build_graphite = 1
name = gcc
-version = 12.3.0
-release = 1.1
+version = 14.2.0
+release = 1
maintainer = Michael Tremer <michael.tremer@ipfire.org>
groups = Development/Compilers
--enable-checking=release \
--enable-default-pie \
--enable-default-ssp \
+ --enable-host-pie \
+ --enable-host-shared \
--disable-werror \
--disable-libssp \
--with-system-zlib \
chmod -v 755 %{BUILDROOT}%{libdir}/libgomp.so.1.*
# libstdc++
- ln -svf ../../../libstdc++.so.6.0.30 ${FULLPATH}/libstdc++.so
+ ln -svf ../../../libstdc++.so.6.0.33 ${FULLPATH}/libstdc++.so
# libquadmath
if [ "%{build_libquadmath}" = "1" ]; then
+++ /dev/null
-From 8690dbe058f3ca8af0499a545c4b4cc6a5dc089a Mon Sep 17 00:00:00 2001
-From: Michael Tremer <michael.tremer@ipfire.org>
-Date: Tue, 21 Mar 2023 16:58:02 +0000
-Subject: [PATCH 1/2] gcc: Build with PIE
-
-This patch removes that GCC will be compiled with -fno-PIE/-no-pie.
-
-This will break PCH.
-
-Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
----
- gcc/Makefile.in | 9 ---------
- gcc/configure.ac | 28 ----------------------------
- 2 files changed, 37 deletions(-)
-
-diff --git a/gcc/Makefile.in b/gcc/Makefile.in
-index 31ff95500c9..530928a3cde 100644
---- a/gcc/Makefile.in
-+++ b/gcc/Makefile.in
-@@ -267,15 +267,6 @@ endif
- CET_HOST_FLAGS = @CET_HOST_FLAGS@
- COMPILER += $(CET_HOST_FLAGS)
-
--NO_PIE_CFLAGS = @NO_PIE_CFLAGS@
--NO_PIE_FLAG = @NO_PIE_FLAG@
--
--# We don't want to compile the compilers with -fPIE, it make PCH fail.
--COMPILER += $(NO_PIE_CFLAGS)
--
--# Link with -no-pie since we compile the compiler with -fno-PIE.
--LINKER += $(NO_PIE_FLAG)
--
- # Like LINKER, but use a mutex for serializing front end links.
- ifeq (@DO_LINK_MUTEX@,true)
- LLINKER = $(SHELL) $(srcdir)/lock-and-run.sh linkfe.lck $(LINKER)
-diff --git a/gcc/configure.ac b/gcc/configure.ac
-index 992a50e7b20..62cd94bffb8 100644
---- a/gcc/configure.ac
-+++ b/gcc/configure.ac
-@@ -7641,34 +7641,6 @@ if test x$enable_default_pie = xyes ; then
- fi
- AC_SUBST([enable_default_pie])
-
--# Check if -fno-PIE works.
--AC_CACHE_CHECK([for -fno-PIE option],
-- [gcc_cv_c_no_fpie],
-- [saved_CXXFLAGS="$CXXFLAGS"
-- CXXFLAGS="$CXXFLAGS -fno-PIE"
-- AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) {return 0;}])],
-- [gcc_cv_c_no_fpie=yes],
-- [gcc_cv_c_no_fpie=no])
-- CXXFLAGS="$saved_CXXFLAGS"])
--if test "$gcc_cv_c_no_fpie" = "yes"; then
-- NO_PIE_CFLAGS="-fno-PIE"
--fi
--AC_SUBST([NO_PIE_CFLAGS])
--
--# Check if -no-pie works.
--AC_CACHE_CHECK([for -no-pie option],
-- [gcc_cv_no_pie],
-- [saved_LDFLAGS="$LDFLAGS"
-- LDFLAGS="$LDFLAGS -no-pie"
-- AC_LINK_IFELSE([AC_LANG_SOURCE([int main(void) {return 0;}])],
-- [gcc_cv_no_pie=yes],
-- [gcc_cv_no_pie=no])
-- LDFLAGS="$saved_LDFLAGS"])
--if test "$gcc_cv_no_pie" = "yes"; then
-- NO_PIE_FLAG="-no-pie"
--fi
--AC_SUBST([NO_PIE_FLAG])
--
- # Enable Intel CET on Intel CET enabled host if jit is enabled.
