* [Qemu-devel] [PATCH v2] configure: disable FORTIFY_SOURCE under clang
@ 2015-11-03 20:43 John Snow
2015-11-04 13:53 ` Paolo Bonzini
2015-11-09 11:03 ` Peter Maydell
0 siblings, 2 replies; 3+ messages in thread
From: John Snow @ 2015-11-03 20:43 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, John Snow, pbonzini
Some versions of clang may have difficulty compiling glibc headers when
-D_FORTIFY_SOURCE is used. For example, Clang++ 3.5.0-9.fc22 cannot
compile glibc's stdio headers when -D_FORTIFY_SOURCE=2 is used. This
manifests currently as build failures with clang and any arm target.
According to LLVM dev Richard Smith, clang does not target or support
FORTIFY_SOURCE + glibc, and it should not be relied on.
"It's still an unsupported combination, and while it might compile, some
of the checks are unlikely to work because they require a frontend
inliner to be useful"
See: http://lists.llvm.org/pipermail/cfe-dev/2015-November/045846.html
Conclusion: disable fortify-source if we appear to be using clang instead
of testing for compile success or failure, which may be incidental or not
indicative of proper support of the feature.
Signed-off-by: John Snow <jsnow@redhat.com>
---
configure | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/configure b/configure
index 7a1d08d..4d74fcc 100755
--- a/configure
+++ b/configure
@@ -261,6 +261,7 @@ rdma=""
gprof="no"
debug_tcg="no"
debug="no"
+fortify_source=""
strip_opt="yes"
tcg_interpreter="no"
bigendian="no"
@@ -876,6 +877,7 @@ for opt do
debug_tcg="yes"
debug="yes"
strip_opt="no"
+ fortify_source="no"
;;
--enable-sparse) sparse="yes"
;;
@@ -4435,6 +4437,19 @@ if ! compile_object "-Werror"; then
ccache_cpp2=yes
fi
+#################################################
+# clang does not support glibc + FORTIFY_SOURCE.
+
+if test "$fortify_source" != "no"; then
+ if echo | $cc -dM -E - | grep __clang__ > /dev/null 2>&1 ; then
+ fortify_source="no";
+ elif echo | $cxx -dM -E - | grep __clang__ > /dev/null 2>&1 ; then
+ fortify_source="no";
+ else
+ fortify_source="yes"
+ fi
+fi
+
##########################################
# End of CC checks
# After here, no more $cc or $ld runs
@@ -4442,7 +4457,7 @@ fi
if test "$gcov" = "yes" ; then
CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"
LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"
-elif test "$debug" = "no" ; then
+elif test "$fortify_source" = "yes" ; then
CFLAGS="-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $CFLAGS"
fi
--
2.4.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PATCH v2] configure: disable FORTIFY_SOURCE under clang
2015-11-03 20:43 [Qemu-devel] [PATCH v2] configure: disable FORTIFY_SOURCE under clang John Snow
@ 2015-11-04 13:53 ` Paolo Bonzini
2015-11-09 11:03 ` Peter Maydell
1 sibling, 0 replies; 3+ messages in thread
From: Paolo Bonzini @ 2015-11-04 13:53 UTC (permalink / raw)
To: John Snow, qemu-devel; +Cc: peter.maydell
On 03/11/2015 21:43, John Snow wrote:
> Some versions of clang may have difficulty compiling glibc headers when
> -D_FORTIFY_SOURCE is used. For example, Clang++ 3.5.0-9.fc22 cannot
> compile glibc's stdio headers when -D_FORTIFY_SOURCE=2 is used. This
> manifests currently as build failures with clang and any arm target.
>
> According to LLVM dev Richard Smith, clang does not target or support
> FORTIFY_SOURCE + glibc, and it should not be relied on.
> "It's still an unsupported combination, and while it might compile, some
> of the checks are unlikely to work because they require a frontend
> inliner to be useful"
>
> See: http://lists.llvm.org/pipermail/cfe-dev/2015-November/045846.html
>
> Conclusion: disable fortify-source if we appear to be using clang instead
> of testing for compile success or failure, which may be incidental or not
> indicative of proper support of the feature.
