]> git.ipfire.org Git - thirdparty/gcc.git/blob - gcc/analyzer/ChangeLog
projects / thirdparty / gcc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Daily bump.
[thirdparty/gcc.git] / gcc / analyzer / ChangeLog
1 2020-08-18 David Malcolm <dmalcolm@redhat.com>
2
3 * region-model.cc (region_model::get_rvalue_1): Fix name of local.
4
5 2020-08-18 David Malcolm <dmalcolm@redhat.com>
6
7 PR analyzer/96641
8 * region-model.cc (region_model::get_rvalue_1): Handle
9 unrecognized tree codes by returning "UNKNOWN.
10
11 2020-08-18 David Malcolm <dmalcolm@redhat.com>
12
13 PR analyzer/96640
14 * region-model.cc (region_model::get_gassign_result): Handle various
15 VEC_* tree codes by returning UNKNOWN.
16 (region_model::on_assignment): Handle unrecognized tree codes by
17 setting lhs to an unknown value, rather than issuing a "sorry" and
18 asserting.
19
20 2020-08-17 David Malcolm <dmalcolm@redhat.com>
21
22 PR analyzer/96644
23 * region-model-manager.cc (get_region_for_unexpected_tree_code):
24 Handle ctxt being NULL.
25
26 2020-08-17 David Malcolm <dmalcolm@redhat.com>
27
28 PR analyzer/96639
29 * region.cc (region::get_subregions_for_binding): Check for "type"
30 being NULL.
31
32 2020-08-17 David Malcolm <dmalcolm@redhat.com>
33
34 PR analyzer/96642
35 * store.cc (get_svalue_for_ctor_val): New.
36 (binding_map::apply_ctor_to_region): Call it.
37
38 2020-08-14 David Malcolm <dmalcolm@redhat.com>
39
40 PR testsuite/96609
41 PR analyzer/96616
42 * region-model.cc (region_model::get_store_value): Call
43 maybe_get_constant_value on decl_regions first.
44 * region-model.h (decl_region::maybe_get_constant_value): New decl.
45 * region.cc (decl_region::get_stack_depth): Likewise.
46 (decl_region::maybe_get_constant_value): New.
47 * store.cc (get_subregion_within_ctor): New.
48 (binding_map::apply_ctor_to_region): New.
49 * store.h (binding_map::apply_ctor_to_region): New decl.
50
51 2020-08-14 David Malcolm <dmalcolm@redhat.com>
52
53 PR analyzer/96611
54 * store.cc (store::mark_as_escaped): Reject attempts to
55 get a cluster for an unknown pointer.
56
57 2020-08-13 David Malcolm <dmalcolm@redhat.com>
58
59 PR analyzer/93032
60 PR analyzer/93938
61 PR analyzer/94011
62 PR analyzer/94099
63 PR analyzer/94399
64 PR analyzer/94458
65 PR analyzer/94503
66 PR analyzer/94640
67 PR analyzer/94688
68 PR analyzer/94689
69 PR analyzer/94839
70 PR analyzer/95026
71 PR analyzer/95042
72 PR analyzer/95240
73 * analyzer-logging.cc: Ignore "-Wformat-diag".
74 (logger::enter_scope): Use inc_indent in both overloads.
75 (logger::exit_scope): Use dec_indent.
76 * analyzer-logging.h (logger::inc_indent): New.
77 (logger::dec_indent): New.
78 * analyzer-selftests.cc (run_analyzer_selftests): Call
79 analyzer_store_cc_tests.
80 * analyzer-selftests.h (analyzer_store_cc_tests): New decl.
81 * analyzer.cc (get_stmt_location): New function.
82 * analyzer.h (class initial_svalue): New forward decl.
83 (class unaryop_svalue): New forward decl.
84 (class binop_svalue): New forward decl.
85 (class sub_svalue): New forward decl.
86 (class unmergeable_svalue): New forward decl.
87 (class placeholder_svalue): New forward decl.
88 (class widening_svalue): New forward decl.
89 (class compound_svalue): New forward decl.
90 (class conjured_svalue): New forward decl.
91 (svalue_set): New typedef.
92 (class map_region): Delete.
93 (class array_region): Delete.
94 (class frame_region): New forward decl.
95 (class function_region): New forward decl.
96 (class label_region): New forward decl.
97 (class decl_region): New forward decl.
98 (class element_region): New forward decl.
99 (class offset_region): New forward decl.
100 (class cast_region): New forward decl.
101 (class field_region): New forward decl.
102 (class string_region): New forward decl.
103 (class region_model_manager): New forward decl.
104 (class store_manager): New forward decl.
105 (class store): New forward decl.
106 (class call_details): New forward decl.
107 (struct svalue_id_merger_mapping): Delete.
108 (struct canonicalization): Delete.
109 (class function_point): New forward decl.
110 (class engine): New forward decl.
111 (dump_tree): New function decl.
112 (print_quoted_type): New function decl.
113 (readability_comparator): New function decl.
114 (tree_cmp): New function decl.
115 (class path_var): Move here from region-model.h
116 (bit_offset_t, bit_size_t, byte_size_t): New typedefs.
117 (class region_offset): New class.
118 (get_stmt_location): New decl.
119 (struct member_function_hash_traits): New struct.
120 (class consolidation_map): New class.
121 Ignore "-Wformat-diag".
122 * analyzer.opt (-param=analyzer-max-svalue-depth=): New param.
123 (-param=analyzer-max-enodes-for-full-dump=): New param.
124 * call-string.cc: Ignore -Wformat-diag.
125 * checker-path.cc: Move includes of "analyzer/call-string.h" and
126 "analyzer/program-point.h" to before "analyzer/region-model.h",
127 and also include "analyzer/store.h" before it.
128 (state_change_event::state_change_event): Replace "tree var" param
129 with "const svalue *sval". Convert "origin" param from tree to
130 "const svalue *".
131 (state_change_event::get_desc): Call get_representative_tree to
132 convert the var and origin from const svalue * to tree. Use
133 svalue::get_desc rather than %qE when describing state changes.
134 (checker_path::add_final_event): Use get_stmt_location.
135 * checker-path.h (state_change_event::state_change_event): Port
136 from tree to const svalue *.
137 (state_change_event::get_lvalue): Delete.
138 (state_change_event::get_dest_function): New.
139 (state_change_event::m_var): Replace with...
140 (state_change_event::m_sval): ...this.
141 (state_change_event::m_origin): Convert from tree to
142 const svalue *.
143 * constraint-manager.cc: Include "analyzer/call-string.h",
144 "analyzer/program-point.h", and "analyzer/store.h" before
145 "analyzer/region-model.h".
146 (struct bound, struct range): Move to constraint-manager.h.
147 (compare_constants): New function.
148 (range::dump): Rename to...
149 (range::dump_to_pp): ...this. Support NULL constants.
150 (range::dump): Reintroduce for dumping to stderr.
151 (range::constrained_to_single_element): Return result, rather than
152 writing to *OUT.
153 (range::eval_condition): New.
154 (range::below_lower_bound): New.
155 (range::above_upper_bound): New.
156 (equiv_class::equiv_class): Port from svalue_id to const svalue *.
157 (equiv_class::print): Likewise.
158 (equiv_class::hash): Likewise.
159 (equiv_class::operator==): Port from svalue_id to const svalue *.
160 (equiv_class::add): Port from svalue_id to const svalue *. Drop
161 "cm" param.
162 (equiv_class::del): Port from svalue_id to const svalue *.
163 (equiv_class::get_representative): Likewise.
164 (equiv_class::remap_svalue_ids): Delete.
165 (svalue_id_cmp_by_id): Rename to...
166 (svalue_cmp_by_ptr): ...this, porting from svalue_id to
167 const svalue *.
168 (equiv_class::canonicalize): Update qsort comparator.
169 (constraint::implied_by): New.
170 (constraint_manager::constraint_manager): Copy m_mgr in copy ctor.
171 (constraint_manager::dump_to_pp): Add "multiline" param
172 (constraint_manager::dump): Pass "true" for "multiline".
173 (constraint_manager::add_constraint): Port from svalue_id to
174 const svalue *. Split out second part into...
175 (constraint_manager::add_unknown_constraint): ...this new
176 function. Remove self-constraints when merging equivalence
177 classes.
178 (constraint_manager::add_constraint_internal): Remove constraints
179 that would be implied by the new constraint. Port from svalue_id
180 to const svalue *.
181 (constraint_manager::get_equiv_class_by_sid): Rename to...
182 (constraint_manager::get_equiv_class_by_svalue): ...this, porting
183 from svalue_id to const svalue *.
184 (constraint_manager::get_or_add_equiv_class): Port from svalue_id
185 to const svalue *.
186 (constraint_manager::eval_condition): Make const. Call
187 compare_constants and return early if it provides a known result.
188 (constraint_manager::get_ec_bounds): New.
189 (constraint_manager::eval_condition): New overloads. Make
190 existing one const, and use compare_constants.
191 (constraint_manager::purge): Convert "p" param to a template
192 rather that an abstract base class. Port from svalue_id to
193 const svalue *.
194 (class dead_svalue_purger): New class.
195 (constraint_manager::remap_svalue_ids): Delete.
196 (constraint_manager::on_liveness_change): New.
197 (equiv_class_cmp): Port from svalue_id to const svalue *.
198 (constraint_manager::canonicalize): Likewise. Combine with
199 purging of redundant equivalence classes and constraints.
200 (class cleaned_constraint_manager): Delete.
201 (class merger_fact_visitor): Make "m_cm_b" const. Add "m_merger"
202 field.
203 (merger_fact_visitor::fact): Port from svalue_id to const svalue *.
204 Add special case for widening.
205 (constraint_manager::merge): Port from svalue_id to const svalue *.
206 (constraint_manager::clean_merger_input): Delete.
207 (constraint_manager::for_each_fact): Port from svalue_id to
208 const svalue *.
209 (constraint_manager::validate): Likewise.
210 (selftest::test_constraint_conditions): Provide a
211 region_model_manager when creating region_model instances.
212 Add test for self-equality not creating equivalence classes.
213 (selftest::test_transitivity): Provide a region_model_manager when
214 creating region_model instances. Verify that EC-merging happens
215 when constraints are implied.
216 (selftest::test_constant_comparisons): Provide a
217 region_model_manager when creating region_model instances.
218 (selftest::test_constraint_impl): Likewise. Remove over-specified
219 assertions.
220 (selftest::test_equality): Provide a region_model_manager when
221 creating region_model instances.
222 (selftest::test_many_constants): Likewise. Provide a
223 program_point when testing merging.
224 (selftest::run_constraint_manager_tests): Move call to
225 test_constant_comparisons to outside the transitivity guard.
226 * constraint-manager.h (struct bound): Move here from
227 constraint-manager.cc.
228 (struct range): Likewise.
229 (struct::eval_condition): New decl.
230 (struct::below_lower_bound): New decl.
231 (struct::above_upper_bound): New decl.
232 (equiv_class::add): Port from svalue_id to const svalue *.
233 (equiv_class::del): Likewise.
234 (equiv_class::get_representative): Likewise.
235 (equiv_class::remap_svalue_ids): Drop.
236 (equiv_class::m_cst_sid): Convert to..
237 (equiv_class::m_cst_sval): ...this.
238 (equiv_class::m_vars): Port from svalue_id to const svalue *.
239 (constraint::bool implied_by): New decl.
240 (fact_visitor::on_fact): Port from svalue_id to const svalue *.
241 (constraint_manager::constraint_manager): Add mgr param.
242 (constraint_manager::clone): Delete.
243 (constraint_manager::maybe_get_constant): Delete.
244 (constraint_manager::get_sid_for_constant): Delete.
245 (constraint_manager::get_num_svalues): Delete.
246 (constraint_manager::dump_to_pp): Add "multiline" param.
247 (constraint_manager::get_equiv_class): Port from svalue_id to
248 const svalue *.
249 (constraint_manager::add_constraint): Likewise.
250 (constraint_manager::get_equiv_class_by_sid): Rename to...
251 (constraint_manager::get_equiv_class_by_svalue): ...this, porting
252 from svalue_id to const svalue *.
253 (constraint_manager::add_unknown_constraint): New decl.
254 (constraint_manager::get_or_add_equiv_class): Port from svalue_id
255 to const svalue *.
256 (constraint_manager::eval_condition): Likewise. Add overloads.
257 (constraint_manager::get_ec_bounds): New decl.
258 (constraint_manager::purge): Convert to template.
259 (constraint_manager::remap_svalue_ids): Delete.
260 (constraint_manager::on_liveness_change): New decl.
261 (constraint_manager::canonicalize): Drop param.
262 (constraint_manager::clean_merger_input): Delete.
263 (constraint_manager::m_mgr): New field.
264 * diagnostic-manager.cc: Move includes of
265 "analyzer/call-string.h" and "analyzer/program-point.h" to before
266 "analyzer/region-model.h", and also include "analyzer/store.h"
267 before it.
268 (saved_diagnostic::saved_diagnostic): Add "sval" param.
269 (diagnostic_manager::diagnostic_manager): Add engine param.
270 (diagnostic_manager::add_diagnostic): Add "sval" param, passing it
271 to saved_diagnostic ctor. Update overload to pass NULL for it.
272 (dedupe_winners::dedupe_winners): Add engine param.
273 (dedupe_winners::add): Add "eg" param. Pass m_engine to
274 feasible_p.
275 (dedupe_winner::m_engine): New field.
276 (diagnostic_manager::emit_saved_diagnostics): Pass engine to
277 dedupe_winners. Pass &eg when adding candidates. Pass svalue
278 rather than tree to prune_path. Use get_stmt_location to get
279 primary location of diagnostic.
280 (diagnostic_manager::emit_saved_diagnostic): Likewise.
281 (get_any_origin): Drop.
282 (state_change_event_creator::on_global_state_change): Pass NULL
283 const svalue * rather than NULL_TREE trees to state_change_event
284 ctor.
285 (state_change_event_creator::on_state_change): Port from tree and
286 svalue_id to const svalue *.
287 (for_each_state_change): Port from svalue_id to const svalue *.
288 (struct null_assignment_sm_context): New.
289 (diagnostic_manager::add_events_for_eedge): Add state change
290 events for assignment to NULL.
291 (diagnostic_manager::prune_path): Update param from tree to
292 const svalue *.
293 (diagnostic_manager::prune_for_sm_diagnostic): Port from tracking
294 by tree to by const svalue *.
295 * diagnostic-manager.h (saved_diagnostic::saved_diagnostic): Add sval
296 param.
297 (saved_diagnostic::m_sval): New field.
298 (diagnostic_manager::diagnostic_manager): Add engine param.
299 (diagnostic_manager::get_engine): New.
300 (diagnostic_manager::add_diagnostic): Add "sval" param.
301 (diagnostic_manager::prune_path): Likewise.
302 (diagnostic_manager::prune_for_sm_diagnostic): New overload.
303 (diagnostic_manager::m_eng): New field.
304 * engine.cc: Move includes of "analyzer/call-string.h" and
305 "analyzer/program-point.h" to before "analyzer/region-model.h",
306 and also include "analyzer/store.h" before it.
307 (impl_region_model_context::impl_region_model_context): Update for
308 removal of m_change field.
309 (impl_region_model_context::remap_svalue_ids): Delete.
310 (impl_region_model_context::on_svalue_leak): New.
311 (impl_region_model_context::on_svalue_purge): Delete.
312 (impl_region_model_context::on_liveness_change): New.
313 (impl_region_model_context::on_unknown_change): Update param
314 from svalue_id to const svalue *. Add is_mutable param.
315 (setjmp_svalue::compare_fields): Delete.
316 (setjmp_svalue::accept): New.
317 (setjmp_svalue::add_to_hash): Delete.
318 (setjmp_svalue::dump_to_pp): New.
319 (setjmp_svalue::print_details): Delete.
320 (impl_sm_context::impl_sm_context): Drop "change" param.
321 (impl_sm_context::get_fndecl_for_call): Drop "m_change".
322 (impl_sm_context::on_transition): Drop ATTRIBUTE_UNUSED from
323 "stmt" param. Drop m_change. Port from svalue_id to
324 const svalue *.
325 (impl_sm_context::warn_for_state): Drop m_change. Port from
326 svalue_id to const svalue *.
327 (impl_sm_context::get_readable_tree): Rename to...
328 (impl_sm_context::get_diagnostic_tree): ...this. Port from
329 svalue_id to const svalue *.
330 (impl_sm_context::is_zero_assignment): New.
331 (impl_sm_context::m_change): Delete field.
332 (leak_stmt_finder::find_stmt): Handle m_var being NULL.
333 (readability): Increase penalty for MEM_REF. For SSA_NAMEs,
334 slightly favor the underlying var over the SSA name. Heavily
335 penalize temporaries. Handle RESULT_DECL.
336 (readability_comparator): Make non-static. Consider stack depths.
337 (impl_region_model_context::on_state_leak): Convert from svalue_id
338 to const svalue *, updating for region_model changes. Use
339 id_equal.
340 (impl_region_model_context::on_inherited_svalue): Delete.
341 (impl_region_model_context::on_cast): Delete.
342 (impl_region_model_context::on_condition): Drop m_change.
343 (impl_region_model_context::on_phi): Likewise.
344 (impl_region_model_context::on_unexpected_tree_code): Handle t
345 being NULL.
346 (point_and_state::validate): Update stack checking for
347 region_model changes.
348 (eg_traits::dump_args_t::show_enode_details_p): New.
349 (exploded_node::exploded_node): Initialize m_num_processed_stmts.
350 (exploded_node::get_processed_stmt): New function.
351 (exploded_node::get_dot_fillcolor): Add more colors.
352 (exploded_node::dump_dot): Guard the printing of the point and
353 state with show_enode_details_p. Print the processed stmts for
354 this enode after the initial state.
