Closed
Bug 469944
Opened 16 years ago
Closed 15 years ago
when built with Microsoft compilers, serious NSS errors are ignored!
Categories
(NSS :: Build, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.3
People
(Reporter: nelson, Assigned: nelson)
References
Details
Attachments
(9 files, 4 obsolete files)
1.18 KB,
patch
|
alvolkov.bgs
:
review-
|
Details | Diff | Splinter Review |
38.96 KB,
patch
|
Details | Diff | Splinter Review | |
135.66 KB,
patch
|
rrelyea
:
review+
|
Details | Diff | Splinter Review |
734 bytes,
patch
|
wtc
:
review+
|
Details | Diff | Splinter Review |
2.12 KB,
patch
|
Details | Diff | Splinter Review | |
7.60 KB,
patch
|
wtc
:
review+
|
Details | Diff | Splinter Review |
1.10 KB,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
1.05 KB,
patch
|
julien.pierre
:
review+
|
Details | Diff | Splinter Review |
747 bytes,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
By default, MSVC ignores serious errors, such as calls to functions with the wrong numbers of arguments, or calls to undeclared functions. Other compilers treat these as fatal errors. MSVC merely warns. This has caused some problems. If NSS calls a function that is undeclared on Windows only, we just don't find out about it. I have a patch that really helps with this. It promotes certain warnings to being compile-stopping errors. With it, I found several problems in NSS, for which I will also attach patches to this bug. Wan-Teh, please review this small patch. Thanks.
Attachment #353361 -
Flags: review?(wtc)
Assignee | ||
Comment 1•16 years ago
|
||
Comment on attachment 353361 [details] [diff] [review] Patch that greatly improves this situation Credit where it's due. I found most of the contents of this patch on this web page: http://www.codeproject.com/KB/debug/pragma_tips.aspx?df=100&forumid=3525&exp=0&select=144539&tid=144539 I will ask the author for permission to include this in NSS.
Assignee | ||
Comment 2•16 years ago
|
||
With the first patch above in place, the build of crlutil fails because a file generated by lex calls isatty which is not declared. The solution is to include <io.h>. I coded a change to the sed script that postprocesses the output of lex, but I don't know if it is correct. (The version of sed I used doesn't grok this format.) Alexei, please review.
Attachment #353365 -
Flags: review?(alexei.volkov.bugs)
Comment 3•16 years ago
|
||
Comment on attachment 353361 [details] [diff] [review] Patch that greatly improves this situation r=wtc. You can manually look up the official messages for these warnings from MSDN, for example, http://msdn.microsoft.com/en-us/library/8kyye6db(VS.71).aspx instead of +#pragma warning(error : 4541) // RTTI train wreck This way you won't need to copy the code from the Code Project article. The messages from the Code Project article may be more fun though.
Attachment #353361 -
Flags: review?(wtc) → review+
Comment 4•16 years ago
|
||
Comment on attachment 353365 [details] [diff] [review] patch part 2 - fix calls to undeclared isatty function in crlutil > #ifndef _WIN32 > #include <unistd.h> >+#else >+#include <io.h> > #endif It's better to change this to #ifdef _WIN32 #include <io.h> #else #include <unistd.h> #endif
Comment 5•16 years ago
|
||
Comment on attachment 353361 [details] [diff] [review] Patch that greatly improves this situation One side effect is that this patch will also affect third-party code that includes any public NSS header when they recompile their code against NSS 3.12.3. So we should document this in the NSS 3.12.3 release notes, and Kai should make sure to do a verification build on Windows before pushing NSS 3.12.3 to mozilla-central or some other Mozilla branch.
Comment 6•16 years ago
|
||
Comment on attachment 353361 [details] [diff] [review] Patch that greatly improves this situation To avoid interfering with other projects' build systems, we should do this on our own compiler command line in coreconf. For example, the flag -we4541 is equivalent to the pragma #pragma warning(error : 4541) // RTTI train wreck http://msdn.microsoft.com/en-us/library/thxezb7y(VS.71).aspx The challenge of this approach is to figure out the MSVC version in makefiles. It's doable, but we don't seem to have the code. (I wrote the code once, but lost it.) Another approach is to move this to a new header, and use the -FI compiler flag to include it. http://msdn.microsoft.com/en-us/library/8c5ztk84(VS.71).aspx
Assignee | ||
Comment 7•16 years ago
|
||
Comment on attachment 353361 [details] [diff] [review] Patch that greatly improves this situation Wan-Teh, thanks for pointing out -we. I had looked for a command line approach to this problem and had not found it, but that's it. -FI sounds exactly like what Doug Turner needs for his "shunt". I'll write him about that separately.
