Created attachment 6341 [details] Possible fix If a user requests FORTIFY_SOURCE checking, but for whatever reason the checks are not enabled (for example optimizer not enabled), we should issue a warning.
Thanks for your report and patch. This is fixed slightly differently for glibc 2.16 with: commit 05c2c9618f583ea4acd69b3fe5ae2a2922dd2ddc Author: Roland Mc Grath <roland@hack.frob.com> Date: Tue May 8 19:44:57 2012 +0200 Warn if user requests __FORTIFY_SOURCE but it is disabled [BZ #13979] * include/features.h: Warn if user requests __FORTIFY_SOURCE checking but the checks are disabled for any reason.
Thanks. I'll update Fedora's repo appropriately.
This #warning appears to be causing more grief than it is solving; for example, see this autoconf thread that complains that it is breaking configure scripts, and therefore Debian's decision to revert this patch in their build of glibc: https://lists.gnu.org/archive/html/autoconf/2013-05/msg00003.html http://anonscm.debian.org/viewvc/pkg-glibc/glibc-package/trunk/debian/patches/any/local-revert-bz13979.diff?revision=5553&view=markup
Eric, could you summarize the situation and email libc-alpha about this, please? I wonder why this only now hits us - Fedora seems to be using this for some time already - don't they use FORTIFY_SOURCE checking?
Fedora uses it; I recall a bit of a disturbance when that change went in, but I believe the package owners bit the bullet and updated appropriately.
I did not found a thread on libc-alpha. How situation now looks?
Linux Arch still suffers from warnings flood produced by this code. We have following disto-wide compilation variables: CPPFLAGS="-D_FORTIFY_SOURCE=2" CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4" and compilation produces a lot of warnings in almost any c++ project: /usr/include/features.h:328:4: warning: #warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Wcpp] # warning _FORTIFY_SOURCE requires compiling with optimization (-O) What is the action item for us, downstream package maintainers? What we suppose to do? There were several proposals (see link to autoconf discussion above): - revert commit 05c2c9618f5 - move _FORTIFY_SOURCE to CFLAGS/CXXFLAGS/.. - move -O2 to CPPFLAGS Could you please give us advice on what solution is the best one.
(In reply to Anatol Pomozov from comment #7) > Linux Arch still suffers from warnings flood produced by this code. > > We have following disto-wide compilation variables: > > CPPFLAGS="-D_FORTIFY_SOURCE=2" > CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector > --param=ssp-buffer-size=4" > > and compilation produces a lot of warnings in almost any c++ project: Can you double-check if you set CXXFLAGS? And if not, figure out why?
I try to build Thrift package for Arch and here are envvars at the moment of build: LDFLAGS=-Wl,-O1,--sort-common,--as-needed,-z,relro SHELL=/bin/bash TERM=xterm MAKEFLAGS=-j4 CPPFLAGS=-D_FORTIFY_SOURCE=2 OLDPWD=/build/thrift/src USER=builduser COMMAND_MODE=legacy SUDO_USER=root SUDO_UID=0 CXXFLAGS=-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong --param=ssp-buffer-size=4 USERNAME=builduser MAIL=/var/mail/builduser PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/site_perl:/usr/bin/vendor_perl:/usr/bin/core_perl CHOST=x86_64-unknown-linux-gnu PWD=/build/thrift/src/thrift-0.9.2 LANG=C SHLVL=1 SUDO_COMMAND=/usr/bin/makepkg -s --noconfirm -L --holdver -i HOME=/build CFLAGS=-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong --param=ssp-buffer-size=4 LOGNAME=builduser TEXTDOMAIN=pacman-scripts SUDO_GID=0 TEXTDOMAINDIR=/usr/share/locale _=/usr/bin/env And here is command that generate warning: libtool: compile: g++ -DHAVE_CONFIG_H -I. -I../../.. -I../../../lib/cpp/src/thrift -I../../cpp/src -I/usr/include -I./gen-cpp -D_FORTIFY_SOURCE=2 -g -MT libtestgencpp_la-ThriftTest_constants.lo -MD -MP -MF .deps/libtestgencpp_la-ThriftTest_constants.Tpo -c gen-cpp/ThriftTest_constants.cpp -fPIC -DPIC -o .libs/libtestgencpp_la-ThriftTest_constants.o In file included from /usr/include/c++/4.9.2/x86_64-unknown-linux-gnu/bits/os_defines.h:39:0, from /usr/include/c++/4.9.2/x86_64-unknown-linux-gnu/bits/c++config.h:430, from /usr/include/c++/4.9.2/iosfwd:38, from gen-cpp/ThriftTest_types.h:10, from gen-cpp/ThriftTest_constants.h:10, from gen-cpp/ThriftTest_constants.cpp:7: /usr/include/features.h:328:4: warning: #warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Wcpp] # warning _FORTIFY_SOURCE requires compiling with optimization (-O) ^ hmm... libtool does not seems to use CXXFLAGS here.
(In reply to Anatol Pomozov from comment #9) > hmm... libtool does not seems to use CXXFLAGS here. Yes, so the warning is absolutely warranted here because the CXXFLAGS-based compiler flags injection does not work for some reason.
Digging deeper into Thrift build system I found that they just drop CFLAGS. It is wrong imho. Sent a patch upstream https://github.com/apache/thrift/pull/284 Sorry for the noise. I am going to look why other packages have this warning.