Re: Problems Configuring (C Compiler cannot produce executables)
Russ Allbery r...@stanford.edu writes: Also, you should generally not add -Wall -Wextra to the configure flags, and instead add it after configure completes, since many of the tricks configure has to use will result in warnings when you turn on all the compiler warnings, which can confuse configure. How can that confuse configure? AFAICT, configure seems quite unconcerned with warnings during configuration. Thanks, -miles -- Is it true that nothing can be known? If so how do we know this? -Woody Allen ___ Autoconf mailing list Autoconf@gnu.org https://lists.gnu.org/mailman/listinfo/autoconf
Re: Problems Configuring (C Compiler cannot produce executables)
Miles Bader mi...@gnu.org writes: Russ Allbery r...@stanford.edu writes: Also, you should generally not add -Wall -Wextra to the configure flags, and instead add it after configure completes, since many of the tricks configure has to use will result in warnings when you turn on all the compiler warnings, which can confuse configure. How can that confuse configure? AFAICT, configure seems quite unconcerned with warnings during configuration. I may be misremembering previous discussions here, and the fact that we do indeed seem to pass -Wall into configure all the time without any trouble makes me think that I am misremembering, but I thought there were some checks where (due largely to various broken vendor compilers) configure had to analyze the compiler output to figure out if things went wrong. It's possible that I'm conflating this discussion with cases where people use -Werror, which has more obvious issues. -- Russ Allbery (r...@stanford.edu) http://www.eyrie.org/~eagle/ ___ Autoconf mailing list Autoconf@gnu.org https://lists.gnu.org/mailman/listinfo/autoconf
Re: [autoconf] Re: Problems Configuring (C Compiler cannot produce executables)
It is not autoconf's responsibility, and I think the testing code in configure should not depend with -Wall and -Wextra, but some software packages may have the configure checking if any warnings are issued /or not. I remember, the configure in pixman had ever checked the warning. Regards, mpsuzuki Miles Bader wrote: Russ Allbery r...@stanford.edu writes: Also, you should generally not add -Wall -Wextra to the configure flags, and instead add it after configure completes, since many of the tricks configure has to use will result in warnings when you turn on all the compiler warnings, which can confuse configure. How can that confuse configure? AFAICT, configure seems quite unconcerned with warnings during configuration. Thanks, -miles ___ Autoconf mailing list Autoconf@gnu.org https://lists.gnu.org/mailman/listinfo/autoconf
Re: Problems Configuring (C Compiler cannot produce executables)
On 08/23/2012 09:14 AM, Miles Bader wrote: Russ Allbery r...@stanford.edu writes: Also, you should generally not add -Wall -Wextra to the configure flags, and instead add it after configure completes, since many of the tricks configure has to use will result in warnings when you turn on all the compiler warnings, which can confuse configure. How can that confuse configure? No idea. The working priciples of standard autoconf checks are based on evaluating compiler errors only and to ignore warnings[1], therefore -Wall -Wextra must not desturb by definition. However, adding -Werror to CFLAGS is dangerous, because this will raise GCC warnings to errors, which will cause autoconf to become confused and to produce bogus results. Ralf [1] There exist (non-standard) autoconf checks which are based on evaluating compiler warnings. If properly written, these also should not be affected by -Wall -Wextra, ... if they are, these checks need to be considered broken ;) ___ Autoconf mailing list Autoconf@gnu.org https://lists.gnu.org/mailman/listinfo/autoconf
Re: [autoconf] Problems Configuring (C Compiler cannot produce executables)
On Wed, Aug 22, 2012 at 7:21 PM, Mike Frysinger vap...@gentoo.org wrote: On Wednesday 22 August 2012 18:17:37 Jeffrey Walton wrote: The posture would have saved a number of folks from, for example, Pidgin's latest rounds of Critical Vulnerabilities (memory corruption and code execution). No-exec stacks and heaps would have reduced many/most to an annoying UI problem (a call to abort()). bad example: pidgin doesn't require execstacks (i'm not sure it ever has), so that would have made 0 difference. I think Pidgin is a perfect example (humbly): http://www.pidgin.im/news/security/ and http://www.securityfocus.com/archive/105/515814. If Pidgin does not require NX stacks and heaps, why was it running with them? Not only did Pidgin not observe an SDLC on Linux, it did not do so on Windows either. Pidgin for Windows (2.10.6) - Missing DEP and ASLR, http://developer.pidgin.im/ticket/15209, Linux might not have an SDLC, but Microsoft certainly does. no one does exec-heaps by default ... the code itself has to explicitly do this, and there's nothing the toolchain could have done to stop that (not that pidgin enables exec on memory returned by malloc afaik). only a kernel patch (such as PaX) which explicitly denies mprotect calls that try to enable exec write bits simultaneously would have prevented this scenario proactively. Its unfortunate that most Linux do not do no-exec heaps. Gentoo is an exception with its PaX security. X^W is fine, too. Nothing is befuddling since the defenses are there - all a programmer has to do is ask for them. in fact, very little to no packages request an executable stack by default. binary-only packages tend to be the only ones nowadays that do, and that's usually because the people producing the pkgs have broken code. All code has bugs. Its the reason we should be running with full defenses. Jeff ___ Autoconf mailing list Autoconf@gnu.org https://lists.gnu.org/mailman/listinfo/autoconf
Re: [autoconf] Problems Configuring (C Compiler cannot produce executables)
On Wed, Aug 22, 2012 at 9:41 PM, Mike Frysinger vap...@gentoo.org wrote: On Wednesday 22 August 2012 18:28:52 Russ Allbery wrote: special exceptions. Being able to turn off executable stack as at least another easily-accessible option is an interesting idea, and I may raise that on debian-devel. (Although it can be a little hard to predict which packages need that. it's trivial to locate: readelf -lW /bin/bash | grep GNU_STACK if it's set as RWE, that's bad. if the ELF lacks a GNU_STACK, that's bad. I believe there is more to it. The PT_GNU_STACK marking must be present *and* have a size of 0. See Ian Lance Taylor's blog http://www.airs.com/blog/archives/120. Trivia: How does one audit a Gentoo binary for no-exec heap compliance. Hint: its not readelf because Gentoo did not modify the utility to dump PaX flags. (I'm asking because it took me some time to discover the information). Jeff ___ Autoconf mailing list Autoconf@gnu.org https://lists.gnu.org/mailman/listinfo/autoconf
Re: [autoconf] Problems Configuring (C Compiler cannot produce executables)
On Thu, Aug 23, 2012 at 9:13 AM, Jeffrey Walton noloa...@gmail.com wrote: On Wed, Aug 22, 2012 at 9:41 PM, Mike Frysinger vap...@gentoo.org wrote: On Wednesday 22 August 2012 18:28:52 Russ Allbery wrote: special exceptions. Being able to turn off executable stack as at least another easily-accessible option is an interesting idea, and I may raise that on debian-devel. (Although it can be a little hard to predict which packages need that. it's trivial to locate: readelf -lW /bin/bash | grep GNU_STACK if it's set as RWE, that's bad. if the ELF lacks a GNU_STACK, that's bad. I believe there is more to it. The PT_GNU_STACK marking must be present *and* have a size of 0. See Ian Lance Taylor's blog Bad reference (my apologies). Try Ian's blog on Executable Stacks instead http://www.airs.com/blog/archives/518. Jeff ___ Autoconf mailing list Autoconf@gnu.org https://lists.gnu.org/mailman/listinfo/autoconf
Re: Add more check in autoreconf
On 17 August 2012 05:17, Eric Blake ebl...@redhat.com wrote: If you are willing to write patches to autoreconf to incorporate new tools into the common autotools, then we will gladly review them. But I Patch to check for gtk-doc sent: Also, if someone can give some guideance about the best why to fix this problem with upstream gettext: [2] Thanks! [1] http://lists.gnu.org/archive/html/autoconf-patches/2012-08/msg2.html [2] http://lists.gnu.org/archive/html/bug-gettext/2012-08/msg3.html -- Javier Jardón Cabezas ___ Autoconf mailing list Autoconf@gnu.org https://lists.gnu.org/mailman/listinfo/autoconf
Re: Problems Configuring (C Compiler cannot produce executables)
Ralf Corsepius rc040...@freenet.de writes: No idea. The working priciples of standard autoconf checks are based on evaluating compiler errors only and to ignore warnings[1], therefore -Wall -Wextra must not desturb by definition. However, adding -Werror to CFLAGS is dangerous, because this will raise GCC warnings to errors, which will cause autoconf to become confused and to produce bogus results. Ralf [1] There exist (non-standard) autoconf checks which are based on evaluating compiler warnings. If properly written, these also should not be affected by -Wall -Wextra, ... if they are, these checks need to be considered broken ;) I've clearly just misremembered, then. Apologies for the noise. -- Russ Allbery (r...@stanford.edu) http://www.eyrie.org/~eagle/ ___ Autoconf mailing list Autoconf@gnu.org https://lists.gnu.org/mailman/listinfo/autoconf