[Bug analyzer/112790] New: -Wanalyzer-deref-before-check false positives seen in Linux kernel due to inlining

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112790 Bug ID: 112790 Summary: -Wanalyzer-deref-before-check false positives seen in Linux kernel due to inlining Product: gcc Version: unknown Status: UNCONFIRMED Se

[Bug analyzer/109077] Analyzer headers not installed

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109077 --- Comment #4 from David Malcolm --- Should be fixed on trunk for GCC 14 by the above patch. Keeping open to track backporting to the GCC 11, 12 and 13 branches.

[Bug analyzer/109077] Analyzer headers not installed

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109077 --- Comment #2 from David Malcolm --- PLUGIN_ANALYZER_INIT was added in r11-5583-g66dde7bc64b75d, so presumably this affects GCC 11 onwards.

[Bug analyzer/109077] Analyzer header not installed

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109077 David Malcolm changed: What|Removed |Added Blocks||107646 Ever confirmed|0

[Bug analyzer/103533] Enable "taint" state machine with -fanalyzer without requiring -fanalyzer-checker=taint

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103533 David Malcolm changed: What|Removed |Added Resolution|--- |FIXED Status|UNCONFIRMED

[Bug analyzer/112528] New: State explosions in gcc.dg/analyzer/pr93032-mztools-{signed,unsigned}-char.c when enabling taint checker

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112528 Bug ID: 112528 Summary: State explosions in gcc.dg/analyzer/pr93032-mztools-{signed,unsigned}-char .c when enabling taint checker Product: gcc Version: unknown

[Bug other/112425] New: Invalid SARIF output when column number is zero

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112425 Bug ID: 112425 Summary: Invalid SARIF output when column number is zero Product: gcc Version: unknown Status: UNCONFIRMED Keywords: diagnostic Severity: normal

[Bug analyzer/112317] Latest set of clang warnings

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112317 David Malcolm changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|---

[Bug analyzer/111537] ICE: in set_cell_span, at text-art/table.cc:148 with D front-end and -fanalyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111537 --- Comment #6 from David Malcolm --- Oops; the above got truncated; the string_cst prints as follows in gdb (gdb) pt string_cst unit-size align:8 warn_if_not_align:0 symtab:0 alias-set -1 canonical-type 0x7fffea77293

[Bug analyzer/111537] ICE: in set_cell_span, at text-art/table.cc:148 with D front-end and -fanalyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111537 --- Comment #5 from David Malcolm --- It's complaining about the read from the string literal. If I change the string in the reproducer from "hello world" to "foo", I see: (gdb) pt string_cst unit-size align:8 warn_i

[Bug analyzer/111537] ICE: in set_cell_span, at text-art/table.cc:148 with D front-end and -fanalyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111537 --- Comment #4 from David Malcolm --- (In reply to David Malcolm from comment #3) > Thanks; that reproducer works for me. ...or rather, demonstrates the ICE in a way that I can see in the debugger.

[Bug analyzer/111537] ICE: in set_cell_span, at text-art/table.cc:148 with D front-end and -fanalyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111537 David Malcolm changed: What|Removed |Added Last reconfirmed||2023-10-11 Ever confirmed|0

[Bug analyzer/111537] ICE: in set_cell_span, at text-art/table.cc:148 with D front-end and -fanalyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111537 --- Comment #1 from David Malcolm --- Am trying to reproduce locally, but when I run this in my BUILDDIR/gcc: ./gdc -B. -S -fanalyzer oob.d I get: d21: error: cannot find source code for runtime library file 'object.d' Possibly a silly que

[Bug driver/111700] ICE: SIGSEGV in needs_read_p (input.cc:598) with -fdiagnostics-format=sarif-file or -fdiagnostics-format=sarif-stderr on pre-processed input

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111700 --- Comment #3 from David Malcolm --- Should be fixed on trunk by the above patch. Keeping open to track backporting the fix to gcc 13.

[Bug driver/111700] ICE: SIGSEGV in needs_read_p (input.cc:598) with -fdiagnostics-format=sarif-file or -fdiagnostics-format=sarif-stderr on pre-processed input

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111700 David Malcolm changed: What|Removed |Added Last reconfirmed||2023-10-06 Ever confirmed|0

[Bug analyzer/104940] RFE: integrate analyzer with an SMT solver

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104940 --- Comment #6 from David Malcolm --- https://github.com/kristerw/pysmtgcc

[Bug analyzer/104940] RFE: integrate analyzer with an SMT solver

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104940 --- Comment #5 from David Malcolm --- See also: https://kristerw.github.io/2022/11/01/verifying-optimizations/

[Bug analyzer/111567] RFE: support __attribute__((counted_by)) in -fanalyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111567 --- Comment #1 from David Malcolm --- This PR tracks adding support for the attribute to -fanalyzer (which I can take a look at). Adding the attribute itself is tracked by PR 108896.

