On Thu, Feb 27, 2014 at 12:44 PM, Zack Weinberg <za...@panix.com> wrote:
>>>
>> Treating these as warnings, not errors, is probably the best thing
>> here. If you see the warning and you've recently changed that
>> code, then check it. If you haven't, you see the "may be" and
>> ignore it.
>
> This is exactly the same thing dbaron said the last time I brought
> this up (quite some time ago - 2010, maybe?) I didn't buy it then and
> I don't buy it now. I think it is far more likely that a
> maybe-used-uninitialized true positive will *go unnoticed* because
> we've trained ourselves to ignore those warnings, and I don't think
> better precision in a valgrind run is worth the risk of letting a true
> positive slip through in a release build. Those bugs tend to be
> security critical.
I'm definitely a fix-all-the-warnings guy, but when I looked into this
stuff closely (a while back now) I found that these uninitialized
warnings caused far more false positives than any other kind of
warning, and suppressing the warning often was more difficult than
you'd expect. So even I backed away from trying to fix them. And
that's why they're not considered as part of the WARNINGS_AS_ERRORS
(or whatever they're called) builds.
So I'm pleased to hear that -W{sometimes,maybe}-initialized have lower
false positive rates. Investigating them sounds like the most
promising avenue for progress.
Nick
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
