]> git.ipfire.org Git - thirdparty/gcc.git/blame - gcc/analyzer/ChangeLog
projects / thirdparty / gcc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
analyzer: fix ICE on unreachable calls [PR 93947]
[thirdparty/gcc.git] / gcc / analyzer / ChangeLog
CommitLineData
0ba70d1b
DM		 12020-02-26 David Malcolm <dmalcolm@redhat.com>
2
3 PR analyzer/93947
4 * region-model.cc (region_model::get_fndecl_for_call): Gracefully
5 fail for fn_decls that don't have a cgraph_node.
6
67fa274c
DM		 72020-02-26 David Malcolm <dmalcolm@redhat.com>
8
9 * bar-chart.cc: New file.
10 * bar-chart.h: New file.
11 * engine.cc: Include "analyzer/bar-chart.h".
12 (stats::log): Only log the m_num_nodes kinds that are non-zero.
13 (stats::dump): Likewise when dumping.
14 (stats::get_total_enodes): New.
15 (exploded_graph::get_or_create_node): Increment the per-point-data
16 m_excess_enodes when hitting the per-program-point limit on
17 enodes.
18 (exploded_graph::print_bar_charts): New.
19 (exploded_graph::log_stats): Log the number of unprocessed enodes
20 in the worklist. Call print_bar_charts.
21 (exploded_graph::dump_stats): Print the number of unprocessed
22 enodes in the worklist.
23 * exploded-graph.h (stats::get_total_enodes): New decl.
24 (struct per_program_point_data): Add field m_excess_enodes.
25 (exploded_graph::print_bar_charts): New decl.
26 * supergraph.cc (superedge::dump): New.
27 (superedge::dump): New.
28 * supergraph.h (supernode::get_function): New.
29 (superedge::dump): New decl.
30 (superedge::dump): New decl.
31
f2ca2088
DM		 322020-02-24 David Malcolm <dmalcolm@redhat.com>
33
34 * engine.cc (exploded_graph::get_or_create_node): Dump the
35 program_state to the pp, rather than to stderr.
36
b3d788a2
DM		 372020-02-24 David Malcolm <dmalcolm@redhat.com>
38
39 PR analyzer/93032
40 * sm.cc (make_checkers): Require the "taint" checker to be
41 explicitly enabled.
42
3a25f345
DM		 432020-02-24 David Malcolm <dmalcolm@redhat.com>
44
45 PR analyzer/93899
46 * engine.cc
47 (impl_region_model_context::impl_region_model_context): Add logger
48 param.
49 * engine.cc (exploded_graph::add_function_entry): Create an
50 impl_region_model_context and pass it to the push_frame call.
51 Bail if the resulting state is invalid.
52 (exploded_graph::build_initial_worklist): Likewise.
53 (exploded_graph::build_initial_worklist): Handle the case where
54 add_function_entry fails.
55 * exploded-graph.h
56 (impl_region_model_context::impl_region_model_context): Add logger
57 param.
58 * region-model.cc (map_region::get_or_create): Add ctxt param and
59 pass it to add_region_for_type.
60 (map_region::can_merge_p): Pass NULL as a ctxt to call to
61 get_or_create.
62 (array_region::get_element): Pass ctxt to call to get_or_create.
63 (array_region::get_or_create): Add ctxt param and pass it to
64 add_region_for_type.
65 (root_region::push_frame): Pass ctxt to get_or_create calls.
66 (region_model::get_lvalue_1): Likewise.
67 (region_model::make_region_for_unexpected_tree_code): Assert that
68 ctxt is non-NULL.
69 (region_model::get_rvalue_1): Pass ctxt to get_svalue_for_fndecl
70 and get_svalue_for_label calls.
71 (region_model::get_svalue_for_fndecl): Add ctxt param and pass it
72 to get_region_for_fndecl.
73 (region_model::get_region_for_fndecl): Add ctxt param and pass it
74 to get_or_create.
75 (region_model::get_svalue_for_label): Add ctxt param and pass it
76 to get_region_for_label.
77 (region_model::get_region_for_label): Add ctxt param and pass it
78 to get_region_for_fndecl and get_or_create.
79 (region_model::get_field_region): Add ctxt param and pass it to
80 get_or_create_view and get_or_create.
81 (make_region_for_type): Replace gcc_unreachable with return NULL.
82 (region_model::add_region_for_type): Add ctxt param. Handle a
83 return of NULL from make_region_for_type by calling
84 make_region_for_unexpected_tree_code.
85 (region_model::get_or_create_mem_ref): Pass ctxt to calls to
86 get_or_create_view.
87 (region_model::get_or_create_view): Add ctxt param and pass it to
88 add_region_for_type.
89 (selftest::test_state_merging): Pass ctxt to get_or_create_view.
90 * region-model.h (region_model::get_or_create): Add ctxt param.
91 (region_model::add_region_for_type): Likewise.
92 (region_model::get_svalue_for_fndecl): Likewise.
93 (region_model::get_svalue_for_label): Likewise.
94 (region_model::get_region_for_fndecl): Likewise.
95 (region_model::get_region_for_label): Likewise.
96 (region_model::get_field_region): Likewise.
97 (region_model::get_or_create_view): Likewise.
98
004f2c07
DM		 992020-02-24 David Malcolm <dmalcolm@redhat.com>
100
101 * checker-path.cc (superedge_event::should_filter_p): Update
102 filter for empty descriptions to cover verbosity level 3 as well
103 as 2.
104 * diagnostic-manager.cc: Include "analyzer/reachability.h".
105 (class path_builder): New class.
106 (diagnostic_manager::emit_saved_diagnostic): Create a path_builder
107 and pass it to build_emission_path, rather passing eg; similarly
108 for add_events_for_eedge and ext_state.
109 (diagnostic_manager::build_emission_path): Replace "eg" param
110 with a path_builder, pass it to add_events_for_eedge.
111 (diagnostic_manager::add_events_for_eedge): Replace ext_state
112 param with path_builder; pass it to add_events_for_superedge.
113 (diagnostic_manager::significant_edge_p): New.