355 (exploded_node::dump_to_pp): Pass true for new multiline param
356 of program_state::dump_to_pp.
357 (exploded_node::on_stmt): Drop "change" param. Log the stmt.
358 Set input_location. Implement __analyzer_describe. Update
359 implementation of __analyzer_dump and __analyzer_eval.
360 Remove purging of sm-state for unknown fncalls from here.
361 (exploded_node::on_edge): Drop "change" param.
362 (exploded_node::on_longjmp): Port from region_id/svalue_id to
363 const region */const svalue *. Call program_state::detect_leaks.
364 Drop state_change.
365 (exploded_node::detect_leaks): Update for changes to region_model.
366 Call program_state::detect_leaks.
367 (exploded_edge::exploded_edge): Drop ext_state and change params.
368 (exploded_edge::dump_dot): "args" is no longer used. Drop dumping
369 of m_change.
370 (exploded_graph::exploded_graph): Pass engine to
371 m_diagnostic_manager ctor. Use program_point::origin.
372 (exploded_graph::add_function_entry): Drop ctxt. Use
373 program_state::push_frame. Drop state_change.
374 (exploded_graph::get_or_create_node): Drop "change" param. Add
375 "enode_for_diag" param. Update dumping calls for API changes.
376 Pass point to can_merge_with_p. Show enode indices
377 within -Wanalyzer-too-complex diagnostic for hitting the per-point
378 limit.
379 (exploded_graph::add_edge): Drop "change" param. Log which nodes
380 are being connected. Update for changes to exploded_edge ctor.
381 (exploded_graph::get_per_program_point_data): New.
382 (exploded_graph::process_worklist): Pass point to
383 can_merge_with_p. Drop state_change. Update dumping call for API
384 change.
385 (exploded_graph::process_node): Drop state_change. Split the
386 node in-place if an sm-state-change occurs. Update
387 m_num_processed_stmts. Update dumping calls for API change.
388 (exploded_graph::log_stats): Call engine::log_stats.
389 (exploded_graph::dump_states_for_supernode): Update dumping
390 call.
391 (exploded_path::feasible_p): Add "eng" and "eg" params.
392 Rename "i" to "end_idx". Pass the manager to the region_model
393 ctor. Update for every processed stmt in the enode, not just the
394 first. Keep track of which snodes have been visited, and call
395 loop_replay_fixup when revisiting one.
396 (enode_label::get_text): Update dump call for new param.
397 (exploded_graph::dump_exploded_nodes): Likewise.
398 (exploded_graph::get_node_by_index): New.
399 (impl_run_checkers): Create engine instance and pass its address
400 to extrinsic_state ctor.
401 * exploded-graph.h
402 (impl_region_model_context::impl_region_model_context): Drop
403 "change" params.
404 (impl_region_model_context::void remap_svalue_ids): Delete.
405 (impl_region_model_context::on_svalue_purge): Delete.
406 (impl_region_model_context::on_svalue_leak): New.
407 (impl_region_model_context::on_liveness_change): New.
408 (impl_region_model_context::on_state_leak): Update signature.
409 (impl_region_model_context::on_inherited_svalue): Delete.
410 (impl_region_model_context::on_cast): Delete.
411 (impl_region_model_context::on_unknown_change): Update signature.
412 (impl_region_model_context::m_change): Delete.
413 (eg_traits::dump_args_t::show_enode_details_p): New.
414 (exploded_node::on_stmt): Drop "change" param.
415 (exploded_node::on_edge): Likewise.
416 (exploded_node::get_processed_stmt): New decl.
417 (exploded_node::m_num_processed_stmts): New field.
418 (exploded_edge::exploded_edge): Drop ext_state and change params.
419 (exploded_edge::m_change): Delete.
420 (exploded_graph::get_engine): New accessor.
421 (exploded_graph::get_or_create_node): Drop "change" param. Add
422 "enode_for_diag" param.
423 (exploded_graph::add_edge): Drop "change" param.
424 (exploded_graph::get_per_program_point_data): New decl.
425 (exploded_graph::get_node_by_index): New decl.
426 (exploded_path::feasible_p): Add "eng" and "eg" params.
427 * program-point.cc: Include "analyzer/store.h" before including
428 "analyzer/region-model.h".
429 (function_point::function_point): Move here from
430 program-point.h.
431 (function_point::get_function): Likewise.
432 (function_point::from_function_entry): Likewise.
433 (function_point::before_supernode): Likewise.
434 (function_point::next_stmt): New function.
435 * program-point.h (function_point::function_point): Move
436 implementation from here to program-point.cc.
437 (function_point::get_function): Likewise.
438 (function_point::from_function_entry): Likewise.
439 (function_point::before_supernode): Likewise.
440 (function_point::next_stmt): New decl.
441 (program_point::operator!=): New.
442 (program_point::origin): New.
443 (program_point::next_stmt): New.
444 (program_point::m_function_point): Make non-const.
445 * program-state.cc: Move includes of "analyzer/call-string.h" and
446 "analyzer/program-point.h" to before "analyzer/region-model.h",
447 and also include "analyzer/store.h" before it.
448 (extrinsic_state::get_model_manager): New.
449 (sm_state_map::sm_state_map): Pass in sm and sm_idx to ctor,
450 rather than pass the around.
451 (sm_state_map::clone_with_remapping): Delete.
452 (sm_state_map::print): Remove "sm" param in favor of "m_sm". Add
453 "simple" and "multiline" params and support multiline vs single
454 line dumping.
455 (sm_state_map::dump): Remove "sm" param in favor of "m_sm". Add
456 "simple" param.
457 (sm_state_map::hash): Port from svalue_id to const svalue *.
458 (sm_state_map::operator==): Likewise.
459 (sm_state_map::get_state): Likewise. Call canonicalize_svalue on
460 input. Handle inheritance of sm-state. Call get_default_state.
461 (sm_state_map::get_origin): Port from svalue_id to const svalue *.
462 (sm_state_map::set_state): Likewise. Pass in ext_state. Reject
463 attempts to set state on UNKNOWN.
464 (sm_state_map::impl_set_state): Port from svalue_id to
465 const svalue *. Pass in ext_state. Call canonicalize_svalue on
466 input.
467 (sm_state_map::purge_for_unknown_fncall): Delete.
468 (sm_state_map::on_svalue_leak): New.
469 (sm_state_map::remap_svalue_ids): Delete.
470 (sm_state_map::on_liveness_change): New.
471 (sm_state_map::on_unknown_change): Reimplement.
472 (sm_state_map::on_svalue_purge): Delete.
473 (sm_state_map::on_inherited_svalue): Delete.
474 (sm_state_map::on_cast): Delete.
475 (sm_state_map::validate): Delete.
476 (sm_state_map::canonicalize_svalue): New.
477 (program_state::program_state): Update to pass manager to
478 region_model's ctor. Constify num_states and pass state machine
479 and index to sm_state_map ctor.
480 (program_state::print): Update for changes to dump API.
481 (program_state::dump_to_pp): Ignore the summarize param. Add
482 "multiline" param.
483 (program_state::dump_to_file): Add "multiline" param.
484 (program_state::dump): Pass "true" for new "multiline" param.
485 (program_state::push_frame): New.
486 (program_state::on_edge): Drop "change" param. Call
487 program_state::detect_leaks.
488 (program_state::prune_for_point): Add enode_for_diag param.
489 Reimplement based on store class. Call detect_leaks
490 (program_state::remap_svalue_ids): Delete.
491 (program_state::get_representative_tree): Port from svalue_id to
492 const svalue *.
493 (program_state::can_merge_with_p): Add "point" param. Add early
494 reject for sm-differences. Drop id remapping.
495 (program_state::validate): Drop region model and sm_state_map
496 validation.
497 (state_change::sm_change::dump): Delete.
498 (state_change::sm_change::remap_svalue_ids): Delete.
499 (state_change::sm_change::on_svalue_purge): Delete.
500 (log_set_of_svalues): New.
501 (state_change::sm_change::validate): Delete.
502 (state_change::state_change): Delete.
503 (state_change::add_sm_change): Delete.
504 (state_change::affects_p): Delete.
505 (state_change::dump): Delete.
506 (state_change::remap_svalue_ids): Delete.
507 (state_change::on_svalue_purge): Delete.
508 (state_change::validate): Delete.
509 (selftest::assert_dump_eq): Delete.
510 (ASSERT_DUMP_EQ): Delete.
511 (selftest::test_sm_state_map): Update for changes to region_model
512 and sm_state_map, porting from svalue_id to const svalue *.
513 (selftest::test_program_state_dumping): Likewise. Drop test of
514 dumping, renaming to...
515 (selftest::test_program_state_1): ...this.
516 (selftest::test_program_state_dumping_2): Likewise, renaming to...
517 (selftest::test_program_state_2): ...this.
518 (selftest::test_program_state_merging): Update for changes to
519 region_model.
520 (selftest::test_program_state_merging_2): Likewise.
521 (selftest::analyzer_program_state_cc_tests): Update for renamed
522 tests.
523 * program-state.h (extrinsic_state::extrinsic_state): Add logger
524 and engine params.
525 (extrinsic_state::get_logger): New accessor.
526 (extrinsic_state::get_engine): New accessor.
527 (extrinsic_state::get_model_manager): New accessor.
528 (extrinsic_state::m_logger): New field.
529 (extrinsic_state::m_engine): New field.
530 (struct default_hash_traits<svalue_id>): Delete.
531 (pod_hash_traits<svalue_id>::hash): Delete.
532 (pod_hash_traits<svalue_id>::equal): Delete.
533 (pod_hash_traits<svalue_id>::mark_deleted): Delete.
534 (pod_hash_traits<svalue_id>::mark_empty): Delete.
535 (pod_hash_traits<svalue_id>::is_deleted): Delete.
536 (pod_hash_traits<svalue_id>::is_empty): Delete.
537 (sm_state_map::entry_t::entry_t): Port from svalue_id to
538 const svalue *.
539 (sm_state_map::entry_t::m_origin): Likewise.
540 (sm_state_map::map_t): Likewise.
541 (sm_state_map::sm_state_map): Add state_machine and index params.
542 (sm_state_map::clone_with_remapping): Delete.
543 (sm_state_map::print): Drop sm param; add simple and multiline
544 params.
545 (sm_state_map::dump): Drop sm param; add simple param.
546 (sm_state_map::get_state): Port from svalue_id to const svalue *.
547 Add ext_state param.
548 (sm_state_map::get_origin): Likewise.
549 (sm_state_map::set_state): Likewise.
550 (sm_state_map::impl_set_state): Likewise.
551 (sm_state_map::purge_for_unknown_fncall): Delete.
552 (sm_state_map::remap_svalue_ids): Delete.
553 (sm_state_map::on_svalue_purge): Delete.
554 (sm_state_map::on_svalue_leak): New.
555 (sm_state_map::on_liveness_change): New.
556 (sm_state_map::on_inherited_svalue): Delete.
557 (sm_state_map::on_cast): Delete.
558 (sm_state_map::validate): Delete.
559 (sm_state_map::on_unknown_change): Port from svalue_id to
560 const svalue *. Add is_mutable and ext_state params.
561 (sm_state_map::canonicalize_svalue): New.
562 (sm_state_map::m_sm): New field.
563 (sm_state_map::m_sm_idx): New field.
564 (program_state::operator=): Delete.
565 (program_state::dump_to_pp): Drop "summarize" param, adding
566 "simple" and "multiline".
567 (program_state::dump_to_file): Likewise.
568 (program_state::dump): Rename "summarize" to "simple".
569 (program_state::push_frame): New.
570 (program_state::get_current_function): New.
571 (program_state::on_edge): Drop "change" param.
572 (program_state::prune_for_point): Likewise. Add enode_for_diag
573 param.
574 (program_state::remap_svalue_ids): Delete.
575 (program_state::get_representative_tree): Port from svalue_id to
576 const svalue *.
577 (program_state::can_purge_p): Likewise. Pass ext_state to get_state.
578 (program_state::can_merge_with_p): Add point param.
579 (program_state::detect_leaks): New.
580 (state_change_visitor::on_state_change): Port from tree and
581 svalue_id to a pair of const svalue *.
582 (class state_change): Delete.
583 * region.cc: New file.
584 * region-model-impl-calls.cc: New file.
585 * region-model-manager.cc: New file.
586 * region-model-reachability.cc: New file.
587 * region-model-reachability.h: New file.
588 * region-model.cc: Include "analyzer/call-string.h",
589 "analyzer/program-point.h", and "analyzer/store.h" before
590 "analyzer/region-model.h". Include
591 "analyzer/region-model-reachability.h".
592 (dump_tree): Make non-static.
593 (dump_quoted_tree): Make non-static.
594 (print_quoted_type): Make non-static.
595 (path_var::dump): Delete.
596 (dump_separator): Delete.
597 (class impl_constraint_manager): Delete.
598 (svalue_id::print): Delete.
599 (svalue_id::dump_node_name_to_pp): Delete.
600 (svalue_id::validate): Delete.
601 (region_id::print): Delete.
602 (region_id::dump_node_name_to_pp): Delete.
603 (region_id::validate): Delete.
604 (region_id_set::region_id_set): Delete.
605 (svalue_id_set::svalue_id_set): Delete.
606 (svalue::operator==): Delete.
607 (svalue::hash): Delete.
608 (svalue::print): Delete.
609 (svalue::dump_dot_to_pp): Delete.
610 (svalue::remap_region_ids): Delete.
611 (svalue::walk_for_canonicalization): Delete.
612 (svalue::get_child_sid): Delete.
613 (svalue::maybe_get_constant): Delete.
614 (region_svalue::compare_fields): Delete.
615 (region_svalue::add_to_hash): Delete.
616 (region_svalue::print_details): Delete.
617 (region_svalue::dump_dot_to_pp): Delete.
618 (region_svalue::remap_region_ids): Delete.
619 (region_svalue::merge_values): Delete.
620 (region_svalue::walk_for_canonicalization): Delete.
621 (region_svalue::eval_condition): Delete.
622 (constant_svalue::compare_fields): Delete.
623 (constant_svalue::add_to_hash): Delete.
624 (constant_svalue::merge_values): Delete.
625 (constant_svalue::eval_condition): Move to svalue.cc.
626 (constant_svalue::print_details): Delete.
627 (constant_svalue::get_child_sid): Delete.
628 (unknown_svalue::compare_fields): Delete.
629 (unknown_svalue::add_to_hash): Delete.
630 (unknown_svalue::print_details): Delete.
631 (poison_kind_to_str): Move to svalue.cc.
632 (poisoned_svalue::compare_fields): Delete.
633 (poisoned_svalue::add_to_hash): Delete.
634 (poisoned_svalue::print_details): Delete.
635 (region_kind_to_str): Move to region.cc and reimplement.
636 (region::operator==): Delete.
637 (region::get_parent_region): Delete.
638 (region::set_value): Delete.
639 (region::become_active_view): Delete.
640 (region::deactivate_any_active_view): Delete.
641 (region::deactivate_view): Delete.
642 (region::get_value): Delete.
643 (region::get_inherited_child_sid): Delete.
644 (region_model::copy_region): Delete.
645 (region_model::copy_struct_region): Delete.
646 (region_model::copy_union_region): Delete.
647 (region_model::copy_array_region): Delete.
648 (region::hash): Delete.
649 (region::print): Delete.
650 (region::dump_dot_to_pp): Delete.
651 (region::dump_to_pp): Delete.
652 (region::dump_child_label): Delete.
653 (region::validate): Delete.
654 (region::remap_svalue_ids): Delete.
655 (region::remap_region_ids): Delete.
656 (region::add_view): Delete.
657 (region::get_view): Delete.
658 (region::region): Move to region.cc.
659 (region::add_to_hash): Delete.
660 (region::print_fields): Delete.
661 (region::non_null_p): Delete.
662 (primitive_region::clone): Delete.
663 (primitive_region::walk_for_canonicalization): Delete.
664 (map_region::map_region): Delete.
665 (map_region::compare_fields): Delete.
666 (map_region::print_fields): Delete.
667 (map_region::validate): Delete.
668 (map_region::dump_dot_to_pp): Delete.
669 (map_region::dump_child_label): Delete.
670 (map_region::get_or_create): Delete.
671 (map_region::get): Delete.
672 (map_region::add_to_hash): Delete.
673 (map_region::remap_region_ids): Delete.
674 (map_region::unbind): Delete.
675 (map_region::get_tree_for_child_region): Delete.
676 (map_region::get_tree_for_child_region): Delete.
677 (tree_cmp): Move to region.cc.
678 (map_region::can_merge_p): Delete.
679 (map_region::walk_for_canonicalization): Delete.
680 (map_region::get_value_by_name): Delete.
681 (struct_or_union_region::valid_key_p): Delete.
682 (struct_or_union_region::compare_fields): Delete.
683 (struct_region::clone): Delete.
684 (struct_region::compare_fields): Delete.
685 (union_region::clone): Delete.
686 (union_region::compare_fields): Delete.
687 (frame_region::compare_fields): Delete.
688 (frame_region::clone): Delete.
689 (frame_region::valid_key_p): Delete.
690 (frame_region::print_fields): Delete.
691 (frame_region::add_to_hash): Delete.
692 (globals_region::compare_fields): Delete.
693 (globals_region::clone): Delete.
694 (globals_region::valid_key_p): Delete.
695 (code_region::compare_fields): Delete.
696 (code_region::clone): Delete.
697 (code_region::valid_key_p): Delete.
698 (array_region::array_region): Delete.
699 (array_region::get_element): Delete.
700 (array_region::clone): Delete.
701 (array_region::compare_fields): Delete.
702 (array_region::print_fields): Delete.
