From: Torbjörn SVENSSON Date: Wed, 15 Apr 2026 14:20:03 +0000 (+0200) Subject: analyzer: do not segfault when printing unknown impl location X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;p=thirdparty%2Fgcc.git analyzer: do not segfault when printing unknown impl location When dump_impl_location_t::m_function or dump_impl_location_t::m_file is NULL, then GCC segfaults when attempting to print the location. $ ./bin/arm-none-eabi-gcc ../ice-pr124055-1.c -fanalyzer -Wanalyzer-too-complex -Wanalyzer-symbol-too-complex -O -fdump-analyzer -frounding-math -S -o /dev/null -wrapper lldb,-- (lldb) target create "/build/r16-8473-g5cc0ead3625fe6/bin/../lib/gcc/arm-none-eabi/16.0.1/cc1" ... (lldb) r Process 31748 launched: '/build/r16-8473-g5cc0ead3625fe6/lib/gcc/arm-none-eabi/16.0.1/cc1' (arm64) Process 31748 stopped * thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x0) frame #0: 0x000000018ae7ea44 libsystem_platform.dylib`_platform_strlen + 4 libsystem_platform.dylib`_platform_strlen: -> 0x18ae7ea44 <+4>: ldr q0, [x1] 0x18ae7ea48 <+8>: adr x3, 0x18ae7e980 ; ___lldb_unnamed_symbol320 0x18ae7ea4c <+12>: ldr q2, [x3], #0x10 0x18ae7ea50 <+16>: and x2, x0, #0xf Target 0: (cc1) stopped. (lldb) bt * thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x0) * frame #0: 0x000000018ae7ea44 libsystem_platform.dylib`_platform_strlen + 4 frame #1: 0x0000000101223d68 cc1`pp_quoted_string(pretty_printer*, char const*, unsigned long) + 244 frame #2: 0x0000000101220628 cc1`pretty_printer::format(text_info&) + 2772 frame #3: 0x0000000101108b8c cc1`ana::logger::log_va(char const*, char**) + 100 frame #4: 0x0000000101108970 cc1`ana::logger::log(char const*, ...) + 28 frame #5: 0x0000000101129da4 cc1`ana::impl_region_model_context::on_unexpected_tree_code(tree_node*, dump_location_t const&) + 80 frame #6: 0x0000000101174d3c cc1`ana::region_model_manager::get_region_for_unexpected_tree_code(ana::region_model_context*, tree_node*, dump_location_t const&) + 184 ... This happens when GCC is built with GCC <4.8 or with another toolchain, like LLVM. Seen on macOS with clang-1600.0.26.6. gcc/analyzer/ChangeLog: * engine.cc (impl_region_model_context::on_unexpected_tree_code): Print "" when m_file or m_function is NULL. Signed-off-by: Torbjörn SVENSSON --- diff --git a/gcc/analyzer/engine.cc b/gcc/analyzer/engine.cc index a4d870bd3d2..a5ab173ca16 100644 --- a/gcc/analyzer/engine.cc +++ b/gcc/analyzer/engine.cc @@ -904,11 +904,15 @@ impl_region_model_context::on_unexpected_tree_code (tree t, { logger * const logger = get_logger (); if (logger) - logger->log ("unhandled tree code: %qs in %qs at %s:%i", - get_tree_code_name (TREE_CODE (t)), - loc.get_impl_location ().m_function, - loc.get_impl_location ().m_file, - loc.get_impl_location ().m_line); + { + const dump_impl_location_t &impl_loc = loc.get_impl_location (); + const char *unknown = ""; + logger->log ("unhandled tree code: %qs in %qs at %s:%i", + get_tree_code_name (TREE_CODE (t)), + impl_loc.m_function ? impl_loc.m_function : unknown, + impl_loc.m_file ? impl_loc.m_file : unknown, + impl_loc.m_line); + } if (m_new_state) m_new_state->m_valid = false; }