| Message ID | 20200108090302.2425-1-dmalcolm@redhat.com |
|---|---|
| Headers | show |
| Series | v5 of analyzer patch kit | expand |
On Wed, 2020-01-08 at 04:02 -0500, David Malcolm wrote:
> Here's an updated version of the analyzer patch kit.
I've rebased (to r280067) and applied various fixes to the kit; I've
pushed a v6 of the kit to the dmalcolm/analyzer branch of the git
mirror (along with various followups):
https://gcc.gnu.org/git/?p=gcc.git;a=shortlog;h=refs/heads/dmalcolm/analyzer
I've also annotated the patch Subject lines with a brief review status
line e.g. {approved}, {needs review} etc.
Current review status (numbering is that of v6 of the kit):
Needs review:
0003-needs-review-testsuite-add-dg-enable-nn-line-numbers.patch
0005-needs-review-Add-ordered_hash_map.patch
0006-needs-review-timevar.def-add-TVs-for-analyzer.patch
0008-needs-review-analyzer-changes-to-configure.ac.patch
0009-needs-review-analyzer-add-new-files-to-Makefile.in.patch
0011-needs-review-analyzer-command-line-options.patch
0012-needs-review-analyzer-logging-support.patch
0013-needs-review-analyzer-new-file-analyzer-pass.cc-and-.patch
0014-needs-review-analyzer-new-files-graphviz.-cc-h.patch
0016-needs-review-analyzer-new-files-supergraph.-cc-h.patch
0017-needs-review-response-analyzer-new-files-analyzer.-c.patch
0019-needs-review-analyzer-new-files-constraint-manager.-.patch
0020-needs-review-analyzer-new-files-region-model.-cc-h.patch
0021-needs-review-analyzer-new-files-pending-diagnostic.-.patch
0023-needs-review-analyzer-new-files-sm-malloc.cc-and-sm-.patch
0027-needs-review-analyzer-new-file-sm-signal.cc.patch
0032-needs-review-analyzer-new-files-program-state.-cc-h.patch
0033-needs-review-analyzer-new-file-exploded-graph.h.patch
0035-needs-review-analyzer-new-files-engine.-cc-h.patch
0037-needs-review-analyzer-new-files-diagnostic-manager.-.patch
0038-needs-review-gdbinit.in-add-break-on-saved-diagnosti.patch
0039-needs-review-analyzer-test-suite.patch
Needs re-review:
0022-needs-re-review-analyzer-new-files-sm.-cc-h.patch
0036-needs-re-approval-analyzer-new-files-checker-path.-c.patch
Semi-approved:
0015-semi-approved-analyzer-new-files-digraph.-cc-h-and-s.patch
0018-semi-approved-analyzer-new-files-tristate.-cc-h.patch
0024-semi-approved-analyzer-new-file-sm-file.cc.patch
0026-semi-approved-analyzer-new-file-sm-sensitive.cc.patch
0028-semi-approved-analyzer-new-file-sm-taint.cc.patch
Approved:
0001-approved-analyzer-user-facing-documentation.patch
0002-approved-analyzer-internal-documentation.patch
0010-approved-analyzer-new-files-analyzer-selftests.-cc-h.patch
0025-approved-analyzer-new-file-sm-pattern-test.cc.patch
0029-approved-analyzer-new-files-analysis-plan.-cc-h.patch
0030-approved-analyzer-new-files-call-string.-cc-h.patch
0031-approved-analyzer-new-files-program-point.-cc-h.patch
0034-approved-analyzer-new-files-state-purge.-cc-h.patch
Can self approve:
0004-can-self-approve-Add-diagnostic-paths.patch
0007-obvious-analyzer-add-ChangeLog.patch
I can resend these to the list if that would be helpful.
