2012/6/24 Guillem Jover wrote:

>> Why? Just to have it autotools-compatible? If I was writing a custom
>> build system I would be thinking about using -Wp option, since that's
>> exactly why it's there for — to pass some options to the preprocessor
>> (or, being honest, I would ignore CPPFLAGS unless I use the preprocessor).
>
> That would be wrong as -Wp bypassed the compiler driver.

Yes, that's the point! If user wanted to pass parameters to the compiler,
he would used CFLAGS/CXXFLAGS. And since he used CPPFLAGS I assume that he
wanted to pass them to the preprocessor, not compiler. So when invoking
gcc build system must prepend CPPFLAGS with -Wp.

BTW, it's interesting that Fedora/CentOS use -Wp,-D_FORTIFY_SOURCE=2
and they use it in CFLAGS/CXXFLAGS.

> No one forces you to pass CPPFLAGS to the build system

Ah, no, I did not mean that. I just mean that not every build system
support CPPFLAGS, and even those who support it, do it in different
ways. So if "dpkg" wants to be easy to use with many build systems,
it should stick to CFLAGS/CXXFLAGS, and avoid using CPPFLAGS if that
is possible.

> you can always do something like:
> make CFLAGS="$(CPPFLAGS) $(CFLAGS)"

It's not just I "can". As long as dpkg uses CPPFLAGS I must do that.
And the "must" is there only because of dpkg-buildflags. I would not
have to do that if dpkg was not setting CPPFLAGS.

> having to split CPPFLAGS after the fact for build systems that do
> support it would be extremely annoying.

I agree. It may not be a good idea in general. But in our case the
-D_FORTIFY_SOURCE=2 option does not have to be split, so it's not
a problem. After all CPPFLAGS without CFLAGS are only used by
./configure tests, and this option does nothing for them.

> _FORTIFY_SOURCE *is* a preprocesssor macro, you just need to grep for
> it in /user/include/ [...] try including <stdio.h> for example and
> setting an optimization level > 0 in the preprocessor call.

Right, my bad. When I checked that on my machine I did:
$ cpp test.cpp | md5sum
$ cpp -D_FORTIFY_SOURCE=2 test.cpp | md5sum
$ g++ -O2 -c test.cpp && md5sum test.o
$ g++ -O2 -D_FORTIFY_SOURCE=2 -c test.cpp && md5sum test.o
But running `cpp -O2 ...` actually makes the difference. In my defence
I can only say that this option is not documented in `man cpp`.

Looks like "-O2" is a preprocessor option too.

> No, as per above, and there's no workaround here, just different build
> system conventions.

Yes. There're different system conventions. But still dpkg-buildflags
should do something. Currently it sets: CFLAGS, CXXFLAGS, FFLAGS, LDFLAGS
and CPPFLAGS. Why it sets just these? Why doesn't it set, for example
CMAKE_C_FLAGS, or QMAKE_CXXFLAGS instead? It's because those are the most
popular flags, right? All of them are supported by most build systems.
All of them except CPPFLAGS.

Currently autotools packages must write rules in one way, while packages
of other build systems must do it in another. Why? Why dpkg prefers one
build system to the others? It's really trivial to make dpkg compatible
with almost all the build systems around by just dropping CPPFLAGS. This
will make packaging easier. Why not do that?

>> PS: Bugs must be fixed, not documented, IMO.
>
> There's no bug here.

There's a workaround. It means there's a bug being workarounded.
Since it's about dpkg and cmake, the bug is either in dpkg, or cmake
or somewhere between them. Since it happens for other build systems,
I tend to think it's in dpkg.

I'm not telling that nobody must ever use CPPFLAGS. As Russ Allbery wrote
it's necessary to use it if you have std-includes in an unusual location.
What I suggest is to not use CPPFLAGS when it's not needed.

To make it shorter. Dpkg-buildflags must set -D_FORTIFY_SOURCE=2 somewhere.
There're options:
1. Put -D_FORTIFY_SOURCE=2 to CPPFLAGS (autotools)
advantages: none?
disadvantages: makes [cq]make packaging a little bit harder
2. Put -D_FORTIFY_SOURCE=2 to CFLAGS/CXXFLAGS
advantages: makes any packaging a little bit easier
disadvantages: none?
3. Put _FORTIFY_SOURCE=2 to DEFINES (qmake)
advantages: none?
disadvantages: makes autotools packaging a little bit harder
4. Put it to any other variable XXX
advantages: none?
disadvantages: makes any packaging a little bit harder

I'm for #2.

