]> git.ipfire.org Git - thirdparty/gcc.git/blame - gcc/analyzer/ChangeLog
projects / thirdparty / gcc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Update ChangeLog and version files for release
[thirdparty/gcc.git] / gcc / analyzer / ChangeLog
CommitLineData
7ff47281
JJ		 12022-06-28 Release Manager
2
3 * GCC 10.4.0 released.
4
f00b5710
RB		 52021-04-08 Release Manager
6
7 * GCC 10.3.0 released.
8
ee5c3db6
RB		 92020-07-23 Release Manager
10
11 * GCC 10.2.0 released.
12
6e6e3f14
JJ		 132020-05-07 Release Manager
14
15 * GCC 10.1.0 released.
16
5eae0ac7
DM		 172020-04-28 David Malcolm <dmalcolm@redhat.com>
18
19 PR analyzer/94816
20 * engine.cc (impl_region_model_context::on_unexpected_tree_code):
21 Handle NULL tree.
22 * region-model.cc (region_model::add_region_for_type): Handle
23 NULL type.
24 * region-model.h
25 (test_region_model_context::on_unexpected_tree_code): Handle NULL
26 tree.
27
78b97837
DM		 282020-04-28 David Malcolm <dmalcolm@redhat.com>
29
30 PR analyzer/94447
31 PR analyzer/94639
32 PR analyzer/94732
33 PR analyzer/94754
34 * analyzer.opt (Wanalyzer-use-of-uninitialized-value): Delete.
35 * program-state.cc (selftest::test_program_state_dumping): Update
36 expected dump result for removal of "uninit".
37 * region-model.cc (poison_kind_to_str): Delete POISON_KIND_UNINIT
38 case.
39 (root_region::ensure_stack_region): Initialize stack with null
40 svalue_id rather than with a typeless POISON_KIND_UNINIT value.
41 (root_region::ensure_heap_region): Likewise for the heap.
42 (region_model::dump_summary_of_rep_path_vars): Remove
43 summarization of uninit values.
44 (region_model::validate): Remove check that the stack has a
45 POISON_KIND_UNINIT value.
46 (poisoned_value_diagnostic::emit): Remove POISON_KIND_UNINIT
47 case.
48 (poisoned_value_diagnostic::describe_final_event): Likewise.
49 (selftest::test_dump): Update expected dump result for removal of
50 "uninit".
51 (selftest::test_svalue_equality): Remove "uninit" and "freed".
52 * region-model.h (enum poison_kind): Remove POISON_KIND_UNINIT.
53
a96f1c38
DM		 542020-04-01 David Malcolm <dmalcolm@redhat.com>
55
56 PR analyzer/94378
57 * checker-path.cc: Include "bitmap.h".
58 * constraint-manager.cc: Likewise.
59 * diagnostic-manager.cc: Likewise.
60 * engine.cc: Likewise.
61 (exploded_node::detect_leaks): Pass null region_id to pop_frame.
62 * program-point.cc: Include "bitmap.h".
63 * program-state.cc: Likewise.
64 * region-model.cc (id_set<region_id>::id_set): Convert to...
65 (region_id_set::region_id_set): ...this.
66 (svalue_id_set::svalue_id_set): New ctor.
67 (region_model::copy_region): New function.
68 (region_model::copy_struct_region): New function.
69 (region_model::copy_union_region): New function.
70 (region_model::copy_array_region): New function.
71 (stack_region::pop_frame): Drop return value. Add
72 "result_dst_rid" param; if it is non-null, use copy_region to copy
73 the result to it. Rather than capture and pass a single "known
74 used" return value to be used by purge_unused_values, instead
75 gather and pass a set of known used return values.
76 (root_region::pop_frame): Drop return value. Add "result_dst_rid"
77 param.
78 (region_model::on_assignment): Use copy_region.
79 (region_model::on_return): Likewise for the result.
80 (region_model::on_longjmp): Pass null for pop_frame's
81 result_dst_rid.
82 (region_model::update_for_return_superedge): Pass the region for the
83 return value of the call, if any, to pop_frame, rather than setting
84 the lvalue for the lhs of the result.
85 (region_model::pop_frame): Drop return value. Add
86 "result_dst_rid" param.
87 (region_model::purge_unused_svalues): Convert third param from an
88 svalue_id * to an svalue_id_set *, updating the initial populating
89 of the "used" bitmap accordingly. Don't remap it when done.
90 (struct selftest::coord_test): New selftest fixture, extracted from...
91 (selftest::test_dump_2): ...here.
92 (selftest::test_compound_assignment): New selftest.
93 (selftest::test_stack_frames): Pass null to new param of pop_frame.
94 (selftest::analyzer_region_model_cc_tests): Call the new selftest.
95 * region-model.h (class id_set): Delete template.
96 (class region_id_set): Reimplement, using old id_set implementation.
97 (class svalue_id_set): Likewise. Convert from auto_sbitmap to
98 auto_bitmap.
99 (region::get_active_view): New accessor.
100 (stack_region::pop_frame): Drop return value. Add
101 "result_dst_rid" param.
102 (root_region::pop_frame): Likewise.
103 (region_model::pop_frame): Likewise.
104 (region_model::copy_region): New decl.
105 (region_model::purge_unused_svalues): Convert third param from an
106 svalue_id * to an svalue_id_set *.
107 (region_model::copy_struct_region): New decl.
108 (region_model::copy_union_region): New decl.
109 (region_model::copy_array_region): New decl.
110
6969ac30
DM		 1112020-03-27 David Malcolm <dmalcolm@redhat.com>
112
113 * program-state.cc (selftest::test_program_state_dumping): Update
114 expected dump to include symbolic_region's possibly_null field.
115 * region-model.cc (symbolic_region::print_fields): New vfunc
116 implementation.
117 (region_model::add_constraint): Clear m_possibly_null from
118 symbolic_regions now known to be non-NULL.
119 (selftest::test_malloc_constraints): New selftest.
120 (selftest::analyzer_region_model_cc_tests): Call it.
121 * region-model.h (region::dyn_cast_symbolic_region): Add non-const
122 overload.
123 (symbolic_region::dyn_cast_symbolic_region): Implement it.
124 (symbolic_region::print_fields): New vfunc override decl.
125
42c63313
DM		 1262020-03-27 David Malcolm <dmalcolm@redhat.com>
127
128 * analyzer.h (class feasibility_problem): New forward decl.
129 * diagnostic-manager.cc (saved_diagnostic::saved_diagnostic):
130 Initialize new fields m_status, m_epath_length, and m_problem.
131 (saved_diagnostic::~saved_diagnostic): Delete m_problem.
132 (dedupe_candidate::dedupe_candidate): Convert "sd" param from a
133 const ref to a mutable ptr.
134 (dedupe_winners::add): Convert "sd" param from a const ref to a
135 mutable ptr. Record the length of the exploded_path. Record the
136 feasibility/infeasibility of sd into sd, capturing a
137 feasibility_problem when feasible_p fails, and storing it in sd.
138 (diagnostic_manager::emit_saved_diagnostics): Update for pass by
139 ptr rather than by const ref.
140 * diagnostic-manager.h (class saved_diagnostic): Add new enum
141 status. Add fields m_status, m_epath_length and m_problem.
142 (saved_diagnostic::set_feasible): New member function.
143 (saved_diagnostic::set_infeasible): New member function.
144 (saved_diagnostic::get_feasibility_problem): New accessor.
145 (saved_diagnostic::get_status): New accessor.
146 (saved_diagnostic::set_epath_length): New member function.
147 (saved_diagnostic::get_epath_length): New accessor.
148 * engine.cc: Include "gimple-pretty-print.h".
149 (exploded_path::feasible_p): Add OUT param and, if non-NULL, write
150 a new feasibility_problem to it on failure.
151 (viz_callgraph_node::dump_dot): Convert begin_tr calls to
152 begin_trtd. Convert end_tr calls to end_tdtr.
153 (class exploded_graph_annotator): New subclass of dot_annotator.
154 (impl_run_checkers): Add a second -fdump-analyzer-supergraph dump
155 after the analysis runs, using exploded_graph_annotator. dumping
156 to DUMP_BASE_NAME.supergraph-eg.dot.
157 * exploded-graph.h (exploded_node::get_dot_fillcolor): Make
158 public.
159 (exploded_path::feasible_p): Add OUT param.
160 (class feasibility_problem): New class.
161 * state-purge.cc (state_purge_annotator::add_node_annotations):
162 Return a bool, add a "within_table" param.
163 (print_vec_of_names): Convert begin_tr calls to begin_trtd.