114 (diagnostic_manager::add_events_for_superedge): Add path_builder
115 param. Reject insignificant edges at verbosity levels below 3.
116 (diagnostic_manager::prune_for_sm_diagnostic): Update highest
117 verbosity level to 4.
118 * diagnostic-manager.h (class path_builder): New forward decl.
119 (diagnostic_manager::build_emission_path): Replace "eg" param
120 with a path_builder.
121 (diagnostic_manager::add_events_for_eedge): Replace ext_state
122 param with path_builder.
123 (diagnostic_manager::significant_edge_p): New.
124 (diagnostic_manager::add_events_for_superedge): Add path_builder
125 param.
126 * reachability.h: New file.
127
0b2b45a6
DM		 1282020-02-18 David Malcolm <dmalcolm@redhat.com>
129
130 PR analyzer/93692
131 * analyzer.opt (fdump-analyzer-callgraph): Rewrite description.
132
4f40164a
DM		 1332020-02-18 David Malcolm <dmalcolm@redhat.com>
134
135 PR analyzer/93777
136 * region-model.cc (region_model::maybe_cast_1): Replace assertion
137 that build_cast returns non-NULL with a conditional, falling
138 through to the logic which returns a new unknown value of the
139 desired type if it fails.
140
2e623393
DM		 1412020-02-18 David Malcolm <dmalcolm@redhat.com>
142
143 PR analyzer/93778
144 * engine.cc (impl_region_model_context::on_unknown_tree_code):
145 Rename to...
146 (impl_region_model_context::on_unexpected_tree_code): ...this and
147 convert first argument from path_var to tree.
148 (exploded_node::on_stmt): Pass ctxt to purge_for_unknown_fncall.
149 * exploded-graph.h (region_model_context::on_unknown_tree_code):
150 Rename to...
151 (region_model_context::on_unexpected_tree_code): ...this and
152 convert first argument from path_var to tree.
153 * program-state.cc (sm_state_map::purge_for_unknown_fncall): Add
154 ctxt param and pass on to calls to get_rvalue.
155 * program-state.h (sm_state_map::purge_for_unknown_fncall): Add
156 ctxt param.
157 * region-model.cc (region_model::handle_unrecognized_call): Pass
158 ctxt on to call to get_rvalue.
159 (region_model::get_lvalue_1): Move body of default case to
160 region_model::make_region_for_unexpected_tree_code and call it.
161 Within COMPONENT_REF case, reject attempts to handle types other
162 than RECORD_TYPE and UNION_TYPE.
163 (region_model::make_region_for_unexpected_tree_code): New
164 function, based on default case of region_model::get_lvalue_1.
165 * region-model.h
166 (region_model::make_region_for_unexpected_tree_code): New decl.
167 (region_model::on_unknown_tree_code): Rename to...
168 (region_model::on_unexpected_tree_code): ...this and convert first
169 argument from path_var to tree.
170 (class test_region_model_context): Update vfunc implementation for
171 above change.
172
a674c7b8
DM		 1732020-02-18 David Malcolm <dmalcolm@redhat.com>
174
175 PR analyzer/93774
176 * region-model.cc
177 (region_model::convert_byte_offset_to_array_index): Use
178 int_size_in_bytes before calling size_in_bytes, to gracefully fail
179 on incomplete types.
180
d8cde6f9
DM		 1812020-02-17 David Malcolm <dmalcolm@redhat.com>
182
183 PR analyzer/93775
184 * region-model.cc (region_model::get_fndecl_for_call): Handle the
185 case where the code_region's get_tree_for_child_region returns
186 NULL.
187
f76a88eb
DM		 1882020-02-17 David Malcolm <dmalcolm@redhat.com>
189
190 PR analyzer/93388
191 * engine.cc (impl_region_model_context::on_unknown_tree_code):
192 New.
193 (exploded_graph::get_or_create_node): Reject invalid states.
194 * exploded-graph.h
195 (impl_region_model_context::on_unknown_tree_code): New decl.
196 (point_and_state::point_and_state): Assert that the state is
197 valid.
198 * program-state.cc (program_state::program_state): Initialize
199 m_valid to true.
200 (program_state::operator=): Copy m_valid.
201 (program_state::program_state): Likewise for move constructor.
202 (program_state::print): Print m_valid.
203 (program_state::dump_to_pp): Likewise.
204 * program-state.h (program_state::m_valid): New field.
205 * region-model.cc (region_model::get_lvalue_1): Implement the
206 default case by returning a new symbolic region and calling
207 the context's on_unknown_tree_code, rather than issuing an
208 internal_error. Implement VIEW_CONVERT_EXPR.
209 * region-model.h (region_model_context::on_unknown_tree_code): New
210 vfunc.
211 (test_region_model_context::on_unknown_tree_code): New.
212
0993ad65
DM		 2132020-02-17 David Malcolm <dmalcolm@redhat.com>
214
215 * sm-malloc.cc (malloc_diagnostic::describe_state_change): For
216 transition to the "null" state, only say "assuming" when
217 transitioning from the "unchecked" state.
218
67098787
DM		 2192020-02-17 David Malcolm <dmalcolm@redhat.com>
220
221 * diagnostic-manager.h (diagnostic_manager::get_saved_diagnostic):
222 Add const overload.
223 * engine.cc (exploded_node::dump_dot): Dump saved_diagnostics.
224 * exploded-graph.h (exploded_graph::get_diagnostic_manager): Add
225 const overload.
226
91f993b7
DM		 2272020-02-11 David Malcolm <dmalcolm@redhat.com>
228
229 PR analyzer/93288
230 * analysis-plan.cc (analysis_plan::use_summary_p): Look through
231 the ultimate_alias_target when getting the called function.
232 * engine.cc (exploded_node::on_stmt): Rename second "ctxt" to
233 "sm_ctxt". Use the region_model's get_fndecl_for_call rather than
234 gimple_call_fndecl.
235 * region-model.cc (region_model::get_fndecl_for_call): Use
236 ultimate_alias_target on fndecl.
237 * supergraph.cc (get_ultimate_function_for_cgraph_edge): New
238 function.
239 (supergraph_call_edge): Use it when rejecting edges without
240 functions.
