http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59667
Bug ID: 59667 Summary: ubsan: ICE ubsan_type_descriptor Product: gcc Version: 4.9.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: larsbj at gullik dot net CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org This is with gcc --version gcc (GCC) 4.9.0 20140103 (experimental) as of r206313 This snippet: void foo() { unsigned int len = 1; float (*P)[len][len]; (*P)[0][0] = 1; } compiled with gcc -c -fsanitize=undefined snippet.c Gives: snippet.c: In function ‘foo’: snippet.c:1:6: internal compiler error: Segmentation fault void foo() ^ 0x87abff crash_signal ../../gcc/gcc/toplev.c:336 0x890f2d ubsan_type_descriptor(tree_node*, bool) ../../gcc/gcc/ubsan.c:319 0x891b44 ubsan_expand_null_ifn(gimple_stmt_iterator) ../../gcc/gcc/ubsan.c:584 0x888de1 execute_sanopt ../../gcc/gcc/asan.c:2574 0x888de1 execute ../../gcc/gcc/asan.c:2624