Thanks
Dave
Here's an updated version of the analyzer patch kit. The main change in this version of the kit is that I've added notes to the top of each patch describing its review status (e.g. "needs review" vs "approved" etc), to try to clarify what's left to do here. This is v5, and is relative to r279963 (2020-01-07) Earlier versions: v4: https://gcc.gnu.org/ml/gcc-patches/2019-12/msg01002.html v3: https://gcc.gnu.org/ml/gcc-patches/2019-12/msg00529.html v2: https://gcc.gnu.org/ml/gcc-patches/2019-11/msg02024.html v1: https://gcc.gnu.org/ml/gcc-patches/2019-11/msg01543.html In particular, v4 dropped the in-tree plugin idea; with the analyzer becoming part of the compiler, with a configure-time way to disable the build of the compiler (built by default, but requiring -fanalyzer to run the pass; all of the analyzer-specific code is guarded by #if ENABLE_ANALYZER) See also: https://gcc.gnu.org/wiki/DavidMalcolm/StaticAnalyzer High-level changes (relative to v4): - rebased to r279963 (2020-01-07) - added notes to the top of each patch on its review status - removed various preliminary patches that I've already merged to trunk - removed analyzer-specific builtins - added a gcc/analyzer/ChangeLog and updated ChangeLog paths accordingly - updated copyright years in new files to include 2020 There are various bug-fixing follow-ups that I've posted earlier to gcc-patches and pushed to the "dmalcolm/analyzer" git branch which I'll save for now to try to keep review manageable. Also to be resolved is the hash_table issue here: https://gcc.gnu.org/ml/gcc-patches/2019-12/msg00777.html (which I've been looking at and will post about separately) One of the high-level questions is what to do about the less mature sm-*.cc files. Currently: - sm-malloc.cc is most mature - sm-signal.cc and sm-file.cc are fairly mature once all bug-fixes from the branch are applied - sm-taint.cc and sm-sensitive.cc are not production-ready and won't be any time soon Possible approaches: (a) omit the less mature sm files altogether from the initial release, retaining them as followup work on the branch, with the obvious changes to the docs (b) disable them by default, requiring the user to manually use -fanalyzer-checker= to select them. Complicates the documentation. (c) something else I haven't thought of I think I prefer (a), but perhaps deferring this to a followup, or, at least another iteration of this kit (it interacts with the docs) Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu, with the workaround for the hash_table issue from: https://gcc.gnu.org/ml/gcc-patches/2019-12/msg00776.html Pushed to the git mirror as branch "dmalcolm/analyzer-v5": https://gcc.gnu.org/git/?p=gcc.git;a=shortlog;h=refs/heads/dmalcolm/analyzer-v5 David Malcolm (41): analyzer: user-facing documentation analyzer: internal documentation sbitmap.h: add operator const_sbitmap to auto_sbitmap vec.h: add auto_delete_vec Add -fdiagnostics-nn-line-numbers Add diagnostic paths Add ordered_hash_map timevar.def: add TVs for analyzer analyzer: add ChangeLog analyzer: changes to configure.ac analyzer: add new files to Makefile.in analyzer: new files: analyzer-selftests.{cc|h} analyzer: command-line options analyzer: logging support analyzer: new file: analyzer-pass.cc and pass registration analyzer: new files: graphviz.{cc|h} analyzer: new files: digraph.{cc|h} and shortest-paths.h analyzer: new files: supergraph.{cc|h} analyzer: new files: analyzer.{cc|h} analyzer: new files: tristate.{cc|h} analyzer: new files: constraint-manager.{cc|h} analyzer: new files: region-model.{cc|h} analyzer: new files: pending-diagnostic.{cc|h} analyzer: new files: sm.{cc|h} analyzer: new files: sm-malloc.cc and sm-malloc.dot analyzer: new file: sm-file.cc analyzer: new file: sm-pattern-test.cc analyzer: new file: sm-sensitive.cc analyzer: new file: sm-signal.cc analyzer: new file: sm-taint.cc analyzer: new files: analysis-plan.