►
From YouTube: C/C++ Compiler Options Best Practices (April 26, 2023)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
F
F
F
I,
try
to
avoid
doing
this,
but
I
have
a
doctor's
appointment.
A
checkup
and
I
check
up
that.
I
can't
move.
So
you
do
what
you
can
when
you
can,
when
you
must
bear.
F
There
It
Is
insert
Rim
shot
there
at
least
one
of
the
topics.
I
know
that
we're
going
to
be
talking
about
today
as
much
as
a
broader
topic.
F
I,
don't
need
to
see
something
to
to
have
the
discussion,
and
it
involves
a
number
of
flags
that
I
intend
to
propose
I'm,
hoping
to
convince
folks
of
my
viewpoint
or
I
hope
that
other
people
convince
me
that
my
viewpoint
is
wrong
and
I
will
learn
something
either
of
those
outcomes
is
awesome,
but
I
think
we
need
to
view,
hear
both
sides
of
the
story
and
some
sort
of
rough
consensus.
B
G
That's
actually
a
colleague
of
mine
who's
supposed
to
be
here,
but
I
can
I.
Can
that
started?
He
was
supposed
to
be
here,
I,
don't
know
why
so.
F
B
Yeah
exactly
I
think
that,
well
let
me
I
think
that
Gabriel
is
now
calling
his
colleague
so
maybe
in
the
meantime,
we
can
have.
A
B
Maybe
in
the
meantime
we
can
have
a
quick
look
at
the
other
open
open
issue
from
last
time.
So
we
had
this
GCC
Dash
V
section
where
there
were
some
some
comments
about
adding
adding
a
recommendation
for
doing
sort
of
explicit
flags
and
explicit
flags,
and
then
this
note
about
ordering
and
I
try
to
address
this
in
a
pull
request
for
this.
For
this
Randalls
Randall's
Fork
I,
don't
know
if
anyone
has
had
a
look
at
the
wording,
I
propose.
Do
we
have
any
comments
on
comments
on
that.
C
B
F
B
I
would
I
would
think
so
so
I
think
that
maybe,
like
the
risk
comes
more
from
that.
If
you
try
to
combine
options
like
this,
you
know
if
you
have
like
stack
protector,
strong
stack,
protect
track
protector.
All.
F
B
B
I
think
in
this
section,
like
the
maybe
sort
of
takeaway,
is
that
if
you
can
look
at
this
output
of
this
GCC
Dash
V
to
try
to
understand
in
which
order
they
occur
from
like
the
default
set
right.
So
you
can
try
to
avoid
issues,
but
then
maybe
if
there
are
sort
of
specific
specific
issues
on
specific
Flags,
maybe
that
should
go
into
their
specific
sections.
B
So
I
just
did
like
this
very
high
level,
very
high
level
statement
about
this
disorder,
but
yeah.
So
this
is
like
part
of
this
Randall's
Randolph
Branch.
Now,
so
we
can
have
a
look
at
that
offline.
G
Yeah,
just
an
update
once
we've
done
with
this
I
think
I'll
just
proceed
to
present
the
document.
F
G
Responding
to
also.
A
G
Let
me
see
if
I
can
share
that
so
right
now
it
is
in
a
in
a
doc
file.
But
of
course,
once
we
discussed,
we
like
the
idea,
we'll
turn
it
into
full
request.
You
know
fully
standard
format
share
this
thing.
Can
you
see
my
screen?
It's
yes,
yes,
yeah
trying
to
make
it
bigger,
but.
G
So
Microsoft
usually
has
the
same
concept:
absolute
boy,
similar
concept
to
a
binary
hardening
and
has
this
notion
of
sdl
that
it
recommends
to
its
customers,
including
internal
teams,
and
there
is
an
open
source
tool
called
Bean
scheme.
It's
on
GitHub
that
is
used
to
just
go
through.
G
You
know,
build
artifacts,
binaries,
pdb
files
and
and
so
forth,
trying
to
make
sure
that
all
the
the
policies
and
and
restrictions
are
are
followed
and
it
has
been
used
for
a
very
long
time
in
the
company
long
before
I
had
joined
it's
it's
all
open
source.
The
rules
also
documented
on
on
GitHub
and
and
the
tool
can
tell
you
very
specifically
which
sorry
the
tool
can
tell
which
rules
are
not
being
followed.
So
you
have
categories
of
error
categories,
and
then
you
have
warning
categories.
G
So
errors
are
things
that
need
absolutely
need
to
be
fixed
before
shipping
in
any
product,
and
warnings
are
things
that
the
tool
is
not
quite
sure
getting
right.
So
it
requires
a
bit
more
attention
and
and
Care
needs
to
be
exercised
before
fixing
them.
You
know,
and
so
that's
kind
of
lower
confidence.
G
You
know
in
violation
there
so
in
terms
of
compiler
flags
and
and
it
it
and
and
safety
I.
Don't
for
example,
last
week
we
talked
about
having
a
bound
checking
in
in
C
plus
plus
we
Define
minus
the
GBC
plus
bias
assertions.
