnosed.<pre>
+ void f (void)
+ {
+ char a[] = "abcd1234";
+ strcpy (a, a + 4);
+ …
+ }</pre>
+ The <code>-Wrestrict</code> option is included in <code>-Wall</code>.
+ </li>
+ <li>Several optimizer enhancements have enabled improvements to
+ the <code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html#index-Wformat-overflow">-Wformat-overflow</a></code> and
+ <code><a href="https://gcc.gnu.org/onlinedocs/gcc-8.1.0/gcc/Warning-Options.html#index-Wformat-truncation">-Wformat-truncation</a></code> options.
+ The warnings detect more instances of buffer overflow and truncation
+ than in GCC 7 and are better at avoiding certain kinds of false
+ positives.</li>
<li>When reporting mismatching argument types at a function call, the
C and C++ compilers now underline both the argument and the pertinent
parameter in the declaration.
@@ -272,6 +380,28 @@
<h3 id="cxx">C++</h3>
<ul>
+ <li>New command-line options have been added for the C++ compiler to
+ control warnings:
+ <ul>
+ <li><code><a href="https://gcc.gnu.org/onlinedocs/gcc/C_002b_002b-Dialect-Options.html#index-Wclass-memaccess">-Wclass-memaccess</a></code> warns
+ when objects of non-trivial class types are manipulated in potentially
+ unsafe ways by raw memory functions such as <code>memcpy</code>, or
+ <code>realloc</code>. The warning helps detect calls that bypass
+ user-defined constructors or copy-assignment operators, corrupt
+ virtual table pointers, data members of <code>const</code>-qualified
+ types or references, or member pointers. The warning also detects
+ calls that would bypass access controls to data members. For example,
+ a call such as:
+ <pre>
+ memcpy (&std::cout, &std::cerr, sizeof std::cout);</pre>
+ results in
+ <pre>
+ <span class="boldmagenta">warning: </span>'<b>void* memcpy(void*, const void*, long unsigned int)</b>' writing to an object of type 'std::ostream' {aka 'class std::basic_ostream<char>'} with no trivial copy-assignment [<span class="boldmagenta">-Wclass-memaccess</span>]</pre>
+ The <code>-Wclass-memaccess</code> option is included in
+ <code>-Wall</code>.
+ </li>
+ </ul>
+</li>
<li>When reporting on attempts to access private fields of a class or
struct, the C++ compiler will now offer fix-it hints showing how to
use an accessor function to get at the field in question, if one exists.