[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

In defense of -Werror [was, Re: automake transition breakages]

On Mon, Sep 30, 2013 at 10:35:06AM -0700, Russ Allbery wrote:
> Cyril Brulebois <kibi@debian.org> writes:
> > Julian Taylor <jtaylor.debian@googlemail.com> (2013-09-30):

> >> At minimum the packages using Werror should be test rebuilt before each
> >> new upload:
> >> http://codesearch.debian.net/search?q=AM_INIT_AUTOMAKE.*-Werror

> >> The list is small enough that it can be done by hand / small script.

> > So that they stop using Werror? Good idea.

> I use -Werror for Automake for all of the packages for which I'm upstream
> and have not noticed it being a serious issue, although maybe I'm missing
> something?  But I didn't have any trouble regenerating the files for my
> various packages with Automake 1.14.

> -Werror for a compiler is a bad idea for Debian packages because, unless
> you do extensive portability testing, it's quite likely that there will be
> warnings on some platform on which the code is not regularly tested but
> which aren't serious issues.  Also, each new version of the compiler comes
> with a ton of new warnings, most of which are not significant.

Not really speaking to the main point of this thread since it has nothing to
do with automake, but: I'm gonna go on record as disagreeing with this
conventional wisdom.  Yes, -Werror (or even moreso, -Wall -Werror) does
often turn up a lot of false positives, and can result in a fair number of
build failures for the maintainer to deal with.  But the compiler is also
the best code reviewer you're ever likely to encounter, and while some of
these warnings will be false positives, a lot of them are real bugs - and an
occasional build failure is certainly better than a broken binary in the
archive.  Many of the hairiest upstream bugs I've had to fix lately,
including for stuff running in early boot and security-sensitive code, have
been bugs that would have been caught by building with -Werror.

Some people have argued that -Werror should be turned on during development
only, and then disabled for upload to the archive.  But this is inadequate
precisely because the warnings one sees and deals with locally before upload
are *not* guaranteed to be representative of the problems encountered on the
buildds - in part because of architecture differences, but also because of
things like binNMUs that could introduce regressions due to changes in the
build-dependencies or in the compiler used.  (That includes not just
regressions in the set of warnings output by the compiler, but actually
regressions in the functionality of the resulting binary caused by compiler
changes.)  Now, the maintainer could decide to watch the build logs for
"important" warnings instead and fix them after upload; but I don't think
it's realistic that maintainers will actually do this in practice, and in
any case it does nothing to help where NMUs are concerned.

So while I don't currently build all of my packages with -Werror, I think
it's a perfectly reasonable thing for maintainers to choose to do, just as
it is to have a policy of keeping their package lintian-clean.

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Attachment: signature.asc
Description: Digital signature

Reply to: