Programmers know this is not a recent phenomenon; they've been throwing stuff away since the dawn of high-level languages.
Actual line from code I'm doing some work on:
write(fd, str_gpio, len);
The "write" function returns a value, which the programmer threw away. And I know why without even asking him. If you were to challenge him, he would probably say, "I don't need the return value, and as for prudent error checking, this program has been running without a glitch for years."
Ugh. It's never a *good* idea to throw away return values, but I've been known to do it. But I really REALLY don't like compiler warnings:
warning: ignoring return value of 'write', declared with attribute warn_unused_result [-Wunused-result] write(fd, str_gpio, len); ^
Well, I didn't feel like analyzing the code to see how errors *should* be handled, so I just cast "write" to void to get rid of the compile warning:
(void)write(fd, str_gpio, len);
Hmm ... still same warning. Apparently over 10 years ago, glibc decided to make a whole lot of functions have an attribute that makes them throw that warning if the return value is ignored, and GCC decided that functions with that attribute will throw the warning *even if cast to void*. If you like reading flame wars, the Interwebs are chock full of arguments over this.
And you know what? Even though I'm not sure I agree with that GCC policy, it did cause me to re-visit the code and add some actual error checking. I figured that if write() returning an error was something that "could never happen", then let's enshrine that fact in the code:
s = write(fd, str_gpio, len); assert(s == len);
Hmm ... different warning:
warning: unused variable 's' [-Wunused-variable] s = write(fd, str_gpio, len); assert(s == len); ^
Huh? I'm using it right there! Back to Google. Apparently, you can define a preprocessor variable to inhibit the assert code. Some programmers like to have their asserts enabled during testing, but disabled for production for improved efficiency. The compiler sees that the condition testing code is conditionally compiled, and decides to play it safe and throw the warning that "s" isn't used, even if the condition code is compiled in. And yes, this also featured in the same flame wars over void casting. I wasn't the first person to use exactly this technique to try to get rid of warnings.
*sigh*
So I ended up doing what lots of the flame war participants bemoaned having to do: writing my own assert:
#define ASSRT(cond_expr) do {\ if (!(cond_expr)) {\ fprintf(stderr, "ASSRT failed at %s:%d (%s)", __FILE__, __LINE__, #cond_expr);\ fflush(stderr);\ abort();\ } } while (0) ... s = write(fd, str_gpio, len); ASSRT(s == len);
Finally, no warnings! And better code too (not throwing away the return value). I just don't like creating my own assert. :-(
No comments:
Post a Comment