There are places that will pay bounties on even very flimsy reports to avoid the press / perception that they aren't responding to researchers. But that's only going to remain as long as a very small number of people are doing this.

It's easy for reputational damage to exceed $1'000, but if 1000 people do this...

One might even call it reputational blackmail. "Give me $1000 for this invalid/useless bug report or I'll go to the most click-baity incompetent tech press outlets with how your product is the worst thing since ILUVYOU."

I think you are in the minority of people who use that phrase.

The complaint isn't about stating the source. The complaint is about asking for advice, then ignoring that advice. If one asks how to do something, get a reply, then reply to that reply 'but Google says', that's just as rude.

The big place where it happens in modern environments are for pointers to members, where 0 is a bad nullptr value because the member at index 0 is legitimately a thing you want to name. MSVC uses -1 for nullptr in such cases.

1. What empirical data we have suggests that the 'good suffix' rule engages fairly rarely; that's why the -Horspool variant wins most tests. (It isn't just that you don't have to build Delta2, it also saves a lot of comparisons in the algorithm itself for most inputs.) 2. Because the standard says this is the Boyer-Moore algorithm :D

He meant the original paper for calculating delta2 which was merely referenced by the original BM paper.

Sadly this seems to be the pattern for most everything coming from 'academia' ever.

You need a needle that triggers the problem, AND a haystack where the delta2 table matters, AND the algorithm to stop at a problematic index where it uses a bad delta2 value.

There's a reason the published version even in 'the papers' was wrong for 3 years.

We are unaware of any such bugs requiring such a suppression; please create a self contained repro and file an issue.

That’s the symbol truncation warning. IIRC, the suppression is no longer necessary because the compiler removed the warning completely.

>Now, can anyone ELI5 the high-level goal of this exception?

I am not a lawyer; this is my extremely limited understanding.

1. Normally the Apache license requires attribution, even in binary forms. We can't say "You said #include <string>, now you must staple this to all your binaries". libstdc++ has a similar exception to the GPL for the same reason: http://gcc.gnu.org/onlinedocs/libstdc++/manual/license.html

2. Keep GPL folks happy :)

The sources for debugging are included with the product; these sources are more or less the same as in $/VC/Tools/MSVC/ (version) /crt/src/stl