Bug 41992 - ICE on invalid dereferencing of void *
Summary: ICE on invalid dereferencing of void *
Status: NEW
Alias: None
Product: gcc
Classification: Unclassified
Component: middle-end (show other bugs)
Version: 4.4.1
: P3 minor
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords: ice-on-invalid-code
Depends on:
Blocks:
 
Reported: 2009-11-09 02:54 UTC by mikulas
Modified: 2014-05-04 19:34 UTC (History)
2 users (show)

See Also:
Host: i686-pc-linux-gnu
Target: i686-pc-linux-gnu
Build: i686-pc-linux-gnu
Known to work:
Known to fail:
Last reconfirmed: 2009-11-09 10:16:57


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description mikulas 2009-11-09 02:54:55 UTC
Hi

This piece of invalid code (the dereference shouldn't be there) triggers an ICE. The crash happens on 4.3.2, 4.4.1 and 4.4.2. It happens with or without optimizations.

static void MONITOR(void *ptr)
{
__asm__ volatile ("                                     \n\
XORL    %%ECX, %%ECX                                    \n\
XORL    %%EDX, %%EDX                                    \n\
MONITOR                                                 \n\
"::"a"(*ptr):"cx","dx","cc","memory");
}

s.e: In function 'MONITOR':
s.e:7: warning: dereferencing 'void *' pointer
s.e:7: internal compiler error: in gimplify_expr, at gimplify.c:7074
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.
Comment 1 Richard Biener 2009-11-09 10:16:56 UTC
Which is because the gimplifier thinks this is an error for the frontend to
pass through:

Breakpoint 1, fancy_abort (
    file=0x10b1ab8 "/space/rguenther/src/svn/trunk/gcc/gimplify.c", line=7173, 
    function=0x10b2ca4 "gimplify_expr")
    at /space/rguenther/src/svn/trunk/gcc/diagnostic.c:728
728       internal_error ("in %s, at %s:%d", function, trim_filename (file), line);
(gdb) up
#1  0x00000000007fa0a5 in gimplify_expr (expr_p=0x7ffff6f07a48, 
    pre_p=0x7fffffffced8, post_p=0x7fffffffc558, 
    gimple_test_f=0x7b9486 <is_gimple_asm_val>, fallback=1)
    at /space/rguenther/src/svn/trunk/gcc/gimplify.c:7173
7173          gcc_assert (!VOID_TYPE_P (TREE_TYPE (*expr_p)));
(gdb) 
#2  0x00000000007e9450 in gimplify_asm_expr (expr_p=0x7ffff7ede980, 
    pre_p=0x7fffffffced8, post_p=0x7fffffffc558)
    at /space/rguenther/src/svn/trunk/gcc/gimplify.c:4896
4896              tret = gimplify_expr (&TREE_VALUE (link), pre_p, post_p,

the C standard doesn't claim dereferencing a void pointer is invalid, so
the gimplifier should deal with this.

Before tree-ssa we ICEd with

t5.c:3: internal compiler error: in int_mode_for_mode, at stor-layout.c:289
Please submit a full bug report,
with preprocessed source if appropriate.
See <URL:http://gcc.gnu.org/bugs.html> for instructions.

or with 2.95 with

t5.c:3: Internal compiler error in `emit_move_insn_1', at expr.c:2835

so, not a regression.
Comment 2 joseph@codesourcery.com 2009-11-09 13:16:48 UTC
Subject: Re:  ICE on invalid dereferencing of void *

On Mon, 9 Nov 2009, rguenth at gcc dot gnu dot org wrote:

> the C standard doesn't claim dereferencing a void pointer is invalid, so
> the gimplifier should deal with this.

It's not invalid in general, but if the value gets used (NB conditional 
expressions involving such dereferences, whose values don't get used, are 
OK; DR 106) then it is invalid and there should be an error; "void value 
not ignored as it ought to be" is used in some places.  Though I note that 
if you change the dereference in the present testcase to use the return 
value of a function returning void, the resulting error "using result of 
function returning 'void'" comes from the gimplifier and not the front 
end, so making the gimplifier deal with this case as well would at least 
be consistent.

Comment 3 mikulas 2009-11-11 21:06:41 UTC
You can dereference void * in asm arguments --- i.e.
void *p; ... asm volatile ("prefetch %0"::"m"(*p));

gcc warns in this case about the dereference and maybe it shouldn't (but it's trivial to supress the warning with a cast to char *).

If you change "m" constraint to "mr", you get an ICE.