- GCC_CET_HOST_FLAGS(CET_HOST_FLAGS)
- case x$enable_languages in
---
-2.30.2
-
+++ /dev/null
-From 439c8e21de5245d3f345bd796f3131be319f54d2 Mon Sep 17 00:00:00 2001
-From: Michael Tremer <michael.tremer@ipfire.org>
-Date: Tue, 21 Mar 2023 17:52:04 +0000
-Subject: [PATCH 2/2] libcc1: Export all symbols
-
-This patches removes the -export-symbols option when linking libcc1 and
-its plugins as it is breaking our hardening check where we are looking
-for a reference to __stack_chk_fail in the symbol table.
-
-Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
----
- libcc1/Makefile.am | 6 +++---
- libcc1/Makefile.in | 6 +++---
- 2 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/libcc1/Makefile.am b/libcc1/Makefile.am
-index 6e3a34ff7e2..7eb8ec9178c 100644
---- a/libcc1/Makefile.am
-+++ b/libcc1/Makefile.am
-@@ -54,7 +54,7 @@ shared_source = callbacks.cc callbacks.hh connection.cc connection.hh \
- marshall_c_source = marshall-c.hh
- marshall_cxx_source = marshall-cp.hh
-
--libcc1plugin_la_LDFLAGS = -module -export-symbols $(srcdir)/libcc1plugin.sym
-+libcc1plugin_la_LDFLAGS = -module
- libcc1plugin_la_SOURCES = libcc1plugin.cc context.cc context.hh \
- $(shared_source) $(marshall_c_source)
- libcc1plugin.lo_CPPFLAGS = $(CPPFLAGS_FOR_C)
-@@ -64,7 +64,7 @@ libcc1plugin_la_LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
- $(LIBTOOLFLAGS) --mode=link $(CXXLD) $(AM_CXXFLAGS) \
- $(CXXFLAGS) $(libcc1plugin_la_LDFLAGS) $(LTLDFLAGS) -o $@
-
--libcp1plugin_la_LDFLAGS = -module -export-symbols $(srcdir)/libcp1plugin.sym
-+libcp1plugin_la_LDFLAGS = -module
- libcp1plugin_la_SOURCES = libcp1plugin.cc context.cc context.hh \
- $(shared_source) $(marshall_cxx_source)
- libcp1plugin.lo_CPPFLAGS = $(CPPFLAGS_FOR_CXX)
-@@ -75,7 +75,7 @@ libcp1plugin_la_LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
- $(CXXFLAGS) $(libcp1plugin_la_LDFLAGS) $(LTLDFLAGS) -o $@
-
- LTLDFLAGS = $(shell $(SHELL) $(top_srcdir)/../libtool-ldflags $(LDFLAGS))
--libcc1_la_LDFLAGS = -module -export-symbols $(srcdir)/libcc1.sym
-+libcc1_la_LDFLAGS = -module
- libcc1_la_SOURCES = findcomp.cc libcc1.cc libcp1.cc \
- compiler.cc compiler.hh names.cc names.hh $(shared_source) \
- $(marshall_c_source) $(marshall_cxx_source)
-diff --git a/libcc1/Makefile.in b/libcc1/Makefile.in
-index f8f590d71e9..aa3d45bcef4 100644
---- a/libcc1/Makefile.in
-+++ b/libcc1/Makefile.in
-@@ -405,7 +405,7 @@ shared_source = callbacks.cc callbacks.hh connection.cc connection.hh \
-
- marshall_c_source = marshall-c.hh
- marshall_cxx_source = marshall-cp.hh
--libcc1plugin_la_LDFLAGS = -module -export-symbols $(srcdir)/libcc1plugin.sym
-+libcc1plugin_la_LDFLAGS = -module
- libcc1plugin_la_SOURCES = libcc1plugin.cc context.cc context.hh \
- $(shared_source) $(marshall_c_source)
-
-@@ -416,7 +416,7 @@ libcc1plugin_la_LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
- $(LIBTOOLFLAGS) --mode=link $(CXXLD) $(AM_CXXFLAGS) \
- $(CXXFLAGS) $(libcc1plugin_la_LDFLAGS) $(LTLDFLAGS) -o $@
-
--libcp1plugin_la_LDFLAGS = -module -export-symbols $(srcdir)/libcp1plugin.sym
-+libcp1plugin_la_LDFLAGS = -module
- libcp1plugin_la_SOURCES = libcp1plugin.cc context.cc context.hh \
- $(shared_source) $(marshall_cxx_source)
-
-@@ -428,7 +428,7 @@ libcp1plugin_la_LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
- $(CXXFLAGS) $(libcp1plugin_la_LDFLAGS) $(LTLDFLAGS) -o $@
-
- LTLDFLAGS = $(shell $(SHELL) $(top_srcdir)/../libtool-ldflags $(LDFLAGS))
--libcc1_la_LDFLAGS = -module -export-symbols $(srcdir)/libcc1.sym
-+libcc1_la_LDFLAGS = -module
- libcc1_la_SOURCES = findcomp.cc libcc1.cc libcp1.cc \
- compiler.cc compiler.hh names.cc names.hh $(shared_source) \
- $(marshall_c_source) $(marshall_cxx_source)
---
-2.30.2
-
+++ /dev/null
-From a25982ada523689c8745d7fb4b1b93c8f5dab2e7 Mon Sep 17 00:00:00 2001
-From: "H.J. Lu" <hjl.tools@gmail.com>
-Date: Thu, 14 Jul 2022 08:23:38 -0700
-Subject: [PATCH] stack-protector: Check stack canary before throwing exception
-
-Check stack canary before throwing exception to avoid stack corruption.
