public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/109979] New: [12 Regression] -Wformat-overflow false positive for %d and non-basic expression
@ 2023-05-26 7:17 vincent-gcc at vinc17 dot net
2023-05-26 7:19 ` [Bug c/109979] " pinskia at gcc dot gnu.org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: vincent-gcc at vinc17 dot net @ 2023-05-26 7:17 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109979
Bug ID: 109979
Summary: [12 Regression] -Wformat-overflow false positive for
%d and non-basic expression
Product: gcc
Version: 12.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: vincent-gcc at vinc17 dot net
Target Milestone: ---
Consider
#include <stdio.h>
void f (int *);
void g (void)
{
int e;
char s[4];
f (&e);
sprintf (s, "%d", e);
sprintf (s, "%d", e - 1);
}
I get on my Linux/x86_64 machine with gcc-12 (Debian 12.2.0-14) 12.2.0:
zira:~> gcc-12 -Wformat-overflow -c tst.c
tst.c: In function ‘g’:
tst.c:12:16: warning: ‘%d’ directive writing between 1 and 11 bytes into a
region of size 4 [-Wformat-overflow=]
12 | sprintf (s, "%d", e - 1);
| ^~
tst.c:12:15: note: directive argument in the range [-2147483648, 2147483646]
12 | sprintf (s, "%d", e - 1);
| ^~~~
tst.c:12:3: note: ‘sprintf’ output between 2 and 12 bytes into a destination of
size 4
12 | sprintf (s, "%d", e - 1);
| ^~~~~~~~~~~~~~~~~~~~~~~~
Note that the warning occurs for "e - 1" but not for "e".
This bug was found when compiling GNU MPFR 4.2.0 with "-std=c90 -Werror=format
-m32" (compilation failure for get_d64.c).
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/109979] [12 Regression] -Wformat-overflow false positive for %d and non-basic expression
2023-05-26 7:17 [Bug c/109979] New: [12 Regression] -Wformat-overflow false positive for %d and non-basic expression vincent-gcc at vinc17 dot net
@ 2023-05-26 7:19 ` pinskia at gcc dot gnu.org
2023-05-26 7:23 ` [Bug c/109979] " pinskia at gcc dot gnu.org
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-05-26 7:19 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109979
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
The warning should happen for both ...
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/109979] -Wformat-overflow false positive for %d and non-basic expression
2023-05-26 7:17 [Bug c/109979] New: [12 Regression] -Wformat-overflow false positive for %d and non-basic expression vincent-gcc at vinc17 dot net
2023-05-26 7:19 ` [Bug c/109979] " pinskia at gcc dot gnu.org
@ 2023-05-26 7:23 ` pinskia at gcc dot gnu.org
2023-05-26 7:28 ` pinskia at gcc dot gnu.org
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-05-26 7:23 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109979
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |diagnostic
Summary|[12 Regression] |-Wformat-overflow false
|-Wformat-overflow false |positive for %d and
|positive for %d and |non-basic expression
|non-basic expression |
--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
The warning happens in GCC 8+ with -O1 and above too ...
Really the warning should have happened for the first sprintf too because even
though e has no range, it still can overflow the buffer.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/109979] -Wformat-overflow false positive for %d and non-basic expression
2023-05-26 7:17 [Bug c/109979] New: [12 Regression] -Wformat-overflow false positive for %d and non-basic expression vincent-gcc at vinc17 dot net
2023-05-26 7:19 ` [Bug c/109979] " pinskia at gcc dot gnu.org
2023-05-26 7:23 ` [Bug c/109979] " pinskia at gcc dot gnu.org
@ 2023-05-26 7:28 ` pinskia at gcc dot gnu.org
2023-05-26 7:39 ` rguenth at gcc dot gnu.org
2023-05-26 7:54 ` vincent-gcc at vinc17 dot net
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-05-26 7:28 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109979
--- Comment #3 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Note there is no warning if you use -fwrapv which is what I expected as the
range of e-1 becomes the whole range because overflow becomes defined as
wrapping ....
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/109979] -Wformat-overflow false positive for %d and non-basic expression
2023-05-26 7:17 [Bug c/109979] New: [12 Regression] -Wformat-overflow false positive for %d and non-basic expression vincent-gcc at vinc17 dot net
` (2 preceding siblings ...)
2023-05-26 7:28 ` pinskia at gcc dot gnu.org
@ 2023-05-26 7:39 ` rguenth at gcc dot gnu.org
2023-05-26 7:54 ` vincent-gcc at vinc17 dot net
4 siblings, 0 replies; 6+ messages in thread
From: rguenth at gcc dot gnu.org @ 2023-05-26 7:39 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109979
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Last reconfirmed| |2023-05-26
Ever confirmed|0 |1
--- Comment #4 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed. This is the usual "we don't warn when we know nothing" vs. "we warn
if we know a tiny bit" vs. "we have a very good idea" case. From e - 1 we
know the range passed does not include INT_MAX so we warn. For 'e' we know
nothing so we don't - as Andrew says we probably should diagnose this.
If you know the value is in a range that fits s[4] then assert that before
the prints.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/109979] -Wformat-overflow false positive for %d and non-basic expression
2023-05-26 7:17 [Bug c/109979] New: [12 Regression] -Wformat-overflow false positive for %d and non-basic expression vincent-gcc at vinc17 dot net
` (3 preceding siblings ...)
2023-05-26 7:39 ` rguenth at gcc dot gnu.org
@ 2023-05-26 7:54 ` vincent-gcc at vinc17 dot net
4 siblings, 0 replies; 6+ messages in thread
From: vincent-gcc at vinc17 dot net @ 2023-05-26 7:54 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109979
--- Comment #5 from Vincent Lefèvre <vincent-gcc at vinc17 dot net> ---
(In reply to Andrew Pinski from comment #1)
> The warning should happen for both ...
OK (as the documentation says "[...] that might overflow the destination
buffer).
(In reply to Richard Biener from comment #4)
> If you know the value is in a range that fits s[4] then assert that before
> the prints.
I don't think that an assert() will change anything. With MPFR, the code is in
an "else" branch, already with a reduced range. However, this time, I did not
use -O2 to enable VRP (I was working on a different issue, but had to use
-Werror=format to change the behavior of the configure script); that was my
mistake. Then I found the inconsistency between "e" and "e - 1", so I did not
look further.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2023-05-26 7:54 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-05-26 7:17 [Bug c/109979] New: [12 Regression] -Wformat-overflow false positive for %d and non-basic expression vincent-gcc at vinc17 dot net
2023-05-26 7:19 ` [Bug c/109979] " pinskia at gcc dot gnu.org
2023-05-26 7:23 ` [Bug c/109979] " pinskia at gcc dot gnu.org
2023-05-26 7:28 ` pinskia at gcc dot gnu.org
2023-05-26 7:39 ` rguenth at gcc dot gnu.org
2023-05-26 7:54 ` vincent-gcc at vinc17 dot net
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).