+2020-11-10 Martin Liska <mliska@suse.cz>
+
+ * constraint-manager.cc (constraint_manager::merge): Remove
+ unused code.
+ * constraint-manager.h: Likewise.
+ * program-state.cc (sm_state_map::sm_state_map): Likewise.
+ (program_state::program_state): Likewise.
+ (test_sm_state_map): Likewise.
+ * program-state.h: Likewise.
+ * region-model-reachability.cc (reachable_regions::reachable_regions): Likewise.
+ * region-model-reachability.h: Likewise.
+ * region-model.cc (region_model::handle_unrecognized_call): Likewise.
+ (region_model::get_reachable_svalues): Likewise.
+ (region_model::can_merge_with_p): Likewise.
+
+2020-11-05 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97668
+ * svalue.cc (cmp_cst): Handle COMPLEX_CST.
+
+2020-10-29 David Malcolm <dmalcolm@redhat.com>
+
+ * program-state.cc (sm_state_map::on_liveness_change): Sort the
+ leaking svalues before calling on_state_leak.
+ (program_state::detect_leaks): Likewise when calling
+ on_svalue_leak.
+ * region-model-reachability.cc
+ (reachable_regions::mark_escaped_clusters): Likewise when
+ calling on_escaped_function.
+
+2020-10-29 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97608
+ * region-model-reachability.cc (reachable_regions::handle_sval):
+ Operands of reachable reversible operations are reachable.
+
+2020-10-29 David Malcolm <dmalcolm@redhat.com>
+
+ * analyzer.h (class state_machine): New forward decl.
+ (class logger): Likewise.
+ (class visitor): Likewise.
+ * complexity.cc: New file, taken from svalue.cc.
+ * complexity.h: New file, taken from region-model.h.
+ * region-model.h: Include "analyzer/svalue.h" and
+ "analyzer/region.h". Move struct complexity to complexity.h.
+ Move svalue, its subclasses and supporting decls to svalue.h.
+ Move region, its subclasses and supporting decls to region.h.
+ * region.cc: Include "analyzer/region.h".
+ (symbolic_region::symbolic_region): Move here from region-model.h.
+ * region.h: New file, based on material from region-model.h.
+ * svalue.cc: Include "analyzer/svalue.h".
+ (complexity::complexity): Move to complexity.cc.
+ (complexity::from_pair): Likewise.
+ * svalue.h: New file, based on material from region-model.h.
+
+2020-10-29 David Malcolm <dmalcolm@redhat.com>
+
+ * program-state.cc (sm_state_map::print): Guard the printing of
+ the origin pointer with !flag_dump_noaddr.
+ * region.cc (string_region::dump_to_pp): Likewise for
+ m_string_cst.
+
+2020-10-27 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97568
+ * region-model.cc (region_model::get_initial_value_for_global):
+ Move check that !DECL_EXTERNAL from here to...
+ * region.cc (decl_region::get_svalue_for_initializer): ...here,
+ using it to reject zero initialization.
+
+2020-10-27 Markus Böck <markus.boeck02@gmail.com>
+
+ PR analyzer/96608
+ * store.h (hash): Cast to intptr_t instead of long
+
+2020-10-27 David Malcolm <dmalcolm@redhat.com>
+
+ * constraint-manager.cc (svalue_cmp_by_ptr): Delete.
+ (equiv_class::canonicalize): Use svalue::cmp_ptr_ptr instead.
+ (equiv_class_cmp): Eliminate pointer comparison.
+ * diagnostic-manager.cc (dedupe_key::comparator): If they are at
+ the same location, also compare epath ength and pending_diagnostic
+ kind.
+ * engine.cc (readability_comparator): If two path_vars have the
+ same readability, then impose an arbitrary ordering on them.
+ (worklist::key_t::cmp): If two points have the same plan ordering,
+ continue the comparison. Call sm_state_map::cmp rather than
+ comparing hash values.
+ * program-state.cc (sm_state_map::entry_t::cmp): New.
+ (sm_state_map::cmp): New.
+ * program-state.h (sm_state_map::entry_t::cmp): New decl.