164 Convert end_tr calls to end_tdtr.
165 (state_purge_annotator::add_stmt_annotations): Add "within_row"
166 param.
167 * state-purge.h ((state_purge_annotator::add_node_annotations):
168 Return a bool, add a "within_table" param.
169 (state_purge_annotator::add_stmt_annotations): Add "within_row"
170 param.
171 * supergraph.cc (supernode::dump_dot): Call add_node_annotations
172 twice: as before, passing false for "within_table", then again
173 with true when within the TABLE element. Convert some begin_tr
174 calls to begin_trtd, and some end_tr calls to end_tdtr.
175 Repeat each add_stmt_annotations call, distinguishing between
176 calls that add TRs and those that add TDs to an existing TR.
177 Add a call to add_after_node_annotations.
178 * supergraph.h (dot_annotator::add_node_annotations): Add a
179 "within_table" param.
180 (dot_annotator::add_stmt_annotations): Add a "within_row" param.
181 (dot_annotator::add_after_node_annotations): New vfunc.
182
8f023575
DM		 1832020-03-27 David Malcolm <dmalcolm@redhat.com>
184
185 * diagnostic-manager.cc (dedupe_winners::add): Show the
186 exploded_node index in the log messages.
187 (diagnostic_manager::emit_saved_diagnostics): Log a summary of
188 m_saved_diagnostics at entry.
189
4d661bb7
DM		 1902020-03-27 David Malcolm <dmalcolm@redhat.com>
191
192 * supergraph.cc (superedge::dump): Add space before description;
193 move newline to non-pretty_printer overload.
194
884d9141
DM		 1952020-03-18 David Malcolm <dmalcolm@redhat.com>
196
197 * region-model.cc: Include "stor-layout.h".
198 (region_model::dump_to_pp): Rather than calling
199 dump_summary_of_map on each of the current frame and the globals,
200 instead get a vec of representative path_vars for all regions,
201 and then dump a summary of all of them.
202 (region_model::dump_summary_of_map): Delete, rewriting into...
203 (region_model::dump_summary_of_rep_path_vars): ...this new
204 function, working on a vec of path_vars.
205 (region_model::set_value): New overload.
206 (region_model::get_representative_path_var): Rename
207 "parent_region" local to "parent_reg" and consolidate with other
208 local. Guard test for grandparent being stack on parent_reg being
209 non-NULL. Move handling for parent being an array_region to
210 within guard for parent_reg being non-NULL.
211 (selftest::make_test_compound_type): New function.
212 (selftest::test_dump_2): New selftest.
213 (selftest::test_dump_3): New selftest.
214 (selftest::test_stack_frames): Update expected output from
215 simplified dump to show "a" and "b" from parent frame and "y" in
216 child frame.
217 (selftest::analyzer_region_model_cc_tests): Call test_dump_2 and
218 test_dump_3.
219 * region-model.h (region_model::set_value): New overload decl.
220 (region_model::dump_summary_of_map): Delete.
221 (region_model::dump_summary_of_rep_path_vars): New.
222
7d9c107a
DM		 2232020-03-18 David Malcolm <dmalcolm@redhat.com>
224
225 * region-model.h (class noop_region_model_context): New subclass
226 of region_model_context.
227 (class tentative_region_model_context): Inherit from
228 noop_region_model_context rather than from region_model_context;
229 drop redundant vfunc implementations.
230 (class test_region_model_context): Likewise.
231
0db2cd17
DM		 2322020-03-18 David Malcolm <dmalcolm@redhat.com>
233
234 * engine.cc (exploded_node::exploded_node): Move implementation
235 here from header; accept point_and_state by const reference rather
236 than by value.
237 * exploded-graph.h (exploded_node::exploded_node): Pass
238 point_and_state by const reference rather than by value. Move
239 body to engine.cc.
240
d5029d45
JJ		 2412020-03-18 Jakub Jelinek <jakub@redhat.com>
242
243 * sm-malloc.cc (malloc_state_machine::on_stmt): Fix up duplicated word
244 issue in a comment.
245 * region-model.cc (region_model::make_region_for_unexpected_tree_code,
246 region_model::delete_region_and_descendents): Likewise.
247 * engine.cc (class exploded_cluster): Likewise.
248 * diagnostic-manager.cc (class path_builder): Likewise.
249
5c048755
DM		 2502020-03-13 David Malcolm <dmalcolm@redhat.com>
251
252 PR analyzer/94099
253 PR analyzer/94105
254 * diagnostic-manager.cc (for_each_state_change): Bulletproof
255 against errors in get_rvalue by passing a
256 tentative_region_model_context and rejecting if there's an error.
257 * region-model.cc (region_model::get_lvalue_1): When handling
258 ARRAY_REF, handle results of error-handling. Handle NOP_EXPR.
259
90f7c300
DM		 2602020-03-06 David Malcolm <dmalcolm@redhat.com>
261
262 * analyzer.h (class array_region): New forward decl.
263 * program-state.cc (selftest::test_program_state_dumping_2): New.
264 (selftest::analyzer_program_state_cc_tests): Call it.
265 * region-model.cc (array_region::constant_from_key): New.
266 (region_model::get_representative_tree): Handle region_svalue by
267 generating an ADDR_EXPR.
268 (region_model::get_representative_path_var): In view handling,
269 remove erroneous TREE_TYPE when determining the type of the tree.
270 Handle array regions and STRING_CST.
271 (selftest::assert_dump_tree_eq): New.
272 (ASSERT_DUMP_TREE_EQ): New macro.
273 (selftest::test_get_representative_tree): New selftest.
274 (selftest::analyzer_region_model_cc_tests): Call it.
275 * region-model.h (region::dyn_cast_array_region): New vfunc.
276 (array_region::dyn_cast_array_region): New vfunc implementation.
277 (array_region::constant_from_key): New decl.
278
41f99ba6
DM		 2792020-03-06 David Malcolm <dmalcolm@redhat.com>
280
281 * analyzer.h (dump_quoted_tree): New decl.
282 * engine.cc (exploded_node::dump_dot): Pass region model to
283 sm_state_map::print.
284 * program-state.cc: Include diagnostic-core.h.
285 (sm_state_map::print): Add "model" param and use it to print
286 representative trees. Only print origin information if non-null.
287 (sm_state_map::dump): Pass NULL for model to print call.
288 (program_state::print): Pass region model to sm_state_map::print.
289 (program_state::dump_to_pp): Use spaces rather than newlines when
290 summarizing. Pass region_model to sm_state_map::print.
291 (ana::selftest::assert_dump_eq): New function.
292 (ASSERT_DUMP_EQ): New macro.
293 (ana::selftest::test_program_state_dumping): New function.
294 (ana::selftest::analyzer_program_state_cc_tests): Call it.
295 * program-state.h (program_state::print): Add model param.
296 * region-model.cc (dump_quoted_tree): New function.
297 (map_region::print_fields): Use dump_quoted_tree rather than
298 %qE to avoid lang-dependent output.
299 (map_region::dump_child_label): Likewise.
300 (region_model::dump_summary_of_map): For SK_REGION, when
301 get_representative_path_var fails, print the region id rather than
302 erroneously printing NULL.
303 * sm.cc (state_machine::get_state_by_name): New function.
304 * sm.h (state_machine::get_state_by_name): New decl.
305
3c1645a3
DM		 3062020-03-04 David Malcolm <dmalcolm@redhat.com>
307
308 * region-model.cc (region::validate): Convert model param from ptr
309 to reference. Update comment to reflect that it's now a vfunc.
310 (map_region::validate): New vfunc implementation.
311 (array_region::validate): New vfunc implementation.
312 (stack_region::validate): New vfunc implementation.
313 (root_region::validate): New vfunc implementation.
314 (region_model::validate): Pass a reference rather than a pointer
315 to the region::validate vfunc.
316 * region-model.h (region::validate): Make virtual. Convert model
317 param from ptr to reference.
318 (map_region::validate): New vfunc decl.
319 (array_region::validate): New vfunc decl.
320 (stack_region::validate): New vfunc decl.
321 (root_region::validate): New vfunc decl.
322
e516294a
DM		 3232020-03-04 David Malcolm <dmalcolm@redhat.com>
324
325 PR analyzer/93993
326 * region-model.cc (region_model::on_call_pre): Handle
327 BUILT_IN_EXPECT and its variants.
328 (region_model::add_any_constraints_from_ssa_def_stmt): Split out
329 gassign handling into add_any_constraints_from_gassign; add gcall
330 handling.
331 (region_model::add_any_constraints_from_gassign): New function,
332 based on the above. Add handling for NOP_EXPR.
333 (region_model::add_any_constraints_from_gcall): New function.