{cc|h} analyzer: new files: call-string.{cc|h} analyzer: new files: program-point.{cc|h} analyzer: new files: program-state.{cc|h} analyzer: new file: exploded-graph.h analyzer: new files: state-purge.{cc|h} analyzer: new files: engine.{cc|h} analyzer: new files: checker-path.{cc|h} analyzer: new files: diagnostic-manager.{cc|h} gdbinit.in: add break-on-saved-diagnostic analyzer: test suite gcc/Makefile.in | 36 +- gcc/analyzer/ChangeLog | 10 + gcc/analyzer/analysis-plan.cc | 118 + gcc/analyzer/analysis-plan.h | 58 + gcc/analyzer/analyzer-logging.cc | 224 + gcc/analyzer/analyzer-logging.h | 262 + gcc/analyzer/analyzer-pass.cc | 102 + gcc/analyzer/analyzer-selftests.cc | 60 + gcc/analyzer/analyzer-selftests.h | 44 + gcc/analyzer/analyzer.cc | 150 + gcc/analyzer/analyzer.h | 124 + gcc/analyzer/analyzer.opt | 181 + gcc/analyzer/call-string.cc | 224 + gcc/analyzer/call-string.h | 76 + gcc/analyzer/checker-path.cc | 931 ++ gcc/analyzer/checker-path.h | 589 ++ gcc/analyzer/constraint-manager.cc | 2251 +++++ gcc/analyzer/constraint-manager.h | 248 + gcc/analyzer/diagnostic-manager.cc | 1217 +++ gcc/analyzer/diagnostic-manager.h | 137 + gcc/analyzer/engine.cc | 3583 ++++++++ gcc/analyzer/engine.h | 26 + gcc/analyzer/exploded-graph.h | 830 ++ gcc/analyzer/pending-diagnostic.cc | 64 + gcc/analyzer/pending-diagnostic.h | 269 + gcc/analyzer/program-point.cc | 529 ++ gcc/analyzer/program-point.h | 313 + gcc/analyzer/program-state.cc | 1331 +++ gcc/analyzer/program-state.h | 365 + gcc/analyzer/region-model.cc | 7773 +++++++++++++++++ gcc/analyzer/region-model.h | 2065 +++++ gcc/analyzer/sm-file.cc | 334 + gcc/analyzer/sm-malloc.cc | 794 ++ gcc/analyzer/sm-malloc.dot | 89 + gcc/analyzer/sm-pattern-test.cc | 149 + gcc/analyzer/sm-sensitive.cc | 245 + gcc/analyzer/sm-signal.cc | 306 + gcc/analyzer/sm-taint.cc | 325 + gcc/analyzer/sm.cc | 136 + gcc/analyzer/sm.h | 182 + gcc/analyzer/state-purge.cc | 524 ++ gcc/analyzer/state-purge.h | 164 + gcc/analyzer/supergraph.cc | 955 ++ gcc/analyzer/supergraph.h | 564 ++ gcc/c-family/c-format.c | 7 + gcc/c-family/c-format.h | 1 + gcc/common.opt | 28 + gcc/configure.ac | 14 +- gcc/coretypes.h | 1 + gcc/diagnostic-color.c | 3 +- gcc/diagnostic-event-id.h | 61 + gcc/diagnostic-format-json.cc | 10 +- gcc/diagnostic-path.h | 149 + gcc/diagnostic-show-locus.c | 79 +- gcc/diagnostic.c | 139 +- gcc/diagnostic.def | 5 + gcc/diagnostic.h | 36 +- gcc/digraph.cc | 188 + gcc/digraph.h | 246 + gcc/doc/analyzer.texi | 513 ++ gcc/doc/gccint.texi | 2 + gcc/doc/invoke.texi | 607 +- gcc/dwarf2out.c | 1 + gcc/gcc-rich-location.h | 4 +- gcc/gdbinit.in | 10 + gcc/graphviz.cc | 100 + gcc/graphviz.h | 53 + gcc/lto-wrapper.c | 3 + gcc/opts.c | 12 + gcc/ordered-hash-map-tests.cc | 247 + gcc/ordered-hash-map.h | 184 + gcc/passes.def | 1 + gcc/pretty-print.c | 32 + gcc/sbitmap.h | 1 + gcc/selftest-run-tests.c | 8 + gcc/selftest.h | 4 + gcc/shortest-paths.h | 145 + .../gcc.dg/analyzer/CVE-2005-1689-minimal.c | 30 + gcc/testsuite/gcc.dg/analyzer/abort.c | 72 + gcc/testsuite/gcc.dg/analyzer/alloca-leak.c | 8 + .../gcc.dg/analyzer/analyzer-decls.h | 36 + .../gcc.dg/analyzer/analyzer-verbosity-0.c | 162 + .../gcc.dg/analyzer/analyzer-verbosity-1.c | 190 + .../gcc.dg/analyzer/analyzer-verbosity-2.c | 221 + gcc/testsuite/gcc.dg/analyzer/analyzer.exp | 49 + .../gcc.dg/analyzer/attribute-nonnull.c | 81 + .../gcc.dg/analyzer/call-summaries-1.c | 14 + .../gcc.dg/analyzer/conditionals-2.c | 45 + .../gcc.dg/analyzer/conditionals-3.c | 47 + .../gcc.dg/analyzer/conditionals-notrans.c | 159 + .../gcc.dg/analyzer/conditionals-trans.c | 144 + gcc/testsuite/gcc.dg/analyzer/data-model-1.c | 1085 +++ gcc/testsuite/gcc.dg/analyzer/data-model-10.c | 17 + gcc/testsuite/gcc.dg/analyzer/data-model-11.c | 6 + gcc/testsuite/gcc.dg/analyzer/data-model-12.c | 13 + gcc/testsuite/gcc.dg/analyzer/data-model-13.c | 21 + gcc/testsuite/gcc.dg/analyzer/data-model-14.c | 24 + gcc/testsuite/gcc.dg/analyzer/data-model-15.c | 34 + gcc/testsuite/gcc.dg/analyzer/data-model-16.c | 52 + gcc/testsuite/gcc.dg/analyzer/data-model-17.c | 20 + gcc/testsuite/gcc.dg/analyzer/data-model-18.c | 22 + gcc/testsuite/gcc.dg/analyzer/data-model-19.c | 31 + gcc/testsuite/gcc.dg/analyzer/data-model-2.c | 13 + gcc/testsuite/gcc.dg/analyzer/data-model-3.c | 15 + gcc/testsuite/gcc.dg/analyzer/data-model-4.c | 16 + gcc/testsuite/gcc.dg/analyzer/data-model-5.c | 100 + gcc/testsuite/gcc.dg/analyzer/data-model-5b.c | 91 + gcc/testsuite/gcc.dg/analyzer/data-model-5c.c | 84 + gcc/testsuite/gcc.dg/analyzer/data-model-5d.c | 64 + gcc/testsuite/gcc.dg/analyzer/data-model-6.c | 14 + gcc/testsuite/gcc.dg/analyzer/data-model-7.c | 20 + gcc/testsuite/gcc.dg/analyzer/data-model-8.c | 26 + gcc/testsuite/gcc.dg/analyzer/data-model-9.c | 33 + .../gcc.dg/analyzer/data-model-path-1.c | 13 + gcc/testsuite/gcc.dg/analyzer/disabling.c | 10 + gcc/testsuite/gcc.dg/analyzer/dot-output.c | 33 + .../gcc.dg/analyzer/double-free-lto-1-a.c | 16 + .../gcc.dg/analyzer/double-free-lto-1-b.c | 8 + .../gcc.dg/analyzer/double-free-lto-1.h | 1 + gcc/testsuite/gcc.dg/analyzer/equivalence.c | 31 + gcc/testsuite/gcc.dg/analyzer/explode-1.c | 60 + gcc/testsuite/gcc.dg/analyzer/explode-2.c | 50 + gcc/testsuite/gcc.dg/analyzer/factorial.c | 7 + gcc/testsuite/gcc.dg/analyzer/fibonacci.c | 9 + gcc/testsuite/gcc.dg/analyzer/fields.c | 41 + gcc/testsuite/gcc.dg/analyzer/file-1.c | 37 + gcc/testsuite/gcc.dg/analyzer/file-2.c | 18 + .../gcc.dg/analyzer/function-ptr-1.c | 8 + .../gcc.dg/analyzer/function-ptr-2.c | 44 + .../gcc.dg/analyzer/function-ptr-3.c | 17 + gcc/testsuite/gcc.dg/analyzer/gzio-2.c | 11 + gcc/testsuite/gcc.dg/analyzer/gzio-3.c | 31 + gcc/testsuite/gcc.dg/analyzer/gzio-3a.c | 27 + gcc/testsuite/gcc.dg/analyzer/gzio.c | 17 + .../gcc.dg/analyzer/infinite-recursion.c | 55 + gcc/testsuite/gcc.dg/analyzer/loop-2.c | 37 + gcc/testsuite/gcc.dg/analyzer/loop-2a.c | 40 + gcc/testsuite/gcc.dg/analyzer/loop-3.c | 17 + gcc/testsuite/gcc.dg/analyzer/loop-4.c | 43 + gcc/testsuite/gcc.dg/analyzer/loop.c | 35 + gcc/testsuite/gcc.dg/analyzer/malloc-1.c | 585 ++ gcc/testsuite/gcc.dg/analyzer/malloc-2.c | 23 + gcc/testsuite/gcc.dg/analyzer/malloc-3.c | 8 + .../gcc.dg/analyzer/malloc-callbacks.c | 84 + gcc/testsuite/gcc.dg/analyzer/malloc-dce.c | 12 + .../gcc.dg/analyzer/malloc-dedupe-1.c | 46 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-1.c | 24 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-10.c | 32 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-11.c | 95 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-12.c | 7 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-13.c | 30 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-2.c | 34 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-3.c | 23 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-4.c | 13 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-5.c | 13 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-6.c | 22 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-7.c | 29 + .../analyzer/malloc-ipa-8-double-free.c | 172 + .../gcc.dg/analyzer/malloc-ipa-8-lto-a.c | 12 + .../gcc.dg/analyzer/malloc-ipa-8-lto-b.c | 18 + .../gcc.dg/analyzer/malloc-ipa-8-lto-c.c | 17 + .../gcc.dg/analyzer/malloc-ipa-8-lto.h | 12 + .../gcc.dg/analyzer/malloc-ipa-8-unchecked.c | 66 + gcc/testsuite/gcc.dg/analyzer/malloc-ipa-9.c | 18 + .../analyzer/malloc-macro-inline-events.c | 45 + .../analyzer/malloc-macro-separate-events.c | 15 + gcc/testsuite/gcc.dg/analyzer/malloc-macro.h | 2 + .../gcc.dg/analyzer/malloc-many-paths-1.c | 14 + .../gcc.dg/analyzer/malloc-many-paths-2.c | 30 + .../gcc.dg/analyzer/malloc-many-paths-3.c | 36 + .../gcc.dg/analyzer/malloc-paths-1.c | 15 + .../gcc.dg/analyzer/malloc-paths-10.c | 20 + .../gcc.dg/analyzer/malloc-paths-2.c | 13 + .../gcc.dg/analyzer/malloc-paths-3.c | 14 + .../gcc.dg/analyzer/malloc-paths-4.c | 20 + .../gcc.dg/analyzer/malloc-paths-5.c | 43 + .../gcc.dg/analyzer/malloc-paths-6.c | 11 + .../gcc.dg/analyzer/malloc-paths-7.c | 21 + .../gcc.dg/analyzer/malloc-paths-8.c | 54 + .../gcc.dg/analyzer/malloc-paths-9.c | 298 + .../gcc.dg/analyzer/malloc-vs-local-1a.c | 181 + .../gcc.dg/analyzer/malloc-vs-local-1b.c | 176 + .../gcc.dg/analyzer/malloc-vs-local-2.c | 179 + .../gcc.dg/analyzer/malloc-vs-local-3.c | 66 + .../gcc.dg/analyzer/malloc-vs-local-4.c | 40 + gcc/testsuite/gcc.dg/analyzer/operations.c | 44 + gcc/testsuite/gcc.dg/analyzer/params-2.c | 17 + gcc/testsuite/gcc.dg/analyzer/params.c | 34 + gcc/testsuite/gcc.dg/analyzer/paths-1.c | 18 + gcc/testsuite/gcc.dg/analyzer/paths-1a.c | 18 + gcc/testsuite/gcc.dg/analyzer/paths-2.c | 27 + gcc/testsuite/gcc.dg/analyzer/paths-3.c | 49 + gcc/testsuite/gcc.dg/analyzer/paths-4.c | 51 + gcc/testsuite/gcc.dg/analyzer/paths-5.c | 12 + gcc/testsuite/gcc.dg/analyzer/paths-6.c | 119 + gcc/testsuite/gcc.dg/analyzer/paths-7.c | 59 + .../gcc.dg/analyzer/pattern-test-1.c | 28 + .../gcc.dg/analyzer/pattern-test-2.c | 29 + .../gcc.dg/analyzer/pointer-merging.c | 16 + gcc/testsuite/gcc.dg/analyzer/pr61861.c | 2 + gcc/testsuite/gcc.dg/analyzer/pragma-1.c | 26 + gcc/testsuite/gcc.dg/analyzer/scope-1.c | 23 + gcc/testsuite/gcc.dg/analyzer/sensitive-1.c | 55 + gcc/testsuite/gcc.dg/analyzer/setjmp-1.c | 1 + gcc/testsuite/gcc.dg/analyzer/setjmp-2.c | 98 + gcc/testsuite/gcc.dg/analyzer/setjmp-3.c | 107 + gcc/testsuite/gcc.dg/analyzer/setjmp-4.c | 108 + gcc/testsuite/gcc.dg/analyzer/setjmp-5.c | 66 + gcc/testsuite/gcc.dg/analyzer/setjmp-6.c | 31 + gcc/testsuite/gcc.dg/analyzer/setjmp-7.c | 36 + gcc/testsuite/gcc.dg/analyzer/setjmp-7a.c | 110 + gcc/testsuite/gcc.dg/analyzer/setjmp-8.c | 108 + gcc/testsuite/gcc.dg/analyzer/setjmp-9.c | 110 + gcc/testsuite/gcc.dg/analyzer/signal-1.c | 31 + gcc/testsuite/gcc.dg/analyzer/signal-2.c | 34 + gcc/testsuite/gcc.dg/analyzer/signal-3.c | 23 + gcc/testsuite/gcc.dg/analyzer/signal-4a.c | 74 + gcc/testsuite/gcc.dg/analyzer/signal-4b.c | 89 + gcc/testsuite/gcc.dg/analyzer/strcmp-1.c | 35 + gcc/testsuite/gcc.dg/analyzer/switch.c | 30 + gcc/testsuite/gcc.dg/analyzer/taint-1.c | 128 + gcc/testsuite/gcc.dg/analyzer/zlib-1.c | 69 + gcc/testsuite/gcc.dg/analyzer/zlib-2.c | 51 + gcc/testsuite/gcc.dg/analyzer/zlib-3.c | 214 + gcc/testsuite/gcc.dg/analyzer/zlib-4.c | 20 + gcc/testsuite/gcc.dg/analyzer/zlib-5.c | 51 + gcc/testsuite/gcc.dg/analyzer/zlib-6.c | 47 + gcc/testsuite/gcc.dg/format/gcc_diag-10.c | 6 +- .../plugin/diagnostic-path-format-default.c | 142 + .../diagnostic-path-format-inline-events-1.c | 142 + .../diagnostic-path-format-inline-events-2.c | 154 + .../diagnostic-path-format-inline-events-3.c | 153 + .../plugin/diagnostic-path-format-none.c | 43 + .../diagnostic-path-format-separate-events.c | 44 + .../gcc.dg/plugin/diagnostic-test-paths-1.c | 38 + .../gcc.dg/plugin/diagnostic-test-paths-2.c | 56 + .../gcc.dg/plugin/diagnostic-test-paths-3.c | 38 + .../gcc.dg/plugin/diagnostic-test-paths-4.c | 83 + .../plugin/diagnostic_plugin_test_paths.c | 460 + gcc/testsuite/gcc.dg/plugin/plugin.exp | 11 + gcc/testsuite/lib/gcc-defs.exp | 21 + gcc/testsuite/lib/target-supports-dg.exp | 10 + gcc/testsuite/lib/target-supports.exp | 21 + gcc/timevar.def | 11 + gcc/toplev.c | 6 + gcc/tree-diagnostic-path.cc | 820 ++ gcc/tree-diagnostic.c | 12 +- gcc/tree-diagnostic.h | 8 + gcc/tree-pass.h | 1 + gcc/tristate.cc | 221 + gcc/tristate.h | 82 + gcc/vec.c | 27 + gcc/vec.h | 38 + libcpp/include/line-map.h | 7 + libcpp/line-map.c | 3 +- 255 files changed, 43231 insertions(+), 39 deletions(-) create mode 100644 gcc/analyzer/ChangeLog create mode 100644 gcc/analyzer/analysis-plan.cc create mode 100644 