These warnings have alread been added to $dontwarn. --- m4/virt-compile-warnings.m4 | 3 --- 1 file changed, 3 deletions(-) diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index 574fbc4..fb82238 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -119,9 +119,6 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ # ideally we'd turn many of them on dontwarn="$dontwarn -Wfloat-equal" dontwarn="$dontwarn -Wdeclaration-after-statement" - dontwarn="$dontwarn -Wcast-qual" - dontwarn="$dontwarn -Wconversion" - dontwarn="$dontwarn -Wsign-conversion" dontwarn="$dontwarn -Wpacked" dontwarn="$dontwarn -Wunused-macros" dontwarn="$dontwarn -Woverlength-strings" -- 1.8.5.5

This option only makes sense for -fstack-protector. With -fstack-protector-all or -fstack-protector-strong, functions are protected regardless of buffer size. https://bugzilla.redhat.com/show_bug.cgi?id=1105456 --- m4/virt-compile-warnings.m4 | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index fb82238..196afa7 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -166,16 +166,11 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ *-*-linux*) dnl Fedora only uses -fstack-protector, but doesn't seem to dnl be great overhead in adding -fstack-protector-all instead - dnl wantwarn="$wantwarn -fstack-protector" + dnl + dnl We also don't need ssp-buffer-size with -all, + dnl since functions are protected regardless of buffer size. + dnl wantwarn="$wantwarn --param=ssp-buffer-size=4" wantwarn="$wantwarn -fstack-protector-all" - wantwarn="$wantwarn --param=ssp-buffer-size=4" - dnl Even though it supports it, clang complains about - dnl use of --param=ssp-buffer-size=4 unless used with - dnl the -c arg. It doesn't like it when used with args - dnl that just link together .o files. Unfortunately - dnl we can't avoid that with automake, so we must turn - dnl off the following clang specific warning - wantwarn="$wantwarn -Wno-unused-command-line-argument" ;; *-*-freebsd*) dnl FreeBSD ships old gcc 4.2.1 which doesn't handle -- 1.8.5.5

Check upfront if it's supported, to avoid putting both of them on the command line. --- m4/virt-compile-warnings.m4 | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index 196afa7..6d632f9 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -156,6 +156,15 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ wantwarn="$wantwarn -Wframe-larger-than=4096" dnl wantwarn="$wantwarn -Wframe-larger-than=256" + AC_CACHE_CHECK([whether the C compiler supports stack-protector-strong], + [lv_cv_gcc_fstack_protector_strong], [ + save_CFLAGS=$CFLAGS + CFLAGS='-fstack-protector-strong -Werror' + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]])], + [lv_cv_gcc_fstack_protector_strong=yes], + [lv_cv_gcc_fstack_protector_strong=no]) + CFLAGS=$save_CFLAGS]) + # Extra special flags dnl -fstack-protector stuff passes gl_WARN_ADD with gcc dnl on Mingw32, but fails when actually used @@ -164,13 +173,18 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ dnl "error: -fstack-protector not supported for this target [-Werror]" ;; *-*-linux*) - dnl Fedora only uses -fstack-protector, but doesn't seem to - dnl be great overhead in adding -fstack-protector-all instead + dnl Prefer -fstack-protector-strong if it's available. + dnl There doesn't seem to be great overhead in adding + dnl -fstack-protector-all instead of -fstack-protector. dnl - dnl We also don't need ssp-buffer-size with -all, + dnl We also don't need ssp-buffer-size with -all or -strong, dnl since functions are protected regardless of buffer size. dnl wantwarn="$wantwarn --param=ssp-buffer-size=4" - wantwarn="$wantwarn -fstack-protector-all" + if test "$lv_cv_gcc_fstack_protector_strong" = yes; then + wantwarn="$wantwarn -fstack-protector-strong" + else + wantwarn="$wantwarn -fstack-protector-all" + fi ;; *-*-freebsd*) dnl FreeBSD ships old gcc 4.2.1 which doesn't handle -- 1.8.5.5

Try -fstack-protector-strong first on Linux. If that fails, fall back to -fstack-protector-all. --- m4/virt-compile-warnings.m4 | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index 196afa7..532a777 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -164,13 +164,14 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ dnl "error: -fstack-protector not supported for this target [-Werror]" ;; *-*-linux*) - dnl Fedora only uses -fstack-protector, but doesn't seem to - dnl be great overhead in adding -fstack-protector-all instead + dnl Prefer -fstack-protector-strong if it's available. + dnl There doesn't seem to be great overhead in adding + dnl -fstack-protector-all instead of -fstack-protector. dnl - dnl We also don't need ssp-buffer-size with -all, + dnl We also don't need ssp-buffer-size with -all or -strong, dnl since functions are protected regardless of buffer size. dnl wantwarn="$wantwarn --param=ssp-buffer-size=4" - wantwarn="$wantwarn -fstack-protector-all" + wantwarn="$wantwarn -fstack-protector-strong" ;; *-*-freebsd*) dnl FreeBSD ships old gcc 4.2.1 which doesn't handle @@ -201,6 +202,19 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ gl_WARN_ADD([$w]) done + case $host in + *-*-linux*) + dnl Fall back to -fstack-protector-all if -strong is not available + case $WARN_CFLAGS in + *-fstack-protector-strong*) + ;; + *) + gl_WARN_ADD(["-fstack-protector-all"]) + ;; + esac + ;; + esac + # Silence certain warnings in gnulib, and use improved glibc headers AC_DEFINE([lint], [1], [Define to 1 if the compiler is checking for lint.]) -- 1.8.5.5