A change to the GCC annobin plugin causes some autoconf tests to fail (which have to use -Werror in some cases), as seen when rebuilding pmix: configure:22457: gcc -c -DNDEBUG -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64-v2 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -Werror -ansi conftest.c >&5 conftest.c: error: -D_FORTIFY_SOURCE not defined [-Werror] cc1: all warnings being treated as errors configure:22457: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "pmix" | #define PACKAGE_TARNAME "pmix" | #define PACKAGE_VERSION "3.2.3" | #define PACKAGE_STRING "pmix 3.2.3" | #define PACKAGE_BUGREPORT "https://github.com/pmix/pmix/issues" | #define PACKAGE_URL "" | #define PMIX_CONFIGURE_CLI " \'--build=x86_64-koji-linux-gnu\' \'--host=x86_64-koji-linux-gnu\' \'--program-prefix=\' \'--disable-dependency-tracking\' \'--prefix=/usr\' \'--exec-prefix=/usr\' \'--bindir=/usr/bin\' \'--sbindir=/usr/sbin\' \'--sysconfdir=/etc\' \'--datadir=/usr/share\' \'--includedir=/usr/include\' \'--libdir=/usr/lib64\' \'--libexecdir=/usr/libexec\' \'--localstatedir=/var\' \'--sharedstatedir=/var/lib\' \'--mandir=/usr/share/man\' \'--infodir=/usr/share/info\' \'--prefix=/usr\' \'--sysconfdir=/etc/pmix\' \'--disable-static\' \'--disable-silent-rules\' \'--enable-shared\' \'--enable-pmi-backward-compatibility\' \'--with-munge\'" | #define PMIX_CONFIGURE_USER "reproduciblebuild" | #define PMIX_CONFIGURE_HOST "reproduciblebuild" | #define PMIX_CONFIGURE_DATE "2021-08-09T00:00:00" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PMIX_MCA_PREFIX "PMIX_MCA_" | #define PMIX_MCA_CMD_LINE_ID "pmca" | #define PMIX_ENABLE_DLOPEN_SUPPORT 1 | #define PMIX_ENABLE_DEBUG 0 | #define PMIX_WANT_HOME_CONFIG_FILES 1 | #define PMIX_WANT_PRETTY_PRINT_STACKTRACE 1 | #define PMIX_IDENT_STRING "" | #define PMIX_ENABLE_TIMING 0 | #define PMIX_ENABLE_PTY_SUPPORT 1 | #define HAVE_DLFCN_H 1 | #define LT_OBJDIR ".libs/" | #define PMIX_CC "gcc" | #define PMIX_HAVE_SOLARIS 0 | #define PMIX_HAVE_APPLE 0 | #define HAVE_NETDB_H 1 | #define HAVE_NETINET_IN_H 1 | #define HAVE_NETINET_TCP_H 1 | #define HAVE_STRUCT_SOCKADDR_IN 1 | #define PMIX_VERSION "3.2.3" | #define PMIX_MAJOR_VERSION 3 | #define PMIX_MINOR_VERSION 2 | #define PMIX_RELEASE_VERSION 3 | #define PMIX_PACKAGE_STRING "PMIx reproduciblebuild@reproduciblebuild Distribution" | #define PMIX_C_HAVE__THREAD_LOCAL 1 | #define PMIX_C_HAVE_ATOMIC_CONV_VAR 1 | #define PMIX_C_HAVE__ATOMIC 1 | #define PMIX_C_HAVE__GENERIC 1 | #define PMIX_C_HAVE__STATIC_ASSERT 1 | #define PMIX_C_HAVE___THREAD 1 | #define STDC_HEADERS 1 | #define _GNU_SOURCE 1 | #define PMIX_C_HAVE_BUILTIN_EXPECT 1 | #define PMIX_C_HAVE_BUILTIN_PREFETCH 1 | #define PMIX_C_HAVE_BUILTIN_CLZ 1 | #define HAVE_INT8_T 1 | #define HAVE_UINT8_T 1 | #define HAVE_INT16_T 1 | #define HAVE_UINT16_T 1 | #define HAVE_INT32_T 1 | #define HAVE_UINT32_T 1 | #define HAVE_INT64_T 1 | #define HAVE_UINT64_T 1 | #define HAVE___INT128 1 | #define HAVE_LONG_LONG 1 | #define HAVE_INTPTR_T 1 | #define HAVE_UINTPTR_T 1 | #define HAVE_PTRDIFF_T 1 | #define SIZEOF__BOOL 1 | #define SIZEOF_CHAR 1 | #define SIZEOF_SHORT 2 | #define SIZEOF_INT 4 | #define SIZEOF_LONG 8 | #define SIZEOF_LONG_LONG 8 | #define SIZEOF_FLOAT 4 | #define SIZEOF_DOUBLE 8 | #define SIZEOF_VOID_P 8 | #define SIZEOF_SIZE_T 8 | #define SIZEOF_PTRDIFF_T 8 | #define SIZEOF_WCHAR_T 4 | #define SIZEOF_PID_T 4 | #define PMIX_ALIGNMENT_BOOL 1 | #define PMIX_ALIGNMENT_INT8 1 | #define PMIX_ALIGNMENT_INT16 2 | #define PMIX_ALIGNMENT_INT32 4 | #define PMIX_ALIGNMENT_INT64 8 | #define PMIX_ALIGNMENT_CHAR 1 | #define PMIX_ALIGNMENT_SHORT 2 | #define PMIX_ALIGNMENT_WCHAR 4 | #define PMIX_ALIGNMENT_INT 4 | #define PMIX_ALIGNMENT_LONG 8 | #define PMIX_ALIGNMENT_LONG_LONG 8 | #define PMIX_ALIGNMENT_FLOAT 4 | #define PMIX_ALIGNMENT_DOUBLE 8 | #define PMIX_ALIGNMENT_VOID_P 8 | #define PMIX_ALIGNMENT_SIZE_T 8 | #define PMIX_NEED_C_BOOL 1 | #define SIZEOF__BOOL 1 | /* end confdefs.h. */ | #ifndef __cplusplus | typedef int foo_t; | static __inline__ foo_t static_foo () {return 0; } | __inline__ foo_t foo () {return 0; } | #endif | I believe this is a recently introduced regression. annobin-9.83-3.el9 did not produce an error here, but annobin-10.06-1.el9 does.
