diff options
| author | Richard Biener <rguenther@suse.de> | 2021-10-15 08:41:57 +0200 |
|---|---|---|
| committer | Richard Biener <rguenther@suse.de> | 2021-10-15 09:33:51 +0200 |
| commit | 11a4714860d2df6ba496d55379e7dc702d5fc425 (patch) | |
| tree | da0e935bd920b0f66a33edc52f627a5ecf2f0723 | |
| parent | be072bfa5bb3817168daa0a4a398cd9bd915a726 (diff) | |
| download | gcc-11a4714860d2df6ba496d55379e7dc702d5fc425.zip gcc-11a4714860d2df6ba496d55379e7dc702d5fc425.tar.gz gcc-11a4714860d2df6ba496d55379e7dc702d5fc425.tar.bz2 | |
ipa/102762 - fix ICE with invalid __builtin_va_arg_pack () use
We have to be careful to not break the argument space calculation.
If there's not enough arguments just do not append any.
2021-10-15 Richard Biener <rguenther@suse.de>
PR ipa/102762
* tree-inline.c (copy_bb): Avoid underflowing nargs.
* gcc.dg/torture/pr102762.c: New testcase.
| -rw-r--r-- | gcc/testsuite/gcc.dg/torture/pr102762.c | 11 | ||||
| -rw-r--r-- | gcc/tree-inline.c | 8 |
2 files changed, 18 insertions, 1 deletions
diff --git a/gcc/testsuite/gcc.dg/torture/pr102762.c b/gcc/testsuite/gcc.dg/torture/pr102762.c new file mode 100644 index 0000000..67c6b00 --- /dev/null +++ b/gcc/testsuite/gcc.dg/torture/pr102762.c @@ -0,0 +1,11 @@ +/* { dg-do compile } */ +/* We fail to diagnose the invalid __builtin_va_arg_pack use with -flto. */ +/* { dg-skip-if "" { *-*-* } { "-flto" } { "" } } */ + +void log_bad_request(); +void foo(a, b) + int a, b; +{ + log_bad_request(0, __builtin_va_arg_pack()); /* { dg-error "invalid use" } */ + foo(0); +} diff --git a/gcc/tree-inline.c b/gcc/tree-inline.c index e292a14..b2c58ac 100644 --- a/gcc/tree-inline.c +++ b/gcc/tree-inline.c @@ -2117,7 +2117,13 @@ copy_bb (copy_body_data *id, basic_block bb, size_t nargs = nargs_caller; for (p = DECL_ARGUMENTS (id->src_fn); p; p = DECL_CHAIN (p)) - nargs--; + { + /* Avoid crashing on invalid IL that doesn't have a + varargs function or that passes not enough arguments. */ + if (nargs == 0) + break; + nargs--; + } /* Create the new array of arguments. */ size_t nargs_callee = gimple_call_num_args (call_stmt); |