-
-gcc/
-
- PR middle-end/58245
- * calls.cc: Include "tree-eh.h".
- (expand_call): Check stack canary before throwing exception.
-
-gcc/testsuite/
-
- PR middle-end/58245
- * g++.dg/fstack-protector-strong.C: Adjusted.
- * g++.dg/pr58245-1.C: New test.
----
- gcc/calls.cc | 6 +++++-
- gcc/testsuite/g++.dg/fstack-protector-strong.C | 2 +-
- gcc/testsuite/g++.dg/pr58245-1.C | 10 ++++++++++
- 3 files changed, 16 insertions(+), 2 deletions(-)
- create mode 100644 gcc/testsuite/g++.dg/pr58245-1.C
-
-diff --git a/gcc/calls.cc b/gcc/calls.cc
-index bc96aff38f0..6dd6f73e978 100644
---- a/gcc/calls.cc
-+++ b/gcc/calls.cc
-@@ -60,6 +60,7 @@ along with GCC; see the file COPYING3. If not see
- #include "attr-fnspec.h"
- #include "value-query.h"
- #include "tree-pretty-print.h"
-+#include "tree-eh.h"
-
- /* Like PREFERRED_STACK_BOUNDARY but in units of bytes, not bits. */
- #define STACK_BYTES (PREFERRED_STACK_BOUNDARY / BITS_PER_UNIT)
-@@ -3154,7 +3155,10 @@ expand_call (tree exp, rtx target, int ignore)
- if (pass && (flags & ECF_MALLOC))
- start_sequence ();
-
-- if (pass == 0
-+ /* Check the canary value for sibcall or function which doesn't
-+ return and could throw. */
-+ if ((pass == 0
-+ || ((flags & ECF_NORETURN) != 0 && tree_could_throw_p (exp)))
- && crtl->stack_protect_guard
- && targetm.stack_protect_runtime_enabled_p ())
- stack_protect_epilogue ();
-diff --git a/gcc/testsuite/g++.dg/fstack-protector-strong.C b/gcc/testsuite/g++.dg/fstack-protector-strong.C
-index ae6d2fdb8df..034af2ce9ab 100644
---- a/gcc/testsuite/g++.dg/fstack-protector-strong.C
-+++ b/gcc/testsuite/g++.dg/fstack-protector-strong.C
-@@ -85,4 +85,4 @@ int foo7 (B *p)
- return p->return_slot ().a1;
- }
-
--/* { dg-final { scan-assembler-times "stack_chk_fail" 7 } } */
-+/* { dg-final { scan-assembler-times "stack_chk_fail" 8 } } */
-diff --git a/gcc/testsuite/g++.dg/pr58245-1.C b/gcc/testsuite/g++.dg/pr58245-1.C
-new file mode 100644
-index 00000000000..1439bc62e71
---- /dev/null
-+++ b/gcc/testsuite/g++.dg/pr58245-1.C
-@@ -0,0 +1,10 @@
-+/* { dg-do compile { target i?86-*-* x86_64-*-* rs6000-*-* s390x-*-* } } */
-+/* { dg-options "-O2 -fstack-protector-all" } */
-+
-+void
-+bar (void)
-+{
-+ throw 1;
-+}
-+
-+/* { dg-final { scan-assembler-times "stack_chk_fail" 1 } } */
---
-2.31.1
-
projects / ipfire-3.x.git / commitdiff
