I personally am taking a lot of flack from local Gnome developers I know over
using Gentoo.  This is because Gentoo users are using Gnome support channels
(freenode.net/#gentoo et. al) and reporting problems that no other distribution
seems to have.  In some cases, this is do to people using ludicrous CFLAGS; in
some cases it is due to compiler bugs that the developer carefully chose CFLAGS
to work around.  As a result, at least one local LUG is actively discouraging
Gentoo use.

While Gentoo has to take care of application-specific nasty CFLAGS on a
case-by-case basis (ideally, developers will state in their documentation that
this is the case), many user-specified potentially dangerous CFLAGS can be taken
care of gentoo on a system-wide basis.  It is proposed that emerge/ebuild check
for potentially dangerous CFLAGS at runtime.  If another flag such as
ALLOW_DANGEROUS_CFLAGS is not set, then emerge/ebuild will refuse to run until
the dangerous flag(s) in question are removed or the permission variable is set
to be true.

   Flags to be marked as potentially dangerous include:
-O* for numbers greater than 3 (gcc 2.96 goes up to -O9, although higher numbers
may be specified, and "-O" on its own is OK)
-w (disable all warnings)
-ffast-math 
-fno-math-errno 
-funsafe-math-optimization
-fno-trapping-math 
-fdelete-null-pointer-checks (at least under certain cases?)
-fsched-spec-load-dangerous (possibly, not marked dangerous by the gcc folks)
-m* equivalents of all -f* items mentioned above.
- Other items as appropriate -

   The proposed warning message is:
WARNING: You have set potentially unsafe compiler optimization flags in your
CFLAGS [environment variable/make.conf entry/etc.].  The potentially unsafe
optimizations flags are:

[list of flags goes here].

   If you are SURE that the flags you have chosen are safe to be used when
compiling the package(s) you have chosen to emerge, you may set
ALLOW_DANGEROUS_CFLAGS="true" to allow the emerge to proceed.  Please remove the
above flags from your CFLAGS entry(ies) if you are unsure if they are safe.

   DO NOT CONTACT THE DEVELOPER OF THE PACKAGES YOU ARE ABOUT TO INSTALL IF YOU
HAVE SET ALLOW_DANGEROUS_CFLAGS.  IF THE PACKAGE(S) YOU WISH TO INSTALL CANNOT
BE USED PROPERLY WITHOUT SETTING ALLOW_DANGEROUS_CFLAGS, PLEASE CONTACT GENTOO
SUPPORT.

*** emerge STOPPED due to potentially dangerous compiler optimizations being set
*** and ALLOW_DANGEROUS_CFLAGS!="TRUE".
--

   When emerging/ebuilding with potentially dangerous flags, the following shall
be shown after the package(s) have been built:

   YOU HAVE COMPILED THE FOLLOWING PACKAGE(S) WITH POTENTIALLY DANGEROUS
OPTIMIZATIONS:

[list of packages]

   THE COMPILER FLAGS YOU HAVE CHOSEN MAY LEAD TO ABNORMAL PROGRAM BEHAVIOR. DO
NOT CONTACT THE MAINTAINER OF THIS PROGRAM FOR ASSISTANCE SHOULD YOU ENCOUNTER
STRANGE BEHAVIOR.  INSTEAD, PLEASE RECOMPILE THE PACKAGE(S) IN QUESTION WITHOUT
ANY POTENTIALLY DANGEROUS OPTIMIZATIONS, AND SEE IF THE BEHAVIOR PERSISTS.

--

   Ideally, this behavior will be system-wide for many gcc flags.  For
applications where specific compiler flag issues are known to exist,
patch-o-matic(?) will be used to disable potentially dangerous flags whenever it
has to modify the CFLAGS line to remove/modify other entries.


Reproducible: Always
Steps to Reproduce: