cmake, Makefile.mk: use -isystem for dep headers, silence BearSSL issues#14763
Closed
vszakats wants to merge 7 commits intocurl:masterfrom
Closed
cmake, Makefile.mk: use -isystem for dep headers, silence BearSSL issues#14763vszakats wants to merge 7 commits intocurl:masterfrom
Makefile.mk: use -isystem for dep headers, silence BearSSL issues#14763vszakats wants to merge 7 commits intocurl:masterfrom
Conversation
Member
|
I'm curious: when do you see these warnings? Why do we get those warnings for bearssl headers? If we |
Member
Author
|
It's on macOS with CommandLineTools and CMake. (mbedTLS also needed a similar hack earlier.) Yes, autotools has a separate manual step for that: CMake has a https://cmake.org/cmake/help/latest/command/include_directories.html It seems like a case where the CMake-level fix would be better. But then it would be nice to apply it universally for all dependency header dirs, as done in autotools? --- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -596,7 +596,7 @@ if(CURL_USE_BEARSSL)
set(_ssl_enabled ON)
set(USE_BEARSSL ON)
list(APPEND CURL_LIBS ${BEARSSL_LIBRARIES})
- include_directories(${BEARSSL_INCLUDE_DIRS})
+ include_directories(SYSTEM ${BEARSSL_INCLUDE_DIRS})
if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "bearssl")
set(_valid_default_ssl_backend TRUE) |
Member
I think so. Because compiler warnings in dependencies' header files are always just a nuisance so we are better off ignoring problems for those. |
Member
Author
|
I'm thinking to apply this for all dependencies. Is there a risk applying this to all |
Makefile.mk: use -isystem for dependency headers, and silence BearSSL issues
Makefile.mk: use -isystem for dependency headers, and silence BearSSL issuesMakefile.mk: use -isystem for dep headers, silence BearSSL issues
Member
The risk is that you modify the few |
Member
Author
This seems well-separated in CMake. I can't see how it could happen. (Though reviews are welcome! :) (Unless a dependency header dir coincides with one of curl's own source dirs, e.g. by installing one straight into the curl sandbox, or mis-detected as installed there. But that's messed up, and likely risks autotools the same way.) |
13 tasks
3bf8598 to
6243467
Compare
Seen with BearSSL 0.6 (2018-08-14) (latest tarball) and Apple clang 14.
It was fixed in BearSSL Git master in 2019 via
2893441f2efd4603ddd6d7f49011bdda096a4a87 and
ecdf89770ee82dfea6186fb4369cff3d06cd852e.
```
In file included from .../curl/lib/vtls/bearssl.c:28:
In file included from .../curl/bearssl/inc/bearssl.h:127:
.../curl/bearssl/inc/bearssl_hash.h:727:5: warning: 'BR_DOXYGEN_IGNORE' is not defined, evaluates to 0 [-Wundef]
^
.../curl/bearssl/inc/bearssl_hash.h:745:5: warning: 'BR_DOXYGEN_IGNORE' is not defined, evaluates to 0 [-Wundef]
^
In file included from .../curl/lib/vtls/bearssl.c:28:
In file included from .../curl/bearssl/inc/bearssl.h:136:
.../curl/bearssl/inc/bearssl_ssl.h:1253:20: warning: implicit conversion loses integer precision: 'unsigned int' to 'uint16_t' (aka 'unsigned short') [-Wimplicit-int-conversion]
cc->version_min = version_min;
~ ^~~~~~~~~~~
.../curl/bearssl/inc/bearssl_ssl.h:1254:20: warning: implicit conversion loses integer precision: 'unsigned int' to 'uint16_t' (aka 'unsigned short') [-Wimplicit-int-conversion]
cc->version_max = version_max;
~ ^~~~~~~~~~~
.../curl/bearssl/inc/bearssl_ssl.h:1327:28: warning: implicit conversion loses integer precision: 'size_t' (aka 'unsigned long') to 'uint16_t' (aka 'unsigned short') [-Wimplicit-int-conversion]
ctx->protocol_names_num = num;
~ ^~~
5 warnings generated.
