Bug 29318 - [4.0 Regression] ICE: type_info of pointer to VLA
Summary: [4.0 Regression] ICE: type_info of pointer to VLA
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: c++ (show other bugs)
Version: 4.1.1
: P3 normal
Target Milestone: 4.1.2
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks: C++VLA
  Show dependency treegraph
 
Reported: 2006-10-02 10:47 UTC by s.nakayama
Modified: 2016-03-04 04:02 UTC (History)
1 user (show)

See Also:
Host:
Target:
Build:
Known to work: 4.1.2 4.2.0
Known to fail: 4.1.1 3.0.4 4.0.3
Last reconfirmed: 2006-10-02 16:47:37

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description s.nakayama 2006-10-02 10:47:00 UTC 
The following invalid code causes an ICE.

$ cat foo.cpp
#include <typeinfo>

int main()
{
  int i = 5;
  int va[i];
  const std::type_info& info(typeid(&va));

  return 0;
}

$ g++ foo.cpp
foo.cpp: In function 'int main()':
foo.cpp:7: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <URL:http://gcc.gnu.org/bugs.html> for instructions.
Comment 1 Andrew Pinski 2006-10-02 16:47:37 UTC 
Confirmed.  3.0.4 and above ICE so this is a regression.
Comment 2 Richard Biener 2006-10-12 12:39:29 UTC 
EDG chooses to reject the code with

t.C(7): error: a variable-length array type is not allowed
    const std::type_info& info(typeid(&va));
                                      ^

though I cannot find anything in the standard that justifies this behavior.  Of
course C++ VLA are a gcc extension... (but we still ICE even with -pedantic)

We're ICEing in mangling the VLA type

  intD.2[0:(long unsigned intD.7) (SAVE_EXPR <(<unnamed type>) iD.2580 - 1>)]

if we "fix" that by patching write_array_type to strip NOPs and SAVE_EXPRs
in the VLA case like so:

          /* Strip NOP and SAVE_EXPR  */
          while (TREE_CODE (max) == NOP_EXPR
                 || TREE_CODE (max) == SAVE_EXPR)
            max = TREE_OPERAND (max, 0);
          max = TREE_OPERAND (max, 0);
          if (!abi_version_at_least (2))
            {

that case goes fine, but then we ICE mangling

  intD.2[0:D.2586]

which doesn't tell us the number of elements in a symbolical way?  (and
so we ICE on the TREE_OPERAND (max, 0))

The gimplifier produces that out of the first variant and we get to the
mangler again through

#2  0x00000000005d22b1 in write_array_type (type=0x2b0b2b686b00)
    at /space/rguenther/src/svn/trunk/gcc/cp/mangle.c:2396
#3  0x00000000005cd546 in write_type (type=0x2b0b2b686b00)
    at /space/rguenther/src/svn/trunk/gcc/cp/mangle.c:1557
#4  0x00000000005cd9f0 in write_type (type=0x2b0b2b686d10)
    at /space/rguenther/src/svn/trunk/gcc/cp/mangle.c:1620
#5  0x00000000005d323f in mangle_type_string (type=0x2b0b2b686d10)
    at /space/rguenther/src/svn/trunk/gcc/cp/mangle.c:2617
#6  0x000000000053a437 in tinfo_name (type=0x2b0b2b686d10)
    at /space/rguenther/src/svn/trunk/gcc/cp/rtti.c:330
#7  0x000000000053c720 in tinfo_base_init (ti=0x2b0b2b4d6598, 
    target=0x2b0b2b686d10) at /space/rguenther/src/svn/trunk/gcc/cp/rtti.c:813
#8  0x000000000053cebd in ptr_initializer (ti=0x2b0b2b4d6598, 
    target=0x2b0b2b686d10) at /space/rguenther/src/svn/trunk/gcc/cp/rtti.c:908
#9  0x000000000053d59d in get_pseudo_ti_init (type=0x2b0b2b686d10, tk_index=6)
    at /space/rguenther/src/svn/trunk/gcc/cp/rtti.c:1018
#10 0x000000000053fce3 in emit_tinfo_decl (decl=0x2b0b2b686dc0)
    at /space/rguenther/src/svn/trunk/gcc/cp/rtti.c:1491
#11 0x000000000050498c in cp_finish_file ()
    at /space/rguenther/src/svn/trunk/gcc/cp/decl2.c:3127
#12 0x0000000000402945 in finish_file ()
    at /space/rguenther/src/svn/trunk/gcc/cp/cp-lang.c:144
#13 0x00000000006451ee in c_common_parse_file (set_yydebug=0)
    at /space/rguenther/src/svn/trunk/gcc/c-opts.c:1176
#14 0x0000000000b860fc in compile_file ()
    at /space/rguenther/src/svn/trunk/gcc/toplev.c:1033
#15 0x0000000000b87c72 in do_compile ()
    at /space/rguenther/src/svn/trunk/gcc/toplev.c:2006
#16 0x0000000000b87cd6 in toplev_main (argc=3, argv=0x7fff7f92b998)
    at /space/rguenther/src/svn/trunk/gcc/toplev.c:2038
#17 0x000000000065bc1b in main (argc=3, argv=0x7fff7f92b998)
    at /space/rguenther/src/svn/trunk/gcc/main.c:35
Comment 3 Mark Mitchell 2006-10-13 04:09:53 UTC 
Subject: Bug 29318

Author: mmitchel
Date: Fri Oct 13 04:09:41 2006
New Revision: 117683

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=117683
Log:
	PR c++/29318
	* rtti.c (get_tinfo_decl): Refuse to create type info objects for
	variably modified types.
	PR c++/29318
	* g++.dg/ext/vla4.C: New test.

Added:
    trunk/gcc/testsuite/g++.dg/ext/vla4.C
Modified:
    trunk/gcc/cp/ChangeLog
    trunk/gcc/cp/rtti.c
    trunk/gcc/testsuite/ChangeLog
Comment 4 Mark Mitchell 2006-10-13 04:15:59 UTC 
Fixed in 4.1.2, 4.2.0.
Comment 5 Mark Mitchell 2006-10-13 08:34:25 UTC 
Subject: Bug 29318

Author: mmitchel
Date: Fri Oct 13 08:34:14 2006
New Revision: 117686

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=117686
Log:
	PR c++/29318
	* rtti.c (get_tinfo_decl): Refuse to create type info objects for
	variably modified types.
	PR c++/29318
	* g++.dg/ext/vla4.C: New test.

Added:
    branches/gcc-4_1-branch/gcc/testsuite/g++.dg/ext/vla4.C
Modified:
    branches/gcc-4_1-branch/gcc/cp/ChangeLog
    branches/gcc-4_1-branch/gcc/cp/rtti.c
    branches/gcc-4_1-branch/gcc/testsuite/ChangeLog
Comment 6 Gabriel Dos Reis 2007-02-03 20:29:24 UTC 
Fixed in GCC-4.1.2.