public inbox for gcc-cvs@sourceware.org
help / color / mirror / Atom feed
From: Richard Biener <rguenth@gcc.gnu.org>
To: gcc-cvs@gcc.gnu.org
Subject: [gcc r10-10462] ipa/102762 - fix ICE with invalid __builtin_va_arg_pack () use
Date: Thu, 17 Feb 2022 10:48:13 +0000 (GMT)	[thread overview]
Message-ID: <20220217104813.A865D3857827@sourceware.org> (raw)

https://gcc.gnu.org/g:724177df8e159dc3f70cd0e13a598e10dd321f37

commit r10-10462-g724177df8e159dc3f70cd0e13a598e10dd321f37
Author: Richard Biener <rguenther@suse.de>
Date:   Fri Oct 15 08:41:57 2021 +0200

    ipa/102762 - fix ICE with invalid __builtin_va_arg_pack () use
    
    We have to be careful to not break the argument space calculation.
    If there's not enough arguments just do not append any.
    
    2021-10-15  Richard Biener  <rguenther@suse.de>
    
            PR ipa/102762
            * tree-inline.c (copy_bb): Avoid underflowing nargs.
    
            * gcc.dg/torture/pr102762.c: New testcase.
    
    (cherry picked from commit 11a4714860d2df6ba496d55379e7dc702d5fc425)

Diff:
---
 gcc/testsuite/gcc.dg/torture/pr102762.c | 11 +++++++++++
 gcc/tree-inline.c                       |  8 +++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/gcc/testsuite/gcc.dg/torture/pr102762.c b/gcc/testsuite/gcc.dg/torture/pr102762.c
new file mode 100644
index 00000000000..67c6b00ccea
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/torture/pr102762.c
@@ -0,0 +1,11 @@
+/* { dg-do compile } */
+/* We fail to diagnose the invalid __builtin_va_arg_pack use with -flto.  */
+/* { dg-skip-if "" { *-*-* } { "-flto" } { "" } } */
+
+void log_bad_request();
+void foo(a, b)
+     int a, b;
+{
+  log_bad_request(0, __builtin_va_arg_pack());  /* { dg-error "invalid use" } */
+  foo(0);
+}
diff --git a/gcc/tree-inline.c b/gcc/tree-inline.c
index 9c6f61a583a..470802ffeb7 100644
--- a/gcc/tree-inline.c
+++ b/gcc/tree-inline.c
@@ -2105,7 +2105,13 @@ copy_bb (copy_body_data *id, basic_block bb,
 	      size_t n;
 
 	      for (p = DECL_ARGUMENTS (id->src_fn); p; p = DECL_CHAIN (p))
-		nargs--;
+		{
+		  /* Avoid crashing on invalid IL that doesn't have a
+		     varargs function or that passes not enough arguments.  */
+		  if (nargs == 0)
+		    break;
+		  nargs--;
+		}
 
 	      /* Create the new array of arguments.  */
 	      n = nargs + gimple_call_num_args (call_stmt);


                 reply	other threads:[~2022-02-17 10:48 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220217104813.A865D3857827@sourceware.org \
    --to=rguenth@gcc.gnu.org \
    --cc=gcc-cvs@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).