The
recommendation
from
Microsoft
is,
of
course
doing
that,
but
actually
use
the
what
we
call
the
C
plus
plus
core
guideline
support
library
that
provides
those
Bond
checking
for
continuous.
G
You
know,
containers,
vectors
and
and
so
forth,
so
you
don't
have
to
Define
it
online.
You
have
to
use
those
those
types
and
you
have
static
Checkers
that
tell
you
exactly
when
to
use
this
sorry.
F
Yeah
I
mean
the
comments
about
using
the
C
plus
plus
classes
that
do
automatic
bounce
checking.
Make
sense
to
me
that
that
requires
you
to
use
C
plus
plus,
if
you're
using
Straight
C.
That's
obviously
not
going
to
work
so
I'm
guessing
that
at
some
point,
Microsoft
says:
if
I
recall
correctly,
it
slash
GS.
G
There
is
more
to
this
than
the
two
pages
document
that
this
is
more
of
a
high
level
summary
than
a
detail
set
of
roles:
yeah
it's
if
you're
using
CNN
or
a
bunch
of
other
stuff
that
you
need
to
to
follow.
If
you're
using
simple
splice,
then
you
know
push
in
for
people
to
use
these
libraries
that
are
you,
know,
cross-platform
open,
false
available
and
and
so
forth.
G
Similarly,
if
you're,
using
C,
plus
plus,
we
rather
people
use
vector
and
string
as
opposed
to
manipulating
chart
stars
or
t
Stars
themselves,
so
you
have
automated
checking
for
the
parts
that
you
see.
If
you
want
to
manipulate
strings
like
string
from
strings.h,
the
the
recommendation
is
to
use
the
secure
version,
so
you
have
these
in
Annex
K
of
the
C11
Center.
You.
A
F
Committee,
though,
I
thought
that
the
Microsoft
implementation
of
nxk
didn't
actually
comply
with
Annex
K
did.
G
So
there
are
a
couple
of
functions,
not
all
of
them.
A
couple
of
functions
that
have
the
the
signatures
switched
by
the
time
that
C11
finished
summarization.
G
Finishes
then
there
are
a
couple
of
of
functions,
have
their
signature
switch,
and
that
is
the
an
issue
that
we
need
to
address,
because
you
know
we
can't
tell
people
use
standard
and
then
provide
something.
That's
that
doesn't
doesn't
conform
to
those,
but
those
two
functions
they're
well
known
through
the
the
the
analysis
tools
and
they
will
check
them
for
you,
which.
F
G
G
Actually,
it
is
more
than
that,
so
this
is
the
general
idea.
There
is
no
pull
request
yet
right.
So
by
the
time
we
get
to
actually
create
the
put
request.
You
are
absolutely
right.
We
all
have
to
go
and
very
specifically
say
this
is
the
danger.
You
know
this
is
confusion,
and-
and
this
is
these
are
the
NXT
functions-
yeah,
absolutely,
okay,
yeah!
G
So
again,
this
is
just
the
high
level
view
of
what
we
we
would
like
to
see
and,
and
once
we
have
some,
you
know
consensus
there
all
get
into
the
detailed
pull
request,
production
and
review
similarly
for
arithmetic
operations.
Again
this
is
more
of
C
plus
less
than
C.
Then
there
is
a
a
library
called
safe,
int
that
recommend
people
to
use.
G
Similarly,
in
terms
of
dependencies,
the
the
bean
scheme
actually
goes
in
and
automatically
pour
all
the
dependencies
then
and
the
flag
that
we
used
to
to
compile
those
those
binaries
and
and
so
forth.
So
in
terms
of
compiler
switches,
so
all
the
pdbs
have
to
be
compiled
with
zh
sh-256,
debug
information.
You
want
the
compiler
version,
then
you
want
to
link
your
version.
It
similarly
have
way
to
include
dependencies
in
in
the
pdb.
G
I
think
not
long
ago,
dwarf,
5
or
6
can
remember,
actually
allowed
production
of
of
source
Link
in
122.
So
you
know.
G
It
is
a
different
format.
Capability
is
also
now
presence
in
in
dwarf,
so
there
is
I
would
say
for
basic
requirements
of
sdl.
There
is
a
switch
called
slash
sdl
that
enables
all
the
security
checks
that
are
required.
Everybody
is
supposed
to
to
to
use
this
for
Productions
and
then
additionally
get
to
use
bin
scheme
Tool,
to
go
and
and
and
for
additional
checks
from
the
binaries
production
perspective.
G
So
on
Windows
you
get
to
use
structure
exception,
handling,
that's
just
because
that's
what
the
operating
system
has
and
and
you
need
to
have
the
switch
safe
SCH.
Similarly,
we
have
buffer
buffer
checks,
have
Gs
position
and
you
have
same
thing
GCC
and
Clank.
Then
you
have
here
with
msgc
compiler.
G
Similarly,
you
have
a
code.
Full
integration
checks,
it's
on
the
same
CFI
that
is
implemented
in
GCC
and
Clank,
but
it
it's
quite
similar.