703 (array_region::validate): Delete.
704 (array_region::dump_dot_to_pp): Delete.
705 (array_region::dump_child_label): Delete.
706 (array_region::get_or_create): Delete.
707 (array_region::get): Delete.
708 (array_region::add_to_hash): Delete.
709 (array_region::remap_region_ids): Delete.
710 (array_region::get_key_for_child_region): Delete.
711 (array_region::key_cmp): Delete.
712 (array_region::walk_for_canonicalization): Delete.
713 (array_region::key_from_constant): Delete.
714 (array_region::constant_from_key): Delete.
715 (function_region::compare_fields): Delete.
716 (function_region::clone): Delete.
717 (function_region::valid_key_p): Delete.
718 (stack_region::stack_region): Delete.
719 (stack_region::compare_fields): Delete.
720 (stack_region::clone): Delete.
721 (stack_region::print_fields): Delete.
722 (stack_region::dump_child_label): Delete.
723 (stack_region::validate): Delete.
724 (stack_region::push_frame): Delete.
725 (stack_region::get_current_frame_id): Delete.
726 (stack_region::pop_frame): Delete.
727 (stack_region::add_to_hash): Delete.
728 (stack_region::remap_region_ids): Delete.
729 (stack_region::can_merge_p): Delete.
730 (stack_region::walk_for_canonicalization): Delete.
731 (stack_region::get_value_by_name): Delete.
732 (heap_region::heap_region): Delete.
733 (heap_region::compare_fields): Delete.
734 (heap_region::clone): Delete.
735 (heap_region::walk_for_canonicalization): Delete.
736 (root_region::root_region): Delete.
737 (root_region::compare_fields): Delete.
738 (root_region::clone): Delete.
739 (root_region::print_fields): Delete.
740 (root_region::validate): Delete.
741 (root_region::dump_child_label): Delete.
742 (root_region::push_frame): Delete.
743 (root_region::get_current_frame_id): Delete.
744 (root_region::pop_frame): Delete.
745 (root_region::ensure_stack_region): Delete.
746 (root_region::get_stack_region): Delete.
747 (root_region::ensure_globals_region): Delete.
748 (root_region::get_code_region): Delete.
749 (root_region::ensure_code_region): Delete.
750 (root_region::get_globals_region): Delete.
751 (root_region::ensure_heap_region): Delete.
752 (root_region::get_heap_region): Delete.
753 (root_region::remap_region_ids): Delete.
754 (root_region::can_merge_p): Delete.
755 (root_region::add_to_hash): Delete.
756 (root_region::walk_for_canonicalization): Delete.
757 (root_region::get_value_by_name): Delete.
758 (symbolic_region::symbolic_region): Delete.
759 (symbolic_region::compare_fields): Delete.
760 (symbolic_region::clone): Delete.
761 (symbolic_region::walk_for_canonicalization): Delete.
762 (symbolic_region::print_fields): Delete.
763 (region_model::region_model): Add region_model_manager * param.
764 Reimplement in terms of store, dropping impl_constraint_manager
765 subclass.
766 (region_model::operator=): Reimplement in terms of store
767 (region_model::operator==): Likewise.
768 (region_model::hash): Likewise.
769 (region_model::print): Delete.
770 (region_model::print_svalue): Delete.
771 (region_model::dump_dot_to_pp): Delete.
772 (region_model::dump_dot_to_file): Delete.
773 (region_model::dump_dot): Delete.
774 (region_model::dump_to_pp): Replace "summarize" param with
775 "simple" and "multiline". Port to store-based implementation.
776 (region_model::dump): Replace "summarize" param with "simple" and
777 "multiline".
778 (dump_vec_of_tree): Delete.
779 (region_model::dump_summary_of_rep_path_vars): Delete.
780 (region_model::validate): Delete.
781 (svalue_id_cmp_by_constant_svalue_model): Delete.
782 (svalue_id_cmp_by_constant_svalue): Delete.
783 (region_model::canonicalize): Drop "ctxt" param. Reimplement in
784 terms of store and constraints.
785 (region_model::canonicalized_p): Remove NULL arg to canonicalize.
786 (region_model::loop_replay_fixup): New.
787 (poisoned_value_diagnostic::emit): Tweak wording of warnings.
788 (region_model::check_for_poison): Delete.
789 (region_model::get_gassign_result): New.
790 (region_model::on_assignment): Port to store-based implementation.
791 (region_model::on_call_pre): Delete calls to check_for_poison.
792 Move implementations to region-model-impl-calls.c and port to
793 store-based implementation.
794 (region_model::on_call_post): Likewise.
795 (class reachable_regions): Move to region-model-reachability.h/cc
796 and port to store-based implementation.
797 (region_model::handle_unrecognized_call): Port to store-based
798 implementation.
799 (region_model::get_reachable_svalues): New.
800 (region_model::on_setjmp): Port to store-based implementation.
801 (region_model::on_longjmp): Likewise.
802 (region_model::handle_phi): Drop is_back_edge param and the logic
803 using it.
804 (region_model::get_lvalue_1): Port from region_id to const region *.
805 (region_model::make_region_for_unexpected_tree_code): Delete.
806 (assert_compat_types): If the check fails, use internal_error to
807 show the types.
808 (region_model::get_lvalue): Port from region_id to const region *.
809 (region_model::get_rvalue_1): Port from svalue_id to const svalue *.
810 (region_model::get_rvalue): Likewise.
811 (region_model::get_or_create_ptr_svalue): Delete.
812 (region_model::get_or_create_constant_svalue): Delete.
813 (region_model::get_svalue_for_fndecl): Delete.
814 (region_model::get_region_for_fndecl): Delete.
815 (region_model::get_svalue_for_label): Delete.
816 (region_model::get_region_for_label): Delete.
817 (build_cast): Delete.
818 (region_model::maybe_cast_1): Delete.
819 (region_model::maybe_cast): Delete.
820 (region_model::get_field_region): Delete.
821 (region_model::get_store_value): New.
822 (region_model::region_exists_p): New.
823 (region_model::deref_rvalue): Port from svalue_id to const svalue *.
824 (region_model::set_value): Likewise.
825 (region_model::clobber_region): New.
826 (region_model::purge_region): New.
827 (region_model::zero_fill_region): New.
828 (region_model::mark_region_as_unknown): New.
829 (region_model::eval_condition): Port from svalue_id to
830 const svalue *.
831 (region_model::eval_condition_without_cm): Likewise.
832 (region_model::compare_initial_and_pointer): New.
833 (region_model::add_constraint): Port from svalue_id to
834 const svalue *.
835 (region_model::maybe_get_constant): Delete.
836 (region_model::get_representative_path_var): New.
837 (region_model::add_new_malloc_region): Delete.
838 (region_model::get_representative_tree): Port to const svalue *.
839 (region_model::get_representative_path_var): Port to
840 const region *.
841 (region_model::get_path_vars_for_svalue): Delete.
842 (region_model::set_to_new_unknown_value): Delete.
843 (region_model::update_for_phis): Don't pass is_back_edge to handle_phi.
844 (region_model::update_for_call_superedge): Port from svalue_id to
845 const svalue *.
846 (region_model::update_for_return_superedge): Port to store-based
847 implementation.
848 (region_model::update_for_call_summary): Replace
849 set_to_new_unknown_value with mark_region_as_unknown.
850 (region_model::get_root_region): Delete.
851 (region_model::get_stack_region_id): Delete.
852 (region_model::push_frame): Delete.
853 (region_model::get_current_frame_id): Delete.
854 (region_model::get_current_function): Delete.
855 (region_model::pop_frame): Delete.
856 (region_model::on_top_level_param): New.
857 (region_model::get_stack_depth): Delete.
858 (region_model::get_function_at_depth): Delete.
859 (region_model::get_globals_region_id): Delete.
860 (region_model::add_svalue): Delete.
861 (region_model::replace_svalue): Delete.
862 (region_model::add_region): Delete.
863 (region_model::get_svalue): Delete.
864 (region_model::get_region): Delete.
865 (make_region_for_type): Delete.
866 (region_model::add_region_for_type): Delete.
867 (region_model::on_top_level_param): New.
868 (class restrict_to_used_svalues): Delete.
869 (region_model::purge_unused_svalues): Delete.
870 (region_model::push_frame): New.
871 (region_model::remap_svalue_ids): Delete.
872 (region_model::remap_region_ids): Delete.
873 (region_model::purge_regions): Delete.
874 (region_model::get_descendents): Delete.
875 (region_model::delete_region_and_descendents): Delete.
876 (region_model::poison_any_pointers_to_bad_regions): Delete.
877 (region_model::can_merge_with_p): Delete.
878 (region_model::get_current_function): New.
879 (region_model::get_value_by_name): Delete.
880 (region_model::convert_byte_offset_to_array_index): Delete.
881 (region_model::pop_frame): New.
882 (region_model::get_or_create_mem_ref): Delete.
883 (region_model::get_stack_depth): New.
884 (region_model::get_frame_at_index): New.
885 (region_model::unbind_region_and_descendents): New.
886 (struct bad_pointer_finder): New.
887 (region_model::get_or_create_pointer_plus_expr): Delete.
888 (region_model::poison_any_pointers_to_descendents): New.
889 (region_model::get_or_create_view): Delete.
890 (region_model::can_merge_with_p): New.
891 (region_model::get_fndecl_for_call): Port from svalue_id to
892 const svalue *.
893 (struct append_ssa_names_cb_data): New.
894 (get_ssa_name_regions_for_current_frame): New.
895 (region_model::append_ssa_names_cb): New.
896 (model_merger::dump_to_pp): Add "simple" param. Drop dumping of
897 remappings.
898 (model_merger::dump): Add "simple" param to both overloads.
899 (model_merger::can_merge_values_p): Delete.
900 (model_merger::record_regions): Delete.
901 (model_merger::record_svalues): Delete.
902 (svalue_id_merger_mapping::svalue_id_merger_mapping): Delete.
903 (svalue_id_merger_mapping::dump_to_pp): Delete.
904 (svalue_id_merger_mapping::dump): Delete.
905 (region_model::create_region_for_heap_alloc): New.
906 (region_model::create_region_for_alloca): New.
907 (region_model::record_dynamic_extents): New.
908 (canonicalization::canonicalization): Delete.
909 (canonicalization::walk_rid): Delete.
910 (canonicalization::walk_sid): Delete.
911 (canonicalization::dump_to_pp): Delete.
912 (canonicalization::dump): Delete.
913 (inchash::add): Delete overloads for svalue_id and region_id.
914 (engine::log_stats): New.
915 (assert_condition): Add overload comparing svalues.
916 (assert_dump_eq): Pass "true" for multiline.
917 (selftest::test_dump): Update for rewrite of region_model.
918 (selftest::test_dump_2): Rename to...
919 (selftest::test_struct): ...this. Provide a region_model_manager
920 when creating region_model instance. Remove dump test. Add
921 checks for get_offset.
922 (selftest::test_dump_3): Rename to...
923 (selftest::test_array_1): ...this. Provide a region_model_manager
924 when creating region_model instance. Remove dump test.
925 (selftest::test_get_representative_tree): Port from svalue_id to
926 new API. Add test coverage for various expressions.
927 (selftest::test_unique_constants): Provide a region_model_manager
928 for the region_model. Add test coverage for comparing const vs
929 non-const.
930 (selftest::test_svalue_equality): Delete.
931 (selftest::test_region_equality): Delete.
932 (selftest::test_unique_unknowns): New.
933 (class purge_all_svalue_ids): Delete.
934 (class purge_one_svalue_id): Delete.
935 (selftest::test_purging_by_criteria): Delete.
936 (selftest::test_initial_svalue_folding): New.
937 (selftest::test_unaryop_svalue_folding): New.
938 (selftest::test_binop_svalue_folding): New.
939 (selftest::test_sub_svalue_folding): New.
940 (selftest::test_purge_unused_svalues): Delete.
941 (selftest::test_descendent_of_p): New.
942 (selftest::test_assignment): Provide a region_model_manager for
943 the region_model. Drop the dump test.
944 (selftest::test_compound_assignment): Likewise.
945 (selftest::test_stack_frames): Port to new implementation.
946 (selftest::test_get_representative_path_var): Likewise.
947 (selftest::test_canonicalization_1): Rename to...
948 (selftest::test_equality_1): ...this. Port to new API, and add
949 (selftest::test_canonicalization_2): Provide a
950 region_model_manager when creating region_model instances.
951 Remove redundant canicalization.
952 (selftest::test_canonicalization_3): Provide a
953 region_model_manager when creating region_model instances.
954 Remove param from calls to region_model::canonicalize.
955 (selftest::test_canonicalization_4): Likewise.
956 (selftest::assert_region_models_merge): Constify
957 out_merged_svalue. Port to new API.
958 (selftest::test_state_merging): Provide a
959 region_model_manager when creating region_model instances.
960 Provide a program_point point when merging them. Replace
961 set_to_new_unknown_value with usage of placeholder_svalues.
962 Drop get_value_by_name. Port from svalue_id to const svalue *.
963 Add test of heap allocation.
964 (selftest::test_constraint_merging): Provide a
965 region_model_manager when creating region_model instances.
966 Provide a program_point point when merging them. Eliminate use
967 of set_to_new_unknown_value.
968 (selftest::test_widening_constraints): New.
969 (selftest::test_iteration_1): New.
970 (selftest::test_malloc_constraints): Port to store-based
971 implementation.
972 (selftest::test_var): New test.
973 (selftest::test_array_2): New test.
974 (selftest::test_mem_ref): New test.
975 (selftest::test_POINTER_PLUS_EXPR_then_MEM_REF): New.
976 (selftest::test_malloc): New.
977 (selftest::test_alloca): New.
978 (selftest::analyzer_region_model_cc_tests): Update for renamings.
979 Call new functions.
980 * region-model.h (class path_var): Move to analyzer.h.
981 (class svalue_id): Delete.
982 (class region_id): Delete.
983 (class id_map): Delete.
984 (svalue_id_map): Delete.
985 (region_id_map): Delete.
986 (id_map<T>::id_map): Delete.
987 (id_map<T>::put): Delete.
988 (id_map<T>::get_dst_for_src): Delete.
989 (id_map<T>::get_src_for_dst): Delete.
990 (id_map<T>::dump_to_pp): Delete.
991 (id_map<T>::dump): Delete.
992 (id_map<T>::update): Delete.
993 (one_way_svalue_id_map): Delete.
994 (one_way_region_id_map): Delete.
995 (class region_id_set): Delete.
996 (class svalue_id_set): Delete.
997 (struct complexity): New.
998 (class visitor): New.
999 (enum svalue_kind): Add SK_SETJMP, SK_INITIAL, SK_UNARYOP,
1000 SK_BINOP, SK_SUB,SK_UNMERGEABLE, SK_PLACEHOLDER, SK_WIDENING,
1001 SK_COMPOUND, and SK_CONJURED.
1002 (svalue::operator==): Delete.
1003 (svalue::operator!=): Delete.
1004 (svalue::clone): Delete.
1005 (svalue::hash): Delete.
1006 (svalue::dump_dot_to_pp): Delete.
1007 (svalue::dump_to_pp): New.
1008 (svalue::dump): New.
1009 (svalue::get_desc): New.
1010 (svalue::dyn_cast_initial_svalue): New.
1011 (svalue::dyn_cast_unaryop_svalue): New.
1012 (svalue::dyn_cast_binop_svalue): New.
1013 (svalue::dyn_cast_sub_svalue): New.
1014 (svalue::dyn_cast_unmergeable_svalue): New.
1015 (svalue::dyn_cast_widening_svalue): New.
1016 (svalue::dyn_cast_compound_svalue): New.
1017 (svalue::dyn_cast_conjured_svalue): New.
1018 (svalue::maybe_undo_cast): New.
1019 (svalue::unwrap_any_unmergeable): New.
1020 (svalue::remap_region_ids): Delete
1021 (svalue::can_merge_p): New.
1022 (svalue::walk_for_canonicalization): Delete
1023 (svalue::get_complexity): New.
1024 (svalue::get_child_sid): Delete
1025 (svalue::accept): New.
1026 (svalue::live_p): New.
1027 (svalue::implicitly_live_p): New.
1028 (svalue::svalue): Add complexity param.
1029 (svalue::add_to_hash): Delete
1030 (svalue::print_details): Delete
1031 (svalue::m_complexity): New field.
1032 (region_svalue::key_t): New struct.
1033 (region_svalue::region_svalue): Port from region_id to
1034 const region_id *. Add complexity.
1035 (region_svalue::compare_fields): Delete.
1036 (region_svalue::clone): Delete.
1037 (region_svalue::dump_dot_to_pp): Delete.
1038 (region_svalue::get_pointee): Port from region_id to
1039 const region_id *.
1040 (region_svalue::remap_region_ids): Delete.
1041 (region_svalue::merge_values): Delete.
1042 (region_svalue::dump_to_pp): New.
1043 (region_svalue::accept): New.
1044 (region_svalue::walk_for_canonicalization): Delete.
1045 (region_svalue::eval_condition): Make params const.
1046 (region_svalue::add_to_hash): Delete.
1047 (region_svalue::print_details): Delete.
1048 (region_svalue::m_rid): Replace with...
1049 (region_svalue::m_reg): ...this.
1050 (is_a_helper <region_svalue *>::test): Convert to...
1051 (is_a_helper <const region_svalue *>::test): ...this.
1052 (template <> struct default_hash_traits<region_svalue::key_t>):
1053 New.
1054 (constant_svalue::constant_svalue): Add complexity.
1055 (constant_svalue::compare_fields): Delete.
1056 (constant_svalue::clone): Delete.
1057 (constant_svalue::add_to_hash): Delete.
1058 (constant_svalue::dump_to_pp): New.
1059 (constant_svalue::accept): New.
