> On Aug 8, 2023, at 9:01 AM, Jakub Jelinek via Gcc-patches
> <gcc-patches@gcc.gnu.org> wrote:
>
> On Tue, Aug 08, 2023 at 02:52:57PM +0200, Richard Biener via Gcc-patches
> wrote:
>> There's probably external tools to do this, not sure if we should replicate
>> things in the driver for this.
>>
>> But sure, I think the driver is the proper point to address any of such
>> issues - iff we want to address them at all. Maybe a nice little
>> google summer-of-code project ;)
>
> What I'd really like to avoid is having all compiler bugs (primarily ICEs)
> considered to be security bugs (e.g. DoS category), it would be terrible to
> release every week a new compiler because of the "security" issues.
Indeed. But my answer would be that such things are not DoS issues. DoS means
that an external input, over which you have little control, is impairing
service. In the case of a compiler, if feeding it bad source code X.c causes
it to crash, the answer is "well, then don't do that".
paul