So
you
have
guard
you
know
various
versions
of
of
God,
just
just
one
an
example,
but
it
is
a
huge
list
of
things
there.
Similarly,
it
has
support
for
shadow
staff
on
the
architecture
that
support
them
and
again
for
exception,
handling
protecting
via
metadata.
G
Yes,
I've
got
there
that
allows
you
to
protect
against
hijacking
control
phone.
G
You
know,
data
execution
prevention
is,
you
know,
enabled
by
by
compiler
switch
NX
compact.
So
those
are
basically
the
component.
If
I
can
get
this
thing
and
and
then
the
last
bit
is
not
all
applications
need
this,
but
some
application
needs
to
have
protection
against
specter,
and
you
know
it
has
perfect
implications,
and
you
know
that
need
to
be
appropriately
vetted
by
policies
so
that
that
gives
you
a
high
level
view
of
what
the
set
of
things
that
would
like
to
to
suggest
in
future.
G
B
So,
there's
a
question
in
the
chat
from
sidesh
about
this
Bean
scheme.
So
it's
been
scheme
similar
to
unknobin
and
there
is
a
link
there.
Okay,
I'm.
G
H
To
do
more
than
just
track
Flags,
which
is
essentially
what
Adam
does
so,
it's
probably
different.
F
F
First
of
all,
just
as
a
quick
overall
comment,
I
I,
like
I,
really
do
like
the
idea
of
a
separate
document
for
the
Microsoft
compiler
Flags
related
things,
because
you
know
sea
lion
and
GCC.
Try
to
be.
You
know,
have
a
policy
of
trying
to
be
similar.
F
F
The
options
are
all
different,
so
that
makes
sense
the
one
the
thing
that
I
didn't
realize
that
you
also
had
was
this
list
of
recommendations
for,
like
you
know,
hey
if
you're
using
C
plus
plus
use
these
classes,
I
mean
if
we
can
have
a
longer
conversation
later,
but
I'm
wondering
if
maybe
that
might
be
useful,
pulled
out
and
separate,
because
my
guess
and
it
can
be
wrong.
This
is
I'd
like
to
hear
about
it.
My
guess
is
that
a
lot
of
that's
going
to
be
the
same
across
all
compilers
and
I.
F
G
Yeah
also
thanks
for
the
feedback,
yeah
40,
so
I
fully
agreed.
You
know
when
we
get
to
produce
the
the
the
PRN,
the
things
that
work
for
all
compilers
for
the
GSL,
for
example,
it
works
for
all
compilers.
You
know
we,
the
new
users
right
and
yeah
40
Flags
I
I,
do
agree
that
the
flag
spelling
is
different
from
clang
and
GCC.
G
G
All
compilers
can
just
be
found
in
one
place,
as
opposed
to
just
oh
well,
if
you're
using
this
weird
compiler
just
go
over
there
and
and
then
and
then
having
a
a
is
a
section
for
for
saying,
well,
client,
GCC
sure
this
these
notations
and-
and
here
is
what
what
would
you
say.
Otherwise,
you
know
I
think
they
don't
feel
like
you
know
you,
you
have
a
one
set
of
compility.
Whatever
is
kind
of
second
class,
which
is
kind
of
weird,
if
you
see
what
I
mean.
F
Got
it
got
it?
Okay,
yeah.
We
actually
have
cited
a
number
of
other
documents
to
try
to
do
the
same
sort
of
thing
and
one
that
does
cover
the
Microsoft
CC
plus
plus
compiler
of
compilers
does
exactly
that.
It
has.
G
A
G
Time
we
introduce
indirection
was
weird
we're
pushing
the
information
down
the
stack,
and
you
know
we're
all
programmers.
We,
we
know
how
it
works.
Okay,.
F
Yes,
but
but
okay,
yeah
I
I'm
good
with
that
I
I
was
much
more
worried
to
be
honest
about
the
trying
to
create
one
massive
table
where,
like
there's
a
column
for
GCC
and
C,
laying
and
in
the
same
table
column
for
the
Microsoft
ones,
and
that
would
require
like
exact
one-to-one
matching
I,
don't
think
it
I,
don't
think
it
it's
actually
true
and
I,
don't
think
we
need
to
try
to
make
it
true.
We
just
want
to
find
hey
for
this
compiler
situation.
What
are
the
best
options
for
you?
Yeah.
G
B
Yeah
I'm
also
wondering
that
are
there
sort
of
features
where
you
can
find
this
sort
of
like
one-to-one
mapping
right.
So
you
have
like,
for
instance,
this,
like
this
CET
compatibility,
which
presumably
is
very
similar
to
GCC,
like
with
GCC
and
sea
Lang,
does
because
it's
based
on
the
underlying
Hardware
feature
right,
but
then,
for
instance,
like
the
clock,
control
flow
guard
can
have
some
differences
to
like
C
language
implementation
of
of
CFI
right
and
then
it
might
also
be
sort
of
a
little
bit
misleading
to
try.
B
And
you
know
suggest
that
there
is
sort
of
like
a
quality
between
this.
