https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113752
Jeffrey A. Law changed:
What|Removed |Added
CC||law at gcc dot gnu.org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113752
--- Comment #7 from Jakub Jelinek ---
Anyway, I think the testcase is very similar to
char a[256], *c, *g;
int
foo (void)
{
if (__builtin_strlen (c) + __builtin_strlen (g) + 5 > 256)
return 0;
__builtin_sprintf (a, "abcd%s%s", c, g);
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113752
--- Comment #6 from H.J. Lu ---
I can reproduce it with r14-8930-g1e94648ab7b370
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113752
--- Comment #5 from Jakub Jelinek ---
That said, the math at least in the reduced testcase is weird.
%d output is at most 11 bytes - strlen ("-2147483648"), + 9 other chars, so
that
is 42, not 32. But even using + 42 in there instead of 32
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113752
Jakub Jelinek changed:
What|Removed |Added
CC||jakub at gcc dot gnu.org
--- Comment
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113752
Aldy Hernandez changed:
What|Removed |Added
CC|aldyh at redhat dot com|
--- Comment #3 from Aldy
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113752
--- Comment #2 from H.J. Lu ---
[hjl@gnu-skx-1 gcc]$ cat /tmp/foo.i
char a[10256];
char b;
char *c, *g;
int d, e, f;
int sprintf(char *, char *, ...);
unsigned long strlen(char *);
int h(char *j) {
if (strlen(j) + strlen(c) + strlen(g) + 32 >
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113752
H.J. Lu changed:
What|Removed |Added
Ever confirmed|0 |1
Last reconfirmed|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113752
Andrew Pinski changed:
What|Removed |Added
Keywords||needs-bisection,
|