+ (sm_state_map::elements): New.
+ (sm_state_map::cmp): New.
+
+2020-10-27 David Malcolm <dmalcolm@redhat.com>
+
+ * engine.cc (setjmp_record::cmp): New.
+ (supernode_cluster::dump_dot): Avoid embedding pointer in cluster
+ name.
+ (supernode_cluster::cmp_ptr_ptr): New.
+ (function_call_string_cluster::dump_dot): Avoid embedding pointer
+ in cluster name. Sort m_map when dumping child clusters.
+ (function_call_string_cluster::cmp_ptr_ptr): New.
+ (root_cluster::dump_dot): Sort m_map when dumping child clusters.
+ * program-point.cc (function_point::cmp): New.
+ (function_point::cmp_ptr): New.
+ * program-point.h (function_point::cmp): New decl.
+ (function_point::cmp_ptr): New decl.
+ * program-state.cc (sm_state_map::print): Sort the values. Guard
+ the printing of pointers with !flag_dump_noaddr.
+ (program_state::prune_for_point): Sort the regions.
+ (log_set_of_svalues): Sort the values. Guard the printing of
+ pointers with !flag_dump_noaddr.
+ * region-model-manager.cc (log_uniq_map): Sort the values.
+ * region-model-reachability.cc (dump_set): New function template.
+ (reachable_regions::dump_to_pp): Use it.
+ * region-model.h (svalue::cmp_ptr): New decl.
+ (svalue::cmp_ptr_ptr): New decl.
+ (setjmp_record::cmp): New decl.
+ (placeholder_svalue::get_name): New accessor.
+ (widening_svalue::get_point): New accessor.
+ (compound_svalue::get_map): New accessor.
+ (conjured_svalue::get_stmt): New accessor.
+ (conjured_svalue::get_id_region): New accessor.
+ (region::cmp_ptrs): Rename to...
+ (region::cmp_ptr_ptr): ...this.
+ * region.cc (region::cmp_ptrs): Rename to...
+ (region::cmp_ptr_ptr): ...this.
+ * state-purge.cc
+ (state_purge_per_ssa_name::state_purge_per_ssa_name): Sort
+ m_points_needing_name when dumping.
+ * store.cc (concrete_binding::cmp_ptr_ptr): New.
+ (symbolic_binding::cmp_ptr_ptr): New.
+ (binding_map::cmp): New.
+ (get_sorted_parent_regions): Update for renaming of
+ region::cmp_ptrs to region::cmp_ptr_ptr.
+ (store::dump_to_pp): Likewise.
+ (store::to_json): Likewise.
+ (store::can_merge_p): Sort the base regions before considering
+ them.
+ * store.h (concrete_binding::cmp_ptr_ptr): New decl.
+ (symbolic_binding::cmp_ptr_ptr): New decl.
+ (binding_map::cmp): New decl.
+ * supergraph.cc (supergraph::supergraph): Assign UIDs to the
+ gimple stmts.
+ * svalue.cc (cmp_cst): New.
+ (svalue::cmp_ptr): New.
+ (svalue::cmp_ptr_ptr): New.
+
+2020-10-27 David Malcolm <dmalcolm@redhat.com>
+
+ * engine.cc (exploded_graph::get_or_create_node): Fix off-by-one
+ when imposing param_analyzer_max_enodes_per_program_point limit.
+
+2020-10-27 David Malcolm <dmalcolm@redhat.com>
+
+ * region-model.cc (region_model::get_representative_path_var):
+ Implement case RK_LABEL.
+ * region-model.h (label_region::get_label): New accessor.
+
+2020-10-22 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97514
+ * engine.cc (exploded_graph::add_function_entry): Handle failure
+ to create an enode, rather than asserting.
+
+2020-10-22 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97489
+ * engine.cc (exploded_graph::add_function_entry): Assert that we
+ have a function body.
+ (exploded_graph::on_escaped_function): Reject fndecls that don't
+ have a function body.
