[committed] analyzer: fix ICE due to NULL type [PR96639]

David Malcolm dmalcolm@redhat.com
Mon Aug 17 18:55:35 GMT 2020


Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu.

Pushed to master as r11-2724-g42c5ae5d7f0ad89b75d93c497fe44b6c66da7e76.

gcc/analyzer/ChangeLog:
	PR analyzer/96639
	* region.cc (region::get_subregions_for_binding): Check for "type"
	being NULL.

gcc/testsuite/ChangeLog:
	PR analyzer/96639
	* gcc.dg/analyzer/pr96639.c: New test.
---
 gcc/analyzer/region.cc                  |  2 +-
 gcc/testsuite/gcc.dg/analyzer/pr96639.c | 10 ++++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/gcc.dg/analyzer/pr96639.c

diff --git a/gcc/analyzer/region.cc b/gcc/analyzer/region.cc
index afe416b001b..eab1f2771cf 100644
--- a/gcc/analyzer/region.cc
+++ b/gcc/analyzer/region.cc
@@ -256,7 +256,7 @@ region::get_subregions_for_binding (region_model_manager *mgr,
 				    tree type,
 				    auto_vec <const region *> *out) const
 {
-  if (get_type () == NULL_TREE)
+  if (get_type () == NULL_TREE || type == NULL_TREE)
     return;
   if (relative_bit_offset == 0
       && types_compatible_p (get_type (), type))
diff --git a/gcc/testsuite/gcc.dg/analyzer/pr96639.c b/gcc/testsuite/gcc.dg/analyzer/pr96639.c
new file mode 100644
index 00000000000..02ca3f084a2
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/pr96639.c
@@ -0,0 +1,10 @@
+void *calloc (__SIZE_TYPE__, __SIZE_TYPE__);
+
+int
+x7 (void)
+{
+  int **md = calloc (1, 1);
+
+  return md[0][0]; /* { dg-warning "possibly-NULL" "unchecked deref" } */
+  /* { dg-warning "leak of 'md'" "leak" { target *-*-* } .-1 } */
+}
-- 
2.26.2



More information about the Gcc-patches mailing list