[Bug middle-end/120024] [13/14/15/16 Regression] ICE (Segmentation fault) in expand_call when casting malloc to void (*)(void) and calling it
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120024 Andrew Pinski changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED|RESOLVED Target Milestone|13.5|16.0 --- Comment #8 from Andrew Pinski --- Fixed on the trunk. Since this was found via fuzziers and has been a bug 13 years and has not been reported until now, I am just going to close it as fixed for the trunk. Also this involves some questionable undefined code which means it will be harder to hit.
[Bug middle-end/120024] [13/14/15/16 Regression] ICE (Segmentation fault) in expand_call when casting malloc to void (*)(void) and calling it
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120024 --- Comment #7 from GCC Commits --- The trunk branch has been updated by Andrew Pinski : https://gcc.gnu.org/g:6ece2d7274059265468833fb491db44bd90de72a commit r16-3286-g6ece2d7274059265468833fb491db44bd90de72a Author: Andrew Pinski Date: Mon Aug 18 13:33:59 2025 -0700 middle-end: Fix malloc like functions when calling with void "return" [PR120024] When expanding malloc like functions, we copy the return register into a temporary and then mark that temporary register with a noalias regnote and the alignment. This works fine unless you are calling the function with a return type of void. At this point then the valreg will be null and a crash will happen. A few cleanups are included in this patch because it was easier to do the fix with the cleanups added. The start_sequence/end_sequence for ECF_MALLOC is no longer needed; I can't tell if it was ever needed. The emit_move_insn function returns the last emitted instruction anyways so there is no reason to call get_last_insn as we can just use the return value of emit_move_insn. This has been true since this code was originally added so I don't understand why it was done that way beforehand. Bootstrapped and tested on x86_64-linux-gnu. PR middle-end/120024 gcc/ChangeLog: * calls.cc (expand_call): Remove start_sequence/end_sequence for ECF_MALLOC. Check valreg before deferencing it when it comes to malloc like functions. Use the return value of emit_move_insn instead of calling get_last_insn. gcc/testsuite/ChangeLog: * gcc.dg/torture/malloc-1.c: New test. * gcc.dg/torture/malloc-2.c: New test. Signed-off-by: Andrew Pinski
[Bug middle-end/120024] [13/14/15/16 Regression] ICE (Segmentation fault) in expand_call when casting malloc to void (*)(void) and calling it
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120024 --- Comment #6 from Andrew Pinski --- Patch posted: https://gcc.gnu.org/pipermail/gcc-patches/2025-August/692813.html
[Bug middle-end/120024] [13/14/15/16 Regression] ICE (Segmentation fault) in expand_call when casting malloc to void (*)(void) and calling it
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120024 --- Comment #5 from Andrew Pinski --- (In reply to Andrew Pinski from comment #2) > I think this will fix it: This was not enough to fix it, there was a little more to do and some cleanups too that can be done as emit_move_insn returns the last insn anyways. there is no reason to do start_sequence/end_sequence either.
[Bug middle-end/120024] [13/14/15/16 Regression] ICE (Segmentation fault) in expand_call when casting malloc to void (*)(void) and calling it
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120024 Richard Biener changed: What|Removed |Added Target Milestone|12.5|13.5 --- Comment #4 from Richard Biener --- GCC 12 branch is being closed.
