emerge =bglibs-1.009-r1 ./compile uint64/unpack_msb.c ./compile sys/unsetenv.c ./makelib libbg-sysdeps.a sys/iopoll.o sys/setenv.o uint16/get.o uint16/pack.o uint16/unpack.o uint32/get_lsb.o uint32/get_msb.o uint32/pack_lsb.o uint32/pack_msb.o uint32/unpack_lsb.o uint32/unpack_msb.o uint64/get_lsb.o uint64/get_msb.o uint64/pack_lsb.o uint64/pack_msb.o uint64/unpack_lsb.o uint64/unpack_msb.o sys/unsetenv.o sh selftests.sh Creating temporary directory selftests.sh.tmp.3409 Testing adt/ghash_add.c cc1: error: unrecognized option `-strip' cc1: error: output filename specified twice =====> Compile failed! <===== Testing crc/crc16_arc_update.c cc1: error: unrecognized option `-strip' cc1: error: output filename specified twice =====> Compile failed! <===== Testing crc/crc16_ccitt_update.c cc1: error: unrecognized option `-strip' cc1: error: output filename specified twice =====> Compile failed! <===== [..] !!! ERROR: dev-libs/bglibs-1.009-r1 failed. !!! Function src_compile, Line 29, Exitcode 2 !!! (no error message) it looks like the command generated by selftests.sh: gcc -march=i686 -O3 -pipe -fomit-frame-pointer -I. -o crc/crc16_xmodem_update.o -c crc/crc16_xmodem_update.c -DSELFTEST_MAIN -o selftests.sh.tmp.13961/test.o returns this error on my fully upgraded selinux ~x86 system: cc1: error: unrecognized option `-strip' cc1: error: output filename specified twice but on a non-~ system with gcc 3.2.3 it runs ok. this is not a selinux-policy related error, but it would not be the first time when -fstack-protector option strikes back ;( Reproducible: Always Steps to Reproduce: 1. use ~x86, latest packages, my CFLAGS (glibc not compiled with -fstack-protector) 2. emerge rsync 3. emerge bglibs Portage 2.0.49-r15 (selinux-x86-1.4, gcc-3.3.1, glibc-2.3.2-r6, 2.4.21-selinux-r0) ================================================================= System uname: 2.4.21-selinux-r0 i686 Pentium III (Coppermine) Gentoo Base System version 1.4.3.11 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-march=i686 -O3 -pipe -fomit-frame-pointer -fstack-protector" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /var/qmail/control /usr/share/config /usr/kde/2/share/config /usr/kde/3/share/config" CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d" CXXFLAGS="-march=i686 -O3 -pipe -fomit-frame-pointer -fstack-protector" DISTDIR="/usr/portage/distfiles" FEATURES="sandbox ccache autoaddcvs userpriv" GENTOO_MIRRORS="ftp://xxxxx/pub/mirrors/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://xxxxxx/gentoo-portage" USE="x86 crypt ncurses selinux zlib berkdb readline tcpd pam ssl python -X -gtk -gnome -kde -java -jdk -alsa -qt -motif -emacs -svga -perl"
I don't think this is related to -fstack-protector I get the same error with CFLAGS="-march=pentium3 -O3 -pipe -fomit-frame-pointer" glibc is compiled with the above flags, all other stuff too
gcc 3.3.x and propolice/ssp have not been playing along well together. At this time we are not sure if it's gcc-3.3 or the patch ssp itself.
I have emerged gcc-3.3.2-r2 without the propolice patches and bglibs still won't compile (it gives me the exact same error). I will try to compile bglibs with a hand-made gcc 3.3.2 in order to rule out the possibility of a gcc-patch gone crazy.
ok, not even an unpatched gcc-3.3.2 is able to compile bglibs on my selinux devel machine. I'm not even so sure that specifying twice '-o ' as a gcc option should be supported ... but it worked with 3.2 ...
the bug is definetly not limited to selinux or hardened anything. i hit it on a box today, but it's only the test compiling that fails. For the moment, i've fixed -r1 in the cvs tree to not build and run the tests at all. I've put in the actual cause of it that I have traced in bug #32763
temp fix in cvs for the package.