241 (supergraph::supergraph): Use it to get the function for the
242 cgraph_edge when building interprocedural superedges.
243 (callgraph_superedge::get_callee_function): Use it.
244 * supergraph.h (supergraph::get_num_snodes): Make param const.
245 (supergraph::function_to_num_snodes_t): Make first type param
246 const.
247
a60d9889
DM		 2482020-02-11 David Malcolm <dmalcolm@redhat.com>
249
250 PR analyzer/93374
251 * engine.cc (exploded_edge::exploded_edge): Add ext_state param
252 and pass it to change.validate.
253 (exploded_graph::get_or_create_node): Move purging of change
254 svalues to also cover the case of reusing an existing enode.
255 (exploded_graph::add_edge): Pass m_ext_state to exploded_edge's
256 ctor.
257 * exploded-graph.h (exploded_edge::exploded_edge): Add ext_state
258 param.
259 * program-state.cc (state_change::sm_change::validate): Likewise.
260 Assert that m_sm_idx is sane. Use ext_state to validate
261 m_old_state and m_new_state.
262 (state_change::validate): Add ext_state param and pass it to
263 the sm_change validate calls.
264 * program-state.h (state_change::sm_change::validate): Add
265 ext_state param.
266 (state_change::validate): Likewise.
267
a0e4929b
DM		 2682020-02-11 David Malcolm <dmalcolm@redhat.com>
269
270 PR analyzer/93669
271 * engine.cc (exploded_graph::dump_exploded_nodes): Handle missing
272 case of STATUS_WORKLIST in implementation of
273 "__analyzer_dump_exploded_nodes".
274
cd28b759
DM		 2752020-02-11 David Malcolm <dmalcolm@redhat.com>
276
277 PR analyzer/93649
278 * constraint-manager.cc (constraint_manager::add_constraint): When
279 merging equivalence classes and updating m_constant, also update
280 m_cst_sid.
281 (constraint_manager::validate): If m_constant is non-NULL assert
282 that m_cst_sid is non-null and is valid.
283
5e17c1bd
DM		 2842020-02-11 David Malcolm <dmalcolm@redhat.com>
285
286 PR analyzer/93657
287 * analyzer.opt (fdump-analyzer): Reword description.
288 (fdump-analyzer-stderr): Likewise.
289
c46d057f
DM		 2902020-02-11 David Malcolm <dmalcolm@redhat.com>
291
292 * region-model.cc (print_quoted_type): New function.
293 (svalue::print): Use it to replace %qT.
294 (region::dump_to_pp): Likewise.
295 (region::dump_child_label): Likewise.
296 (region::print_fields): Likewise.
297
eb031d4b
DM		 2982020-02-10 David Malcolm <dmalcolm@redhat.com>
299
300 PR analyzer/93659
301 * analyzer.opt (-param=analyzer-max-recursion-depth=): Fix "tha"
302 -> "that" typo.
303 (Wanalyzer-use-of-uninitialized-value): Fix "initialized" ->
304 "uninitialized" typo.
305
e87deb37
DM		 3062020-02-10 David Malcolm <dmalcolm@redhat.com>
307
308 PR analyzer/93350
309 * region-model.cc (region_model::get_lvalue_1):
310 Handle BIT_FIELD_REF.
311 (make_region_for_type): Handle VECTOR_TYPE.
312
e953f958
DM		 3132020-02-10 David Malcolm <dmalcolm@redhat.com>
314
315 PR analyzer/93647
316 * diagnostic-manager.cc
317 (diagnostic_manager::prune_for_sm_diagnostic): Bulletproof against
318 VAR being constant.
319 * region-model.cc (region_model::get_lvalue_1): Provide a better
320 error message when encountering an unhandled tree code.
321
41a9e940
DM		 3222020-02-10 David Malcolm <dmalcolm@redhat.com>
323
324 PR analyzer/93405
325 * region-model.cc (region_model::get_lvalue_1): Implement
326 CONST_DECL.
327
cb273d81
DM		 3282020-02-06 David Malcolm <dmalcolm@redhat.com>
329
330 * region-model.cc (region_model::maybe_cast_1): Attempt to provide
331 a region_svalue if either type is a pointer, rather than if both
332 types are pointers.
333
a4d3bfc0
DM		 3342020-02-05 David Malcolm <dmalcolm@redhat.com>
335
336 * engine.cc (exploded_node::dump_dot): Show merger enodes.
337 (worklist::add_node): Assert that the node's m_status is
338 STATUS_WORKLIST.
339 (exploded_graph::process_worklist): Likewise for nodes from the
340 worklist. Set status of merged nodes to STATUS_MERGER.
341 (exploded_graph::process_node): Set status of node to
342 STATUS_PROCESSED.
343 (exploded_graph::dump_exploded_nodes): Rework handling of
344 "__analyzer_dump_exploded_nodes", splitting enodes by status into
345 "processed" and "merger", showing the count of just the processed
346 enodes at the call, rather than the count of all enodes.
347 * exploded-graph.h (exploded_node::status): New enum.
348 (exploded_node::exploded_node): Initialize m_status to
349 STATUS_WORKLIST.
350 (exploded_node::get_status): New getter.
351 (exploded_node::set_status): New setter.
352
1dae549d
DM		 3532020-02-04 David Malcolm <dmalcolm@redhat.com>
354
355 PR analyzer/93543
356 * engine.cc (pod_hash_traits<function_call_string>::mark_empty):
357 Eliminate reinterpret_cast.
358 (pod_hash_traits<function_call_string>::is_empty): Likewise.
359
833f1e66
DM		 3602020-02-03 David Malcolm <dmalcolm@redhat.com>
361
362 * constraint-manager.cc (range::constrained_to_single_element):
363 Replace fold_build2 with fold_binary. Remove unnecessary newline.
364 (constraint_manager::get_or_add_equiv_class): Replace fold_build2
365 with fold_binary in two places, and remove out-of-date comment.
366 (constraint_manager::eval_condition): Replace fold_build2 with
367 fold_binary.
368 * region-model.cc (constant_svalue::eval_condition): Likewise.
