From: David Malcolm <dmalcolm@redhat.com>
Date: Sat, 7 Feb 2026 15:21:00 +0000 (-0500)
Subject: analyzer: fix ICE on operator new with discarded result [PR116228]
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f3f7e7514a794f34a0db1cda63cbaa0f1eb899f5;p=thirdparty%2Fgcc.git

analyzer: fix ICE on operator new with discarded result [PR116228]

gcc/analyzer/ChangeLog:
	PR analyzer/116228
	* kf-lang-cp.cc (kf_operator_new::impl_call_post): Don't try to
	add a constraint if the return value is discarded.

gcc/testsuite/ChangeLog:
	PR analyzer/116228
	* g++.dg/analyzer/ice-pr116228.C: New test.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>
---

diff --git a/gcc/analyzer/kf-lang-cp.cc b/gcc/analyzer/kf-lang-cp.cc
index c92864b0b27..5d57bcc5fcb 100644
--- a/gcc/analyzer/kf-lang-cp.cc
+++ b/gcc/analyzer/kf-lang-cp.cc
@@ -140,7 +140,9 @@ public:
 
     /* If the call is guaranteed to return nonnull
        then add a nonnull constraint to the allocated region.  */
-    if (!TREE_NOTHROW (callee_fndecl) && flag_exceptions)
+    if (!TREE_NOTHROW (callee_fndecl)
+	&& flag_exceptions
+	&& cd.get_lhs_type ())
       {
 	const svalue *null_sval
 	  = mgr->get_or_create_null_ptr (cd.get_lhs_type ());
diff --git a/gcc/testsuite/g++.dg/analyzer/ice-pr116228.C b/gcc/testsuite/g++.dg/analyzer/ice-pr116228.C
new file mode 100644
index 00000000000..df6d2aabbda
--- /dev/null
+++ b/gcc/testsuite/g++.dg/analyzer/ice-pr116228.C
@@ -0,0 +1,33 @@
+// { dg-additional-options "-O3" }
+
+void *operator new(unsigned long, void *);
+int to_constant();
+int vec_copy_construct_n, vec_stmts_size, vectorizable_load_vec_stmt,
+    vectorizable_load_offvar;
+enum tree_code { POINTER_PLUS_EXPR };
+void gimple_build_assign(int, tree_code, int, int);
+int cse_and_gimplify_to_preheader(int, int);
+void vectorizable_load() {
+  int i, stride_step, const_nunits = to_constant();
+  bool costing_p = vectorizable_load_vec_stmt;
+  if (!costing_p) {
+    stride_step = 0;
+    stride_step = cse_and_gimplify_to_preheader(0, stride_step);
+  }
+  for (; vec_stmts_size;) {
+    i = 0;
+    for (; i < const_nunits; i++) {
+      if (costing_p)
+        continue;
+      gimple_build_assign(0, POINTER_PLUS_EXPR, vectorizable_load_offvar,
+                          stride_step);
+    }
+    if (const_nunits)
+      if (!costing_p) {
+        {
+          for (; vec_copy_construct_n;)
+            new (0) int;
+        }
+      }
+  }
+}