-Wno-format is not honored

Bug #1317305 reported by Steve Beattie on 2014-05-07
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gcc-4.8 (Ubuntu)
Undecided
Unassigned
Nominated for Trusty by Steve Beattie
gcc-4.9 (Ubuntu)
Undecided
Unassigned
Nominated for Trusty by Steve Beattie

Bug Description

Due to the way the gcc-default-format-security patch is implemented in gcc-4.8, disabling format warnings does not work:

  $ cat format-extra-args.c
  #include <stdio.h>

  /* printf extra arguments example */
  int main(void)
  {
        printf("%s\n", "argument 1", "argument 2");

        return 0;
  }
  $ gcc -Wall -O2 -o format-off format-extra-args.c -Wno-format
  format-extra-args.c: In function 'main':
  format-extra-args.c:12:2: warning: too many arguments for format [-Wformat-extra-args]
    printf("%s\n", "argument 1", "argument 2");
    ^

Earlier versions of gcc allowed disabling warnings correctly.

Steve Beattie (sbeattie) wrote :

Here is an updated version of the gcc-default-format-security.diff patch that enables -Wformat=1 and -Wformat-security by default, but honors users' -Wformat arguments to override the default.

This fixes the following gcc testcase failures:

-FAIL: gcc.dg/format/nonlit-2.c -Wformat=0 non-literal (test for warnings, line 11)
-FAIL: gcc.dg/format/nonlit-2.c -Wformat=0 non-literal (test for warnings, line 12)
-FAIL: gcc.dg/format/nonlit-2.c -DWIDE -Wformat=0 non-literal (test for warnings, line 11)
-FAIL: gcc.dg/format/nonlit-2.c -DWIDE -Wformat=0 non-literal (test for warnings, line 12)
-FAIL: gcc.dg/format/opt-1.c -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-1.c -DWIDE -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-2.c -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-2.c -DWIDE -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-3.c -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-3.c -DWIDE -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-4.c -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-4.c -DWIDE -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-5.c -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-5.c -DWIDE -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-6.c -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/opt-6.c -DWIDE -Wformat=0 ignored (test for warnings, line )
-FAIL: gcc.dg/format/plus-1.c -Wformat=0 non-constant addend (test for warnings, line 16)
-FAIL: gcc.dg/format/plus-1.c -Wformat=0 minus constant (test for warnings, line 18)
-FAIL: gcc.dg/format/plus-1.c -Wformat=0 negative addend (test for warnings, line 19)
-FAIL: gcc.dg/format/plus-1.c -DWIDE -Wformat=0 non-constant addend (test for warnings, line 16)
-FAIL: gcc.dg/format/plus-1.c -DWIDE -Wformat=0 minus constant (test for warnings, line 18)
-FAIL: gcc.dg/format/plus-1.c -DWIDE -Wformat=0 negative addend (test for warnings, line 19)

Note that this patch is for gcc-4.9 and applies on top of the modified patch to enable -fstack-protector-strong by default in bug 1317307. I'll prepare a patch for gcc-4.8 for use in an SRU in a bit.

I've also added tests to lp:qa-regression-testing to ensure that passed command line arguments are honored over the default.

The attachment "gcc-default-format-security.diff" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Steve Beattie (sbeattie) wrote :

And here's the version for gcc-4.8, verified to address the issue there, suitable for an SRU to trusty (and saucy).

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gcc-4.8 - 4.8.2-23ubuntu1

---------------
gcc-4.8 (4.8.2-23ubuntu1) utopic; urgency=medium

  * Merge with Debian; remaining changes:
    - Build from the upstream source.

gcc-4.8 (4.8.2-23) unstable; urgency=medium

  * GCC 4.8.3 release candidate 1.
  * Update to SVN 20140516 (r210514) from the gcc-4_8-branch.
  * Apply the proposed patch for PR driver/61126.
  * Update the libstdc++v-python3 patch. Closes: #748317.
  * Update the gcc-default-format-security patch (Steve Beattie). LP: #1317305.

gcc-4.8 (4.8.2-22) unstable; urgency=medium

  * Update to SVN 20140508 (r210209) from the gcc-4_8-branch.
  * Install only versioned gcc-ar gcc-nm gcc-ranlib binaries for the hppa64
    cross compiler, update hppa64 alternatives. Closes: #745967.
  * Fix the as and ld symlinks for the hppa64 cross compiler.
  * Ensure that the common libs (built from the next GCC version) are
    available when building without common libs.
  * Fix java.security symlink in libgcj14. Closes: #746786.
  * Move the libstdc++ gdb pretty printers into libstdc++6, install the
    -gdb.py files into /usr/share/gdb/auto-load.
  * Set the 'Multi-Arch: same' attribute for packages, cross built with
    with_deps_on_target_arch_pkgs=yes (Helmit Grohne). Closes: #716795.
  * Build the gcc-X.Y-base package with with_deps_on_target_arch_pkgs=yes
    (Helmit Grohne). Closes: #744782.
  * Apply the proposed patch for PR driver/61106. Closes: #747345.
 -- Matthias Klose <email address hidden> Sun, 18 May 2014 15:20:05 +0200

