There was an issue with GCC7 during the mass-rebuild. Despite the Fedora-wide setting of -Werror=format-security, GCC did not process its command-line properly and an unknown number of packages were built without this flag appropriately set. As a result, all of those packages built successfully during the mass-rebuild, where many should in fact have reported compilation errors and been rejected.
As part of the modular builds that the Base Runtime is performing, we need to rebuild all packages that are going into the base runtime (as well as the set of packages required to self-host the base runtime). Because GCC has been updated to properly handle the CLI arguments, somewhere between two and three dozen packages now throw errors on building.
Because we are under time-constraints, I am asking permission from FESCo to authorize that myself and Petr Šabata (@contyk) may use our provenpackager permissions to apply patches to these packages without waiting for maintainer correspondence. The patches will be very simple, as the fix for this issue will be in most cases the equivalent of replacing printf(variable) with printf("%s", variable)
printf(variable)
printf("%s", variable)
In very rare cases where the fix is non-obvious, we may take the short-term solution of setting -Wno-format-security for that package and open a Bugzilla for the maintainer to fix it properly (or engage upstream to do the same).
Oops, I meant to tag @psabata above.
Metadata Update from @sgallagh: - Issue tagged with: meeting
+1, this would be helpful.
Can you elaborate on what the time constraints are?
@jwboyer https://fedoraproject.org/wiki/Changes/ModularCompose is dependent upon having a functional Base Runtime module to layer the other modules above. These build failures (and several others) are actively blocking us from delivering that foundational module, which in turn jeopardizes our ability to deliver the agreed-upon Modular prototype in the Fedora 26 cycle.
That discusses what is blocked, but I was hoping you could expand upon the timeframe you're looking to unblock it. It's clearly too late for Alpha. Are you looking to have these issues solved by next week, or Beta, or? When someone says "time constraints" my brain immediately goes to "when does it need to be solved by to accomplish the overall goal" and your answer didn't address that.
Overall, I'm in support of this. I just want to make sure we have a complete picture.
@jwboyer The overall goal is to ensure that we have a functional Boltron deliverable by Beta Freeze, which necessitates unblocking the Base Runtime build as soon as humanly possible (a week is our goal, two weeks our outside limit).
removing the meeting keyword, and closing, we had agreed at last weeks meeting, that a announcement happen and the work go ahead
Metadata Update from @ausil: - Issue untagged with: meeting - Issue close_status updated to: Invalid - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.