PR tree-optimization/83603 - ICE in builtin_memref at gcc/gimple-ssa-warn-restrict.c:238

gcc/ChangeLog: PR tree-optimization/83603 * calls.c (maybe_warn_nonstring_arg): Avoid accessing function arguments past the endof the argument list in functions declared without a prototype. * gimple-ssa-warn-restrict.c (wrestrict_dom_walker::check_call): Avoid checking when arguments are null. gcc/testsuite/ChangeLog: PR tree-optimization/83603 * gcc.dg/Wrestrict-4.c: New test. From-SVN: r256217

PR tree-optimization/83603 - ICE in builtin_memref at gcc/gimple-ssa-warn-restrict.c:238
gcc/ChangeLog: PR tree-optimization/83603 * calls.c (maybe_warn_nonstring_arg): Avoid accessing function arguments past the endof the argument list in functions declared without a prototype. * gimple-ssa-warn-restrict.c (wrestrict_dom_walker::check_call): Avoid checking when arguments are null. gcc/testsuite/ChangeLog: PR tree-optimization/83603 * gcc.dg/Wrestrict-4.c: New test. From-SVN: r256217
2438cb6a · Martin Sebor · Martin Sebor · c3a8f964 · 2438cb6a · 2438cb6a
Commit 2438cb6a authored Jan 03, 2018 by Martin Sebor Committed by Martin Sebor Jan 03, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 144 additions and 5 deletions

gcc/ChangeLog
+9 -0

gcc/calls.c
+19 -4

gcc/gimple-ssa-warn-restrict.c
+3 -1

gcc/testsuite/ChangeLog
+3 -0

gcc/testsuite/gcc.dg/Wrestrict-4.c
+110 -0

No files found.
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -555,6 +555,15 @@

 2018-01-03  Martin Sebor  <msebor@redhat.com>

+	PR tree-optimization/83603
+	* calls.c (maybe_warn_nonstring_arg): Avoid accessing function
+	arguments past the endof the argument list in functions declared
+	without a prototype.
+	* gimple-ssa-warn-restrict.c (wrestrict_dom_walker::check_call):
+	Avoid checking when arguments are null.
+
+2018-01-03  Martin Sebor  <msebor@redhat.com>
+
 	PR c/83559
 	* doc/extend.texi (attribute const): Fix a typo.
 	* ipa-pure-const.c ((warn_function_const, warn_function_pure): Avoid

--- a/gcc/calls.c
+++ b/gcc/calls.c
@@ -1607,6 +1607,8 @@ maybe_warn_nonstring_arg (tree fndecl, tree exp)

  bool with_bounds = CALL_WITH_BOUNDS_P (exp);

+  unsigned nargs = call_expr_nargs (exp);
+
  /* The bound argument to a bounded string function like strncpy.  */
  tree bound = NULL_TREE;

@@ -1621,12 +1623,20 @@ maybe_warn_nonstring_arg (tree fndecl, tree exp)
    case BUILT_IN_STRNCASECMP:
    case BUILT_IN_STRNCPY:
    case BUILT_IN_STRNCPY_CHK:
-      bound = CALL_EXPR_ARG (exp, with_bounds ? 4 : 2);
-      break;
+      {
+	unsigned argno = with_bounds ? 4 : 2;
+	if (argno < nargs)
+	  bound = CALL_EXPR_ARG (exp, argno);
+	break;
+      }

    case BUILT_IN_STRNDUP:
-      bound = CALL_EXPR_ARG (exp, with_bounds ? 2 : 1);
-      break;
+      {
+	unsigned argno = with_bounds ? 2 : 1;
+	if (argno < nargs)
+	  bound = CALL_EXPR_ARG (exp, argno);
+	break;
+      }

    default:
      break;
@@ -1646,6 +1656,11 @@ maybe_warn_nonstring_arg (tree fndecl, tree exp)

  for (unsigned argno = 0; ; ++argno, function_args_iter_next (&it))
    {
+      /* Avoid iterating past the declared argument in a call
+	 to function declared without a prototype.  */
+      if (argno >= nargs)
+	break;
+
      tree argtype = function_args_iter_cond (&it);
      if (!argtype)
 	break;

--- a/gcc/gimple-ssa-warn-restrict.c
+++ b/gcc/gimple-ssa-warn-restrict.c
@@ -1691,7 +1691,9 @@ wrestrict_dom_walker::check_call (gcall *call)
  if (!dstwr && strfun)
    dstwr = size_one_node;

-  if (check_bounds_or_overlap (call, dst, src, dstwr, NULL_TREE))
+  /* DST and SRC can be null for a call with an insufficient number
+     of arguments to a built-in function declared without a protype.  */
+  if (!dst || !src || check_bounds_or_overlap (call, dst, src, dstwr, NULL_TREE))
    return;

  /* Avoid diagnosing the call again.  */

--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -21,6 +21,9 @@

 2018-01-03  Martin Sebor  <msebor@redhat.com>

+	PR tree-optimization/83603
+	* gcc.dg/Wrestrict-4.c: New test.
+
 	PR c/83559
 	* gcc.dg/const-2.c: New test.
 	* gcc.dg/pure-3.c: New test.

--- a/gcc/testsuite/gcc.dg/Wrestrict-4.c
+++ b/gcc/testsuite/gcc.dg/Wrestrict-4.c
+/* PR tree-optimization/83603 - ICE in builtin_memref at
+   gcc/gimple-ssa-warn-restrict.c:238
+   Test to verify that invalid calls to built-in functions declared
+   without a prototype don't cause an ICE.
+   { dg-do compile }
+   { dg-options "-O2 -Warray-bounds -Wrestrict" } */
+
+void* memcpy ();
+void* memmove ();
+char* stpcpy ();
+char* strcat ();
+char* strcpy ();
+char* strncat ();
+char* strncpy ();
+
+void* test_memcpy_0 ()
+{
+  return memcpy ();
+}
+
+void* test_memcpy_1 (void *d)
+{
+  return memcpy (d);
+}
+
+void* test_memcpy_2 (void *d, const void *s)
+{
+  return memcpy (d, s);
+}
+
+
+void* test_memmove_0 ()
+{
+  return memmove ();
+}
+
+void* test_memmove_1 (void *d)
+{
+  return memmove (d);
+}
+
+void* test_memmove_2 (void *d, const void *s)
+{
+  return memmove (d, s);
+}
+
+
+void* test_stpcpy_0 ()
+{
+  return stpcpy ();
+}
+
+void* test_stpcpy_1 (char *d)
+{
+  return stpcpy (d);
+}
+
+
+char* test_strcat_0 ()
+{
+  return strcat ();
+}
+
+char* test_strcat_1 (char *d)
+{
+  return strcat (d);
+}
+
+
+void* test_strcpy_0 ()
+{
+  return strcpy ();
+}
+
+void* test_strcpy_1 (char *d)
+{
+  return strcpy (d);
+}
+
+
+char* test_strncat_0 ()
+{
+  return strncat ();
+}
+
+char* test_strncat_1 (char *d)
+{
+  return strncat (d);
+}
+
+char* test_strncat_2 (char *d, const char *s)
+{
+  return strncat (d, s);
+}
+
+
+void* test_strncpy_0 ()
+{
+  return strncpy ();
+}
+
+void* test_strncpy_1 (char *d)
+{
+  return strncpy (d);
+}
+
+void* test_strncpy_2 (char *d, const char *s)
+{
+  return strncpy (d, s);
+}