public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/105080] New: Bugus -Wformat-truncation
@ 2022-03-28 10:19 marcandre.lureau at gmail dot com
2022-03-28 10:46 ` [Bug c/105080] " rguenth at gcc dot gnu.org
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: marcandre.lureau at gmail dot com @ 2022-03-28 10:19 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105080
Bug ID: 105080
Summary: Bugus -Wformat-truncation
Product: gcc
Version: 12.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: marcandre.lureau at gmail dot com
Target Milestone: ---
With Fedora gcc-12.0.1-0.12.fc36.x86_64
gcc (GCC) 12.0.1 20220308 (Red Hat 12.0.1-0)
test.c:
#include <stdio.h>
void main(void)
{
char foo[3];
int i;
for (i = 0; i < 16; i++) {
snprintf(foo, sizeof(foo), "%d", i);
}
}
$ gcc -Wformat-truncation test.c
test.c: In function ‘main’:
test.c:9:45: warning: ‘%d’ directive output may be truncated writing between 1
and 11 bytes into a region of size 3 [-Wformat-truncation=]
9 | snprintf(foo, sizeof(foo), "%d", i);
| ^~
test.c:9:44: note: directive argument in the range [-2147483647, 15]
9 | snprintf(foo, sizeof(foo), "%d", i);
| ^~~~
test.c:9:17: note: ‘snprintf’ output between 2 and 12 bytes into a destination
of size 3
9 | snprintf(foo, sizeof(foo), "%d", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The computed range seems incorrect. There are similar variants of this bug that
have been found while compiling QEMU
(https://patchew.org/QEMU/20220328084717.367993-1-marcandre.lureau@redhat.com/)
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c/105080] Bugus -Wformat-truncation
2022-03-28 10:19 [Bug c/105080] New: Bugus -Wformat-truncation marcandre.lureau at gmail dot com
@ 2022-03-28 10:46 ` rguenth at gcc dot gnu.org
2022-03-28 10:50 ` rguenth at gcc dot gnu.org
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-03-28 10:46 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105080
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Keywords| |diagnostic
Ever confirmed|0 |1
Last reconfirmed| |2022-03-28
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed. The issue is that at -O0 we do not use SCEV and thus range analysis
is limited, just using i < 16.
static unsigned int
printf_strlen_execute (function *fun, bool warn_only)
{
strlen_optimize = !warn_only;
calculate_dominance_info (CDI_DOMINATORS);
bool use_scev = optimize > 0 && flag_printf_return_value;
if (use_scev)
{
loop_optimizer_init (LOOPS_NORMAL);
scev_initialize ();
}
at -O0 we call this when warn_format_overflow > 0 || warn_format_trunc > 0 so
to improve we could maybe do || warn_only above. That would fix the bogus
diagnostic.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c/105080] Bugus -Wformat-truncation
2022-03-28 10:19 [Bug c/105080] New: Bugus -Wformat-truncation marcandre.lureau at gmail dot com
2022-03-28 10:46 ` [Bug c/105080] " rguenth at gcc dot gnu.org
@ 2022-03-28 10:50 ` rguenth at gcc dot gnu.org
2022-03-28 12:49 ` [Bug tree-optimization/105080] [12 Regression] " rguenth at gcc dot gnu.org
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-03-28 10:50 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105080
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jakub at gcc dot gnu.org,
| |rguenth at gcc dot gnu.org
--- Comment #2 from Richard Biener <rguenth at gcc dot gnu.org> ---
(In reply to Richard Biener from comment #1)
> Confirmed. The issue is that at -O0 we do not use SCEV and thus range
> analysis is limited, just using i < 16.
>
> static unsigned int
> printf_strlen_execute (function *fun, bool warn_only)
> {
> strlen_optimize = !warn_only;
>
> calculate_dominance_info (CDI_DOMINATORS);
>
> bool use_scev = optimize > 0 && flag_printf_return_value;
> if (use_scev)
> {
> loop_optimizer_init (LOOPS_NORMAL);
> scev_initialize ();
> }
>
> at -O0 we call this when warn_format_overflow > 0 || warn_format_trunc > 0 so
> to improve we could maybe do || warn_only above. That would fix the bogus
> diagnostic.
