1 |
On Sun, 2018-09-09 at 14:32 +0300, Andrew Savchenko wrote: |
2 |
> Hi! |
3 |
> |
4 |
> Our current -Werror policy demands unconditional removal: |
5 |
> https://devmanual.gentoo.org/ebuild-writing/common-mistakes/index.html#-werror-compiler-flag-not-removed |
6 |
> |
7 |
> I think this is wrong, see bugs 665464, 665538 for a recent |
8 |
> discussion why. |
9 |
> |
10 |
> My point is that in *most* cases -Werror indeed should be removed, |
11 |
> because upstream rarely can keep up with all possible configure, |
12 |
> *FLAGS, compiler versions and arch combinations. But! In some cases |
13 |
> — especially for security oriented software — this flag may be |
14 |
> pertain and may be kept at maintainer's discretion. |
15 |
> |
16 |
> The rationale is that -Werror usually points to dangerous |
17 |
> situations like uninitialized variables, pointer type mismatch or |
18 |
> implicit function declaration (and much more) which may lead to |
19 |
> serious security implications. |
20 |
|
21 |
It may also point to a different coding style, user's flags (like |
22 |
clang's 'argument unused during X' warnings. Are you suggesting that |
23 |
upstream is going to detect all those situations and prevent them from |
24 |
occurring, or are you going to WONTFIX the resulting bugs? |
25 |
|
26 |
> |
27 |
> So, if maintainer has enough manpower to support this flag, we |
28 |
> should allow to keep it. Of course if it will cause long-standing |
29 |
> troubles (e.g. bugs opened for a long time) QA should have power to |
30 |
> remove it or demand its removal. |
31 |
|
32 |
What you're saying basically boils down to 'it's fine that the package |
33 |
randomly fails to build if somebody will fix it'. However, some people |
34 |
actually use Gentoo on real systems and really prefer when things |
35 |
*build*. While resolving warnings etc. is usually a worthwhile goal, |
36 |
not at the cost of having users repeatedly hit failures, have to report |
37 |
bugs about them and wait for the maintainer to fix them. |
38 |
|
39 |
Not to mention that those fixes only work for new versions, |
40 |
and therefore this whole idea turns downgrading (however undesirable you |
41 |
might consider it) into a pointless effort of chasing old warnings. |
42 |
|
43 |
This is just another example of writing programs for a single toolchain, |
44 |
and adding more hacks every time someone tests with another one. |
45 |
|
46 |
-- |
47 |
Best regards, |
48 |
Michał Górny |