I am not sure what the expected behaviour is here. Clearly the warning message from the annobin plugin is correct, the -D_FORTIFY_SOURCE=2 option has not been provided on the compilation command line. So the obvious solution would be to update the configure scripts to add the option. As an alternative, there is a command line option which can disable this warning message: -fplugin-arg-annobin-no-active-checks So that could be added to configure's compilation command line. If neither of these solutions is acceptable then either the warning needs to be completely disabled or else the plugin needs some method t distinguish between compilation of configure tests and compilation of real code. > I believe this is a recently introduced regression. annobin-9.83-3.el9 did > not produce an error here, but annobin-10.06-1.el9 does. The reason that the plugin generates the warning is that the -flto option is being used. Since LTO compilation works on precompiled byte code the LTO compiler command line is stripped of all preprocessor options. Hence the annobin plugin that is run during LTO cannot check the -D_FORTIFY_SOURCE option. So instead the annobin plugin that is run during the creation of LTO-enhanced object files checks the command line (which does have the preprocessor options) and it generates a warning if the FORTIFY_SOURCE option is missing. Thoughts ?
(In reply to Nick Clifton from comment #1) > I am not sure what the expected behaviour is here. Clearly the warning > message from the annobin plugin is correct, the -D_FORTIFY_SOURCE=2 option > has not been provided on the compilation command line. So the obvious > solution would be to update the configure scripts to add the option. Would it be possible to serialize the fact whether _FORITFY_SOURCE was present along with the LTO data, perhaps as a plugin-specific function attribute? > As an alternative, there is a command line option which can disable this > warning message: -fplugin-arg-annobin-no-active-checks > So that could be added to configure's compilation command line. If we had that level of consistent control over package build systems, we wouldn't need annobin. I find it somewhat unlikely that maintainers are going to notice the warning in the build logs. But if we add it, we need to roll it out more carefully and check that it does not alter configure checks in more cases.
(In reply to Florian Weimer from comment #2) > Would it be possible to serialize the fact whether _FORITFY_SOURCE was > present along with the LTO data, perhaps as a plugin-specific function > attribute? Hmm, if that is possible then it would certainly be a better way to solve annocheck's need to detect the -D_FORTIFY_SOURCE option. I will ask Marek if this can be done. > I find it somewhat unlikely that maintainers are going to notice the warning > in the build logs. But if we add it, we need to roll it out more carefully > and check that it does not alter configure checks in more cases. I had hoped that maintainers would use -Werror as a matter of course, but you are, this cannot be relied upon. But I did also assume that it is safe for a plugin to generate a warning message, since without a deliberate use of -Werror they do not stop compilation. As a matter of interest, why is the autoconf test enabling -Werror ?
(In reply to Nick Clifton from comment #3) > As a matter of interest, why is the autoconf test enabling -Werror ? I think it checks if using inline (and by extension __inline__) produces a pedantic warning.