```
6243467 to
e8f1d08
Compare
pps83
pushed a commit
to pps83/curl
that referenced
this pull request
Apr 26, 2025
… issues Patch started out for working around compiler warnings in BearSSL latest tarball release v0.6 (2018-08-14) and Apple clang 14 with CMake. Then turned into patching CMake and `Makefile.mk` builds to use `-isystem` instead `-I` when adding header directories for dependencies. This avoids compiler warnings in dependency headers, syncing behaviour with autotools. Also: - `Makefile.mk`: add support for BearSSL. - delete warning suppression for mbedTLS headers. No longer necessary after this patch. Follow-up to 434db99 curl#12720 Silenced BearSSL warnings: ``` In file included from curl/lib/vtls/bearssl.c:28: In file included from bearssl/inc/bearssl.h:127: bearssl/inc/bearssl_hash.h:727:5: warning: 'BR_DOXYGEN_IGNORE' is not defined, evaluates to 0 [-Wundef] ^ bearssl/inc/bearssl_hash.h:745:5: warning: 'BR_DOXYGEN_IGNORE' is not defined, evaluates to 0 [-Wundef] ^ In file included from curl/lib/vtls/bearssl.c:28: In file included from bearssl/inc/bearssl.h:136: bearssl/inc/bearssl_ssl.h:1253:20: warning: implicit conversion loses integer precision: 'unsigned int' to 'uint16_t' (aka 'unsigned short') [-Wimplicit-int-conversion] cc->version_min = version_min; ~ ^~~~~~~~~~~ bearssl/inc/bearssl_ssl.h:1254:20: warning: implicit conversion loses integer precision: 'unsigned int' to 'uint16_t' (aka 'unsigned short') [-Wimplicit-int-conversion] cc->version_max = version_max; ~ ^~~~~~~~~~~ bearssl/inc/bearssl_ssl.h:1327:28: warning: implicit conversion loses integer precision: 'size_t' (aka 'unsigned long') to 'uint16_t' (aka 'unsigned short') [-Wimplicit-int-conversion] ctx->protocol_names_num = num; ~ ^~~ 5 warnings generated. ``` (These warnings were fixed in BearSSL Git master in 2019 via 2893441f2efd4603ddd6d7f49011bdda096a4a87 and ecdf89770ee82dfea6186fb4369cff3d06cd852e.) Also these two cases, which are caused by an unidentified component (outside curl) cranking up MSVC warnings in external headers to `/W4` when ZLIB is deselected: curl#14859 (comment) mbedTLS 3.6.1: ``` C:\vcpkg\installed\x64-windows\include\psa\crypto_struct.h(254,13): error C2220: the following warning is treated as an error [D:\a\curl\curl\bld\lib\libcurl_object.vcxproj] (compiling source file 'CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c') C:\vcpkg\installed\x64-windows\include\psa\crypto_struct.h(254,13): warning C4200: nonstandard extension used: zero-sized array in struct/union [D:\a\curl\curl\bld\lib\libcurl_object.vcxproj] (compiling source file 'CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c') ``` Ref: https://github.com/curl/curl/actions/runs/10842694205/job/30107466989?pr=14859#step:10:29 nghttp3 1.5.0: ``` C:\vcpkg\installed\x64-windows\include\nghttp3\nghttp3.h(2678,1): error C2220: the following warning is treated as an error [D:\a\curl\curl\bld\lib\libcurl_object.vcxproj] (compiling source file 'CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c') C:\vcpkg\installed\x64-windows\include\nghttp3\nghttp3.h(2678,1): warning C4324: 'nghttp3_pri': structure was padded due to alignment specifier [D:\a\curl\curl\bld\lib\libcurl_object.vcxproj] (compiling source file 'CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c') ``` Ref: https://github.com/curl/curl/actions/runs/10871875297/job/30166233862?pr=14859#step:10:28 Closes curl#14763
pps83
pushed a commit
to pps83/curl
that referenced
this pull request
Apr 26, 2025
We set this macro to silence a warning inside `openldap.h`. With this warning now silenced by using `-isystem`, we can drop it. Also it never had to be set to `1`. Also enable OpenLDAP in a CMake GHA/macos job. Follow-up to 445fb81 curl#14763 Follow-up to 751e168 curl#12024 Closes curl#16146
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Patch started out for working around compiler warnings in BearSSL latest
tarball release v0.6 (2018-08-14) and Apple clang 14 with CMake.
Then turned into patching CMake and
Makefile.mkbuilds to use-isysteminstead-Iwhen adding header directories fordependencies. This avoids compiler warnings in dependency headers,
syncing behaviour with autotools.
Also:
Makefile.mk: add support for BearSSL.after this patch.
Follow-up to 434db99 mbedtls: fix
-Wnull-dereferenceand-Wredundant-decls#12720Silenced BearSSL warnings:
(These warnings were fixed in BearSSL Git master in 2019 via
2893441f2efd4603ddd6d7f49011bdda096a4a87 and
ecdf89770ee82dfea6186fb4369cff3d06cd852e.)
Also these two cases, which are caused by an unidentified component
(outside curl) cranking up MSVC warnings in external headers to
/W4when ZLIB is deselected:
#14859 (comment)
mbedTLS 3.6.1:
Ref: https://github.com/curl/curl/actions/runs/10842694205/job/30107466989?pr=14859#step:10:29
nghttp3 1.5.0:
Ref: https://github.com/curl/curl/actions/runs/10871875297/job/30166233862?pr=14859#step:10:28
TODO:
SYSTEMkeyword.-Ito-isysteminMakefile.mkfor mbedTLS.SYSTEMto allinclude_directories()arg list.-Ito-isysteminMakefile.mkfor the rest of dependencies.