Re: GCC warning options for numerical programs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Mon, Apr 23, 2012 at 10:01 AM, Andrew Haley <aph@xxxxxxxxxx> wrote:
> On 04/23/2012 02:52 PM, Jeffrey Walton wrote:
>> On Mon, Apr 23, 2012 at 9:45 AM, Andrew Haley <aph@xxxxxxxxxx> wrote:
>>> On 04/23/2012 02:37 PM, Jeffrey Walton wrote:
>>>> If you don't want to know about potential problems, you don't have to
>>>> use -Weverything (or -Wall -Wextra). Folks who are interested in all
>>>> potential problems could use it (if available).
>>> I don't think so, given the variety of odd style warnings.
>>> I'm not even sure that the warnings are compatible with each other!
>>> Anyone who just turns on *everything* is probably either doing so
>>> because they're clueless because or a pointy-haired boss said "no
>>> warnings."
>> I fall into the later (but I'm not a boss). A clean compile is a security gate.
> But a clean compile with no GCC warnings is not a security gate.
Agreed. I forgot to mention that I get to pick the switches :).

>> When I start seeing problems with, for example, -Wconversion, I start
>> questioning the lack of attention to detail and wonder if I'm dealing
>> with a lazy or sloppy programmer or someone who has thought each
>> warning through. I then write a negative test case and usually find
>> its a sloppy programmer.
> Yes.  Some warnings are important, and some aren't.  You have to be
> discriminating or you mess up your program.
> Consider, for instance, -Wdouble-promotion.  If you're working on an
> embedded system you might want this; if you're working on a desktop
> system you probably don't.  And do you want -Wtraditional ?  I doubt
> it.
Right. The guy (or gal) who uses -Weverything must use -Weverything
for discovery or suffer adding -Wno-xxx, Its a pain I am willing to
endure in an effort to be as secure as possible. If I'm insecure, I
failed at my craft and should rethink my abilities in my profession.

What worries me is missing a detail and later getting pwn'd. Consider
how many times Dan Rosenberg has dinged the l33t k3rn3l hack3rz for
CompSci 101 stuff such as not validating parameters or using
uninitialized variables. GCC will warn for some of these CompSci 101
transgressions. Additionally, the kernel's random.c and prng.c violate
GCC's aliasing rules. I believe GCC warns of aliasing and punning
(correct me here), but the kernel folks are too l33t to use GCC's
static analysis capabilities [1].


[1] "GCC is Crap" from "[PATCH] Don't compare unsigned variable for <0
in sys_prctl(),"

[Linux C Programming]     [Linux Kernel]     [eCos]     [Fedora Development]     [Fedora Announce]     [Autoconf]     [The DWARVES Debugging Tools]     [Yosemite Campsites]     [Yosemite News]     [Linux GCC]

Add to Google