If
there
is
like
actual
the
actual
differences
right.
So
I
guess
that
I
guess
that's.
For
each
of
these,
there
needs
to
be
sort
of,
like
a
judgment,
call
to
be
made.
B
That
is
it
like
a
sort
of
like
a
common
feature
that
we
already
have
a
section
for,
and
then
you
cover
just
like
what
the
what
the
sort
of
equivalent
option
is
in
the
Minecraft
compiler
or
whether
it
whether
it
actually
would
make
sense
to
sort
of
somehow
keep
the
micro
compiler
sort
of
completely
separate.
In
terms
of
the
document
organization,
but
then
then.
F
Right
and
I'm
arguing
for
the
latter,
because
trying
to
work
out
all
those
equivalences
and
send
me
equivalences.
You
know
I'm
thinking
that
the
normal
reader
isn't
a
compiler
Creator.
The
normal
reader
is
someone
who's
writing
software.
They
don't
care
what
the
option
option
equivalences.
Are
you
just
want
to
copy
paste
the
the
recommended
options
and
paste
it
into
their
build
environment?
Thank
you
very
much.
Yeah.
G
F
G
G
We
do
have
you
know
a
lot
of
software.
You
know
open
sources
done,
you
know
on
on
Linux
and
Mac,
but
a
lot
also
is
done
on
Windows
and
then
people
do
cross
platform
builds
right,
so
they
they
need
to
be
able
to
quickly
find
oh
control
for
integrity.
That's
what
I
need.
G
Oh
data
protection,
that's
what
I
need
and
I
suppose
to
constantly
juggling
between
different
documents,
so
yeah
and
I
don't
think
it
will
be
our
job
or
we
will
be
able
to
do
a
very
good
job
at
trying
to
describe
the
equivalence
or
where
they
differ.
I
mean
that
that's
a
job
that
I
can't
do
and
I
don't
think
any
of
us
should
be
required
of
doing.
F
Least,
what
I'm,
envisioning
I'm
sorry
go
ahead?
Go
ahead,
go
ahead.
David,
okay,
yeah
I
was
saying:
I
can't
see
what
other
folks
are
doing.
So
at
least
what
I'm
envisioning
is
two
sections
of
the
same
document.
Then
this
one
section
GCC
C,
laying
the
other
section
Microsoft
and
but
the
good
news
is,
if
they're
in
one
document,
it's
super
easy
to
link
from
one
to
the
other
and
be
able
to
say
hey,
there's
an
equivalent
over
here.
F
If
we
want
to
add
that
information
as
we
go,
but
if
there
are
two
separate
sections,
we're
not
forced
to
claim
equivalences
when
they're,
when
they're
a
little
dodgy
and
for
a
typical
user
who's
going
to
want
to
say
I'm
using
compiler
X,
please
give
me
the
list
of
stuff
to
do.
They
can
just
immedely
jump
there
and
get
the
stuff
to
do.
Is
it
is
that
am
I
understanding
correctly.
F
G
Please
go
ahead
yeah,
so
yeah
I
was
going
to
do
that,
but
Randall
has
hands
up
so
I
don't
want
to.
Oh.
C
F
I,
don't
know
that
the
Intel
one
is
going
to
be
separate
because
the
Intel
one
pretty
much
tries
to
follow
the
GCC
and
C
laying
ones
are
I
mean
you
know
down
to
exactly
what
they
do:
the
option,
syntax
and
the
functionality
and
so
on.
In
many
cases
the
Intel
compilers
don't
support
them,
but
if
they
do,
they
tend
to
be
the
same.
F
H
Supposed
to
be
helping
us
she's
on
our
side
on
Intel
and
I,
will
this
time
is
really
inconvenient
for
her,
so
I'm
going
to
try
to
get
with
her
out
of
band
and
see
if
we
can
do
some
asynchronous
review
and
suggesting
so
we
can
get
better
participation
from
Intel
side,
so
I
apologize
team.
B
Yeah-
that's
that's
all
that's
all
right,
but
so
so
it
it
seems
so.
I
was
also
I.
Also
just
wanted
to
comment.
Basically
what
David
was
saying
saying
earlier
that
that
that's
what
what
sort
of
we
have
as
a
tool
is
to
play
with
this.
B
This
sort
of
like
interlinking
the
document
right,
so
it
sort
of
somehow
would
seem
to
me
that
there
is
like
a
little
bit
of
like
a
consensus
around
this,
that
as
a
protection
within
the
same
document,
seems
to
be
like
the
best
best
alternative,
and
then
we
can
try
to
create
this
interlinking
so
that
when
there
is
sort
of
potential
options
that
have
sort
of
strong
equivalences,
it
can
then
refer
to
that.
B
This
same
feature
is
in
the
Microsoft
compiler
or
the
same
features
in
the
is
in
the
ceiling
and
GCC
compilers
under
under
a
different
different
name
and
then
presumably
also
a
a
separate
table
in
the
beginning,
with
the
actual
recommended
or
recommended
options
and
I
think
that
we
have
sort
of
already
started
this
discussion
around.
