From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 3FA85138334 for ; Mon, 10 Sep 2018 14:19:37 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AAE24E0C95; Mon, 10 Sep 2018 14:19:33 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 560C1E0C75 for ; Mon, 10 Sep 2018 14:19:33 +0000 (UTC) Received: from gentoo.org (unknown [IPv6:2001:980:3ff0:64:5054:ff:fe0b:7015]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: grobian) by smtp.gentoo.org (Postfix) with ESMTPSA id 340A1335CDD for ; Mon, 10 Sep 2018 14:19:31 +0000 (UTC) Date: Mon, 10 Sep 2018 16:19:26 +0200 From: Fabian Groffen To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Changing policy about -Werror Message-ID: <20180910141926.GE23555@gentoo.org> Mail-Followup-To: gentoo-dev@lists.gentoo.org References: <20180909143221.21d784d02f51623e8c57c545@gentoo.org> <79F8E956-12C7-4C96-A029-106B785294B3@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="yEPQxsgoJgBvi8ip" Content-Disposition: inline In-Reply-To: <79F8E956-12C7-4C96-A029-106B785294B3@gentoo.org> User-Agent: Mutt/1.10.1 (SunOS 5.11, VIM - Vi IMproved 8.1) Organization: Gentoo Foundation, Inc. X-Archives-Salt: 0a08fe7a-aefc-41f2-94af-55b7da47b1dd X-Archives-Hash: 1519310fc2c8708727a427b7f5f9a06d --yEPQxsgoJgBvi8ip Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 09-09-2018 11:22:41 -0400, Richard Yao wrote: > -Werror has caught bugs that could have resulted in data loss in ZFS in t= he past thanks to it being built in userspace as part of zdb. So it is usef= ul for integrity too, not just security (although arguably, integrity is pa= rt of security). This is a misconception, as jer already pointed out. Instead: -Werror has forced you to take notice of problems that could have resulted in data loss in ZFS ... Also, consider that for -Werror to be "better", you also need -O3 in order to activate the "proper" compiler checks like "variable set but never used" ones. > Perhaps we could have another USE flag for -Werror where it is a security= feature. e.g. USE=3Dstrict-compile-checks You better run a static code analyser, such as the one you can hook up with Travis. It usually points out real security problems such as races, which GCC doesn't do yet, as far as I'm aware. Let alone trigger with -Werror. Fabian --=20 Fabian Groffen Gentoo on a different level --yEPQxsgoJgBvi8ip Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEELUvHd/Gtp7LaU1vuzpXahU5EQpMFAluWfW4ACgkQzpXahU5E QpMwkQgApK7dFYOyVnC/q5kTvZRlBMmmfYC9dtABIcLndJILTyfdB/QqGErpSfsm La9/DAhMd3V9HteB8nTX9mSxWcRNG5UV1hf69BJbM8b8ZG42hKbOppfk+iMqev9X 9vsNnq54wej4WM58yaezMKo3zr2fJ8tOuc2ZAZMGohHt3wdBtJ2JWa3vaI5Ybfcu b4LccvZioWVT8qfMSNoR2BUtML512u4kNBapdqWLO57lnm6kTri2E+n9pnISTx/6 QG13myL0rqOIbymCdfdQWMAGXauVToptmNm2sW9HJpxPBYZrNZ640LY3py9b8vys ruDJE6blTppUof7joYj7Zle+H2gmKw== =wwPm -----END PGP SIGNATURE----- --yEPQxsgoJgBvi8ip--