diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-06-18 11:28:21 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-06-18 13:43:55 -0300 |
commit | 63f1a045ba675568a1e92b204c301359dbccc85b (patch) | |
tree | 3b4168433e6b430606cf51b833f0a4d0eeb04191 /.github/workflows/build-extra.yml | |
parent | Merge pull request #5857 from kmk3/ci-standardize-apt (diff) | |
download | firejail-63f1a045ba675568a1e92b204c301359dbccc85b.tar.gz firejail-63f1a045ba675568a1e92b204c301359dbccc85b.tar.zst firejail-63f1a045ba675568a1e92b204c301359dbccc85b.zip |
build: remove -mretpoline and NO_EXTRA_CFLAGS
The -mretpoline flag is not documented in the current versions of gcc
and clang and it is what causes scan-build to fail:
$ ./configure CC=clang | grep retpoline
checking whether C compiler accepts -mretpoline... yes
EXTRA_CFLAGS: -mretpoline -fstack-clash-protection -fstack-protector-strong
$ scan-build --status-bugs make
scan-build: Using '/usr/bin/clang-15' for static analysis
make -C src/lib
make[1]: Entering directory '/tmp/firejail/src/lib'
/usr/bin/../lib/clang/ccc-analyzer [...] -mretpoline [...] -c common.c -o common.o
gcc: error: unrecognized command-line option ‘-mretpoline’
make[1]: *** [../../src/prog.mk:16: common.o] Error 1
make[1]: Leaving directory '/tmp/firejail/src/lib'
make: *** [Makefile:59: src/lib] Error 2
scan-build: Analysis run complete.
scan-build: Removing directory '/tmp/scan-build-[...]' because it contains no reports.
scan-build: No bugs found.
Environment: clang 15.0.7-9 and gcc 13.1.1-1 on Artix Linux.
Note: NO_EXTRA_CFLAGS was added to work around this issue by causing all
of the flags in EXTRA_CFLAGS to be ignored.
Note2: -mretpoline was added on commit 4a99c8aa2 ("spectre support for
clang compiler", 2018-03-30) and NO_EXTRA_CFLAGS was added on commit
490918c35 ("fix make scan-build for debian 10 and arch", 2019-07-22).
See also commit 2c64d1fdd ("use AX_CHECK_COMPILE_FLAG to check for
spectre flags", 2019-06-21).
Closes #5509.
Kind of relates to #2661.
Diffstat (limited to '.github/workflows/build-extra.yml')
-rw-r--r-- | .github/workflows/build-extra.yml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/.github/workflows/build-extra.yml b/.github/workflows/build-extra.yml index e32f827e1..c2b035e11 100644 --- a/.github/workflows/build-extra.yml +++ b/.github/workflows/build-extra.yml | |||
@@ -105,7 +105,7 @@ jobs: | |||
105 | --enable-selinux | 105 | --enable-selinux |
106 | || (cat config.log; exit 1) | 106 | || (cat config.log; exit 1) |
107 | - name: scan-build | 107 | - name: scan-build |
108 | run: NO_EXTRA_CFLAGS="yes" scan-build-14 --status-bugs make | 108 | run: scan-build-14 --status-bugs make |
109 | cppcheck: | 109 | cppcheck: |
110 | runs-on: ubuntu-22.04 | 110 | runs-on: ubuntu-22.04 |
111 | steps: | 111 | steps: |