[cfe-dev] Strange difference between Clang and GCC's -Wparentheses

Andrew Trick atrick at apple.com
Wed Jan 8 17:18:54 PST 2014 

On Jan 7, 2014, at 4:51 PM, Sean Silva <silvas at purdue.edu> wrote:

> 
> 
> 
> On Tue, Jan 7, 2014 at 10:26 AM, Argyrios Kyrtzidis <akyrtzi at gmail.com> wrote:
> 
> On Jan 7, 2014, at 8:40 AM, Nico Weber <thakis at chromium.org> wrote:
> 
>> No opinion on the actual issue, but…
>> 
>> On Mon, Jan 6, 2014 at 11:49 PM, Chandler Carruth <chandlerc at gmail.com> wrote:
>> Currently Clang and GCC warn about:
>> 
>> (a || b && c)
>> 
>> Due to the very common mistake by programmers which ignores the relative operator precedence of || and &&. This forces the user to place explicit parentheses to group either (a || b) or (b && c) to be evaluated first.
>> 
>> However, GCC warns and Clang is silent about this:
>> 
>> (a || b && 1)
>> 
>> Worse, the same is true for:
>> 
>> (a || b && "foo")
>> 
>> Now, I find Clang's rationale seems somewhat reasonable: the grouping doesn't change the truth table for this expression. However, I find this clever interpretation problematic for several reasons:
>> 
>> 1) It's a complex rule to teach programmers with dubious gains. This exception doesn't realistically make the warning's false positives rare, it just eliminates one common (but not the only common) pattern. On the flip side, it is not a trivial rule to teach or predict for programmers. *Any* constant that we can evaluate to true will satisfy this.
>> 
>> 2) If the programmer expected the || to be evaluated first, they might well also expect the "a" expression to be evaluated first and short circuiting to take place. Even though the truth table is unimpacted, 'assert(!ptr || ptr->empty() && "foo");' can segfault, which I think might surprise users.
>> 
>> 3) It makes it annoying to track warnings in both Clang and GCC. If you mostly develop with Clang, but someone else checks out your code with GCC it'll suddenly start warning (much like it just did in a recent commit.)
>> 
>> …this isn't a convincing argument. Several of clang's warnings are by design smarter and less noisy than gcc's, with the effect that the clang warning is useful while the gcc counterpart isn't (e.g. Woverloaded-virtual, but there are many more).
> 
> +1
> 
> For the ubiquitous assert pattern like:
> 
> assert(a || b && “god help us”)
> 
> I don’t think this is confusing and the warning offers no value; IMHO adding the parentheses is more like noise than improving clarity.
> 
> FWIW, I recall seeing someone somewhere (can't remember when/where/what context) say something along the lines of "unlike GCC, Clang is smart enough to ease off on -Wparentheses when inside the assert macro", which I take to mean that this is a useful behavior.

I have said that more than once. No matter how hard I try, I can never remember to add extra parens in a || b asserts (having spent most of my life using assert macros). Then someone using GCC has to “fix” my code and I feel bad.

In order of not-very-strong preference:

1) Fix gcc to intelligently ignore this case.

2) Make clang temporarily dumb for gcc compatibility.

3) Do nothing.

-Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20140108/07bea79b/attachment.html>

More information about the cfe-dev mailing list