+
+2020-10-14 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/93388
+ * region-model.cc (region_model::get_initial_value_for_global):
+ Fall back to returning an initial_svalue if
+ decl_region::get_svalue_for_initializer fails.
+ * region.cc (decl_region::get_svalue_for_initializer): Don't
+ attempt to create a compound_svalue if the region has an unknown
+ size.
+
+2020-10-14 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/93723
+ * store.cc (binding_map::apply_ctor_to_region): Remove redundant
+ assertion.
+
+2020-10-12 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97258
+ * engine.cc (impl_region_model_context::on_escaped_function): New
+ vfunc.
+ (exploded_graph::add_function_entry): Use m_functions_with_enodes
+ to implement idempotency.
+ (add_any_callbacks): New.
+ (exploded_graph::build_initial_worklist): Use the above to find
+ callbacks that are reachable from global initializers.
+ (exploded_graph::on_escaped_function): New.
+ * exploded-graph.h
+ (impl_region_model_context::on_escaped_function): New decl.
+ (exploded_graph::on_escaped_function): New decl.
+ (exploded_graph::m_functions_with_enodes): New field.
+ * region-model-reachability.cc
+ (reachable_regions::reachable_regions): Replace "store" param with
+ "model" param; use it to initialize m_model.
+ (reachable_regions::add): When getting the svalue for the region,
+ call get_store_value on the model rather than using an initial
+ value.
+ (reachable_regions::mark_escaped_clusters): Add ctxt param and
+ use it to call on_escaped_function when a function_region escapes.
+ * region-model-reachability.h
+ (reachable_regions::reachable_regions): Replace "store" param with
+ "model" param.
+ (reachable_regions::mark_escaped_clusters): Add ctxt param.
+ (reachable_regions::m_model): New field.
+ * region-model.cc (region_model::handle_unrecognized_call): Update
+ for change in reachable_regions ctor.
+ (region_model::handle_unrecognized_call): Pass ctxt to
+ mark_escaped_clusters.
+ (region_model::get_reachable_svalues): Update for change in
+ reachable_regions ctor.
+ (region_model::get_initial_value_for_global): Read-only variables
+ keep their initial values.
+ * region-model.h (region_model_context::on_escaped_function): New
+ vfunc.
+ (noop_region_model_context::on_escaped_function): New.
+
+2020-10-12 David Malcolm <dmalcolm@redhat.com>
+
+ * analyzer.opt (Wanalyzer-write-to-const): New.
+ (Wanalyzer-write-to-string-literal): New.
+ * region-model-impl-calls.cc (region_model::impl_call_memcpy):
+ Call check_for_writable_region.
+ (region_model::impl_call_memset): Likewise.
+ (region_model::impl_call_strcpy): Likewise.
+ * region-model.cc (class write_to_const_diagnostic): New.
+ (class write_to_string_literal_diagnostic): New.
+ (region_model::check_for_writable_region): New.
+ (region_model::set_value): Call check_for_writable_region.
+ * region-model.h (region_model::check_for_writable_region): New
+ decl.
+
+2020-10-07 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97116
+ * sm-malloc.cc (method_p): New.
+ (describe_argument_index): New.
+ (inform_nonnull_attribute): Use describe_argument_index.
+ (possible_null_arg::describe_final_event): Likewise.
+ (null_arg::describe_final_event): Likewise.
+
+2020-09-29 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/95188
+ * engine.cc (stmt_requires_new_enode_p): Split enodes before
+ "signal" calls.
+
+2020-09-29 David Malcolm <dmalcolm@redhat.com>
+
+ * constraint-manager.cc
+ (constraint_manager::add_constraint_internal): Whitespace fixes.
+ Silence -Wsign-compare warning.
+ * engine.cc (maybe_process_run_of_before_supernode_enodes):
+ Silence -Wsign-compare warning.
+
+2020-09-28 David Malcolm <dmalcolm@redhat.com>
+
+ * region-model.h (binop_svalue::dyn_cast_binop_svalue): Remove
+ redundant "virtual". Add FINAL OVERRIDE.
+ (widening_svalue::dyn_cast_widening_svalue): Add FINAL OVERRIDE.
