This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: US-CERT Vulnerability Note VU#162289

Florian Weimer wrote:
* Robert C. Seacord:

i agree that the optimization is allowed by C99.  i think this is a
quality of implementation issue,  and that it would be preferable for
gcc to emphasize security over performance, as might be expected.


I don't think this is reasonable.  If you use GCC and its C frontend,
you want performance, not security.


I find this a *VERY* dubious claim, in my experience VERY few users
are at the boundary where small factors in performance are critical,
but MANY users are definitely concerned with security.

To me, dubious optimizations like this at the very least should
be optional and able to be turned off. one of the troubles with gcc
is that performance is so horrible at -O0 (space being a bigger issue
than speed in most cases), that you really have to specify at least
-O1 and to me at -O1 the default should be to minimize surprising
optimizations like this one.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]