Re: Packaging of static libraries

[Ian Jackson <ijackson@chiark.greenend.org.uk>]

Vincent Lefevre writes ("Re: Packaging of static libraries"):
> On 2016-04-12 14:52:33 +0100, Ian Jackson wrote:
> > I'm afraid that LTO is probably too dangerous to be used as a
> > substitute for static linking.  See my comments in the recent LTO
> > thread here, where I referred to the problem of undefined behaviour,
> > and pointed at John Regehr's blog.
> 
> This is not specific to LTO at all. Other form of optimization can
> yield "non-working" code (not expected by the developers).

Yes, indeed.  But as I wrote before:

I worry that LTO will exacerbate this problem, by extending the
categories of technical non-compliance (with rules which are very
difficult to fully comply with) which are detected by compilers and
transformed into actual non-working code.

> Note that by default, shared libraries would still be used, so that
> this would affect only users with specific applications, who would
> want to optimize as much as possible.

This assumption, that someone using static libraries wants to
"optimizse as much as possible" (ie, that they would prefer a fast
non-working program to a slow working one) is completely unfounded.

> And code should also be tested with an UB sanitizer (which could
> possibly enabled by default in cases where it is shown that it does
> not slow things down[*]); this would allow one to detect most UB
> related bugs.

IMO we should be compiling almost all our code with what you are
calling `UB sanitisation' and what I would call `traditional
semantics'.

Ian.