https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96860
--- Comment #2 from CVS Commits <cvs-commit at gcc dot gnu.org> --- The master branch has been updated by David Malcolm <dmalc...@gcc.gnu.org>: https://gcc.gnu.org/g:18056e45db1c75aa209fa9a756395ddceb867a88 commit r11-2955-g18056e45db1c75aa209fa9a756395ddceb867a88 Author: David Malcolm <dmalc...@redhat.com> Date: Mon Aug 31 09:00:23 2020 -0400 analyzer: fix ICE on unknown index in CONSTRUCTOR [PR96860] PR analyzer/96860 reports an ICE inside CONSTRUCTOR-handling with --param analyzer-max-svalue-depth=0 when attempting to build a binding_map for the CONSTRUCTOR's values. The issue is that when handling (index, value) pairs for initializing an array, the index values for the elements exceeds the svalue complexity limit, and the index is thus treated as unknown, leading to a symbolic rather than concrete offset for each array element. This patch updates the CONSTRUCTOR-handling code so that it can fail, returning an unknown value for the overall value of the constructor for this case, fixing the ICE. gcc/analyzer/ChangeLog: PR analyzer/96860 * region.cc (decl_region::get_svalue_for_constructor): Support apply_ctor_to_region failing. * store.cc (binding_map::apply_ctor_to_region): Add failure handling. (binding_map::apply_ctor_val_to_range): Likewise. (binding_map::apply_ctor_pair_to_child_region): Likewise. Replace assertion that child_base_offset is not symbolic with error handling. * store.h (binding_map::apply_ctor_to_region): Convert return type from void to bool. (binding_map::apply_ctor_val_to_range): Likewise. (binding_map::apply_ctor_pair_to_child_region): Likewise. gcc/testsuite/ChangeLog: PR analyzer/96860 * gcc.dg/analyzer/pr96860-1.c: New test. * gcc.dg/analyzer/pr96860-2.c: New test.