334 (region_model::get_representative_path_var): Handle views.
335 * region-model.h
336 (region_model::add_any_constraints_from_ssa_def_stmt): New decl.
337 (region_model::add_any_constraints_from_gassign): New decl.
338
3d66e153
DM		 3392020-03-04 David Malcolm <dmalcolm@redhat.com>
340
341 PR analyzer/93993
342 * checker-path.h (state_change_event::get_lvalue): Add ctxt param
343 and pass it to region_model::get_value call.
344 * diagnostic-manager.cc (get_any_origin): Pass a
345 tentative_region_model_context to the calls to get_lvalue and reject
346 the comparison if errors occur.
347 (can_be_expr_of_interest_p): New function.
348 (diagnostic_manager::prune_for_sm_diagnostic): Replace checks for
349 CONSTANT_CLASS_P with calls to update_for_unsuitable_sm_exprs.
350 Pass a tentative_region_model_context to the calls to
351 state_change_event::get_lvalue and reject the comparison if errors
352 occur.
353 (diagnostic_manager::update_for_unsuitable_sm_exprs): New.
354 * diagnostic-manager.h
355 (diagnostic_manager::update_for_unsuitable_sm_exprs): New decl.
356 * region-model.h (class tentative_region_model_context): New class.
357
13e3ba14
DM		 3582020-03-04 David Malcolm <dmalcolm@redhat.com>
359
360 * engine.cc (worklist::worklist): Remove unused field m_eg.
361 (class viz_callgraph_edge): Remove unused field m_call_sedge.
362 (class viz_callgraph): Remove unused field m_sg.
363 * exploded-graph.h (worklist::::m_eg): Remove unused field.
364
13b76912
DM		 3652020-03-02 David Malcolm <dmalcolm@redhat.com>
366
367 * analyzer.opt (fanalyzer-show-duplicate-count): New option.
368 * diagnostic-manager.cc
369 (diagnostic_manager::emit_saved_diagnostic): Use the above to
370 guard the printing of the duplicate count.
371
9f00b22f
DM		 3722020-03-02 David Malcolm <dmalcolm@redhat.com>
373
374 PR analyzer/93959
375 * analyzer.cc (is_std_function_p): New function.
376 (is_std_named_call_p): New functions.
377 * analyzer.h (is_std_named_call_p): New decl.
378 * sm-malloc.cc (malloc_state_machine::on_stmt): Check for "std::"
379 variants when checking for malloc, calloc and free.
380
71b633aa
DM		 3812020-02-26 David Malcolm <dmalcolm@redhat.com>
382
383 PR analyzer/93950
384 * diagnostic-manager.cc
385 (diagnostic_manager::prune_for_sm_diagnostic): Assert that var is
386 either NULL or not a constant. When updating var, bulletproof
387 against constant values.
388
0ba70d1b
DM		 3892020-02-26 David Malcolm <dmalcolm@redhat.com>
390
391 PR analyzer/93947
392 * region-model.cc (region_model::get_fndecl_for_call): Gracefully
393 fail for fn_decls that don't have a cgraph_node.
394
67fa274c
DM		 3952020-02-26 David Malcolm <dmalcolm@redhat.com>
396
397 * bar-chart.cc: New file.
398 * bar-chart.h: New file.
399 * engine.cc: Include "analyzer/bar-chart.h".
400 (stats::log): Only log the m_num_nodes kinds that are non-zero.
401 (stats::dump): Likewise when dumping.
402 (stats::get_total_enodes): New.
403 (exploded_graph::get_or_create_node): Increment the per-point-data
404 m_excess_enodes when hitting the per-program-point limit on
405 enodes.
406 (exploded_graph::print_bar_charts): New.
407 (exploded_graph::log_stats): Log the number of unprocessed enodes
408 in the worklist. Call print_bar_charts.
409 (exploded_graph::dump_stats): Print the number of unprocessed
410 enodes in the worklist.
411 * exploded-graph.h (stats::get_total_enodes): New decl.
412 (struct per_program_point_data): Add field m_excess_enodes.
413 (exploded_graph::print_bar_charts): New decl.
414 * supergraph.cc (superedge::dump): New.
415 (superedge::dump): New.
416 * supergraph.h (supernode::get_function): New.
417 (superedge::dump): New decl.
418 (superedge::dump): New decl.
419
f2ca2088
DM		 4202020-02-24 David Malcolm <dmalcolm@redhat.com>
421
422 * engine.cc (exploded_graph::get_or_create_node): Dump the
423 program_state to the pp, rather than to stderr.
424
b3d788a2
DM		 4252020-02-24 David Malcolm <dmalcolm@redhat.com>
426
427 PR analyzer/93032
428 * sm.cc (make_checkers): Require the "taint" checker to be
429 explicitly enabled.
430
3a25f345
DM		 4312020-02-24 David Malcolm <dmalcolm@redhat.com>
432
433 PR analyzer/93899
434 * engine.cc
435 (impl_region_model_context::impl_region_model_context): Add logger
436 param.
437 * engine.cc (exploded_graph::add_function_entry): Create an
438 impl_region_model_context and pass it to the push_frame call.
439 Bail if the resulting state is invalid.
440 (exploded_graph::build_initial_worklist): Likewise.
441 (exploded_graph::build_initial_worklist): Handle the case where
442 add_function_entry fails.
443 * exploded-graph.h
444 (impl_region_model_context::impl_region_model_context): Add logger
445 param.
446 * region-model.cc (map_region::get_or_create): Add ctxt param and
447 pass it to add_region_for_type.
448 (map_region::can_merge_p): Pass NULL as a ctxt to call to
449 get_or_create.
450 (array_region::get_element): Pass ctxt to call to get_or_create.
451 (array_region::get_or_create): Add ctxt param and pass it to
452 add_region_for_type.
453 (root_region::push_frame): Pass ctxt to get_or_create calls.
454 (region_model::get_lvalue_1): Likewise.
455 (region_model::make_region_for_unexpected_tree_code): Assert that
456 ctxt is non-NULL.
457 (region_model::get_rvalue_1): Pass ctxt to get_svalue_for_fndecl
458 and get_svalue_for_label calls.
459 (region_model::get_svalue_for_fndecl): Add ctxt param and pass it
460 to get_region_for_fndecl.
461 (region_model::get_region_for_fndecl): Add ctxt param and pass it
462 to get_or_create.
463 (region_model::get_svalue_for_label): Add ctxt param and pass it
464 to get_region_for_label.
465 (region_model::get_region_for_label): Add ctxt param and pass it
466 to get_region_for_fndecl and get_or_create.
467 (region_model::get_field_region): Add ctxt param and pass it to
468 get_or_create_view and get_or_create.
469 (make_region_for_type): Replace gcc_unreachable with return NULL.
470 (region_model::add_region_for_type): Add ctxt param. Handle a
471 return of NULL from make_region_for_type by calling
472 make_region_for_unexpected_tree_code.
473 (region_model::get_or_create_mem_ref): Pass ctxt to calls to
474 get_or_create_view.
475 (region_model::get_or_create_view): Add ctxt param and pass it to
476 add_region_for_type.
477 (selftest::test_state_merging): Pass ctxt to get_or_create_view.
478 * region-model.h (region_model::get_or_create): Add ctxt param.
479 (region_model::add_region_for_type): Likewise.
480 (region_model::get_svalue_for_fndecl): Likewise.
481 (region_model::get_svalue_for_label): Likewise.
482 (region_model::get_region_for_fndecl): Likewise.
483 (region_model::get_region_for_label): Likewise.
484 (region_model::get_field_region): Likewise.
485 (region_model::get_or_create_view): Likewise.
486
004f2c07
DM		 4872020-02-24 David Malcolm <dmalcolm@redhat.com>
488
489 * checker-path.cc (superedge_event::should_filter_p): Update
490 filter for empty descriptions to cover verbosity level 3 as well
491 as 2.
492 * diagnostic-manager.cc: Include "analyzer/reachability.h".
493 (class path_builder): New class.
494 (diagnostic_manager::emit_saved_diagnostic): Create a path_builder
495 and pass it to build_emission_path, rather passing eg; similarly
496 for add_events_for_eedge and ext_state.
497 (diagnostic_manager::build_emission_path): Replace "eg" param
498 with a path_builder, pass it to add_events_for_eedge.
499 (diagnostic_manager::add_events_for_eedge): Replace ext_state
500 param with path_builder; pass it to add_events_for_superedge.
501 (diagnostic_manager::significant_edge_p): New.
502 (diagnostic_manager::add_events_for_superedge): Add path_builder
503 param. Reject insignificant edges at verbosity levels below 3.