369 (region_model::on_assignment): Likewise.
370
8525d1f5
DM		 3712020-02-03 David Malcolm <dmalcolm@redhat.com>
372
373 PR analyzer/93544
374 * diagnostic-manager.cc
375 (diagnostic_manager::prune_for_sm_diagnostic): Bulletproof
376 against bad choices due to bad paths.
377 * engine.cc (impl_region_model_context::on_phi): New.
378 * exploded-graph.h (impl_region_model_context::on_phi): New decl.
379 * region-model.cc (region_model::on_longjmp): Likewise.
380 (region_model::handle_phi): Add phi param. Call the ctxt's on_phi
381 vfunc.
382 (region_model::update_for_phis): Pass phi to handle_phi.
383 * region-model.h (region_model::handle_phi): Add phi param.
384 (region_model_context::on_phi): New vfunc.
385 (test_region_model_context::on_phi): New.
386 * sm-malloc.cc (malloc_state_machine::on_phi): New.
387 (malloc_state_machine::on_zero_assignment): New.
388 * sm.h (state_machine::on_phi): New vfunc.
389
73f38658
DM		 3902020-02-03 David Malcolm <dmalcolm@redhat.com>
391
392 * engine.cc (supernode_cluster::dump_dot): Show BB index as
393 well as SN index.
394 * supergraph.cc (supernode::dump_dot): Likewise.
395
5e10b9a2
DM		 3962020-02-03 David Malcolm <dmalcolm@redhat.com>
397
398 PR analyzer/93546
399 * region-model.cc (region_model::on_call_pre): Update for new
400 param of symbolic_region ctor.
401 (region_model::deref_rvalue): Likewise.
402 (region_model::add_new_malloc_region): Likewise.
403 (make_region_for_type): Likewise, preserving type.
404 * region-model.h (symbolic_region::symbolic_region): Add "type"
405 param and pass it to base class ctor.
406
287ccd3b
DM		 4072020-02-03 David Malcolm <dmalcolm@redhat.com>
408
409 PR analyzer/93547
410 * constraint-manager.cc
411 (constraint_manager::get_or_add_equiv_class): Ensure types are
412 compatible before comparing constants.
413
67751724
DM		 4142020-01-31 David Malcolm <dmalcolm@redhat.com>
415
416 PR analyzer/93457
417 * region-model.cc (make_region_for_type): Use VOID_TYPE_P rather
418 than checking against void_type_node.
419
09bea584
DM		 4202020-01-31 David Malcolm <dmalcolm@redhat.com>
421
422 PR analyzer/93373
423 * region-model.cc (ASSERT_COMPAT_TYPES): Convert to...
424 (assert_compat_types): ...this, and bail when either type is NULL,
425 or when VOID_TYPE_P (dst_type).
426 (region_model::get_lvalue): Update for above conversion.
427 (region_model::get_rvalue): Likewise.
428
f1c807e8
DM		 4292020-01-31 David Malcolm <dmalcolm@redhat.com>
430
431 PR analyzer/93379
432 * region-model.cc (region_model::update_for_return_superedge):
433 Move check for null result so that it also guards setting the
434 lhs.
435
455f58ec
DM		 4362020-01-31 David Malcolm <dmalcolm@redhat.com>
437
438 PR analyzer/93438
439 * region-model.cc (stack_region::can_merge_p): Split into a two
440 pass approach, creating all stack regions first, then populating
441 them.
442 (selftest::test_state_merging): Add test coverage for (a) the case
443 of self-merging a model in which a local in an older stack frame
444 points to a local in a more recent stack frame (which previously
445 would ICE), and (b) the case of self-merging a model in which a
446 local points to a global (which previously worked OK).
447
182ce042
DM		 4482020-01-31 David Malcolm <dmalcolm@redhat.com>
449
450 * analyzer.cc (is_named_call_p): Replace tests for fndecl being
451 extern at file scope and having a non-NULL DECL_NAME with a call
452 to maybe_special_function_p.
453 * function-set.cc (function_set::contains_decl_p): Add call to
454 maybe_special_function_p.
455
45eb3e49
DM		 4562020-01-31 David Malcolm <dmalcolm@redhat.com>
457
458 PR analyzer/93450
459 * constraint-manager.cc
460 (constraint_manager::get_or_add_equiv_class): Only compare constants
461 if their types are compatible.
462 * region-model.cc (constant_svalue::eval_condition): Replace check
463 for identical types with call to types_compatible_p.
464
42f36563
DM		 4652020-01-30 David Malcolm <dmalcolm@redhat.com>
466
467 * program-state.cc (extrinsic_state::dump_to_pp): New.
468 (extrinsic_state::dump_to_file): New.
469 (extrinsic_state::dump): New.
470 * program-state.h (extrinsic_state::dump_to_pp): New decl.
471 (extrinsic_state::dump_to_file): New decl.
472 (extrinsic_state::dump): New decl.
473 * sm.cc: Include "pretty-print.h".
474 (state_machine::dump_to_pp): New.
475 * sm.h (state_machine::dump_to_pp): New decl.
476
ebe9174e
DM		 4772020-01-30 David Malcolm <dmalcolm@redhat.com>
478
479 * diagnostic-manager.cc (for_each_state_change): Use
480 extrinsic_state::get_num_checkers rather than accessing m_checkers
481 directly.
482 * program-state.cc (program_state::program_state): Likewise.
483 * program-state.h (extrinsic_state::m_checkers): Make private.
484
e978955d
DM		 4852020-01-30 David Malcolm <dmalcolm@redhat.com>
486
487 PR analyzer/93356
488 * region-model.cc (region_model::eval_condition): In both
489 overloads, bail out immediately on floating-point types.
490 (region_model::eval_condition_without_cm): Likewise.
491 (region_model::add_constraint): Likewise.
492
d177c49c
DM		 4932020-01-30 David Malcolm <dmalcolm@redhat.com>
494
495 PR analyzer/93450
496 * program-state.cc (sm_state_map::set_state): For the overload
497 taking an svalue_id, bail out if the set_state on the ec does
498 nothing. Convert the latter's return type from void to bool,
499 returning true if anything changed.