gcc/analyzer/analysis-plan.h create mode 100644 gcc/analyzer/analyzer-logging.cc create mode 100644 gcc/analyzer/analyzer-logging.h create mode 100644 gcc/analyzer/analyzer-pass.cc create mode 100644 gcc/analyzer/analyzer-selftests.cc create mode 100644 gcc/analyzer/analyzer-selftests.h create mode 100644 gcc/analyzer/analyzer.cc create mode 100644 gcc/analyzer/analyzer.h create mode 100644 gcc/analyzer/analyzer.opt create mode 100644 gcc/analyzer/call-string.cc create mode 100644 gcc/analyzer/call-string.h create mode 100644 gcc/analyzer/checker-path.cc create mode 100644 gcc/analyzer/checker-path.h create mode 100644 gcc/analyzer/constraint-manager.cc create mode 100644 gcc/analyzer/constraint-manager.h create mode 100644 gcc/analyzer/diagnostic-manager.cc create mode 100644 gcc/analyzer/diagnostic-manager.h create mode 100644 gcc/analyzer/engine.cc create mode 100644 gcc/analyzer/engine.h create mode 100644 gcc/analyzer/exploded-graph.h create mode 100644 gcc/analyzer/pending-diagnostic.cc create mode 100644 gcc/analyzer/pending-diagnostic.h create mode 100644 gcc/analyzer/program-point.cc create mode 100644 gcc/analyzer/program-point.h create mode 100644 gcc/analyzer/program-state.cc create mode 100644 gcc/analyzer/program-state.h create mode 100644 gcc/analyzer/region-model.cc create mode 100644 gcc/analyzer/region-model.h create mode 100644 gcc/analyzer/sm-file.cc create mode 100644 gcc/analyzer/sm-malloc.cc create mode 100644 gcc/analyzer/sm-malloc.dot create mode 100644 gcc/analyzer/sm-pattern-test.cc create mode 100644 gcc/analyzer/sm-sensitive.cc create mode 100644 gcc/analyzer/sm-signal.cc create mode 100644 gcc/analyzer/sm-taint.cc create mode 100644 gcc/analyzer/sm.cc create mode 100644 gcc/analyzer/sm.h create mode 100644 gcc/analyzer/state-purge.cc create mode 100644 gcc/analyzer/state-purge.h create mode 100644 gcc/analyzer/supergraph.cc create mode 100644 gcc/analyzer/supergraph.h create mode 100644 gcc/diagnostic-event-id.h create mode 100644 gcc/diagnostic-path.h create mode 100644 gcc/digraph.cc create mode 100644 gcc/digraph.h create mode 100644 gcc/doc/analyzer.texi create mode 100644 gcc/graphviz.cc create mode 100644 gcc/graphviz.h create mode 100644 gcc/ordered-hash-map-tests.cc create mode 100644 gcc/ordered-hash-map.h create mode 100644 gcc/shortest-paths.h create mode 100644 gcc/testsuite/gcc.dg/analyzer/CVE-2005-1689-minimal.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/abort.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/alloca-leak.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/analyzer-decls.h create mode 100644 gcc/testsuite/gcc.dg/analyzer/analyzer-verbosity-0.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/analyzer-verbosity-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/analyzer-verbosity-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/analyzer.exp create mode 100644 gcc/testsuite/gcc.dg/analyzer/attribute-nonnull.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/call-summaries-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/conditionals-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/conditionals-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/conditionals-notrans.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/conditionals-trans.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-10.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-11.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-12.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-13.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-14.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-15.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-16.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-17.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-18.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-19.