From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 5B3D83857C41; Mon, 31 Aug 2020 22:31:01 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 5B3D83857C41 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1598913061; bh=hFaflY4VAQkn/8gsM6llYbDs/v1RDcYo53u0RAXH0GA=; h=From:To:Subject:Date:In-Reply-To:References:From; b=pwqN9BSsgOhggmwhSmVERVA4Bm132Z4aZWURkwLFsDA/rKFwVzLvIUupZwO4Xudzf 57cCX3J1PtTG2VZ55YarAYFDdU9Ys+x9lbu7hb7tHpxLmIeP/qp3aLyxlp2ARXGsyV SQHM1/MB/m7bTUYhLjsrn0yf8hunzKkAZ8Z39ig0= From: "cvs-commit at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug analyzer/96860] [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445 Date: Mon, 31 Aug 2020 22:31:01 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: analyzer X-Bugzilla-Version: 11.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: cvs-commit at gcc dot gnu.org X-Bugzilla-Status: ASSIGNED X-Bugzilla-Resolution: X-Bugzilla-Priority: P4 X-Bugzilla-Assigned-To: dmalcolm at gcc dot gnu.org X-Bugzilla-Target-Milestone: 11.0 X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gcc-bugs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-bugs mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Aug 2020 22:31:01 -0000 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D96860 --- Comment #2 from CVS Commits --- The master branch has been updated by David Malcolm : https://gcc.gnu.org/g:18056e45db1c75aa209fa9a756395ddceb867a88 commit r11-2955-g18056e45db1c75aa209fa9a756395ddceb867a88 Author: David Malcolm Date: Mon Aug 31 09:00:23 2020 -0400 analyzer: fix ICE on unknown index in CONSTRUCTOR [PR96860] PR analyzer/96860 reports an ICE inside CONSTRUCTOR-handling with --param analyzer-max-svalue-depth=3D0 when attempting to build a binding_map for the CONSTRUCTOR's values. The issue is that when handling (index, value) pairs for initializing an array, the index values for the elements exceeds the svalue complexity limit, and the index is thus treated as unknown, leading to a symbolic rather than concrete offset for each array element. This patch updates the CONSTRUCTOR-handling code so that it can fail, returning an unknown value for the overall value of the constructor for this case, fixing the ICE. gcc/analyzer/ChangeLog: PR analyzer/96860 * region.cc (decl_region::get_svalue_for_constructor): Support apply_ctor_to_region failing. * store.cc (binding_map::apply_ctor_to_region): Add failure handling. (binding_map::apply_ctor_val_to_range): Likewise. (binding_map::apply_ctor_pair_to_child_region): Likewise. Repl= ace assertion that child_base_offset is not symbolic with error handling. * store.h (binding_map::apply_ctor_to_region): Convert return t= ype from void to bool. (binding_map::apply_ctor_val_to_range): Likewise. (binding_map::apply_ctor_pair_to_child_region): Likewise. gcc/testsuite/ChangeLog: PR analyzer/96860 * gcc.dg/analyzer/pr96860-1.c: New test. * gcc.dg/analyzer/pr96860-2.c: New test.=