From: Richard Henderson <richard.henderson@linaro.org>
To: "Philippe Mathieu-Daudé" <philmd@redhat.com>, qemu-devel@nongnu.org
Cc: qemu-trivial@nongnu.org, Kevin Wolf <kwolf@redhat.com>,
qemu-block@nongnu.org, Max Reitz <mreitz@redhat.com>
Subject: Re: [PATCH 6/6] qemu-io-cmds: Silent GCC9 format-overflow warning
Date: Wed, 18 Dec 2019 09:21:45 -1000 [thread overview]
Message-ID: <eeb1a68a-82cc-00ea-5a42-20fb260500af@linaro.org> (raw)
In-Reply-To: <ac01ca89-ad58-a6f4-e33f-c1dcc4e0ad90@redhat.com>
On 12/18/19 7:45 AM, Philippe Mathieu-Daudé wrote:
> On 12/18/19 5:15 AM, Richard Henderson wrote:
>> On 12/17/19 7:34 AM, Philippe Mathieu-Daudé wrote:
>>> GCC9 is confused when building with CFLAG -O3:
>>>
>>> In function ‘help_oneline’,
>>> inlined from ‘help_all’ at qemu-io-cmds.c:2414:9,
>>> inlined from ‘help_f’ at qemu-io-cmds.c:2424:9:
>>> qemu-io-cmds.c:2389:9: error: ‘%s’ directive argument is null
>>> [-Werror=format-overflow=]
>>> 2389 | printf("%s ", ct->name);
>>> | ^~~~~~~~~~~~~~~~~~~~~~~
>>>
>>> Audit shows this can't happen. Give a hint to GCC adding an
>>> assert() call.
>>
>> This deserves more investigation. From my glance it appears you are right --
>> and moreover impossible for gcc to have come to this conclusion. Which begs
>> the question of how that is.
>
> New entries are added to cmdtab[] in qemuio_add_command() which is public (also
> called in qemu-io.c). So you can insert a cmdinfo_t with a name being NULL.
> This is why I thought GCC was correct first, and I tried:
>
> -- >8 --
> --- a/qemu-io-cmds.c
> +++ b/qemu-io-cmds.c
> @@ -42,6 +42,7 @@ void qemuio_add_command(const cmdinfo_t *ci)
> * Catch it now rather than letting it manifest as a crash if a
> * particular set of command line options are used.
> */
> + assert(ci->name);
> assert(ci->perm == 0 ||
> (ci->flags & (CMD_FLAG_GLOBAL | CMD_NOFILE_OK)) == 0);
> cmdtab = g_renew(cmdinfo_t, cmdtab, ++ncmds);
> ---
>
> But this didn't fix the warning... So I moved the assert() in the other location.
>
>>
>> Did you file a gcc bug report?
>
> No because I'm not sure this is a bug, but if you confirm I'll file one :)
The error message is not saying the value *might* be null, but that it *is*
null. That is, the compiler thinks that it has proven the value can be no
other value than null.
Can I assume that you've tested this particular code path, rather than merely
removed the Werror?
If the compiler really is "proving" that the value must be null, then the
assert should be transformed to assert(false), and qemu will abort at runtime.
In this case, the reason why the Werror went away is that the printf is
removed as unreachable beforehand.
But of course the value assigned in qemuio_add_command is truly variable, and
since -O3 does not imply -flto the compiler cannot have proven to see all
callers. So it follows that the compiler should not have proven that the value
is null.
So there *must* be a compiler bug. The only question is whether it is isolated
to the printf warning or if it goes further into value propagation and wrong
code generation.
r~
prev parent reply other threads:[~2019-12-18 19:22 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-17 17:34 [PATCH 0/6] Fix more GCC9 -O3 warnings Philippe Mathieu-Daudé
2019-12-17 17:34 ` [PATCH 1/6] audio/audio: Add missing fall through comment Philippe Mathieu-Daudé
2019-12-18 3:45 ` Richard Henderson
2019-12-18 8:02 ` Aleksandar Markovic
2019-12-18 10:22 ` Philippe Mathieu-Daudé
2019-12-17 17:34 ` [PATCH 2/6] hw/display/tcx: Add missing fall through comments Philippe Mathieu-Daudé
2019-12-18 3:57 ` Richard Henderson
2019-12-18 7:54 ` Aleksandar Markovic
2019-12-18 10:23 ` Philippe Mathieu-Daudé
2019-12-17 17:34 ` [PATCH 3/6] hw/net/imx_fec: Rewrite " Philippe Mathieu-Daudé
2019-12-17 17:55 ` Thomas Huth
2019-12-18 19:35 ` Thomas Huth
2019-12-18 3:45 ` Richard Henderson
2019-12-18 8:00 ` Aleksandar Markovic
2019-12-17 17:34 ` [PATCH 4/6] hw/timer/aspeed_timer: Add a fall through comment Philippe Mathieu-Daudé
2019-12-17 17:54 ` Cédric Le Goater
2019-12-18 8:26 ` Aleksandar Markovic
2019-12-17 17:34 ` [PATCH 5/6] hw/scsi/megasas: Silent GCC9 duplicated-cond warning Philippe Mathieu-Daudé
2019-12-18 4:03 ` Richard Henderson
2019-12-18 17:52 ` Philippe Mathieu-Daudé
2019-12-18 19:02 ` Richard Henderson
2020-01-07 14:56 ` Paolo Bonzini
2020-01-07 16:20 ` Hannes Reinecke
2019-12-17 17:34 ` [PATCH 6/6] qemu-io-cmds: Silent GCC9 format-overflow warning Philippe Mathieu-Daudé
2019-12-18 4:15 ` Richard Henderson
2019-12-18 17:45 ` Philippe Mathieu-Daudé
2019-12-18 19:21 ` Richard Henderson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=eeb1a68a-82cc-00ea-5a42-20fb260500af@linaro.org \
--to=richard.henderson@linaro.org \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=philmd@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-trivial@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).