Attachment #353361 -
Attachment is obsolete: true
Assignee | ||
Comment 8•16 years ago
|
||
Do the different versions of the MSVC compilers use different warning numbers for the same warnings? I'm really asking, do we need to check compiler version numbers? The version number check I put into my first patch was frankly just a guess. I suspect it is sufficient to simply check that it is an MSVC compiler. But I really don't know. I will make a patch that adds -we options to OS_CFLAGS on Windows when not using gcc, without considering compiler version.
Assignee | ||
Comment 9•16 years ago
|
||
This alternative approach found many more problems than the first one. Wan-teh, please review.
Attachment #353489 -
Flags: review?(wtc)
Assignee | ||
Updated•16 years ago
|
Priority: -- → P2
Assignee | ||
Comment 10•16 years ago
|
||
MSVC reports a warning each time a function pointer is cast to a data pointer. ckfw does that a LOT. Now that we're causing many more of MSVC's warnings to be compile errors, ckfw doesn't compile. This patch fixes it. Bob, please review.
Attachment #353495 -
Flags: review?(rrelyea)
Assignee | ||
Comment 11•16 years ago
|
||
This patch is an alternative to the version named "part 3" above. It goes beyond what was required to make MSVC happy, and removes LOTS of unnecessary casting of NULL in comparisons. IMO, this makes the code MUCH more readable. Bob, please review. This was all done with two global search and replace commands, so it should not be necessary to review each and every change, because they weren't produced by hand.
Attachment #353501 -
Flags: review?(rrelyea)
Comment 12•16 years ago
|
||
Comment on attachment 353489 [details] [diff] [review] patch v2 - change warnings to errors on command line Hi Nelson, please add this to coreconf/WIN32.mk instead. All of these files include coreconf/WIN32.mk. It'd be nice to add a comment describing what those warnings are, essentially what you have in the previous patch.
Attachment #353489 -
Flags: review?(wtc) → review-
Comment 13•16 years ago
|
||
Comment on attachment 353495 [details] [diff] [review] patch part 3 - stop casting function pointers to data pointers in ckfw r+ The new code is easier to read anyway. bob
Attachment #353495 -
Flags: review?(rrelyea) → review+
Comment 14•16 years ago
|
||
Comment on attachment 353495 [details] [diff] [review] patch part 3 - stop casting function pointers to data pointers in ckfw removing my r+ because I prefer your other option better.
Attachment #353495 -
Flags: review+
Comment 15•16 years ago
|
||
Comment on attachment 353501 [details] [diff] [review] patch part 3 - alternative, remove unnecessary casting of NULL from ckfw (checked in) r+ rrelyea This is the better options, I like it more. (see I can speak english if I put my mind to it:).
Attachment #353501 -
Flags: review?(rrelyea) → review+
Comment 16•16 years ago
|
||
Comment on attachment 353501 [details] [diff] [review] patch part 3 - alternative, remove unnecessary casting of NULL from ckfw (checked in) It'd be nice to reduce the whitespace. Two examples: >- if ((NSSCKFWCryptoOperation *)NULL == fwOperation) { >+ if (! fwOperation) { Delete the space between ! and the pointer variable. >- if ((NSSCKFWCryptoOperation *)NULL != fwOperation) { >+ if ( fwOperation) { Delete the spaces after the opening parenthesis. I also don't like the unnecessary casts of NULL in the CKFW code. (They're also present in NSPR's plstr.h functions.) But I think a patch of this magnitude is more appropriate for NSS 3.13 because it adds a lot of noise to the diffs between NSS 3.12.2 and NSS 3.12.3, and a lot of people read the diffs, to evaluate the risk of upgrading or to track down a regression.