500 (sm_state_map::impl_set_state): Convert the return type from void
501 to bool, returning true if the state changed.
502 * program-state.h (sm_state_map::set_state): Convert return type
503 from void to bool.
504 (sm_state_map::impl_set_state): Likewise.
505 * region-model.cc (constant_svalue::eval_condition): Only call
506 fold_build2 if the types are the same.
507
7892ff37
JJ		 5082020-01-29 Jakub Jelinek <jakub@redhat.com>
509
510 * analyzer.h (PUSH_IGNORE_WFORMAT, POP_IGNORE_WFORMAT): Remove.
511 * constraint-manager.cc: Include diagnostic-core.h before graphviz.h.
512 (range::dump, equiv_class::print): Don't use PUSH_IGNORE_WFORMAT or
513 POP_IGNORE_WFORMAT.
514 * state-purge.cc: Include diagnostic-core.h before
515 gimple-pretty-print.h.
516 (state_purge_annotator::add_node_annotations, print_vec_of_names):
517 Don't use PUSH_IGNORE_WFORMAT or POP_IGNORE_WFORMAT.
518 * region-model.cc: Move diagnostic-core.h include before graphviz.h.
519 (path_var::dump, svalue::print, constant_svalue::print_details,
520 region::dump_to_pp, region::dump_child_label, region::print_fields,
521 map_region::print_fields, map_region::dump_dot_to_pp,
522 map_region::dump_child_label, array_region::print_fields,
523 array_region::dump_dot_to_pp): Don't use PUSH_IGNORE_WFORMAT or
524 POP_IGNORE_WFORMAT.
525
5aebfb71
DM		 5262020-01-28 David Malcolm <dmalcolm@redhat.com>
527
528 PR analyzer/93316
529 * engine.cc (rewind_info_t::update_model): Get the longjmp call
530 stmt via get_longjmp_call () rather than assuming it is the last
531 stmt in the longjmp's supernode.
532 (rewind_info_t::add_events_to_path): Get the location_t for the
533 rewind_from_longjmp_event via get_longjmp_call () rather than from
534 the supernode's get_end_location ().
535
6c8e5844
DM		 5362020-01-28 David Malcolm <dmalcolm@redhat.com>
537
538 * region-model.cc (poisoned_value_diagnostic::emit): Update for
539 renaming of warning_at overload to warning_meta.
540 * sm-file.cc (file_leak::emit): Likewise.
541 * sm-malloc.cc (double_free::emit): Likewise.
542 (possible_null_deref::emit): Likewise.
543 (possible_null_arg::emit): Likewise.
544 (null_deref::emit): Likewise.
545 (null_arg::emit): Likewise.
546 (use_after_free::emit): Likewise.
547 (malloc_leak::emit): Likewise.
548 (free_of_non_heap::emit): Likewise.
549 * sm-sensitive.cc (exposure_through_output_file::emit): Likewise.
550 * sm-signal.cc (signal_unsafe_call::emit): Likewise.
551 * sm-taint.cc (tainted_array_index::emit): Likewise.
552
8c08c983
DM		 5532020-01-27 David Malcolm <dmalcolm@redhat.com>
554
555 PR analyzer/93451
556 * region-model.cc (tree_cmp): For the REAL_CST case, impose an
557 arbitrary order on NaNs relative to other NaNs and to non-NaNs;
558 const-correctness tweak.
559 (ana::selftests::build_real_cst_from_string): New function.
560 (ana::selftests::append_interesting_constants): New function.
561 (ana::selftests::test_tree_cmp_on_constants): New test.
562 (ana::selftests::test_canonicalization_4): New test.
563 (ana::selftests::analyzer_region_model_cc_tests): Call the new
564 tests.
565
2fbea419
DM		 5662020-01-27 David Malcolm <dmalcolm@redhat.com>
567
568 PR analyzer/93349
569 * engine.cc (run_checkers): Save and restore input_location.
570
6a81cabc
DM		 5712020-01-27 David Malcolm <dmalcolm@redhat.com>
572
573 * call-string.cc (call_string::cmp_1): Delete, moving body to...
574 (call_string::cmp): ...here.
575 * call-string.h (call_string::cmp_1): Delete decl.
576 * engine.cc (worklist::key_t::cmp_1): Delete, moving body to...
577 (worklist::key_t::cmp): ...here. Implement hash comparisons
578 via comparison rather than subtraction to avoid overflow issues.
579 * exploded-graph.h (worklist::key_t::cmp_1): Delete decl.
580 * region-model.cc (tree_cmp): Eliminate buggy checking for
581 symmetry.
582
342e14ff
DM		 5832020-01-27 David Malcolm <dmalcolm@redhat.com>
584
585 * analyzer.cc (is_named_call_p): Check that fndecl is "extern"
586 and at file scope. Potentially disregard prefix _ or __ in
587 fndecl's name. Bail if the identifier is NULL.
588 (is_setjmp_call_p): Expect a gcall rather than plain gimple.
589 Remove special-case check for leading prefix, and also check for
590 sigsetjmp.
591 (is_longjmp_call_p): Also check for siglongjmp.
592 (get_user_facing_name): New function.
593 * analyzer.h (is_setjmp_call_p): Expect a gcall rather than plain
594 gimple.
595 (get_user_facing_name): New decl.
596 * checker-path.cc (setjmp_event::get_desc): Use
597 get_user_facing_name to avoid hardcoding the function name.
598 (rewind_event::rewind_event): Add rewind_info param, using it to
599 initialize new m_rewind_info field, and strengthen the assertion.
600 (rewind_from_longjmp_event::get_desc): Use get_user_facing_name to
601 avoid hardcoding the function name.
602 (rewind_to_setjmp_event::get_desc): Likewise.
603 * checker-path.h (setjmp_event::setjmp_event): Add setjmp_call
604 param and use it to initialize...
605 (setjmp_event::m_setjmp_call): New field.
606 (rewind_event::rewind_event): Add rewind_info param.
607 (rewind_event::m_rewind_info): New protected field.
