https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88251
Bug ID: 88251 Summary: -Wformat-truncation=2 false alarms when compiling gzip, Emacs Product: gcc Version: 8.2.1 Status: UNCONFIRMED Severity: normal Priority: P3 Component: middle-end Assignee: unassigned at gcc dot gnu.org Reporter: eggert at cs dot ucla.edu Target Milestone: --- -Wformat-truncation can falsely report a buffer overflow in code that is trying to be careful and catch overflows before they happen. Although this bug report seems related to Bug#83431, strlen is not involved so it seems to be simpler or lower-level than Bug#83431. I ran into this problem when trying to compile an experimental version of Emacs, and Jim Meyering ran into a similar problem when trying to build GNU gzip <https://debbugs.gnu.org/32025>. I observed the problem in GCC 8.2.1 20181105 (Red Hat 8.2.1-5). To reproduce the problem, use the command: gcc -O2 -S -Wformat-truncation=2 strerror_r.i to compile this program: typedef unsigned long size_t; extern int snprintf (char *__restrict, size_t, const char *__restrict __format, ...) __attribute__ ((__nothrow__)) __attribute__ ((__format__ (__printf__, 3, 4))); int rpl_strerror_r (int errnum, char *buf, size_t buflen) { if (buflen <= 1) return 34; return snprintf (buf, buflen, "Unknown error %d", errnum); } GCC incorrectly reports a diagnostic, as follows. strerror_r.i: In function ‘rpl_strerror_r’: strerror_r.i:11:36: warning: ‘Unknown error ’ directive output truncated writing 14 bytes into a region of size 2 [-Wformat-truncation=] return snprintf (buf, buflen, "Unknown error %d", errnum); ~~^~~~~~~~~~~~ strerror_r.i:11:10: note: ‘snprintf’ output between 16 and 26 bytes into a destination of size 2 return snprintf (buf, buflen, "Unknown error %d", errnum); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Somehow GCC gets confused into thinking that buflen == 2 in the last printf call. However, the correct assumption is that buflen >= 2.