[committed] analyzer: fix ICE on deref_rvalue on SK_COMPOUND [PR96643]

David Malcolm dmalcolm@redhat.com
Wed Aug 19 19:31:03 GMT 2020


Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu.
Pushed to master as r11-2772-g23ebfda0e352fa0a92c6b012458ecb65505a135f.

gcc/analyzer/ChangeLog:
	PR analyzer/96643
	* region-model.cc (region_model::deref_rvalue): Rather than
	attempting to handle all svalue kinds in the switch, only cover
	the special cases, and move symbolic-region handling to after
	the switch, thus implicitly handling the missing case SK_COMPOUND.

gcc/testsuite/ChangeLog:
	PR analyzer/96643
	* g++.dg/analyzer/pr96643.C: New test.
---
 gcc/analyzer/region-model.cc            | 26 +++++--------------------
 gcc/testsuite/g++.dg/analyzer/pr96643.C | 26 +++++++++++++++++++++++++
 2 files changed, 31 insertions(+), 21 deletions(-)
 create mode 100644 gcc/testsuite/g++.dg/analyzer/pr96643.C

diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc
index 5b08e48e6e5..8a5e74ebc0e 100644
--- a/gcc/analyzer/region-model.cc
+++ b/gcc/analyzer/region-model.cc
@@ -1369,7 +1369,7 @@ region_model::deref_rvalue (const svalue *ptr_sval, tree ptr_tree,
   switch (ptr_sval->get_kind ())
     {
     default:
-      gcc_unreachable ();
+      break;
 
     case SK_REGION:
       {
@@ -1395,17 +1395,10 @@ region_model::deref_rvalue (const svalue *ptr_sval, tree ptr_tree,
 	      return m_mgr->get_offset_region (parent_region, type, offset);
 	    }
 	  default:
-	    goto create_symbolic_region;
+	    break;
 	  }
       }
-
-    case SK_CONSTANT:
-    case SK_INITIAL:
-    case SK_UNARYOP:
-    case SK_SUB:
-    case SK_WIDENING:
-    case SK_CONJURED:
-      goto create_symbolic_region;
+      break;
 
     case SK_POISONED:
       {
@@ -1425,20 +1418,11 @@ region_model::deref_rvalue (const svalue *ptr_sval, tree ptr_tree,
 		ctxt->warn (new poisoned_value_diagnostic (ptr, pkind));
 	      }
 	  }
-	goto create_symbolic_region;
       }
-
-    case SK_UNKNOWN:
-      {
-      create_symbolic_region:
-	return m_mgr->get_symbolic_region (ptr_sval);
-      }
-
-    case SK_SETJMP:
-      goto create_symbolic_region;
+      break;
     }
 
-  gcc_unreachable ();
+  return m_mgr->get_symbolic_region (ptr_sval);
 }
 
 /* Set the value of the region given by LHS_REG to the value given
diff --git a/gcc/testsuite/g++.dg/analyzer/pr96643.C b/gcc/testsuite/g++.dg/analyzer/pr96643.C
new file mode 100644
index 00000000000..2d0a248c73e
--- /dev/null
+++ b/gcc/testsuite/g++.dg/analyzer/pr96643.C
@@ -0,0 +1,26 @@
+/* { dg-additional-options "-O1" } */
+
+int l0;
+
+class qv {
+public:
+  int operator[] (int b1) const { return k2[b1]; }
+
+private:
+  int *k2;
+};
+
+class g0 {
+  qv nf, v6;
+
+  void
+  iq ();
+};
+
+void
+g0::iq ()
+{
+  for (;;)
+    if (nf[0] == 0)
+      ++l0;
+}
-- 
2.26.2



More information about the Gcc-patches mailing list