+ (compound_svalue::dyn_cast_compound_svalue): Likewise.
+ (conjured_svalue::dyn_cast_conjured_svalue): Likewise.
+
+2020-09-28 David Malcolm <dmalcolm@redhat.com>
+
+ * diagnostic-manager.cc (null_assignment_sm_context::m_visitor):
+ Remove unused field.
+
+2020-09-28 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97233
+ * analyzer.cc (is_longjmp_call_p): Require the initial argument
+ to be a pointer.
+ * engine.cc (exploded_node::on_longjmp): Likewise.
+
+2020-09-28 David Malcolm <dmalcolm@redhat.com>
+
+ * program-state.cc (sm_state_map::print): Update check
+ for m_global_state being the start state.
+
+2020-09-26 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/96646
+ PR analyzer/96841
+ * region-model.cc (region_model::get_representative_path_var):
+ When handling offset_region, wrap the MEM_REF's first argument in
+ an ADDR_EXPR of pointer type, rather than simply using the tree
+ for the parent region. Require the MEM_REF's second argument to
+ be an integer constant.
+
+2020-09-24 David Malcolm <dmalcolm@redhat.com>
+
+ * analyzer.h (struct rejected_constraint): New decl.
+ * analyzer.opt (fanalyzer-feasibility): New option.
+ * diagnostic-manager.cc (path_builder::path_builder): Add
+ "problem" param and use it to initialize new field.
+ (path_builder::get_feasibility_problem): New accessor.
+ (path_builder::m_feasibility_problem): New field.
+ (dedupe_winners::add): Remove inversion of logic in "if" clause,
+ swapping if/else suites. In the !feasible_p suite, inspect
+ flag_analyzer_feasibility and add code to handle when this
+ is off, accepting the infeasible path, but recording the
+ feasibility_problem.
+ (diagnostic_manager::emit_saved_diagnostic): Pass the
+ feasibility_problem to the path_builder.
+ (diagnostic_manager::add_events_for_eedge): If we have
+ a feasibility_problem at this edge, use it to add a custom event.
+ * engine.cc (exploded_path::feasible_p): Pass a
+ rejected_constraint ** to model.maybe_update_for_edge and transfer
+ ownership of any created instance to any feasibility_problem.
+ (feasibility_problem::dump_to_pp): New.
+ * exploded-graph.h (feasibility_problem::feasibility_problem):
+ Drop "model" param; add rejected_constraint * param.
+ (feasibility_problem::~feasibility_problem): New.
+ (feasibility_problem::dump_to_pp): New decl.
+ (feasibility_problem::m_model): Drop field.
+ (feasibility_problem::m_rc): New field.
+ * program-point.cc (function_point::get_location): Handle
+ PK_BEFORE_SUPERNODE and PK_AFTER_SUPERNODE.
+ * program-state.cc (program_state::on_edge): Pass NULL to new
+ param of region_model::maybe_update_for_edge.
+ * region-model.cc (region_model::add_constraint): New overload
+ adding a rejected_constraint ** param.
+ (region_model::maybe_update_for_edge): Add rejected_constraint **
+ param and pass it to the various apply_constraints_for_ calls.
+ (region_model::apply_constraints_for_gcond): Add
+ rejected_constraint ** param and pass it to add_constraint calls.
+ (region_model::apply_constraints_for_gswitch): Likewise.
+ (region_model::apply_constraints_for_exception): Likewise.
+ (rejected_constraint::dump_to_pp): New.
+ * region-model.h (region_model::maybe_update_for_edge):
+ Add rejected_constraint ** param.
+ (region_model::add_constraint): New overload adding a
+ rejected_constraint ** param.
+ (region_model::apply_constraints_for_gcond): Add
+ rejected_constraint ** param.
+ (region_model::apply_constraints_for_gswitch): Likewise.
+ (region_model::apply_constraints_for_exception): Likewise.
+ (struct rejected_constraint): New.
+
+2020-09-23 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97178
+ * engine.cc (impl_run_checkers): Update for change to ext_state
+ ctor.
