Build fails with -Werror=format-security

[jn64]

I'm building latest master e0ac02a of tsunami as an rpm package on Fedora 37, gcc 12.2.1.

The rpm macros in Fedora include this compiler flag -Werror=format-security by default, which causes the build to fail.

I can just unset it with -Wno-error=format-security and build successfully, so it's not a problem for me as a user.

However I don't know how serious these warnings actually are (in the context of tsunami) and if it's something you'd want to fix, so I'm letting you know. If it's harmless then the issue can be closed.

Here is Fedora's documentation on the subject. Debian and Ubuntu also set it by default.

---

Here is the relevant part of the build log, the last 2 steps before failing:

[ 79%] Building CXX object CMakeFiles/tsunami.dir/src/view/audioview/graph/LayerHeader.cpp.o
/usr/bin/g++ -DHAS_LIB_ALSA=1 -DHAS_LIB_DL=1 -DHAS_LIB_FFTW3=1 -DHAS_LIB_FLAC=1 -DHAS_LIB_GL=1 -DHAS_LIB_GTK4=1 -DHAS_LIB_OGG=1 -DHAS_LIB_PORTAUDIO=1 -DHAS_LIB_PULSEAUDIO=1 -DHAS_LIB_UNWIND=1 -DHAS_LIB_ZLIB=1 -DINSTALL_PREFIX=\"/usr\" -D_REENTRANT -I/usr/include/gtk-4.0 -I/usr/include/pango-1.0 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/sysprof-4 -I/usr/include/harfbuzz -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/libmount -I/usr/include/blkid -I/usr/include/fribidi -I/usr/include/libxml2 -I/usr/include/cairo -I/usr/include/pixman-1 -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/graphene-1.0 -I/usr/lib64/graphene-1.0/include -I/usr/include/gio-unix-2.0 -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -m64  -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -g   -mfpmath=sse -msse -msse2 -pthread -pthread -std=gnu++17 -MD -MT CMakeFiles/tsunami.dir/src/view/audioview/graph/LayerHeader.cpp.o -MF CMakeFiles/tsunami.dir/src/view/audioview/graph/LayerHeader.cpp.o.d -o CMakeFiles/tsunami.dir/src/view/audioview/graph/LayerHeader.cpp.o -c /builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/view/audioview/graph/LayerHeader.cpp
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/test/UnitTest.cpp: In member function 'void UnitTest::run(const string&, TestProtocoll&)':
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/test/UnitTest.cpp:52:31: error: format not a string literal and no format arguments [-Werror=format-security]
   52 |                         printf(os::terminal::RED.c_str());
      |                         ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/test/UnitTest.cpp:55:31: error: format not a string literal and no format arguments [-Werror=format-security]
   55 |                         printf(os::terminal::END.c_str());
      |                         ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/test/UnitTest.cpp: In static member function 'static void UnitTest::run_all(const string&)':
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/test/UnitTest.cpp:194:23: error: format not a string literal and no format arguments [-Werror=format-security]
  194 |                 printf(os::terminal::RED.c_str());
      |                 ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/test/UnitTest.cpp:196:23: error: format not a string literal and no format arguments [-Werror=format-security]
  196 |                 printf(os::terminal::END.c_str());
      |                 ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/test/UnitTest.cpp:198:23: error: format not a string literal and no format arguments [-Werror=format-security]
  198 |                 printf(os::terminal::GREEN.c_str());
      |                 ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/test/UnitTest.cpp:202:23: error: format not a string literal and no format arguments [-Werror=format-security]
  202 |                 printf(os::terminal::END.c_str());
      |                 ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~
[ 79%] Building CXX object CMakeFiles/tsunami.dir/src/view/audioview/graph/TimeScale.cpp.o
/usr/bin/g++ -DHAS_LIB_ALSA=1 -DHAS_LIB_DL=1 -DHAS_LIB_FFTW3=1 -DHAS_LIB_FLAC=1 -DHAS_LIB_GL=1 -DHAS_LIB_GTK4=1 -DHAS_LIB_OGG=1 -DHAS_LIB_PORTAUDIO=1 -DHAS_LIB_PULSEAUDIO=1 -DHAS_LIB_UNWIND=1 -DHAS_LIB_ZLIB=1 -DINSTALL_PREFIX=\"/usr\" -D_REENTRANT -I/usr/include/gtk-4.0 -I/usr/include/pango-1.0 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/sysprof-4 -I/usr/include/harfbuzz -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/libmount -I/usr/include/blkid -I/usr/include/fribidi -I/usr/include/libxml2 -I/usr/include/cairo -I/usr/include/pixman-1 -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/graphene-1.0 -I/usr/lib64/graphene-1.0/include -I/usr/include/gio-unix-2.0 -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -m64  -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -g   -mfpmath=sse -msse -msse2 -pthread -pthread -std=gnu++17 -MD -MT CMakeFiles/tsunami.dir/src/view/audioview/graph/TimeScale.cpp.o -MF CMakeFiles/tsunami.dir/src/view/audioview/graph/TimeScale.cpp.o.d -o CMakeFiles/tsunami.dir/src/view/audioview/graph/TimeScale.cpp.o -c /builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/view/audioview/graph/TimeScale.cpp
cc1plus: some warnings being treated as errors
gmake[2]: *** [CMakeFiles/tsunami.dir/build.make:5315: CMakeFiles/tsunami.dir/src/test/UnitTest.cpp.o] Error 1
gmake[2]: *** Waiting for unfinished jobs....
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/view/audioview/graph/LayerHeader.cpp: In member function 'virtual void LayerHeader::update_geometry_recursive(const rect&)':
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/view/audioview/graph/LayerHeader.cpp:157:15: warning: unused variable 'layer' [-Wunused-variable]
  157 |         auto *layer = vlayer->layer;
      |               ^~~~~
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/view/audioview/graph/LayerHeader.cpp: In member function 'virtual void LayerHeader::on_draw(Painter*)':
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/view/audioview/graph/LayerHeader.cpp:178:15: warning: unused variable 'view' [-Wunused-variable]
  178 |         auto *view = vlayer->view;
      |               ^~~~
/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/src/view/audioview/graph/LayerHeader.cpp:182:15: warning: unused variable 'h' [-Wunused-variable]
  182 |         float h = area.height();
      |               ^
gmake[2]: Leaving directory '/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/redhat-linux-build'
gmake[1]: *** [CMakeFiles/Makefile2:86: CMakeFiles/tsunami.dir/all] Error 2
gmake[1]: Leaving directory '/builddir/build/BUILD/tsunami-e0ac02a20021fcd56a3c0927b23f945e2f6aed87/redhat-linux-build'
gmake: *** [Makefile:139: all] Error 2

[momentarylapse]

ok, this should be fixed now. The current master builds with -Wall -Werror on my system without warnings/errors.

Yes, most of these warnings were from unused variables, i.e. harmless but sloppy on my side. The printf(os::terminal::RED.c_str()); showing in the log was more worrisome/stupid (well, git blame claims, I wrote that at 1am during a busy week). Definitely good to clean up.

Thanks a lot for reporting and also for trying out! Please let me know, if you run into more issues.

[jn64]

Thanks! 57999be builds fine now.