Path: csiph.com!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Tim Rentsch Newsgroups: comp.lang.c Subject: Re: Is C ready to become a safer language? Date: Sat, 10 Feb 2024 22:21:32 -0800 Organization: A noiseless patient Spider Lines: 65 Message-ID: <86jznb4j2r.fsf@linuxsc.com> References: <86eddl5bag.fsf@linuxsc.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Injection-Info: dont-email.me; posting-host="1ce827b2c1f707254225ffc493068bf5"; logging-data="629636"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/112jXOCY7stVhvTwoY8owyuTXJ/aqbMQ=" User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.4 (gnu/linux) Cancel-Lock: sha1:06KPX8Ra69t13/oFfiDZPFwzQ3c= sha1:ofuXJy7ijGtAWE9IFcD6qU7aLyk= Xref: csiph.com comp.lang.c:382311 bart writes: > On 10/02/2024 01:59, Tim Rentsch wrote: > >> bart writes: >> >> [...] >> >>> This is something which has long been of fascination to me: how >>> exactly do you get a C compiler to actually fail a program with a >>> hard error when there is obviously something wrong, while not also >>> failing on completely harmless matters. >> >> I think the answer is obvious: unless and until you find someone >> who works on a C compiler and who has exactly the same sense that >> you do of "when there is obviously something wrong" and of what >> conditions fall under the heading of "completely harmless matters", >> and also the same sense that you do of how a C compiler should >> behave in those cases, you won't get exactly what you want unless >> you do it yourself. > > Take this function: > > void F() { > F(); > F(1); > F(1, 2.0); > F(1, 2.0, "3"); > F(1, 2.0, "3", F); > } > > Even if /one/ of those calls is correct, the other four can't be > possibly be correct as well. > > Is there anyone here who doesn't think there is something obviously wrong? > > How about this one: > > #include > int main(void) { > int a; > L1: > printf("Hello, World!\n"); > } > > Ramp up the warnings and a compiler will tell you about unused 'a' and > L1'. Use -Werror and the compilation will fail. > > Is there anyone here who thinks that running this program with those > unused identifiers is not completely harmless? In both cases the answer is, It depends. There are scenarios where I would want the first example to compile successfully and without any complaints. There are other scenarios where I would want the second example to be given fatal errors during compilation. Good compilers provide a range of options, knowing that different circumstances call for different compilation outcomes. Even if you want the same set of error and warning conditions in every single compile that you do, other people don't. So you better get used to the idea of setting the various options the way you want them, or else write your own compiler and discover that no one else will use it because it doesn't offer any way to select the particular sets of choices they need for the various compilation scenarios that are important to what they're doing.