Comment 17•16 years ago
|
||
Comment on attachment 353365 [details] [diff] [review] patch part 2 - fix calls to undeclared isatty function in crlutil Lets change it as suggested by Wan-teh.
Attachment #353365 -
Flags: review?(alexei.volkov.bugs) → review-
Assignee | ||
Comment 18•15 years ago
|
||
Comment on attachment 353501 [details] [diff] [review] patch part 3 - alternative, remove unnecessary casting of NULL from ckfw (checked in) I made the whitespace changes that Wan-Teh requested, and checked this in. Checking in ckfw/crypto.c; new revision: 1.4; previous revision: 1.3 Checking in ckfw/find.c; new revision: 1.9; previous revision: 1.8 Checking in ckfw/hash.c; new revision: 1.4; previous revision: 1.3 Checking in ckfw/instance.c; new revision: 1.12; previous revision: 1.11 Checking in ckfw/mechanism.c; new revision: 1.6; previous revision: 1.5 Checking in ckfw/mutex.c; new revision: 1.9; previous revision: 1.8 Checking in ckfw/object.c; new revision: 1.16; previous revision: 1.15 Checking in ckfw/session.c; new revision: 1.13; previous revision: 1.12 Checking in ckfw/sessobj.c; new revision: 1.14; previous revision: 1.13 Checking in ckfw/slot.c; new revision: 1.7; previous revision: 1.6 Checking in ckfw/token.c; new revision: 1.13; previous revision: 1.12 Checking in ckfw/wrap.c; new revision: 1.18; previous revision: 1.17
Assignee | ||
Comment 19•15 years ago
|
||
I believe this is the change that wtc suggested. Wan-Teh, please review this tiny patch.
Attachment #353489 -
Attachment is obsolete: true
Attachment #361230 -
Flags: review?(wtc)
Assignee | ||
Updated•15 years ago
|
Attachment #353501 -
Attachment description: patch part 3 - alternative, remove unnecessary casting of NULL from ckfw → patch part 3 - alternative, remove unnecessary casting of NULL from ckfw (checked in)
Comment 20•15 years ago
|
||
Comment on attachment 361230 [details] [diff] [review] patch v3 - change warnings to errors on command line It's better to add the new code between line 120 and line 121: 118 DEFINES += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME) 119 endif 120 else # !NS_USE_GCC 121 ifdef BUILD_OPT 122 OS_CFLAGS += -MD The section you chose deals with the assembler (AS). So all these compiler warning flags would be out of place there. It'd be nice to add a comment describing what those warnings are, essentially what you have in attachment 353361 [details] [diff] [review].
Attachment #361230 -
Flags: review?(wtc) → review+
Assignee | ||
Comment 21•15 years ago
|
||
This is the patch I checked in. Checking in WIN32.mk; new revision: 1.27; previous revision: 1.26
Assignee | ||
Updated•15 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Comment 22•15 years ago
|
||
Warning 4028 means a function parameter is const in the function declaration but not in the definition. This is a function prototype mismatch between declaration and definition. Warning 4090 means we're trying to pass a const pointer to a function that takes a non-const pointer. Both of these should be compilation errors. I hope there is a better way than keep adding new -we<xxxx> flags.
