Re: Provenpackagers dealing with -Werror=format-security issues

On 1 April 2017 at 02:09, Kevin Kofler wrote: > Nonsense. Nobody is going to mark up each and every use of a smart pointer > with some warning pragma, that just does not make sense. > > Warnings are optional by design, you cannot dictate a distribution-wide > policy for them. > What I wrote was

Re: Provenpackagers dealing with -Werror=format-security issues

Tomasz Kloczko wrote: > As you perfectly know such precise point-and-click suppression can be > added straight in source code around each such case. Again. Level up on > processing source resources by distribution build infrastructure such > suppression on whole package even layer should be forbidd

Re: Provenpackagers dealing with -Werror=format-security issues

On Wed, 2017-03-29 at 13:23 +0100, Jonathan Wakely wrote: [..] > And my point is the code doesn't need fixing. "Fixing" code to stop > using std::auto_ptr usually means replacing it with std::unique_ptr, > which will break that code if it's supposed to build with a C++98 > compiler. As you perfect

Re: Provenpackagers dealing with -Werror=format-security issues

On 29/03/17 12:09 +0100, Tomasz Kloczko wrote: For some reason you email landed in my spam folder :) On Wed, 2017-03-29 at 10:15 +0100, Jonathan Wakely wrote: On 19/03/17 03:33 +, Tomasz Kłoczko wrote: > Started cleaning parted.spec and found method *much* more often used. > > [tkloczko@dom

Re: Provenpackagers dealing with -Werror=format-security issues

On Wednesday, March 29, 2017 12:09:14 Tomasz Kloczko wrote: > What I'm trying to tell is that as long > as suppressing such warnings is hard coded in spec files it > decreases probability of fixing the code. Because you are trying to use wrong tools to capture compiler warnings from Fedora packag

Re: Provenpackagers dealing with -Werror=format-security issues

For some reason you email landed in my spam folder :) On Wed, 2017-03-29 at 10:15 +0100, Jonathan Wakely wrote: > On 19/03/17 03:33 +, Tomasz Kłoczko wrote: > > Started cleaning parted.spec and found method *much* more often used. > > > > [tkloczko@domek SPECS.fedora]$ grep CFLAGS * | grep --

Re: Provenpackagers dealing with -Werror=format-security issues

On 19/03/17 03:33 +, Tomasz Kłoczko wrote: Started cleaning parted.spec and found method *much* more often used. [tkloczko@domek SPECS.fedora]$ grep CFLAGS * | grep -- -Wno alex4.spec: CFLAGS="$RPM_OPT_FLAGS *-Wno*-deprecated-declarations" There's nothing wrong with this option. Many C++

Re: Provenpackagers dealing with -Werror=format-security issues

(Resending without changes my reply which I've sent initially by mistake only to Kamil. He suggest that it is worth to resend it :) ) On 20 March 2017 at 22:23, Kamil Dudka wrote: > > Even without above raw build logs preserved on koji enriched but full > > warnings verbosity has some very big p

Re: Provenpackagers dealing with -Werror=format-security issues

On Sunday, March 19, 2017 15:09:59 Tomasz Kłoczko wrote: > gcc can now load some extensions as DSOs and maybe it would be possible to > use this entry point to start thinking about develop extension which would > allow store formated data about types and locations of warning in some text > file per

Re: Provenpackagers dealing with -Werror=format-security issues

On Mon, 2017-03-20 at 13:15 +0100, Kamil Dudka wrote: > I believe that using -Werror in production builds > is a really bad idea in general.  There are other, more efficient, > ways to  > detect such warnings off production build environment. In general, I completely agree, but... > IMO the only

Re: Provenpackagers dealing with -Werror=format-security issues

On Friday, March 17, 2017 14:36:25 Stephen Gallagher wrote: > There was an issue[1] with GCC7 during the mass-rebuild. Despite the > Fedora-wide setting of -Werror=format-security, GCC did not process its > command-line properly and an unknown number of packages were built without > this flag appro

Re: Provenpackagers dealing with -Werror=format-security issues

I am fine with such warning as long as they are accompanied by comment withe either upstream bug report or other justification. Vít Dne 19.3.2017 v 04:33 Tomasz Kłoczko napsal(a): > > On 19 March 2017 at 02:46, Tomasz Kłoczko > wrote: > > Will try to take c

