https://gcc.gnu.org/g:53913b45f2dc4ba0f81845670d0877b7638d53d3
commit r16-7274-g53913b45f2dc4ba0f81845670d0877b7638d53d3 Author: David Malcolm <[email protected]> Date: Tue Feb 3 18:52:35 2026 -0500 analyzer: fix ICE on pointer offsets [PR116865] gcc/analyzer/ChangeLog: PR analyzer/116865 * region-model-manager.cc (region_model_manager::get_offset_region): Use POINTER_PLUS_EXPR rather than PLUS_EXPR for pointer offsets. gcc/testsuite/ChangeLog: PR analyzer/116865 * c-c++-common/analyzer/ice-pr116865.c: New test. Signed-off-by: David Malcolm <[email protected]> Diff: --- gcc/analyzer/region-model-manager.cc | 2 +- gcc/testsuite/c-c++-common/analyzer/ice-pr116865.c | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/gcc/analyzer/region-model-manager.cc b/gcc/analyzer/region-model-manager.cc index 5790f912d454..76ca8348edae 100644 --- a/gcc/analyzer/region-model-manager.cc +++ b/gcc/analyzer/region-model-manager.cc @@ -1732,7 +1732,7 @@ region_model_manager::get_offset_region (const region *parent, const svalue *sval_x = parent_offset_reg->get_byte_offset (); const svalue *sval_sum = get_or_create_binop (byte_offset->get_type (), - PLUS_EXPR, sval_x, byte_offset); + POINTER_PLUS_EXPR, sval_x, byte_offset); return get_offset_region (parent->get_parent_region (), type, sval_sum); } diff --git a/gcc/testsuite/c-c++-common/analyzer/ice-pr116865.c b/gcc/testsuite/c-c++-common/analyzer/ice-pr116865.c new file mode 100644 index 000000000000..4acddb410104 --- /dev/null +++ b/gcc/testsuite/c-c++-common/analyzer/ice-pr116865.c @@ -0,0 +1,7 @@ +/* { dg-additional-options "-O2" } */ + +int f(int l) { + char *t_string = (char *)__builtin_calloc(l + 2, 1); + char *end = t_string + l - 1; + return '0' != *(end - 1); /* { dg-warning "leak of 't_string'" } */ +}