608 (rewind_from_longjmp_event::rewind_from_longjmp_event): Add
609 rewind_info param.
610 (class rewind_to_setjmp_event): Move rewind_info field to parent
611 class.
612 * diagnostic-manager.cc (diagnostic_manager::add_events_for_eedge):
613 Update setjmp-handling for is_setjmp_call_p requiring a gcall;
614 pass the call to the new setjmp_event.
615 * engine.cc (exploded_node::on_stmt): Update for is_setjmp_call_p
616 requiring a gcall.
617 (stale_jmp_buf::emit): Use get_user_facing_name to avoid
618 hardcoding the function names.
619 (exploded_node::on_longjmp): Pass the longjmp_call when
620 constructing rewind_info.
621 (rewind_info_t::add_events_to_path): Pass the rewind_info_t to the
622 rewind_from_longjmp_event's ctor.
623 * exploded-graph.h (rewind_info_t::rewind_info_t): Add
624 longjmp_call param.
625 (rewind_info_t::get_longjmp_call): New.
626 (rewind_info_t::m_longjmp_call): New.
627 * region-model.cc (region_model::on_setjmp): Update comment to
628 indicate this is also for sigsetjmp.
629 * region-model.h (struct setjmp_record): Likewise.
630 (class setjmp_svalue): Likewise.
631
26d949c8
DM		 6322020-01-27 David Malcolm <dmalcolm@redhat.com>
633
634 PR analyzer/93276
635 * analyzer.h (PUSH_IGNORE_WFORMAT, POP_IGNORE_WFORMAT): Guard these
636 macros with GCC_VERSION >= 4006, making them no-op otherwise.
637 * engine.cc (exploded_edge::exploded_edge): Specify template for
638 base class initializer.
639 (exploded_graph::add_edge): Specify template when chaining up to
640 base class add_edge implementation.
641 (viz_callgraph_node::dump_dot): Drop redundant "typename".
642 (viz_callgraph_edge::viz_callgraph_edge): Specify template for
643 base class initializer.
644 * program-state.cc (sm_state_map::clone_with_remapping): Drop
645 redundant "typename".
646 (sm_state_map::print): Likewise.
647 (sm_state_map::hash): Likewise.
648 (sm_state_map::operator==): Likewise.
649 (sm_state_map::remap_svalue_ids): Likewise.
650 (sm_state_map::on_svalue_purge): Likewise.
651 (sm_state_map::validate): Likewise.
652 * program-state.h (sm_state_map::iterator_t): Likewise.
653 * supergraph.h (superedge::superedge): Specify template for base
654 class initializer.
655
648796da
DM		 6562020-01-23 David Malcolm <dmalcolm@redhat.com>
657
658 PR analyzer/93375
659 * supergraph.cc (callgraph_superedge::get_arg_for_parm): Fail
660 gracefully is the number of parameters at the callee exceeds the
661 number of arguments at the call stmt.
662 (callgraph_superedge::get_parm_for_arg): Likewise.
663
591b59eb
DM		 6642020-01-22 David Malcolm <dmalcolm@redhat.com>
665
666 PR analyzer/93382
667 * program-state.cc (sm_state_map::on_svalue_purge): If the
668 entry survives, but the origin is being purged, then reset the
669 origin to null.
670
c9c8aef4
DM		 6712020-01-22 David Malcolm <dmalcolm@redhat.com>
672
673 * sm-signal.cc: Fix nesting of CHECKING_P and namespace ana.
674
fd9982bb
DM		 6752020-01-22 David Malcolm <dmalcolm@redhat.com>
676
677 PR analyzer/93378
678 * engine.cc (setjmp_svalue::compare_fields): Update for
679 replacement of m_enode with m_setjmp_record.
680 (setjmp_svalue::add_to_hash): Likewise.
681 (setjmp_svalue::get_index): Rename...
682 (setjmp_svalue::get_enode_index): ...to this.
683 (setjmp_svalue::print_details): Update for replacement of m_enode
684 with m_setjmp_record.
685 (exploded_node::on_longjmp): Likewise.
686 * exploded-graph.h (rewind_info_t::m_enode_origin): Replace...
687 (rewind_info_t::m_setjmp_record): ...with this.
688 (rewind_info_t::rewind_info_t): Update for replacement of m_enode
689 with m_setjmp_record.
690 (rewind_info_t::get_setjmp_point): Likewise.
691 (rewind_info_t::get_setjmp_call): Likewise.
692 * region-model.cc (region_model::dump_summary_of_map): Likewise.
693 (region_model::on_setjmp): Likewise.
694 * region-model.h (struct setjmp_record): New struct.
695 (setjmp_svalue::m_enode): Replace...
696 (setjmp_svalue::m_setjmp_record): ...with this.
697 (setjmp_svalue::setjmp_svalue): Update for replacement of m_enode
698 with m_setjmp_record.
699 (setjmp_svalue::clone): Likewise.
700 (setjmp_svalue::get_index): Rename...
701 (setjmp_svalue::get_enode_index): ...to this.
702 (setjmp_svalue::get_exploded_node): Replace...
703 (setjmp_svalue::get_setjmp_record): ...with this.
704
da7cf663
DM		 7052020-01-22 David Malcolm <dmalcolm@redhat.com>
706
707 PR analyzer/93316
708 * analyzer.cc (is_setjmp_call_p): Check for "setjmp" as well as
709 "_setjmp".
710
75038aa6
DM		 7112020-01-22 David Malcolm <dmalcolm@redhat.com>
712
713 PR analyzer/93307
714 * analysis-plan.h: Wrap everything namespace "ana".
715 * analyzer-logging.cc: Likewise.
716 * analyzer-logging.h: Likewise.
717 * analyzer-pass.cc (pass_analyzer::execute): Update for "ana"
718 namespace.
719 * analyzer-selftests.cc: Wrap everything namespace "ana".
720 * analyzer-selftests.h: Likewise.
721 * analyzer.h: Likewise for forward decls of types.
722 * call-string.h: Likewise.
723 * checker-path.cc: Likewise.
724 * checker-path.h: Likewise.
725 * constraint-manager.cc: Likewise.
