From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-patches-return-496139-listarch-gcc-patches=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 71031 invoked by alias); 14 Feb 2019 14:23:26 -0000
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-patches.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-help@gcc.gnu.org>
Sender: gcc-patches-owner@gcc.gnu.org
Received: (qmail 71021 invoked by uid 89); 14 Feb 2019 14:23:26 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=rates, D*fr, styles, objective
X-HELO: gateway24.websitewelcome.com
Received: from gateway24.websitewelcome.com (HELO gateway24.websitewelcome.com) (192.185.51.162) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 14 Feb 2019 14:23:24 +0000
Received: from cm11.websitewelcome.com (cm11.websitewelcome.com [100.42.49.5])	by gateway24.websitewelcome.com (Postfix) with ESMTP id C8E88CB8B	for <gcc-patches@gcc.gnu.org>; Thu, 14 Feb 2019 08:23:22 -0600 (CST)
Received: from box5379.bluehost.com ([162.241.216.53])	by cmsmtp with SMTP	id uHv8gG1f5dnCeuHv8gEoqg; Thu, 14 Feb 2019 08:23:22 -0600
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tromey.com;	 s=default; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date:	References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:	Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:	Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:	List-Subscribe:List-Post:List-Owner:List-Archive;	bh=O2+PifU6na9DTZQ8sGaIK/gRXw3ERUXn9UVo3QZ8NBE=; b=hMepyKH2hzJo3OGoaAyl1DfbFw	Ulfd3ecJxFn5fZWDzUTvl63xoU5cPgD/Vx6anc+LUjBqJPwbVTtqp0+9EPBnxs8XrnbwqFMvTk6Rc	IwvTXlvqjRc/uKQNoIKwxzJNL;
Received: from 75-166-72-210.hlrn.qwest.net ([75.166.72.210]:43736 helo=murgatroyd)	by box5379.bluehost.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)	(Exim 4.91)	(envelope-from <tom@tromey.com>)	id 1guHv8-000t7M-IY; Thu, 14 Feb 2019 08:23:22 -0600
From: Tom Tromey <tom@tromey.com>
To: Marc Glisse <marc.glisse@inria.fr>
Cc: Martin Sebor <msebor@gmail.com>,  gcc-patches@gcc.gnu.org
Subject: Re: Move -Wmaybe-uninitialized to -Wextra
References: <alpine.DEB.2.21.1901312237250.16995@stedding.saclay.inria.fr>	<5748265d-a95a-1af3-2783-aabc6919d2ea@gmail.com>	<alpine.DEB.2.21.1902030725030.20241@stedding.saclay.inria.fr>
Date: Thu, 14 Feb 2019 14:23:00 -0000
In-Reply-To: <alpine.DEB.2.21.1902030725030.20241@stedding.saclay.inria.fr>	(Marc Glisse's message of "Sun, 3 Feb 2019 11:02:39 +0100 (CET)")
Message-ID: <87mumy4ffq.fsf@tromey.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-SW-Source: 2019-02/txt/msg01082.txt.bz2

>>>>> "Marc" == Marc Glisse <marc.glisse@inria.fr> writes:

>> Lastly, in the case of uninitialized variables, the usual solution
>> of initializing them is trivial and always safe (some coding styles
>> even require it).

Marc> Here it shows that we don't work with the same type of code at all. If
Marc> I am using a boost::optional, i.e. a class with a buffer and a boolean
Marc> that says if the buffer is initialized, how do I initialize the
Marc> (private) buffer? Or should boost itself zero out the buffer whenever
Marc> the boolean is set to false?

This is https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80635 (I know you
know, but maybe others on the thread don't).

I think in this specific case (std::optional and similar classes), GCC
should provide a way for the class to indicate that
-Wmaybe-uninitialized should not apply to the payload.

>> A shared definition of a false positive should be one of the very
>> first steps to coming closer to a consensus.  Real world (as opposed
>> to anecdotal) data on the rates of actual rates of false positives
>> and negatives vs true positives would be also most helpful, as would
>> some consensus of the severity of the bugs the true positives
>> expose, as well as some objective measure of the ease of
>> suppression.  There probably are others but these would be a start.

Marc> This data is going to be super hard to get. Most projects have been
Marc> compiling for years and tweaking their code to avoid some warnings. We
Marc> do not get to see the code that people originally write, we can only
Marc> see what they commit.

gdb has gone through this over the years -- it turns on many warnings
and sometimes false positives show up.  Most of the time there's a
comment, for -Wmaybe-uninitialized grep for "init.*gcc" in the source.
Unfortunately the comment isn't standardized; but I only get ~20 hits
for this in gdb, so it isn't really so bad in practice.

Tom