diff options
| author | Tim Lange <mail@tim-lange.me> | 2022-09-10 23:53:48 +0200 |
|---|---|---|
| committer | Tim Lange <mail@tim-lange.me> | 2022-09-11 23:55:20 +0200 |
| commit | 0ea5e3f4542832b8da016b152695e64a2a386309 (patch) | |
| tree | 37e285532e7f807019eae14d388dbbedbea5155c /gcc/analyzer/region-model.cc | |
| parent | 5b3496e2ea632463f4118928a87639454c87a859 (diff) | |
| download | gcc-0ea5e3f4542832b8da016b152695e64a2a386309.zip gcc-0ea5e3f4542832b8da016b152695e64a2a386309.tar.gz gcc-0ea5e3f4542832b8da016b152695e64a2a386309.tar.bz2 | |
analyzer: consider empty ranges and zero byte accesses [PR106845]
This patch adds handling of empty ranges in bit_range and byte_range and
adds an assertion to member functions that assume a positive size.
Further, the patch fixes an ICE caused by an empty byte_range passed to
byte_range::exceeds_p.
Regression-tested on Linux x86_64.
2022-09-10 Tim Lange <mail@tim-lange.me>
gcc/analyzer/ChangeLog:
PR analyzer/106845
* region-model.cc (region_model::check_region_bounds):
Bail out if 0 bytes were accessed.
* store.cc (byte_range::dump_to_pp):
Add special case for empty ranges.
(byte_range::exceeds_p): Restrict to non-empty ranges.
(byte_range::falls_short_of_p): Restrict to non-empty ranges.
* store.h (bit_range::empty_p): New function.
(bit_range::get_last_byte_offset): Restrict to non-empty ranges.
(byte_range::empty_p): New function.
(byte_range::get_last_byte_offset): Restrict to non-empty ranges.
gcc/testsuite/ChangeLog:
PR analyzer/106845
* gcc.dg/analyzer/out-of-bounds-zero.c: New test.
* gcc.dg/analyzer/pr106845.c: New test.
Diffstat (limited to 'gcc/analyzer/region-model.cc')
| -rw-r--r-- | gcc/analyzer/region-model.cc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc index 6eeb684..13b8e3e 100644 --- a/gcc/analyzer/region-model.cc +++ b/gcc/analyzer/region-model.cc @@ -1828,6 +1828,9 @@ region_model::check_region_bounds (const region *reg, /* Find out how many bytes were accessed. */ const svalue *num_bytes_sval = reg->get_byte_size_sval (m_mgr); tree num_bytes_tree = maybe_get_integer_cst_tree (num_bytes_sval); + /* Bail out if 0 bytes are accessed. */ + if (num_bytes_tree && zerop (num_bytes_tree)) + return; /* Get the capacity of the buffer. */ const svalue *capacity = get_capacity (base_reg); |