[Bug tree-optimization/108091] New: '-Wformat-overflow' determines incorrect size when printing strings from an array of structs

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug tree-optimization/108091] New: '-Wformat-overflow' determines incorrect size when printing strings from an array of structs
@ 2022-12-14  2:18 cjamcl at gmail dot com
  2022-12-14  2:26 ` [Bug tree-optimization/108091] " pinskia at gcc dot gnu.org
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: cjamcl at gmail dot com @ 2022-12-14  2:18 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108091

            Bug ID: 108091
           Summary: '-Wformat-overflow' determines incorrect size when
                    printing strings from an array of structs
           Product: gcc
           Version: 12.2.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: tree-optimization
          Assignee: unassigned at gcc dot gnu.org
          Reporter: cjamcl at gmail dot com
  Target Milestone: ---

Given an array of structs for which a member is a `char[]`, `-Wformat-overflow`
will be far too conservative in its determination of how big the printed value
can be.


Repro:

https://gcc.godbolt.org/z/K69baxW55

```c
// gcc -Os -Wformat-overflow -c test.c

struct my_struct
{
    char name[64];
    int id;
};

struct my_struct list[]=
{
        { "A", 0},
    { "B", 0},
    { "C", 0},
    { "",  0},
};

int main() {
    char str[100];

    for (int i = 0; i < 4; i++) {
        __builtin_sprintf(str, "%s", list[i].name);
    }

    return 0;
}
```

Output:

```
<source>: In function 'int main()':
<source>:19:33: warning: '%s' directive writing up to 271 bytes into a region
of size 100 [-Wformat-overflow=]
   19 |         __builtin_sprintf(str, "%s", list[i].name);
      |                                 ^~
<source>:19:26: note: '__builtin_sprintf' output between 1 and 272 bytes into a
destination of size 100
   19 |         __builtin_sprintf(str, "%s", list[i].name);
      |         ~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~
Compiler returned: 0
```


-----

My assumption is that it cannot be determined that some value doesn't get a
non-null terminated string written to it at runtime, so the check is very
conservative and gives a length equal to the full size of the array.

In the above example, I'd expect gcc to know that the values are never
re-assigned, so it should use the length of whatever the biggest string in the
array is. I attempted to help the check by adding `const` qualifiers but that
didn't help.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug tree-optimization/108091] '-Wformat-overflow' determines incorrect size when printing strings from an array of structs
  2022-12-14  2:18 [Bug tree-optimization/108091] New: '-Wformat-overflow' determines incorrect size when printing strings from an array of structs cjamcl at gmail dot com
@ 2022-12-14  2:26 ` pinskia at gcc dot gnu.org
  2022-12-14  2:28 ` pinskia at gcc dot gnu.org
  2022-12-14  8:01 ` jakub at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: pinskia at gcc dot gnu.org @ 2022-12-14  2:26 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108091

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Last reconfirmed|                            |2022-12-14
     Ever confirmed|0                           |1
             Status|UNCONFIRMED                 |NEW

--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
IV-OPTS produces:
  <bb 3> [local count: 858993457]:
  # ivtmp.10_13 = PHI <ivtmp.10_14(5), ivtmp.10_15(2)>
  _1 = (char[64] *) ivtmp.10_13;
  __builtin_strcpy (&str, _1);
  ivtmp.10_14 = ivtmp.10_13 + 68;
  if (ivtmp.10_14 != _17)
    goto <bb 5>; [80.00%]
  else
    goto <bb 4>; [20.00%]

  <bb 5> [local count: 687194763]:
  goto <bb 3>; [100.00%]

Which confuses the warning pass.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug tree-optimization/108091] '-Wformat-overflow' determines incorrect size when printing strings from an array of structs
  2022-12-14  2:18 [Bug tree-optimization/108091] New: '-Wformat-overflow' determines incorrect size when printing strings from an array of structs cjamcl at gmail dot com
  2022-12-14  2:26 ` [Bug tree-optimization/108091] " pinskia at gcc dot gnu.org
@ 2022-12-14  2:28 ` pinskia at gcc dot gnu.org
  2022-12-14  8:01 ` jakub at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: pinskia at gcc dot gnu.org @ 2022-12-14  2:28 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108091

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |DUPLICATE
             Status|NEW                         |RESOLVED

--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Dup of bug 106559 (the underlying problem is the same).

*** This bug has been marked as a duplicate of bug 106559 ***

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug tree-optimization/108091] '-Wformat-overflow' determines incorrect size when printing strings from an array of structs
  2022-12-14  2:18 [Bug tree-optimization/108091] New: '-Wformat-overflow' determines incorrect size when printing strings from an array of structs cjamcl at gmail dot com
  2022-12-14  2:26 ` [Bug tree-optimization/108091] " pinskia at gcc dot gnu.org
  2022-12-14  2:28 ` pinskia at gcc dot gnu.org
@ 2022-12-14  8:01 ` jakub at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: jakub at gcc dot gnu.org @ 2022-12-14  8:01 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108091

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jakub at gcc dot gnu.org

--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
(In reply to Connor Clark from comment #0)
> In the above example, I'd expect gcc to know that the values are never
> re-assigned

That is an incorrect expectation.  list is a global variable, so it could be
changed
from any other translation unit, e.g. from __attribute__((constructor)) code or
C++ constructor of a namespace variable.

Though yes, making it const or as in PR106559 a static array allows the
compiler to see it isn't changed and it does warn anyway.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-12-14  8:01 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-14  2:18 [Bug tree-optimization/108091] New: '-Wformat-overflow' determines incorrect size when printing strings from an array of structs cjamcl at gmail dot com
2022-12-14  2:26 ` [Bug tree-optimization/108091] " pinskia at gcc dot gnu.org
2022-12-14  2:28 ` pinskia at gcc dot gnu.org
2022-12-14  8:01 ` jakub at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).