[cfe-dev] [RFC] automatic variable initialization

JF Bastien via cfe-dev cfe-dev at lists.llvm.org
Thu Nov 15 16:42:39 PST 2018 


> On Nov 15, 2018, at 3:00 PM, Tim Northover <t.p.northover at gmail.com> wrote:
> 
> On Thu, 15 Nov 2018 at 22:53, JF Bastien via cfe-dev
> <cfe-dev at lists.llvm.org> wrote:
>>  2. Zero initialization
>> 
>>    Zero initialize all values. This has the unfortunate side-effect of
>>    providing semantics to otherwise undefined behavior, programs therefore
>>    might start to rely on this behavior, and that's sad. However, some
>>    programmers believe that pattern initialization is too expensive for them,
>>    and data might show that they're right. The only way to make these
>>    programmers wrong is to offer zero-initialization as an option, figure out
>>    where they are right, and optimize the compiler into submission. Until the
>>    compiler provides acceptable performance for all security-minded code, zero
>>    initialization is a useful (if blunt) tool.
> 
> I disagree with this. I think this is essentially defining a new
> dialect of C++, which I have massive concerns about. Additionally, as
> much as we might claim it's a transitional measure, we all know that's
> not how it'll be used in practice.

Hi Tim!

I suspected that you’d disagree with zero-initialization. :-)

I tried to outline why I think it’s important:

  - Security-minded people think the need it. They might be right.
  - We need data to prove that they don’t need it.

Forgive my use of silly rhetoric: I’m sure you agree that more data is good! Here’s what I propose, since you cared enough to voice your opinion: let’s worth together to narrow the performance gap. I’ve got a handful of optimization opportunities, and you know the backend better than I do. Once we’ve addressed the issues we know about, I’m sure other types of codebases will surface other performance issues, let’s address those too.

Once people who think they need zero initialization are proven wrong though compiler optimizations, we can deprecate (and eventually remove / repurpose) the flag. If they’re not proven wrong… we’ll have learned something.

Sounds fair?

More information about the cfe-dev mailing list