(In reply to Florian Weimer from comment #4) > > As a matter of interest, why is the autoconf test enabling -Werror ? > > I think it checks if using inline (and by extension __inline__) produces a > pedantic warning. Ah, OK - so this test would be vulnerable to other new warning messages from gcc, if they were triggered by the test code. What about the command line options used for the test ? They appear to have been generated from something like `rpm --eval %build_cflags` except not quite, as otherwise the -D_FORTIFY_SOURCE=2 option would be present.
Another question: Can I rely upon autoconf tests defining NDEBUG ? Maybe I could gate the warning message on the absence of that define ...
(In reply to Nick Clifton from comment #6) > Another question: Can I rely upon autoconf tests defining NDEBUG ? > Maybe I could gate the warning message on the absence of that define ... -DNDEBUG is specific to the pmix package. From config/pmix.m4: if test "$WANT_DEBUG" = "0"; then CFLAGS="-DNDEBUG $CFLAGS" fi
Resetting ITR to 9.1.0 as this is going to need some time to investigate. It may possible for the annobin plugin to inject information into the LTO data generated by gcc, but this is likely to be tricky. If it is not possible, then the only other option is to disable the warning message by default.
Hmm, I'm seeing this in rawhide mock now. I'm trying to build ruby, and configure fails: <mock-chroot> sh-5.1# cat conftest.c int main(void){return 0;} <mock-chroot> sh-5.1# gcc -c -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -m64 conftest.c conftest.c: warning: -D_FORTIFY_SOURCE not defined <mock-chroot> sh-5.1# gcc -fplugin-arg-annobin-no-active-checks -c -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -m64 conftest.c cc1: error: plugin annobin should be specified before ‘-fplugin-arg-annobin-no-active-checks’ in the command line <mock-chroot> sh-5.1# gcc -c -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -m64 conftest.c conftest.c: warning: -D_FORTIFY_SOURCE not defined <mock-chroot> sh-5.1# gcc -c -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -m64 conftest.c conftest.c: warning: -D_FORTIFY_SOURCE not defined <mock-chroot> sh-5.1# gcc -c -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -m64 conftest.c conftest.c: warning: -D_FORTIFY_SOURCE not defined I tried -fplugin-arg-annobin-no-active-checks, but it doesn't seem to work: <mock-chroot> sh-5.1# gcc -c -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fplugin-arg-annobin-no-active-checks -m64 conftest.c cc1: error: plugin annobin should be specified before ‘-fplugin-arg-annobin-no-active-checks’ in the command line <mock-chroot> sh-5.1# gcc -c -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fplugin-arg-annobin-no-active-checks -m64 conftest.c cc1: error: plugin annobin should be specified before ‘-fplugin-arg-annobin-no-active-checks’ in the command line Any advice?
annobin-plugin-gcc-10.47-2.fc36.x86_64 gcc-12.0.1-0.2.fc36.x86_64
(In reply to Zbigniew Jędrzejewski-Szmek from comment #9) Hi Zbigniew, > Hmm, I'm seeing this in rawhide mock now. I'm trying to build ruby, and > configure fails: > I tried -fplugin-arg-annobin-no-active-checks, but it doesn't seem to work: > cc1: error: plugin annobin should be specified before > ‘-fplugin-arg-annobin-no-active-checks’ in the command line > Any advice? The problem here is a bug in gcc's command line option processing. When it sees a -specs=... option it delays processing the contents until after the rest of the command line has been examined. So the -spec=redhat-annobin-cc1 option does not load the annobin plugin until after the rest of the command line has been processed. Hence the -fplugin-arg-annobin option does not work. :-( There is a workaround however: Simply load the plugin first, and then add the plugin argument option. Ie instead of adding: -fplugin-arg-annobin-no-active-checks add: -fplugin=annobin -fplugin-arg-annobin-no-active-checks This does mean that the annobin plugin ought to be loaded twice, but gcc is smart enough to detect that it has already been loaded, so the second load attempt (from the -spec=redhar-annobin-cc1 option) will be ignored. I hope that this helps. Cheers Nick
Thanks, I'll try that. In the meantime I was testing annobin versions: only annobin-10.50-1.fc36 has the problem. Both annobin-10.49-1.fc36 and annobin-10.48-6.fc36 work fine without any workarounds.
Right - I have a check to the gcc plugin in annobin-10.58-1.el9 so that it will only generate warning messages about the FORTIFY_SOURCE definition being missing if the source file's name does not start with "conftest.". This should handle any source file generated by autoconf. If the user has explicitly requested[1] that error messages are generated however, then these will still be issued, regardless of the source file name. [1]: Via -fplugin-arg-annobin-active-checks
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (annobin bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:7957