https://gcc.gnu.org/g:f8380ded1f64c275cfe7fdd55789feb0cab70e7b
commit r16-7708-gf8380ded1f64c275cfe7fdd55789feb0cab70e7b Author: David Malcolm <[email protected]> Date: Wed Feb 25 21:50:58 2026 -0500 analyzer: fix ICE on putenv of a field [PR124232] store::mark_as_escaped requires the region passed in to be a base region, but the analyzer's implementation of putenv wasn't respecting that. Fixed thusly. gcc/analyzer/ChangeLog: PR analyzer/124232 * kf.cc (kf_putenv::impl_call_pre): Use base region when marking pointer as having escaped. gcc/testsuite/ChangeLog: PR analyzer/124232 * gcc.dg/analyzer/putenv-ice-pr124232.c: New test. Signed-off-by: David Malcolm <[email protected]> Diff: --- gcc/analyzer/kf.cc | 2 +- gcc/testsuite/gcc.dg/analyzer/putenv-ice-pr124232.c | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/gcc/analyzer/kf.cc b/gcc/analyzer/kf.cc index 82aaee1dcb58..b1ccbd6584ae 100644 --- a/gcc/analyzer/kf.cc +++ b/gcc/analyzer/kf.cc @@ -858,7 +858,7 @@ public: const region *reg = model->deref_rvalue (ptr_sval, cd.get_arg_tree (0), ctxt); store_manager *store_mgr = model->get_manager ()->get_store_manager (); - model->get_store ()->mark_as_escaped (*store_mgr, reg); + model->get_store ()->mark_as_escaped (*store_mgr, reg->get_base_region ()); enum memory_space mem_space = reg->get_memory_space (); switch (mem_space) { diff --git a/gcc/testsuite/gcc.dg/analyzer/putenv-ice-pr124232.c b/gcc/testsuite/gcc.dg/analyzer/putenv-ice-pr124232.c new file mode 100644 index 000000000000..d018180ed2dd --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/putenv-ice-pr124232.c @@ -0,0 +1,10 @@ +extern int putenv (char *__string) + __attribute__ ((__nothrow__ , __leaf__)) __attribute__ ((__nonnull__ (1))); + +struct { + char s[16]; +} e = { "a=b" }; + +int main(int, char *[]) { + return putenv(e.s); +}
