This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
[5.0] PR60194 [c-family] add -Wformat-signedness to warn about %d/%u signedness mismatch
- From: Tobias Burnus <tobias dot burnus at physik dot fu-berlin dot de>
- To: gcc-patches at gcc dot gnu dot org
- Date: Tue, 18 Feb 2014 17:17:52 +0100
- Subject: [5.0] PR60194 [c-family] add -Wformat-signedness to warn about %d/%u signedness mismatch
- Authentication-results: sourceware.org; auth=none
This patch adds a warning to -Wformat=2, which can also be used as
-Wformat -Wformat-signedness and which warns when the signedness
of the argument doesn't match the one of %x/%u/%d/%i/...
That was motivated by a check of cppcheck, which found some issues
in a bigger code.
Bootstrapped and regtested on x86-64-gnu-linux.
OK when Stage 1 opens again?
Tobias
2014-02-18 Tobias Burnus <burnus@net-b.de>
PR c/60194
gcc/c-family/
* c.opt (Wformat-signedness): Add
* c-format.c(check_format_types): Use it.
gcc/
* doc/invoke.texi (-Wformat-signedness): Document it.
(Wformat=2): Mention that this enables -Wformat-signedness.
gcc/testsuite/:
* g++.dg/warn/warn_format_signedness.C: New.
* gcc.dg/format/warn-signedness.c
diff --git a/gcc/c-family/c-format.c b/gcc/c-family/c-format.c
index cdc09c4..4c0313d 100644
--- a/gcc/c-family/c-format.c
+++ b/gcc/c-family/c-format.c
@@ -2418,7 +2418,9 @@ check_format_types (format_wanted_type *types)
a second level of indirection. */
if (TREE_CODE (wanted_type) == INTEGER_TYPE
&& TREE_CODE (cur_type) == INTEGER_TYPE
- && (!pedantic || i == 0 || (i == 1 && char_type_flag))
+ && ((!pedantic && !warn_format_signedness)
+ || (i == 0 && !warn_format_signedness)
+ || (i == 1 && char_type_flag))
&& (TYPE_UNSIGNED (wanted_type)
? wanted_type == c_common_unsigned_type (cur_type)
: wanted_type == c_common_signed_type (cur_type)))
diff --git a/gcc/c-family/c.opt b/gcc/c-family/c.opt
index aad54e2..7fa6381 100644
--- a/gcc/c-family/c.opt
+++ b/gcc/c-family/c.opt
@@ -415,6 +415,10 @@ Wformat-security
C ObjC C++ ObjC++ Var(warn_format_security) Warning LangEnabledBy(C ObjC C++ ObjC++,Wformat=, warn_format >= 2, 0)
Warn about possible security problems with format functions
+Wformat-signedness
+C ObjC C++ ObjC++ Var(warn_format_signedness) Warning LangEnabledBy(C ObjC C++ ObjC++,Wformat=, warn_format >= 2, 0)
+Warn about sign differences with format functions
+
Wformat-y2k
C ObjC C++ ObjC++ Var(warn_format_y2k) Warning LangEnabledBy(C ObjC C++ ObjC++,Wformat=,warn_format >= 2, 0)
Warn about strftime formats yielding 2-digit years
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index 4d1b657..ab8101d 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -246,7 +246,7 @@ Objective-C and Objective-C++ Dialects}.
-Wno-endif-labels -Werror -Werror=* @gol
-Wfatal-errors -Wfloat-equal -Wformat -Wformat=2 @gol
-Wno-format-contains-nul -Wno-format-extra-args -Wformat-nonliteral @gol
--Wformat-security -Wformat-y2k @gol
+-Wformat-security -Wformat-signedness -Wformat-y2k @gol
-Wframe-larger-than=@var{len} -Wno-free-nonheap-object -Wjump-misses-init @gol
-Wignored-qualifiers @gol
-Wimplicit -Wimplicit-function-declaration -Wimplicit-int @gol
@@ -3564,7 +3564,7 @@ The C standard specifies that zero-length formats are allowed.
@opindex Wformat=2
Enable @option{-Wformat} plus additional format checks. Currently
equivalent to @option{-Wformat -Wformat-nonliteral -Wformat-security
--Wformat-y2k}.
+-Wformat-signedness -Wformat-y2k}.
@item -Wformat-nonliteral
@opindex Wformat-nonliteral
@@ -3586,6 +3586,12 @@ currently a subset of what @option{-Wformat-nonliteral} warns about, but
in future warnings may be added to @option{-Wformat-security} that are not
included in @option{-Wformat-nonliteral}.)
+@item -Wformat-signedness
+@opindex Wformat-signedness
+@opindex Wno-format-signedness
+If @option{-Wformat} is specified, also warn if the format string
+requires an unsigned argument and the argument is signed and vice versa.
+
@item -Wformat-y2k
@opindex Wformat-y2k
@opindex Wno-format-y2k
diff --git a/gcc/testsuite/g++.dg/warn/warn_format_signedness.C b/gcc/testsuite/g++.dg/warn/warn_format_signedness.C
new file mode 100644
index 0000000..473d522
--- /dev/null
+++ b/gcc/testsuite/g++.dg/warn/warn_format_signedness.C
@@ -0,0 +1,11 @@
+/* { dg-do compile } */
+/* { dg-options "-Wformat -Wformat-signedness" } */
+
+/* PR c/60194 */
+
+void foo(unsigned u, int i, unsigned char uc, signed char sc) {
+ __builtin_printf("%d\n", u); /* { dg-warning "expects argument of type 'int', but argument 2 has type 'unsigned int'" } */
+ __builtin_printf("%u\n", i); /* { dg-warning "expects argument of type 'unsigned int', but argument 2 has type 'int'" } */
+ __builtin_printf("%c\n", sc);
+ __builtin_printf("%c\n", uc);
+}
diff --git a/gcc/testsuite/gcc.dg/format/warn-signedness.c b/gcc/testsuite/gcc.dg/format/warn-signedness.c
new file mode 100644
index 0000000..473d522
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/format/warn-signedness.c
@@ -0,0 +1,11 @@
+/* { dg-do compile } */
+/* { dg-options "-Wformat -Wformat-signedness" } */
+
+/* PR c/60194 */
+
+void foo(unsigned u, int i, unsigned char uc, signed char sc) {
+ __builtin_printf("%d\n", u); /* { dg-warning "expects argument of type 'int', but argument 2 has type 'unsigned int'" } */
+ __builtin_printf("%u\n", i); /* { dg-warning "expects argument of type 'unsigned int', but argument 2 has type 'int'" } */
+ __builtin_printf("%c\n", sc);
+ __builtin_printf("%c\n", uc);
+}