public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug analyzer/106383] New: False positives from -Wanalyzer-va-list-exhausted
@ 2022-07-21 14:38 dmalcolm at gcc dot gnu.org
2022-07-21 18:14 ` [Bug analyzer/106383] " dmalcolm at gcc dot gnu.org
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-07-21 14:38 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106383
Bug ID: 106383
Summary: False positives from -Wanalyzer-va-list-exhausted
Product: gcc
Version: 12.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dmalcolm at gcc dot gnu.org
Blocks: 106358
Target Milestone: ---
https://godbolt.org/z/c87abh5vc
Given:
typedef __builtin_va_list va_list;
struct printf_spec {
unsigned int type;
};
int
format_decode(const char *fmt, struct printf_spec *spec);
static int vbin_printf(const char *fmt, va_list args) {
struct printf_spec spec;
int width = 0;
while (*fmt) {
int read = format_decode(fmt, &spec);
fmt += read;
switch (spec.type) {
case 0:
break;
case 1:
width = __builtin_va_arg(args, int);
break;
}
}
return width;
}
int bprintf(const char *fmt, ...) {
va_list args;
int ret;
__builtin_va_start(args, fmt);
ret = vbin_printf(fmt, args);
__builtin_va_end(args);
return ret;
}
we get this false positive with trunk with -fanalyzer:
../../src/vsprintf.c: In function ‘vbin_printf’:
../../src/vsprintf.c:23:13: warning: ‘args’ has no more arguments (0 consumed)
[CWE-685] [-Wanalyzer-va-list-exhausted]
23 | width = __builtin_va_arg(args, int);
| ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
‘bprintf’: events 1-2
|
| 31 | int bprintf(const char *fmt, ...) {
| | ^~~~~~~
| | |
| | (1) entry to ‘bprintf’
|......
| 36 | ret = vbin_printf(fmt, args);
| | ~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (2) calling ‘vbin_printf’ from ‘bprintf’
|
+--> ‘vbin_printf’: events 3-6
|
| 10 | static int vbin_printf(const char *fmt, va_list args) {
| | ^~~~~~~~~~~
| | |
| | (3) entry to ‘vbin_printf’
|......
| 14 | while (*fmt) {
| | ~
| | |
| | (4) following ‘true’ branch...
| 15 | int read = format_decode(fmt, &spec);
| | ~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (5) ...to here
|......
| 23 | width = __builtin_va_arg(args, int);
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (6) ‘args’ has no more arguments (0 consumed)
|
Reduced from Linux kernel: lib/vsprintf.c
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106358
[Bug 106358] [meta-bug] tracker bug for building the Linux kernel with
-fanalyzer
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug analyzer/106383] False positives from -Wanalyzer-va-list-exhausted
2022-07-21 14:38 [Bug analyzer/106383] New: False positives from -Wanalyzer-va-list-exhausted dmalcolm at gcc dot gnu.org
@ 2022-07-21 18:14 ` dmalcolm at gcc dot gnu.org
2022-07-21 21:30 ` cvs-commit at gcc dot gnu.org
2022-07-21 21:34 ` dmalcolm at gcc dot gnu.org
2 siblings, 0 replies; 4+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-07-21 18:14 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106383
David Malcolm <dmalcolm at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Last reconfirmed| |2022-07-21
Status|UNCONFIRMED |ASSIGNED
Ever confirmed|0 |1
--- Comment #1 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
I'm testing a fix for this.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug analyzer/106383] False positives from -Wanalyzer-va-list-exhausted
2022-07-21 14:38 [Bug analyzer/106383] New: False positives from -Wanalyzer-va-list-exhausted dmalcolm at gcc dot gnu.org
2022-07-21 18:14 ` [Bug analyzer/106383] " dmalcolm at gcc dot gnu.org
@ 2022-07-21 21:30 ` cvs-commit at gcc dot gnu.org
2022-07-21 21:34 ` dmalcolm at gcc dot gnu.org
2 siblings, 0 replies; 4+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2022-07-21 21:30 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106383
--- Comment #2 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by David Malcolm <dmalcolm@gcc.gnu.org>:
https://gcc.gnu.org/g:b852aa7f265424c8e2036899da5d8306ff06a16c
commit r13-1786-gb852aa7f265424c8e2036899da5d8306ff06a16c
Author: David Malcolm <dmalcolm@redhat.com>
Date: Thu Jul 21 17:29:26 2022 -0400
analyzer: fix -Wanalyzer-va-list-exhausted false +ve on va_arg in
subroutine [PR106383]
gcc/analyzer/ChangeLog:
PR analyzer/106383
* varargs.cc (region_model::impl_call_va_arg): When determining if
we're doing interprocedural analysis, use the stack depth of the
frame in which va_start was called, rather than the current stack
depth.
gcc/testsuite/ChangeLog:
PR analyzer/106383
* gcc.dg/analyzer/stdarg-3.c: New test.
Signed-off-by: David Malcolm <dmalcolm@redhat.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug analyzer/106383] False positives from -Wanalyzer-va-list-exhausted
2022-07-21 14:38 [Bug analyzer/106383] New: False positives from -Wanalyzer-va-list-exhausted dmalcolm at gcc dot gnu.org
2022-07-21 18:14 ` [Bug analyzer/106383] " dmalcolm at gcc dot gnu.org
2022-07-21 21:30 ` cvs-commit at gcc dot gnu.org
@ 2022-07-21 21:34 ` dmalcolm at gcc dot gnu.org
2 siblings, 0 replies; 4+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2022-07-21 21:34 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106383
David Malcolm <dmalcolm at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #3 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
Should be fixed by the above commit.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-07-21 21:34 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-07-21 14:38 [Bug analyzer/106383] New: False positives from -Wanalyzer-va-list-exhausted dmalcolm at gcc dot gnu.org
2022-07-21 18:14 ` [Bug analyzer/106383] " dmalcolm at gcc dot gnu.org
2022-07-21 21:30 ` cvs-commit at gcc dot gnu.org
2022-07-21 21:34 ` dmalcolm at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).