Depends on how you look at it. It's that particular old version of GCC in base because of licensing, yes -- but that old version is now effectively obsolete, so there's a technical reason (originally forced from licensing) to move away from it.
That said: it's good to remember how much of a breath of fresh air clang was way back when. Error messages in that era of GCC were _terrible_. Clang showed up with colorized error messages and ASCII art arrows and it felt like magic. So, sure, licensing alone would have been a fine reason for base to do what it did, but I don't think it's fair to characterize it as _just_ licensing. GCC has made huge improvements since then, but those are only visible in ports (which has always had and continues to have modern GCC). Which I guess you could argue makes it a licensing issue? :-)
I have recently set DECSCNM on in my terminal(s), which inverts everything, effectively swapping the foreground and background colours. The clang error messages now come out with unsightly large streaks of extraneous colour, as freshly erased lines caused by scrolling fill with the colour that clang has not yet turned off. clang was always doing this. But when it's the background colour it's more visible.
It would be such a simple fix, that's actually in line with code elsewhere in the same class. I wonder how many years it will take to get it changed.
> That said: it's good to remember how much of a breath of fresh air clang was way back when. Error messages in that era of GCC were _terrible_.
I disagree; I think clang set a trend and now GCC's error message are worse than they used to be. In the recent days I've seriously considered patching them out because I'm getting really tired of the wall of text of useless suggestions, macro expansion, etc. that hides the actual error. 99% of the time I just need to see which line my error originates from (before any macro expansion) and I can follow the chain manually in the remaining 1% of cases.
What's happening now is that I have a line with an error, and I get 50 lines of trash output among which the actual error is buried. And trying to jump to the error in my editor has me jump through headers, #include rows, and other garbage, sometimes missing the original error line entirely!
It's ridiculous. The suggestions are also largely either wrong or so obvious that they have only negative value. It's just clutter. Same goes for the ascii art arrows. Just clutter, making it harder to see relevant things.
I can see these messages being helpful for a total newbie who's still acquainting themselves with the standard library and figuring out the basics of the language, but for me (writing C daily for a living, and as a hobby for the past 15+ years) it's just getting in the way.
It's a pity that you weren't instead reminded of -fno-color-diagnostics, -fno-caret-diagnostics, and -fno-diagnostics-show-note-include-stack. You could have told clarry about them. (-:
IMO, still very much a licensing issue. Modern GPL3 GCC versions produce superior debuginfo as compared with Clang, in 2020, and the error messages and optimizations are currently competitive between the two. The ancient GPL2 GCC4.2.1 (C) compiled much faster than the modern Clang (C++), but I don't know if that still holds true for newer versions of GCC.
I have heard that the LLD (LLVM linker) is much faster than either ld.bfd or ld.gold.
In which way terrible? Error messages for C++ were at times unhelpful, but I can't remember being dissatisfied with those for C. Outside the Desktop environment, is there much C++ code in the FreeBSD system?
devd is C++, and it is not alone. Unfortunately, the dynamically-linkable C++ runtime library is in the wrong place, and not in the same place as the C runtime library, so things like devd have to be statically linked.
But the clang switch was not motivated by its C++ error messages, to my knowledge.
What is the problem of using a GPLv3 compiler? Only political reason, since FreeBSD is still an open source project and they can use GPLv3 software without any problem.
Not only that, but even proprietary software can be built with a GPL compiler, the binaries produced by the compiler are not considered derived work that must be covered by the same GPL license, so if Microsoft wanst to build Windows with GCC for example they can do that, provided that they don't link in the executable produced GPL code (e.g. glibc).
The legal subject of licensing GPLv3 is a lot more nuanced then you are indicating. One example of this is that while the license can explicitly allow proprietary software to link to a library it cannot explicitly deny proprietary software linking to a library. Copyright law defines what is and what isn't derivative works, not licenses. And copyright licenses are fundamentally limited to copyright law.
But there are technical reasons to avoid using GCC nowadays as well.
The GNU people have built in shitty anti-features into GCC suite, ostensibly to limit the ability of proprietary software to incorporate GCC into their products.
LLVM, which is what CLang uses, was partially a response to the artificial technical limitations intentionally imposed on users by the GNU GCC authors.
The main issue with GPLv3 software isn't the linking. You can link stuff using GCC without making sources available to anybody.
