build: cannot compile with landlock disabled on Ubuntu 16.04 (gcc 9.5.0)

[glitsj16]

Building firejail from git master fails on ubuntu with kernel 4.15.0-220-generic (regardless of using --enable-landlock or not).

Here's the relevant output:

[...]
In file included from appimage.c:23:
firejail.h:981:27: error: ISO C requires a named argument before ‘...’
  981 | static inline int ll_read(...) { return 0; }
      |                           ^~~
firejail.h:982:28: error: ISO C requires a named argument before ‘...’
  982 | static inline int ll_write(...) { return 0; }
      |                            ^~~
firejail.h:983:30: error: ISO C requires a named argument before ‘...’
  983 | static inline int ll_special(...) { return 0; }
      |                              ^~~
firejail.h:984:27: error: ISO C requires a named argument before ‘...’
  984 | static inline int ll_exec(...) { return 0; }
      |                           ^~~
firejail.h:986:31: error: ISO C requires a named argument before ‘...’
  986 | static inline int ll_restrict(...) { return 0; }
      |                               ^~~
firejail.h:987:35: error: ISO C requires a named argument before ‘...’
  987 | static inline void ll_add_profile(...) { return; }
      |                                   ^~~
make[1]: *** [../../src/prog.mk:16: appimage.o] Error 1
make[1]: Leaving directory '/home/glitsj16/firejail-git/src/firejail'
make: *** [Makefile:58: src/firejail/firejail] Error 2

@netblue30 Can you have a look please?

[kmk3]

Building firejail from git master fails on ubuntu with kernel
4.15.0-220-generic (regardless of using --enable-landlock or not).

Here's the relevant output:

[...]
In file included from appimage.c:23:
firejail.h:981:27: error: ISO C requires a named argument before ‘...’
  981 | static inline int ll_read(...) { return 0; }

I added this code, I'll look into it.

What is the version of Ubuntu, gcc and glibc used?

What is the output of the following commands?

gcc -v
info gcc | grep -A 1 'if no C language dialect'

Relates to #6078.

[glitsj16]

What is the version of Ubuntu, gcc and glibc used?

This is Ubuntu 16.04.07 LTS with Expanded Security Maintenance (ESM).

$ apt-cache policy libc6 | grep Installed
  Installed: 2.23-0ubuntu11.3+esm3

$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/9/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none:hsa
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 9.5.0-1ubuntu1~16.04.sav1' --with-bugurl=file:///usr/share/doc/gcc-9/README.Bugs --enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++,gm2 --prefix=/usr --with-gcc-major-version-only --program-suffix=-9 --program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-plugin --with-system-zlib --with-target-system-zlib=auto --enable-objc-gc=auto --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none=/build/gcc-9-pNKsiU/gcc-9-9.5.0/debian/tmp-nvptx/usr,hsa --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 9.5.0 (Ubuntu 9.5.0-1ubuntu1~16.04.sav1)

$ info gcc | grep -A 1 'if no C language dialect'
info: No menu item 'gcc' in node '(dir)Top'.

[kmk3]

What is the version of Ubuntu, gcc and glibc used?

This is Ubuntu 16.04.07 LTS with Expanded Security
Maintenance (ESM).

$ apt-cache policy libc6 | grep Installed
  Installed: 2.23-0ubuntu11.3+esm3

$ gcc -v
[...]
gcc version 9.5.0 (Ubuntu 9.5.0-1ubuntu1~16.04.sav1)

Strange, that gcc version is not that old to be having issues with this.

Did you manually enable -Wpedantic and -Werror?

Is this in a VM or CI?

Please post the full build log of ./configure and make.

[glitsj16]

Did you manually enable -Wpedantic and -Werror?
Is this in a VM or CI?

Nope, I build firejail from git on Ubuntu just like I do on my Arch Linux setup. Dual-booting both Linuxes; so bare metal, no VM or CI involved.

Please post the full build log of ./configure and make.

Here you go:

./configure log: https://x0.at/eiLY.w8LKzE8
make log: https://x0.at/SQ6V.tolJoZH

[kmk3]

Does the following work?

make clean >/dev/null && make EXTRA_CFLAGS+='-std=gnu99'

What is the output of this:

make clean >/dev/null && make EXTRA_CFLAGS+='-std=gnu99' 2>&1 | head

[glitsj16]

No changes, getting the same errors:

https://x0.at/BacG.Y5iD3Za
https://x0.at/hp-z.Iiz2yjp

[kmk3]

Alright, I managed to make gcc print warnings:

