[Bug c/122684] New: Compiler segfault when performing LTO on function with pointer to VLA argument

archit at accelbread dot com via Gcc-bugs Thu, 13 Nov 2025 23:49:04 -0800

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=122684


            Bug ID: 122684
           Summary: Compiler segfault when performing LTO on function with
                    pointer to VLA argument
           Product: gcc
           Version: 16.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: archit at accelbread dot com
  Target Milestone: ---

Created attachment 62799
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=62799&action=edit
tar with the two preprocessed source files needed to reproduce the bug

The compiler segfaults when performing LTO across C translation units where one
has a function with a pointer to VLA parameter and the other calls that
function with a null value for the pointer to VLA.

In the following situations, the bug does not occur:
- If in the same translation unit
- If the function is passed a valid non-null pointer (even with wrong effective
type)

It does reproduce if the pointer is non-null but not obtained by dereferencing
a value (for example passing `(void *) (1 << 8)` or such.

This bug requires multiple files to reproduce, so I have attached a tar (same
contents as pasted below). I have tested with GCC 15 and trunk.

Preprocessed source files:

main.i:

```c
void fn(int argc, int (*args)[argc]);
int main() {
  fn(0, (void *)0);
}
```

fn.i:

```c
void fn(int argc, int (*args)[argc]) {}
```

Commands to trigger bug:

```
gcc -O2 -flto -o main.o -c main.i
gcc -O2 -flto -o fn.o -c fn.i
gcc -O2 -flto -o test main.o fn.o
```

Compiler output:

```
during IPA pass: static-var
lto1: internal compiler error: Segmentation fault
0x2144b81 diagnostic_context::diagnostic_impl(rich_location*,
diagnostic_metadata const*, diagnostic_option_id, char const*, __va_list_tag
(*) [1], diagnostic_t)
        ???:0
0x2156a6b internal_error(char const*, ...)
        ???:0
0xd688d7 crash_signal(int)
        ???:0
0xba7cf4 tree_is_indexable(tree_node*)
        ???:0
0xba8619 DFS::DFS_write_tree(output_block*, DFS::sccs*, tree_node*, bool, bool)
        ???:0
0xba8ca4 DFS::DFS_write_tree_body(output_block*, tree_node*, DFS::sccs*, bool)
        ???:0
0xbaec1b DFS::DFS(output_block*, tree_node*, bool, bool, bool)
        ???:0
0xbaff8d lto_output_tree(output_block*, tree_node*, bool, bool)
        ???:0
0xb9ae96 output_symtab()
        ???:0
0xbb1694 lto_output()
        ???:0
0xc46135 ipa_write_optimization_summaries(lto_symtab_encoder_d*, bool)
        ???:0
0x7c2e9a stream_out_partitions_1(char*, int, int, int)
        ???:0
0x7c4079 lto_main()
        ???:0
Please submit a full bug report, with preprocessed source (by using
-freport-bug).
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.
lto-wrapper: fatal error:
/nix/store/rd8c9w16nwys8yz1a9j2g2nhjn07464r-gcc-15.2.0/bin/gcc returned 1 exit
status
compilation terminated.
/nix/store/7h3qnwgvkw6z2r8lq4j5mks4l6r5x2cq-binutils-2.44/bin/ld: error:
lto-wrapper failed
collect2: error: ld returned 1 exit status
```

Compiler info:

Tested with NixOS (15.2 and trunk) and Fedora (15.2).

NixOS (15.2):

gcc version 15.2.0 (GCC)
Target: x86_64-unknown-linux-gnu
Configured with: `../gcc-15.2.0/configure
--prefix=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-gcc-15.2.0
--with-gmp-include=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-gmp-with-cxx-6.3.0-dev/include
--with-gmp-lib=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-gmp-with-cxx-6.3.0/lib
--with-mpfr-include=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-mpfr-4.2.2-dev/include
--with-mpfr-lib=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-mpfr-4.2.2/lib
--with-mpc=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-libmpc-1.3.1
--with-native-system-header-dir=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-glibc-2.40-66-dev/include
--with-build-sysroot=/
--with-gxx-include-dir=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-gcc-15.2.0/include/c++/15.2.0/
--program-prefix= --enable-lto --disable-libstdcxx-pch
--without-included-gettext --with-system-zlib --enable-static
--enable-languages=c,c++ --disable-multilib --enable-plugin
--with-isl=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-isl-0.20
--disable-bootstrap --enable-default-pie --build=x86_64-unknown-linux-gnu
--host=x86_64-unknown-linux-gnu --target=x86_64-unknown-linux-gnu`

NixOS (16.0):

gcc version 16.0.0 20251026 (experimental) (GCC) 
Target: x86_64-unknown-linux-gnu
Configured with: `../gcc-16-20251026/configure
--prefix=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-gcc-16.0.0.20251026
--with-gmp-include=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-gmp-with-cxx-6.3.0-dev/include
--with-gmp-lib=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-gmp-with-cxx-6.3.0/lib
--with-mpfr-include=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-mpfr-4.2.2-dev/include
--with-mpfr-lib=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-mpfr-4.2.2/lib
--with-mpc=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-libmpc-1.3.1
--with-native-system-header-dir=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-glibc-2.40-66-dev/include
--with-build-sysroot=/
--with-gxx-include-dir=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-gcc-16.0.0.20251026/include/c++/16.0.0.20251026/
--program-prefix= --enable-lto --disable-libstdcxx-pch
--without-included-gettext --with-system-zlib --enable-static
--enable-languages=c,c++ --disable-multilib --enable-plugin
--with-isl=/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-isl-0.20
--disable-bootstrap --enable-default-pie --build=x86_64-unknown-linux-gnu
--host=x86_64-unknown-linux-gnu --target=x86_64-unknown-linux-gnu`

Fedora:

gcc version 15.2.1 20251022 (Red Hat 15.2.1-3) (GCC)
Target: x86_64-redhat-linux
Configured with: `../configure --enable-bootstrap
--enable-languages=c,c++,fortran,objc,obj-c++,ada,go,d,m2,cobol,lto
--prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info
--with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared
--enable-threads=posix --enable-checking=release --enable-multilib
--with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions
--enable-gnu-unique-object --enable-linker-build-id
--with-gcc-major-version-only --enable-libstdcxx-backtrace
--with-libstdcxx-zoneinfo=/usr/share/zoneinfo --with-linker-hash-style=gnu
--enable-plugin --enable-initfini-array
--with-isl=/builddir/build/BUILD/gcc-15.2.1-build/gcc-15.2.1-20251022/obj-x86_64-redhat-linux/isl-install
--enable-offload-targets=nvptx-none,amdgcn-amdhsa --enable-offload-defaulted
--without-cuda-driver --enable-gnu-indirect-function --enable-cet
--with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux
--with-build-config=bootstrap-lto --enable-link-serialization=1`

[Bug c/122684] New: Compiler segfault when performing LTO on function with pointer to VLA argument

Reply via email to