From b00a83047574eb6f8d1e670ad439609125873506 Mon Sep 17 00:00:00 2001
From: David Malcolm <dmalcolm@redhat.com>
Date: Mon, 17 Aug 2020 12:30:56 -0400
Subject: [PATCH] analyzer: fix ICE on NULL dereference [PR96644]

gcc/analyzer/ChangeLog:
	PR analyzer/96644
	* region-model-manager.cc (get_region_for_unexpected_tree_code):
	Handle ctxt being NULL.

gcc/testsuite/ChangeLog:
	PR analyzer/96644
	* gcc.dg/analyzer/pr96644.c: New test.
---
 gcc/analyzer/region-model-manager.cc    |  4 ++--
 gcc/testsuite/gcc.dg/analyzer/pr96644.c | 24 ++++++++++++++++++++++++
 2 files changed, 26 insertions(+), 2 deletions(-)
 create mode 100644 gcc/testsuite/gcc.dg/analyzer/pr96644.c

diff --git a/gcc/analyzer/region-model-manager.cc b/gcc/analyzer/region-model-manager.cc
index 9c7b0602e88..4faeaa52a63 100644
--- a/gcc/analyzer/region-model-manager.cc
+++ b/gcc/analyzer/region-model-manager.cc
@@ -927,11 +927,11 @@ get_region_for_unexpected_tree_code (region_model_context *ctxt,
 				     tree t,
 				     const dump_location_t &loc)
 {
-  gcc_assert (ctxt);
   tree type = TYPE_P (t) ? t : TREE_TYPE (t);
   region *new_reg
     = new unknown_region (alloc_region_id (), &m_root_region, type);
-  ctxt->on_unexpected_tree_code (t, loc);
+  if (ctxt)
+    ctxt->on_unexpected_tree_code (t, loc);
   return new_reg;
 }
 
diff --git a/gcc/testsuite/gcc.dg/analyzer/pr96644.c b/gcc/testsuite/gcc.dg/analyzer/pr96644.c
new file mode 100644
index 00000000000..3953c8d58c4
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/pr96644.c
@@ -0,0 +1,24 @@
+/* { dg-additional-options "-O1" } */
+
+int oh[1];
+int *x3;
+
+int *
+cm (char *m0)
+{
+  return oh;
+}
+
+void
+ek (void)
+{
+  for (;;)
+    {
+      char *b2 = 0;
+
+      if (*b2 != 0) /* { dg-warning "dereference of NULL" } */
+	++b2;
+
+      x3 = cm (b2);
+    }
+}
-- 
2.30.2