All, I'm hoping for some suggestions particularly from the toolchain and hardened profile folk.
We have a compiler that goes via C and uses gcc as it's backend. This compiler does some pretty unpleasant things with the assembler output of gcc. For one thing it doesn't use the C stack. It strips off the prelude and epilogue of each function. Anyway, Suffice to say that it doesn't work with hardened gcc; that is both PIE and the stack protector. However turning these features off (by passing -nopie -fno-stack-protector to gcc) is not so easy when we consider that people can upgrade their gcc or change from a vanilla to a hardened profile *after* emerging ghc. gcc-3 supports both -nopie and -fno-stack-protector. So always using these would be ok if it were not for gcc-4 which doesn't grok -fno-stack-protector. If we don't use -fno-stack-protector then if someone changes from a vanilla gcc profile to a hardened one then the users will get breakage when they start using ghc again. We could have the ghc driver script work out dynamically which flags to pass to gcc to suppress the hardened stuff but I think we can all see the downside to that. We could say "don't switch to a hardened gcc profile - it doesn't work". We could say "don't use gcc 4 - it' not supported". However this will not last forever. We could ask the gcc-config people for some assistance. Perhaps by adding an extra env var GHC_CFLAGS that gives us the right flags. Or perhaps by hooking into gcc-config to have our flags updated whenever the user changes profile. Does anyone have any other suggestions? -- Duncan Coutts : Gentoo Developer (Haskell herd team lead) email : dcoutts at gentoo dot org -- [email protected] mailing list
