When checking today’s failure logs from the tinderbox, to check if there are packages failing with readline 6.0 beside GDB, I’ve noticed a few more failures since last time, mostly related to the new gcc 4.3.3 ebuild and the fact that -D_FORTIFY_SOURCE=2
is now enabled by default. Which by the way is what makes the whole thing too noisy for my taste .
While there are a few cases where the code is explicitly being rejected by the compiler for being wrong, most of the failures seems to be extra warnings that morph into failures because of the use of -Werror
in released code. I think I talked about this kind of problem in passing in the past, but never wrote a full entry about it. I think the time has come for that.
The -Werror
flag for GCC (used also by ICC and equivalent to Sun’s -errwarn=%all
) is often considered useful to make sure one’s code is solid enough to build without warnings. This is good since warnings often enough result in errors, and as I noted yesterday having too many warnings can cause new ones to be ignored and thus create a domino effect to the point the whole software is screwed. But, it’s not a good idea to unconditionally set it up in the released code.
Why do I say that? Because things change, and especially, warnings are added. The fact that a new compiler is stricter and considers a particular piece of code as something to warn about is not going to change the quality of the software per-se; and while it’s true that fixing the warnings early can save from failing further down the road, users often enough just need the thing to build and work when they need it, and would prefer not to have to fix a few warnings first.
So we have two opposite considerations: enabling -Werror
can allow the developers and the users interested in the total correctness of the program to identify new warnings earlier, and at the same time the remaining set of users who don’t care about correctness but just want the thing to work would like -Werror
disabled. What’s the solution? First of all, learn to use particular -Werror=
flags, (see this old post of mine for some information about it), and then you should make the thing optional.
See this is what makes free software quite powerful sometimes, optionality. Just add a switch, a knob, a line to comment in and out, so that -Werror
is used by default on developers builds but not on the normal user releases. For most non-autoconf-based build systems, -Werror
is just passed along with the rest of the CFLAGS so it’s easy to deal with that, for autoconf-based systems, it’s not rare that it’s added at the end of the script, unconditionally. Why does that happen? Because passing it to the ./configure
call, like any other compiler flag will almost certainly cause some autoconf checks to fail. No more no less.
True, sometimes what is warning in a version of GCC becomes error in the one after, so it’s not really a solution if the warnings are not taken care of. But that’s the very reason why GCC introduces them as warnings usually! It gives time to the developers to act on them before rejecting them out of the blue. Of course it would be nicer if GCC also added an extra specification like “this will become an error with release X.Y.Z” but still even that is often ignored so it does not really matter.
This becomes even more important for ebuild developers since having -Werror
enabled does not really work well with Gentoo, since we might add new stricter GCC versions, or even one more entry in CFLAGS to enable further warnings (for instance I have -Wformat=2 -Wstrict-aliasing=2 -Wno-format-zero-length
in mine), which would then cause packages to fail out of the blue. Unfortunately it seems that quite a bit of packages still use -Werror
in their default build and not all Gentoo maintainers took care of removing it beforehand.
So please, don’t use -Werror
in released code, make it optional, use it during development, but not in released code. And not in ebuilds either.