>
> Signed-off-by: John Snow <jsnow@redhat.com>
> ---
> configure | 17 ++++++++++++++++-
> 1 file changed, 16 insertions(+), 1 deletion(-)
>
> diff --git a/configure b/configure
> index 7a1d08d..4d74fcc 100755
> --- a/configure
> +++ b/configure
> @@ -261,6 +261,7 @@ rdma=""
> gprof="no"
> debug_tcg="no"
> debug="no"
> +fortify_source=""
> strip_opt="yes"
> tcg_interpreter="no"
> bigendian="no"
> @@ -876,6 +877,7 @@ for opt do
> debug_tcg="yes"
> debug="yes"
> strip_opt="no"
> + fortify_source="no"
> ;;
> --enable-sparse) sparse="yes"
> ;;
> @@ -4435,6 +4437,19 @@ if ! compile_object "-Werror"; then
> ccache_cpp2=yes
> fi
>
> +#################################################
> +# clang does not support glibc + FORTIFY_SOURCE.
> +
> +if test "$fortify_source" != "no"; then
> + if echo | $cc -dM -E - | grep __clang__ > /dev/null 2>&1 ; then
> + fortify_source="no";
> + elif echo | $cxx -dM -E - | grep __clang__ > /dev/null 2>&1 ; then
> + fortify_source="no";
> + else
> + fortify_source="yes"
> + fi
> +fi
> +
> ##########################################
> # End of CC checks
> # After here, no more $cc or $ld runs
> @@ -4442,7 +4457,7 @@ fi
> if test "$gcov" = "yes" ; then
> CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"
> LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"
> -elif test "$debug" = "no" ; then
> +elif test "$fortify_source" = "yes" ; then
> CFLAGS="-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $CFLAGS"
> fi
>
>
Queued, thanks!
Paolo
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PATCH v2] configure: disable FORTIFY_SOURCE under clang
2015-11-03 20:43 [Qemu-devel] [PATCH v2] configure: disable FORTIFY_SOURCE under clang John Snow
2015-11-04 13:53 ` Paolo Bonzini
@ 2015-11-09 11:03 ` Peter Maydell
1 sibling, 0 replies; 3+ messages in thread
From: Peter Maydell @ 2015-11-09 11:03 UTC (permalink / raw)
To: John Snow; +Cc: Paolo Bonzini, QEMU Developers
On 3 November 2015 at 20:43, John Snow <jsnow@redhat.com> wrote:
> Some versions of clang may have difficulty compiling glibc headers when
> -D_FORTIFY_SOURCE is used. For example, Clang++ 3.5.0-9.fc22 cannot
> compile glibc's stdio headers when -D_FORTIFY_SOURCE=2 is used. This
> manifests currently as build failures with clang and any arm target.
>
> According to LLVM dev Richard Smith, clang does not target or support
> FORTIFY_SOURCE + glibc, and it should not be relied on.
> "It's still an unsupported combination, and while it might compile, some
> of the checks are unlikely to work because they require a frontend
> inliner to be useful"
>
> See: http://lists.llvm.org/pipermail/cfe-dev/2015-November/045846.html
>
> Conclusion: disable fortify-source if we appear to be using clang instead
> of testing for compile success or failure, which may be incidental or not
> indicative of proper support of the feature.
> ##########################################
> # End of CC checks
> # After here, no more $cc or $ld runs
> @@ -4442,7 +4457,7 @@ fi
> if test "$gcov" = "yes" ; then
> CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"
> LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"
> -elif test "$debug" = "no" ; then
> +elif test "$fortify_source" = "yes" ; then
> CFLAGS="-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $CFLAGS"
> fi
This change means that a non-debug build with clang will no longer
pass -O2 in the CFLAGS, so you get an unoptimized build...
You need to handle fortify_source=yes and debug=no separately.
thanks
-- PMM
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-11-09 11:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-11-03 20:43 [Qemu-devel] [PATCH v2] configure: disable FORTIFY_SOURCE under clang John Snow
2015-11-04 13:53 ` Paolo Bonzini
2015-11-09 11:03 ` Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).