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-4.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-5.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-5b.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-5c.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-5d.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-6.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-7.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-8.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-9.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/data-model-path-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/disabling.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/dot-output.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/double-free-lto-1-a.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/double-free-lto-1-b.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/double-free-lto-1.h create mode 100644 gcc/testsuite/gcc.dg/analyzer/equivalence.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/explode-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/explode-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/factorial.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/fibonacci.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/fields.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/file-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/file-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/function-ptr-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/function-ptr-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/function-ptr-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/gzio-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/gzio-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/gzio-3a.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/gzio.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/infinite-recursion.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/loop-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/loop-2a.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/loop-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/loop-4.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/loop.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-callbacks.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-dce.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-dedupe-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-10.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-11.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-12.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-13.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-4.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-5.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-6.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-7.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-double-free.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-lto-a.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-lto-b.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-lto-c.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-lto.h create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-unchecked.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-ipa-9.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-macro-inline-events.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-macro-separate-events.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-macro.h create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-many-paths-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-many-paths-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-many-paths-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-10.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-4.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-5.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-6.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-7.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-8.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-paths-9.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-vs-local-1a.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-vs-local-1b.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-vs-local-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-vs-local-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/malloc-vs-local-4.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/operations.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/params-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/params.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/paths-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/paths-1a.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/paths-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/paths-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/paths-4.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/paths-5.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/paths-6.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/paths-7.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/pattern-test-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/pattern-test-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/pointer-merging.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/pr61861.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/pragma-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/scope-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/sensitive-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-4.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-5.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-6.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-7.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-7a.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-8.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/setjmp-9.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/signal-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/signal-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/signal-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/signal-4a.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/signal-4b.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/strcmp-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/switch.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/taint-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/zlib-1.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/zlib-2.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/zlib-3.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/zlib-4.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/zlib-5.c create mode 100644 gcc/testsuite/gcc.dg/analyzer/zlib-6.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-path-format-default.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-path-format-inline-events-1.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-path-format-inline-events-2.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-path-format-inline-events-3.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-path-format-none.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-path-format-separate-events.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-test-paths-1.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-test-paths-2.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-test-paths-3.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic-test-paths-4.c create mode 100644 gcc/testsuite/gcc.dg/plugin/diagnostic_plugin_test_paths.c create mode 100644 gcc/tree-diagnostic-path.cc create mode 100644 gcc/tristate.cc create mode 100644 gcc/tristate.h