B
Also
like
separating
so
right
now
we
only
have
like
the
we
have
like
sort
of
like
this
warning
table,
and
then
we
have
the
recommended
recommended
options
table,
but
I
think
that
there
is
also
also
sort
of
indications
that
we
should
sort
of
separate
the
recommended
options
into
like
something
which
maybe
becomes
then
recommended
options
for
GCC
line
and
then
other
tables
with
sort
of
other
options
of
interest,
but
which
aren't
necessarily
necessarily
strongly
recommended
so
I.
Think
in
that
sense,
I.
B
Don't
think
there
is
any
problem
with
having
like
a
separate
table
with
recommended
options
for
the
Microsoft,
compiler,
Microsoft
compiler
as
well
and
and
I,
guess
that
we
will
just
try
to
ensure
that
we
have
like
a
do
long
didn't
read
section
in
the
beginning.
That
gives
like
a
fairly
good
overview,
as
this
document
grows
ever
stronger,
but
I
think
it's
also
like
a
really
good
strength
to
sort
of
actually
try
and
combine
a
lot
of
this
information
into
the
same
document,
because
I
don't
think
there
is
I.
B
G
I,
actually,
like
the
work
you
did
earlier,
I
composed
the
message
that
haven't
sent
it
I'll
do
that
right
after
this
call
to
send
to
the
Superstar
Center
is
coming
and
say:
hey
when,
when
your
language
to
use
the
practically
requires
these
set
of
things
just
to
make
it
motherly
safe.
What
does
that
tell
you?
What
do
you
want
to
do
about
it?
So
I
I,
think
having
this
this
information
collect
at
one
place
is,
is
really
useful.
Thanks.
B
What
way
you
want
to
you
want
to
contribute
this
and
turn
this
into
concrete,
PR's
and
I.
I.
Think
that
we
should
maybe
sort
of
continue
on
to
this
topic
of
like
how
to
divide
this.
These
tables
right,
because
that's
that's
sort
of
where
we
left
that
left
this
discussion
at
the
last.
At
the
last
meeting,
where
we
were
specifically
discussing
this
David's
pull
request
for
the
F,
no
delete
null
pointer
checks,
which
was
a
bit
controversial,
I,
suppose
and
I
think
very,
very
sort
of
left.
B
It
was
that
we,
we
sort
of
had
this
feeling
that
there
should
be
a
separate
or
separate
table
for
I.
Think
what
the
current
suggestion
is
that
options
that
reduce
the
impact
of
a
vulnerability
but
also
height
problems,
either
be
better
to
fix
the
problem
which
editors
note.
Maybe
some
rewarding
yeah.
F
I
I,
yeah
I,
have
to
admit
I'm,
actually
very
confused
by
the
claim,
because
I
don't
even
think
it's
true.
They
hide.
The
vulnerability
implies
that
if
you
don't
use
this
option,
the
vulnerability
will
be
discovered,
and
we
did.
We
didn't
have
time
to
discuss
this.
So
maybe
this
is
a
good
time
to
switch
to
that
topic.
Or
are
we
moving
on
to
this
topic,
yeah
yeah?
F
So
so
this
that
claim
was
made
and
then
the
call
had
to
end
but
I
was
very
perplexed,
because
I
didn't
have
any
evidence
that
that
was
actually
the
case.
What
what
the
option
says
is
that
when
I
write
code,
it
will
generate
the
code
into
the
object
code,
even
if
otherwise
I
think
I
could
optimize
it
out,
but
it
doesn't
hide
any
vulnerabilities
it.
You
know
it
simply
enforces
the
running
of
code,
that's
written
in
the
source
code,
that's
not
hiding
at
all.
F
If
it
got
to
that
line
to
run
it,
it's
already
been
skipped
and
if
you've
got
a
tool
that
can
detect
it,
it
will
detect
it
regardless
of
the
option.
So
we
might
want
to
add
a
section
of
optional
things
like
that,
but
this
seems
like
a
terrible
candidate
for
it,
because
the
argument
isn't
true.
If
someone
can
show
me
where
that's
true
I'd
love
to
know
that.
G
So
the
the
so
the
claim
is
I
think
did
not
check
for
that
particular
line.
The
compiler
will
keep
it
usually.
What
happens
is
that
oh.
F
G
Thought
you're
finished:
go
ahead;
no
I
didn't
finish
it.
So
the
the
the
option
will
require
any
compiler
to
generate
the
null
check,
not
remove
it,
even
if
they
can
remove
it,
but
usually
that
null
tank
that
then
null
difference
word
actual
vulnerability
is
usually
happens
before
that
right
usually
happens
before
the
null
check.
A
B
I
I
think
in
the
I
think.
In
the
meantime,
we
can
maybe
sort
of
try
to
approach
this
a
little
from
another
angle,
because
I
think
that
there
wasn't
necessarily
much
objection
to
like
adding
these
options
into
the
guide
itself.
Okay,
now
he's
back:
okay,.
F
Yeah,
sorry
about
that
yeah
yeah,
no
yeah,
I,
I,
basically
I'm
I'm,
sorry
I
suddenly
got
pulled
off
yeah.