504 (diagnostic_manager::prune_for_sm_diagnostic): Update highest
505 verbosity level to 4.
506 * diagnostic-manager.h (class path_builder): New forward decl.
507 (diagnostic_manager::build_emission_path): Replace "eg" param
508 with a path_builder.
509 (diagnostic_manager::add_events_for_eedge): Replace ext_state
510 param with path_builder.
511 (diagnostic_manager::significant_edge_p): New.
512 (diagnostic_manager::add_events_for_superedge): Add path_builder
513 param.
514 * reachability.h: New file.
515
0b2b45a6
DM		 5162020-02-18 David Malcolm <dmalcolm@redhat.com>
517
518 PR analyzer/93692
519 * analyzer.opt (fdump-analyzer-callgraph): Rewrite description.
520
4f40164a
DM		 5212020-02-18 David Malcolm <dmalcolm@redhat.com>
522
523 PR analyzer/93777
524 * region-model.cc (region_model::maybe_cast_1): Replace assertion
525 that build_cast returns non-NULL with a conditional, falling
526 through to the logic which returns a new unknown value of the
527 desired type if it fails.
528
2e623393
DM		 5292020-02-18 David Malcolm <dmalcolm@redhat.com>
530
531 PR analyzer/93778
532 * engine.cc (impl_region_model_context::on_unknown_tree_code):
533 Rename to...
534 (impl_region_model_context::on_unexpected_tree_code): ...this and
535 convert first argument from path_var to tree.
536 (exploded_node::on_stmt): Pass ctxt to purge_for_unknown_fncall.
537 * exploded-graph.h (region_model_context::on_unknown_tree_code):
538 Rename to...
539 (region_model_context::on_unexpected_tree_code): ...this and
540 convert first argument from path_var to tree.
541 * program-state.cc (sm_state_map::purge_for_unknown_fncall): Add
542 ctxt param and pass on to calls to get_rvalue.
543 * program-state.h (sm_state_map::purge_for_unknown_fncall): Add
544 ctxt param.
545 * region-model.cc (region_model::handle_unrecognized_call): Pass
546 ctxt on to call to get_rvalue.
547 (region_model::get_lvalue_1): Move body of default case to
548 region_model::make_region_for_unexpected_tree_code and call it.
549 Within COMPONENT_REF case, reject attempts to handle types other
550 than RECORD_TYPE and UNION_TYPE.
551 (region_model::make_region_for_unexpected_tree_code): New
552 function, based on default case of region_model::get_lvalue_1.
553 * region-model.h
554 (region_model::make_region_for_unexpected_tree_code): New decl.
555 (region_model::on_unknown_tree_code): Rename to...
556 (region_model::on_unexpected_tree_code): ...this and convert first
557 argument from path_var to tree.
558 (class test_region_model_context): Update vfunc implementation for
559 above change.
560
a674c7b8
DM		 5612020-02-18 David Malcolm <dmalcolm@redhat.com>
562
563 PR analyzer/93774
564 * region-model.cc
565 (region_model::convert_byte_offset_to_array_index): Use
566 int_size_in_bytes before calling size_in_bytes, to gracefully fail
567 on incomplete types.
568
d8cde6f9
DM		 5692020-02-17 David Malcolm <dmalcolm@redhat.com>
570
571 PR analyzer/93775
572 * region-model.cc (region_model::get_fndecl_for_call): Handle the
573 case where the code_region's get_tree_for_child_region returns
574 NULL.
575
f76a88eb
DM		 5762020-02-17 David Malcolm <dmalcolm@redhat.com>
577
578 PR analyzer/93388
579 * engine.cc (impl_region_model_context::on_unknown_tree_code):
580 New.
581 (exploded_graph::get_or_create_node): Reject invalid states.
582 * exploded-graph.h
583 (impl_region_model_context::on_unknown_tree_code): New decl.
584 (point_and_state::point_and_state): Assert that the state is
585 valid.
586 * program-state.cc (program_state::program_state): Initialize
587 m_valid to true.
588 (program_state::operator=): Copy m_valid.
589 (program_state::program_state): Likewise for move constructor.
590 (program_state::print): Print m_valid.
591 (program_state::dump_to_pp): Likewise.
592 * program-state.h (program_state::m_valid): New field.
593 * region-model.cc (region_model::get_lvalue_1): Implement the
594 default case by returning a new symbolic region and calling
595 the context's on_unknown_tree_code, rather than issuing an
596 internal_error. Implement VIEW_CONVERT_EXPR.
597 * region-model.h (region_model_context::on_unknown_tree_code): New
598 vfunc.
599 (test_region_model_context::on_unknown_tree_code): New.
600
0993ad65
DM		 6012020-02-17 David Malcolm <dmalcolm@redhat.com>
602
603 * sm-malloc.cc (malloc_diagnostic::describe_state_change): For
604 transition to the "null" state, only say "assuming" when
605 transitioning from the "unchecked" state.
606
67098787
DM		 6072020-02-17 David Malcolm <dmalcolm@redhat.com>
608
609 * diagnostic-manager.h (diagnostic_manager::get_saved_diagnostic):
610 Add const overload.
611 * engine.cc (exploded_node::dump_dot): Dump saved_diagnostics.
612 * exploded-graph.h (exploded_graph::get_diagnostic_manager): Add
613 const overload.
614
91f993b7
DM		 6152020-02-11 David Malcolm <dmalcolm@redhat.com>
616
617 PR analyzer/93288
618 * analysis-plan.cc (analysis_plan::use_summary_p): Look through
619 the ultimate_alias_target when getting the called function.
620 * engine.cc (exploded_node::on_stmt): Rename second "ctxt" to
621 "sm_ctxt". Use the region_model's get_fndecl_for_call rather than
622 gimple_call_fndecl.
623 * region-model.cc (region_model::get_fndecl_for_call): Use
624 ultimate_alias_target on fndecl.
625 * supergraph.cc (get_ultimate_function_for_cgraph_edge): New
626 function.
627 (supergraph_call_edge): Use it when rejecting edges without
628 functions.
629 (supergraph::supergraph): Use it to get the function for the
630 cgraph_edge when building interprocedural superedges.
631 (callgraph_superedge::get_callee_function): Use it.
632 * supergraph.h (supergraph::get_num_snodes): Make param const.
633 (supergraph::function_to_num_snodes_t): Make first type param
634 const.
635
a60d9889
DM		 6362020-02-11 David Malcolm <dmalcolm@redhat.com>
637
638 PR analyzer/93374
639 * engine.cc (exploded_edge::exploded_edge): Add ext_state param
640 and pass it to change.validate.
641 (exploded_graph::get_or_create_node): Move purging of change
642 svalues to also cover the case of reusing an existing enode.
643 (exploded_graph::add_edge): Pass m_ext_state to exploded_edge's
644 ctor.
645 * exploded-graph.h (exploded_edge::exploded_edge): Add ext_state
646 param.
647 * program-state.cc (state_change::sm_change::validate): Likewise.
648 Assert that m_sm_idx is sane. Use ext_state to validate
649 m_old_state and m_new_state.
650 (state_change::validate): Add ext_state param and pass it to
651 the sm_change validate calls.
652 * program-state.h (state_change::sm_change::validate): Add
653 ext_state param.
654 (state_change::validate): Likewise.
655
a0e4929b
DM		 6562020-02-11 David Malcolm <dmalcolm@redhat.com>
657
658 PR analyzer/93669
659 * engine.cc (exploded_graph::dump_exploded_nodes): Handle missing
660 case of STATUS_WORKLIST in implementation of
661 "__analyzer_dump_exploded_nodes".
662
cd28b759
DM		 6632020-02-11 David Malcolm <dmalcolm@redhat.com>
664
665 PR analyzer/93649
666 * constraint-manager.cc (constraint_manager::add_constraint): When
667 merging equivalence classes and updating m_constant, also update
668 m_cst_sid.
669 (constraint_manager::validate): If m_constant is non-NULL assert
670 that m_cst_sid is non-null and is valid.
671
5e17c1bd
DM		 6722020-02-11 David Malcolm <dmalcolm@redhat.com>
673
674 PR analyzer/93657
675 * analyzer.opt (fdump-analyzer): Reword description.
676 (fdump-analyzer-stderr): Likewise.
677
c46d057f
DM		 6782020-02-11 David Malcolm <dmalcolm@redhat.com>
679
680 * region-model.cc (print_quoted_type): New function.
681 (svalue::print): Use it to replace %qT.
682 (region::dump_to_pp): Likewise.
683 (region::dump_child_label): Likewise.
684 (region::print_fields): Likewise.
