From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wr1-x436.google.com (mail-wr1-x436.google.com [IPv6:2a00:1450:4864:20::436]) by sourceware.org (Postfix) with ESMTPS id 95DCA38845FC; Thu, 24 Nov 2022 20:43:54 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 95DCA38845FC Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-wr1-x436.google.com with SMTP id s5so4041260wru.1; Thu, 24 Nov 2022 12:43:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:user-agent:date:cc:to:from:subject:message-id:from:to :cc:subject:date:message-id:reply-to; bh=4cxzqKk6jn69Wi51TQTb4cpoQaWr7cyYx7TJ9SicmbI=; b=ZmvOPWd/cCmKb+m10mFxJst6hH5yNXV3NAYhcyn6yPgMMqMw49uicaOlr3BPb2lql9 HUE7Wzu9AiHbsuJ+pYxEHGil6MXVZvJ/b786gkuvE10F24bIvfej5EtO13TGbHUzs9+v AYYaZRn3sjx7nYJlLwxWYKZm6SACOT9ONI4QBjg/j/zsBMeTmCemok4+KK3Na9uj/UVJ ct2gBcduZHJBhlyrimO67zVpf2YEV/mfWkogJ/9xnIFPZnE2H7c5hGy/aK4wOKzSFHEY cJOV6U4J6KwfeyuF6LMz2czJKiLk4UGShnvgq8+iQFb9t4MnQXU6N0w54l0Cnm3Xcwjg zonA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:user-agent:date:cc:to:from:subject:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=4cxzqKk6jn69Wi51TQTb4cpoQaWr7cyYx7TJ9SicmbI=; b=G7f1RHVZkC5O7H3QBcElO3YTndgAG6nG3+ORd+ATzxnPiFLOQGomMuNkh3nUSK39mE oXXMkXXR0dzcLpCdyKAQ3DA8rWpRJZcduFU23rQC8JFf2+VaW+JqmyXGlD7yGmBguRr0 a0g+LION5SEagQTUkimT+wK79DDiLw++ItoSNMZA7ZNbBuizbqA8GE751KSv71Uqd5/A K/GSpI0mdNlTnQGRQ0ArpEre92yD4+LSDuO/DvV7xQN2gYBa8K1E9lel17s8D6/dULSR 70unQI6APnCoDWkVDK8TkC22IAx9qfxlJKBs346//I6XSOvfnRaZAPPnMJcMl+m2BQDV 8ToQ== X-Gm-Message-State: ANoB5pn3Vlw4PicAVrXKlpa4LRmvznqVKEEfQEwMeaPOGon8sb5xD6OD hJZdR1EOJdmqHexOCy1yYbI6k4mcbbsSsQ== X-Google-Smtp-Source: AA0mqf7xfFzcLeiiK08yRl8CAdbj1OiW/ZkBbuVLaH6drkf+nZlLvzDTzkPlSueL6qL0KnW4L1FHrA== X-Received: by 2002:adf:e712:0:b0:241:d309:8e0c with SMTP id c18-20020adfe712000000b00241d3098e0cmr13733316wrm.547.1669322632570; Thu, 24 Nov 2022 12:43:52 -0800 (PST) Received: from [192.168.1.3] ([182.69.176.206]) by smtp.gmail.com with ESMTPSA id fn9-20020a05600c688900b003cf6a55d8e8sm2845169wmb.7.2022.11.24.12.43.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Nov 2022 12:43:51 -0800 (PST) Message-ID: <5bcb69810185bfa4d614aef0c57fb4641b1ae2eb.camel@gmail.com> Subject: [PATCH] gcc/jit/jit-recording.cc: recording::global::write_to_dump: Avoid crashes when writing psuedo-C for globals with string initializers. From: Vibhav Pant To: jit@gcc.gnu.org Cc: gcc-patches@gcc.gnu.org Date: Fri, 25 Nov 2022 02:13:34 +0530 Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-zc2KhYWyMpKKaqERV3hO" User-Agent: Evolution 3.46.1 MIME-Version: 1.0 X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_ABUSEAT,RCVD_IN_BARRACUDACENTRAL,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: --=-zc2KhYWyMpKKaqERV3hO Content-Type: multipart/mixed; boundary="=-s3mQijVidLz8oxW1Ev4P" --=-s3mQijVidLz8oxW1Ev4P Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable If a char * global was initialized with a rvalue from `gcc_jit_context_new_string_literal` containing a format string, dumping the context causes libgccjit to SIGSEGV due to an improperly constructed call to vasprintf. The following code snippet can reproduce the crash: int main(int argc, char **argv) { gcc_jit_context *ctxt =3D gcc_jit_context_acquire (); gcc_jit_lvalue *var =3D gcc_jit_context_new_global( ctxt, NULL, GCC_JIT_GLOBAL_EXPORTED, gcc_jit_context_get_type(ctxt, GCC_JIT_TYPE_CONST_CHAR_PTR), "var"); gcc_jit_global_set_initializer_rvalue( var, gcc_jit_context_new_string_literal(ctxt, "%s")); gcc_jit_context_dump_to_file (ctxt, "output", 0); return 0; } The offending line is jit-recording.cc:4922, where a call to d.write passes the initializer rvalue's debug string to `write` without a format specifier. The attached patch fixes this issue. Thanks, Vibhav --=20 Vibhav Pant vibhavp@gmail.com GPG: 7ED1 D48C 513C A024 BE3A 785F E3FB 28CB 6AB5 9598 --=-s3mQijVidLz8oxW1Ev4P Content-Disposition: attachment; filename*0=0001-jit-recording.cc-Dump-string-literal-initializers-co.pat; filename*1=ch Content-Transfer-Encoding: base64 Content-Type: text/x-patch; name="0001-jit-recording.cc-Dump-string-literal-initializers-co.patch"; charset="UTF-8" RnJvbSBlNTk4YTQwNzZiMmJmZjcyYjRhM2NjMjlkMWQ3MGRiOGM1M2JhZjQ1IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBWaWJoYXYgUGFudCA8dmliaGF2cEBnbWFpbC5jb20+CkRhdGU6 IEZyaSwgMjUgTm92IDIwMjIgMDI6MDI6MDkgKzA1MzAKU3ViamVjdDogW1BBVENIXSBqaXQtcmVj b3JkaW5nLmNjOiBEdW1wIHN0cmluZyBsaXRlcmFsIGluaXRpYWxpemVycyBjb3JyZWN0bHkKCi0t LQogZ2NjL2ppdC9qaXQtcmVjb3JkaW5nLmNjIHwgMiArLQogMSBmaWxlIGNoYW5nZWQsIDEgaW5z ZXJ0aW9uKCspLCAxIGRlbGV0aW9uKC0pCgpkaWZmIC0tZ2l0IGEvZ2NjL2ppdC9qaXQtcmVjb3Jk aW5nLmNjIGIvZ2NjL2ppdC9qaXQtcmVjb3JkaW5nLmNjCmluZGV4IDZhZTVhNjY3ZTkwLi43YmI5 OGRkY2I0MiAxMDA2NDQKLS0tIGEvZ2NjL2ppdC9qaXQtcmVjb3JkaW5nLmNjCisrKyBiL2djYy9q aXQvaml0LXJlY29yZGluZy5jYwpAQCAtNDkxOSw3ICs0OTE5LDcgQEAgcmVjb3JkaW5nOjpnbG9i YWw6OndyaXRlX3RvX2R1bXAgKGR1bXAgJmQpCiAgIGVsc2UgaWYgKG1fcnZhbHVlX2luaXQpCiAg ICAgewogICAgICAgZC53cml0ZSAoIiA9ICIpOwotICAgICAgZC53cml0ZSAobV9ydmFsdWVfaW5p dC0+Z2V0X2RlYnVnX3N0cmluZyAoKSk7CisgICAgICBkLndyaXRlICgiJXMiLCBtX3J2YWx1ZV9p bml0LT5nZXRfZGVidWdfc3RyaW5nICgpKTsKICAgICAgIGQud3JpdGUgKCI7XG4iKTsKICAgICB9 CiAKLS0gCjIuMzguMQoK --=-s3mQijVidLz8oxW1Ev4P-- --=-zc2KhYWyMpKKaqERV3hO Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEEftHUjFE8oCS+Onhf4/soy2q1lZgFAmN/13YACgkQ4/soy2q1 lZiw7Af+NIdM2ijswxo1UgelscRo4T6dO4WGsxJXgUt5xXzsCGFT+o9VoGI3Kssr dzAOFh7VpAByhV/OVXb8SB3WzfLpkFy4cjaqcYb1QYdSVLOGQ4IOaEu6ISRfAhjL TkS80ZK1golmOelMbD4daV5Rdzh+aOMVGmZ2FahguutKAhgW5I4CRq120R3goMZz B+rDcn7dy+pPZcSeHV1PUy8VhC3XhF9bX2MsVmSJ+swIzPvmCk94RaS1fp+PXqdF JYWy4xmmAxQSXQ8DLZUCkpA2qoeXtC/YYDe2UvaRgfi2P41qEv2kzL3koqmbKZAU TbqwZbsjYMO2G83dHlbhkCCtXgZlCA== =v2Nj -----END PGP SIGNATURE----- --=-zc2KhYWyMpKKaqERV3hO--