So
yes,
the
D
reference
can
occur.
Even
with
this.
With
this
option,
flag
on
the
point
of
the
flag
is
not
to
eliminate
all
vulnerabilities.
B
But
it's
like
a
more
of
a
question
that
we
may
need
a
different
category,
a
category
for
for
these
options,
because
I
I,
because
I
think
because
I
because
I
think
that,
like
in
the
end,
you
will
have
options
which
sort
of
in
the
end
are
going
to
be
a
question
of
question
of
judgments
and
different
opinions
right.
So
we
already
have
Now
comments
on
the
comments
on
the
in
one
of
these
pers.
On
like
this,
whether
we
should
recommend
recommend
this.
B
The
error
so
like
turning
on
turning
all
warnings
into
errors
right
and
I
think
that
there
are
these
options
that
can
be
can
be
fairly
said
that
it's
it's
sort
of
up
to
up
to
your
preference.
Yes
right
so
and
I
think
this.
This
kind
of
also
falls
into
that
category.
Right.
So
I
think
that
I
think
that
there
is.
F
In
fact,
you
know:
W
error
is
very
very
good
if
you
are
one
of
the
main
developers
with
a
using
a
particular
stable
compiler,
it's
terrible
to
include
when
you're
Distributing
Source,
because
you
don't
really
control
the
compiler
being
used
by
the
recipient.
So
I
would
agree.
F
That's
there
for
very
much
a
judgment
call,
but
the
reason
for
the
Judgment
call
is
because
it
depends
on
your
use
case
right,
I'm
a
little
confused
on
this
one,
because
under
what
use
case,
do
you
want
the
software
to
do
the
wrong
thing
and
and
increase
the
likelihood
of
vulnerabilities
I
can't
see
a
use
case
for
that.
G
I'm
not
actually
sure
it
is
about
what
in
the
software
does
the
wrong
thing,
so
we
so
I
agree.
We
all
want
to
harden
or
to
reduce
impact
right.
So
the
real
question
is
when
we
recommend
any
of
these
options,
we
we
kind
of
training
developers
pushing
them
on
a
certain
path
where
they
feel
like
if
they
turn
them
on
certain
classes
of
of
errors
or
no
eliminated
or
if
you're
not
eliminated.
The
impact
is
reduced.
G
F
Well
it
it
has
no
effect
on
whether
or
not
the
developer
does
so
I
I
guess,
I
guess.
The
question
here
is:
are
these
option
Flags
intended
for
developers
only
are
these
also
intended
for
operations
I'm,
assuming
that
these
option
flags
are
also
intended
for
operations,
and
it
would
be
very
unwise
for
developers
to
not
develop
software
to
develop
software
in
a
way
that
is
not
aware
and
generally
not
using
the
flags
used
in
operations
and
I
I
probably
should
give
a
little
context
here.
F
G
Yeah
and
even
if
you
actually
remember
last
time
we
discussed
these
I
was
like
yeah
for
OS,
like
you
really
want
to
have
this
thing
going
on
right,
so
I
think
I
agree
with
you
on
that.
You
want
context
that
you're
adding
here
is
like
you
know,
is
it
for
operations
or
is
it
just
for
for
developers
and
I?
Think
I
think
that
that
it's
in
a
additional
information
which
for
me
so
I,
wouldn't
call
it
a
judgment.
G
F
G
Obviously
I
I
know
so
I
I
agree,
but
you
know
in
the
context
of
Kernel
the
no
you
know
not
removing
null
check
is
like
you
know.
There
is
absolutely
no
debate
in
my
mind
because
in
fact,
the
kernel,
the
rules
that
the
econom
follows,
are
not
really
any
C
rules,
so
you
can't
apply
the
language,
see,
rules
to
kennel
and
then
and
not
expect.
You
know
disaster
to
happen
on
the
application
side.
Even
if
the
application
happens
to
to
be
deployed
in
operation.
It's
things
are
different
right.
G
I'm
arguing
against
the
the
option,
as
as
Thomas
pointed
out
early,
it
is
more
the
category
as
opposed
to
like.
Oh,
we
shouldn't
have
it
it's
more
about
aware
category
I
got.
B
C
To
jump
in
I
was
I
was
just
asking
for
a
better
clarification
of
operation,
because
I
understand
what
you
said:
David,
but
I
still
feel
to
a
certain
degree.
That
would
still
be
kind
of
a
developer
thing,
but
I
do
agree.
There
is
an
operational
standpoint
there
like
like
Crow's,
saying
operational
considerations.
I
do
agree
like
there.
There
is
an
operation
like
what
you're
saying
is
correct,
but
I'm
still
a
little
confused
as
to
where
the
line
between
operational
and
developer
gets
drawn.
F
Okay,
when,
when
I
say
Opera
when
I
say
developer
versus
operation.
