EPICS Base

Bug #1905159
Comment #15

Comment 15 for bug 1905159

Revision history for this message

Jerzy Tarasiuk (tarasiukj) wrote on 2021-06-16:

#15

EPICS base compilation warnings for 3 Ubuntu versions Edit (6.6 KiB, application/zip)

I have tried EPICS base compilation on three different
Ubuntu versions (using LTS = Long Term Support ones only):

Ubuntu 16.04 = GCC and G++ 5.5.0, make 4.1, perl v5.22.1

Ubuntu 18.04 = gcc/g++ 7.3.0, make 4.1, perl v5.26.1
(there is a gcc 7.5.0 available, but this
lower version was used for the compilation)

Ubuntu 20.04 = gcc/g++ 9.3.0, make 4.2.1, perl v5.30.0

The base could be compiled on every of them; hoever,
the newer Ubuntu version was used, the more warnings
were produced during the compilation.

I wrote a bug report about warnings showing that some
Perl script could not be fount (it came out that it was
on the beginning of the compilation only and later
the script was used, and it was on every Ubuntu version);
here I am saying about some other warnings I was getting.

One of them was warning about a possibility of buffer
overflow: it was not shown on Ubuntu 16.04, it was shown
for modules/pvAccess/testApp/remote/testServer.cpp
function createNTTable declares char sbuf[16] and uses
a format which can consume more buffer space, at least
theoretically, as the columnsCount is probably small,
so the format may specify %hd instead %d (max=32767).

This warning is shown for Ubuntu 18 and 20, on 18 it is
reported for the first line of the function, on 20 for
the line containing the sprintf.

On all three Ubuntu-s 8 deprecated declarations are
reported.

On the newest only 4 warnings about output truncated
are shown - possibly they are caused by strncpy
(inlined from string.h), however when I tried to get
such a warning from a simple .cpp program, compiling it
using g++ with -Wall -Wstringop-truncation it was not
shown; such a warning are for:
modules/libcom/src/osi/epicsTime.cpp in lines 668 and 680
modules/libcom/src/osi/osiSock.c in line 76
modules/database/src/ioc/dbStatic/dbStaticLib.c in lines
663, 730 and 745 (one common warning for 3 places - but
for the last file I do not see the strcpy there - maybe
functions were inlined and lines are shown incorrectly)

As well as I understand it, such a warning means that
a string used as source for strncpy will _always_ be
truncated (i.e. the compiler predicts it) - sometimes
a string of a length 1 is to be copied without its
terminator and the compiler warns about it!

An alarmistic warning (without a real reason) is shown
for modules/libcom/test/epicsStackTraceTest.c line 96.
The compiles sees that 'sz' gets source length, but
overlooks the fact that it is changed when it exceeds
space in the destination; maybe some change can help?
Unfortunately, when I extracted the code from the EPICS
and compiled it alone, no warning was shown.

Well: to show the warning, I need to use options:
-O3 -Wall -Werror-implicit-function-declaration
(the last is not needed in this case; -Wpedantic
and -Wextra can be used, the warning is the same).

Now I tried the code from the EPICS and some modified
- no luck, I am still getting the warning. The code:

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <ctype.h>

typedef struct { char buf[40]; size_t pos; } TDD, *TestData;

static void logClient(void *ptr, const char *msg)
{
    TestData td = ptr;
    size_t sz = strlen(msg);
    size_t mx = sizeof(td->buf) - td->pos - 1;

    if ( sz > mx )
        sz = mx;
    strncpy( td->buf+td->pos, msg, sz );
    td->pos += sz;
}

int main(int argc, char *argv[]) {
  int ai; TestData td = calloc(sizeof(TDD), 1);
  for (ai=1; ai<argc; ai++) logClient(td, argv[ai]);
  printf("%.*s\n", (int)td->pos, td->buf);
  return 0;
}

Are we to assume there is a GCC bug?

I have tried EPICS base compilation on three different
Ubuntu versions (using LTS = Long Term Support ones only):

Ubuntu 16.04 = GCC and G++ 5.5.0, make 4.1, perl v5.22.1

Ubuntu 18.04 = gcc/g++ 7.3.0, make 4.1, perl v5.26.1
            (there is a gcc 7.5.0 available, but this
             lower version was used for the compilation)

Ubuntu 20.04 = gcc/g++ 9.3.0, make 4.2.1, perl v5.30.0

The base could be compiled on every of them; hoever,
the newer Ubuntu version was used, the more warnings
were produced during the compilation.

This warning is shown for Ubuntu 18 and 20, on 18 it is
reported for the first line of the function, on 20 for
the line containing the sprintf.

On all three Ubuntu-s 8 deprecated declarations are
reported.

On the newest only 4 warnings about output truncated
are shown - possibly they are caused by strncpy
(inlined from string.h), however when I tried to get
such a warning from a simple .cpp program, compiling it
using g++ with -Wall -Wstringop-truncation it was not
shown; such a warning are for:
modules/libcom/src/osi/epicsTime.cpp in lines 668 and 680
modules/libcom/src/osi/osiSock.c in line 76
modules/database/src/ioc/dbStatic/dbStaticLib.c in lines
 663, 730 and 745 (one common warning for 3 places - but
 for the last file I do not see the strcpy there - maybe
 functions were inlined and lines are shown incorrectly)

Well: to show the warning, I need to use options:
 -O3 -Wall -Werror-implicit-function-declaration
(the last is not needed in this case; -Wpedantic
 and -Wextra can be used, the warning is the same).

Now I tried  the code from the EPICS and some modified
- no luck, I am still getting the warning. The code:

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <ctype.h>

typedef struct { char buf[40]; size_t pos; } TDD, *TestData;

static void logClient(void *ptr, const char *msg)
{
    TestData td = ptr;
    size_t sz = strlen(msg);
    size_t mx = sizeof(td->buf) - td->pos - 1;

if ( sz > mx )
        sz = mx;
    strncpy( td->buf+td->pos, msg, sz );
    td->pos += sz;
}

int main(int argc, char *argv[]) {
  int ai;  TestData td = calloc(sizeof(TDD), 1);
  for (ai=1; ai<argc; ai++) logClient(td, argv[ai]);
  printf("%.*s\n", (int)td->pos, td->buf);
  return 0;
}

Are we to assume there is a GCC bug?