This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[PATCH] Fix ICE on sprintf (p, "%s") and miscompilation of sprintf (p, "a", q++) (PR middle-end/30473)

From: Jakub Jelinek <jakub at redhat dot com>
To: gcc-patches at gcc dot gnu dot org
Date: Thu, 1 Feb 2007 08:33:23 -0500
Subject: [PATCH] Fix ICE on sprintf (p, "%s") and miscompilation of sprintf (p, "a", q++) (PR middle-end/30473)
Reply-to: Jakub Jelinek <jakub at redhat dot com>

Hi!

As shown on the attached testcases, fold_builtin_sprintf wasn't doing
proper checking of arguments (unlike expand_builtin_sprintf or other
fold_builtin_*printf* routines).
Fixed thusly, ok for 4.1/4.2/4.3?

BTW, I noticed we do all the fold_builtin_1 folding even with -O0, is
that desirable?  Might make debugging harder.

2007-02-01  Jakub Jelinek  <jakub@redhat.com>

	PR middle-end/30473
	* builtins.c (fold_builtin_sprintf): Do not attempt to optimize
	sprintf (str, "%s").  Do not optimize sprintf (str, "nopercent", p++).

	* gcc.dg/pr30473.c: New test.
	* gcc.c-torture/execute/20070201-1.c: New test.

--- gcc/builtins.c.jj	2007-02-01 11:03:12.000000000 +0100
+++ gcc/builtins.c	2007-02-01 14:20:20.000000000 +0100
@@ -10553,6 +10553,7 @@ fold_builtin_sprintf (tree arglist, int 
   /* Get the destination string and the format specifier.  */
   dest = TREE_VALUE (arglist);
   fmt = TREE_VALUE (TREE_CHAIN (arglist));
+  arglist = TREE_CHAIN (TREE_CHAIN (arglist));
 
   /* Check whether the format is a literal string constant.  */
   fmt_str = c_getstr (fmt);
@@ -10573,6 +10574,10 @@ fold_builtin_sprintf (tree arglist, int 
       if (!fn)
 	return NULL_TREE;
 
+      /* Don't optimize sprintf (buf, "abc", ptr++).  */
+      if (arglist)
+	return NULL_TREE;
+
       /* Convert sprintf (str, fmt) into strcpy (str, fmt) when
 	 'format' is known to contain no % formats.  */
       arglist = build_tree_list (NULL_TREE, fmt);
@@ -10591,8 +10596,12 @@ fold_builtin_sprintf (tree arglist, int 
       if (!fn)
 	return NULL_TREE;
 
+      /* Don't crash on sprintf (str1, "%s").  */
+      if (!arglist)
+	return NULL_TREE;
+
       /* Convert sprintf (str1, "%s", str2) into strcpy (str1, str2).  */
-      orig = TREE_VALUE (TREE_CHAIN (TREE_CHAIN (arglist)));
+      orig = TREE_VALUE (arglist);
       arglist = build_tree_list (NULL_TREE, orig);
       arglist = tree_cons (NULL_TREE, dest, arglist);
       if (!ignored)
--- gcc/testsuite/gcc.c-torture/execute/20070201-1.c.jj	2007-02-01 13:55:27.000000000 +0100
+++ gcc/testsuite/gcc.c-torture/execute/20070201-1.c	2007-02-01 13:53:37.000000000 +0100
@@ -0,0 +1,20 @@
+/* PR middle-end/30473 */
+
+extern int sprintf (char *, const char *, ...);
+extern void abort (void);
+
+char *
+foo (char *buf, char *p)
+{
+  sprintf (buf, "abcde", p++);
+  return p;
+}
+
+int
+main (void)
+{
+  char buf[6];
+  if (foo (buf, &buf[2]) != &buf[3])
+    abort ();
+  return 0;
+}
--- gcc/testsuite/gcc.dg/pr30473.c.jj	2007-02-01 13:39:55.000000000 +0100
+++ gcc/testsuite/gcc.dg/pr30473.c	2007-02-01 13:45:01.000000000 +0100
@@ -0,0 +1,13 @@
+/* PR middle-end/30473 */
+/* Make sure this doesn't ICE.  */
+/* { dg-do compile } */
+/* { dg-options "-O2" } */
+
+extern int sprintf (char *, const char *, ...);
+
+void
+foo (char *buf1, char *buf2)
+{
+  sprintf (buf1, "%s", "abcde");
+  sprintf (buf2, "%s");
+}

	Jakub

Follow-Ups:
- Re: [PATCH] Fix ICE on sprintf (p, "%s") and miscompilation of sprintf (p, "a", q++) (PR middle-end/30473)
  - From: Ian Lance Taylor

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]