Well,
when
I,
when
I
say
developer,
I
mean
basically
I'm
sitting
down
I'm
trying
to
modify
the
code
I'm
debugging
the
code
there
I'm
in
my
development,
Camp,
okay
as
soon
as
I,
say:
oh
I'm,
going
to
take
this
software
and
run
it
on
real
data
and
try
to
actually
use
the
software
we're
now
in
operations.
It
has
nothing
to
do
with
curl
mode
or
not.
F
It
has
to
do
with
whether
or
not
there's
a
customer,
okay
and
and
I
actually
do
agree
with
you
that
there's
a
whole
lot
of
differences
between
C
use
for
curl
development
and
cus
for
applications.
I,
don't
think,
there's
one
of
them
by
the
way,
because
no
pointer
problems
are
notorious
actually
across
every
language
that
supports
nulls
noldy
references
are
notorious.
The
the
primary
purpose
of
the
Java
compiler
is
to
produce
no
reference.
Dereference
errors
occasionally
reduce
code
that
we're
works.
F
I
say
this
jokingly,
but
I
say
this
jokingly.
But
but
my
point,
though,
is
that
nobody
references
happen.
That's
just
in
C.
It's
a
really
common
mistake
to
make
across
many
languages.
For
reasons
I
think
we
all
understand,
and
so
basically
the
reason
to
turn
on
these
kinds
of
options
is
to
prevent
is
to
reduce
the
impact
or
problems
in
operations.
Now,
why
do
I
emphasize
operations,
because
every
time
the
developer
does
something
different
from
operations?
Now,
we've
got
something:
that's
a
bug
or
problem
that
the
developer
won't
see,
but
operations
will.
So.
F
Where
are
you
now?
You
know
you
debug,
if
some
bulls
and
so
on
got
it.
You
need
some
extra
symbols
during
development,
sometimes,
but
in
general
you
want
to
keep
your
development
environment
and
particular
test
environment
as
close
as
possible
to
operations
so
that
it
actually
will
work
in
operations.
B
We
also
have
a
comment
from
crop.
Should
we
consider
a
section
for
operations?
Operational
considerations
can
I
ask
for
a
clarification
there.
That
is,
it
kind
of
like
a
single
section
for
operational
considerations
in
general
or
and
section
like
this,
for
each
option
option
we
are
discussing.
H
F
It's
possible
but
again,
I,
think
that
will
be
unwise
in
this
case,
because
if
it's
not
in
development,
then
it
won't,
then
it
won't
be
tested
and
if
you're
not
testing
it
you're
creating
mystery
problems
in
production.
Sure
I
do
agree
with
you
that
adding
an
operational
section
might
be
useful.
I.
Don't
think
this
is
one
of
those
examples.
I
can't
think
of
any
cases
where,
in
development,
it's
okay
to
dereference
null
pointers,
that's
just
not
a
thing.
B
So
I
I,
let
you
I'll,
let
you
speak
in
a
moment.
Gabriel
I
just
wanted
to
jump
in
with
a
little
bit
of
another
point
of
view
here,
and
that
is
that
so
some
of
these
discussions,
I'm
having
with
the
developers
I'm
working
with,
is
that
what
they,
what
they
are
sort
of
hoping
from
like
this.
This
type
of
guidance
is
also
some
kind
of
idea
of
which
options
to
prioritize
right.
B
So
if
you
dump
like
a
huge
list
of
options
on
them,
they're
gonna
kind
of
get
a
little
bit
scared
and
they
need
to
sort
of
pull
off
resources
to
actually
test
each
of
these
options
in
separation
right
and
like
often
like.
How
do
you
actually
get
this
deployed
in
production
is
that
you
will
convince
them
to
deploy
them
in
testing
first
right
right.
B
B
Yeah
and
and
I
think
that's
sort
of
like
with
that
in
mind.
I
would
also
I.
I
would
personally
be
in
favor
of
having
like
a
separate
table
for
this.
Just
that
we
could
have
sort
of
like
a
little
bit
of
this
sort
of
separation
between
options.
We
feel
are
really
important
and
then
options
that
options
that
you
should
consider.
B
But
after
you
have
considered
a
really
really
important
ones
right,
also
to
avoid
having
like
a
massive
table
of
40,
40,
50
options
and
and
and
and-
and
this
is
also
like-
also
a
consideration
of
in
which
order
we
address
this
right
so
which
are
the
the
important
one
should
ideally
be
somewhere
in
the
beginning
of
the
document.
But
that's
that's
sort
of
maybe
what
how
I'm
would
also
sort
of
motivating
motivate
this
sort
of
as
a
a
little
bit
of
like
a
separation
between
what
goes?
B
G
G
Yeah
and
so,
and
the
other
thing
is
I
think
we
also
want
to
recommend
people
doing
fuzzing
because
of
how
the
this
particular
you
know,
optimization
interact
with
bunch
of
other
stuff
in
the
generated
code
like
when
you're
doing,
testing
and
doing
fuzzing.
This
is
the
sort
of
like
this
sort
of
vulnerability.