1060 (constant_svalue::implicitly_live_p): New.
1061 (constant_svalue::merge_values): Delete.
1062 (constant_svalue::eval_condition): Make params const.
1063 (constant_svalue::get_child_sid): Delete.
1064 (constant_svalue::print_details): Delete.
1065 (is_a_helper <constant_svalue *>::test): Convert to...
1066 (is_a_helper <const constant_svalue *>::test): ...this.
1067 (class unknown_svalue): Update leading comment.
1068 (unknown_svalue::unknown_svalue): Add complexity.
1069 (unknown_svalue::compare_fields): Delete.
1070 (unknown_svalue::add_to_hash): Delete.
1071 (unknown_svalue::dyn_cast_unknown_svalue): Delete.
1072 (unknown_svalue::print_details): Delete.
1073 (unknown_svalue::dump_to_pp): New.
1074 (unknown_svalue::accept): New.
1075 (poisoned_svalue::key_t): New struct.
1076 (poisoned_svalue::poisoned_svalue): Add complexity.
1077 (poisoned_svalue::compare_fields): Delete.
1078 (poisoned_svalue::clone): Delete.
1079 (poisoned_svalue::add_to_hash): Delete.
1080 (poisoned_svalue::dump_to_pp): New.
1081 (poisoned_svalue::accept): New.
1082 (poisoned_svalue::print_details): Delete.
1083 (is_a_helper <poisoned_svalue *>::test): Convert to...
1084 (is_a_helper <const poisoned_svalue *>::test): ...this.
1085 (template <> struct default_hash_traits<poisoned_svalue::key_t>):
1086 New.
1087 (setjmp_record::add_to_hash): New.
1088 (setjmp_svalue::key_t): New struct.
1089 (setjmp_svalue::compare_fields): Delete.
1090 (setjmp_svalue::clone): Delete.
1091 (setjmp_svalue::add_to_hash): Delete.
1092 (setjmp_svalue::setjmp_svalue): Add complexity.
1093 (setjmp_svalue::dump_to_pp): New.
1094 (setjmp_svalue::accept): New.
1095 (setjmp_svalue::void print_details): Delete.
1096 (is_a_helper <const setjmp_svalue *>::test): New.
1097 (template <> struct default_hash_traits<setjmp_svalue::key_t>): New.
1098 (class initial_svalue : public svalue): New.
1099 (is_a_helper <const initial_svalue *>::test): New.
1100 (class unaryop_svalue): New.
1101 (is_a_helper <const unaryop_svalue *>::test): New.
1102 (template <> struct default_hash_traits<unaryop_svalue::key_t>): New.
1103 (class binop_svalue): New.
1104 (is_a_helper <const binop_svalue *>::test): New.
1105 (template <> struct default_hash_traits<binop_svalue::key_t>): New.
1106 (class sub_svalue): New.
1107 (is_a_helper <const sub_svalue *>::test): New.
1108 (template <> struct default_hash_traits<sub_svalue::key_t>): New.
1109 (class unmergeable_svalue): New.
1110 (is_a_helper <const unmergeable_svalue *>::test): New.
1111 (class placeholder_svalue): New.
1112 (is_a_helper <placeholder_svalue *>::test): New.
1113 (class widening_svalue): New.
1114 (is_a_helper <widening_svalue *>::test): New.
1115 (template <> struct default_hash_traits<widening_svalue::key_t>): New.
1116 (class compound_svalue): New.
1117 (is_a_helper <compound_svalue *>::test): New.
1118 (template <> struct default_hash_traits<compound_svalue::key_t>): New.
1119 (class conjured_svalue): New.
1120 (is_a_helper <conjured_svalue *>::test): New.
1121 (template <> struct default_hash_traits<conjured_svalue::key_t>): New.
1122 (enum region_kind): Delete RK_PRIMITIVE, RK_STRUCT, RK_UNION, and
1123 RK_ARRAY. Add RK_LABEL, RK_DECL, RK_FIELD, RK_ELEMENT, RK_OFFSET,
1124 RK_CAST, RK_HEAP_ALLOCATED, RK_ALLOCA, RK_STRING, and RK_UNKNOWN.
1125 (region_kind_to_str): Delete.
1126 (region::~region): Move implementation to region.cc.
1127 (region::operator==): Delete.
1128 (region::operator!=): Delete.
1129 (region::clone): Delete.
1130 (region::get_id): New.
1131 (region::cmp_ids): New.
1132 (region::dyn_cast_map_region): Delete.
1133 (region::dyn_cast_array_region): Delete.
1134 (region::region_id get_parent): Delete.
1135 (region::get_parent_region): Convert to a simple accessor.
1136 (region::void set_value): Delete.
1137 (region::svalue_id get_value): Delete.
1138 (region::svalue_id get_value_direct): Delete.
1139 (region::svalue_id get_inherited_child_sid): Delete.
1140 (region::dyn_cast_frame_region): New.
1141 (region::dyn_cast_function_region): New.
1142 (region::dyn_cast_decl_region): New.
1143 (region::dyn_cast_field_region): New.
1144 (region::dyn_cast_element_region): New.
1145 (region::dyn_cast_offset_region): New.
1146 (region::dyn_cast_cast_region): New.
1147 (region::dyn_cast_string_region): New.
1148 (region::accept): New.
1149 (region::get_base_region): New.
1150 (region::base_region_p): New.
1151 (region::descendent_of_p): New.
1152 (region::maybe_get_frame_region): New.
1153 (region::maybe_get_decl): New.
1154 (region::hash): Delete.
1155 (region::rint): Delete.
1156 (region::dump_dot_to_pp): Delete.
1157 (region::get_desc): New.
1158 (region::dump_to_pp): Convert to vfunc, changing signature.
1159 (region::dump_child_label): Delete.
1160 (region::remap_svalue_ids): Delete.
1161 (region::remap_region_ids): Delete.
1162 (region::dump): New.
1163 (region::walk_for_canonicalization): Delete.
1164 (region::non_null_p): Drop region_model param.
1165 (region::add_view): Delete.
1166 (region::get_view): Delete.
1167 (region::get_active_view): Delete.
1168 (region::is_view_p): Delete.
1169 (region::cmp_ptrs): New.
1170 (region::validate): Delete.
1171 (region::get_offset): New.
1172 (region::get_byte_size): New.
1173 (region::get_bit_size): New.
1174 (region::get_subregions_for_binding): New.
1175 (region::region): Add complexity param. Convert parent from
1176 region_id to const region *. Drop svalue_id. Drop copy ctor.
1177 (region::symbolic_for_unknown_ptr_p): New.
1178 (region::add_to_hash): Delete.
1179 (region::print_fields): Delete.
1180 (region::get_complexity): New accessor.
1181 (region::become_active_view): Delete.
1182 (region::deactivate_any_active_view): Delete.
1183 (region::deactivate_view): Delete.
1184 (region::calc_offset): New.
1185 (region::m_parent_rid): Delete.
1186 (region::m_sval_id): Delete.
1187 (region::m_complexity): New.
1188 (region::m_id): New.
1189 (region::m_parent): New.
1190 (region::m_view_rids): Delete.
1191 (region::m_is_view): Delete.
1192 (region::m_active_view_rid): Delete.
1193 (region::m_cached_offset): New.
1194 (is_a_helper <region *>::test): Convert to...
1195 (is_a_helper <const region *>::test): ... this.
1196 (class primitive_region): Delete.
1197 (class space_region): New.
1198 (class map_region): Delete.
1199 (is_a_helper <map_region *>::test): Delete.
1200 (class frame_region): Reimplement.
1201 (template <> struct default_hash_traits<frame_region::key_t>):
1202 New.
1203 (class globals_region): Reimplement.
1204 (is_a_helper <globals_region *>::test): Convert to...
1205 (is_a_helper <const globals_region *>::test): ...this.
1206 (class struct_or_union_region): Delete.
1207 (is_a_helper <struct_or_union_region *>::test): Delete.
1208 (class code_region): Reimplement.
1209 (is_a_helper <const code_region *>::test): New.
1210 (class struct_region): Delete.
1211 (is_a_helper <struct_region *>::test): Delete.
1212 (class function_region): Reimplement.
1213 (is_a_helper <function_region *>::test): Convert to...
1214 (is_a_helper <const function_region *>::test): ...this.
1215 (class union_region): Delete.
1216 (is_a_helper <union_region *>::test): Delete.
1217 (class label_region): New.
1218 (is_a_helper <const label_region *>::test): New.
1219 (class scope_region): Delete.
1220 (class stack_region): Reimplement.
1221 (is_a_helper <stack_region *>::test): Convert to...
1222 (is_a_helper <const stack_region *>::test): ...this.
1223 (class heap_region): Reimplement.
1224 (is_a_helper <heap_region *>::test): Convert to...
1225 (is_a_helper <const heap_region *>::test): ...this.
1226 (class root_region): Reimplement.
1227 (is_a_helper <root_region *>::test): Convert to...
1228 (is_a_helper <const root_region *>::test): ...this.
1229 (class symbolic_region): Reimplement.
1230 (is_a_helper <const symbolic_region *>::test): New.
1231 (template <> struct default_hash_traits<symbolic_region::key_t>):
1232 New.
1233 (class decl_region): New.
1234 (is_a_helper <const decl_region *>::test): New.
1235 (class field_region): New.
1236 (template <> struct default_hash_traits<field_region::key_t>): New.
1237 (class array_region): Delete.
1238 (class element_region): New.
1239 (is_a_helper <array_region *>::test): Delete.
1240 (is_a_helper <const element_region *>::test): New.
1241 (template <> struct default_hash_traits<element_region::key_t>):
1242 New.
1243 (class offset_region): New.
1244 (is_a_helper <const offset_region *>::test): New.
1245 (template <> struct default_hash_traits<offset_region::key_t>):
1246 New.
1247 (class cast_region): New.
1248 (is_a_helper <const cast_region *>::test): New.
1249 (template <> struct default_hash_traits<cast_region::key_t>): New.
1250 (class heap_allocated_region): New.
1251 (class alloca_region): New.
1252 (class string_region): New.
1253 (is_a_helper <const string_region *>::test): New.
1254 (class unknown_region): New.
1255 (class region_model_manager): New.
1256 (struct append_ssa_names_cb_data): New.
1257 (class call_details): New.
1258 (region_model::region_model): Add region_model_manager param.
1259 (region_model::print_svalue): Delete.
1260 (region_model::dump_dot_to_pp): Delete.
1261 (region_model::dump_dot_to_file): Delete.
1262 (region_model::dump_dot): Delete.
1263 (region_model::dump_to_pp): Drop summarize param in favor of
1264 simple and multiline.
1265 (region_model::dump): Likewise.
1266 (region_model::summarize_to_pp): Delete.
1267 (region_model::summarize): Delete.
1268 (region_model::void canonicalize): Drop ctxt param.
1269 (region_model::void check_for_poison): Delete.
1270 (region_model::get_gassign_result): New.
1271 (region_model::impl_call_alloca): New.
1272 (region_model::impl_call_analyzer_describe): New.
1273 (region_model::impl_call_analyzer_eval): New.
1274 (region_model::impl_call_builtin_expect): New.
1275 (region_model::impl_call_calloc): New.
1276 (region_model::impl_call_free): New.
1277 (region_model::impl_call_malloc): New.
1278 (region_model::impl_call_memset): New.
1279 (region_model::impl_call_strlen): New.
1280 (region_model::get_reachable_svalues): New.
1281 (region_model::handle_phi): Drop is_back_edge param.
1282 (region_model::region_id get_root_rid): Delete.
1283 (region_model::root_region *get_root_region): Delete.
1284 (region_model::region_id get_stack_region_id): Delete.
1285 (region_model::push_frame): Convert from region_id and svalue_id
1286 to const region * and const svalue *.
1287 (region_model::get_current_frame_id): Replace with...
1288 (region_model::get_current_frame): ...this.
1289 (region_model::pop_frame): Convert from region_id to
1290 const region *. Drop purge and stats param. Add out_result.
1291 (region_model::function *get_function_at_depth): Delete.
1292 (region_model::get_globals_region_id): Delete.
1293 (region_model::add_svalue): Delete.
1294 (region_model::replace_svalue): Delete.
1295 (region_model::add_region): Delete.
1296 (region_model::add_region_for_type): Delete.
1297 (region_model::get_svalue): Delete.
1298 (region_model::get_region): Delete.
1299 (region_model::get_lvalue): Convert from region_id to
1300 const region *.
1301 (region_model::get_rvalue): Convert from svalue_id to
1302 const svalue *.
1303 (region_model::get_or_create_ptr_svalue): Delete.
1304 (region_model::get_or_create_constant_svalue): Delete.
1305 (region_model::get_svalue_for_fndecl): Delete.
1306 (region_model::get_svalue_for_label): Delete.
1307 (region_model::get_region_for_fndecl): Delete.
1308 (region_model::get_region_for_label): Delete.
1309 (region_model::get_frame_at_index (int index) const;): New.
1310 (region_model::maybe_cast): Delete.
1311 (region_model::maybe_cast_1): Delete.
1312 (region_model::get_field_region): Delete.
1313 (region_model::id deref_rvalue): Convert from region_id and
1314 svalue_id to const region * and const svalue *. Drop overload,
1315 passing in both a tree and an svalue.
1316 (region_model::set_value): Convert from region_id and svalue_id to
1317 const region * and const svalue *.
1318 (region_model::set_to_new_unknown_value): Delete.
1319 (region_model::clobber_region (const region *reg);): New.
1320 (region_model::purge_region (const region *reg);): New.
1321 (region_model::zero_fill_region (const region *reg);): New.
1322 (region_model::mark_region_as_unknown (const region *reg);): New.
1323 (region_model::copy_region): Convert from region_id to
1324 const region *.
1325 (region_model::eval_condition): Convert from svalue_id to
1326 const svalue *.
1327 (region_model::eval_condition_without_cm): Likewise.
1328 (region_model::compare_initial_and_pointer): New.
1329 (region_model:maybe_get_constant): Delete.
1330 (region_model::add_new_malloc_region): Delete.
1331 (region_model::get_representative_tree): Convert from svalue_id to
1332 const svalue *.
1333 (region_model::get_representative_path_var): Delete decl taking a
1334 region_id in favor of two decls, for svalue vs region, with an
1335 svalue_set to ensure termination.
1336 (region_model::get_path_vars_for_svalue): Delete.
1337 (region_model::create_region_for_heap_alloc): New.
1338 (region_model::create_region_for_alloca): New.
1339 (region_model::purge_unused_svalues): Delete.
1340 (region_model::remap_svalue_ids): Delete.
1341 (region_model::remap_region_ids): Delete.
1342 (region_model::purge_regions): Delete.
1343 (region_model::get_num_svalues): Delete.
1344 (region_model::get_num_regions): Delete.
1345 (region_model::get_descendents): Delete.
1346 (region_model::get_store): New.
1347 (region_model::delete_region_and_descendents): Delete.
1348 (region_model::get_manager): New.
1349 (region_model::unbind_region_and_descendents): New.
1350 (region_model::can_merge_with_p): Add point param. Drop
1351 svalue_id_merger_mapping.
1352 (region_model::get_value_by_name): Delete.
1353 (region_model::convert_byte_offset_to_array_index): Delete.
1354 (region_model::get_or_create_mem_ref): Delete.
1355 (region_model::get_or_create_pointer_plus_expr): Delete.
1356 (region_model::get_or_create_view): Delete.
1357 (region_model::get_lvalue_1): Convert from region_id to
1358 const region *.
1359 (region_model::get_rvalue_1): Convert from svalue_id to
1360 const svalue *.
1361 (region_model::get_ssa_name_regions_for_current_frame): New.
1362 (region_model::append_ssa_names_cb): New.
1363 (region_model::get_store_value): New.
1364 (region_model::copy_struct_region): Delete.
1365 (region_model::copy_union_region): Delete.
1366 (region_model::copy_array_region): Delete.
1367 (region_model::region_exists_p): New.
1368 (region_model::make_region_for_unexpected_tree_code): Delete.
1369 (region_model::loop_replay_fixup): New.
1370 (region_model::poison_any_pointers_to_bad_regions): Delete.
1371 (region_model::poison_any_pointers_to_descendents): New.
1372 (region_model::dump_summary_of_rep_path_vars): Delete.
1373 (region_model::on_top_level_param): New.
1374 (region_model::record_dynamic_extents): New.
1375 (region_model::m_mgr;): New.
1376 (region_model::m_store;): New.
1377 (region_model::m_svalues;): Delete.
1378 (region_model::m_regions;): Delete.
1379 (region_model::m_root_rid;): Delete.
1380 (region_model::m_current_frame;): New.
1381 (region_model_context::remap_svalue_ids): Delete.
1382 (region_model_context::can_purge_p): Delete.
1383 (region_model_context::on_svalue_leak): New.
1384 (region_model_context::on_svalue_purge): Delete.
1385 (region_model_context::on_liveness_change): New.
1386 (region_model_context::on_inherited_svalue): Delete.
1387 (region_model_context::on_cast): Delete.
1388 (region_model_context::on_unknown_change): Convert from svalue_id to
1389 const svalue * and add is_mutable.
1390 (class noop_region_model_context): Update for region_model_context
1391 changes.
1392 (model_merger::model_merger): Add program_point. Drop
1393 svalue_id_merger_mapping.
1394 (model_merger::dump_to_pp): Add "simple" param.
1395 (model_merger::dump): Likewise.
1396 (model_merger::get_region_a): Delete.
1397 (model_merger::get_region_b): Delete.
1398 (model_merger::can_merge_values_p): Delete.
1399 (model_merger::record_regions): Delete.
1400 (model_merger::record_svalues): Delete.
1401 (model_merger::m_point): New field.