+ * program-state.cc (selftest::test_sm_state_map): Pass an engine
+ instance to ext_state ctor.
+ (selftest::test_program_state_1): Likewise.
+ (selftest::test_program_state_2): Likewise.
+ (selftest::test_program_state_merging): Likewise.
+ (selftest::test_program_state_merging_2): Likewise.
+ * program-state.h (extrinsic_state::extrinsic_state): Remove NULL
+ default value for "eng" param.
+
+2020-09-23 Tobias Burnus <tobias@codesourcery.com>
+
+ * analyzer-logging.cc: Guard '#pragma ... ignored "-Wformat-diag"'
+ by '#if __GNUC__ >= 10'
+ * analyzer.h: Likewise.
+ * call-string.cc: Likewise.
+
+2020-09-23 David Malcolm <dmalcolm@redhat.com>
+
+ * engine.cc (exploded_node::on_stmt): Replace sequence of dyn_cast
+ with switch.
+
+2020-09-22 David Malcolm <dmalcolm@redhat.com>
+
+ * analysis-plan.cc: Include "json.h".
+ * analyzer.opt (fdump-analyzer-json): New.
+ * call-string.cc: Include "json.h".
+ (call_string::to_json): New.
+ * call-string.h (call_string::to_json): New decl.
+ * checker-path.cc: Include "json.h".
+ * constraint-manager.cc: Include "json.h".
+ (equiv_class::to_json): New.
+ (constraint::to_json): New.
+ (constraint_manager::to_json): New.
+ * constraint-manager.h (equiv_class::to_json): New decl.
+ (constraint::to_json): New decl.
+ (constraint_manager::to_json): New decl.
+ * diagnostic-manager.cc: Include "json.h".
+ (saved_diagnostic::to_json): New.
+ (diagnostic_manager::to_json): New.
+ * diagnostic-manager.h (saved_diagnostic::to_json): New decl.
+ (diagnostic_manager::to_json): New decl.
+ * engine.cc: Include "json.h", <zlib.h>.
+ (exploded_node::status_to_str): New.
+ (exploded_node::to_json): New.
+ (exploded_edge::to_json): New.
+ (exploded_graph::to_json): New.
+ (dump_analyzer_json): New.
+ (impl_run_checkers): Call it.
+ * exploded-graph.h (exploded_node::status_to_str): New decl.
+ (exploded_node::to_json): New.
+ (exploded_edge::to_json): New.
+ (exploded_graph::to_json): New.
+ * pending-diagnostic.cc: Include "json.h".
+ * program-point.cc: Include "json.h".
+ (program_point::to_json): New.
+ * program-point.h (program_point::to_json): New decl.
+ * program-state.cc: Include "json.h".
+ (extrinsic_state::to_json): New.
+ (sm_state_map::to_json): New.
+ (program_state::to_json): New.
+ * program-state.h (extrinsic_state::to_json): New decl.
+ (sm_state_map::to_json): New decl.
+ (program_state::to_json): New decl.
+ * region-model-impl-calls.cc: Include "json.h".
+ * region-model-manager.cc: Include "json.h".
+ * region-model-reachability.cc: Include "json.h".
+ * region-model.cc: Include "json.h".
+ * region-model.h (svalue::to_json): New decl.
+ (region::to_json): New decl.
+ * region.cc: Include "json.h".
+ (region::to_json: New.
+ * sm-file.cc: Include "json.h".
+ * sm-malloc.cc: Include "json.h".
+ * sm-pattern-test.cc: Include "json.h".
+ * sm-sensitive.cc: Include "json.h".
+ * sm-signal.cc: Include "json.h".
+ (signal_delivery_edge_info_t::to_json): New.
+ * sm-taint.cc: Include "json.h".
+ * sm.cc: Include "diagnostic.h", "tree-diagnostic.h", and
+ "json.h".
+ (state_machine::state::to_json): New.
+ (state_machine::to_json): New.
+ * sm.h (state_machine::state::to_json): New.
+ (state_machine::to_json): New.
+ * state-purge.cc: Include "json.h".