685
eb031d4b
DM		 6862020-02-10 David Malcolm <dmalcolm@redhat.com>
687
688 PR analyzer/93659
689 * analyzer.opt (-param=analyzer-max-recursion-depth=): Fix "tha"
690 -> "that" typo.
691 (Wanalyzer-use-of-uninitialized-value): Fix "initialized" ->
692 "uninitialized" typo.
693
e87deb37
DM		 6942020-02-10 David Malcolm <dmalcolm@redhat.com>
695
696 PR analyzer/93350
697 * region-model.cc (region_model::get_lvalue_1):
698 Handle BIT_FIELD_REF.
699 (make_region_for_type): Handle VECTOR_TYPE.
700
e953f958
DM		 7012020-02-10 David Malcolm <dmalcolm@redhat.com>
702
703 PR analyzer/93647
704 * diagnostic-manager.cc
705 (diagnostic_manager::prune_for_sm_diagnostic): Bulletproof against
706 VAR being constant.
707 * region-model.cc (region_model::get_lvalue_1): Provide a better
708 error message when encountering an unhandled tree code.
709
41a9e940
DM		 7102020-02-10 David Malcolm <dmalcolm@redhat.com>
711
712 PR analyzer/93405
713 * region-model.cc (region_model::get_lvalue_1): Implement
714 CONST_DECL.
715
cb273d81
DM		 7162020-02-06 David Malcolm <dmalcolm@redhat.com>
717
718 * region-model.cc (region_model::maybe_cast_1): Attempt to provide
719 a region_svalue if either type is a pointer, rather than if both
720 types are pointers.
721
a4d3bfc0
DM		 7222020-02-05 David Malcolm <dmalcolm@redhat.com>
723
724 * engine.cc (exploded_node::dump_dot): Show merger enodes.
725 (worklist::add_node): Assert that the node's m_status is
726 STATUS_WORKLIST.
727 (exploded_graph::process_worklist): Likewise for nodes from the
728 worklist. Set status of merged nodes to STATUS_MERGER.
729 (exploded_graph::process_node): Set status of node to
730 STATUS_PROCESSED.
731 (exploded_graph::dump_exploded_nodes): Rework handling of
732 "__analyzer_dump_exploded_nodes", splitting enodes by status into
733 "processed" and "merger", showing the count of just the processed
734 enodes at the call, rather than the count of all enodes.
735 * exploded-graph.h (exploded_node::status): New enum.
736 (exploded_node::exploded_node): Initialize m_status to
737 STATUS_WORKLIST.
738 (exploded_node::get_status): New getter.
739 (exploded_node::set_status): New setter.
740
1dae549d
DM		 7412020-02-04 David Malcolm <dmalcolm@redhat.com>
742
743 PR analyzer/93543
744 * engine.cc (pod_hash_traits<function_call_string>::mark_empty):
745 Eliminate reinterpret_cast.
746 (pod_hash_traits<function_call_string>::is_empty): Likewise.
747
833f1e66
DM		 7482020-02-03 David Malcolm <dmalcolm@redhat.com>
749
750 * constraint-manager.cc (range::constrained_to_single_element):
751 Replace fold_build2 with fold_binary. Remove unnecessary newline.
752 (constraint_manager::get_or_add_equiv_class): Replace fold_build2
753 with fold_binary in two places, and remove out-of-date comment.
754 (constraint_manager::eval_condition): Replace fold_build2 with
755 fold_binary.
756 * region-model.cc (constant_svalue::eval_condition): Likewise.
757 (region_model::on_assignment): Likewise.
758
8525d1f5
DM		 7592020-02-03 David Malcolm <dmalcolm@redhat.com>
760
761 PR analyzer/93544
762 * diagnostic-manager.cc
763 (diagnostic_manager::prune_for_sm_diagnostic): Bulletproof
764 against bad choices due to bad paths.
765 * engine.cc (impl_region_model_context::on_phi): New.
766 * exploded-graph.h (impl_region_model_context::on_phi): New decl.
767 * region-model.cc (region_model::on_longjmp): Likewise.
768 (region_model::handle_phi): Add phi param. Call the ctxt's on_phi
769 vfunc.
770 (region_model::update_for_phis): Pass phi to handle_phi.
771 * region-model.h (region_model::handle_phi): Add phi param.
772 (region_model_context::on_phi): New vfunc.
773 (test_region_model_context::on_phi): New.
774 * sm-malloc.cc (malloc_state_machine::on_phi): New.
775 (malloc_state_machine::on_zero_assignment): New.
776 * sm.h (state_machine::on_phi): New vfunc.
777
73f38658
DM		 7782020-02-03 David Malcolm <dmalcolm@redhat.com>
779
780 * engine.cc (supernode_cluster::dump_dot): Show BB index as
781 well as SN index.
782 * supergraph.cc (supernode::dump_dot): Likewise.
783
5e10b9a2
DM		 7842020-02-03 David Malcolm <dmalcolm@redhat.com>
785
786 PR analyzer/93546
787 * region-model.cc (region_model::on_call_pre): Update for new
788 param of symbolic_region ctor.
789 (region_model::deref_rvalue): Likewise.
790 (region_model::add_new_malloc_region): Likewise.
791 (make_region_for_type): Likewise, preserving type.
792 * region-model.h (symbolic_region::symbolic_region): Add "type"
793 param and pass it to base class ctor.
794
287ccd3b
DM		 7952020-02-03 David Malcolm <dmalcolm@redhat.com>
796
797 PR analyzer/93547
798 * constraint-manager.cc
799 (constraint_manager::get_or_add_equiv_class): Ensure types are
800 compatible before comparing constants.
801
67751724
DM		 8022020-01-31 David Malcolm <dmalcolm@redhat.com>
803
804 PR analyzer/93457
805 * region-model.cc (make_region_for_type): Use VOID_TYPE_P rather
806 than checking against void_type_node.
807
09bea584
DM		 8082020-01-31 David Malcolm <dmalcolm@redhat.com>
809
810 PR analyzer/93373
811 * region-model.cc (ASSERT_COMPAT_TYPES): Convert to...
812 (assert_compat_types): ...this, and bail when either type is NULL,
813 or when VOID_TYPE_P (dst_type).
814 (region_model::get_lvalue): Update for above conversion.
815 (region_model::get_rvalue): Likewise.
816
f1c807e8
DM		 8172020-01-31 David Malcolm <dmalcolm@redhat.com>
818
819 PR analyzer/93379
820 * region-model.cc (region_model::update_for_return_superedge):
821 Move check for null result so that it also guards setting the
822 lhs.
823
455f58ec
DM		 8242020-01-31 David Malcolm <dmalcolm@redhat.com>
825
826 PR analyzer/93438
827 * region-model.cc (stack_region::can_merge_p): Split into a two
828 pass approach, creating all stack regions first, then populating
829 them.
830 (selftest::test_state_merging): Add test coverage for (a) the case
831 of self-merging a model in which a local in an older stack frame
832 points to a local in a more recent stack frame (which previously
833 would ICE), and (b) the case of self-merging a model in which a
834 local points to a global (which previously worked OK).
835
182ce042
DM		 8362020-01-31 David Malcolm <dmalcolm@redhat.com>
837
838 * analyzer.cc (is_named_call_p): Replace tests for fndecl being
839 extern at file scope and having a non-NULL DECL_NAME with a call
840 to maybe_special_function_p.
841 * function-set.cc (function_set::contains_decl_p): Add call to
842 maybe_special_function_p.
843
45eb3e49
DM		 8442020-01-31 David Malcolm <dmalcolm@redhat.com>
845
846 PR analyzer/93450
847 * constraint-manager.cc
848 (constraint_manager::get_or_add_equiv_class): Only compare constants
849 if their types are compatible.
850 * region-model.cc (constant_svalue::eval_condition): Replace check
851 for identical types with call to types_compatible_p.
852
42f36563
DM		 8532020-01-30 David Malcolm <dmalcolm@redhat.com>
854
855 * program-state.cc (extrinsic_state::dump_to_pp): New.
856 (extrinsic_state::dump_to_file): New.
857 (extrinsic_state::dump): New.
858 * program-state.h (extrinsic_state::dump_to_pp): New decl.
859 (extrinsic_state::dump_to_file): New decl.
860 (extrinsic_state::dump): New decl.
861 * sm.cc: Include "pretty-print.h".
862 (state_machine::dump_to_pp): New.
863 * sm.h (state_machine::dump_to_pp): New decl.
864
ebe9174e
DM		 8652020-01-30 David Malcolm <dmalcolm@redhat.com>
866
867 * diagnostic-manager.cc (for_each_state_change): Use
868 extrinsic_state::get_num_checkers rather than accessing m_checkers
869 directly.
