From 3d654ca3f421ff9646470d312097602037176352 Mon Sep 17 00:00:00 2001
From: David Malcolm <dmalcolm@redhat.com>
Date: Mon, 23 Aug 2021 14:11:58 -0400
Subject: [PATCH] analyzer: fix ICE with NULL change.m_expr [PR101875]

gcc/analyzer/ChangeLog:
	PR analyzer/101875
	* sm-file.cc (file_diagnostic::describe_state_change): Handle
	change.m_expr being NULL.

gcc/testsuite/ChangeLog:
	PR analyzer/101875
	* gcc.dg/analyzer/pr101875.c: New test.
---
 gcc/analyzer/sm-file.cc                  | 18 ++++++++++++++----
 gcc/testsuite/gcc.dg/analyzer/pr101875.c | 16 ++++++++++++++++
 2 files changed, 30 insertions(+), 4 deletions(-)
 create mode 100644 gcc/testsuite/gcc.dg/analyzer/pr101875.c

diff --git a/gcc/analyzer/sm-file.cc b/gcc/analyzer/sm-file.cc
index 6a17019448e..0c8cdf0b720 100644
--- a/gcc/analyzer/sm-file.cc
+++ b/gcc/analyzer/sm-file.cc
@@ -125,11 +125,21 @@ public:
       return label_text::borrow ("opened here");
     if (change.m_old_state == m_sm.m_unchecked
 	&& change.m_new_state == m_sm.m_nonnull)
-      return change.formatted_print ("assuming %qE is non-NULL",
-				     change.m_expr);
+      {
+	if (change.m_expr)
+	  return change.formatted_print ("assuming %qE is non-NULL",
+					 change.m_expr);
+	else
+	  return change.formatted_print ("assuming FILE * is non-NULL");
+      }
     if (change.m_new_state == m_sm.m_null)
-      return change.formatted_print ("assuming %qE is NULL",
-				     change.m_expr);
+      {
+	if (change.m_expr)
+	  return change.formatted_print ("assuming %qE is NULL",
+					 change.m_expr);
+	else
+	  return change.formatted_print ("assuming FILE * is NULL");
+      }
     return label_text ();
   }
 
diff --git a/gcc/testsuite/gcc.dg/analyzer/pr101875.c b/gcc/testsuite/gcc.dg/analyzer/pr101875.c
new file mode 100644
index 00000000000..5988b8ea9ab
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/pr101875.c
@@ -0,0 +1,16 @@
+char *
+fopen (const char *restrict, const char *restrict);
+
+void
+err (void);
+
+void
+k2 (void)
+{
+  char *setfiles[1];
+  int i;
+
+  setfiles[i] = fopen("", ""); /* { dg-warning "use of uninitialized value 'i'" } */
+  if (!setfiles[i]) /* { dg-warning "use of uninitialized value 'i'" } */
+    err ();
+} /* { dg-warning "leak of FILE" } */