Re: Provenpackagers dealing with -Werror=format-security issues

On 19 March 2017 at 19:37, Stephen John Smoogen wrote: > I think one of the big disconnects here is that Tomasz seems to see > that someone who 'owns' a package is a top notch developer who is > going to know that package completely and care about the warnings and > such spat out. The myth of the

Re: Provenpackagers dealing with -Werror=format-security issues

On 19 March 2017 at 15:25, Zbigniew Jędrzejewski-Szmek wrote: > On Sun, Mar 19, 2017 at 05:20:46PM +, Tomasz Kłoczko wrote: >> On 19 March 2017 at 16:24, Zbigniew Jędrzejewski-Szmek >> I have allergy on answers "no because no" and similar like "no thank you, >> but no" ;-) >> Can you explai

Re: Provenpackagers dealing with -Werror=format-security issues

On Sun, Mar 19, 2017 at 05:20:46PM +, Tomasz Kłoczko wrote: > On 19 March 2017 at 16:24, Zbigniew Jędrzejewski-Szmek > wrote: > > > > As I wrote it has potentially very useful case to have maximum level > > > reporting compile errors on distribution level. > > > koji could parse build logs an

Re: Provenpackagers dealing with -Werror=format-security issues

On Sun, Mar 19, 2017 at 07:30:24PM +0100, Kevin Kofler wrote: > That was not a new issue in GCC 7, it is how -Werror=format-security had > behaved since its introduction. It is just that the behavior change in GCC 7 > came in late, after the mass rebuild had already happened. > > For what it's w

Re: Provenpackagers dealing with -Werror=format-security issues

Stephen Gallagher wrote: > There was an issue[1] with GCC7 during the mass-rebuild. Despite the > Fedora-wide setting of -Werror=format-security, GCC did not process its > command-line properly and an unknown number of packages were built without > this flag appropriately set. That was not a new i

Re: Provenpackagers dealing with -Werror=format-security issues

On 19 March 2017 at 16:24, Zbigniew Jędrzejewski-Szmek wrote: > > As I wrote it has potentially very useful case to have maximum level > > reporting compile errors on distribution level. > > koji could parse build logs and count total number of compile time > warning > > and in own build report p

Re: Provenpackagers dealing with -Werror=format-security issues

On Sun, Mar 19, 2017 at 03:09:59PM +, Tomasz Kłoczko wrote: > On 19 March 2017 at 12:51, Zbigniew Jędrzejewski-Szmek > wrote: > > > No. There's a policy to show the full command line option, but that's not > > the same. Most warnings are only useful for upstream developers, and > > packagers

Re: Provenpackagers dealing with -Werror=format-security issues

On 19 March 2017 at 12:51, Zbigniew Jędrzejewski-Szmek wrote: > No. There's a policy to show the full command line option, but that's not > the same. Most warnings are only useful for upstream developers, and > packagers are not (and should not) do anything about them. One obvious > case is unuse

Re: Provenpackagers dealing with -Werror=format-security issues

On Sun, Mar 19, 2017 at 02:46:35AM +, Tomasz Kłoczko wrote: > If it is not already Fedora policy enable visibility of all compile time > warnings to maximum level it should be official policy. No. There's a policy to show the full command line option, but that's not the same. Most warnings are

Re: Provenpackagers dealing with -Werror=format-security issues

On 19 March 2017 at 02:46, Tomasz Kłoczko wrote: > Will try to take care of those few but it is possible that it is few more > possible ways to lower compile time warnings verbosity level. > Started cleaning parted.spec and found method *much* more often used. [tkloczko@domek SPECS.fedora]$ gre

Re: Provenpackagers dealing with -Werror=format-security issues

BTW compilation warnings .. [tkloczko@domek SPECS.fedora]$ grep -- --disable-gcc-warnings *mingw-libtasn1.spec:%mingw_configure --disable-static *--disable-gcc-warnings*parted.spec:%configure --enable-selinux --disable-static *--disable-gcc-warnings* [tkloczko@domek SPECS.fedora]$ grep -- --disabl

Provenpackagers dealing with -Werror=format-security issues

There was an issue[1] with GCC7 during the mass-rebuild. Despite the Fedora-wide setting of -Werror=format-security, GCC did not process its command-line properly and an unknown number of packages were built without this flag appropriately set. As a result, all of those packages built successfully