870 * program-state.cc (program_state::program_state): Likewise.
871 * program-state.h (extrinsic_state::m_checkers): Make private.
872
e978955d
DM		 8732020-01-30 David Malcolm <dmalcolm@redhat.com>
874
875 PR analyzer/93356
876 * region-model.cc (region_model::eval_condition): In both
877 overloads, bail out immediately on floating-point types.
878 (region_model::eval_condition_without_cm): Likewise.
879 (region_model::add_constraint): Likewise.
880
d177c49c
DM		 8812020-01-30 David Malcolm <dmalcolm@redhat.com>
882
883 PR analyzer/93450
884 * program-state.cc (sm_state_map::set_state): For the overload
885 taking an svalue_id, bail out if the set_state on the ec does
886 nothing. Convert the latter's return type from void to bool,
887 returning true if anything changed.
888 (sm_state_map::impl_set_state): Convert the return type from void
889 to bool, returning true if the state changed.
890 * program-state.h (sm_state_map::set_state): Convert return type
891 from void to bool.
892 (sm_state_map::impl_set_state): Likewise.
893 * region-model.cc (constant_svalue::eval_condition): Only call
894 fold_build2 if the types are the same.
895
7892ff37
JJ		 8962020-01-29 Jakub Jelinek <jakub@redhat.com>
897
898 * analyzer.h (PUSH_IGNORE_WFORMAT, POP_IGNORE_WFORMAT): Remove.
899 * constraint-manager.cc: Include diagnostic-core.h before graphviz.h.
900 (range::dump, equiv_class::print): Don't use PUSH_IGNORE_WFORMAT or
901 POP_IGNORE_WFORMAT.
902 * state-purge.cc: Include diagnostic-core.h before
903 gimple-pretty-print.h.
904 (state_purge_annotator::add_node_annotations, print_vec_of_names):
905 Don't use PUSH_IGNORE_WFORMAT or POP_IGNORE_WFORMAT.
906 * region-model.cc: Move diagnostic-core.h include before graphviz.h.
907 (path_var::dump, svalue::print, constant_svalue::print_details,
908 region::dump_to_pp, region::dump_child_label, region::print_fields,
909 map_region::print_fields, map_region::dump_dot_to_pp,
910 map_region::dump_child_label, array_region::print_fields,
911 array_region::dump_dot_to_pp): Don't use PUSH_IGNORE_WFORMAT or
912 POP_IGNORE_WFORMAT.
913
5aebfb71
DM		 9142020-01-28 David Malcolm <dmalcolm@redhat.com>
915
916 PR analyzer/93316
917 * engine.cc (rewind_info_t::update_model): Get the longjmp call
918 stmt via get_longjmp_call () rather than assuming it is the last
919 stmt in the longjmp's supernode.
920 (rewind_info_t::add_events_to_path): Get the location_t for the
921 rewind_from_longjmp_event via get_longjmp_call () rather than from
922 the supernode's get_end_location ().
923
6c8e5844
DM		 9242020-01-28 David Malcolm <dmalcolm@redhat.com>
925
926 * region-model.cc (poisoned_value_diagnostic::emit): Update for
927 renaming of warning_at overload to warning_meta.
928 * sm-file.cc (file_leak::emit): Likewise.
929 * sm-malloc.cc (double_free::emit): Likewise.
930 (possible_null_deref::emit): Likewise.
931 (possible_null_arg::emit): Likewise.
932 (null_deref::emit): Likewise.
933 (null_arg::emit): Likewise.
934 (use_after_free::emit): Likewise.
935 (malloc_leak::emit): Likewise.
936 (free_of_non_heap::emit): Likewise.
937 * sm-sensitive.cc (exposure_through_output_file::emit): Likewise.
938 * sm-signal.cc (signal_unsafe_call::emit): Likewise.
939 * sm-taint.cc (tainted_array_index::emit): Likewise.
940
8c08c983
DM		 9412020-01-27 David Malcolm <dmalcolm@redhat.com>
942
943 PR analyzer/93451
944 * region-model.cc (tree_cmp): For the REAL_CST case, impose an
945 arbitrary order on NaNs relative to other NaNs and to non-NaNs;
946 const-correctness tweak.
947 (ana::selftests::build_real_cst_from_string): New function.
948 (ana::selftests::append_interesting_constants): New function.
949 (ana::selftests::test_tree_cmp_on_constants): New test.
950 (ana::selftests::test_canonicalization_4): New test.
951 (ana::selftests::analyzer_region_model_cc_tests): Call the new
952 tests.
953
2fbea419
DM		 9542020-01-27 David Malcolm <dmalcolm@redhat.com>
955
956 PR analyzer/93349
957 * engine.cc (run_checkers): Save and restore input_location.
958
6a81cabc
DM		 9592020-01-27 David Malcolm <dmalcolm@redhat.com>
960
961 * call-string.cc (call_string::cmp_1): Delete, moving body to...
962 (call_string::cmp): ...here.
963 * call-string.h (call_string::cmp_1): Delete decl.
964 * engine.cc (worklist::key_t::cmp_1): Delete, moving body to...
965 (worklist::key_t::cmp): ...here. Implement hash comparisons
966 via comparison rather than subtraction to avoid overflow issues.
967 * exploded-graph.h (worklist::key_t::cmp_1): Delete decl.
968 * region-model.cc (tree_cmp): Eliminate buggy checking for
969 symmetry.
970
342e14ff
DM		 9712020-01-27 David Malcolm <dmalcolm@redhat.com>
972
973 * analyzer.cc (is_named_call_p): Check that fndecl is "extern"
974 and at file scope. Potentially disregard prefix _ or __ in
975 fndecl's name. Bail if the identifier is NULL.
976 (is_setjmp_call_p): Expect a gcall rather than plain gimple.
977 Remove special-case check for leading prefix, and also check for
978 sigsetjmp.
979 (is_longjmp_call_p): Also check for siglongjmp.
980 (get_user_facing_name): New function.
981 * analyzer.h (is_setjmp_call_p): Expect a gcall rather than plain
982 gimple.
983 (get_user_facing_name): New decl.
984 * checker-path.cc (setjmp_event::get_desc): Use
985 get_user_facing_name to avoid hardcoding the function name.
986 (rewind_event::rewind_event): Add rewind_info param, using it to
987 initialize new m_rewind_info field, and strengthen the assertion.
988 (rewind_from_longjmp_event::get_desc): Use get_user_facing_name to
989 avoid hardcoding the function name.
990 (rewind_to_setjmp_event::get_desc): Likewise.
991 * checker-path.h (setjmp_event::setjmp_event): Add setjmp_call
992 param and use it to initialize...
993 (setjmp_event::m_setjmp_call): New field.
994 (rewind_event::rewind_event): Add rewind_info param.
995 (rewind_event::m_rewind_info): New protected field.
996 (rewind_from_longjmp_event::rewind_from_longjmp_event): Add
997 rewind_info param.
998 (class rewind_to_setjmp_event): Move rewind_info field to parent
999 class.
1000 * diagnostic-manager.cc (diagnostic_manager::add_events_for_eedge):
1001 Update setjmp-handling for is_setjmp_call_p requiring a gcall;
1002 pass the call to the new setjmp_event.
1003 * engine.cc (exploded_node::on_stmt): Update for is_setjmp_call_p
1004 requiring a gcall.
1005 (stale_jmp_buf::emit): Use get_user_facing_name to avoid
1006 hardcoding the function names.
1007 (exploded_node::on_longjmp): Pass the longjmp_call when
1008 constructing rewind_info.
1009 (rewind_info_t::add_events_to_path): Pass the rewind_info_t to the
1010 rewind_from_longjmp_event's ctor.
1011 * exploded-graph.h (rewind_info_t::rewind_info_t): Add
1012 longjmp_call param.
1013 (rewind_info_t::get_longjmp_call): New.
1014 (rewind_info_t::m_longjmp_call): New.
1015 * region-model.cc (region_model::on_setjmp): Update comment to
1016 indicate this is also for sigsetjmp.
1017 * region-model.h (struct setjmp_record): Likewise.
1018 (class setjmp_svalue): Likewise.
1019
26d949c8
DM		 10202020-01-27 David Malcolm <dmalcolm@redhat.com>
1021
1022 PR analyzer/93276
1023 * analyzer.h (PUSH_IGNORE_WFORMAT, POP_IGNORE_WFORMAT): Guard these
1024 macros with GCC_VERSION >= 4006, making them no-op otherwise.
1025 * engine.cc (exploded_edge::exploded_edge): Specify template for
1026 base class initializer.