726 * constraint-manager.h: Likewise.
727 * diagnostic-manager.cc: Likewise.
728 * diagnostic-manager.h: Likewise.
729 * engine.cc: Likewise.
730 * engine.h: Likewise.
731 * exploded-graph.h: Likewise.
732 * function-set.cc: Likewise.
733 * function-set.h: Likewise.
734 * pending-diagnostic.cc: Likewise.
735 * pending-diagnostic.h: Likewise.
736 * program-point.cc: Likewise.
737 * program-point.h: Likewise.
738 * program-state.cc: Likewise.
739 * program-state.h: Likewise.
740 * region-model.cc: Likewise.
741 * region-model.h: Likewise.
742 * sm-file.cc: Likewise.
743 * sm-malloc.cc: Likewise.
744 * sm-pattern-test.cc: Likewise.
745 * sm-sensitive.cc: Likewise.
746 * sm-signal.cc: Likewise.
747 * sm-taint.cc: Likewise.
748 * sm.cc: Likewise.
749 * sm.h: Likewise.
750 * state-purge.h: Likewise.
751 * supergraph.cc: Likewise.
752 * supergraph.h: Likewise.
753
4f01e577
DM		 7542020-01-21 David Malcolm <dmalcolm@redhat.com>
755
756 PR analyzer/93352
757 * region-model.cc (int_cmp): Rename to...
758 (array_region::key_cmp): ...this, using key_t rather than int.
759 Rewrite in terms of comparisons rather than subtraction to
760 ensure qsort is anti-symmetric when handling extreme values.
761 (array_region::walk_for_canonicalization): Update for above
762 renaming.
763 * region-model.h (array_region::key_cmp): New decl.
764
07c86323
DM		 7652020-01-17 David Malcolm <dmalcolm@redhat.com>
766
767 PR analyzer/93290
768 * region-model.cc (region_model::eval_condition_without_cm): Avoid
769 gcc_unreachable for unexpected operations for the case where
770 we're comparing an svalue against itself.
771
5f030383
DM		 7722020-01-17 David Malcolm <dmalcolm@redhat.com>
773
774 PR analyzer/93281
775 * region-model.cc
776 (region_model::convert_byte_offset_to_array_index): Convert to
777 ssizetype before dividing by byte_size. Use fold_binary rather
778 than fold_build2 to avoid needlessly constructing a tree for the
779 non-const case.
780
49e9a999
DM		 7812020-01-15 David Malcolm <dmalcolm@redhat.com>
782
783 * engine.cc (class impl_region_model_context): Fix comment.
784
32077b69
DM		 7852020-01-14 David Malcolm <dmalcolm@redhat.com>
786
787 PR analyzer/93212
788 * region-model.cc (make_region_for_type): Use
789 FUNC_OR_METHOD_TYPE_P rather than comparing against FUNCTION_TYPE.
790 * region-model.h (function_region::function_region): Likewise.
791
7fb3669e
DM		 7922020-01-14 David Malcolm <dmalcolm@redhat.com>
793
794 * program-state.cc (sm_state_map::clone_with_remapping): Copy
795 m_global_state.
796 (selftest::test_program_state_merging_2): New selftest.
797 (selftest::analyzer_program_state_cc_tests): Call it.
798
e2a538b1
DM		 7992020-01-14 David Malcolm <dmalcolm@redhat.com>
800
801 * checker-path.h (checker_path::get_checker_event): New function.
802 (checker_path): Add DISABLE_COPY_AND_ASSIGN; make fields private.
803 * diagnostic-manager.cc
804 (diagnostic_manager::prune_for_sm_diagnostic): Replace direct
805 access to checker_path::m_events with accessor functions. Fix
806 overlong line.
807 (diagnostic_manager::prune_interproc_events): Replace direct
808 access to checker_path::m_events with accessor functions.
809 (diagnostic_manager::finish_pruning): Likewise.
810
94946989
DM		 8112020-01-14 David Malcolm <dmalcolm@redhat.com>
812
813 * checker-path.h (checker_event::clone): Delete vfunc decl.
814 (debug_event::clone): Delete vfunc impl.
815 (custom_event::clone): Delete vfunc impl.
816 (statement_event::clone): Delete vfunc impl.
817 (function_entry_event::clone): Delete vfunc impl.
818 (state_change_event::clone): Delete vfunc impl.
819 (start_cfg_edge_event::clone): Delete vfunc impl.
820 (end_cfg_edge_event::clone): Delete vfunc impl.
821 (call_event::clone): Delete vfunc impl.
822 (return_event::clone): Delete vfunc impl.
823 (setjmp_event::clone): Delete vfunc impl.
824 (rewind_from_longjmp_event::clone): Delete vfunc impl.
825 (rewind_to_setjmp_event::clone): Delete vfunc impl.
826 (warning_event::clone): Delete vfunc impl.
827
718930c0
DM		 8282020-01-14 David Malcolm <dmalcolm@redhat.com>
829
830 * supergraph.cc (supernode::dump_dot): Ensure that the TABLE
831 element has at least one TR.
832
8397af8e
DM		 8332020-01-14 David Malcolm <dmalcolm@redhat.com>
834
835 PR analyzer/58237
836 * engine.cc (leak_stmt_finder::find_stmt): Use get_pure_location
837 when comparing against UNKNOWN_LOCATION.
838 (stmt_requires_new_enode_p): Likewise.
839 (exploded_graph::dump_exploded_nodes): Likewise.
840 * supergraph.cc (supernode::get_start_location): Likewise.
841 (supernode::get_end_location): Likewise.
842
697251b7
DM		 8432020-01-14 David Malcolm <dmalcolm@redhat.com>
844
845 PR analyzer/58237
846 * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
847 selftest::analyzer_sm_file_cc_tests.
848 * analyzer-selftests.h (selftest::analyzer_sm_file_cc_tests): New
849 decl.
850 * sm-file.cc: Include "analyzer/function-set.h" and
851 "analyzer/analyzer-selftests.h".
852 (get_file_using_fns): New function.
853 (is_file_using_fn_p): New function.
854 (fileptr_state_machine::on_stmt): Return true for known functions.
