f57fc11d951807e19b20b5960e735fa50eaea279 braney Fri Jun 12 13:10:00 2026 -0700 Fix more warnings exposed by -O3 build across hg utils and errAbort Continuation of the -O3 cleanup: a full clean rebuild surfaced warnings in many programs whose objects had not been recompiled before. Most are the same mechanical patterns as the first batch (strncpy -> safecpy/memcpy, sprintf -> safef), plus a few that needed more thought: - errAbort.h: mark errAbort/vaErrAbort/errnoAbort/noWarnAbort as noreturn. They provably never return (longjmp or exit; the existing "to make compiler happy" exit(-1) in noWarnAbort confirms the intent), and this lets GCC prune the impossible null paths after an errAbort guard, fixing false-positive null-deref / overread warnings in mafAddIRows, mafAddIRowsStream and phyloPlace with no source change to those files. - altSplice.c (hgGene): real one-element stack buffer overflow. makeGrayShades writes shadesOfGray[maxShade+1], but the caller declared shadesOfGray[9] with maxShade=8. Grow the array to [10] (maxShade stays 8); behavior unchanged. - hgc.c bedPrintPos: ~60 callers pass a track-specific struct cast to (struct bed *) and read only its bed-compatible leading fields. At -O3 -Warray-bounds flags the casts because the real object is smaller than struct bed; the reads are safe by the bed-layout convention, so suppress -Warray-bounds around just that function. - mafsInRegion.c: chromFromSrc returns strchr(src,'.')+1, which GCC mis-sizes as a 0-byte region when handed to strcmp via sameString/differentString; suppress the false-positive -Wstringop-overread around extractMafs. - sanger22gtf.c, bottleneck.c: put the printf/fprintf in the else of the NULL guard so -Wformat-overflow (which runs before the noreturn-based pruning) can see the argument is non-null. safecpy/memcpy/safef conversions: basicBed already done earlier; here haplotypes (memcpy of the original pointer pun), gbToFaRa, motifSig, hgClonePos, featureBits, libScan, hgGoldGapGl, hgSoftPromoter, mafClick, mafAddQRows, hgc.c, stanToBedAndExpRecs, bedUp, faSplit, trfBig, splitFaIntoContigs, aladdin, ameme. A full clean tree now builds with no warnings at -O3. refs #37761 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> diff --git src/inc/errAbort.h src/inc/errAbort.h index ba6f81cbb92..d2d3201bfb5 100644 --- src/inc/errAbort.h +++ src/inc/errAbort.h @@ -19,54 +19,64 @@ #define ERRABORT_H boolean isErrAbortInProgress(); /* Flag to indicate that an error abort is in progress. * Needed so that a warn handler can tell if it's really * being called because of a warning or an error. */ void errAbortSetDoContentType(boolean value); /* change the setting of doContentType, ie. if errorAbort should print a * http Content type line. */ void errAbort(char *format, ...) /* Abort function, with optional (printf formatted) error message. */ #if defined(__GNUC__) __attribute__((format(printf, 1, 2))) +__attribute__((noreturn)) #endif ; -void vaErrAbort(char *format, va_list args); +void vaErrAbort(char *format, va_list args) /* Abort function, with optional (vprintf formatted) error message. */ +#if defined(__GNUC__) +__attribute__((noreturn)) +#endif +; void errnoAbort(char *format, ...) /* Prints error message from UNIX errno first, then does errAbort. */ #if defined(__GNUC__) __attribute__((format(printf, 1, 2))) +__attribute__((noreturn)) #endif ; typedef void (*AbortHandler)(); /* Function that can abort. */ void pushAbortHandler(AbortHandler handler); /* Set abort handler */ void popAbortHandler(); /* Revert to old abort handler. */ -void noWarnAbort(); +void noWarnAbort() /* Abort without message. */ +#if defined(__GNUC__) +__attribute__((noreturn)) +#endif +; void pushDebugAbort(); /* Push abort handler that will invoke debugger. */ void vaWarn(char *format, va_list args); /* Call top of warning stack to issue warning. */ void warn(char *format, ...) /* Issue a warning message. */ #if defined(__GNUC__) __attribute__((format(printf, 1, 2))) #endif ; void errnoWarn(char *format, ...)