kloczek
commented
4 years ago Closed kloczek closed 4 years ago
kloczek
commented
4 years ago 
williamcroberts
commented
4 years ago Interesting, my local and ci builds don't fail from this. So I wouldn't consider this an issue with the release but rather a bug. What's your gcc version?
kloczek
commented
4 years ago gcc version 9.2.1 20190827 (Red Hat 9.2.1-1) (GCC) from fedora rawhide
williamcroberts
commented
4 years ago @kloczek perfect thanks. Ill run some tests and get a patch out soon.
williamcroberts
commented
4 years ago On Fedora-30, it has the same compiler version:
gcc --version
gcc (GCC) 9.2.1 20190827 (Red Hat 9.2.1-1)
Copyright (C) 2019 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.I wasn't able to reproduce, see build below.
[root@8cfbca229a73 tpm2-pkcs11]# ./configure --enable-unit --enable-integration
checking whether to enable debugging... info
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking whether gcc understands -c and -o together... yes
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking how to print strings... printf
checking for a sed that does not truncate output... /usr/bin/sed
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for fgrep... /usr/bin/grep -F
checking for ld used by gcc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking how to convert x86_64-pc-linux-gnu file names to x86_64-pc-linux-gnu format... func_convert_file_noop
checking how to convert x86_64-pc-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %s\n
checking for ar... ar
checking for archiver @FILE support... @
checking for strip... strip
checking for ranlib... ranlib
checking for gawk... gawk
checking command to parse /usr/bin/nm -B output from gcc object... ok
checking for sysroot... no
checking for a working dd... /usr/bin/dd
checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1
./configure: line 5836: /usr/bin/file: No such file or directory
checking for mt... no
checking if : is a manifest tool... no
checking how to run the C preprocessor... gcc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... no
checking for gcc option to produce PIC... -fPIC -DPIC
checking if gcc PIC flag -fPIC -DPIC works... yes
checking if gcc static flag -static works... no
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/usr/bin/ld) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... yes
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /usr/bin/mkdir -p
checking whether make sets $(MAKE)... yes
checking whether make supports the include directive... yes (GNU style)
checking whether make supports nested variables... yes
checking dependency style of gcc... gcc3
checking whether make supports nested variables... (cached) yes
checking whether to build with code coverage support... no
checking for pkg-config... /usr/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for TSS2_ESYS... yes
checking for TSS2_MU... yes
checking for TSS2_TCTILDR... yes
checking for TSS2_RC... yes
checking for SQLITE3... yes
checking for YAML... yes
checking for CRYPTO... yes
checking whether gcc is Clang... no
checking whether pthreads work with -pthread... yes
checking for joinable pthread attribute... PTHREAD_CREATE_JOINABLE
checking whether more special flags are required for pthreads... no
checking for PTHREAD_PRIO_INHERIT... yes
checking if LD -Wl,--version-script works... yes
checking for CMOCKA... yes
checking for gcj... no
checking for guavac... no
checking for jikes... no
checking for javac... javac
checking if javac works... yes
checking for kaffe... no
checking for java... java
checking if java works... yes
checking for CMOCKA... yes
checking for tpm_server... yes
checking for ss... yes
checking for org.junit.Assert class... yes
checking for org.hamcrest.SelfDescribing class... yes
checking for P11KIT... no
checking whether C compiler accepts -Wall... yes
checking whether C compiler accepts -Wextra... yes
checking whether C compiler accepts -Werror... yes
checking whether C compiler accepts -Wformat... yes
checking whether C compiler accepts -Wformat-security... yes
checking whether C compiler accepts -Wstack-protector... yes
checking whether C compiler accepts -fstack-protector-all... yes
checking whether C compiler accepts -Wstrict-overflow=5... yes
checking whether C compiler accepts -O2... yes
checking whether to add -D_FORTIFY_SOURCE=2 to CPPFLAGS... yes
checking whether C compiler accepts -fPIC... yes
checking whether the linker accepts -shared... yes
checking whether C compiler accepts -fPIE... yes
checking whether the linker accepts -pie... yes
checking whether the linker accepts -Wl,-z,relro... yes
checking whether the linker accepts -Wl,-z,now... yes
checking whether C compiler accepts -fdata-sections... yes
checking whether C compiler accepts -ffunction-sections... yes
checking whether the linker accepts -Wl,--gc-sections... yes
configure: Not using compiler options to reduce binary size!