G
You
want
to
increase
the
chances
of
discovering
it
during
testing
and
fuzzing,
and
if,
if,
if
you,
if
you
enable
this
option,
you
decrease
the
chances
of
like
the
wrong
thing
happening
during
fuzzing
that
will
expose
the
problem
right
and
which
is
why
I
would
actually
not
purchase
it
at
all
during
fuzzing
and
testing
like
do
not
include
this
option
when
you're
doing
testing
and
causing
so
that
you
can
expose
the
you
know,
increase
the
chances
of
exposing
the
bad
behavior
and,
and
that
goes
back
to
what
Thomas
was
suggesting.
Sorry
Randall.
C
Foreign
I
had
a
question
for
David
and
also
for
you
Gabriel.
So
what
would
your
opinion
that
it's,
maybe
even
a
question
for
sedition,
also
Thomas
I,
guess
the
whole
group.
So
what
would
I
know
that
there
are
ways
of
enabling
Flags
by
default?
Would
that
be
an
operational
consideration,
or
is
that
like
to,
in
other
words
like,
if
you
had
options
that
you
wanted
to
make
sure
were
enabled
by
default?
You
didn't
want
to
keep
putting
the
flags.
C
I
know
that
GCC
has
a
way
of
like
just
compiling
GCC,
so
that
it
has
a
quote-unquote
default
profile,
which
we
talked
about
in
gccv
So
or
the
purpose
of
those
flags
up
for
the
operational
people,
so
that,
therefore
they
have
like
a
GCC
that
has
like
the
flags
that
they
need
to
like
have
working
always
on
and
therefore
they
don't
have
to
I'm.
Just
is
it
more
of
a
question
more
than
anything.
C
Because,
if
that's
the
the
case,
then
I
would
say
that
those
default
Flags
maybe
are
important
that
like,
if
you
have
a
certain
set
of
flags
that
you
always
want
to
have
on,
because
you
cannot
accept
software
that
does
not
comply
with
a
certain
set
of
rules.
Then
you
probably
should
just
compile
a
GCC
with
your
default
flags
on
and
never
worry
about.
It
is
that
my
my
understanding
that
correctly
or
am
I
missing
something
you.
F
Know
what
I
I
think
we're
starting
I
think
I'm
starting
to
see
the
the
arguments
on
this
and
I
think
what
we're
seeing
that
based
on
the
previous
comments-
and
it
me
it
makes
it
harder
to
deal
with
it.
That
way
you
described,
is
if
you're
doing
fuzzing.
There
is
one
set
of
options.
If
you're
doing
operations
and
testing
a
system
again
say
it's
functional
requirements,
you
want
a
different
set
of
options
and
in
fact
maybe
we
need
two
tables.
F
One
is
here
the
additional
options
when
fuzzing
to
increase
the
likelihood
of
detecting
a
problem
them
and
here's
the
options
you
want
to
use
during
normal
testing
and
during
operations,
because
you
want
to
minimize
the
likelihood
that
a
problem
surfaces
is
that.
Is
that
really
the
distinction
that
we're
going
for
here.
D
B
So
so,
if
I,
if
I
sort
of
understand
this
right,
what
what
we
now
call
this
recommended
compiler
options
table
is
actual
the
recommended
options
for
operations.
And
then
what
we
sort
of
want
to
add
is
a
recommended
options
for
testing
that
can
presumably
be
a
super
set
of
the
ones
for
operations.
And
perhaps
there
are
some
that
doesn't
actually
make
sense
for
testing
for
for
one
reason
from
for
one
reason
or
the
other,
but
we
have
to
then
with
the
specific
options.
F
Yeah
I
would
separate
Buzz
testing
from
other
testing
in
general.
You
never
want
to
test
the
software.
That's
in
it
has
a
byte
difference
from
the
thing
you're
going
to
field
and
operations,
because,
obviously
you
know
your
test
results
are
not
necessarily
valid.
They
exceptionally
for
fuzz
testing,
because
clearly
for
funds
testing,
you
want
to
make
it
more
likely
to
fail
than
normal,
so
I
guess
what
I
I
I
think
for
Simplicity
it'd
be
easier
to
list.
F
Here's
what
you're
going
to
use
for
operations
and
testing
of
your
operational
software
and
here's
the
separate
table,
because
I
think
everything
in
GCC
can
be
and
C
land
can
be
undone
by
adding
them
later.
So
I
think
you
could
add
a
table
of,
and
then
add
these
flags
that
undo
some
of
that
stuff
to
make
the
systems
more
likely
to
fail.
If
there's
a
problem-
and
that
gets
you
to
your
other
concern
about,
you
know
how
do
I
make
sure
it's
more
likely
to
fail.
B
We
didn't
have
time
for
this
time,
but
I
think
it's
time
to
call
it
call
it
a
day
or
but
thanks
everyone
for
a
really
good,
great
discussion.
This
time,
I
did
some
notes
on
your
presentation
Gabriel,
but
maybe
you
can
have
a
quick
look,
whether
I
make
sure
that
I
got
everything
right
and
I
also
try
to
summarize
this
discussion
now
now
after
a
meeting
but
thanks
everyone
for
attending
and
thank
you.
This
has
been
exceedingly
useful.