1027 (exploded_graph::add_edge): Specify template when chaining up to
1028 base class add_edge implementation.
1029 (viz_callgraph_node::dump_dot): Drop redundant "typename".
1030 (viz_callgraph_edge::viz_callgraph_edge): Specify template for
1031 base class initializer.
1032 * program-state.cc (sm_state_map::clone_with_remapping): Drop
1033 redundant "typename".
1034 (sm_state_map::print): Likewise.
1035 (sm_state_map::hash): Likewise.
1036 (sm_state_map::operator==): Likewise.
1037 (sm_state_map::remap_svalue_ids): Likewise.
1038 (sm_state_map::on_svalue_purge): Likewise.
1039 (sm_state_map::validate): Likewise.
1040 * program-state.h (sm_state_map::iterator_t): Likewise.
1041 * supergraph.h (superedge::superedge): Specify template for base
1042 class initializer.
1043
648796da
DM		 10442020-01-23 David Malcolm <dmalcolm@redhat.com>
1045
1046 PR analyzer/93375
1047 * supergraph.cc (callgraph_superedge::get_arg_for_parm): Fail
1048 gracefully is the number of parameters at the callee exceeds the
1049 number of arguments at the call stmt.
1050 (callgraph_superedge::get_parm_for_arg): Likewise.
1051
591b59eb
DM		 10522020-01-22 David Malcolm <dmalcolm@redhat.com>
1053
1054 PR analyzer/93382
1055 * program-state.cc (sm_state_map::on_svalue_purge): If the
1056 entry survives, but the origin is being purged, then reset the
1057 origin to null.
1058
c9c8aef4
DM		 10592020-01-22 David Malcolm <dmalcolm@redhat.com>
1060
1061 * sm-signal.cc: Fix nesting of CHECKING_P and namespace ana.
1062
fd9982bb
DM		 10632020-01-22 David Malcolm <dmalcolm@redhat.com>
1064
1065 PR analyzer/93378
1066 * engine.cc (setjmp_svalue::compare_fields): Update for
1067 replacement of m_enode with m_setjmp_record.
1068 (setjmp_svalue::add_to_hash): Likewise.
1069 (setjmp_svalue::get_index): Rename...
1070 (setjmp_svalue::get_enode_index): ...to this.
1071 (setjmp_svalue::print_details): Update for replacement of m_enode
1072 with m_setjmp_record.
1073 (exploded_node::on_longjmp): Likewise.
1074 * exploded-graph.h (rewind_info_t::m_enode_origin): Replace...
1075 (rewind_info_t::m_setjmp_record): ...with this.
1076 (rewind_info_t::rewind_info_t): Update for replacement of m_enode
1077 with m_setjmp_record.
1078 (rewind_info_t::get_setjmp_point): Likewise.
1079 (rewind_info_t::get_setjmp_call): Likewise.
1080 * region-model.cc (region_model::dump_summary_of_map): Likewise.
1081 (region_model::on_setjmp): Likewise.
1082 * region-model.h (struct setjmp_record): New struct.
1083 (setjmp_svalue::m_enode): Replace...
1084 (setjmp_svalue::m_setjmp_record): ...with this.
1085 (setjmp_svalue::setjmp_svalue): Update for replacement of m_enode
1086 with m_setjmp_record.
1087 (setjmp_svalue::clone): Likewise.
1088 (setjmp_svalue::get_index): Rename...
1089 (setjmp_svalue::get_enode_index): ...to this.
1090 (setjmp_svalue::get_exploded_node): Replace...
1091 (setjmp_svalue::get_setjmp_record): ...with this.
1092
da7cf663
DM		 10932020-01-22 David Malcolm <dmalcolm@redhat.com>
1094
1095 PR analyzer/93316
1096 * analyzer.cc (is_setjmp_call_p): Check for "setjmp" as well as
1097 "_setjmp".
1098
75038aa6
DM		 10992020-01-22 David Malcolm <dmalcolm@redhat.com>
1100
1101 PR analyzer/93307
1102 * analysis-plan.h: Wrap everything namespace "ana".
1103 * analyzer-logging.cc: Likewise.
1104 * analyzer-logging.h: Likewise.
1105 * analyzer-pass.cc (pass_analyzer::execute): Update for "ana"
1106 namespace.
1107 * analyzer-selftests.cc: Wrap everything namespace "ana".
1108 * analyzer-selftests.h: Likewise.
1109 * analyzer.h: Likewise for forward decls of types.
1110 * call-string.h: Likewise.
1111 * checker-path.cc: Likewise.
1112 * checker-path.h: Likewise.
1113 * constraint-manager.cc: Likewise.
1114 * constraint-manager.h: Likewise.
1115 * diagnostic-manager.cc: Likewise.
1116 * diagnostic-manager.h: Likewise.
1117 * engine.cc: Likewise.
1118 * engine.h: Likewise.
1119 * exploded-graph.h: Likewise.
1120 * function-set.cc: Likewise.
1121 * function-set.h: Likewise.
1122 * pending-diagnostic.cc: Likewise.
1123 * pending-diagnostic.h: Likewise.
1124 * program-point.cc: Likewise.
1125 * program-point.h: Likewise.
1126 * program-state.cc: Likewise.
1127 * program-state.h: Likewise.
1128 * region-model.cc: Likewise.
1129 * region-model.h: Likewise.
1130 * sm-file.cc: Likewise.
1131 * sm-malloc.cc: Likewise.
1132 * sm-pattern-test.cc: Likewise.
1133 * sm-sensitive.cc: Likewise.
1134 * sm-signal.cc: Likewise.
1135 * sm-taint.cc: Likewise.
1136 * sm.cc: Likewise.
1137 * sm.h: Likewise.
1138 * state-purge.h: Likewise.
1139 * supergraph.cc: Likewise.
1140 * supergraph.h: Likewise.
1141
4f01e577
DM		 11422020-01-21 David Malcolm <dmalcolm@redhat.com>
1143
1144 PR analyzer/93352
1145 * region-model.cc (int_cmp): Rename to...
1146 (array_region::key_cmp): ...this, using key_t rather than int.
1147 Rewrite in terms of comparisons rather than subtraction to
1148 ensure qsort is anti-symmetric when handling extreme values.
1149 (array_region::walk_for_canonicalization): Update for above
1150 renaming.
1151 * region-model.h (array_region::key_cmp): New decl.
1152
07c86323
DM		 11532020-01-17 David Malcolm <dmalcolm@redhat.com>
1154
1155 PR analyzer/93290
1156 * region-model.cc (region_model::eval_condition_without_cm): Avoid
1157 gcc_unreachable for unexpected operations for the case where
1158 we're comparing an svalue against itself.
1159
5f030383
DM		 11602020-01-17 David Malcolm <dmalcolm@redhat.com>
1161
1162 PR analyzer/93281
1163 * region-model.cc
1164 (region_model::convert_byte_offset_to_array_index): Convert to
1165 ssizetype before dividing by byte_size. Use fold_binary rather
1166 than fold_build2 to avoid needlessly constructing a tree for the
1167 non-const case.
1168
49e9a999
DM		 11692020-01-15 David Malcolm <dmalcolm@redhat.com>
1170
1171 * engine.cc (class impl_region_model_context): Fix comment.
1172
32077b69
DM		 11732020-01-14 David Malcolm <dmalcolm@redhat.com>
1174
1175 PR analyzer/93212
1176 * region-model.cc (make_region_for_type): Use
1177 FUNC_OR_METHOD_TYPE_P rather than comparing against FUNCTION_TYPE.
1178 * region-model.h (function_region::function_region): Likewise.
1179
7fb3669e
DM		 11802020-01-14 David Malcolm <dmalcolm@redhat.com>
1181
1182 * program-state.cc (sm_state_map::clone_with_remapping): Copy
1183 m_global_state.
1184 (selftest::test_program_state_merging_2): New selftest.
1185 (selftest::analyzer_program_state_cc_tests): Call it.
1186
e2a538b1
DM		 11872020-01-14 David Malcolm <dmalcolm@redhat.com>
1188
1189 * checker-path.h (checker_path::get_checker_event): New function.
1190 (checker_path): Add DISABLE_COPY_AND_ASSIGN; make fields private.
1191 * diagnostic-manager.cc
1192 (diagnostic_manager::prune_for_sm_diagnostic): Replace direct
1193 access to checker_path::m_events with accessor functions. Fix
1194 overlong line.
1195 (diagnostic_manager::prune_interproc_events): Replace direct
1196 access to checker_path::m_events with accessor functions.
1197 (diagnostic_manager::finish_pruning): Likewise.