Attachment #362420 -
Flags: review?(nelson)
Assignee | ||
Comment 23•15 years ago
|
||
reopening. Review requests for patches attached to resolved bugs do not show up in my searches, and tend to be ignored for long periods.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee | ||
Comment 24•15 years ago
|
||
Comment on attachment 362420 [details] [diff] [review] Add two more warnings about const arguments Several comments about this patch: A) I agree that pointer assignments that implicitly cast away the const attribute of the object SHOULD be compilation errors on ALL platforms. It should be necessary to *explicitly* cast away const to perform such assignments, and we should never do that. I thought that most compilers on most platforms already did make such pointer assignments an error, but to my surprise, I find that they evidently do not. When I applied this patch and tried to build NSS, I ran into MANY errors on Windows. NSS makes this mistake in many places, yet it builds without errors on all supported platforms today. This patch makes the Windows MSVC compiler more pedantic about this than any of our other compilers, evidently. B) A great ongoing source of frustration for NSS developers has been that one compiles the code successfully on one platform, then commits it, only to find that it does not compile on another platform. To eliminate that frustration, it is desirable that all platforms have the same rules, all declaring errors for the same problems. That is not entirely possible, but IMO, we should strive for it as much as possible. My reason for filing and working on this bug was to try to make MSVC approximately as pedantic as other platforms, to reduce my own frustration from building code on Windows that does not build on other platforms. Of course, some platforms will always be more pedantic than others. But I am reluctant to change the Windows platform behavior to make it more pedantic than the other platforms, because most NSS developers do NOT develop on Windows as their primary platform. If Windows becomes significantly more pedantic than other platforms, many developers will commit code that then breaks on Windows, which will compound frustrations. So, I think two things must be done before this patch can be committed. 1) All the places in NSS that stop compiling because of it need to be fixed, and 2) If possible, a similar change should be made to the builds with other compilers to make them also treat this as an error, so that the pedantry of all (or most) compilers is increased similarly. I would give this patch an r+ once those other things are achieved. I am now working on fixing the const problems revealed by this patch, but there are many and changing them will be a big patch.
Assignee | ||
Comment 25•15 years ago
|
||
With the combination of this patch and Wan-Teh's previous one, NSS builds OK. This wasn't as bad as I expected it to be, in part because NSS already explicitly cast's away const in many places. Note: I added one place where we explicitly cast away const. PKCS#11 never uses "const" in its function declarations, but some NSS functions that call them declare the passed values as const. I don't know if C_CreateObject ever modifies its input template array or not. If not, then this cast away is fine, but if so, then it is wrong for PK11_CreateNewObject to declare its input argument as pointer to const.
Attachment #362429 -
Flags: review?(wtc)
Comment 26•15 years ago
|
||
Comment on attachment 362429 [details] [diff] [review] Supplemental Patch - v1 - fix const errors in NSS (checked in) r=wtc. Sorry that I didn't test my patch on the entire NSS. I only tested it in the lib/freebl directory. Note: I didn't realize all compilers merely warn about assigning a const pointer to a non-const pointer. So I am fine with NOT adding -we4090. If we add -we4090, won't that make MSVC more strict than GCC and Sun Studio? -we4028 should be safe because the declaration and definition of a function should have the same prototype. Either way, all of the changes in this patch are good. I am a little worried about the following change in lib/pk11wrap/pk11obj.c: >+ crv = PK11_GETTAB(slot)->C_CreateObject(rwsession, >+ /* cast away const :-( */ (CK_ATTRIBUTE_PTR)theTemplate, >+ count, objectID); Since 'slot' can be an arbitrary third-party PKCS #11 library, are you sure it's safe to assume that it won't modify theTemplate? (I can't imagine why any PKCS #11 library would need to modify the Template.) Should we ask the PKCS #11 working group to add more 'const' to the PKCS #11 API in the upcoming v2.30? Nit: in lib/libpkix/pkix_pl_nss/pki/pkix_pl_ocspresponse.c, please indent by 8 spaces and avoid tabs (the local convention in libpkix).
Attachment #362429 -
Flags: review?(wtc) → review+
Comment 27•15 years ago
|
||
Nelson, I didn't see your comment 25 before I wrote comment 26. Sorry. I agree that removing the 'const' from PK11_CreateNewObject is another option.
Assignee | ||
Comment 28•15 years ago
|
||
Comment on attachment 362429 [details] [diff] [review] Supplemental Patch - v1 - fix const errors in NSS (checked in) Checked in on trunk cmd/lib/secutil.c; new revision: 1.93; previous revision: 1.92 cmd/lib/secutil.h; new revision: 1.31; previous revision: 1.30 pkix_pl_ocspresponse.c; new revision: 1.16; previous revision: 1.15 pkix_pl_common.c; new revision: 1.6; previous revision: 1.5 pkix_pl_common.h; new revision: 1.7; previous revision: 1.6 lib/pk11wrap/pk11obj.c; new revision: 1.21; previous revision: 1.20
Attachment #362429 -
Attachment description: Supplemental Patch - v1 - fix const errors in NSS → Supplemental Patch - v1 - fix const errors in NSS (checked in)
Assignee | ||
Comment 29•15 years ago
|
||
Comment on attachment 362420 [details] [diff] [review] Add two more warnings about const arguments Wan-Teh, if you can devise a patch to make gcc also treat these issues as errors, so that msvc and gcc would agree, I'd be happy with such a patch, I believe.
