[Asterisk-code-review] main/say: Work around gcc 9 format-truncation false positive (asterisk[13])

Walter Doekes asteriskteam at digium.com
Tue Oct 27 16:38:29 CDT 2020 

Walter Doekes has posted comments on this change. ( https://gerrit.asterisk.org/c/asterisk/+/14501 )

Change subject: main/say: Work around gcc 9 format-truncation false positive
......................................................................


Patch Set 1:

> and I am in 64 bit.

On amd64 regular ints tend to be 32 bits.
```
$ cat 1.c 
int main() {
    int x;
    return sizeof(x);
}
$ ./a.out; echo $?
4
```

@walter, can you double-check the levels you are using by going for NOISY=YES or outputting the whole GCC options? Not that you have set OPTIMIZE as environment variable before you make.

(gcc options)
```
gcc -o say.o -c say.c -MD -MT say.o -MF .say.o.d -MP -pthread -I/usr/src/asterisk/include    -I/usr/include/libxml2  -pipe -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations   -g3 -Werror -Wunused -Wdeclaration-after-statement -Wtrampolines -Wundef -Wmissing-format-attribute -Wformat=2  -O3 -fno-partial-inlining  -march=native -DAST_MODULE=\"core\" -DAST_IN_CORE  
say.c: In function ‘ast_say_number_full_zh’:
say.c:2502:24: error: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size 10 [-Werror=format-truncation=]
 2502 |     snprintf(buf, 10, "%d", num);
      |                        ^~
```
- replacing -O3 with -O2 or -O1 doesn't help
- doing -O0 does help (as well as no-On at all)
- removing -match=native also helps (like mentioned earlier)

(relevant location)
```diff
--- a/main/say.c
+++ b/main/say.c
@@ -2496,7 +2496,11 @@ static int ast_say_number_full_zh(struct ast_channel *chan, int num, const char
                                snprintf(fn, sizeof(fn), "digits/thousand");
                                playt = 0;
                        } else  if (num < 10) {
+#if 0
+                               snprintf(buf, 10, "%hhd", (char)num);
+#else
                                snprintf(buf, 10, "%d", num);
+#endif
                                if (last_length - strlen(buf) > 1 && last_length != 0) {
                                        last_length = strlen(buf);
                                        playz++;
```

(based on)
```
commit 6a0c47237480d750023561b004f2c4052bfab210 (HEAD -> 16)
Author: George Joseph <gjoseph at digium.com>
Date:   Thu May 14 12:24:19 2020 -0600
```

I tried to read some asm.

`say-o1-native.s` (the troublesome one) does:
```
    .loc 1 2498 11 is_stmt 1 view .LVU17431
    .loc 1 2498 14 is_stmt 0 view .LVU17432
    cmpl    $9, %ebx
    .p2align 4,,2
    jle .L4703
    .loc 1 2511 11 is_stmt 1 view .LVU17433
    .loc 1 2511 14 is_stmt 0 view .LVU17434
    cmpl    $99, %ebx
    .p2align 4,,2
    jle .L4704
...

.L4703:
    .loc 1 2502 5 is_stmt 1 view .LVU17476
.LBB4632:
.LBI4632:
    .loc 3 64 1 view .LVU17477
.LBB4633:
    .loc 3 67 3 view .LVU17478
    .loc 3 67 10 is_stmt 0 view .LVU17479
    leaq    48(%rsp), %rbp
.LVL8105:
    .loc 3 67 10 view .LVU17480
    movl    %ebx, %r9d
    leaq    .LC176(%rip), %r8
    movl    $20, %ecx
    movl    $1, %edx
    movl    $10, %esi
    movq    %rbp, %rdi
    movl    $0, %eax
    call    __snprintf_chk at PLT

```
Where it appears ebx holds num. But I haven't got the faintest idea why (or why not) it would assume that it might be larger in this case.

Compared to `say-o1-nonative.s` (no trouble):
```
    .loc 1 2498 11 is_stmt 1 view .LVU15708
    .loc 1 2498 14 is_stmt 0 view .LVU15709
    cmpl    $9, %ebp
    jle .L4245
    .loc 1 2511 11 is_stmt 1 view .LVU15710
    .loc 1 2511 14 is_stmt 0 view .LVU15711
    cmpl    $99, %ebp
    jle .L4246
...

.L4245:
    .loc 1 2502 5 is_stmt 1 view .LVU15756
.LBB4808:
.LBI4808:
    .loc 4 64 1 view .LVU15757
.LBB4809:
    .loc 4 67 3 view .LVU15758
    .loc 4 67 10 is_stmt 0 view .LVU15759
    leaq    32(%rsp), %rbx
.LVL6969:
    .loc 4 67 10 view .LVU15760
    movl    %ebp, %r9d
    leaq    .LC176(%rip), %r8
    movl    $20, %ecx
    movl    $1, %edx
    movl    $10, %esi
    movq    %rbx, %rdi
    movl    $0, %eax
    call    __snprintf_chk at PLT
```
Here num appears to be in ebp.

No helpful clues there I suppose..

gcc version is still: gcc (Ubuntu 9.3.0-10ubuntu2) 9.3.0


-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/14501
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Change-Id: Ic7a70120188c9aa525a6d70289385bfce878438a
Gerrit-Change-Number: 14501
Gerrit-PatchSet: 1
Gerrit-Owner: Walter Doekes <walter+asterisk at wjd.nu>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-CC: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Comment-Date: Tue, 27 Oct 2020 21:38:29 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20201027/6a9b4a5e/attachment-0001.html>

More information about the asterisk-code-review mailing list