Changed in gcc-4.8 (Ubuntu):
status: New → Fix Released
Matthias Klose (doko) wrote :

the 4.9 patch doesn't apply. Please include the patch without the -fstack-protector-strong changes

Changed in gcc-4.9 (Ubuntu):
status: New → Incomplete
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gcc-4.9 - 4.9.0-4ubuntu4

---------------
gcc-4.9 (4.9.0-4ubuntu4) utopic; urgency=medium

  * Update to SVN 20140520 (r210646) from the gcc-4_9-branch.
  * Revert the fix for PR rtl-optimization/60969, causing bootstrap failure
    on ppc64el.
 -- Matthias Klose <email address hidden> Tue, 20 May 2014 18:01:45 +0200

Changed in gcc-4.9 (Ubuntu):
status: Incomplete → Fix Released
Steve Beattie (sbeattie) wrote :

This was fixed correctly in gcc-4.8 (in utopic), but not in gcc-4.9:

  $ cat format-extra-args.c
  #include <stdio.h>

  /* printf extra arguments example */
  int main(void)
  {
        printf("%s\n", "argument 1", "argument 2");

        return 0;
  }
  $ gcc-4.9 --version
  gcc-4.9 (Ubuntu 4.9.0-4ubuntu4) 4.9.0
  Copyright (C) 2014 Free Software Foundation, Inc.
  This is free software; see the source for copying conditions. There is NO
  warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

  $ gcc-4.9 -O2 -o format-off format-extra-args.c -Wno-format
  format-extra-args.c: In function ‘main’:
  format-extra-args.c:12:2: warning: too many arguments for format [-Wformat-extra-args]
    printf("%s\n", "argument 1", "argument 2");
    ^

With the fixed version in gcc-4.8, the output should look like so

  $ gcc-4.8 --version
  gcc-4.8 (Ubuntu 4.8.2-23ubuntu1) 4.8.2
  Copyright (C) 2013 Free Software Foundation, Inc.
  This is free software; see the source for copying conditions. There is NO
  warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

  $ gcc-4.8 -O2 -o format-off format-extra-args.c -Wno-format
  $

gcc-4.9 still needs the attached patch applied.

Changed in gcc-4.9 (Ubuntu):
status: Fix Released → Confirmed
Steve Beattie (sbeattie) wrote :

Also, if there's an upcoming SRU for gcc-4.8 in trusty, it's probably worth including the fix for gcc-4.8 there; I'm not sure it warrants an SRU on its own.

Am 22.05.2014 20:14, schrieb Steve Beattie:
> Also, if there's an upcoming SRU for gcc-4.8 in trusty, it's probably
> worth including the fix for gcc-4.8 there; I'm not sure it warrants an
> SRU on its own.

I'm planning to get 4.8.3 into trusty.

Matthias Klose (doko) on 2014-05-30
Changed in gcc-4.9 (Ubuntu):
status: Confirmed → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gcc-4.9 - 4.9.0-5ubuntu2

---------------
gcc-4.9 (4.9.0-5ubuntu2) utopic; urgency=medium

  * Update to SVN 20140530 (r211080) from the gcc-4_9-branch.
  * Fix -Wno-format when -Wformat-security is the default (Steve Beattie).
    LP: #1317305.
 -- Matthias Klose <email address hidden> Fri, 30 May 2014 16:10:11 +0200

Changed in gcc-4.9 (Ubuntu):
status: In Progress → Fix Released

Hello Steve, or anyone else affected,

Accepted gcc-4.8 into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gcc-4.8/4.8.4-2ubuntu1~14.04 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-needed
Steve Beattie (sbeattie) wrote :

I've reproduced the issue with gcc-4.8 4.8.2-19ubuntu1 in trusty, and verified that gcc-4.8 4.8.4-2ubuntu1~14.04 from trusty-proposed fixes the issue. I've also run the test-gcc-security.py script from lp:qa-regression-testing (which also has a test for this issue) and the version in trusty-proposed passes all the tests there. Marking verification-done. Thanks!

tags: added: verification-done
removed: verification-needed

The verification of the Stable Release Update for gcc-4.8 has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers