>>>>> "Marc" == Marc Glisse <marc.gli...@inria.fr> writes:
>> Lastly, in the case of uninitialized variables, the usual solution >> of initializing them is trivial and always safe (some coding styles >> even require it). Marc> Here it shows that we don't work with the same type of code at all. If Marc> I am using a boost::optional, i.e. a class with a buffer and a boolean Marc> that says if the buffer is initialized, how do I initialize the Marc> (private) buffer? Or should boost itself zero out the buffer whenever Marc> the boolean is set to false? This is https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80635 (I know you know, but maybe others on the thread don't). I think in this specific case (std::optional and similar classes), GCC should provide a way for the class to indicate that -Wmaybe-uninitialized should not apply to the payload. >> A shared definition of a false positive should be one of the very >> first steps to coming closer to a consensus. Real world (as opposed >> to anecdotal) data on the rates of actual rates of false positives >> and negatives vs true positives would be also most helpful, as would >> some consensus of the severity of the bugs the true positives >> expose, as well as some objective measure of the ease of >> suppression. There probably are others but these would be a start. Marc> This data is going to be super hard to get. Most projects have been Marc> compiling for years and tweaking their code to avoid some warnings. We Marc> do not get to see the code that people originally write, we can only Marc> see what they commit. gdb has gone through this over the years -- it turns on many warnings and sometimes false positives show up. Most of the time there's a comment, for -Wmaybe-uninitialized grep for "init.*gcc" in the source. Unfortunately the comment isn't standardized; but I only get ~20 hits for this in gdb, so it isn't really so bad in practice. Tom
