On Sat, Oct 18, 2014 at 03:29:51PM +1100, teor wrote:
- Some compilers for weird old hardware have never been upgraded to
even rudimentary C99 support, and trying to build code with those weird old compilers is a good way to expose some bugs. I sympathize with this too: there was one guy who would always compile new versions of Tor on his old Irix boxes, and he always turned up a new warning or two when he did.
Static analysers, better compiler warnings, and runtime checks are starting to fill the role previous occupied by obscure systems. And mobile/embedded platforms help with this too :-)
I think we may be able to compensate for lack of C89 support for old compilers, by using a combination of coverity, clang --analyze, gcc/clang -ftrapv , and clang -fsanitize=undefined-trap -fsanitize-undefined-trap-on-error.
Oh, and unit tests :-)
Theo de Raadt [1]:
"The answer to that is not news.
On a regular basis, we find real and serious bugs which affect all platforms, but they are incidentally made visible on one of the platforms we run, following that they are fixed. It is a harsh reality which static and dynamic analysis tools have not yet resolved.
Now, If you don't realize this is the reason we try to run on the older platforms..."