Package: lintian Version: 2.5.8 Severity: wishlist [#657699 is a special case of this]
Hi, It would be useful to have a check for .pc (pkg-config) files introducing flags they probably should not, like Cflags -O2, -g or -DNDEBUG. I went through all the .pc files in the current sid amd64 archive. Here are some examples I consider suspicious: Cflags field ============ Some "interesting" examples from the archive: usr/lib/pkgconfig/omnithread3.pc:Cflags: -D__x86_64__ -D__linux__ -D__OSVERSION__=2 -I${includedir} * The first three look quite obviously bogus to me usr/lib/pkgconfig/znc.pc:MODFLAGS=-g -DVERSION_EXTRA=\"+deb2\" -D_FORTIFY_SOURCE=2 -O2 -Wall -W -Wno-unused-parameter -Woverloaded-virtual -Wshadow -fvisibility=hidden -fPIC -DICONV_CONST= * Don't know how all these should be caught... But (almost?) all of these are something that I think shouldn't be there. Probably at least all -W*, -O*, -g* should trigger a warning, ditto for -D_FORTIFY_SOURCE=*? What about -fPIC and -fPIE? usr/lib/pkgconfig/dolfin.pc:Cflags: -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall -D_FORTIFY_SOURCE=2 -frounding-math -fopenmp -DDOLFIN_VERSION=\"1.0.0\" -DBOOST_UBLAS_NDEBUG -DHAS_SLEPC -DHAS_PETSC -DHAS_UMFPACK -DHAS_CHOLMOD -DHAS_SCOTCH -DHAS_CGAL -DHAS_ZLIB -DHAS_MPI -DMPICH_IGNORE_CXX_SEEK -DHAS_OPENMP -I${includedir} -I/usr/lib/openmpi/include/openmpi -I/usr/lib/openmpi/include -I/usr/lib/openmpi/include/openmpi -I/usr/lib/openmpi/include -I/usr/include -I/usr/include -I/usr/include -I/usr/include -I/usr/include -I/usr/include -I/usr/include/scotch -I/usr/include/suitesparse -I/usr/include/suitesparse -I/usr/lib/openmpi/include/openmpi -I/usr/lib/openmpi/include -I/usr/include/suitesparse -I/usr/include/scotch -I/usr/include/spooles -I/usr/include -I/usr/lib/petscdir/3.2/linux-gnu-c-opt/include -I/usr/lib/petscdir/3.2/include -I/usr/lib/slepcdir/3.2/include -I/usr/lib/slepcdir/3.2/linux-gnu-c-opt/include -I/usr/lib/slepcdir/3.2 -I/usr/include -I/usr/include -I/usr/include -I/usr/include/libxml2 * -fstack-protector, --param=ssp-buffer-size=4, -frounding-math, probably -DHAS_* usr/lib/pkgconfig/clam_core.pc:Cflags: -I${includedir} -DCLAM_FLOAT -DUSE_XERCES=1 -DCLAM_USE_XML -DCLAM_USE_XML -DUSE_LADSPA=1 -I/usr/local/include * -I/usr/local/* seems wrong usr/lib/pkgconfig/scilab.pc:Cflags: -I${includedir} -lieee -lSM -lncurses -ltk8.4 -ltcl8.4 -ldl * having -l* in Cflags seems weird usr/lib/pkgconfig/meep.pc:Cflags: -I${includedir} -malign-double -march=core2 * -march=core2 will probably make the result crash on some other archs usr/lib/pkgconfig/libview.pc:Cflags: -I${includedir} @PACKAGE_CFLAGS@ usr/lib/pkgconfig/sfst-1.2.pc:Cflags: -I${includedir}/sfst-1.0 -I${libdir}/sfst-1.0/include @SFST_CFLAGS@ * not sure what this does. There's no mention of PACKAGE_CFLAGS or SFST_CFLAGS anywhere else. usr/lib/x86_64-linux-gnu/pkgconfig/opensaml.pc:Cflags: -I${includedir} -pthread -g -Wall -O2 -O2 -DNDEBUG * -DNDEBUG will surprise the user by making assertions not work usr/lib/pkgconfig/libspatialindex.pc:Cflags: -I${includedir}/spatialindex -Wall -Wno-long-long -pedantic * -pedantic usr/lib/pkgconfig/commoncpp.pc:Cflags: -Wno-long-long -DNEW_STDCPP -pthread -fno-check-new -finline -fvisibility=hidden -DUCOMMON_VISIBILITY=1 * at least -fno-check-new, -finline usr/lib/pkgconfig/libhocr-gtk.pc:Cflags: -I@pkgincludedir@ usr/lib/pkgconfig/drizzle.pc:pkgincludedir=@pkgincludedir@ * the latter is not used in Cflags, but might still be worth catching... * Also, some .pc files include fields named CFlags (instead of Cflags) or some such. My impression is that the field name is case sensitive, so that may not do what is intended. I did not check this, though. Some packages make automatic checking harder: usr/lib/x86_64-linux-gnu/pkgconfig/volk.pc:LV_CXXFLAGS= usr/lib/x86_64-linux-gnu/pkgconfig/volk.pc:Cflags: -I${includedir} ${LV_CXXFLAGS} * nothing wrong with this per se usr/lib/pkgconfig/codeblocks.pc:Cflags: -I${includedir}/codeblocks \ usr/lib/pkgconfig/codeblocks.pc: -I${includedir}/codeblocks/tinyxml \ usr/lib/pkgconfig/codeblocks.pc: -I${includedir}/codeblocks/scripting/include \ usr/lib/pkgconfig/codeblocks.pc: -I${includedir}/codeblocks/scripting/bindings \ * continued lines may also hide stuff from a dumb checker Other fields ============ usr/lib/x86_64-linux-gnu/pkgconfig/libbt.pc:Libs: -L${libdir} -lbt -Wl,-z,relro -L/usr/lib -L/usr/local/lib * -L/usr/local/lib usr/share/doc/libopal-doc/examples/samples/opal.pc:Libs: -L/usr/local/src/pkg-voip/build-area/opal-3.10.4~dfsg/lib_linux_x86_64 -L${libdir} -lopal${suffix} * weird -L -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.4.0 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages lintian depends on: ii binutils 2.22-6.1 ii bzip2 1.0.6-3 ii diffstat 1.55-3 ii file 5.11-1 ii gettext 0.18.1.1-9 ii hardening-includes 2.1 ii intltool-debian 0.35.0+20060710.1 ii libapt-pkg-perl 0.1.26+b1 ii libc-bin 2.13-33 ii libclass-accessor-perl 0.34-1 ii libclone-perl 0.31-1+b2 ii libdpkg-perl 1.16.4 ii libemail-valid-perl 0.190-1 ii libipc-run-perl 0.91-1 ii libparse-debianchangelog-perl 1.2.0-1 ii libtimedate-perl 1.2000-1 ii liburi-perl 1.60-1 ii locales 2.13-33 ii locales-all [locales] 2.13-33 ii man-db 2.6.1-2 ii patchutils 0.3.2-1.1 ii perl [libdigest-sha-perl] 5.14.2-11 ii unzip 6.0-6 lintian recommends no packages. Versions of packages lintian suggests: ii binutils-multiarch 2.22-6.1 ii dpkg-dev 1.16.4 ii libhtml-parser-perl 3.69-2 ii libtext-template-perl 1.45-2 ii man-db 2.6.1-2 ii xz-utils 5.1.1alpha+20110809-3 -- no debconf information
signature.asc
Description: Digital signature