diff mbox series

[pushed] analyzer: handle null "var" in state_change_event::get_desc [PR113509]

Message ID 20240131010943.1916042-1-dmalcolm@redhat.com
State New
Headers show
Series [pushed] analyzer: handle null "var" in state_change_event::get_desc [PR113509] | expand

Commit Message

David Malcolm Jan. 31, 2024, 1:09 a.m. UTC 
Avoid ICE with  -fanalyzer-verbose-state-changes when
region_model::get_representative_tree returns nullptr in
state_change_event::get_desc.

Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu.
Pushed to trunk as r14-8640-g18aabe7d203aa1.

gcc/analyzer/ChangeLog:
	PR analyzer/113509
	* checker-event.cc (state_change_event::get_desc): Don't assume
	"var" is non-NULL.

gcc/testsuite/ChangeLog:
	PR analyzer/113509
	* c-c++-common/analyzer/stdarg-pr113509.c: New test.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>
---
 gcc/analyzer/checker-event.cc                 | 59 +++++++++++++------
 .../c-c++-common/analyzer/stdarg-pr113509.c   |  8 +++
 2 files changed, 49 insertions(+), 18 deletions(-)
 create mode 100644 gcc/testsuite/c-c++-common/analyzer/stdarg-pr113509.c
diff mbox series

Patch

diff --git a/gcc/analyzer/checker-event.cc b/gcc/analyzer/checker-event.cc
index 3ff3aea6a867..b64c58ef7702 100644
--- a/gcc/analyzer/checker-event.cc
+++ b/gcc/analyzer/checker-event.cc
@@ -443,25 +443,48 @@  state_change_event::get_desc (bool can_colorize) const
 	      meaning.dump_to_pp (&meaning_pp);
 
 	      /* Append debug version.  */
-	      if (m_origin)
-		return make_label_text
-		  (can_colorize,
-		   "%s (state of %qE: %qs -> %qs, origin: %qE, meaning: %s)",
-		   custom_desc.get (),
-		   var,
-		   m_from->get_name (),
-		   m_to->get_name (),
-		   origin,
-		   pp_formatted_text (&meaning_pp));
+	      if (var)
+		{
+		  if (m_origin)
+		    return make_label_text
+		      (can_colorize,
+		       "%s (state of %qE: %qs -> %qs, origin: %qE, meaning: %s)",
+		       custom_desc.get (),
+		       var,
+		       m_from->get_name (),
+		       m_to->get_name (),
+		       origin,
+		       pp_formatted_text (&meaning_pp));
+		  else
+		    return make_label_text
+		      (can_colorize,
+		       "%s (state of %qE: %qs -> %qs, NULL origin, meaning: %s)",
+		       custom_desc.get (),
+		       var,
+		       m_from->get_name (),
+		       m_to->get_name (),
+		       pp_formatted_text (&meaning_pp));
+		}
 	      else
-		return make_label_text
-		  (can_colorize,
-		   "%s (state of %qE: %qs -> %qs, NULL origin, meaning: %s)",
-		   custom_desc.get (),
-		   var,
-		   m_from->get_name (),
-		   m_to->get_name (),
-		   pp_formatted_text (&meaning_pp));
+		{
+		  if (m_origin)
+		    return make_label_text
+		      (can_colorize,
+		       "%s (state: %qs -> %qs, origin: %qE, meaning: %s)",
+		       custom_desc.get (),
+		       m_from->get_name (),
+		       m_to->get_name (),
+		       origin,
+		       pp_formatted_text (&meaning_pp));
+		  else
+		    return make_label_text
+		      (can_colorize,
+		       "%s (state: %qs -> %qs, NULL origin, meaning: %s)",
+		       custom_desc.get (),
+		       m_from->get_name (),
+		       m_to->get_name (),
+		       pp_formatted_text (&meaning_pp));
+		}
 	    }
 	  else
 	    return custom_desc;
diff --git a/gcc/testsuite/c-c++-common/analyzer/stdarg-pr113509.c b/gcc/testsuite/c-c++-common/analyzer/stdarg-pr113509.c
new file mode 100644
index 000000000000..553480821188
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/analyzer/stdarg-pr113509.c
@@ -0,0 +1,8 @@ 
+/* Regression test for ICE with -fanalyzer-verbose-state-changes.  */
+
+/* { dg-additional-options " -fanalyzer-verbose-state-changes" } */
+
+__builtin_va_list FOO_showfatal_ap;
+void FOO_showfatal(char fmta, ...) {
+  __builtin_va_start(FOO_showfatal_ap, fmta); /* { dg-message "'va_start' called here" } */
+} /* { dg-warning "missing call to 'va_end'" } */