Summary: | dev-lang/spidermonkey-1.7.0 fails to compile with hardened GCC 4.4.3 | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Krzysztof Nowicki <krissn> |
Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
Status: | RESOLVED OBSOLETE | ||
Severity: | normal | CC: | aballier, anton.kochkov, binki, bugs+gentoo, esigra, torinthiel, wyatt |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 326285, 347914 | ||
Bug Blocks: | 306835 | ||
Attachments: |
Change $(LD) to $(CC)
Change ld to gcc files/spidermonkey-1.7.0-no-ld.patch multilib-portage.build.log |
Description
Krzysztof Nowicki
2010-06-27 16:51:26 UTC
# emerge --info =dev-lang/spidermonkey-1.7.0 Portage 2.1.8.3 (selinux/v2refpolicy/x86/hardened, gcc-4.4.3, glibc-2.11.1-r0, 2.6.29-hardened i686) ================================================================= System Settings ================================================================= System uname: Linux-2.6.29-hardened-i686-VIA_Eden_Processor_1200MHz-with-gentoo-1.12.13 Timestamp of tree: Sat, 26 Jun 2010 18:00:01 +0000 app-shells/bash: 4.0_p37 dev-java/java-config: 1.3.7-r1, 2.1.8-r1 dev-lang/python: 2.6.5-r2 sys-apps/baselayout: 1.12.13 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.63-r1 sys-devel/automake: 1.4_p6, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc: 3.4.6-r2, 4.3.4, 4.4.3-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="x86" ACCEPT_LICENSE="* -@EULA @FSF-APPROVED dlj-1.1" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=i686 -O2 -pipe -fforce-addr -mmmx -msse -msse2" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=i686 -O2 -pipe -fforce-addr -mmmx -msse -msse2" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests distlocks fixpackages loadpolicy news parallel-fetch protect-owned sandbox selinux sesandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org" LC_ALL="pl_PL.UTF-8" LDFLAGS="-Wl,-O1" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_COMPRESS="lzma" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="7zip apache2 bash-completion bashlogger berkdb bzip2 caps cli cracklib crypt cxx dri ftp gd hardened iconv imap ipv6 json kerberos lzma mhash mmx mmxext modules mudflap mysql ncurses nls openmp pam pcre perl php pic posix pppd python readline reflection samba selinux session sftp slang spl sse sse2 ssl sysvipc tcpd threads truetype unicode x86 xml xorg xsl zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers identimagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="worker" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa via vmware voodoo" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LINGUAS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY ================================================================= Package Settings ================================================================= dev-lang/spidermonkey-1.7.0 was built with the following: USE="(selinux) -threadsafe" LDFLAGS="" >>> Attempting to run pkg_info() for 'dev-lang/spidermonkey-1.7.0' * pkg_info() is not defined: 'spidermonkey-1.7.0.ebuild' Do the dev-lang/spidermonkey-1.7.0-r1 fail the same way? (In reply to comment #2) > Do the dev-lang/spidermonkey-1.7.0-r1 fail the same way? > Yes, dev-lang/spidermonkey-1.7.0-r1 fails with exactly the same error. Created attachment 236867 [details, diff]
Change $(LD) to $(CC)
We use gcc instead of calling ld direct.
First, why do you use -Xlinker instead of the more standard -Wl,-soname ? Secondly, if I understand it correctly, having ssp by default on hardened completely removes the ability not to link to the libc, right ? Why not fixing the linker to link to libc_nonshared.a by default instead ? As I understand it, it is *always* needed with the hardened toolchain... Created attachment 237101 [details, diff]
Change ld to gcc
New patch
I'm a little confused here. At this point I'm used to adding --keep-going to my emerge updates because of this, but there's been a patch available for over three months. Is there a reason why hasn't it made it into portage yet? (In reply to comment #7) > I'm a little confused here. At this point I'm used to adding --keep-going to my > emerge updates because of this, but there's been a patch available for over > three months. Is there a reason why hasn't it made it into portage yet? > This will be fixed soon as the update is made which we have a current bug for now. 1.9.2.13 is no in the tree and works fine for hardened. Created attachment 259514 [details]
files/spidermonkey-1.7.0-no-ld.patch
Fixes compilation issue described in this bug, fixes missing $(LDFLAGS), and fixes missing $(CLFAGS) (which causes a compilation error for portage-multilib folk).
Created attachment 259515 [details]
multilib-portage.build.log
The patch fixes build problems not just for hardened but also for portage-multilib users.
May someone update the bug summary to reflect this?
(In reply to comment #9) > 1.9.2.13 is no in the tree and works fine for hardened. This version works fine for multilib-portage users too, but elinks's dependency metadata specifies <=dev-lang/spidermonkey-1.9 -- thus, this fix should be applied to the spidermonkey-1.7.0 series so that elinks can be installed. *** Bug 407613 has been marked as a duplicate of this bug. *** Is this bug relevant any longer? I know the patch hasn't been applied but I believe all other packages in the tree either embed their own spidermonkey or will work with 1.8.5 |