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating Makefile
config.status: creating lib/tpm2-pkcs11.pc
config.status: creating src/lib/config.h
config.status: executing libtool commands
config.status: executing depfiles commands
[root@8cfbca229a73 tpm2-pkcs11]# make -j4 check TESTS=''
CLASSPATH=./test/integration:././test/integration${CLASSPATH:+":$CLASSPATH"} javac -d ./test/integration test/integration/PKCS11JavaTests.java
CC src/pkcs11.lo
CC src/lib/attrs.lo
AR test/integration/libtest.a
CC src/lib/db.lo
CC src/lib/digest.lo
CC src/lib/emitter.lo
echo timestamp > classnoinst.stamp
CC src/lib/encrypt.lo
CC src/lib/general.lo
CC src/lib/key.lo
CC src/lib/mutex.lo
CC src/lib/object.lo
CC src/lib/openssl_compat.lo
CC src/lib/parser.lo
CC src/lib/random.lo
CC src/lib/session.lo
CC src/lib/session_ctx.lo
CC src/lib/session_table.lo
CC src/lib/sign.lo
CC src/lib/slot.lo
CC src/lib/token.lo
CC src/lib/tpm.lo
CC src/lib/twist.lo
CC src/lib/typed_memory.lo
CC src/lib/utils.lo
CCLD src/libtpm2_test_internal.la
CCLD src/libtpm2_pkcs11.la
CCLD src/libtpm2_test_pkcs11.la
make test/integration/pkcs-find-objects.int test/integration/pkcs-get-mechanism.int test/integration/pkcs-get-attribute-value.int test/integration/pkcs-login-logout.int test/integration/pkcs-sign-verify.int test/integration/pkcs-initialize-finalize.int test/integration/pkcs-misc.int test/integration/pkcs-crypt.int test/integration/pkcs-keygen.int test/integration/pkcs-session-state.int test/unit/test_twist test/unit/test_log test/unit/test_parser test/unit/test_attr test/integration/pkcs11-tool.sh test/integration/pkcs11-tool-init.sh.nosetup test/integration/pkcs11-dbup.sh.nosetup test/integration/tls-tests.sh test/integration/pkcs11-javarunner.sh.java
make[1]: Entering directory '/workspace/tpm2-pkcs11'
(CDPATH="${ZSH_VERSION+.}:" && cd . && /bin/sh /workspace/tpm2-pkcs11/missing autoheader)
make[1]: Nothing to be done for 'test/integration/pkcs11-tool.sh'.
make[1]: Nothing to be done for 'test/integration/pkcs11-tool-init.sh.nosetup'.
make[1]: Nothing to be done for 'test/integration/pkcs11-dbup.sh.nosetup'.
make[1]: Nothing to be done for 'test/integration/tls-tests.sh'.
make[1]: Nothing to be done for 'test/integration/pkcs11-javarunner.sh.java'.
