| 1 |
On Sun, 2018-09-09 at 14:32 +0300, Andrew Savchenko wrote: |
| 2 |
> Hi! |
| 3 |
> |
| 4 |
> Our current -Werror policy demands unconditional removal: |
| 5 |
> https://devmanual.gentoo.org/ebuild-writing/common-mistakes/index.html#-werror-compiler-flag-not-removed |
| 6 |
> |
| 7 |
> I think this is wrong, see bugs 665464, 665538 for a recent |
| 8 |
> discussion why. |
| 9 |
> |
| 10 |
> My point is that in *most* cases -Werror indeed should be removed, |
| 11 |
> because upstream rarely can keep up with all possible configure, |
| 12 |
> *FLAGS, compiler versions and arch combinations. But! In some cases |
| 13 |
> — especially for security oriented software — this flag may be |
| 14 |
> pertain and may be kept at maintainer's discretion. |
| 15 |
> |
| 16 |
> The rationale is that -Werror usually points to dangerous |
| 17 |
> situations like uninitialized variables, pointer type mismatch or |
| 18 |
> implicit function declaration (and much more) which may lead to |
| 19 |
> serious security implications. |
| 20 |
|
| 21 |
It may also point to a different coding style, user's flags (like |
| 22 |
clang's 'argument unused during X' warnings. Are you suggesting that |
| 23 |
upstream is going to detect all those situations and prevent them from |
| 24 |
occurring, or are you going to WONTFIX the resulting bugs? |
| 25 |
|
| 26 |
> |
| 27 |
> So, if maintainer has enough manpower to support this flag, we |
| 28 |
> should allow to keep it. Of course if it will cause long-standing |
| 29 |
> troubles (e.g. bugs opened for a long time) QA should have power to |
| 30 |
> remove it or demand its removal. |
| 31 |
|
| 32 |
What you're saying basically boils down to 'it's fine that the package |
| 33 |
randomly fails to build if somebody will fix it'. However, some people |
| 34 |
actually use Gentoo on real systems and really prefer when things |
| 35 |
*build*. While resolving warnings etc. is usually a worthwhile goal, |
| 36 |
not at the cost of having users repeatedly hit failures, have to report |
| 37 |
bugs about them and wait for the maintainer to fix them. |
| 38 |
|
| 39 |
Not to mention that those fixes only work for new versions, |
| 40 |
and therefore this whole idea turns downgrading (however undesirable you |
| 41 |
might consider it) into a pointless effort of chasing old warnings. |
| 42 |
|
| 43 |
This is just another example of writing programs for a single toolchain, |
| 44 |
and adding more hacks every time someone tests with another one. |
| 45 |
|
| 46 |
-- |
| 47 |
Best regards, |
| 48 |
Michał Górny |
Archives