Control: severity -1 wishlist Hi!
On Wed, 2023-11-08 at 19:00:59 +0100, Hugo Melder wrote: > Package: dpkg-dev > Version: 1.22.0 > Severity: important > The recent change (https://git.dpkg.org/cgit/dpkg/dpkg.git/diff/?id=11efff1bf) > breaks building Debian packages with clang on arm64. So in principle, the default compiler in Debian is gcc, and the default flags up to now have been targeting that, plus the specific gcc version that is the current default. So packages using clang have had to amend those flags by themselves. > LLVM does not have > -fstack-clash-protection enabled on aarch64 (https://reviews.llvm.org/D96007). Hmm that's unfortunate. > The GNUstep Objective-C 2.0 toolchain depends on Clang as GCC does not > have newer Objective-C features such as ARC, properties, and blocks. Is that being used or packaged in Debian? (Just curious.) > Fedora enables stack-clash-protection based on the toolchain > (https://src.fedoraproject.org/fork/tstellar/rpms/redhat-rpm-config/blob/c0bad810b4b47086f58e7537e258333b14c92c45/f/rpmrc#_77), > and omits the flag when the compiler is not gcc. > > I would suggest either checking for the compiler (if possible), or > disabling it for aarch64 until Clang has support for it as well. Unfortunately I don't think there's a machine readable way to discern between them, that might not involve either parsing stuff like --version/--help or pre-processing or compiling a program, which seem rather undesirable. This would probably need to be specified by the caller somehow. I've got some pending discussion in the works for a revamp of the build flags handling, which includes also trying to cover multiple toolchains, which would hopefully cover this case. But as it is, I'd say as of now, packages that use something that is not the default compiler at the expected version, are on their own. > Right now, projects like Grand Central Dispatch (libdispatch) or > other projects with -Werror turned on, refuse to build. I tried to look for that in Debian and could not find it, do you have a pointer? But in any case, while I think supporting other toolchains would be ideal and worthwhile, building packages with blanket -Werror has always seemed like a bad idea because it then can cause this sort of thing (or other unexpected errors due to newly introduced warnings). Thanks, Guillem