CC test/integration/pkcs_find_objects_int-pkcs-find-objects.int.o
CC test/integration/pkcs_find_objects_int-test.o
CC test/integration/pkcs_get_mechanism_int-pkcs-get-mechanism.int.o
CC test/integration/pkcs_get_mechanism_int-test.o
CC test/integration/pkcs_get_attribute_value_int-pkcs-get-attribute-value.int.o
rm -f src/lib/stamp-h1
CC test/integration/pkcs_get_attribute_value_int-test.o
touch src/lib/config.h.in
CC test/integration/pkcs_login_logout_int-pkcs-login-logout.int.o
CC test/integration/pkcs_login_logout_int-test.o
CC test/integration/pkcs_sign_verify_int-pkcs-sign-verify.int.o
CC test/integration/pkcs_sign_verify_int-test.o
CC test/integration/pkcs_initialize_finalize_int-pkcs-initialize-finalize.int.o
CC test/integration/pkcs_initialize_finalize_int-test.o
CC test/integration/pkcs_misc_int-pkcs-misc.int.o
CC test/integration/pkcs_misc_int-test.o
CC test/integration/pkcs_crypt_int-pkcs-crypt.int.o
CC test/integration/pkcs_crypt_int-test.o
CC test/integration/pkcs_keygen_int-pkcs-keygen.int.o
CC test/integration/pkcs_keygen_int-test.o
CC test/integration/pkcs_session_state_int-pkcs-session-state.o
CC test/integration/pkcs_session_state_int-test.o
CC test/unit/test_twist-test_twist.o
CC test/unit/test_log-test_log.o
CC test/unit/test_parser-test_parser.o
CC test/unit/test_attr-test_attr.o
cd . && /bin/sh ./config.status src/lib/config.h
config.status: creating src/lib/config.h
config.status: src/lib/config.h is unchanged
CCLD test/integration/pkcs-find-objects.int
CCLD test/integration/pkcs-get-attribute-value.int
CCLD test/integration/pkcs-get-mechanism.int
CCLD test/integration/pkcs-login-logout.int
CCLD test/integration/pkcs-sign-verify.int
CCLD test/integration/pkcs-initialize-finalize.int
CCLD test/integration/pkcs-misc.int
CCLD test/integration/pkcs-crypt.int
CCLD test/integration/pkcs-keygen.int
CCLD test/integration/pkcs-session-state.int
CCLD test/unit/test_twist
CCLD test/unit/test_log
CCLD test/unit/test_parser
CCLD test/unit/test_attr
make[1]: Leaving directory '/workspace/tpm2-pkcs11'
make check-TESTS
make[1]: Entering directory '/workspace/tpm2-pkcs11'
make[2]: Entering directory '/workspace/tpm2-pkcs11'
============================================================================
Testsuite summary for tpm2-pkcs11 1.0.1-37-g2b89daa
============================================================================
# TOTAL: 0
# PASS: 0
# SKIP: 0
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
============================================================================
make[2]: Leaving directory '/workspace/tpm2-pkcs11'
make[1]: Leaving directory '/workspace/tpm2-pkcs11'[root@8cfbca229a73 tpm2-pkcs11]# ./configure --enable-unit --enable-integration
You did not inject LTO options to CFLAGS and LDFLAGS and gcc-{ar,nm,ranlib} to AR, NM and RANLIB env variables so above is without using LTO.
williamcroberts
commented
4 years ago [root@8cfbca229a73 tpm2-pkcs11]# ./configure --enable-unit --enable-integration
You did not inject LTO options to CFLAGS and LDFLAGS and gcc-{ar,nm,ranlib} to AR, NM and RANLIB env variables so above is without using LTO.
How do I enable them? Is that what -O to make does?
kloczek
commented
4 years ago Here is rpm macro which is used on setting up meson, cmake and ac.am/lt based framework which adds set of env variables from which all those frameworks are taking necessary settings:
$ rpm -E %set_build_flags
export CFLAGS="${CFLAGS:--O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -flto=auto -flto-partition=none}";
export CXXFLAGS="${CXXFLAGS:--O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -flto=auto -flto-partition=none}";
export FFLAGS="${FFLAGS:--O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -I/usr/lib64/gfortran/modules -flto=auto -flto-partition=none}";
export FCFLAGS="${FCFLAGS:--O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -I/usr/lib64/gfortran/modules -flto=auto -flto-partition=none}";
export LDFLAGS="${LDFLAGS:--Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -flto=auto -flto-partition=none -fuse-linker-plugin}";
export AR="/usr/bin/gcc-ar" RANLIB="/usr/bin/gcc-ranlib" NM="/usr/bin/gcc-nm";
export CC="gcc" CXX="g++"Pure LTO settings from above van be stripped down to:
export CFLAGS="${CFLAGS:-flto-partition=none}";
export LDFLAGS="${LDFLAGS: -flto-partition=none -fuse-linker-plugin}";
export AR="/usr/bin/gcc-ar" RANLIB="/usr/bin/gcc-ranlib" NM="/usr/bin/gcc-nm";
export CC="gcc" CXX="g++"-flto-partition=none is only temporary workaround for some gcc issues (when everything will be fixed in gcc it can be used -flto-partition=auto)
williamcroberts
commented
4 years ago Already Fixed: 78415ac726e3, this will be on 1.1-RC1 as 0c0a54a3
kloczek
commented
4 years ago Only sending confirmation that now everything is fine .
Thx :)