1198
94946989
DM		 11992020-01-14 David Malcolm <dmalcolm@redhat.com>
1200
1201 * checker-path.h (checker_event::clone): Delete vfunc decl.
1202 (debug_event::clone): Delete vfunc impl.
1203 (custom_event::clone): Delete vfunc impl.
1204 (statement_event::clone): Delete vfunc impl.
1205 (function_entry_event::clone): Delete vfunc impl.
1206 (state_change_event::clone): Delete vfunc impl.
1207 (start_cfg_edge_event::clone): Delete vfunc impl.
1208 (end_cfg_edge_event::clone): Delete vfunc impl.
1209 (call_event::clone): Delete vfunc impl.
1210 (return_event::clone): Delete vfunc impl.
1211 (setjmp_event::clone): Delete vfunc impl.
1212 (rewind_from_longjmp_event::clone): Delete vfunc impl.
1213 (rewind_to_setjmp_event::clone): Delete vfunc impl.
1214 (warning_event::clone): Delete vfunc impl.
1215
718930c0
DM		 12162020-01-14 David Malcolm <dmalcolm@redhat.com>
1217
1218 * supergraph.cc (supernode::dump_dot): Ensure that the TABLE
1219 element has at least one TR.
1220
8397af8e
DM		 12212020-01-14 David Malcolm <dmalcolm@redhat.com>
1222
1223 PR analyzer/58237
1224 * engine.cc (leak_stmt_finder::find_stmt): Use get_pure_location
1225 when comparing against UNKNOWN_LOCATION.
1226 (stmt_requires_new_enode_p): Likewise.
1227 (exploded_graph::dump_exploded_nodes): Likewise.
1228 * supergraph.cc (supernode::get_start_location): Likewise.
1229 (supernode::get_end_location): Likewise.
1230
697251b7
DM		 12312020-01-14 David Malcolm <dmalcolm@redhat.com>
1232
1233 PR analyzer/58237
1234 * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
1235 selftest::analyzer_sm_file_cc_tests.
1236 * analyzer-selftests.h (selftest::analyzer_sm_file_cc_tests): New
1237 decl.
1238 * sm-file.cc: Include "analyzer/function-set.h" and
1239 "analyzer/analyzer-selftests.h".
1240 (get_file_using_fns): New function.
1241 (is_file_using_fn_p): New function.
1242 (fileptr_state_machine::on_stmt): Return true for known functions.
1243 (selftest::analyzer_sm_file_cc_tests): New function.
1244
4804c5fe
DM		 12452020-01-14 David Malcolm <dmalcolm@redhat.com>
1246
1247 * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
1248 selftest::analyzer_sm_signal_cc_tests.
1249 * analyzer-selftests.h (selftest::analyzer_sm_signal_cc_tests):
1250 New decl.
1251 * sm-signal.cc: Include "analyzer/function-set.h" and
1252 "analyzer/analyzer-selftests.h".
1253 (get_async_signal_unsafe_fns): New function.
1254 (signal_unsafe_p): Reimplement in terms of the above.
1255 (selftest::analyzer_sm_signal_cc_tests): New function.
1256
a6b5f19c
DM		 12572020-01-14 David Malcolm <dmalcolm@redhat.com>
1258
1259 * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
1260 selftest::analyzer_function_set_cc_tests.
1261 * analyzer-selftests.h (selftest::analyzer_function_set_cc_tests):
1262 New decl.
1263 * function-set.cc: New file.
1264 * function-set.h: New file.
1265
ef7827b0
DM		 12662020-01-14 David Malcolm <dmalcolm@redhat.com>
1267
1268 * analyzer.h (fndecl_has_gimple_body_p): New decl.
1269 * engine.cc (impl_region_model_context::on_unknown_change): New
1270 function.
1271 (fndecl_has_gimple_body_p): Make non-static.
1272 (exploded_node::on_stmt): Treat __analyzer_dump_exploded_nodes as
1273 known. Track whether we have a call with unknown side-effects and
1274 pass it to on_call_post.
1275 * exploded-graph.h (impl_region_model_context::on_unknown_change):
1276 New decl.
1277 * program-state.cc (sm_state_map::on_unknown_change): New function.
1278 * program-state.h (sm_state_map::on_unknown_change): New decl.
1279 * region-model.cc: Include "bitmap.h".
1280 (region_model::on_call_pre): Return a bool, capturing whether the
1281 call has unknown side effects.
1282 (region_model::on_call_post): Add arg "bool unknown_side_effects"
1283 and if true, call handle_unrecognized_call.
1284 (class reachable_regions): New class.
1285 (region_model::handle_unrecognized_call): New function.
1286 * region-model.h (region_model::on_call_pre): Return a bool.
1287 (region_model::on_call_post): Add arg "bool unknown_side_effects".
1288 (region_model::handle_unrecognized_call): New decl.
1289 (region_model_context::on_unknown_change): New vfunc.
1290 (test_region_model_context::on_unknown_change): New function.
1291
14f9d7b9
DM		 12922020-01-14 David Malcolm <dmalcolm@redhat.com>
1293
1294 * diagnostic-manager.cc (saved_diagnostic::operator==): Move here
1295 from header. Replace pointer equality test on m_var with call to
1296 pending_diagnostic::same_tree_p.
1297 * diagnostic-manager.h (saved_diagnostic::operator==): Move to
1298 diagnostic-manager.cc.
1299 * pending-diagnostic.cc (pending_diagnostic::same_tree_p): New.
1300 * pending-diagnostic.h (pending_diagnostic::same_tree_p): New.
1301 * sm-file.cc (file_diagnostic::subclass_equal_p): Replace pointer
1302 equality on m_arg with call to pending_diagnostic::same_tree_p.
1303 * sm-malloc.cc (malloc_diagnostic::subclass_equal_p): Likewise.
1304 (possible_null_arg::subclass_equal_p): Likewise.
1305 (null_arg::subclass_equal_p): Likewise.
1306 (free_of_non_heap::subclass_equal_p): Likewise.
1307 * sm-pattern-test.cc (pattern_match::operator==): Likewise.
1308 * sm-sensitive.cc (exposure_through_output_file::operator==):
1309 Likewise.
1310 * sm-taint.cc (tainted_array_index::operator==): Likewise.
1311
f474fbd5
DM		 13122020-01-14 David Malcolm <dmalcolm@redhat.com>
1313
1314 * diagnostic-manager.cc (dedupe_winners::add): Add logging
1315 of deduplication decisions made.
1316
757bf1df
DM		 13172020-01-14 David Malcolm <dmalcolm@redhat.com>
1318
1319 * ChangeLog: New file.
1320 * analyzer-selftests.cc: New file.
1321 * analyzer-selftests.h: New file.
1322 * analyzer.opt: New file.
1323 * analysis-plan.cc: New file.
1324 * analysis-plan.h: New file.
1325 * analyzer-logging.cc: New file.
1326 * analyzer-logging.h: New file.
1327 * analyzer-pass.cc: New file.
1328 * analyzer.cc: New file.
1329 * analyzer.h: New file.
1330 * call-string.cc: New file.
1331 * call-string.h: New file.
1332 * checker-path.cc: New file.
1333 * checker-path.h: New file.
1334 * constraint-manager.cc: New file.
1335 * constraint-manager.h: New file.
1336 * diagnostic-manager.cc: New file.
1337 * diagnostic-manager.h: New file.
1338 * engine.cc: New file.
1339 * engine.h: New file.
1340 * exploded-graph.h: New file.
1341 * pending-diagnostic.cc: New file.
1342 * pending-diagnostic.h: New file.
1343 * program-point.cc: New file.
1344 * program-point.h: New file.
1345 * program-state.cc: New file.
1346 * program-state.h: New file.
1347 * region-model.cc: New file.
1348 * region-model.h: New file.
1349 * sm-file.cc: New file.
1350 * sm-malloc.cc: New file.
1351 * sm-malloc.dot: New file.
1352 * sm-pattern-test.cc: New file.
1353 * sm-sensitive.cc: New file.
1354 * sm-signal.cc: New file.
1355 * sm-taint.cc: New file.
1356 * sm.cc: New file.
1357 * sm.h: New file.
1358 * state-purge.cc: New file.
1359 * state-purge.h: New file.
1360 * supergraph.cc: New file.
1361 * supergraph.h: New file.
1362
13632019-12-13 David Malcolm <dmalcolm@redhat.com>
1364
1365 * Initial creation
1366
1367\f
1368Copyright (C) 2019-2020 Free Software Foundation, Inc.
1369
1370Copying and distribution of this file, with or without modification,
1371are permitted in any medium without royalty provided the copyright
1372notice and this notice are preserved.
Mirror of https://gcc.gnu.org/git/gcc.git