+ * store.cc: Include "json.h".
+ (binding_key::get_desc): New.
+ (binding_map::to_json): New.
+ (binding_cluster::to_json): New.
+ (store::to_json): New.
+ * store.h (binding_key::get_desc): New decl.
+ (binding_map::to_json): New decl.
+ (binding_cluster::to_json): New decl.
+ (store::to_json): New decl.
+ * supergraph.cc: Include "json.h".
+ (supergraph::to_json): New.
+ (supernode::to_json): New.
+ (superedge::to_json): New.
+ * supergraph.h (supergraph::to_json): New decl.
+ (supernode::to_json): New decl.
+ (superedge::to_json): New decl.
+ * svalue.cc: Include "json.h".
+ (svalue::to_json): New.
+
+2020-09-21 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/97130
+ * region-model-impl-calls.cc (call_details::get_arg_type): New.
+ * region-model.cc (region_model::on_call_pre): Check that the
+ initial arg is a pointer before calling impl_call_memset and
+ impl_call_strlen.
+ * region-model.h (call_details::get_arg_type): New decl.
+
+2020-09-21 David Malcolm <dmalcolm@redhat.com>
+
+ PR analyzer/93355
+ * sm-malloc.cc (malloc_state_machine::get_default_state): Look at
+ the base region when considering pointers. Treat pointers to
+ decls as being non-heap.
+
+2020-09-18 David Malcolm <dmalcolm@redhat.com>
+
+ * checker-path.cc (warning_event::get_desc): Handle global state
+ changes.
+
+2020-09-18 David Malcolm <dmalcolm@redhat.com>
+
+ * sm-malloc.cc (malloc_state_machine::on_stmt): Handle strdup and
+ strndup as being malloc-like allocators.
+
+2020-09-16 David Malcolm <dmalcolm@redhat.com>
+
+ * engine.cc (strongly_connected_components::strong_connect): Only
+ consider intraprocedural edges when creating SCCs.
+ (worklist::key_t::cmp): Add comment. Treat call_string
+ differences as more important than differences of program_point
+ within a supernode.
+
+2020-09-16 David Malcolm <dmalcolm@redhat.com>
+
+ * engine.cc (supernode_cluster::dump_dot): Show the SCC id
+ in the per-supernode clusters in FILENAME.eg.dot output.
+ (exploded_graph_annotator::add_node_annotations):
+ Show the SCC of the supernode in FILENAME.supernode.eg.dot output.
+ * exploded-graph.h (worklist::scc_id): New.
+ (exploded_graph::get_scc_id): New.
+
+2020-09-16 David Malcolm <dmalcolm@redhat.com>
+
+ * engine.cc (exploded_node::dump_dot): Show STATUS_BULK_MERGED.
+ (exploded_graph::process_worklist): Call
+ maybe_process_run_of_before_supernode_enodes.
+ (exploded_graph::maybe_process_run_of_before_supernode_enodes):
+ New.
+ (exploded_graph_annotator::print_enode): Show STATUS_BULK_MERGED.
+ * exploded-graph.h (enum exploded_node::status): Add
+ STATUS_BULK_MERGED.
+
+2020-09-16 David Malcolm <dmalcolm@redhat.com>
+
+ * engine.cc
+ (exploded_graph::process_node) <case PK_BEFORE_SUPERNODE>:
+ Simplify by using program_point::get_next.
+ * program-point.cc (program_point::get_next): New.
+ * program-point.h (program_point::get_next): New decl.
+
+2020-09-16 David Malcolm <dmalcolm@redhat.com>
+
+ * engine.cc (exploded_graph::get_or_create_node): Show the
+ program point when issuing -Wanalyzer-too-complex due to hitting
+ the per-program-point limit.
+
+2020-09-16 David Malcolm <dmalcolm@redhat.com>
+
+ * region-model.cc (region_model::on_call_pre): Treat getchar as
+ having no side-effects.
+
2020-09-15 David Malcolm <dmalcolm@redhat.com>
PR analyzer/96650
projects / gcc.git / blobdiff