Hi Paul, Paul Eggert <eggert@xxxxxxxxxxx> writes: > On 12/11/23 07:55, David A. Wheeler wrote: >> Will the latest version of autoconf work by default when the compiler has >> these options enabled?: >> -Werror=implicit-int >> -Werror=implicit-function-declaration > > Although it'll be helpful for Autoconf to work by default with those two > options, it's not essential because it's bad advice for builders to *configure* > with all the options suggested in "Compiler Options Hardening Guide for C and > C++"[1]. The advice should merely be to *build* with those options. These options tell compilers to work as the C standard requires. They will soon not be flags that need to be added explicitly. See: https://inbox.sourceware.org/87ttp3tek1.fsf@xxxxxxxxxxxxxxxxxxxxxxxx/ The lack of these flags by default has been a great deterioration in the quality of the C language as well as the ability to teach beginner programmers C. The fact that our compilers permitted this purely undesirable behavior in spite of the standard, or even basic sanity, is a shame. > This is because the recommended options include controversial ones like > -Wconversion that can be harmful in C code. The only way to pacify -Wconversion > is to complicate the code by inserting casts that can lower code safety and > quality. Even Gnulib, which goes far beyond [1] in recommending warning > options, disables -Wconversion. I'm not sure I agree that handling real lossy conversions lowers code quality, but this flag is not a behavior required by the standard, so I suppose not assuming it is OK. > For controversial options like -Wconversion we shouldn't expect 'configure' > scripts to pacify compilers in all cases. And since we shouldn't expect that, > we shouldn't recommend builders to use all the options in [1] when configuring. > > [1]: > https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++ Thanks, have a lovely day. -- Arsen Arsenović
Attachment:
signature.asc
Description: PGP signature
