Commit b553a042 authored by John Snow's avatar John Snow Committed by Paolo Bonzini
Browse files

configure: disable FORTIFY_SOURCE under clang 

Some versions of clang may have difficulty compiling glibc headers when
-D_FORTIFY_SOURCE is used. For example, Clang++ 3.5.0-9.fc22 cannot
compile glibc's stdio headers when -D_FORTIFY_SOURCE=2 is used. This
manifests currently as build failures with clang and any arm target.

According to LLVM dev Richard Smith, clang does not target or support
FORTIFY_SOURCE + glibc, and it should not be relied on.
"It's still an unsupported combination, and while it might compile, some
of the checks are unlikely to work because they require a frontend
inliner to be useful"

See: http://lists.llvm.org/pipermail/cfe-dev/2015-November/045846.html



Conclusion: disable fortify-source if we appear to be using clang instead
of testing for compile success or failure, which may be incidental or not
indicative of proper support of the feature.

Signed-off-by: default avatarJohn Snow <jsnow@redhat.com>
Message-Id: <1446583422-10153-1-git-send-email-jsnow@redhat.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 8d31d6b6

configure

+16 −1
Original line number Diff line number Diff line
@@ -264,6 +264,7 @@ rdma="" 
gprof="no"

debug_tcg="no"

debug="no"

fortify_source=""

strip_opt="yes"

tcg_interpreter="no"

bigendian="no"
@@ -879,6 +880,7 @@ for opt do 
      debug_tcg="yes"

      debug="yes"

      strip_opt="no"

      fortify_source="no"

  ;;

  --enable-sparse) sparse="yes"

  ;;
@@ -4439,6 +4441,19 @@ if ! compile_object "-Werror"; then 
    ccache_cpp2=yes

fi



#################################################

# clang does not support glibc + FORTIFY_SOURCE.



if test "$fortify_source" != "no"; then

  if echo | $cc -dM -E - | grep __clang__ > /dev/null 2>&1 ; then

    fortify_source="no";

  elif echo | $cxx -dM -E - | grep __clang__ > /dev/null 2>&1 ; then

    fortify_source="no";

  else

    fortify_source="yes"

  fi

fi



##########################################

# End of CC checks

# After here, no more $cc or $ld runs
@@ -4446,7 +4461,7 @@ fi 
if test "$gcov" = "yes" ; then

  CFLAGS="-fprofile-arcs -ftest-coverage -g $CFLAGS"

  LDFLAGS="-fprofile-arcs -ftest-coverage $LDFLAGS"

elif test "$debug" = "no" ; then

elif test "$fortify_source" = "yes" ; then

  CFLAGS="-O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 $CFLAGS"

fi