On Sun, 2018-09-09 at 11:22 -0400, Richard Yao wrote: > > On Sep 9, 2018, at 7:32 AM, Andrew Savchenko <birc...@gentoo.org> wrote: > > > > Hi! > > > > Our current -Werror policy demands unconditional removal: > > https://devmanual.gentoo.org/ebuild-writing/common-mistakes/index.html#-werror-compiler-flag-not-removed > > > > I think this is wrong, see bugs 665464, 665538 for a recent > > discussion why. > > > > My point is that in *most* cases -Werror indeed should be removed, > > because upstream rarely can keep up with all possible configure, > > *FLAGS, compiler versions and arch combinations. But! In some cases > > — especially for security oriented software — this flag may be > > pertain and may be kept at maintainer's discretion. > > > > The rationale is that -Werror usually points to dangerous > > situations like uninitialized variables, pointer type mismatch or > > implicit function declaration (and much more) which may lead to > > serious security implications. > > > > So, if maintainer has enough manpower to support this flag, we > > should allow to keep it. Of course if it will cause long-standing > > troubles (e.g. bugs opened for a long time) QA should have power to > > remove it or demand its removal. > > > > So my proposal is: > > > > 1) Deprecate QA policy with unconditional demand of -Werror removal. > > 2) Add to devmanual's chapter on -Werror an exception clause about > > security-oriented software and maintainer's right to make final > > decision. > > -Werror has caught bugs that could have resulted in data loss in ZFS in the > past thanks to it being built in userspace as part of zdb. So it is useful > for integrity too, not just security (although arguably, integrity is part of > security). > > Currently, sys-fs/zfs turns on -Werror when USE=debug is set. So far, nobody > has complained about USE=debug enforcing -Werror. USE=debug by definition > ought to be an exception.
Now that you know that you're violating a policy, please kindly fix that. > Perhaps we could have another USE flag for -Werror where it is a security > feature. e.g. USE=strict-compile-checks Perhaps people could learn that Gentoo lets them alter CFLAGS, and stop inventing USE flags for every flag the compiler supports. > > > > Best regards, > > Andrew Savchenko > > -- Best regards, Michał Górny
signature.asc
Description: This is a digitally signed message part