1402 (model_merger::m_map_regions_from_a_to_m): Delete.
1403 (model_merger::m_map_regions_from_b_to_m): Delete.
1404 (model_merger::m_sid_mapping): Delete.
1405 (struct svalue_id_merger_mapping): Delete.
1406 (class engine): New.
1407 (struct canonicalization): Delete.
1408 (inchash::add): Delete decls for hashing svalue_id and region_id.
1409 (test_region_model_context::on_unexpected_tree_code): Require t to
1410 be non-NULL.
1411 (selftest::assert_condition): Add overload comparing a pair of
1412 const svalue *.
1413 * sm-file.cc: Include "tristate.h", "selftest.h",
1414 "analyzer/call-string.h", "analyzer/program-point.h",
1415 "analyzer/store.h", and "analyzer/region-model.h".
1416 (fileptr_state_machine::get_default_state): New.
1417 (fileptr_state_machine::on_stmt): Remove calls to
1418 get_readable_tree in favor of get_diagnostic_tree.
1419 * sm-malloc.cc: Include "tristate.h", "selftest.h",
1420 "analyzer/call-string.h", "analyzer/program-point.h",
1421 "analyzer/store.h", and "analyzer/region-model.h".
1422 (malloc_state_machine::get_default_state): New.
1423 (malloc_state_machine::reset_when_passed_to_unknown_fn_p): New.
1424 (malloc_diagnostic::describe_state_change): Handle change.m_expr
1425 being NULL.
1426 (null_arg::emit): Avoid printing "NULL '0'".
1427 (null_arg::describe_final_event): Avoid printing "(0) NULL".
1428 (malloc_leak::emit): Handle m_arg being NULL.
1429 (malloc_leak::describe_final_event): Handle ev.m_expr being NULL.
1430 (malloc_state_machine::on_stmt): Don't call get_readable_tree.
1431 Call get_diagnostic_tree when creating pending diagnostics.
1432 Update for is_zero_assignment becoming a member function of
1433 sm_ctxt.
1434 Don't transition to m_non_heap for ADDR_EXPR(MEM_REF()).
1435 (malloc_state_machine::reset_when_passed_to_unknown_fn_p): New
1436 vfunc implementation.
1437 * sm-sensitive.cc (sensitive_state_machine::warn_for_any_exposure): Call
1438 get_diagnostic_tree and pass the result to warn_for_state.
1439 * sm-signal.cc: Move includes of "analyzer/call-string.h" and
1440 "analyzer/program-point.h" to before "analyzer/region-model.h",
1441 and also include "analyzer/store.h" before it.
1442 (signal_unsafe_call::describe_state_change): Use
1443 get_dest_function to get handler.
1444 (update_model_for_signal_handler): Pass manager to region_model
1445 ctor.
1446 (register_signal_handler::impl_transition): Update for changes to
1447 get_or_create_node and add_edge.
1448 * sm-taint.cc (taint_state_machine::on_stmt): Remove calls to
1449 get_readable_tree, replacing them when calling warn_for_state with
1450 calls to get_diagnostic_tree.
1451 * sm.cc (is_zero_assignment): Delete.
1452 (any_pointer_p): Move to within namespace ana.
1453 * sm.h (is_zero_assignment): Remove decl.
1454 (any_pointer_p): Move decl to within namespace ana.
1455 (state_machine::get_default_state): New vfunc.
1456 (state_machine::reset_when_passed_to_unknown_fn_p): New vfunc.
1457 (sm_context::get_readable_tree): Rename to...
1458 (sm_context::get_diagnostic_tree): ...this.
1459 (sm_context::is_zero_assignment): New vfunc.
1460 * store.cc: New file.
1461 * store.h: New file.
1462 * svalue.cc: New file.
1463
1464 2020-05-22 Mark Wielaard <mark@klomp.org>
1465
1466 * sm-signal.cc(signal_unsafe_call::emit): Possibly add
1467 gcc_rich_location note for replacement.
1468 (signal_unsafe_call::get_replacement_fn): New private function.
1469 (get_async_signal_unsafe_fns): Add "exit".
1470
1471 2020-04-28 David Malcolm <dmalcolm@redhat.com>
1472
1473 PR analyzer/94816
1474 * engine.cc (impl_region_model_context::on_unexpected_tree_code):
1475 Handle NULL tree.
1476 * region-model.cc (region_model::add_region_for_type): Handle
1477 NULL type.
1478 * region-model.h
1479 (test_region_model_context::on_unexpected_tree_code): Handle NULL
1480 tree.
1481
1482 2020-04-28 David Malcolm <dmalcolm@redhat.com>
1483
1484 PR analyzer/94447
1485 PR analyzer/94639
1486 PR analyzer/94732
1487 PR analyzer/94754
1488 * analyzer.opt (Wanalyzer-use-of-uninitialized-value): Delete.
1489 * program-state.cc (selftest::test_program_state_dumping): Update
1490 expected dump result for removal of "uninit".
1491 * region-model.cc (poison_kind_to_str): Delete POISON_KIND_UNINIT
1492 case.
1493 (root_region::ensure_stack_region): Initialize stack with null
1494 svalue_id rather than with a typeless POISON_KIND_UNINIT value.
1495 (root_region::ensure_heap_region): Likewise for the heap.
1496 (region_model::dump_summary_of_rep_path_vars): Remove
1497 summarization of uninit values.
1498 (region_model::validate): Remove check that the stack has a
1499 POISON_KIND_UNINIT value.
1500 (poisoned_value_diagnostic::emit): Remove POISON_KIND_UNINIT
1501 case.
1502 (poisoned_value_diagnostic::describe_final_event): Likewise.
1503 (selftest::test_dump): Update expected dump result for removal of
1504 "uninit".
1505 (selftest::test_svalue_equality): Remove "uninit" and "freed".
1506 * region-model.h (enum poison_kind): Remove POISON_KIND_UNINIT.
1507
1508 2020-04-01 David Malcolm <dmalcolm@redhat.com>
1509
1510 PR analyzer/94378
1511 * checker-path.cc: Include "bitmap.h".
1512 * constraint-manager.cc: Likewise.
1513 * diagnostic-manager.cc: Likewise.
1514 * engine.cc: Likewise.
1515 (exploded_node::detect_leaks): Pass null region_id to pop_frame.
1516 * program-point.cc: Include "bitmap.h".
1517 * program-state.cc: Likewise.
1518 * region-model.cc (id_set<region_id>::id_set): Convert to...
1519 (region_id_set::region_id_set): ...this.
1520 (svalue_id_set::svalue_id_set): New ctor.
1521 (region_model::copy_region): New function.
1522 (region_model::copy_struct_region): New function.
1523 (region_model::copy_union_region): New function.
1524 (region_model::copy_array_region): New function.
1525 (stack_region::pop_frame): Drop return value. Add
1526 "result_dst_rid" param; if it is non-null, use copy_region to copy
1527 the result to it. Rather than capture and pass a single "known
1528 used" return value to be used by purge_unused_values, instead
1529 gather and pass a set of known used return values.
1530 (root_region::pop_frame): Drop return value. Add "result_dst_rid"
1531 param.
1532 (region_model::on_assignment): Use copy_region.
1533 (region_model::on_return): Likewise for the result.
1534 (region_model::on_longjmp): Pass null for pop_frame's
1535 result_dst_rid.
1536 (region_model::update_for_return_superedge): Pass the region for the
1537 return value of the call, if any, to pop_frame, rather than setting
1538 the lvalue for the lhs of the result.
1539 (region_model::pop_frame): Drop return value. Add
1540 "result_dst_rid" param.
1541 (region_model::purge_unused_svalues): Convert third param from an
1542 svalue_id * to an svalue_id_set *, updating the initial populating
1543 of the "used" bitmap accordingly. Don't remap it when done.
1544 (struct selftest::coord_test): New selftest fixture, extracted from...
1545 (selftest::test_dump_2): ...here.
1546 (selftest::test_compound_assignment): New selftest.
1547 (selftest::test_stack_frames): Pass null to new param of pop_frame.
1548 (selftest::analyzer_region_model_cc_tests): Call the new selftest.
1549 * region-model.h (class id_set): Delete template.
1550 (class region_id_set): Reimplement, using old id_set implementation.
1551 (class svalue_id_set): Likewise. Convert from auto_sbitmap to
1552 auto_bitmap.
1553 (region::get_active_view): New accessor.
1554 (stack_region::pop_frame): Drop return value. Add
1555 "result_dst_rid" param.
1556 (root_region::pop_frame): Likewise.
1557 (region_model::pop_frame): Likewise.
1558 (region_model::copy_region): New decl.
1559 (region_model::purge_unused_svalues): Convert third param from an
1560 svalue_id * to an svalue_id_set *.
1561 (region_model::copy_struct_region): New decl.
1562 (region_model::copy_union_region): New decl.
1563 (region_model::copy_array_region): New decl.
1564
1565 2020-03-27 David Malcolm <dmalcolm@redhat.com>
1566
1567 * program-state.cc (selftest::test_program_state_dumping): Update
1568 expected dump to include symbolic_region's possibly_null field.
1569 * region-model.cc (symbolic_region::print_fields): New vfunc
1570 implementation.
1571 (region_model::add_constraint): Clear m_possibly_null from
1572 symbolic_regions now known to be non-NULL.
1573 (selftest::test_malloc_constraints): New selftest.
1574 (selftest::analyzer_region_model_cc_tests): Call it.
1575 * region-model.h (region::dyn_cast_symbolic_region): Add non-const
1576 overload.
1577 (symbolic_region::dyn_cast_symbolic_region): Implement it.
1578 (symbolic_region::print_fields): New vfunc override decl.
1579
1580 2020-03-27 David Malcolm <dmalcolm@redhat.com>
1581
1582 * analyzer.h (class feasibility_problem): New forward decl.
1583 * diagnostic-manager.cc (saved_diagnostic::saved_diagnostic):
1584 Initialize new fields m_status, m_epath_length, and m_problem.
1585 (saved_diagnostic::~saved_diagnostic): Delete m_problem.
1586 (dedupe_candidate::dedupe_candidate): Convert "sd" param from a
1587 const ref to a mutable ptr.
1588 (dedupe_winners::add): Convert "sd" param from a const ref to a
1589 mutable ptr. Record the length of the exploded_path. Record the
1590 feasibility/infeasibility of sd into sd, capturing a
1591 feasibility_problem when feasible_p fails, and storing it in sd.
1592 (diagnostic_manager::emit_saved_diagnostics): Update for pass by
1593 ptr rather than by const ref.
1594 * diagnostic-manager.h (class saved_diagnostic): Add new enum
1595 status. Add fields m_status, m_epath_length and m_problem.
1596 (saved_diagnostic::set_feasible): New member function.
1597 (saved_diagnostic::set_infeasible): New member function.
1598 (saved_diagnostic::get_feasibility_problem): New accessor.
1599 (saved_diagnostic::get_status): New accessor.
1600 (saved_diagnostic::set_epath_length): New member function.
1601 (saved_diagnostic::get_epath_length): New accessor.
1602 * engine.cc: Include "gimple-pretty-print.h".
1603 (exploded_path::feasible_p): Add OUT param and, if non-NULL, write
1604 a new feasibility_problem to it on failure.
1605 (viz_callgraph_node::dump_dot): Convert begin_tr calls to
1606 begin_trtd. Convert end_tr calls to end_tdtr.
1607 (class exploded_graph_annotator): New subclass of dot_annotator.
1608 (impl_run_checkers): Add a second -fdump-analyzer-supergraph dump
1609 after the analysis runs, using exploded_graph_annotator. dumping
1610 to DUMP_BASE_NAME.supergraph-eg.dot.
1611 * exploded-graph.h (exploded_node::get_dot_fillcolor): Make
1612 public.
1613 (exploded_path::feasible_p): Add OUT param.
1614 (class feasibility_problem): New class.
1615 * state-purge.cc (state_purge_annotator::add_node_annotations):
1616 Return a bool, add a "within_table" param.
1617 (print_vec_of_names): Convert begin_tr calls to begin_trtd.
1618 Convert end_tr calls to end_tdtr.
1619 (state_purge_annotator::add_stmt_annotations): Add "within_row"
1620 param.
1621 * state-purge.h ((state_purge_annotator::add_node_annotations):
1622 Return a bool, add a "within_table" param.
1623 (state_purge_annotator::add_stmt_annotations): Add "within_row"
1624 param.
1625 * supergraph.cc (supernode::dump_dot): Call add_node_annotations
1626 twice: as before, passing false for "within_table", then again
1627 with true when within the TABLE element. Convert some begin_tr
1628 calls to begin_trtd, and some end_tr calls to end_tdtr.
1629 Repeat each add_stmt_annotations call, distinguishing between
1630 calls that add TRs and those that add TDs to an existing TR.
1631 Add a call to add_after_node_annotations.
1632 * supergraph.h (dot_annotator::add_node_annotations): Add a
1633 "within_table" param.
1634 (dot_annotator::add_stmt_annotations): Add a "within_row" param.
1635 (dot_annotator::add_after_node_annotations): New vfunc.
1636
1637 2020-03-27 David Malcolm <dmalcolm@redhat.com>
1638
1639 * diagnostic-manager.cc (dedupe_winners::add): Show the
1640 exploded_node index in the log messages.
1641 (diagnostic_manager::emit_saved_diagnostics): Log a summary of
1642 m_saved_diagnostics at entry.
1643
1644 2020-03-27 David Malcolm <dmalcolm@redhat.com>
1645
1646 * supergraph.cc (superedge::dump): Add space before description;
1647 move newline to non-pretty_printer overload.
1648
1649 2020-03-18 David Malcolm <dmalcolm@redhat.com>
1650
1651 * region-model.cc: Include "stor-layout.h".
1652 (region_model::dump_to_pp): Rather than calling
1653 dump_summary_of_map on each of the current frame and the globals,
1654 instead get a vec of representative path_vars for all regions,
1655 and then dump a summary of all of them.
1656 (region_model::dump_summary_of_map): Delete, rewriting into...
1657 (region_model::dump_summary_of_rep_path_vars): ...this new
1658 function, working on a vec of path_vars.
1659 (region_model::set_value): New overload.
1660 (region_model::get_representative_path_var): Rename
1661 "parent_region" local to "parent_reg" and consolidate with other
1662 local. Guard test for grandparent being stack on parent_reg being
1663 non-NULL. Move handling for parent being an array_region to
1664 within guard for parent_reg being non-NULL.
1665 (selftest::make_test_compound_type): New function.
1666 (selftest::test_dump_2): New selftest.
1667 (selftest::test_dump_3): New selftest.
1668 (selftest::test_stack_frames): Update expected output from
1669 simplified dump to show "a" and "b" from parent frame and "y" in
1670 child frame.
1671 (selftest::analyzer_region_model_cc_tests): Call test_dump_2 and
1672 test_dump_3.
1673 * region-model.h (region_model::set_value): New overload decl.
1674 (region_model::dump_summary_of_map): Delete.
1675 (region_model::dump_summary_of_rep_path_vars): New.
1676
1677 2020-03-18 David Malcolm <dmalcolm@redhat.com>
1678
1679 * region-model.h (class noop_region_model_context): New subclass
1680 of region_model_context.
1681 (class tentative_region_model_context): Inherit from
1682 noop_region_model_context rather than from region_model_context;
1683 drop redundant vfunc implementations.
1684 (class test_region_model_context): Likewise.
1685
1686 2020-03-18 David Malcolm <dmalcolm@redhat.com>
1687
1688 * engine.cc (exploded_node::exploded_node): Move implementation
1689 here from header; accept point_and_state by const reference rather
1690 than by value.
1691 * exploded-graph.h (exploded_node::exploded_node): Pass
1692 point_and_state by const reference rather than by value. Move
1693 body to engine.cc.
1694
1695 2020-03-18 Jakub Jelinek <jakub@redhat.com>
1696
1697 * sm-malloc.cc (malloc_state_machine::on_stmt): Fix up duplicated word
1698 issue in a comment.
1699 * region-model.cc (region_model::make_region_for_unexpected_tree_code,
1700 region_model::delete_region_and_descendents): Likewise.
1701 * engine.cc (class exploded_cluster): Likewise.
1702 * diagnostic-manager.cc (class path_builder): Likewise.
1703
1704 2020-03-13 David Malcolm <dmalcolm@redhat.com>
1705
1706 PR analyzer/94099
1707 PR analyzer/94105
1708 * diagnostic-manager.cc (for_each_state_change): Bulletproof
1709 against errors in get_rvalue by passing a
1710 tentative_region_model_context and rejecting if there's an error.
1711 * region-model.cc (region_model::get_lvalue_1): When handling
1712 ARRAY_REF, handle results of error-handling. Handle NOP_EXPR.
1713
1714 2020-03-06 David Malcolm <dmalcolm@redhat.com>
1715
1716 * analyzer.h (class array_region): New forward decl.
1717 * program-state.cc (selftest::test_program_state_dumping_2): New.
1718 (selftest::analyzer_program_state_cc_tests): Call it.
1719 * region-model.cc (array_region::constant_from_key): New.
1720 (region_model::get_representative_tree): Handle region_svalue by
1721 generating an ADDR_EXPR.
1722 (region_model::get_representative_path_var): In view handling,
1723 remove erroneous TREE_TYPE when determining the type of the tree.
1724 Handle array regions and STRING_CST.
1725 (selftest::assert_dump_tree_eq): New.
1726 (ASSERT_DUMP_TREE_EQ): New macro.
1727 (selftest::test_get_representative_tree): New selftest.
1728 (selftest::analyzer_region_model_cc_tests): Call it.
1729 * region-model.h (region::dyn_cast_array_region): New vfunc.
1730 (array_region::dyn_cast_array_region): New vfunc implementation.
