[Bug c/100401] New: Bogus -Wformat-overflow warning

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug c/100401] New: Bogus -Wformat-overflow warning
@ 2021-05-03 16:58 lavr at ncbi dot nlm.nih.gov
  2021-05-03 19:30 ` [Bug middle-end/100401] Bogus -Wformat-overflow for a trailing zero-length array of a union msebor at gcc dot gnu.org
  2021-05-03 20:09 ` lavr at ncbi dot nlm.nih.gov
  0 siblings, 2 replies; 3+ messages in thread
From: lavr at ncbi dot nlm.nih.gov @ 2021-05-03 16:58 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100401

            Bug ID: 100401
           Summary: Bogus -Wformat-overflow warning
           Product: gcc
           Version: 10.2.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: lavr at ncbi dot nlm.nih.gov
  Target Milestone: ---

$ gcc --version
gcc (GCC) 10.2.0


$ cat bogus.c
#include <stdio.h>

#define RECLEN  128

struct S {
    int  code;
    char text[0];
};


const void fun(int n)
{
    union {
        struct S s;
        char     rec[RECLEN];
    } x;
    const char* err;

    if (!n) {
        err = "No error";
    } else {
        sprintf(x.s.text, "Error %d", n);
        err = x.s.text;
    }
    printf("%s\n", err);
}


int main(int argc, const char* argv[])
{
    fun(argc);
    return 0;
}


$ gcc -Wall -O2 bogus.c
bogus.c: In function ‘fun’:
bogus.c:22:28: warning: ‘Error ’ directive writing 6 bytes into a region of
size 0 [-Wformat-overflow=]
   22 |         sprintf(x.s.text, "Error %d", n);
      |                            ^~~~~~
bogus.c:22:9: note: ‘sprintf’ output between 8 and 18 bytes into a destination
of size 0
   22 |         sprintf(x.s.text, "Error %d", n);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [Bug middle-end/100401] Bogus -Wformat-overflow for a trailing zero-length array of a union
  2021-05-03 16:58 [Bug c/100401] New: Bogus -Wformat-overflow warning lavr at ncbi dot nlm.nih.gov
@ 2021-05-03 19:30 ` msebor at gcc dot gnu.org
  2021-05-03 20:09 ` lavr at ncbi dot nlm.nih.gov
  1 sibling, 0 replies; 3+ messages in thread
From: msebor at gcc dot gnu.org @ 2021-05-03 19:30 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100401

Martin Sebor <msebor at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
      Known to fail|                            |10.2.0, 11.1.0
            Summary|Bogus -Wformat-overflow     |Bogus -Wformat-overflow for
                   |warning                     |a trailing zero-length
                   |                            |array of a union
                 CC|                            |msebor at gcc dot gnu.org
             Status|UNCONFIRMED                 |NEW
          Component|c                           |middle-end
   Last reconfirmed|                            |2021-05-03
     Ever confirmed|0                           |1

--- Comment #1 from Martin Sebor <msebor at gcc dot gnu.org> ---
Confirmed with GCC 10.  The warning is avoided in GCC 11 (since r11-5622).  The
change is too intrusive to backport and it's seems that the warning doesn't
trigger anymore might be incidental to it.  It can still be reproduced on trunk
but only in C++.

I would suggest to expect warnings for tricks like in the test case (writing
past subobject boundaries).  GCC warnings are designed to "report constructions
that are not inherently erroneous but that are risky or suggest there may have
been an error."  Access warnings like -Warray-bounds, -Wformat-overflow, and
-Wstringop-overflow try to accommodate code they have been taught is likely
safe but the logic is secondary to helping find bugs, and not foolproof.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [Bug middle-end/100401] Bogus -Wformat-overflow for a trailing zero-length array of a union
  2021-05-03 16:58 [Bug c/100401] New: Bogus -Wformat-overflow warning lavr at ncbi dot nlm.nih.gov
  2021-05-03 19:30 ` [Bug middle-end/100401] Bogus -Wformat-overflow for a trailing zero-length array of a union msebor at gcc dot gnu.org
@ 2021-05-03 20:09 ` lavr at ncbi dot nlm.nih.gov
  1 sibling, 0 replies; 3+ messages in thread
From: lavr at ncbi dot nlm.nih.gov @ 2021-05-03 20:09 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100401

--- Comment #2 from lavr at ncbi dot nlm.nih.gov ---
> GCC warnings are designed to "report constructions that are not inherently erroneous but that are risky or suggest there may have been an error."

Certainly, but the [0] size trailing member arrays were specifically devised to
be such constructions, TBH.  So the warning in this case is like shooting
yourself in the foot...  Especially when the boundaries are well observed.

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2021-05-03 20:09 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-03 16:58 [Bug c/100401] New: Bogus -Wformat-overflow warning lavr at ncbi dot nlm.nih.gov
2021-05-03 19:30 ` [Bug middle-end/100401] Bogus -Wformat-overflow for a trailing zero-length array of a union msebor at gcc dot gnu.org
2021-05-03 20:09 ` lavr at ncbi dot nlm.nih.gov

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).