* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
@ 2021-08-22 4:22 ` pinskia at gcc dot gnu.org
2021-08-22 4:27 ` pinskia at gcc dot gnu.org
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: pinskia at gcc dot gnu.org @ 2021-08-22 4:22 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|--- |12.0
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
2021-08-22 4:22 ` [Bug tree-optimization/102009] [12 Regression] " pinskia at gcc dot gnu.org
@ 2021-08-22 4:27 ` pinskia at gcc dot gnu.org
2021-08-23 9:03 ` [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976 rguenth at gcc dot gnu.org
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: pinskia at gcc dot gnu.org @ 2021-08-22 4:27 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Last reconfirmed| |2021-08-22
Ever confirmed|0 |1
Status|UNCONFIRMED |NEW
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
This does not make sense:
check_alloca should only be called for BUILT_IN_ALLOCA,
BUILT_IN_ALLOCA_WITH_ALIGN or BUILT_IN_ALLOCA_WITH_ALIGN_AND_MAX
But confirmed.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
2021-08-22 4:22 ` [Bug tree-optimization/102009] [12 Regression] " pinskia at gcc dot gnu.org
2021-08-22 4:27 ` pinskia at gcc dot gnu.org
@ 2021-08-23 9:03 ` rguenth at gcc dot gnu.org
2021-11-15 16:41 ` jakub at gcc dot gnu.org
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: rguenth at gcc dot gnu.org @ 2021-08-23 9:03 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |P1
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
` (2 preceding siblings ...)
2021-08-23 9:03 ` [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976 rguenth at gcc dot gnu.org
@ 2021-11-15 16:41 ` jakub at gcc dot gnu.org
2021-11-15 16:58 ` msebor at gcc dot gnu.org
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: jakub at gcc dot gnu.org @ 2021-11-15 16:41 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned at gcc dot gnu.org |jakub at gcc dot gnu.org
Status|NEW |ASSIGNED
--- Comment #2 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Created attachment 51799
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=51799&action=edit
gcc12-pr102009.patch
Untested fix.
Unfortunately, this isn't the only spot in that file. While e.g.
maybe_warn_nonstring_arg or pass_waccess::maybe_check_dealloc_call do punt if
nargs is too small, many other places don't care, e.g. look at
pass_waccess::check_strcat and most of following pass_waccess::check_* calls.
A quick way to fix it all is to punt if !gimple_builtin_call_types_compatible_p
between the builtin fndecl and the call stmt, but I vaguely remember Martin has
opposed against that. So the other way is to at least check gimple_call_nargs
is sufficient for each builtin, and be prepared that an argument might have
completely different type too (e.g. floating point or structure rather than
expected pointer or size).
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
` (3 preceding siblings ...)
2021-11-15 16:41 ` jakub at gcc dot gnu.org
@ 2021-11-15 16:58 ` msebor at gcc dot gnu.org
2021-11-16 9:19 ` cvs-commit at gcc dot gnu.org
2021-11-16 11:05 ` jakub at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: msebor at gcc dot gnu.org @ 2021-11-15 16:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
--- Comment #3 from Martin Sebor <msebor at gcc dot gnu.org> ---
gimple_builtin_call_types_compatible_p() returns false even for calls with
trivial mismatches like an int where a size_t is expected. I would prefer a
less restrictive test that doesn't prevent detecting these bugs in such calls
to function without a prototype.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
` (4 preceding siblings ...)
2021-11-15 16:58 ` msebor at gcc dot gnu.org
@ 2021-11-16 9:19 ` cvs-commit at gcc dot gnu.org
2021-11-16 11:05 ` jakub at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2021-11-16 9:19 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
--- Comment #4 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>:
https://gcc.gnu.org/g:eacdfaf7ca07367ede1a0c50aa997953958dabae
commit r12-5294-geacdfaf7ca07367ede1a0c50aa997953958dabae
Author: Jakub Jelinek <jakub@redhat.com>
Date: Tue Nov 16 10:18:25 2021 +0100
waccess: Fix up pass_waccess::check_alloc_size_call [PR102009]
This function punts if the builtins have no arguments, but as can be seen
on the testcase, even if it has some arguments but alloc_size attribute's
arguments point to arguments that aren't passed, we get a warning earlier
from the FE but should punt rather than ICE on it.
Other users of alloc_size attribute e.g. in
tree-object-size.c (alloc_object_size) punt similarly and similarly
even in the same TU maybe_warn_nonstring_arg correctly verifies calls have
enough arguments.
2021-11-16 Jakub Jelinek <jakub@redhat.com>
PR tree-optimization/102009
* gimple-ssa-warn-access.cc (pass_waccess::check_alloc_size_call):
Punt if any of alloc_size arguments is out of bounds vs. number of
call arguments.
* gcc.dg/pr102009.c: New test.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
` (5 preceding siblings ...)
2021-11-16 9:19 ` cvs-commit at gcc dot gnu.org
@ 2021-11-16 11:05 ` jakub at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: jakub at gcc dot gnu.org @ 2021-11-16 11:05 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #5 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Fixed.
Tried strcat etc., but there is:
if (gimple_call_builtin_p (stmt, BUILT_IN_NORMAL))
check_builtin (stmt);
which ensures strcat etc. calls make it through to check_strcat etc. only if
they have the right number of arguments.
^ permalink raw reply [flat|nested] 8+ messages in thread