public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/52534] New: gcc doesn't detect incorrect expression in call to va_start
@ 2012-03-08 21:14 mib.bugzilla at gmail dot com
2012-03-12 14:10 ` [Bug c/52534] " rguenth at gcc dot gnu.org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: mib.bugzilla at gmail dot com @ 2012-03-08 21:14 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52534
Bug #: 52534
Summary: gcc doesn't detect incorrect expression in call to
va_start
Classification: Unclassified
Product: gcc
Version: 4.5.3
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
AssignedTo: unassigned@gcc.gnu.org
ReportedBy: mib.bugzilla@gmail.com
The C standard is very clear that the second argument to va_start is a
parameter identifier, not an expression.
For example,
int maxof(int, ...) ;
void f(void);
int maxof(int n_args, ...){
register int i;
int max, a;
va_list ap;
va_start(ap, (unsigned int)n_args);
max = va_arg(ap, int);
for(i = 2; i <= n_args; i++) {
if((a = va_arg(ap, int)) > max) max = a;
}
va_end(ap);
return max;
}
Intel compiler finds the bug:
vaarg.c(12): error: incorrect use of va_start
va_start(ap, (unsigned int)n_args);
^
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/52534] gcc doesn't detect incorrect expression in call to va_start
2012-03-08 21:14 [Bug c/52534] New: gcc doesn't detect incorrect expression in call to va_start mib.bugzilla at gmail dot com
@ 2012-03-12 14:10 ` rguenth at gcc dot gnu.org
2012-03-15 9:49 ` pinskia at gcc dot gnu.org
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: rguenth at gcc dot gnu.org @ 2012-03-12 14:10 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52534
Richard Guenther <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |accepts-invalid
Status|UNCONFIRMED |NEW
Last reconfirmed| |2012-03-12
Ever Confirmed|0 |1
--- Comment #1 from Richard Guenther <rguenth at gcc dot gnu.org> 2012-03-12 14:10:12 UTC ---
Confirmed.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/52534] gcc doesn't detect incorrect expression in call to va_start
2012-03-08 21:14 [Bug c/52534] New: gcc doesn't detect incorrect expression in call to va_start mib.bugzilla at gmail dot com
2012-03-12 14:10 ` [Bug c/52534] " rguenth at gcc dot gnu.org
@ 2012-03-15 9:49 ` pinskia at gcc dot gnu.org
2012-03-15 10:04 ` jakub at gcc dot gnu.org
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2012-03-15 9:49 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52534
--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> 2012-03-15 09:41:38 UTC ---
/* Strip off all nops for the sake of the comparison. This
is not quite the same as STRIP_NOPS. It does more.
We must also strip off INDIRECT_EXPR for C++ reference
parameters. */
while (CONVERT_EXPR_P (arg)
|| TREE_CODE (arg) == INDIRECT_REF)
arg = TREE_OPERAND (arg, 0);
Why are we stripping off the NOPS here. This is in fold_builtin_next_arg
(builtins.c).
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/52534] gcc doesn't detect incorrect expression in call to va_start
2012-03-08 21:14 [Bug c/52534] New: gcc doesn't detect incorrect expression in call to va_start mib.bugzilla at gmail dot com
2012-03-12 14:10 ` [Bug c/52534] " rguenth at gcc dot gnu.org
2012-03-15 9:49 ` pinskia at gcc dot gnu.org
@ 2012-03-15 10:04 ` jakub at gcc dot gnu.org
2024-04-09 6:41 ` pinskia at gcc dot gnu.org
2024-04-09 11:06 ` jakub at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: jakub at gcc dot gnu.org @ 2012-03-15 10:04 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52534
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jakub at gcc dot gnu.org
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> 2012-03-15 10:03:59 UTC ---
Because otherwise
void
foo (char a, ...)
{
__builtin_va_list va;
__builtin_va_start (va, a);
__builtin_va_end (va);
}
would not work (arg there is (int) a, as char is promoted to int).
IMHO if we want to diagnose this, it should be done in the C/C++ FEs, e.g.
for C FE perhaps in c_parser_postfix_expression_after_primary, by requiring
that
the second argument to __builtin_va_start is an identifier token, rathern than
a + 0 or similar.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/52534] gcc doesn't detect incorrect expression in call to va_start
2012-03-08 21:14 [Bug c/52534] New: gcc doesn't detect incorrect expression in call to va_start mib.bugzilla at gmail dot com
` (2 preceding siblings ...)
2012-03-15 10:04 ` jakub at gcc dot gnu.org
@ 2024-04-09 6:41 ` pinskia at gcc dot gnu.org
2024-04-09 11:06 ` jakub at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2024-04-09 6:41 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=52534
--- Comment #4 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Interesting clang accepts it also.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug c/52534] gcc doesn't detect incorrect expression in call to va_start
2012-03-08 21:14 [Bug c/52534] New: gcc doesn't detect incorrect expression in call to va_start mib.bugzilla at gmail dot com
` (3 preceding siblings ...)
2024-04-09 6:41 ` pinskia at gcc dot gnu.org
@ 2024-04-09 11:06 ` jakub at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: jakub at gcc dot gnu.org @ 2024-04-09 11:06 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=52534
--- Comment #5 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Note, if we warn, we shouldn't warn for C23 or later, because one can pass
anything there, like 3 arguments, or that (unsigned int)n_args, or just one,
etc. And __builtin_va_start (ap, 0) is what is used regardless of the passed
argument in that case.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-04-09 11:06 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-03-08 21:14 [Bug c/52534] New: gcc doesn't detect incorrect expression in call to va_start mib.bugzilla at gmail dot com
2012-03-12 14:10 ` [Bug c/52534] " rguenth at gcc dot gnu.org
2012-03-15 9:49 ` pinskia at gcc dot gnu.org
2012-03-15 10:04 ` jakub at gcc dot gnu.org
2024-04-09 6:41 ` pinskia at gcc dot gnu.org
2024-04-09 11:06 ` jakub at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).