On Mon, Jul 04, 2022 at 05:49:13PM +0200, Alexander Potapenko wrote: > One of the reasons to do so is standard compliance - passing an > uninitialized value to a function is UB in C11, as Segher pointed out > here: https://lore.kernel.org/linux-toolchains/20220614214039.GA25951@xxxxxxxxxxxxxxxxx/ > The compilers may not be smart enough to take advantage of this _yet_, > but I wouldn't underestimate their ability to evolve (especially that > of Clang). GCC doesn't currently detect this UB, and doesn't even warn or error for this, although that shouldn't be hard to do: it is all completely local. An error is warranted here, and you won't get UB ever either then. > I also believe it's fragile to rely on the callee to ignore certain > parameters: it may be doing so today, but if someone changes > step_into() tomorrow we may miss it. There isn't any choice usually, this is C, do you want varargs? :-) But yes, you always should only pass "safe" values; callers should do their part, and not assume the callee will do in the future as it does now. Defensive programming is mostly about defending your own sanity! Segher