855 (selftest::analyzer_sm_file_cc_tests): New function.
856
4804c5fe
DM		 8572020-01-14 David Malcolm <dmalcolm@redhat.com>
858
859 * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
860 selftest::analyzer_sm_signal_cc_tests.
861 * analyzer-selftests.h (selftest::analyzer_sm_signal_cc_tests):
862 New decl.
863 * sm-signal.cc: Include "analyzer/function-set.h" and
864 "analyzer/analyzer-selftests.h".
865 (get_async_signal_unsafe_fns): New function.
866 (signal_unsafe_p): Reimplement in terms of the above.
867 (selftest::analyzer_sm_signal_cc_tests): New function.
868
a6b5f19c
DM		 8692020-01-14 David Malcolm <dmalcolm@redhat.com>
870
871 * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
872 selftest::analyzer_function_set_cc_tests.
873 * analyzer-selftests.h (selftest::analyzer_function_set_cc_tests):
874 New decl.
875 * function-set.cc: New file.
876 * function-set.h: New file.
877
ef7827b0
DM		 8782020-01-14 David Malcolm <dmalcolm@redhat.com>
879
880 * analyzer.h (fndecl_has_gimple_body_p): New decl.
881 * engine.cc (impl_region_model_context::on_unknown_change): New
882 function.
883 (fndecl_has_gimple_body_p): Make non-static.
884 (exploded_node::on_stmt): Treat __analyzer_dump_exploded_nodes as
885 known. Track whether we have a call with unknown side-effects and
886 pass it to on_call_post.
887 * exploded-graph.h (impl_region_model_context::on_unknown_change):
888 New decl.
889 * program-state.cc (sm_state_map::on_unknown_change): New function.
890 * program-state.h (sm_state_map::on_unknown_change): New decl.
891 * region-model.cc: Include "bitmap.h".
892 (region_model::on_call_pre): Return a bool, capturing whether the
893 call has unknown side effects.
894 (region_model::on_call_post): Add arg "bool unknown_side_effects"
895 and if true, call handle_unrecognized_call.
896 (class reachable_regions): New class.
897 (region_model::handle_unrecognized_call): New function.
898 * region-model.h (region_model::on_call_pre): Return a bool.
899 (region_model::on_call_post): Add arg "bool unknown_side_effects".
900 (region_model::handle_unrecognized_call): New decl.
901 (region_model_context::on_unknown_change): New vfunc.
902 (test_region_model_context::on_unknown_change): New function.
903
14f9d7b9
DM		 9042020-01-14 David Malcolm <dmalcolm@redhat.com>
905
906 * diagnostic-manager.cc (saved_diagnostic::operator==): Move here
907 from header. Replace pointer equality test on m_var with call to
908 pending_diagnostic::same_tree_p.
909 * diagnostic-manager.h (saved_diagnostic::operator==): Move to
910 diagnostic-manager.cc.
911 * pending-diagnostic.cc (pending_diagnostic::same_tree_p): New.
912 * pending-diagnostic.h (pending_diagnostic::same_tree_p): New.
913 * sm-file.cc (file_diagnostic::subclass_equal_p): Replace pointer
914 equality on m_arg with call to pending_diagnostic::same_tree_p.
915 * sm-malloc.cc (malloc_diagnostic::subclass_equal_p): Likewise.
916 (possible_null_arg::subclass_equal_p): Likewise.
917 (null_arg::subclass_equal_p): Likewise.
918 (free_of_non_heap::subclass_equal_p): Likewise.
919 * sm-pattern-test.cc (pattern_match::operator==): Likewise.
920 * sm-sensitive.cc (exposure_through_output_file::operator==):
921 Likewise.
922 * sm-taint.cc (tainted_array_index::operator==): Likewise.
923
f474fbd5
DM		 9242020-01-14 David Malcolm <dmalcolm@redhat.com>
925
926 * diagnostic-manager.cc (dedupe_winners::add): Add logging
927 of deduplication decisions made.
928
757bf1df
DM		 9292020-01-14 David Malcolm <dmalcolm@redhat.com>
930
931 * ChangeLog: New file.
932 * analyzer-selftests.cc: New file.
933 * analyzer-selftests.h: New file.
934 * analyzer.opt: New file.
935 * analysis-plan.cc: New file.
936 * analysis-plan.h: New file.
937 * analyzer-logging.cc: New file.
938 * analyzer-logging.h: New file.
939 * analyzer-pass.cc: New file.
940 * analyzer.cc: New file.
941 * analyzer.h: New file.
942 * call-string.cc: New file.
943 * call-string.h: New file.
944 * checker-path.cc: New file.
945 * checker-path.h: New file.
946 * constraint-manager.cc: New file.
947 * constraint-manager.h: New file.
948 * diagnostic-manager.cc: New file.
949 * diagnostic-manager.h: New file.
950 * engine.cc: New file.
951 * engine.h: New file.
952 * exploded-graph.h: New file.
953 * pending-diagnostic.cc: New file.
954 * pending-diagnostic.h: New file.
955 * program-point.cc: New file.
956 * program-point.h: New file.
957 * program-state.cc: New file.
958 * program-state.h: New file.
959 * region-model.cc: New file.
960 * region-model.h: New file.
961 * sm-file.cc: New file.
962 * sm-malloc.cc: New file.
963 * sm-malloc.dot: New file.
964 * sm-pattern-test.cc: New file.
965 * sm-sensitive.cc: New file.
966 * sm-signal.cc: New file.
967 * sm-taint.cc: New file.
968 * sm.cc: New file.
969 * sm.h: New file.
970 * state-purge.cc: New file.
971 * state-purge.h: New file.
972 * supergraph.cc: New file.
973 * supergraph.h: New file.
974
9752019-12-13 David Malcolm <dmalcolm@redhat.com>
976
977 * Initial creation
978
979\f
980Copyright (C) 2019-2020 Free Software Foundation, Inc.
981
982Copying and distribution of this file, with or without modification,
983are permitted in any medium without royalty provided the copyright
984notice and this notice are preserved.
Mirror of https://gcc.gnu.org/git/gcc.git