The "it belongs to CPPFLAGS" thing is neither advantage nor disadvantage,
because it also belongs to CMAKE_C_FLAGS, CMAKE_CXX_FLAGS, QMAKE_CXXFLAGS
or even qmake's DEFINES option, and probably a lot of other variables of
different build systems around. It does not mean that dpkg-buildflags
should set them all.

Also if you consider "it belongs to CPPFLAGS" an important argument,
you should move "-O2" to CPPFLAGS too, because -D_FORTIFY_SOURCE=2
is a preprocessor option only together with -O2, it does nothing
without it (see above).

Yes, "it belongs to CPPFLAGS" is a good argument when you're trying to
convince someone, but it's not really an advantage, it does not make
anything better.

PS: thanks to Russ Allbery for detailed *FLAGS description, it helped me
to understand the origins.

--
Let's make packaging easier,
Serge


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAOVenEqqDjae9kbpm6SWKTHyK3yrXkJKw2RVcScQxvBUb8Tr7 w@mail.gmail.com">http://lists.debian.org/CAOVenEqqDjae9kbpm6SWKTHyK3yrXkJKw2RVcScQxvBUb8Tr7 w@mail.gmail.com

2012/6/24 Guillem Jover wrote:

>> Why? Just to have it autotools-compatible? If I was writing a custom
>> build system I would be thinking about using -Wp option, since that's
>> exactly why it's there for — to pass some options to the preprocessor
>> (or, being honest, I would ignore CPPFLAGS unless I use the preprocessor).
>
> That would be wrong as -Wp bypassed the compiler driver.

Yes, that's the point! If user wanted to pass parameters to the compiler,
he would used CFLAGS/CXXFLAGS. And since he used CPPFLAGS I assume that he
wanted to pass them to the preprocessor, not compiler. So when invoking
gcc build system must prepend CPPFLAGS with -Wp.

BTW, it's interesting that Fedora/CentOS use -Wp,-D_FORTIFY_SOURCE=2
and they use it in CFLAGS/CXXFLAGS.

> No one forces you to pass CPPFLAGS to the build system

Ah, no, I did not mean that. I just mean that not every build system
support CPPFLAGS, and even those who support it, do it in different
ways. So if "dpkg" wants to be easy to use with many build systems,
it should stick to CFLAGS/CXXFLAGS, and avoid using CPPFLAGS if that
is possible.

> you can always do something like:
> make CFLAGS="$(CPPFLAGS) $(CFLAGS)"

It's not just I "can". As long as dpkg uses CPPFLAGS I must do that.
And the "must" is there only because of dpkg-buildflags. I would not
have to do that if dpkg was not setting CPPFLAGS.

> having to split CPPFLAGS after the fact for build systems that do
> support it would be extremely annoying.

I agree. It may not be a good idea in general. But in our case the
-D_FORTIFY_SOURCE=2 option does not have to be split, so it's not
a problem. After all CPPFLAGS without CFLAGS are only used by
./configure tests, and this option does nothing for them.

> _FORTIFY_SOURCE *is* a preprocesssor macro, you just need to grep for
> it in /user/include/ [...] try including <stdio.h> for example and
> setting an optimization level > 0 in the preprocessor call.

Right, my bad. When I checked that on my machine I did:
$ cpp test.cpp | md5sum
$ cpp -D_FORTIFY_SOURCE=2 test.cpp | md5sum
$ g++ -O2 -c test.cpp && md5sum test.o
$ g++ -O2 -D_FORTIFY_SOURCE=2 -c test.cpp && md5sum test.o
But running `cpp -O2 ...` actually makes the difference. In my defence
I can only say that this option is not documented in `man cpp`.

Looks like "-O2" is a preprocessor option too.

> No, as per above, and there's no workaround here, just different build
> system conventions.

Yes. There're different system conventions. But still dpkg-buildflags
should do something. Currently it sets: CFLAGS, CXXFLAGS, FFLAGS, LDFLAGS
and CPPFLAGS. Why it sets just these? Why doesn't it set, for example
CMAKE_C_FLAGS, or QMAKE_CXXFLAGS instead? It's because those are the most
popular flags, right? All of them are supported by most build systems.
All of them except CPPFLAGS.