1731 (array_region::constant_from_key): New decl.
1732
1733 2020-03-06 David Malcolm <dmalcolm@redhat.com>
1734
1735 * analyzer.h (dump_quoted_tree): New decl.
1736 * engine.cc (exploded_node::dump_dot): Pass region model to
1737 sm_state_map::print.
1738 * program-state.cc: Include diagnostic-core.h.
1739 (sm_state_map::print): Add "model" param and use it to print
1740 representative trees. Only print origin information if non-null.
1741 (sm_state_map::dump): Pass NULL for model to print call.
1742 (program_state::print): Pass region model to sm_state_map::print.
1743 (program_state::dump_to_pp): Use spaces rather than newlines when
1744 summarizing. Pass region_model to sm_state_map::print.
1745 (ana::selftest::assert_dump_eq): New function.
1746 (ASSERT_DUMP_EQ): New macro.
1747 (ana::selftest::test_program_state_dumping): New function.
1748 (ana::selftest::analyzer_program_state_cc_tests): Call it.
1749 * program-state.h (program_state::print): Add model param.
1750 * region-model.cc (dump_quoted_tree): New function.
1751 (map_region::print_fields): Use dump_quoted_tree rather than
1752 %qE to avoid lang-dependent output.
1753 (map_region::dump_child_label): Likewise.
1754 (region_model::dump_summary_of_map): For SK_REGION, when
1755 get_representative_path_var fails, print the region id rather than
1756 erroneously printing NULL.
1757 * sm.cc (state_machine::get_state_by_name): New function.
1758 * sm.h (state_machine::get_state_by_name): New decl.
1759
1760 2020-03-04 David Malcolm <dmalcolm@redhat.com>
1761
1762 * region-model.cc (region::validate): Convert model param from ptr
1763 to reference. Update comment to reflect that it's now a vfunc.
1764 (map_region::validate): New vfunc implementation.
1765 (array_region::validate): New vfunc implementation.
1766 (stack_region::validate): New vfunc implementation.
1767 (root_region::validate): New vfunc implementation.
1768 (region_model::validate): Pass a reference rather than a pointer
1769 to the region::validate vfunc.
1770 * region-model.h (region::validate): Make virtual. Convert model
1771 param from ptr to reference.
1772 (map_region::validate): New vfunc decl.
1773 (array_region::validate): New vfunc decl.
1774 (stack_region::validate): New vfunc decl.
1775 (root_region::validate): New vfunc decl.
1776
1777 2020-03-04 David Malcolm <dmalcolm@redhat.com>
1778
1779 PR analyzer/93993
1780 * region-model.cc (region_model::on_call_pre): Handle
1781 BUILT_IN_EXPECT and its variants.
1782 (region_model::add_any_constraints_from_ssa_def_stmt): Split out
1783 gassign handling into add_any_constraints_from_gassign; add gcall
1784 handling.
1785 (region_model::add_any_constraints_from_gassign): New function,
1786 based on the above. Add handling for NOP_EXPR.
1787 (region_model::add_any_constraints_from_gcall): New function.
1788 (region_model::get_representative_path_var): Handle views.
1789 * region-model.h
1790 (region_model::add_any_constraints_from_ssa_def_stmt): New decl.
1791 (region_model::add_any_constraints_from_gassign): New decl.
1792
1793 2020-03-04 David Malcolm <dmalcolm@redhat.com>
1794
1795 PR analyzer/93993
1796 * checker-path.h (state_change_event::get_lvalue): Add ctxt param
1797 and pass it to region_model::get_value call.
1798 * diagnostic-manager.cc (get_any_origin): Pass a
1799 tentative_region_model_context to the calls to get_lvalue and reject
1800 the comparison if errors occur.
1801 (can_be_expr_of_interest_p): New function.
1802 (diagnostic_manager::prune_for_sm_diagnostic): Replace checks for
1803 CONSTANT_CLASS_P with calls to update_for_unsuitable_sm_exprs.
1804 Pass a tentative_region_model_context to the calls to
1805 state_change_event::get_lvalue and reject the comparison if errors
1806 occur.
1807 (diagnostic_manager::update_for_unsuitable_sm_exprs): New.
1808 * diagnostic-manager.h
1809 (diagnostic_manager::update_for_unsuitable_sm_exprs): New decl.
1810 * region-model.h (class tentative_region_model_context): New class.
1811
1812 2020-03-04 David Malcolm <dmalcolm@redhat.com>
1813
1814 * engine.cc (worklist::worklist): Remove unused field m_eg.
1815 (class viz_callgraph_edge): Remove unused field m_call_sedge.
1816 (class viz_callgraph): Remove unused field m_sg.
1817 * exploded-graph.h (worklist::::m_eg): Remove unused field.
1818
1819 2020-03-02 David Malcolm <dmalcolm@redhat.com>
1820
1821 * analyzer.opt (fanalyzer-show-duplicate-count): New option.
1822 * diagnostic-manager.cc
1823 (diagnostic_manager::emit_saved_diagnostic): Use the above to
1824 guard the printing of the duplicate count.
1825
1826 2020-03-02 David Malcolm <dmalcolm@redhat.com>
1827
1828 PR analyzer/93959
1829 * analyzer.cc (is_std_function_p): New function.
1830 (is_std_named_call_p): New functions.
1831 * analyzer.h (is_std_named_call_p): New decl.
1832 * sm-malloc.cc (malloc_state_machine::on_stmt): Check for "std::"
1833 variants when checking for malloc, calloc and free.
1834
1835 2020-02-26 David Malcolm <dmalcolm@redhat.com>
1836
1837 PR analyzer/93950
1838 * diagnostic-manager.cc
1839 (diagnostic_manager::prune_for_sm_diagnostic): Assert that var is
1840 either NULL or not a constant. When updating var, bulletproof
1841 against constant values.
1842
1843 2020-02-26 David Malcolm <dmalcolm@redhat.com>
1844
1845 PR analyzer/93947
1846 * region-model.cc (region_model::get_fndecl_for_call): Gracefully
1847 fail for fn_decls that don't have a cgraph_node.
1848
1849 2020-02-26 David Malcolm <dmalcolm@redhat.com>
1850
1851 * bar-chart.cc: New file.
1852 * bar-chart.h: New file.
1853 * engine.cc: Include "analyzer/bar-chart.h".
1854 (stats::log): Only log the m_num_nodes kinds that are non-zero.
1855 (stats::dump): Likewise when dumping.
1856 (stats::get_total_enodes): New.
1857 (exploded_graph::get_or_create_node): Increment the per-point-data
1858 m_excess_enodes when hitting the per-program-point limit on
1859 enodes.
1860 (exploded_graph::print_bar_charts): New.
1861 (exploded_graph::log_stats): Log the number of unprocessed enodes
1862 in the worklist. Call print_bar_charts.
1863 (exploded_graph::dump_stats): Print the number of unprocessed
1864 enodes in the worklist.
1865 * exploded-graph.h (stats::get_total_enodes): New decl.
1866 (struct per_program_point_data): Add field m_excess_enodes.
1867 (exploded_graph::print_bar_charts): New decl.
1868 * supergraph.cc (superedge::dump): New.
1869 (superedge::dump): New.
1870 * supergraph.h (supernode::get_function): New.
1871 (superedge::dump): New decl.
1872 (superedge::dump): New decl.
1873
1874 2020-02-24 David Malcolm <dmalcolm@redhat.com>
1875
1876 * engine.cc (exploded_graph::get_or_create_node): Dump the
1877 program_state to the pp, rather than to stderr.
1878
1879 2020-02-24 David Malcolm <dmalcolm@redhat.com>
1880
1881 PR analyzer/93032
1882 * sm.cc (make_checkers): Require the "taint" checker to be
1883 explicitly enabled.
1884
1885 2020-02-24 David Malcolm <dmalcolm@redhat.com>
1886
1887 PR analyzer/93899
1888 * engine.cc
1889 (impl_region_model_context::impl_region_model_context): Add logger
1890 param.
1891 * engine.cc (exploded_graph::add_function_entry): Create an
1892 impl_region_model_context and pass it to the push_frame call.
1893 Bail if the resulting state is invalid.
1894 (exploded_graph::build_initial_worklist): Likewise.
1895 (exploded_graph::build_initial_worklist): Handle the case where
1896 add_function_entry fails.
1897 * exploded-graph.h
1898 (impl_region_model_context::impl_region_model_context): Add logger
1899 param.
1900 * region-model.cc (map_region::get_or_create): Add ctxt param and
1901 pass it to add_region_for_type.
1902 (map_region::can_merge_p): Pass NULL as a ctxt to call to
1903 get_or_create.
1904 (array_region::get_element): Pass ctxt to call to get_or_create.
1905 (array_region::get_or_create): Add ctxt param and pass it to
1906 add_region_for_type.
1907 (root_region::push_frame): Pass ctxt to get_or_create calls.
1908 (region_model::get_lvalue_1): Likewise.
1909 (region_model::make_region_for_unexpected_tree_code): Assert that
1910 ctxt is non-NULL.
1911 (region_model::get_rvalue_1): Pass ctxt to get_svalue_for_fndecl
1912 and get_svalue_for_label calls.
1913 (region_model::get_svalue_for_fndecl): Add ctxt param and pass it
1914 to get_region_for_fndecl.
1915 (region_model::get_region_for_fndecl): Add ctxt param and pass it
1916 to get_or_create.
1917 (region_model::get_svalue_for_label): Add ctxt param and pass it
1918 to get_region_for_label.
1919 (region_model::get_region_for_label): Add ctxt param and pass it
1920 to get_region_for_fndecl and get_or_create.
1921 (region_model::get_field_region): Add ctxt param and pass it to
1922 get_or_create_view and get_or_create.
1923 (make_region_for_type): Replace gcc_unreachable with return NULL.
1924 (region_model::add_region_for_type): Add ctxt param. Handle a
1925 return of NULL from make_region_for_type by calling
1926 make_region_for_unexpected_tree_code.
1927 (region_model::get_or_create_mem_ref): Pass ctxt to calls to
1928 get_or_create_view.
1929 (region_model::get_or_create_view): Add ctxt param and pass it to
1930 add_region_for_type.
1931 (selftest::test_state_merging): Pass ctxt to get_or_create_view.
1932 * region-model.h (region_model::get_or_create): Add ctxt param.
1933 (region_model::add_region_for_type): Likewise.
1934 (region_model::get_svalue_for_fndecl): Likewise.
1935 (region_model::get_svalue_for_label): Likewise.
1936 (region_model::get_region_for_fndecl): Likewise.
1937 (region_model::get_region_for_label): Likewise.
1938 (region_model::get_field_region): Likewise.
1939 (region_model::get_or_create_view): Likewise.
1940
1941 2020-02-24 David Malcolm <dmalcolm@redhat.com>
1942
1943 * checker-path.cc (superedge_event::should_filter_p): Update
1944 filter for empty descriptions to cover verbosity level 3 as well
1945 as 2.
1946 * diagnostic-manager.cc: Include "analyzer/reachability.h".
1947 (class path_builder): New class.
1948 (diagnostic_manager::emit_saved_diagnostic): Create a path_builder
1949 and pass it to build_emission_path, rather passing eg; similarly
1950 for add_events_for_eedge and ext_state.
1951 (diagnostic_manager::build_emission_path): Replace "eg" param
1952 with a path_builder, pass it to add_events_for_eedge.
1953 (diagnostic_manager::add_events_for_eedge): Replace ext_state
1954 param with path_builder; pass it to add_events_for_superedge.
1955 (diagnostic_manager::significant_edge_p): New.
1956 (diagnostic_manager::add_events_for_superedge): Add path_builder
1957 param. Reject insignificant edges at verbosity levels below 3.
1958 (diagnostic_manager::prune_for_sm_diagnostic): Update highest
1959 verbosity level to 4.
1960 * diagnostic-manager.h (class path_builder): New forward decl.
1961 (diagnostic_manager::build_emission_path): Replace "eg" param
1962 with a path_builder.
1963 (diagnostic_manager::add_events_for_eedge): Replace ext_state
1964 param with path_builder.
1965 (diagnostic_manager::significant_edge_p): New.
1966 (diagnostic_manager::add_events_for_superedge): Add path_builder
1967 param.
1968 * reachability.h: New file.
1969
1970 2020-02-18 David Malcolm <dmalcolm@redhat.com>
1971
1972 PR analyzer/93692
1973 * analyzer.opt (fdump-analyzer-callgraph): Rewrite description.
1974
1975 2020-02-18 David Malcolm <dmalcolm@redhat.com>
1976
1977 PR analyzer/93777
1978 * region-model.cc (region_model::maybe_cast_1): Replace assertion
1979 that build_cast returns non-NULL with a conditional, falling
1980 through to the logic which returns a new unknown value of the
1981 desired type if it fails.
1982
1983 2020-02-18 David Malcolm <dmalcolm@redhat.com>
1984
1985 PR analyzer/93778
1986 * engine.cc (impl_region_model_context::on_unknown_tree_code):
1987 Rename to...
1988 (impl_region_model_context::on_unexpected_tree_code): ...this and
1989 convert first argument from path_var to tree.
1990 (exploded_node::on_stmt): Pass ctxt to purge_for_unknown_fncall.
1991 * exploded-graph.h (region_model_context::on_unknown_tree_code):
1992 Rename to...
1993 (region_model_context::on_unexpected_tree_code): ...this and
1994 convert first argument from path_var to tree.
1995 * program-state.cc (sm_state_map::purge_for_unknown_fncall): Add
1996 ctxt param and pass on to calls to get_rvalue.
1997 * program-state.h (sm_state_map::purge_for_unknown_fncall): Add
1998 ctxt param.
1999 * region-model.cc (region_model::handle_unrecognized_call): Pass
2000 ctxt on to call to get_rvalue.
2001 (region_model::get_lvalue_1): Move body of default case to
2002 region_model::make_region_for_unexpected_tree_code and call it.
2003 Within COMPONENT_REF case, reject attempts to handle types other
2004 than RECORD_TYPE and UNION_TYPE.
2005 (region_model::make_region_for_unexpected_tree_code): New
2006 function, based on default case of region_model::get_lvalue_1.
2007 * region-model.h
2008 (region_model::make_region_for_unexpected_tree_code): New decl.
2009 (region_model::on_unknown_tree_code): Rename to...
2010 (region_model::on_unexpected_tree_code): ...this and convert first
2011 argument from path_var to tree.
2012 (class test_region_model_context): Update vfunc implementation for
2013 above change.
2014
2015 2020-02-18 David Malcolm <dmalcolm@redhat.com>
2016
2017 PR analyzer/93774
2018 * region-model.cc
2019 (region_model::convert_byte_offset_to_array_index): Use
2020 int_size_in_bytes before calling size_in_bytes, to gracefully fail
2021 on incomplete types.
2022
2023 2020-02-17 David Malcolm <dmalcolm@redhat.com>
2024
2025 PR analyzer/93775
2026 * region-model.cc (region_model::get_fndecl_for_call): Handle the
2027 case where the code_region's get_tree_for_child_region returns
2028 NULL.
2029
2030 2020-02-17 David Malcolm <dmalcolm@redhat.com>
2031
2032 PR analyzer/93388
2033 * engine.cc (impl_region_model_context::on_unknown_tree_code):
2034 New.
2035 (exploded_graph::get_or_create_node): Reject invalid states.
2036 * exploded-graph.h
2037 (impl_region_model_context::on_unknown_tree_code): New decl.
2038 (point_and_state::point_and_state): Assert that the state is
2039 valid.
2040 * program-state.cc (program_state::program_state): Initialize
2041 m_valid to true.
2042 (program_state::operator=): Copy m_valid.
2043 (program_state::program_state): Likewise for move constructor.
2044 (program_state::print): Print m_valid.
2045 (program_state::dump_to_pp): Likewise.
2046 * program-state.h (program_state::m_valid): New field.
2047 * region-model.cc (region_model::get_lvalue_1): Implement the
2048 default case by returning a new symbolic region and calling
2049 the context's on_unknown_tree_code, rather than issuing an
2050 internal_error. Implement VIEW_CONVERT_EXPR.
2051 * region-model.h (region_model_context::on_unknown_tree_code): New
2052 vfunc.
2053 (test_region_model_context::on_unknown_tree_code): New.
2054
2055 2020-02-17 David Malcolm <dmalcolm@redhat.com>
2056
2057 * sm-malloc.cc (malloc_diagnostic::describe_state_change): For
2058 transition to the "null" state, only say "assuming" when
2059 transitioning from the "unchecked" state.
2060
2061 2020-02-17 David Malcolm <dmalcolm@redhat.com>
2062
2063 * diagnostic-manager.h (diagnostic_manager::get_saved_diagnostic):
2064 Add const overload.
2065 * engine.cc (exploded_node::dump_dot): Dump saved_diagnostics.
2066 * exploded-graph.h (exploded_graph::get_diagnostic_manager): Add
2067 const overload.
2068
2069 2020-02-11 David Malcolm <dmalcolm@redhat.com>
2070
2071 PR analyzer/93288
2072 * analysis-plan.cc (analysis_plan::use_summary_p): Look through
2073 the ultimate_alias_target when getting the called function.
2074 * engine.cc (exploded_node::on_stmt): Rename second "ctxt" to
2075 "sm_ctxt". Use the region_model's get_fndecl_for_call rather than
2076 gimple_call_fndecl.
2077 * region-model.cc (region_model::get_fndecl_for_call): Use
2078 ultimate_alias_target on fndecl.
2079 * supergraph.cc (get_ultimate_function_for_cgraph_edge): New
2080 function.
2081 (supergraph_call_edge): Use it when rejecting edges without
2082 functions.
2083 (supergraph::supergraph): Use it to get the function for the
2084 cgraph_edge when building interprocedural superedges.
