https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104922
Bug ID: 104922
Summary: bogus -Wformat-overflow=2 due to missing range for
related variables
Product: gcc
Version: 12.0
Status: UNCONFIRMED
Keywords: diagnostic, lto
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
CC: amacleod at redhat dot com, marxin at gcc dot gnu.org,
msebor at gcc dot gnu.org, unassigned at gcc dot gnu.org
Depends on: 104746
Target Milestone: ---
+++ This bug was initially created as a clone of Bug #104746 +++
As mentioned in bug 104746 comment 5, the following test case triggers
-Wformat-overflow (level 2) due to the constraint on i and j not being fully
exposed to the warning (each directive on its own can produce at most two
bytes/digits, but when one does produce two digits the other must produce
exactly one, so the output must fit in four bytes). The same limitation
affects string directives with strings of bounded lengths.
As Andrew explains in bug 104746 comment 13, this can be improved in Ranger,
and should be made use of to avoid the warning.
char a[4];
void f (int i, int j)
{
if (i < 0 || j < 0 || i + j > 19)
return;
__builtin_sprintf (a, "%u%u", i, j);
}
a.c: In function ‘f’:
a.c:8:26: warning: ‘%u’ directive writing between 1 and 10 bytes into a region
of size 4 [-Wformat-overflow=]
8 | __builtin_sprintf (a, "%u%u", i, j);
| ^~
a.c:8:25: note: using the range [0, 4294967295] for directive argument
8 | __builtin_sprintf (a, "%u%u", i, j);
| ^~~~~~
a.c:8:25: note: using the range [0, 4294967295] for directive argument
a.c:8:3: note: ‘__builtin_sprintf’ output between 3 and 21 bytes into a
destination of size 4
8 | __builtin_sprintf (a, "%u%u", i, j);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104746
[Bug 104746] False positive for -Wformat-overflow=2 since
r12-7033-g3c9f762ad02f398c