Currently autotools packages must write rules in one way, while packages
of other build systems must do it in another. Why? Why dpkg prefers one
build system to the others? It's really trivial to make dpkg compatible
with almost all the build systems around by just dropping CPPFLAGS. This
will make packaging easier. Why not do that?

>> PS: Bugs must be fixed, not documented, IMO.
>
> There's no bug here.

There's a workaround. It means there's a bug being workarounded.
Since it's about dpkg and cmake, the bug is either in dpkg, or cmake
or somewhere between them. Since it happens for other build systems,
I tend to think it's in dpkg.

I'm not telling that nobody must ever use CPPFLAGS. As Russ Allbery wrote
it's necessary to use it if you have std-includes in an unusual location.
What I suggest is to not use CPPFLAGS when it's not needed.

To make it shorter. Dpkg-buildflags must set -D_FORTIFY_SOURCE=2 somewhere.
There're options:
1. Put -D_FORTIFY_SOURCE=2 to CPPFLAGS (autotools)
advantages: none?
disadvantages: makes [cq]make packaging a little bit harder
2. Put -D_FORTIFY_SOURCE=2 to CFLAGS/CXXFLAGS
advantages: makes any packaging a little bit easier
disadvantages: none?
3. Put _FORTIFY_SOURCE=2 to DEFINES (qmake)
advantages: none?
disadvantages: makes autotools packaging a little bit harder
4. Put it to any other variable XXX
advantages: none?
disadvantages: makes any packaging a little bit harder

I'm for #2.

The "it belongs to CPPFLAGS" thing is neither advantage nor disadvantage,
because it also belongs to CMAKE_C_FLAGS, CMAKE_CXX_FLAGS, QMAKE_CXXFLAGS
or even qmake's DEFINES option, and probably a lot of other variables of
different build systems around. It does not mean that dpkg-buildflags
should set them all.

Also if you consider "it belongs to CPPFLAGS" an important argument,
you should move "-O2" to CPPFLAGS too, because -D_FORTIFY_SOURCE=2
is a preprocessor option only together with -O2, it does nothing
without it (see above).

Yes, "it belongs to CPPFLAGS" is a good argument when you're trying to
convince someone, but it's not really an advantage, it does not make
anything better.

PS: thanks to Russ Allbery for detailed *FLAGS description, it helped me
to understand the origins.

--
Let's make packaging easier,
Serge


--
To UNSUBSCRIBE, email to debian-dpkg-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAOVenEqqDjae9kbpm6SWKTHyK3yrXkJKw2RVcScQxvBUb8Tr7 w@mail.gmail.com">http://lists.debian.org/CAOVenEqqDjae9kbpm6SWKTHyK3yrXkJKw2RVcScQxvBUb8Tr7 w@mail.gmail.com

On Mon, Jun 25, 2012 at 06:55:53PM +0300, Serge wrote:
> 2012/6/24 Guillem Jover wrote:
>
> >> Why? Just to have it autotools-compatible? If I was writing a custom
> >> build system I would be thinking about using -Wp option, since that's
> >> exactly why it's there for — to pass some options to the preprocessor
> >> (or, being honest, I would ignore CPPFLAGS unless I use the preprocessor).
> >
> > That would be wrong as -Wp bypassed the compiler driver.
>
> Yes, that's the point! If user wanted to pass parameters to the compiler,
> he would used CFLAGS/CXXFLAGS. And since he used CPPFLAGS I assume that he
> wanted to pass them to the preprocessor, not compiler. So when invoking
> gcc build system must prepend CPPFLAGS with -Wp.

This does not match historical practice.

> BTW, it's interesting that Fedora/CentOS use -Wp,-D_FORTIFY_SOURCE=2
> and they use it in CFLAGS/CXXFLAGS.

Presumably as a workaround for build systems that do not respect
CPPFLAGS.

[...]
> > No, as per above, and there's no workaround here, just different build
> > system conventions.
>
> Yes. There're different system conventions. But still dpkg-buildflags
> should do something. Currently it sets: CFLAGS, CXXFLAGS, FFLAGS, LDFLAGS
> and CPPFLAGS. Why it sets just these? Why doesn't it set, for example
> CMAKE_C_FLAGS, or QMAKE_CXXFLAGS instead? It's because those are the most
> popular flags, right? All of them are supported by most build systems.
> All of them except CPPFLAGS.
[...]