2085 (callgraph_superedge::get_callee_function): Use it.
2086 * supergraph.h (supergraph::get_num_snodes): Make param const.
2087 (supergraph::function_to_num_snodes_t): Make first type param
2088 const.
2089
2090 2020-02-11 David Malcolm <dmalcolm@redhat.com>
2091
2092 PR analyzer/93374
2093 * engine.cc (exploded_edge::exploded_edge): Add ext_state param
2094 and pass it to change.validate.
2095 (exploded_graph::get_or_create_node): Move purging of change
2096 svalues to also cover the case of reusing an existing enode.
2097 (exploded_graph::add_edge): Pass m_ext_state to exploded_edge's
2098 ctor.
2099 * exploded-graph.h (exploded_edge::exploded_edge): Add ext_state
2100 param.
2101 * program-state.cc (state_change::sm_change::validate): Likewise.
2102 Assert that m_sm_idx is sane. Use ext_state to validate
2103 m_old_state and m_new_state.
2104 (state_change::validate): Add ext_state param and pass it to
2105 the sm_change validate calls.
2106 * program-state.h (state_change::sm_change::validate): Add
2107 ext_state param.
2108 (state_change::validate): Likewise.
2109
2110 2020-02-11 David Malcolm <dmalcolm@redhat.com>
2111
2112 PR analyzer/93669
2113 * engine.cc (exploded_graph::dump_exploded_nodes): Handle missing
2114 case of STATUS_WORKLIST in implementation of
2115 "__analyzer_dump_exploded_nodes".
2116
2117 2020-02-11 David Malcolm <dmalcolm@redhat.com>
2118
2119 PR analyzer/93649
2120 * constraint-manager.cc (constraint_manager::add_constraint): When
2121 merging equivalence classes and updating m_constant, also update
2122 m_cst_sid.
2123 (constraint_manager::validate): If m_constant is non-NULL assert
2124 that m_cst_sid is non-null and is valid.
2125
2126 2020-02-11 David Malcolm <dmalcolm@redhat.com>
2127
2128 PR analyzer/93657
2129 * analyzer.opt (fdump-analyzer): Reword description.
2130 (fdump-analyzer-stderr): Likewise.
2131
2132 2020-02-11 David Malcolm <dmalcolm@redhat.com>
2133
2134 * region-model.cc (print_quoted_type): New function.
2135 (svalue::print): Use it to replace %qT.
2136 (region::dump_to_pp): Likewise.
2137 (region::dump_child_label): Likewise.
2138 (region::print_fields): Likewise.
2139
2140 2020-02-10 David Malcolm <dmalcolm@redhat.com>
2141
2142 PR analyzer/93659
2143 * analyzer.opt (-param=analyzer-max-recursion-depth=): Fix "tha"
2144 -> "that" typo.
2145 (Wanalyzer-use-of-uninitialized-value): Fix "initialized" ->
2146 "uninitialized" typo.
2147
2148 2020-02-10 David Malcolm <dmalcolm@redhat.com>
2149
2150 PR analyzer/93350
2151 * region-model.cc (region_model::get_lvalue_1):
2152 Handle BIT_FIELD_REF.
2153 (make_region_for_type): Handle VECTOR_TYPE.
2154
2155 2020-02-10 David Malcolm <dmalcolm@redhat.com>
2156
2157 PR analyzer/93647
2158 * diagnostic-manager.cc
2159 (diagnostic_manager::prune_for_sm_diagnostic): Bulletproof against
2160 VAR being constant.
2161 * region-model.cc (region_model::get_lvalue_1): Provide a better
2162 error message when encountering an unhandled tree code.
2163
2164 2020-02-10 David Malcolm <dmalcolm@redhat.com>
2165
2166 PR analyzer/93405
2167 * region-model.cc (region_model::get_lvalue_1): Implement
2168 CONST_DECL.
2169
2170 2020-02-06 David Malcolm <dmalcolm@redhat.com>
2171
2172 * region-model.cc (region_model::maybe_cast_1): Attempt to provide
2173 a region_svalue if either type is a pointer, rather than if both
2174 types are pointers.
2175
2176 2020-02-05 David Malcolm <dmalcolm@redhat.com>
2177
2178 * engine.cc (exploded_node::dump_dot): Show merger enodes.
2179 (worklist::add_node): Assert that the node's m_status is
2180 STATUS_WORKLIST.
2181 (exploded_graph::process_worklist): Likewise for nodes from the
2182 worklist. Set status of merged nodes to STATUS_MERGER.
2183 (exploded_graph::process_node): Set status of node to
2184 STATUS_PROCESSED.
2185 (exploded_graph::dump_exploded_nodes): Rework handling of
2186 "__analyzer_dump_exploded_nodes", splitting enodes by status into
2187 "processed" and "merger", showing the count of just the processed
2188 enodes at the call, rather than the count of all enodes.
2189 * exploded-graph.h (exploded_node::status): New enum.
2190 (exploded_node::exploded_node): Initialize m_status to
2191 STATUS_WORKLIST.
2192 (exploded_node::get_status): New getter.
2193 (exploded_node::set_status): New setter.
2194
2195 2020-02-04 David Malcolm <dmalcolm@redhat.com>
2196
2197 PR analyzer/93543
2198 * engine.cc (pod_hash_traits<function_call_string>::mark_empty):
2199 Eliminate reinterpret_cast.
2200 (pod_hash_traits<function_call_string>::is_empty): Likewise.
2201
2202 2020-02-03 David Malcolm <dmalcolm@redhat.com>
2203
2204 * constraint-manager.cc (range::constrained_to_single_element):
2205 Replace fold_build2 with fold_binary. Remove unnecessary newline.
2206 (constraint_manager::get_or_add_equiv_class): Replace fold_build2
2207 with fold_binary in two places, and remove out-of-date comment.
2208 (constraint_manager::eval_condition): Replace fold_build2 with
2209 fold_binary.
2210 * region-model.cc (constant_svalue::eval_condition): Likewise.
2211 (region_model::on_assignment): Likewise.
2212
2213 2020-02-03 David Malcolm <dmalcolm@redhat.com>
2214
2215 PR analyzer/93544
2216 * diagnostic-manager.cc
2217 (diagnostic_manager::prune_for_sm_diagnostic): Bulletproof
2218 against bad choices due to bad paths.
2219 * engine.cc (impl_region_model_context::on_phi): New.
2220 * exploded-graph.h (impl_region_model_context::on_phi): New decl.
2221 * region-model.cc (region_model::on_longjmp): Likewise.
2222 (region_model::handle_phi): Add phi param. Call the ctxt's on_phi
2223 vfunc.
2224 (region_model::update_for_phis): Pass phi to handle_phi.
2225 * region-model.h (region_model::handle_phi): Add phi param.
2226 (region_model_context::on_phi): New vfunc.
2227 (test_region_model_context::on_phi): New.
2228 * sm-malloc.cc (malloc_state_machine::on_phi): New.
2229 (malloc_state_machine::on_zero_assignment): New.
2230 * sm.h (state_machine::on_phi): New vfunc.
2231
2232 2020-02-03 David Malcolm <dmalcolm@redhat.com>
2233
2234 * engine.cc (supernode_cluster::dump_dot): Show BB index as
2235 well as SN index.
2236 * supergraph.cc (supernode::dump_dot): Likewise.
2237
2238 2020-02-03 David Malcolm <dmalcolm@redhat.com>
2239
2240 PR analyzer/93546
2241 * region-model.cc (region_model::on_call_pre): Update for new
2242 param of symbolic_region ctor.
2243 (region_model::deref_rvalue): Likewise.
2244 (region_model::add_new_malloc_region): Likewise.
2245 (make_region_for_type): Likewise, preserving type.
2246 * region-model.h (symbolic_region::symbolic_region): Add "type"
2247 param and pass it to base class ctor.
2248
2249 2020-02-03 David Malcolm <dmalcolm@redhat.com>
2250
2251 PR analyzer/93547
2252 * constraint-manager.cc
2253 (constraint_manager::get_or_add_equiv_class): Ensure types are
2254 compatible before comparing constants.
2255
2256 2020-01-31 David Malcolm <dmalcolm@redhat.com>
2257
2258 PR analyzer/93457
2259 * region-model.cc (make_region_for_type): Use VOID_TYPE_P rather
2260 than checking against void_type_node.
2261
2262 2020-01-31 David Malcolm <dmalcolm@redhat.com>
2263
2264 PR analyzer/93373
2265 * region-model.cc (ASSERT_COMPAT_TYPES): Convert to...
2266 (assert_compat_types): ...this, and bail when either type is NULL,
2267 or when VOID_TYPE_P (dst_type).
2268 (region_model::get_lvalue): Update for above conversion.
2269 (region_model::get_rvalue): Likewise.
2270
2271 2020-01-31 David Malcolm <dmalcolm@redhat.com>
2272
2273 PR analyzer/93379
2274 * region-model.cc (region_model::update_for_return_superedge):
2275 Move check for null result so that it also guards setting the
2276 lhs.
2277
2278 2020-01-31 David Malcolm <dmalcolm@redhat.com>
2279
2280 PR analyzer/93438
2281 * region-model.cc (stack_region::can_merge_p): Split into a two
2282 pass approach, creating all stack regions first, then populating
2283 them.
2284 (selftest::test_state_merging): Add test coverage for (a) the case
2285 of self-merging a model in which a local in an older stack frame
2286 points to a local in a more recent stack frame (which previously
2287 would ICE), and (b) the case of self-merging a model in which a
2288 local points to a global (which previously worked OK).
2289
2290 2020-01-31 David Malcolm <dmalcolm@redhat.com>
2291
2292 * analyzer.cc (is_named_call_p): Replace tests for fndecl being
2293 extern at file scope and having a non-NULL DECL_NAME with a call
2294 to maybe_special_function_p.
2295 * function-set.cc (function_set::contains_decl_p): Add call to
2296 maybe_special_function_p.
2297
2298 2020-01-31 David Malcolm <dmalcolm@redhat.com>
2299
2300 PR analyzer/93450
2301 * constraint-manager.cc
2302 (constraint_manager::get_or_add_equiv_class): Only compare constants
2303 if their types are compatible.
2304 * region-model.cc (constant_svalue::eval_condition): Replace check
2305 for identical types with call to types_compatible_p.
2306
2307 2020-01-30 David Malcolm <dmalcolm@redhat.com>
2308
2309 * program-state.cc (extrinsic_state::dump_to_pp): New.
2310 (extrinsic_state::dump_to_file): New.
2311 (extrinsic_state::dump): New.
2312 * program-state.h (extrinsic_state::dump_to_pp): New decl.
2313 (extrinsic_state::dump_to_file): New decl.
2314 (extrinsic_state::dump): New decl.
2315 * sm.cc: Include "pretty-print.h".
2316 (state_machine::dump_to_pp): New.
2317 * sm.h (state_machine::dump_to_pp): New decl.
2318
2319 2020-01-30 David Malcolm <dmalcolm@redhat.com>
2320
2321 * diagnostic-manager.cc (for_each_state_change): Use
2322 extrinsic_state::get_num_checkers rather than accessing m_checkers
2323 directly.
2324 * program-state.cc (program_state::program_state): Likewise.
2325 * program-state.h (extrinsic_state::m_checkers): Make private.
2326
2327 2020-01-30 David Malcolm <dmalcolm@redhat.com>
2328
2329 PR analyzer/93356
2330 * region-model.cc (region_model::eval_condition): In both
2331 overloads, bail out immediately on floating-point types.
2332 (region_model::eval_condition_without_cm): Likewise.
2333 (region_model::add_constraint): Likewise.
2334
2335 2020-01-30 David Malcolm <dmalcolm@redhat.com>
2336
2337 PR analyzer/93450
2338 * program-state.cc (sm_state_map::set_state): For the overload
2339 taking an svalue_id, bail out if the set_state on the ec does
2340 nothing. Convert the latter's return type from void to bool,
2341 returning true if anything changed.
2342 (sm_state_map::impl_set_state): Convert the return type from void
2343 to bool, returning true if the state changed.
2344 * program-state.h (sm_state_map::set_state): Convert return type
2345 from void to bool.
2346 (sm_state_map::impl_set_state): Likewise.
2347 * region-model.cc (constant_svalue::eval_condition): Only call
2348 fold_build2 if the types are the same.
2349
2350 2020-01-29 Jakub Jelinek <jakub@redhat.com>
2351
2352 * analyzer.h (PUSH_IGNORE_WFORMAT, POP_IGNORE_WFORMAT): Remove.
2353 * constraint-manager.cc: Include diagnostic-core.h before graphviz.h.
2354 (range::dump, equiv_class::print): Don't use PUSH_IGNORE_WFORMAT or
2355 POP_IGNORE_WFORMAT.
2356 * state-purge.cc: Include diagnostic-core.h before
2357 gimple-pretty-print.h.
2358 (state_purge_annotator::add_node_annotations, print_vec_of_names):
2359 Don't use PUSH_IGNORE_WFORMAT or POP_IGNORE_WFORMAT.
2360 * region-model.cc: Move diagnostic-core.h include before graphviz.h.
2361 (path_var::dump, svalue::print, constant_svalue::print_details,
2362 region::dump_to_pp, region::dump_child_label, region::print_fields,
2363 map_region::print_fields, map_region::dump_dot_to_pp,
2364 map_region::dump_child_label, array_region::print_fields,
2365 array_region::dump_dot_to_pp): Don't use PUSH_IGNORE_WFORMAT or
2366 POP_IGNORE_WFORMAT.
2367
2368 2020-01-28 David Malcolm <dmalcolm@redhat.com>
2369
2370 PR analyzer/93316
2371 * engine.cc (rewind_info_t::update_model): Get the longjmp call
2372 stmt via get_longjmp_call () rather than assuming it is the last
2373 stmt in the longjmp's supernode.
2374 (rewind_info_t::add_events_to_path): Get the location_t for the
2375 rewind_from_longjmp_event via get_longjmp_call () rather than from
2376 the supernode's get_end_location ().
2377
2378 2020-01-28 David Malcolm <dmalcolm@redhat.com>
2379
2380 * region-model.cc (poisoned_value_diagnostic::emit): Update for
2381 renaming of warning_at overload to warning_meta.
2382 * sm-file.cc (file_leak::emit): Likewise.
2383 * sm-malloc.cc (double_free::emit): Likewise.
2384 (possible_null_deref::emit): Likewise.
2385 (possible_null_arg::emit): Likewise.
2386 (null_deref::emit): Likewise.
2387 (null_arg::emit): Likewise.
2388 (use_after_free::emit): Likewise.
2389 (malloc_leak::emit): Likewise.
2390 (free_of_non_heap::emit): Likewise.
2391 * sm-sensitive.cc (exposure_through_output_file::emit): Likewise.
2392 * sm-signal.cc (signal_unsafe_call::emit): Likewise.
2393 * sm-taint.cc (tainted_array_index::emit): Likewise.
2394
2395 2020-01-27 David Malcolm <dmalcolm@redhat.com>
2396
2397 PR analyzer/93451
2398 * region-model.cc (tree_cmp): For the REAL_CST case, impose an
2399 arbitrary order on NaNs relative to other NaNs and to non-NaNs;
2400 const-correctness tweak.
2401 (ana::selftests::build_real_cst_from_string): New function.
2402 (ana::selftests::append_interesting_constants): New function.
2403 (ana::selftests::test_tree_cmp_on_constants): New test.
2404 (ana::selftests::test_canonicalization_4): New test.
2405 (ana::selftests::analyzer_region_model_cc_tests): Call the new
2406 tests.
2407
2408 2020-01-27 David Malcolm <dmalcolm@redhat.com>
2409
2410 PR analyzer/93349
2411 * engine.cc (run_checkers): Save and restore input_location.
2412
2413 2020-01-27 David Malcolm <dmalcolm@redhat.com>
2414
2415 * call-string.cc (call_string::cmp_1): Delete, moving body to...
2416 (call_string::cmp): ...here.
2417 * call-string.h (call_string::cmp_1): Delete decl.
2418 * engine.cc (worklist::key_t::cmp_1): Delete, moving body to...
2419 (worklist::key_t::cmp): ...here. Implement hash comparisons
2420 via comparison rather than subtraction to avoid overflow issues.
2421 * exploded-graph.h (worklist::key_t::cmp_1): Delete decl.
2422 * region-model.cc (tree_cmp): Eliminate buggy checking for
2423 symmetry.
2424
2425 2020-01-27 David Malcolm <dmalcolm@redhat.com>
2426
2427 * analyzer.cc (is_named_call_p): Check that fndecl is "extern"
2428 and at file scope. Potentially disregard prefix _ or __ in
2429 fndecl's name. Bail if the identifier is NULL.
2430 (is_setjmp_call_p): Expect a gcall rather than plain gimple.
2431 Remove special-case check for leading prefix, and also check for
2432 sigsetjmp.
2433 (is_longjmp_call_p): Also check for siglongjmp.
2434 (get_user_facing_name): New function.
2435 * analyzer.h (is_setjmp_call_p): Expect a gcall rather than plain
2436 gimple.
2437 (get_user_facing_name): New decl.
2438 * checker-path.cc (setjmp_event::get_desc): Use
2439 get_user_facing_name to avoid hardcoding the function name.
2440 (rewind_event::rewind_event): Add rewind_info param, using it to
2441 initialize new m_rewind_info field, and strengthen the assertion.
2442 (rewind_from_longjmp_event::get_desc): Use get_user_facing_name to
2443 avoid hardcoding the function name.
2444 (rewind_to_setjmp_event::get_desc): Likewise.
2445 * checker-path.h (setjmp_event::setjmp_event): Add setjmp_call
2446 param and use it to initialize...