$ pacman -Q gcc glibc
gcc 13.2.1-3
glibc 2.38-7
$ ./configure --disable-landlock >/dev/null && make clean >/dev/null &&
  make EXTRA_CFLAGS+='-std=c99 -Wpedantic -Wno-error'
[...]
gcc -ggdb -O2 -DVERSION='"0.9.73"' -DMOD_DIR='"src/firejail"' -Wall -Wextra  -Wformat -Wformat-security -Wno-overlength-strings -Wno-pointer-arith -fstack-protector-all -D_FORTIFY_SOURCE=2 -DPREFIX='"/usr/local"' -DSYSCONFDIR='"/usr/local/etc/firejail"' -DLIBDIR='"/usr/local/lib"' -DBINDIR='"/usr/local/bin"' -DVARDIR='"/var/lib/firejail"'    -DHAVE_CHROOT -DHAVE_DBUSPROXY -DHAVE_FILE_TRANSFER   -DHAVE_GLOBALCFG    -DHAVE_NETWORK  -DHAVE_OUTPUT  -DHAVE_PRIVATE_HOME   -DHAVE_SUID -DHAVE_USERNS -DHAVE_USERTMPFS -DHAVE_X11 -std=c99 -Wpedantic -Wno-error -fPIE -g -O2  -c appimage.c -o appimage.o
In file included from appimage.c:23:
firejail.h:982:27: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
  982 | static inline int ll_read(...) { return 0; }
      |                           ^~~
firejail.h:983:28: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
  983 | static inline int ll_write(...) { return 0; }
      |                            ^~~
firejail.h:984:30: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
  984 | static inline int ll_special(...) { return 0; }
      |                              ^~~
firejail.h:985:27: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
  985 | static inline int ll_exec(...) { return 0; }
      |                           ^~~
firejail.h:987:31: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
  987 | static inline int ll_restrict(...) { return 0; }
      |                               ^~~
firejail.h:988:35: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
  988 | static inline void ll_add_profile(...) { return; }
      |                                   ^~~

I was forgetting to use --disable-landlock to make it compile the lines in
question.

I think I'll just remove them for now and maybe try a more portable version
later.

[kmk3]

No changes, getting the same errors:

https://x0.at/BacG.Y5iD3Za

https://x0.at/hp-z.Iiz2yjp

What does the following show?

./configure --disable-landlock >/dev/null && make clean >/dev/null &&
make EXTRA_CFLAGS+='-std=c99 -Wpedantic -Wno-error'

Also, could you post the output directly so that the details are centralized
and available for future reference?

It can be just the relevant make lines (as in my previous comment) so that it
doesn't exceed the character limit.

[glitsj16]

$ ./configure --disable-landlock >/dev/null && make clean >/dev/null && make EXTRA_CFLAGS+='-std=c99 -Wpedantic -Wno-error'
[...]
make[1]: Entering directory '/home/glitsj16/firejail/src/firejail'
gcc -ggdb -O2 -DVERSION='"0.9.73"' -DMOD_DIR='"src/firejail"' -Wall -Wextra  -Wformat -Wformat-security -fstack-protector-all -D_FORTIFY_SOURCE=2 -DPREFIX='"/usr/local"' -DSYSCONFDIR='"/usr/local/etc/firejail"' -DLIBDIR='"/usr/local/lib"' -DBINDIR='"/usr/local/bin"' -DVARDIR='"/var/lib/firejail"'    -DHAVE_CHROOT -DHAVE_DBUSPROXY -DHAVE_FILE_TRANSFER   -DHAVE_GLOBALCFG    -DHAVE_NETWORK  -DHAVE_OUTPUT  -DHAVE_PRIVATE_HOME   -DHAVE_SUID -DHAVE_USERNS -DHAVE_USERTMPFS -DHAVE_X11 -std=c99 -Wpedantic -Wno-error -fPIE -g -O2  -c appimage.c -o appimage.o
make[1]: Leaving directory '/home/glitsj16/firejail/src/firejail'

[kmk3]

$ ./configure --disable-landlock >/dev/null && make clean >/dev/null && make EXTRA_CFLAGS+='-std=c99 -Wpedantic -Wno-error'
[...]
gcc -ggdb -O2 -DVERSION='"0.9.73"' -DMOD_DIR='"src/firejail"' -Wall -Wextra  -Wformat -Wformat-security -fstack-protector-all -D_FORTIFY_SOURCE=2 -DPREFIX='"/usr/local"' -DSYSCONFDIR='"/usr/local/etc/firejail"' -DLIBDIR='"/usr/local/lib"' -DBINDIR='"/usr/local/bin"' -DVARDIR='"/var/lib/firejail"'    -DHAVE_CHROOT -DHAVE_DBUSPROXY -DHAVE_FILE_TRANSFER   -DHAVE_GLOBALCFG    -DHAVE_NETWORK  -DHAVE_OUTPUT  -DHAVE_PRIVATE_HOME   -DHAVE_SUID -DHAVE_USERNS -DHAVE_USERTMPFS -DHAVE_X11 -std=c99 -Wpedantic -Wno-error -fPIE -g -O2  -c appimage.c -o appimage.o

So even when the compiler flags are the same it causes an error.

I suppose that basic support for that was indeed added rather recently to gcc
then.

It seems a bit surprising that it only warns with -Wpedantic in recent
versions (rather than requiring something like -std=gnu99), as it is only
part of C23 (which has not been published yet) and is not in older versions of
gcc.

Note: I have a WIP branch that adds -std=c99 -Wpedantic to CFLAGS in CI,
which will hopefully catch similar issues.

[glitsj16]

@kmk3 Thanks for all the work, builds fine again now!