GNU make's implicit rules use CPPFLAGS. If other build systems or
overriden rules don't use it, it's a bug. This can of course be
worked around in debian/rules.

Ben.

--
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
- Albert Camus


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20120625172135.GT2753@decadent.org.uk">http://lists.debian.org/20120625172135.GT2753@decadent.org.uk

* Ben Hutchings <ben@decadent.org.uk> [120625 19:21]:
> GNU make's implicit rules use CPPFLAGS. If other build systems or
> overriden rules don't use it, it's a bug. This can of course be
> worked around in debian/rules.

I'd not call it a bug. It's just some stranger behavior. Not more strange
than not using make but some python or shell script to do the actual
compilation or any other of the many strange things found in software
packages.

Bernhard R. Link


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20120625184310.GD600@client.brlink.eu">http://lists.debian.org/20120625184310.GD600@client.brlink.eu

2012/6/25 Ben Hutchings wrote:

>> BTW, it's interesting that Fedora/CentOS use -Wp,-D_FORTIFY_SOURCE=2
>> and they use it in CFLAGS/CXXFLAGS.
>
> Presumably as a workaround for build systems that do not respect
> CPPFLAGS.

I actually noticed that because it's "-Wp,-D...", not "-D...". But I guess
you're right, it's in CFLAGS because many build systems support CFLAGS,
but only autotools support CPPFLAGS.

> GNU make's implicit rules use CPPFLAGS. If other build systems or
> overriden rules don't use it, it's a bug. This can of course be
> worked around in debian/rules.

Well, such argument can be applied to any build system. For example: Cmake
uses CMAKE_C_FLAGS, but GNU's make does not use it. It's a bug. GNU make
must use CMAKE_C_FLAGS. And dpkg must set it too. Even more, dpkg should
set only CMAKE_C_FLAGS, CMAKE_CXX_FLAGS and CMAKE_SHARED_LINKER_FLAGS.
Yes, this may create some problems for people packaging autotools, but
this can of course be worked around in debian/rules.

Come on. How many build systems except autotools are using CPPFLAGS?
cmake, qmake, imake, nmake? It looks completely autotools-specific to me.
And forcing it is no better than forcing qmake DEFINES or CMAKE_C_FLAGS.
It just adds more work to packagers, but makes nothing better.

Talking just about autotools:
* CPPFLAGS without CFLAGS are used only by ./configure script
* CPPFLAGS without CFLAGS are used only for some conftests
* -D_FORTIFY_SOURCE=2 means nothing for those tests
* -D_FORTIFY_SOURCE=2 does nothing at all without -O2
So even for autotools there's no reason to keep -D_FORTIFY_SOURCE=2 in
a CPPFLAGS variable. It can be easily dropped.

Also dropping CPPFLAGS would also allow:
1. Use same rules for cmake and autotools packages.
2. Make every rules file a few lines shorter, thus a bit faster to build
3. Make "Hardening" wiki page shorter
4. Reduce the number of workarounds by one
5. Reduce the number of things people need to think about when packaging,
making packaging a little bit easier.

And no disadvantages on the other hand.

If it's not fixed in dpkg, as you said, it can be worked around in
debian/rules. I'm just trying to avoid adding unnecessary workarounds
to debian packages.

--
Serge


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/CAOVenEqf8dXxr5-W7Rd==QoJq6n_gwaFqxFt0=BPoqf1yR5trA@mail.gmail.com

On Wed, 2012-06-27 at 14:09 +0300, Serge wrote:
> 2012/6/25 Ben Hutchings wrote:
>
> >> BTW, it's interesting that Fedora/CentOS use -Wp,-D_FORTIFY_SOURCE=2
> >> and they use it in CFLAGS/CXXFLAGS.
> >
> > Presumably as a workaround for build systems that do not respect
> > CPPFLAGS.
>
> I actually noticed that because it's "-Wp,-D...", not "-D...". But I guess
> you're right, it's in CFLAGS because many build systems support CFLAGS,
> but only autotools support CPPFLAGS.
>
> > GNU make's implicit rules use CPPFLAGS. If other build systems or
> > overriden rules don't use it, it's a bug. This can of course be
> > worked around in debian/rules.
>
> Well, such argument can be applied to any build system. For example: Cmake
> uses CMAKE_C_FLAGS, but GNU's make does not use it. It's a bug.

