On Friday, June 5, 2020 5:42:36 AM EDT Vít Ondruch wrote: > Dne 05. 06. 20 v 9:52 Kevin Kofler napsal(a): > > > Ben Cotton wrote: > > > >> == Summary == > >> Fedora has historically forced packages to build with GCC unless the > >> upstream project for the package only supported Clang/LLVM. This > >> change proposal replaces that policy with one where compiler selection > >> for Fedora follows the package's upstream preferences. > >> > >> == Owner == > >> * Name: Jeff Law > >> * Email: law@xxxxxxxxxx > > > > I am opposed to this change. Chromium and Firefox build fine with GCC. I > > > > think that a distribution should be built with a consistent toolchain > > wherever possible. > > > > Last I checked, there were several reasons why GCC is preferred over > > Clang/LLVM in Fedora. And if that should ever change (or have changed > > already), then switching the systemwide default (reversing the rules, > > i.e., using GCC only for those packages that do not build with Clang) > > should be envisioned. But as far as I know, that is not the case at this > > time, considering runtime performance, security features, etc. > > > > I do not see why we should allow yet another special case for Firefox, > > nor why we should let random packages make their own choice of > > compiler and risk running into hidden binary incompatibilities. We have > > a system compiler for a reason. > > Just FTR, there are technical (and security) reasons why we might > consider switching Ruby from GCC to Clang in the future: > > https://bugzilla.redhat.com/show_bug.cgi?id=1721553 I don't think allowing builds with Clang are necessarily bad. It has one interesting feature that actually helps security. -ftrivial-auto-var-init=zero what this does is initialize to zero any variable that it detects is uninitialized. This can prevent leaking secrets in network protols if memset was forgotten and it prevents attacks where the value of the stack or heap is groomed to a certain value to enable an exploit. In one conference presentation, it was said that 900 fixed CVE's in Chrome and 12% of all Android CVE's would have been prevented with this feature. I am wondering if that should be a default flag for clang builds? And if you do fuzzing, you can compile AFL with clang and its more powerful. There's pro's and cons. -Steve _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
