On 2/19/19 5:43 PM, Martin Sebor wrote: > I received feedback on the first patch that it doesn't suppress all > the instances of the warning so I've relaxed the checker even more > to avoid the excess instances seen in Elfutils and beefed up > the tests. The top of trunk compiles cleanly now with just > the three instances of -Wformat-truncation=2 that are not > the subject of the two PRs. > > Martin > > On 2/11/19 11:24 AM, Martin Sebor wrote: >> Ping: https://gcc.gnu.org/ml/gcc-patches/2019-02/msg00224.html >> >> (This patch also handles bug 88835.) >> >> On 2/4/19 8:58 PM, Martin Sebor wrote: >>> The attached patch relaxes -Wformat-overflow=2 to avoid warning about >>> individual directives that might (but need not) exceed the 4095 byte >>> limit, and about the total function output that likewise might (but >>> need not) exceed the INT_MAX limit. >>> >>> The bug report actually requests that instead of the standard minimum >>> of 4095 bytes, GCC consider real libc limits, but trying to figure >>> out what these real limits might be (they're not documented anywhere, >>> AFAIK) and hardcoding them into GCC doesn't seem like a good solution. >>> >>> Instead, the patch only does little more than the bare minimum to >>> suppress these pedantic warnings, and it only does that for the "may >>> exceed" cases and not for those where the size of output definitely >>> exceeds either limit. Using the formatted functions to write such >>> large amounts of data seems more likely to be a bug than intentional, >>> and at level 2 issuing the warning seems appropriate unless the return >>> value of the function is tested. When it is, even tough exceeding >>> these limits is strictly undefined, it seems reasonable to assume that >>> a quality libc implementation will detect it and return an error (as >>> required by POSIX). >>> >>> So with the patch, the only way to get this warning is for calls to >>> sprintf or to unchecked snprintf. >>> >>> Martin >> > > > gcc-88993.diff > > PR tree-optimization/88993 - GCC 9 -Wformat-overflow=2 should reflect real > libc limits > PR tree-optimization/88835 - overly aggressive -Werror=format-overflow for > printf > > gcc/ChangeLog: > > PR tree-optimization/88993 > PR tree-optimization/88835 > * gimple-ssa-sprintf.c (sprintf_dom_walker::call_info::is_file_func): > New helper. > (sprintf_dom_walker::call_info::is_string_func): New helper. > (format_directive): Only issue "may exceed" 4095/INT_MAX warnings > for formatted string functions. > (sprintf_dom_walker::compute_format_length): Return HWI_MAX rather than > -1. > (sprintf_dom_walker::handle_gimple_call): Fix a typo in a comment. > > gcc/testsuite/ChangeLog: > > PR tree-optimization/88993 > PR tree-optimization/88835 > * gcc.dg/tree-ssa/builtin-fprintf-warn-2.c: New test. > * gcc.dg/tree-ssa/builtin-printf-warn-2.c: New test. > * gcc.dg/tree-ssa/builtin-snprintf-warn-3.c: Adjust. > * gcc.dg/tree-ssa/builtin-sprintf-warn-18.c: Same. > > Index: gcc/gimple-ssa-sprintf.c > =================================================================== > --- gcc/gimple-ssa-sprintf.c (revision 269022) > +++ gcc/gimple-ssa-sprintf.c (working copy) > @@ -943,6 +943,29 @@ struct sprintf_dom_walker::call_info > { > return bounded ? OPT_Wformat_truncation_ : OPT_Wformat_overflow_; > } > + > + /* Return true for calls to file formatted functions. */ > + bool is_file_func () const > + { > + return (fncode == BUILT_IN_FPRINTF > + || fncode == BUILT_IN_FPRINTF_CHK > + || fncode == BUILT_IN_FPRINTF_UNLOCKED > + || fncode == BUILT_IN_VFPRINTF > + || fncode == BUILT_IN_VFPRINTF_CHK); > + } > + > + /* Return true for calls to string formatted fncodetions. */ I believe fncodetions should be functions :-)
OK with the nit fixed. And yes, I think it would be exceedingly difficult to determine with any reliability what the system limits really are. jeff
