Attempts to store sm-state into a union in C++ triggered an infinite
recursion when trying to generate a representative tree, due to
erroneously trying to use the dtor of the union as a field.
Fix it by filtering out non-FIELD_DECLs when walking TYPE_FIELDs
in region::get_subregions_for_binding.
gcc/analyzer/ChangeLog:
PR analyzer/96723
* region-model-manager.cc
(region_model_manager::get_field_region): Assert that field is a
FIELD_DECL.
* region.cc (region::get_subregions_for_binding): In
union-handling, filter the TYPE_FIELDS traversal to just FIELD_DECLs.
gcc/testsuite/ChangeLog:
PR analyzer/96723
* g++.dg/analyzer/pr96723.C: New test.
const region *
region_model_manager::get_field_region (const region *parent, tree field)
{
+ gcc_assert (TREE_CODE (field) == FIELD_DECL);
+
field_region::key_t key (parent, field);
if (field_region *reg = m_field_regions.get (key))
return reg;
for (tree field = TYPE_FIELDS (get_type ()); field != NULL_TREE;
field = DECL_CHAIN (field))
{
+ if (TREE_CODE (field) != FIELD_DECL)
+ continue;
const region *subregion = mgr->get_field_region (this, field);
subregion->get_subregions_for_binding (mgr,
relative_bit_offset,
--- /dev/null
+void
+foo ()
+{
+ union
+ {
+ int *p;
+ } u;
+ u.p = new int;
+ delete u.p;
+}
projects / platform / upstream / gcc.git / commitdiff