From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <rguenth@sourceware.org>
Received: by sourceware.org (Postfix, from userid 1666)
 id A865D3857827; Thu, 17 Feb 2022 10:48:13 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A865D3857827
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
From: Richard Biener <rguenth@gcc.gnu.org>
To: gcc-cvs@gcc.gnu.org
Subject: [gcc r10-10462] ipa/102762 - fix ICE with invalid
 __builtin_va_arg_pack () use
X-Act-Checkin: gcc
X-Git-Author: Richard Biener <rguenther@suse.de>
X-Git-Refname: refs/heads/releases/gcc-10
X-Git-Oldrev: a650dc2deb2b6906334c6b06991255f46df93c16
X-Git-Newrev: 724177df8e159dc3f70cd0e13a598e10dd321f37
Message-Id: <20220217104813.A865D3857827@sourceware.org>
Date: Thu, 17 Feb 2022 10:48:13 +0000 (GMT)
X-BeenThere: gcc-cvs@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-cvs mailing list <gcc-cvs.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-cvs>,
 <mailto:gcc-cvs-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-cvs/>
List-Help: <mailto:gcc-cvs-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-cvs>,
 <mailto:gcc-cvs-request@gcc.gnu.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Feb 2022 10:48:13 -0000

https://gcc.gnu.org/g:724177df8e159dc3f70cd0e13a598e10dd321f37

commit r10-10462-g724177df8e159dc3f70cd0e13a598e10dd321f37
Author: Richard Biener <rguenther@suse.de>
Date:   Fri Oct 15 08:41:57 2021 +0200

    ipa/102762 - fix ICE with invalid __builtin_va_arg_pack () use
    
    We have to be careful to not break the argument space calculation.
    If there's not enough arguments just do not append any.
    
    2021-10-15  Richard Biener  <rguenther@suse.de>
    
            PR ipa/102762
            * tree-inline.c (copy_bb): Avoid underflowing nargs.
    
            * gcc.dg/torture/pr102762.c: New testcase.
    
    (cherry picked from commit 11a4714860d2df6ba496d55379e7dc702d5fc425)

Diff:
---
 gcc/testsuite/gcc.dg/torture/pr102762.c | 11 +++++++++++
 gcc/tree-inline.c                       |  8 +++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/gcc/testsuite/gcc.dg/torture/pr102762.c b/gcc/testsuite/gcc.dg/torture/pr102762.c
new file mode 100644
index 00000000000..67c6b00ccea
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/torture/pr102762.c
@@ -0,0 +1,11 @@
+/* { dg-do compile } */
+/* We fail to diagnose the invalid __builtin_va_arg_pack use with -flto.  */
+/* { dg-skip-if "" { *-*-* } { "-flto" } { "" } } */
+
+void log_bad_request();
+void foo(a, b)
+     int a, b;
+{
+  log_bad_request(0, __builtin_va_arg_pack());  /* { dg-error "invalid use" } */
+  foo(0);
+}
diff --git a/gcc/tree-inline.c b/gcc/tree-inline.c
index 9c6f61a583a..470802ffeb7 100644
--- a/gcc/tree-inline.c
+++ b/gcc/tree-inline.c
@@ -2105,7 +2105,13 @@ copy_bb (copy_body_data *id, basic_block bb,
 	      size_t n;
 
 	      for (p = DECL_ARGUMENTS (id->src_fn); p; p = DECL_CHAIN (p))
-		nargs--;
+		{
+		  /* Avoid crashing on invalid IL that doesn't have a
+		     varargs function or that passes not enough arguments.  */
+		  if (nargs == 0)
+		    break;
+		  nargs--;
+		}
 
 	      /* Create the new array of arguments.  */
 	      n = nargs + gimple_call_num_args (call_stmt);