Announcement

Collapse
No announcement yet.

Linux 5.15 Enabling "-Werror" By Default For All Kernel Builds

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • brad0
    replied
    Originally posted by perpetually high View Post
    Sometimes you gotta do the wrong thing, before the right thing becomes apparent.
    Except this was apparent 20 years ago.

    Leave a comment:


  • perpetually high
    replied
    Originally posted by brad0 View Post

    Why would they want to do the right thing when they can do the wrong thing instead.
    Sometimes you gotta do the wrong thing, before the right thing becomes apparent.

    (Linus could also be sending a message to developers and then just revert this next kernel as a troll move. Totally a Linus move. He's capable of said trolling.)

    Leave a comment:


  • perpetually high
    replied
    Originally posted by coder View Post
    The biggest problem I have with static analysis (besides too much time wasted "fixing" false-positive warnings) is the false sense of security some people seem to take from it. It's only one tool in the toolbox. Over-reliance on any one tool is going to be unproductive.
    Very true, and I think this is a great argument against it.

    Leave a comment:


  • NobodyXu
    replied
    Originally posted by JustRob View Post
    Ideally they'll add "-Werror=format-security" to new versions, like Fedora does. Don't complain that it's more difficult for someone else to write defensive code, when you're the one most affected.

    https://fedoraproject.org/wiki/Format-Security-FAQ
    Linux kernel doesn’t use standard IO functions provided by C stdio.h, so this option likely do nothing.

    Leave a comment:


  • JustRob
    replied
    Ideally they'll add "-Werror=format-security" to new versions, like Fedora does. Don't complain that it's more difficult for someone else to write defensive code, when you're the one most affected.

    Leave a comment:


  • brad0
    replied
    Originally posted by perpetually high View Post
    While I understand it and respect Sir Linus,
    Why would they want to do the right thing when they can do the wrong thing instead.

    Leave a comment:


  • brad0
    replied
    The fact this has not been enabled until now is ridiculous.

    Leave a comment:


  • coder
    replied
    Originally posted by perpetually high View Post
    While I understand it and respect Sir Linus,
    The biggest problem I have with static analysis (besides too much time wasted "fixing" false-positive warnings) is the false sense of security some people seem to take from it. It's only one tool in the toolbox. Over-reliance on any one tool is going to be unproductive.

    Leave a comment:


  • coder
    replied
    Originally posted by Chewi View Post
    It seems like a good idea on the face of it but compilers flag up more and more things as warnings with every release, ...
    The key is mostly in which warnings are enabled. I was glad to see this part:

    "We ... will disable specific over-eager warnings as required, if we can't fix them."

    As long as you enable only the warnings with an extremely low false-positive rate, then it should be fine. Of course, that means certain things will be missed, but you can do additional static analysis not as part of the build.

    Leave a comment:


  • camel_case
    replied
    it will specially effect the staging drivers, maybe cause a remove of bad maintained staging drivers. It is not bad, open source is not about releasing code. It is about to maintain code together with a community in public repositories.

    Leave a comment:

Working...
X