https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120526
Bug ID: 120526
Summary: false negative warning at -O1 -Wall on fprintf %s
Product: gcc
Version: 15.1.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: eblake at redhat dot com
Target Milestone: ---
Created attachment 61566
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=61566&action=edit
demo of the bug
https://gitlab.com/nbdkit/nbdkit/-/merge_requests/97 hit a compiler bug. I've
narrowed it down to the following standalone file, attached.
$ gcc -Wall -o foo -O0 foo.c
$ gcc -Wall -o foo -O1 -DWORKAROUND1 foo.c
$ gcc -Wall -o foo -O1 -DWORKAROUND2 foo.c
$ gcc -Wall -o foo -O1 foo.c
foo.c: In function ‘main’:
foo.c:48:30: warning: ‘%s’ directive argument is null [-Wformat-overflow=]
48 | fprintf (stderr, "oops %s\n", tuples[i].str);
| ^~
$ gcc --version
gcc (GCC) 15.1.1 20250521 (Red Hat 15.1.1-2)
Copyright (C) 2025 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
But clearly tuples[i].str is not NULL. Something about at least two passes
through the for loop where each pass sets pstr == NULL prior to calling f(),
and where the static inline body of f assigns *pstr = str when returning -1,
tricks gcc into thinking that 'r == -1 && pstr == NULL) must imply
tuples[i].str was NULL, when clearly it was not.
