https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85046
Bug ID: 85046
Summary: cp/name-lookup.c:6175:53: runtime error: member access
within null pointer of type 'struct cp_binding_level'
Product: gcc
Version: 8.0.1
Status: UNCONFIRMED
Keywords: ice-on-invalid-code
Severity: normal
Priority: P3
Component: c++
Assignee: unassigned at gcc dot gnu.org
Reporter: vegard.nossum at oracle dot com
CC: webrown.cpp at gmail dot com
Target Milestone: ---
Input:
void c() {
{
auto f(__builtin_offsetof(
struct {
void g();
int f;
struct h {
union g enum g {} enum e { a, b };
e ginline() {
enum g {};
asm goto("" : : : : d);
return a;
d:
return b;
}
};
},
f));
asm(""
: "=d"(f)
: ""(__builtin_object_size(__builtin_offsetof(
struct {
int f;
struct {};
struct {
} i;
},
f),
__builtin_extend_pointer({}))));
[] {};
struct j {
enum e { b };
e k() {
asm goto("" : : : : d);
try {
} catch (int l) {
struct m;
struct n;
}
d:
return b;
class g {
int g;
};
}
g o();
};
}
struct g;
}
Output:
$ cc1plus
void c()
<stdin>:8:45: error: multiple types in one declaration
c()::<unnamed struct>::h::e c()::<unnamed struct>::h::ginline()
c()::<lambda()> static void c()::<lambda()>::_FUN() c()::<lambda()>::operator
void (*)()() const c()::j::e
c()::j::k()/home/vegard/git/gcc/gcc/cp/name-lookup.c:6175:53: runtime error:
member access within null pointer of type 'struct cp_binding_level'
ASAN:SIGSEGV
=================================================================
==5446==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000030 (pc
0x0000038d5b44 bp 0x7fea893a1040 sp 0x7ffd56aadc50 T0)
#0 0x38d5b43 in lookup_type_scope_1
/home/vegard/git/gcc/gcc/cp/name-lookup.c:6175
#1 0x38d5b43 in lookup_type_scope(tree_node*, tag_scope)
/home/vegard/git/gcc/gcc/cp/name-lookup.c:6240
#2 0x25fb0cd in lookup_and_check_tag
/home/vegard/git/gcc/gcc/cp/decl.c:13582
#3 0x2602936 in xref_tag_1 /home/vegard/git/gcc/gcc/cp/decl.c:13696
#4 0x2602936 in xref_tag(tag_types, tree_node*, tag_scope, bool)
/home/vegard/git/gcc/gcc/cp/decl.c:13818
#5 0x3f23b08 in cp_parser_elaborated_type_specifier
/home/vegard/git/gcc/gcc/cp/parser.c:17920
#6 0x3d1beb4 in cp_parser_type_specifier
/home/vegard/git/gcc/gcc/cp/parser.c:16804
#7 0x3f3fdff in cp_parser_decl_specifier_seq
/home/vegard/git/gcc/gcc/cp/parser.c:13631
#8 0x406701d in cp_parser_simple_declaration
/home/vegard/git/gcc/gcc/cp/parser.c:12940
#9 0x408425b in cp_parser_block_declaration
/home/vegard/git/gcc/gcc/cp/parser.c:12885
#10 0x409572f in cp_parser_declaration_statement
/home/vegard/git/gcc/gcc/cp/parser.c:12478
#11 0x3c88eb7 in cp_parser_statement
/home/vegard/git/gcc/gcc/cp/parser.c:10927
#12 0x3cad953 in cp_parser_statement_seq_opt
/home/vegard/git/gcc/gcc/cp/parser.c:11276
#13 0x3cbdaf1 in cp_parser_compound_statement
/home/vegard/git/gcc/gcc/cp/parser.c:11230
#14 0x3f962a8 in cp_parser_function_body
/home/vegard/git/gcc/gcc/cp/parser.c:21792
#15 0x3f962a8 in cp_parser_ctor_initializer_opt_and_function_body
/home/vegard/git/gcc/gcc/cp/parser.c:21827
#16 0x3fc3219 in cp_parser_function_definition_after_declarator
/home/vegard/git/gcc/gcc/cp/parser.c:26842
#17 0x403cdf5 in
cp_parser_function_definition_from_specifiers_and_declarator
/home/vegard/git/gcc/gcc/cp/parser.c:26759
#18 0x403cdf5 in cp_parser_init_declarator
/home/vegard/git/gcc/gcc/cp/parser.c:19504
#19 0x4069481 in cp_parser_simple_declaration
/home/vegard/git/gcc/gcc/cp/parser.c:13067
#20 0x408425b in cp_parser_block_declaration
/home/vegard/git/gcc/gcc/cp/parser.c:12885
#21 0x41bb8ee in cp_parser_declaration
/home/vegard/git/gcc/gcc/cp/parser.c:12782
#22 0x4188c5f in cp_parser_declaration_seq_opt
/home/vegard/git/gcc/gcc/cp/parser.c:12658
#23 0x419308b in cp_parser_translation_unit
/home/vegard/git/gcc/gcc/cp/parser.c:4563
#24 0x419308b in c_parse_file() /home/vegard/git/gcc/gcc/cp/parser.c:39019
#25 0x613101d in c_common_parse_file()
/home/vegard/git/gcc/gcc/c-family/c-opts.c:1132
#26 0x10cb4551 in compile_file /home/vegard/git/gcc/gcc/toplev.c:455
#27 0x14c07ed in do_compile /home/vegard/git/gcc/gcc/toplev.c:2132
#28 0x14c07ed in toplev::main(int, char**)
/home/vegard/git/gcc/gcc/toplev.c:2267
#29 0x14eca1c in main /home/vegard/git/gcc/gcc/main.c:39
#30 0x7fea8d77d82f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#31 0x14ef478 in _start
(/home/vegard/personal/programming/gcc/install/libexec/gcc/x86_64-pc-linux-gnu/8.0.1/cc1plus+0x14ef478)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/vegard/git/gcc/gcc/cp/name-lookup.c:6175
lookup_type_scope_1
==5446==ABORTING
$ cc1plus -version
GNU C++14 (GCC) version 8.0.1 20180322 (experimental) (x86_64-pc-linux-gnu)
compiled by GNU C version 5.4.1 20160904, GMP version 6.1.0, MPFR
version 3.1.4, MPC version 1.0.3, isl version none
Test case was minimised by C-Reduce, but it's still quite large so maybe I
screwed something up with the ASAN output.
I looked for duplicates as I thought some of the functions near the top of the
stack trace looked familiar, but I didn't find anything. Apologies in advance
if it's a dup.
