[cfe-dev] Feature/opinion request

Matthieu Monrocq matthieu.monrocq at gmail.com
Thu Oct 11 10:58:35 PDT 2012


On Thu, Oct 11, 2012 at 6:08 PM, Jordan Rose <jordan_rose at apple.com> wrote:

>
> On Oct 11, 2012, at 4:39 , David Chisnall <David.Chisnall at cl.cam.ac.uk>
> wrote:
>
> > On 11 Oct 2012, at 08:04, Unai Landa wrote:
> >
> >> Hello, I have the idea of a flag that emulates D behavior on variable
> initialization, I mean initialize all members to 0 by default, and allow
> explicit modify this behavior on performance sensitive code.
> >>
> >> I think this could be an interesting compilation flag or pragma.
> >>
> >> What's your opinion?
> >
> > I quite like this idea as a language feature, but it has limited use as
> a compiler-specific extension.  You can't write code that relies on this
> behaviour without becoming completely compiler-dependent, and it will hide
> bugs that will appear with other compilers.  Given the reality of C, I'd
> prefer improvements to the used-uninitialised warnings, if there are any
> cases that they still miss.
> >
> > Adding = 0 to a declaration is not much effort if required, and it's
> often useful to have a variable in an undefined state at the start so that
> the compiler can check that it is initialised in every code path.  It's
> easy for a default initialisation to accidentally propagate when it isn't
> intended.
>
> This does seem like something a tool could do, though. Normally we have
> the '= 0' fixit on a note for -Wuninitialized; maybe we could have a mode
> where that particular fixit is applied anyway? (An extension to
> 'clang-check -fixit'?)
>
> Just throwing out ideas!
> Jordan
>
>
I agree with David though, the problem of uninitialized integrals is that
they do not have any sentinel values (unlike pointers, by the way, for
which null initialization never hurts).

If you ever set a default, then you lose the capability of the compiler to
tell you that the default may leak outside the current scope, because as
far as the compiler is concerned this default is a perfectly reasonable
value to have for an integer.

In other words, you are just trading technical automatically detectable
defects for functional hidden ones.

I find it much easier to run with `-Wmaybe-uninitialized` on. And in the
cases it's missed, I'd prefer for debug builds to stop zero-initializing
everything and let the software crash... that's what debug builds are for!

-- Matthieu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20121011/426be5f7/attachment.html>


More information about the cfe-dev mailing list