The main issue with GPLv3 is the so-called Tivoization clause. It basically states that if you have a product that ships with any GPLv3 software, you need to give your users the ability to install a modified version of anything you included that's GPLv3. Which basically means you can't lock down your device. That's a big security risk on an embedded system - both from an IP protection point of view, and also from a botnet/pwning point of view.
FreeBSD (and others presumably) don't want their users to need to worry about accidentally installing something from the core system and finding themselves in violation of the GPL.
>That's a big security risk on an embedded system - both from an IP protection point of view
If a company is interested in "protecting their IP" by closing the source then it's questionable why they would have even wanted to use GPLv2 software at all. The OEM's IP situation is also not related to the security of the customer. Maybe it matters to the security of the OEM, but that's different.
>and also from a botnet/pwning point of view
Complying with the GPLv3 doesn't mean the device becomes vulnerable to botnets. All it means is that the customer who purchased the device has to get access to the hardware keys. For their own device. That they purchased.
> If a company is interested in "protecting their IP" by closing the source then it's questionable why they would have even wanted to use GPLv2 software at all. That also is not related to the security of the customer at all. Maybe it matters to the security of the OEM, but that's different.
I can't speak for other engineers. But at companies I've worked in, a common product model is "embedded Linux with GPLv2 software, and some proprietary secret-sauce binaries". At those companies, they usually do send patches to upstream open-source projects and they try to contribute. Also they usually provide full source-code on request, for everything except the proprietary stuff.
The net effect of GPLv3 has been that GNU packages basically don't exist on embedded devices any more. Which means that engineers like me don't have the professional opportunity to contribute features and patches. It sort of isolates GPLv3 projects into a walled garden, which I feel like is the opposite of what GPL was intended to foster. Instead, I can only have the professional opportunity to contribute on GPLv2 or permissive-license projects.
> Complying with the GPLv3 doesn't mean the device becomes vulnerable to botnets. All it means is that the customer who purchased the device has to get access to the hardware keys. For their own device. That they purchased.
I sympathize with the intent behind this. There are also just some practical realities that are tough. At my current company, the team working on our next embedded Linux product is pretty small. We don't have infinite time or resources to make sure that our own code is 100% intrusion-resistant - all we can do is try our best.
It's a big ask for us to support _two_ methods of firmware-update (local and over-the-network) with different keys/security requirements for each. We just plain don't have the manpower to support that, not when we can be developing features to improve our product instead.
And if you have access to the filesystem, it's that much easier to comb through it and look for vulnerabilities in our network updater (for example). And it's easier to pick apart the proprietary bits with Ghidra or something. Could you do it anyways, even without our help? Maybe. But it's much harder.
Can we design a system that's robust enough to allow you to install whatever you want on your unit? Maybe. Probably. Hopefully we're already there. But I'm not going to risk my company's livelihood on it just to ship GPLv3 software, especially considering that there are almost-as-good alternatives for a lot of it. We just don't have the resources to make sure we cover every security angle on an open-box system.
When ever people mention the Tivoization clause they forget to include the big exception which the license gives. You do not need to give your users the ability to install a modified version of GPLv3 software if there is no mechanism for which the manufacturer can modify the software after sale.
People can create any number of embedded system which are locked down so no one can change the software. The key here is nobody. Not the user, not the manufacturer, not some backdooring third party.
People are free to argue that allowing manufacturers access to devices after sale but not the actually owners is a security feature to prevent botnets and pwning, but that is a harder sell.
Don't write proprietary compilers. You can thank GCC for mostly eliminating that possibility in the years before clang. Now we are dealing with that again.
> Only political reason, since FreeBSD is still an open source project and they can use GPLv3 software without any problem.
And what about Dell EMC Isilon OneFS, which uses FreeBSD as the base of their product? Or Panasas or NetApp? Juniper? Sony and their PlayStation 4? Netflix?
That said: it's good to remember how much of a breath of fresh air clang was way back when. Error messages in that era of GCC were _terrible_. Clang showed up with colorized error messages and ASCII art arrows and it felt like magic. So, sure, licensing alone would have been a fine reason for base to do what it did, but I don't think it's fair to characterize it as _just_ licensing. GCC has made huge improvements since then, but those are only visible in ports (which has always had and continues to have modern GCC). Which I guess you could argue makes it a licensing issue? :-)