From: "Michał Górny" <mgorny@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Changing policy about -Werror
Date: Sun, 09 Sep 2018 18:11:40 +0200 [thread overview]
Message-ID: <1536509500.863.0.camel@gentoo.org> (raw)
In-Reply-To: <79F8E956-12C7-4C96-A029-106B785294B3@gentoo.org>
[-- Attachment #1: Type: text/plain, Size: 2393 bytes --]
On Sun, 2018-09-09 at 11:22 -0400, Richard Yao wrote:
> > On Sep 9, 2018, at 7:32 AM, Andrew Savchenko <bircoph@gentoo.org> wrote:
> >
> > Hi!
> >
> > Our current -Werror policy demands unconditional removal:
> > https://devmanual.gentoo.org/ebuild-writing/common-mistakes/index.html#-werror-compiler-flag-not-removed
> >
> > I think this is wrong, see bugs 665464, 665538 for a recent
> > discussion why.
> >
> > My point is that in *most* cases -Werror indeed should be removed,
> > because upstream rarely can keep up with all possible configure,
> > *FLAGS, compiler versions and arch combinations. But! In some cases
> > — especially for security oriented software — this flag may be
> > pertain and may be kept at maintainer's discretion.
> >
> > The rationale is that -Werror usually points to dangerous
> > situations like uninitialized variables, pointer type mismatch or
> > implicit function declaration (and much more) which may lead to
> > serious security implications.
> >
> > So, if maintainer has enough manpower to support this flag, we
> > should allow to keep it. Of course if it will cause long-standing
> > troubles (e.g. bugs opened for a long time) QA should have power to
> > remove it or demand its removal.
> >
> > So my proposal is:
> >
> > 1) Deprecate QA policy with unconditional demand of -Werror removal.
> > 2) Add to devmanual's chapter on -Werror an exception clause about
> > security-oriented software and maintainer's right to make final
> > decision.
>
> -Werror has caught bugs that could have resulted in data loss in ZFS in the past thanks to it being built in userspace as part of zdb. So it is useful for integrity too, not just security (although arguably, integrity is part of security).
>
> Currently, sys-fs/zfs turns on -Werror when USE=debug is set. So far, nobody has complained about USE=debug enforcing -Werror. USE=debug by definition ought to be an exception.
Now that you know that you're violating a policy, please kindly fix
that.
> Perhaps we could have another USE flag for -Werror where it is a security feature. e.g. USE=strict-compile-checks
Perhaps people could learn that Gentoo lets them alter CFLAGS, and stop
inventing USE flags for every flag the compiler supports.
> >
> > Best regards,
> > Andrew Savchenko
>
>
--
Best regards,
Michał Górny
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 963 bytes --]
next prev parent reply other threads:[~2018-09-09 16:11 UTC|newest]
Thread overview: 119+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-09 11:32 [gentoo-dev] Changing policy about -Werror Andrew Savchenko
2018-09-09 13:03 ` Thomas Deutschmann
2018-09-09 15:02 ` Andrew Savchenko
2018-09-09 16:32 ` Ulrich Mueller
2018-09-09 17:18 ` Richard Yao
2018-09-09 15:11 ` Jeroen Roovers
2018-09-09 15:22 ` Richard Yao
2018-09-09 16:11 ` Michał Górny [this message]
2018-09-09 17:09 ` Richard Yao
2018-09-09 17:24 ` Richard Yao
2018-09-09 17:13 ` Richard Yao
2018-09-12 20:28 ` Andreas K. Huettel
2018-09-12 21:54 ` Richard Yao
2018-09-10 14:19 ` Fabian Groffen
2018-09-10 21:18 ` Chí-Thanh Christopher Nguyễn
2018-09-10 21:44 ` Richard Yao
2018-09-10 21:42 ` Richard Yao
2018-09-09 16:31 ` Michał Górny
2018-09-09 23:46 ` Chí-Thanh Christopher Nguyễn
2018-09-10 7:45 ` Jason Zaman
2018-09-10 20:34 ` Chí-Thanh Christopher Nguyễn
2018-09-10 20:51 ` Matt Turner
2018-09-10 20:56 ` Kristian Fiskerstrand
2018-09-10 20:59 ` Mart Raudsepp
2018-09-10 21:26 ` Chí-Thanh Christopher Nguyễn
2018-09-10 21:43 ` Richard Yao
2018-09-10 21:01 ` Kristian Fiskerstrand
2018-09-10 21:01 ` Mike Gilbert
2018-09-10 21:04 ` Kristian Fiskerstrand
2018-09-10 21:10 ` Kristian Fiskerstrand
2018-09-11 0:50 ` Thomas Deutschmann
2018-09-10 21:31 ` Rich Freeman
2018-09-10 21:33 ` Kristian Fiskerstrand
2018-09-10 21:58 ` Mike Gilbert
2018-09-10 21:19 ` Chí-Thanh Christopher Nguyễn
2018-09-10 21:21 ` Kristian Fiskerstrand
2018-09-10 21:27 ` Kristian Fiskerstrand
2018-09-10 21:48 ` Richard Yao
2018-09-10 21:52 ` Richard Yao
2018-09-10 21:35 ` Chí-Thanh Christopher Nguyễn
2018-09-10 21:41 ` Kristian Fiskerstrand
2018-09-12 8:56 ` Jason Zaman
2018-09-12 14:50 ` Rich Freeman
2018-09-12 16:47 ` Mike
2018-09-13 11:25 ` Ulrich Mueller
2018-09-13 13:29 ` Mike
2018-09-13 13:35 ` Rich Freeman
2018-09-13 13:39 ` Mike
2018-09-13 14:06 ` Ulrich Mueller
2018-09-12 22:55 ` Thomas Deutschmann
2018-09-12 23:03 ` Rich Freeman
2018-09-12 23:52 ` Matt Turner
2018-09-13 0:11 ` Rich Freeman
2018-09-13 0:46 ` Matt Turner
2018-09-13 15:51 ` Fabian Groffen
2018-09-13 15:56 ` Alon Bar-Lev
2018-09-13 16:20 ` Fabian Groffen
2018-09-13 17:58 ` Alon Bar-Lev
2018-09-14 0:41 ` Georg Rudoy
2018-09-12 23:47 ` Chí-Thanh Christopher Nguyễn
2018-09-13 11:36 ` Richard Yao
2018-09-13 16:03 ` Fabian Groffen
2018-09-13 23:12 ` Richard Yao
2018-09-13 23:21 ` Matt Turner
2018-09-14 0:44 ` Richard Yao
2018-09-14 0:54 ` Georg Rudoy
2018-09-14 17:09 ` Richard Yao
2018-09-14 3:35 ` Matt Turner
2018-09-14 15:54 ` Richard Yao
2018-09-14 23:07 ` Sergei Trofimovich
2018-09-14 23:27 ` Richard Yao
2018-09-21 22:33 ` Chí-Thanh Christopher Nguyễn
2018-09-22 5:57 ` Alon Bar-Lev
2018-09-14 17:47 ` Richard Yao
2018-09-14 17:58 ` Richard Yao
2018-09-13 15:48 ` Fabian Groffen
2018-09-09 17:50 ` Michael Orlitzky
2018-09-10 0:30 ` Rich Freeman
2018-09-09 20:47 ` Matt Turner
2018-09-10 0:13 ` Chí-Thanh Christopher Nguyễn
2018-09-11 6:15 ` Andreas K. Huettel
2018-09-11 9:44 ` Alon Bar-Lev
2018-09-12 23:32 ` Chí-Thanh Christopher Nguyễn
2018-09-13 0:09 ` Rich Freeman
2018-09-13 16:07 ` Fabian Groffen
2018-09-13 21:34 ` Sergei Trofimovich
2018-09-14 16:40 ` Alon Bar-Lev
2018-09-14 17:16 ` Richard Yao
2018-09-14 17:22 ` Alon Bar-Lev
2018-09-14 17:26 ` Rich Freeman
2018-09-14 17:33 ` Michał Górny
2018-09-14 17:48 ` Alon Bar-Lev
2018-09-14 17:53 ` Michał Górny
2018-09-14 18:00 ` Alon Bar-Lev
2018-09-14 17:52 ` Rich Freeman
2018-09-14 19:29 ` Michael Orlitzky
2018-09-14 19:58 ` Richard Yao
2018-09-14 20:20 ` Michael Orlitzky
2018-09-14 20:29 ` Rich Freeman
2018-09-14 21:02 ` Fabian Groffen
2018-09-14 21:07 ` Alon Bar-Lev
2018-09-14 21:28 ` Fabian Groffen
2018-09-14 21:46 ` Alon Bar-Lev
2018-09-14 22:45 ` Fabian Groffen
2018-09-14 22:14 ` Richard Yao
2018-09-14 22:58 ` Alon Bar-Lev
2018-09-14 22:11 ` Richard Yao
2018-09-14 19:53 ` Sergei Trofimovich
2018-09-14 20:15 ` Alon Bar-Lev
2018-09-14 23:43 ` Sergei Trofimovich
2018-09-12 23:35 ` [gentoo-dev] acceptable alternatives to -Werror, was: " Chí-Thanh Christopher Nguyễn
2018-09-13 0:14 ` Rich Freeman
2018-09-13 0:23 ` Chí-Thanh Christopher Nguyễn
2018-09-13 0:34 ` Rich Freeman
2018-09-13 0:43 ` Chí-Thanh Christopher Nguyễn
2018-09-13 8:49 ` Mike Auty
2018-09-21 22:42 ` Chí-Thanh Christopher Nguyễn
2018-09-13 11:47 ` Richard Yao
2018-09-13 19:32 ` [gentoo-dev] " Nikos Chantziaras
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1536509500.863.0.camel@gentoo.org \
--to=mgorny@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox