| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Oct 2006 18:19:19 +0200 From: Jörn Engel <joern@...nheim.fh-wedel.de> To: Jeff Garzik <jeff@...zik.org> Cc: Randy Dunlap <rdunlap@...otime.net>, Linux Kernel <linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...l.org> Subject: Re: Announce: gcc bogus warning repository On Sun, 1 October 2006 13:20:45 -0400, Jeff Garzik wrote: > > If you have to grep useful stuff out of the noise, you've already lost. My initial thought was to agree. And I still almost agree with this statement. Almost, because every so often, it makes sense to see a shipload of warnings and manually weed through them all. 99% will be false positives, but there is the remaining 1% indicating real bugs. Of course, once these have been dealt with, the warnings give 100% noise and 0% useful output. It is time to wait another year or four before enough bugs have accumulated to make it worth the effort again. That said, if you need to grep every day, you've definitely lost. Jörn -- Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface. -- Doug MacIlroy - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists