analyzer: handle arrays of unknown size in access diagrams [PR113222]

gcc/analyzer/ChangeLog:
	PR analyzer/113222
	* access-diagram.cc (valid_region_spatial_item::add_boundaries):
	Handle TYPE_DOMAIN being null.
	(valid_region_spatial_item::add_array_elements_to_table):
	Likewise.

gcc/testsuite/ChangeLog:
	PR analyzer/113222
	* gcc.dg/analyzer/out-of-bounds-diagram-pr113222.c: New test.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>

diff --git a/gcc/analyzer/access-diagram.cc b/gcc/analyzer/access-diagram.cc
index 25e6c92fcffd67682c3610b8200f64164ad08efd..9555ee823931b306e76e6838e250e29c5a86dbae 100644 (file)
--- a/gcc/analyzer/access-diagram.cc
+++ b/gcc/analyzer/access-diagram.cc
@@ -1334,7 +1334,7 @@ public:
            logger->log ("showing first and final element in array type");
          region_model_manager *mgr = m_op.m_model.get_manager ();
          tree domain = TYPE_DOMAIN (base_type);
-         if (TYPE_MIN_VALUE (domain) && TYPE_MAX_VALUE (domain))
+         if (domain && TYPE_MIN_VALUE (domain) && TYPE_MAX_VALUE (domain))
            {
              const svalue *min_idx_sval
                = mgr->get_or_create_constant_svalue (TYPE_MIN_VALUE (domain));
@@ -1364,7 +1364,7 @@ public:
     gcc_assert (m_boundaries != nullptr);
 
     tree domain = TYPE_DOMAIN (base_type);
-    if (!(TYPE_MIN_VALUE (domain) && TYPE_MAX_VALUE (domain)))
+    if (!(domain && TYPE_MIN_VALUE (domain) && TYPE_MAX_VALUE (domain)))
       return;
 
     const int table_y = 0;

diff --git a/gcc/testsuite/gcc.dg/analyzer/out-of-bounds-diagram-pr113222.c b/gcc/testsuite/gcc.dg/analyzer/out-of-bounds-diagram-pr113222.c
new file mode 100644 (file)
index 0000000..4446766
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/out-of-bounds-diagram-pr113222.c
@@ -0,0 +1,26 @@
+/* Verify that we don't ICE when generating an out-of-bounds diagram
+   when the size of an array is unknown.  */
+
+/* { dg-do compile } */
+/* { dg-additional-options "-fdiagnostics-text-art-charset=unicode" } */
+
+#include <stdint.h>
+
+struct sched_class
+{
+  int64_t f;
+};
+extern struct sched_class __end_sched_classes[];
+
+int
+test ()
+{
+  const struct sched_class* class = ((__end_sched_classes - 1));
+  return class->f; /* { dg-warning "buffer under-read" } */
+}
+
+/* We don't care about the content of the diagram, just that we don't
+   ICE creating it.  */
+
+/* { dg-allow-blank-lines-in-output 1 } */
+/* { dg-prune-output ".*" } */