2447 (setjmp_event::m_setjmp_call): New field.
2448 (rewind_event::rewind_event): Add rewind_info param.
2449 (rewind_event::m_rewind_info): New protected field.
2450 (rewind_from_longjmp_event::rewind_from_longjmp_event): Add
2451 rewind_info param.
2452 (class rewind_to_setjmp_event): Move rewind_info field to parent
2453 class.
2454 * diagnostic-manager.cc (diagnostic_manager::add_events_for_eedge):
2455 Update setjmp-handling for is_setjmp_call_p requiring a gcall;
2456 pass the call to the new setjmp_event.
2457 * engine.cc (exploded_node::on_stmt): Update for is_setjmp_call_p
2458 requiring a gcall.
2459 (stale_jmp_buf::emit): Use get_user_facing_name to avoid
2460 hardcoding the function names.
2461 (exploded_node::on_longjmp): Pass the longjmp_call when
2462 constructing rewind_info.
2463 (rewind_info_t::add_events_to_path): Pass the rewind_info_t to the
2464 rewind_from_longjmp_event's ctor.
2465 * exploded-graph.h (rewind_info_t::rewind_info_t): Add
2466 longjmp_call param.
2467 (rewind_info_t::get_longjmp_call): New.
2468 (rewind_info_t::m_longjmp_call): New.
2469 * region-model.cc (region_model::on_setjmp): Update comment to
2470 indicate this is also for sigsetjmp.
2471 * region-model.h (struct setjmp_record): Likewise.
2472 (class setjmp_svalue): Likewise.
2473
2474 2020-01-27 David Malcolm <dmalcolm@redhat.com>
2475
2476 PR analyzer/93276
2477 * analyzer.h (PUSH_IGNORE_WFORMAT, POP_IGNORE_WFORMAT): Guard these
2478 macros with GCC_VERSION >= 4006, making them no-op otherwise.
2479 * engine.cc (exploded_edge::exploded_edge): Specify template for
2480 base class initializer.
2481 (exploded_graph::add_edge): Specify template when chaining up to
2482 base class add_edge implementation.
2483 (viz_callgraph_node::dump_dot): Drop redundant "typename".
2484 (viz_callgraph_edge::viz_callgraph_edge): Specify template for
2485 base class initializer.
2486 * program-state.cc (sm_state_map::clone_with_remapping): Drop
2487 redundant "typename".
2488 (sm_state_map::print): Likewise.
2489 (sm_state_map::hash): Likewise.
2490 (sm_state_map::operator==): Likewise.
2491 (sm_state_map::remap_svalue_ids): Likewise.
2492 (sm_state_map::on_svalue_purge): Likewise.
2493 (sm_state_map::validate): Likewise.
2494 * program-state.h (sm_state_map::iterator_t): Likewise.
2495 * supergraph.h (superedge::superedge): Specify template for base
2496 class initializer.
2497
2498 2020-01-23 David Malcolm <dmalcolm@redhat.com>
2499
2500 PR analyzer/93375
2501 * supergraph.cc (callgraph_superedge::get_arg_for_parm): Fail
2502 gracefully is the number of parameters at the callee exceeds the
2503 number of arguments at the call stmt.
2504 (callgraph_superedge::get_parm_for_arg): Likewise.
2505
2506 2020-01-22 David Malcolm <dmalcolm@redhat.com>
2507
2508 PR analyzer/93382
2509 * program-state.cc (sm_state_map::on_svalue_purge): If the
2510 entry survives, but the origin is being purged, then reset the
2511 origin to null.
2512
2513 2020-01-22 David Malcolm <dmalcolm@redhat.com>
2514
2515 * sm-signal.cc: Fix nesting of CHECKING_P and namespace ana.
2516
2517 2020-01-22 David Malcolm <dmalcolm@redhat.com>
2518
2519 PR analyzer/93378
2520 * engine.cc (setjmp_svalue::compare_fields): Update for
2521 replacement of m_enode with m_setjmp_record.
2522 (setjmp_svalue::add_to_hash): Likewise.
2523 (setjmp_svalue::get_index): Rename...
2524 (setjmp_svalue::get_enode_index): ...to this.
2525 (setjmp_svalue::print_details): Update for replacement of m_enode
2526 with m_setjmp_record.
2527 (exploded_node::on_longjmp): Likewise.
2528 * exploded-graph.h (rewind_info_t::m_enode_origin): Replace...
2529 (rewind_info_t::m_setjmp_record): ...with this.
2530 (rewind_info_t::rewind_info_t): Update for replacement of m_enode
2531 with m_setjmp_record.
2532 (rewind_info_t::get_setjmp_point): Likewise.
2533 (rewind_info_t::get_setjmp_call): Likewise.
2534 * region-model.cc (region_model::dump_summary_of_map): Likewise.
2535 (region_model::on_setjmp): Likewise.
2536 * region-model.h (struct setjmp_record): New struct.
2537 (setjmp_svalue::m_enode): Replace...
2538 (setjmp_svalue::m_setjmp_record): ...with this.
2539 (setjmp_svalue::setjmp_svalue): Update for replacement of m_enode
2540 with m_setjmp_record.
2541 (setjmp_svalue::clone): Likewise.
2542 (setjmp_svalue::get_index): Rename...
2543 (setjmp_svalue::get_enode_index): ...to this.
2544 (setjmp_svalue::get_exploded_node): Replace...
2545 (setjmp_svalue::get_setjmp_record): ...with this.
2546
2547 2020-01-22 David Malcolm <dmalcolm@redhat.com>
2548
2549 PR analyzer/93316
2550 * analyzer.cc (is_setjmp_call_p): Check for "setjmp" as well as
2551 "_setjmp".
2552
2553 2020-01-22 David Malcolm <dmalcolm@redhat.com>
2554
2555 PR analyzer/93307
2556 * analysis-plan.h: Wrap everything namespace "ana".
2557 * analyzer-logging.cc: Likewise.
2558 * analyzer-logging.h: Likewise.
2559 * analyzer-pass.cc (pass_analyzer::execute): Update for "ana"
2560 namespace.
2561 * analyzer-selftests.cc: Wrap everything namespace "ana".
2562 * analyzer-selftests.h: Likewise.
2563 * analyzer.h: Likewise for forward decls of types.
2564 * call-string.h: Likewise.
2565 * checker-path.cc: Likewise.
2566 * checker-path.h: Likewise.
2567 * constraint-manager.cc: Likewise.
2568 * constraint-manager.h: Likewise.
2569 * diagnostic-manager.cc: Likewise.
2570 * diagnostic-manager.h: Likewise.
2571 * engine.cc: Likewise.
2572 * engine.h: Likewise.
2573 * exploded-graph.h: Likewise.
2574 * function-set.cc: Likewise.
2575 * function-set.h: Likewise.
2576 * pending-diagnostic.cc: Likewise.
2577 * pending-diagnostic.h: Likewise.
2578 * program-point.cc: Likewise.
2579 * program-point.h: Likewise.
2580 * program-state.cc: Likewise.
2581 * program-state.h: Likewise.
2582 * region-model.cc: Likewise.
2583 * region-model.h: Likewise.
2584 * sm-file.cc: Likewise.
2585 * sm-malloc.cc: Likewise.
2586 * sm-pattern-test.cc: Likewise.
2587 * sm-sensitive.cc: Likewise.
2588 * sm-signal.cc: Likewise.
2589 * sm-taint.cc: Likewise.
2590 * sm.cc: Likewise.
2591 * sm.h: Likewise.
2592 * state-purge.h: Likewise.
2593 * supergraph.cc: Likewise.
2594 * supergraph.h: Likewise.
2595
2596 2020-01-21 David Malcolm <dmalcolm@redhat.com>
2597
2598 PR analyzer/93352
2599 * region-model.cc (int_cmp): Rename to...
2600 (array_region::key_cmp): ...this, using key_t rather than int.
2601 Rewrite in terms of comparisons rather than subtraction to
2602 ensure qsort is anti-symmetric when handling extreme values.
2603 (array_region::walk_for_canonicalization): Update for above
2604 renaming.
2605 * region-model.h (array_region::key_cmp): New decl.
2606
2607 2020-01-17 David Malcolm <dmalcolm@redhat.com>
2608
2609 PR analyzer/93290
2610 * region-model.cc (region_model::eval_condition_without_cm): Avoid
2611 gcc_unreachable for unexpected operations for the case where
2612 we're comparing an svalue against itself.
2613
2614 2020-01-17 David Malcolm <dmalcolm@redhat.com>
2615
2616 PR analyzer/93281
2617 * region-model.cc
2618 (region_model::convert_byte_offset_to_array_index): Convert to
2619 ssizetype before dividing by byte_size. Use fold_binary rather
2620 than fold_build2 to avoid needlessly constructing a tree for the
2621 non-const case.
2622
2623 2020-01-15 David Malcolm <dmalcolm@redhat.com>
2624
2625 * engine.cc (class impl_region_model_context): Fix comment.
2626
2627 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2628
2629 PR analyzer/93212
2630 * region-model.cc (make_region_for_type): Use
2631 FUNC_OR_METHOD_TYPE_P rather than comparing against FUNCTION_TYPE.
2632 * region-model.h (function_region::function_region): Likewise.
2633
2634 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2635
2636 * program-state.cc (sm_state_map::clone_with_remapping): Copy
2637 m_global_state.
2638 (selftest::test_program_state_merging_2): New selftest.
2639 (selftest::analyzer_program_state_cc_tests): Call it.
2640
2641 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2642
2643 * checker-path.h (checker_path::get_checker_event): New function.
2644 (checker_path): Add DISABLE_COPY_AND_ASSIGN; make fields private.
2645 * diagnostic-manager.cc
2646 (diagnostic_manager::prune_for_sm_diagnostic): Replace direct
2647 access to checker_path::m_events with accessor functions. Fix
2648 overlong line.
2649 (diagnostic_manager::prune_interproc_events): Replace direct
2650 access to checker_path::m_events with accessor functions.
2651 (diagnostic_manager::finish_pruning): Likewise.
2652
2653 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2654
2655 * checker-path.h (checker_event::clone): Delete vfunc decl.
2656 (debug_event::clone): Delete vfunc impl.
2657 (custom_event::clone): Delete vfunc impl.
2658 (statement_event::clone): Delete vfunc impl.
2659 (function_entry_event::clone): Delete vfunc impl.
2660 (state_change_event::clone): Delete vfunc impl.
2661 (start_cfg_edge_event::clone): Delete vfunc impl.
2662 (end_cfg_edge_event::clone): Delete vfunc impl.
2663 (call_event::clone): Delete vfunc impl.
2664 (return_event::clone): Delete vfunc impl.
2665 (setjmp_event::clone): Delete vfunc impl.
2666 (rewind_from_longjmp_event::clone): Delete vfunc impl.
2667 (rewind_to_setjmp_event::clone): Delete vfunc impl.
2668 (warning_event::clone): Delete vfunc impl.
2669
2670 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2671
2672 * supergraph.cc (supernode::dump_dot): Ensure that the TABLE
2673 element has at least one TR.
2674
2675 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2676
2677 PR analyzer/58237
2678 * engine.cc (leak_stmt_finder::find_stmt): Use get_pure_location
2679 when comparing against UNKNOWN_LOCATION.
2680 (stmt_requires_new_enode_p): Likewise.
2681 (exploded_graph::dump_exploded_nodes): Likewise.
2682 * supergraph.cc (supernode::get_start_location): Likewise.
2683 (supernode::get_end_location): Likewise.
2684
2685 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2686
2687 PR analyzer/58237
2688 * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
2689 selftest::analyzer_sm_file_cc_tests.
2690 * analyzer-selftests.h (selftest::analyzer_sm_file_cc_tests): New
2691 decl.
2692 * sm-file.cc: Include "analyzer/function-set.h" and
2693 "analyzer/analyzer-selftests.h".
2694 (get_file_using_fns): New function.
2695 (is_file_using_fn_p): New function.
2696 (fileptr_state_machine::on_stmt): Return true for known functions.
2697 (selftest::analyzer_sm_file_cc_tests): New function.
2698
2699 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2700
2701 * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
2702 selftest::analyzer_sm_signal_cc_tests.
2703 * analyzer-selftests.h (selftest::analyzer_sm_signal_cc_tests):
2704 New decl.
2705 * sm-signal.cc: Include "analyzer/function-set.h" and
2706 "analyzer/analyzer-selftests.h".
2707 (get_async_signal_unsafe_fns): New function.
2708 (signal_unsafe_p): Reimplement in terms of the above.
2709 (selftest::analyzer_sm_signal_cc_tests): New function.
2710
2711 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2712
2713 * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
2714 selftest::analyzer_function_set_cc_tests.
2715 * analyzer-selftests.h (selftest::analyzer_function_set_cc_tests):
2716 New decl.
2717 * function-set.cc: New file.
2718 * function-set.h: New file.
2719
2720 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2721
2722 * analyzer.h (fndecl_has_gimple_body_p): New decl.
2723 * engine.cc (impl_region_model_context::on_unknown_change): New
2724 function.
2725 (fndecl_has_gimple_body_p): Make non-static.
2726 (exploded_node::on_stmt): Treat __analyzer_dump_exploded_nodes as
2727 known. Track whether we have a call with unknown side-effects and
2728 pass it to on_call_post.
2729 * exploded-graph.h (impl_region_model_context::on_unknown_change):
2730 New decl.
2731 * program-state.cc (sm_state_map::on_unknown_change): New function.
2732 * program-state.h (sm_state_map::on_unknown_change): New decl.
2733 * region-model.cc: Include "bitmap.h".
2734 (region_model::on_call_pre): Return a bool, capturing whether the
2735 call has unknown side effects.
2736 (region_model::on_call_post): Add arg "bool unknown_side_effects"
2737 and if true, call handle_unrecognized_call.
2738 (class reachable_regions): New class.
2739 (region_model::handle_unrecognized_call): New function.
2740 * region-model.h (region_model::on_call_pre): Return a bool.
2741 (region_model::on_call_post): Add arg "bool unknown_side_effects".
2742 (region_model::handle_unrecognized_call): New decl.
2743 (region_model_context::on_unknown_change): New vfunc.
2744 (test_region_model_context::on_unknown_change): New function.
2745
2746 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2747
2748 * diagnostic-manager.cc (saved_diagnostic::operator==): Move here
2749 from header. Replace pointer equality test on m_var with call to
2750 pending_diagnostic::same_tree_p.
2751 * diagnostic-manager.h (saved_diagnostic::operator==): Move to
2752 diagnostic-manager.cc.
2753 * pending-diagnostic.cc (pending_diagnostic::same_tree_p): New.
2754 * pending-diagnostic.h (pending_diagnostic::same_tree_p): New.
2755 * sm-file.cc (file_diagnostic::subclass_equal_p): Replace pointer
2756 equality on m_arg with call to pending_diagnostic::same_tree_p.
2757 * sm-malloc.cc (malloc_diagnostic::subclass_equal_p): Likewise.
2758 (possible_null_arg::subclass_equal_p): Likewise.
2759 (null_arg::subclass_equal_p): Likewise.
2760 (free_of_non_heap::subclass_equal_p): Likewise.
2761 * sm-pattern-test.cc (pattern_match::operator==): Likewise.
2762 * sm-sensitive.cc (exposure_through_output_file::operator==):
2763 Likewise.
2764 * sm-taint.cc (tainted_array_index::operator==): Likewise.
2765
2766 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2767
2768 * diagnostic-manager.cc (dedupe_winners::add): Add logging
2769 of deduplication decisions made.
2770
2771 2020-01-14 David Malcolm <dmalcolm@redhat.com>
2772
2773 * ChangeLog: New file.
2774 * analyzer-selftests.cc: New file.
2775 * analyzer-selftests.h: New file.
2776 * analyzer.opt: New file.
2777 * analysis-plan.cc: New file.
2778 * analysis-plan.h: New file.
2779 * analyzer-logging.cc: New file.
2780 * analyzer-logging.h: New file.
2781 * analyzer-pass.cc: New file.
2782 * analyzer.cc: New file.
2783 * analyzer.h: New file.
2784 * call-string.cc: New file.
2785 * call-string.h: New file.
2786 * checker-path.cc: New file.
2787 * checker-path.h: New file.
2788 * constraint-manager.cc: New file.
2789 * constraint-manager.h: New file.
2790 * diagnostic-manager.cc: New file.
2791 * diagnostic-manager.h: New file.
2792 * engine.cc: New file.
2793 * engine.h: New file.
2794 * exploded-graph.h: New file.
2795 * pending-diagnostic.cc: New file.
2796 * pending-diagnostic.h: New file.
2797 * program-point.cc: New file.
2798 * program-point.h: New file.
2799 * program-state.cc: New file.
2800 * program-state.h: New file.
2801 * region-model.cc: New file.
2802 * region-model.h: New file.
2803 * sm-file.cc: New file.
2804 * sm-malloc.cc: New file.
2805 * sm-malloc.dot: New file.
2806 * sm-pattern-test.cc: New file.
2807 * sm-sensitive.cc: New file.
2808 * sm-signal.cc: New file.
2809 * sm-taint.cc: New file.
2810 * sm.cc: New file.
2811 * sm.h: New file.
2812 * state-purge.cc: New file.
2813 * state-purge.h: New file.
2814 * supergraph.cc: New file.
2815 * supergraph.h: New file.
2816
2817 2019-12-13 David Malcolm <dmalcolm@redhat.com>
2818
2819 * Initial creation
2820
2821 \f
2822 Copyright (C) 2019-2020 Free Software Foundation, Inc.
2823
2824 Copying and distribution of this file, with or without modification,
2825 are permitted in any medium without royalty provided the copyright
2826 notice and this notice are preserved.
Mirror of https://gcc.gnu.org/git/gcc.git