coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: nstrftime.c fails to build due to memset overflow


From: Paul Eggert
Subject: Re: nstrftime.c fails to build due to memset overflow
Date: Thu, 18 May 2023 14:27:12 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0

Let's revert the "avoid incorrect -Wmaybe-uninitialized warnings" patch.

--enable-gcc-warnings is designed for the default gcc -O2, and we shouldn't dumb down our source code for lesser platforms like "gcc -O0", or clang, or whatever.

For example, this patch:

-  int dest_desc;
-  int dest_errno;
+  int dest_desc IF_LINT ( = -1);
+  int dest_errno IF_LINT ( = 0);

means that we won't catch any programming errors caused by code failing to initialize dest_errno. That's a net minus to coreutils reliability. It's a *good* thing that dest_errno is not initialized here, and that GCC will complain if we use it uninitialized. We don't want to lose that good thing.

IF_LINT should be used sparingly: ideally only when gcc -O2 issues a false positive, and even then only after you've filed a bug report with the GCC maintainers because GCC is messing up.

The goal here is software reliability not pacifying compilers, and overuse of IF_LINT (such as the above) is a net minus to reliability.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]