Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu. Pushed to master as r11-2724-g42c5ae5d7f0ad89b75d93c497fe44b6c66da7e76.
gcc/analyzer/ChangeLog: PR analyzer/96639 * region.cc (region::get_subregions_for_binding): Check for "type" being NULL. gcc/testsuite/ChangeLog: PR analyzer/96639 * gcc.dg/analyzer/pr96639.c: New test. --- gcc/analyzer/region.cc | 2 +- gcc/testsuite/gcc.dg/analyzer/pr96639.c | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 gcc/testsuite/gcc.dg/analyzer/pr96639.c diff --git a/gcc/analyzer/region.cc b/gcc/analyzer/region.cc index afe416b001b..eab1f2771cf 100644 --- a/gcc/analyzer/region.cc +++ b/gcc/analyzer/region.cc @@ -256,7 +256,7 @@ region::get_subregions_for_binding (region_model_manager *mgr, tree type, auto_vec <const region *> *out) const { - if (get_type () == NULL_TREE) + if (get_type () == NULL_TREE || type == NULL_TREE) return; if (relative_bit_offset == 0 && types_compatible_p (get_type (), type)) diff --git a/gcc/testsuite/gcc.dg/analyzer/pr96639.c b/gcc/testsuite/gcc.dg/analyzer/pr96639.c new file mode 100644 index 00000000000..02ca3f084a2 --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/pr96639.c @@ -0,0 +1,10 @@ +void *calloc (__SIZE_TYPE__, __SIZE_TYPE__); + +int +x7 (void) +{ + int **md = calloc (1, 1); + + return md[0][0]; /* { dg-warning "possibly-NULL" "unchecked deref" } */ + /* { dg-warning "leak of 'md'" "leak" { target *-*-* } .-1 } */ +} -- 2.26.2