From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id A2E8A384B009; Mon, 14 Dec 2020 19:05:57 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A2E8A384B009 From: "ishikawa at yk dot rim.or.jp" To: gcc-bugs@gcc.gnu.org Subject: [Bug tree-optimization/98281] New: - -Wformat-truncation false positive due to excessive integer range Date: Mon, 14 Dec 2020 19:05:57 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: tree-optimization X-Bugzilla-Version: 10.2.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: ishikawa at yk dot rim.or.jp X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gcc-bugs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-bugs mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 19:05:57 -0000 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D98281 Bug ID: 98281 Summary: - -Wformat-truncation false positive due to excessive integer range Product: gcc Version: 10.2.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: tree-optimization Assignee: unassigned at gcc dot gnu.org Reporter: ishikawa at yk dot rim.or.jp Target Milestone: --- Created attachment 49763 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=3D49763&action=3Dedit Code that triggered the error. Actually there was bug 94021 but that was for 9.2.1, and this is with 10.2.= 0, and the error is subtly different. So I am submitting this bug entry. Compared with the example in bug 94021 comment 4, the bug is slightly different. gcc --version gcc (Debian 10.2.0-19) 10.2.0 The source code is from mozilla's thunderbird. The error I observed is: In file included from Unified_c_libical_src_libical1.c:20: /NEW-SSD/NREF-COMM-CENTRAL/mozilla/comm/calendar/libical/src/libical/icalva= lue.c: In function =E2=80=98icalvalue_utcoffset_as_ical_string_r=E2=80=99: /NEW-SSD/NREF-COMM-CENTRAL/mozilla/comm/calendar/libical/src/libical/icalva= lue.c:897:20: error: =E2=80=98%02d=E2=80=99 directive output may be truncated writing bet= ween 2 and 6 bytes into a region of size between 2 and 4 [-Werror=3Dformat-truncation=3D] 897 | snprintf(str,9,"%c%02d%02d%02d",sign,abs(h),abs(m),abs(s)); | ^~~~~~~~~~~~~~~~ /NEW-SSD/NREF-COMM-CENTRAL/mozilla/comm/calendar/libical/src/libical/icalva= lue.c:897:20: note: directive argument in the range [1, 338339] In file included from /usr/include/stdio.h:867, from /NEW-SSD/moz-obj-dir/objdir-tb3/dist/system_wrappers/stdio.h:3, from /NEW-SSD/NREF-COMM-CENTRAL/mozilla/comm/calendar/libical/src/libical/icalti= mezone.c:34, from Unified_c_libical_src_libical1.c:2: /usr/include/x86_64-linux-gnu/bits/stdio2.h:67:10: note: =E2=80=98__builtin___snprintf_chk=E2=80=99 output between 8 and 14 bytes in= to a destination of size 9 67 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - = 1, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~= ~~ 68 | __bos (__s), __fmt, __va_arg_pack ()); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 This does not make sense, since the value(s) ought to be constrained to fit into the final string. Also, I am not sure what this [1, 338339] is valid for WHICH variable. The code snippet from the affected function: Sorry, I could no reproduce the problem with a simplified source code. There must be an optimization issue involved. --- begin quote=20 static char* icalvalue_utcoffset_as_ical_string_r(const icalvalue* value) { int data,h,m,s; char sign; char* str; if(!((value!=3D0))) { icalerror_set_errno(ICAL_BADARG_ERROR); return 0;= }; str =3D (char*)icalmemory_new_buffer(9); data =3D icalvalue_get_utcoffset(value); if (abs(data) =3D=3D data){ sign =3D '+'; } else { sign =3D '-'; } if (data >=3D 3600 * 24 || data <=3D - 3600 * 24) { snprintf(str,9,"+0000"); return str; } if(data < 0) data =3D - data; h =3D data/3600; m =3D (data - (h*3600))/ 60; s =3D (data - (h*3600) - (m*60)); if (s > 0) snprintf(str,9,"%c%02d%02d%02d",sign,abs(h),abs(m),abs(s)); else snprintf(str,9,"%c%02d%02d",sign,abs(h),abs(m)); return str; } --- end quote The intention is that the following conditions hold before snprintf is invo= ked. h is in [0, 24) m is in [0, 60) s is in [0, 60) I wonder where "[1, 338339]" comes from. Yes, I know the original code does something funny like abs(data) =3D=3D da= ta, The preprocessed source file is in the attachment. The command script to compile the source file is in another comment.=