Or rather always do this, even the late pass as otherwise I see a bogus
diagnostic with -fno-printf-return-value even when optimizing:
> ./cc1 -quiet t.c -Wall -O -fno-printf-return-value
t.c:1:6: warning: return type of 'main' is not 'int' [-Wmain]
1 | void main(void)
| ^~~~
t.c: In function 'main':
t.c:7:55: warning: '%d' directive output may be truncated writing between 1 and
11 bytes into a region of size 3 [-Wformat-truncation=]
7 | __builtin_snprintf(foo, sizeof(foo), "%d", i);
| ^~
t.c:7:54: note: directive argument in the range [-2147483647, 2147483647]
7 | __builtin_snprintf(foo, sizeof(foo), "%d", i);
| ^~~~
t.c:7:17: note: '__builtin_snprintf' output between 2 and 12 bytes into a
destination of size 3
7 | __builtin_snprintf(foo, sizeof(foo), "%d", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug tree-optimization/105080] [12 Regression] Bugus -Wformat-truncation
2022-03-28 10:19 [Bug c/105080] New: Bugus -Wformat-truncation marcandre.lureau at gmail dot com
2022-03-28 10:46 ` [Bug c/105080] " rguenth at gcc dot gnu.org
2022-03-28 10:50 ` rguenth at gcc dot gnu.org
@ 2022-03-28 12:49 ` rguenth at gcc dot gnu.org
2022-03-28 12:55 ` rguenth at gcc dot gnu.org
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-03-28 12:49 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105080
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Known to work| |11.2.1
Summary|Bugus -Wformat-truncation |[12 Regression] Bugus
| |-Wformat-truncation
Component|c |tree-optimization
Target Milestone|--- |12.0
--- Comment #3 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 11 doesn't warn.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug tree-optimization/105080] [12 Regression] Bugus -Wformat-truncation
2022-03-28 10:19 [Bug c/105080] New: Bugus -Wformat-truncation marcandre.lureau at gmail dot com
` (2 preceding siblings ...)
2022-03-28 12:49 ` [Bug tree-optimization/105080] [12 Regression] " rguenth at gcc dot gnu.org
@ 2022-03-28 12:55 ` rguenth at gcc dot gnu.org
2022-03-29 6:15 ` cvs-commit at gcc dot gnu.org
2022-03-29 6:18 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-03-28 12:55 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105080
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
Assignee|unassigned at gcc dot gnu.org |rguenth at gcc dot gnu.org
--- Comment #4 from Richard Biener <rguenth at gcc dot gnu.org> ---
Testgin the fix.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug tree-optimization/105080] [12 Regression] Bugus -Wformat-truncation
2022-03-28 10:19 [Bug c/105080] New: Bugus -Wformat-truncation marcandre.lureau at gmail dot com
` (3 preceding siblings ...)
2022-03-28 12:55 ` rguenth at gcc dot gnu.org
@ 2022-03-29 6:15 ` cvs-commit at gcc dot gnu.org
2022-03-29 6:18 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2022-03-29 6:15 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105080
--- Comment #5 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Richard Biener <rguenth@gcc.gnu.org>:
https://gcc.gnu.org/g:28c5df79300ab354cbc381aab200f7c2bd0331ad
commit r12-7870-g28c5df79300ab354cbc381aab200f7c2bd0331ad
Author: Richard Biener <rguenther@suse.de>
Date: Mon Mar 28 14:55:49 2022 +0200
tree-optimization/105080 - make sure SCEV is available for ranger
When doing format diagnostics at -O0 we should make sure to make
SCEV available to avoid false positives due to ranges we otherwise
can trivially compute.
2022-03-28 Richard Biener <rguenther@suse.de>
PR tree-optimization/105080
* tree-ssa-strlen.cc (printf_strlen_execute): Always init
loops and SCEV.
* gcc.dg/pr105080.c: New testcase.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug tree-optimization/105080] [12 Regression] Bugus -Wformat-truncation
2022-03-28 10:19 [Bug c/105080] New: Bugus -Wformat-truncation marcandre.lureau at gmail dot com
` (4 preceding siblings ...)
2022-03-29 6:15 ` cvs-commit at gcc dot gnu.org
@ 2022-03-29 6:18 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-03-29 6:18 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105080
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #6 from Richard Biener <rguenth at gcc dot gnu.org> ---
Fixed.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2022-03-29 6:18 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-28 10:19 [Bug c/105080] New: Bugus -Wformat-truncation marcandre.lureau at gmail dot com
2022-03-28 10:46 ` [Bug c/105080] " rguenth at gcc dot gnu.org
2022-03-28 10:50 ` rguenth at gcc dot gnu.org
2022-03-28 12:49 ` [Bug tree-optimization/105080] [12 Regression] " rguenth at gcc dot gnu.org
2022-03-28 12:55 ` rguenth at gcc dot gnu.org
2022-03-29 6:15 ` cvs-commit at gcc dot gnu.org
2022-03-29 6:18 ` rguenth at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).