Jason Zaman schrieb:
No. With -Werror, upstream indicates that if a warning occurs, the build
should fail and the resulting code not be installed on user systems.
Instead, someone knowledgeable should look at the situation *first* and
determine whether it is a bogus warning, a trivial issue, or something which
warrants further attention.
I have long disagreed with QA policy on this, and think that ebuilds should
respect upstream here. Of course giving users the ability to override.
I disagree. -Werror means that upstream wants it to build without
warnings on their distro with their version of the compiler with their
versions of all the libraries.
It means, upstream wants it to build without warnings everywhere. And if a
warning occurs (due to change in compiler, libraries, architecture, etc.),
have a developer look at it first before installing the code on user systems.
There are things that upstream absolutely should be setting which make a
big difference for security like FORTIFY_SOURCE but hardened already has
that set so I get this and thus basically everything would fail to
compile.
$ gcc -O1 -D_FORTIFY_SOURCE=2 foo.c
<command-line>:0:0: warning: "_FORTIFY_SOURCE" redefined
<built-in>: note: this is the location of the previous definition
This all on amd64 too. If we start with other arches or cross compilers
or other things then -Werror is just not possible.
But you have looked at the issue, decided that it is harmless, and can now
make this particular warning non-fatal. Or report upstream, so they can do
the Right Thing™ and don't redefine.
$ gcc -O1 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 foo.c
That is all what is desired.
Best regards,
Chí-Thanh Christopher Nguyễn