GNU make is the standard build sequencing tool for the GNU system (i.e.
for Debian). CMake and the others probably ought to follow the platform
conventions.

[...]
> Talking just about autotools:
> * CPPFLAGS without CFLAGS are used only by ./configure script
> * CPPFLAGS without CFLAGS are used only for some conftests
> * -D_FORTIFY_SOURCE=2 means nothing for those tests
> * -D_FORTIFY_SOURCE=2 does nothing at all without -O2
> So even for autotools there's no reason to keep -D_FORTIFY_SOURCE=2 in
> a CPPFLAGS variable. It can be easily dropped.
[...]

I do take the point that it's not obviously useful to separate out
CPPFLAGS.

Ben.

--
Ben Hutchings
Lowery's Law:
If it jams, force it. If it breaks, it needed replacing anyway.

On 27/06/12 14:20, Ben Hutchings wrote:
> On Wed, 2012-06-27 at 14:09 +0300, Serge wrote:
>> 2012/6/25 Ben Hutchings wrote:
>>
>>>> BTW, it's interesting that Fedora/CentOS use -Wp,-D_FORTIFY_SOURCE=2
>>>> and they use it in CFLAGS/CXXFLAGS.
>>>
>>> Presumably as a workaround for build systems that do not respect
>>> CPPFLAGS.
>>
>> I actually noticed that because it's "-Wp,-D...", not "-D...". But I guess
>> you're right, it's in CFLAGS because many build systems support CFLAGS,
>> but only autotools support CPPFLAGS.
>>
>>> GNU make's implicit rules use CPPFLAGS. If other build systems or
>>> overriden rules don't use it, it's a bug. This can of course be
>>> worked around in debian/rules.
>>
>> Well, such argument can be applied to any build system. For example: Cmake
>> uses CMAKE_C_FLAGS, but GNU's make does not use it. It's a bug.
>
> GNU make is the standard build sequencing tool for the GNU system (i.e.
> for Debian). CMake and the others probably ought to follow the platform
> conventions.
>
> [...]

Actually CMake *does* honour CFLAGS and copies them into CMAKE_C_FLAGS,
it doesn't do this for CPPFLAGS though.

Look at the other cmake packages how hardening flags are handled there.
Something like copying the set CPPFLAGS into CXXFlags or something.

>> Talking just about autotools:
>> * CPPFLAGS without CFLAGS are used only by ./configure script
>> * CPPFLAGS without CFLAGS are used only for some conftests
>> * -D_FORTIFY_SOURCE=2 means nothing for those tests
>> * -D_FORTIFY_SOURCE=2 does nothing at all without -O2
>> So even for autotools there's no reason to keep -D_FORTIFY_SOURCE=2 in
>> a CPPFLAGS variable. It can be easily dropped.
> [...]
>
> I do take the point that it's not obviously useful to separate out
> CPPFLAGS.
>
> Ben.
>


--
Regards,
Dmitrijs.

On Sun, Jun 24, 2012 at 11:29:56AM +0100, Lars Wirzenius wrote:
> On Sat, Jun 23, 2012 at 03:27:07PM -0700, Russ Allbery wrote:
> > CFLAGS is an old, long-standing make thing. CPPFLAGS is newer and I
> > believe was introduced by Autoconf
>
> I don't know the history of CPPFLAGS. It's possible it was introduced by
> Autoconf. However, it is now embedded into the implicit rules of GNU Make,
> so every Makefile that doesn't override the rule for compiling a .c file
> to a .o file uses CPPFLAGS.

I peeked around the Internet a bit, in the hope that adding some more
fact into this pointless discussion will make it stop.

CPPFLAGS was used by the GNU coding standards at least since January 11,
1993, which is when the document was imported into CVS. I failed to find
an older copy, but I'm fairly sure the coding standards are older than
that.

GNU Make documents CPPINFO in Sep 18, 1991. That's about when Autoconf
started (and also approximately when the first release of Linux happened;
heady times).

I think Autoconf is a red herring, whether CPPFLAGS originated there
or not. GNU Make supports it, and has done so for _decades_.

--
I wrote a book: http://gtdfh.branchable.com/