Comment 30•15 years ago
|
||
Nelson, let's just add -we4028 for now. I verified that a function prototype mismatch between declaration and definition is a compilation error for GCC. Passing a const pointer to a function that takes a non-const pointer is also just a compiler warning for GCC. So I removed -we4090 from this patch.
Attachment #362420 -
Attachment is obsolete: true
Attachment #362533 -
Flags: review?(nelson)
Attachment #362420 -
Flags: review?(nelson)
Comment 31•15 years ago
|
||
I attached the wrong patch. This is the correct one.
Attachment #362533 -
Attachment is obsolete: true
Attachment #362534 -
Flags: review?(nelson)
Attachment #362533 -
Flags: review?(nelson)
Assignee | ||
Comment 32•15 years ago
|
||
Comment on attachment 362534 [details] [diff] [review] Add the warning about function prototype mismatch between declaration and definition (correct patch; checked in) r=nelson
Attachment #362534 -
Flags: review?(nelson) → review+
Comment 33•15 years ago
|
||
Comment on attachment 362534 [details] [diff] [review] Add the warning about function prototype mismatch between declaration and definition (correct patch; checked in) I checked in this patch on the NSS trunk (NSS 3.12.3). Checking in WIN32.mk; /cvsroot/mozilla/security/coreconf/WIN32.mk,v <-- WIN32.mk new revision: 1.29; previous revision: 1.28 done
Attachment #362534 -
Attachment description: Add the warning about function prototype mismatch between declaration and definition (correct patch) → Add the warning about function prototype mismatch between declaration and definition (correct patch; checked in)
Updated•15 years ago
|
Status: REOPENED → RESOLVED
Closed: 15 years ago → 15 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 34•15 years ago
|
||
I would like to nominate two more warnings for promotion to errors on Windows. They are: C4024: <function> : different types for formal and actual parameter <n> C4047: 'function' : <type 1> differs in levels of indirection from <type 2>
Assignee | ||
Comment 35•15 years ago
|
||
Recently I wrote a patch that compared an error code to the name of the function that returns error codes, not to the value returned by the function, e.g. if (PORT_GetError == SEC_ERROR_something) instead of if (PORT_GetError() == SEC_ERROR_something) It got past review. My compiler only generated a warning about it, and that warning was lost is a DELUGE of worthless warnings about calls to "deprecated" (but still fully supported) libc functions. I don't want this to happen again. So, I've written this patch that will a) promote that warning code to be a full error, and b) suppress all those darn worthless deprecation warnings about libc. I've checked that NSS builds OK with this patch. There's not a big rush on this, but I'd like to get it in while the pain and embarrassment is still fresh in my mind.
Attachment #368824 -
Flags: review?(julien.pierre.boogz)
Updated•15 years ago
|
Attachment #368824 -
Flags: review?(julien.pierre.boogz) → review+
Assignee | ||
Comment 36•15 years ago
|
||
Thanks for the review. Checking in WIN32.mk; new revision: 1.31; previous revision: 1.30
Comment 37•15 years ago
|
||
I've checked this trivial patch in. Checking in WIN32.mk; /cvsroot/mozilla/security/coreconf/WIN32.mk,v <-- WIN32.mk new revision: 1.33; previous revision: 1.32 done
Attachment #368932 -
Flags: review?(nelson)
Assignee | ||
Updated•15 years ago
|
Attachment #368824 -
Attachment description: Promote one more warning to error, suppress deprecation warnings → Promote one more warning to error, suppress deprecation warnings (checked in)
Assignee | ||
Updated•15 years ago
|
Attachment #368932 -
Flags: review?(nelson) → review+
You need to log in
before you can comment on or make changes to this bug.
Description
•