[Bug analyzer/111567] New: RFE: support counted_by in analyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111567 Bug ID: 111567 Summary: RFE: support counted_by in analyzer Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer

[Bug analyzer/111312] Should the analyzer run earlier?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111312 --- Comment #3 from David Malcolm --- Another example can be seen here: https://gcc.gnu.org/pipermail/gcc-patches/2023-August/628759.html in: gcc/testsuite/c-c++-common/analyzer/overlapping-buffers.c where -Wanalyzer-overlapping-buffers only

[Bug jit/111396] Segfault when using -flto with libgccjit

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111396 David Malcolm changed: What|Removed |Added Ever confirmed|0 |1 Last reconfirmed|

[Bug analyzer/111312] Should the analyzer run earlier?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111312 David Malcolm changed: What|Removed |Added CC||rguenth at gcc dot gnu.org --- Comment

[Bug analyzer/110529] Analyzer fails to handle computed goto

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110529 David Malcolm changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug analyzer/111329] [14 regression] gcc.dg/analyzer/out-of-bounds-diagram-1-debug.c fails after r14-3745-g4f4fa2501186e4

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111329 --- Comment #2 from David Malcolm --- Possibly another duplicate of bug 110483.

[Bug analyzer/110520] -Wanalyzer-null-dereference false nagetive with `*ptr = 10086`

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110520 David Malcolm changed: What|Removed |Added Ever confirmed|0 |1 Status|UNCONFIRMED

[Bug analyzer/111095] -Wanalyzer-out-of-bounds false negative with `return l_1322[9];` at -O1 and above

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111095 --- Comment #2 from David Malcolm --- (In reply to David Malcolm from comment #1) [...] > I'll open a bug about that. Filed as bug 111312; made this one block that one.

[Bug analyzer/111213] -Wanalyzer-out-of-bounds false negative with `return arr[9];` at -O1 and above

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111213 David Malcolm changed: What|Removed |Added Status|UNCONFIRMED |NEW Last reconfirmed|

[Bug analyzer/111312] New: Should the analyzer run earlier?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111312 Bug ID: 111312 Summary: Should the analyzer run earlier? Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer

[Bug analyzer/111095] -Wanalyzer-out-of-bounds false negative with `return l_1322[9];` at -O1 and above

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111095 David Malcolm changed: What|Removed |Added Status|UNCONFIRMED |NEW Ever confirmed|0

[Bug analyzer/110529] Analyzer fails to handle computed goto

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110529 David Malcolm changed: What|Removed |Added Status|UNCONFIRMED |NEW Summary|-Wanalyzer-null-

[Bug analyzer/111213] -Wanalyzer-out-of-bounds false negative with `return arr[9];` at -O1 and above

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111213 David Malcolm changed: What|Removed |Added Summary|-Wanalyzer-out-of-bounds|-Wanalyzer-out-of-bounds

[Bug analyzer/111155] New: RFE: better diagrams for string operations

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=55 Bug ID: 55 Summary: RFE: better diagrams for string operations Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: an

[Bug analyzer/111144] RFE: could -fanalyzer warn about assertions that have side effects?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=44 --- Comment #2 from David Malcolm --- See also bug 6906 and bug 57612

[Bug analyzer/111144] RFE: could -fanalyzer warn about assertions that have side effects?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=44 --- Comment #1 from David Malcolm --- See e.g.: https://wiki.sei.cmu.edu/confluence/display/c/PRE31-C.+Avoid+side+effects+in+arguments+to+unsafe+macros https://stackoverflow.com/questions/10593492/catching-assert-with-side-effects cppcheck:

[Bug analyzer/111144] New: RFE: could -fanalyzer warn about assertions that have side effects?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=44 Bug ID: 44 Summary: RFE: could -fanalyzer warn about assertions that have side effects? Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal

[Bug analyzer/109027] [13/14 Regression] ICE: SIGSEGV (infinite recursion in ana::constraint_manager::eval_condition / ana::constraint_manager::impossible_derived_conditions_p) with -fanalyzer since r

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109027 --- Comment #6 from David Malcolm --- Bug 111099 is possibly a duplicate of this.

[Bug analyzer/111099] -fanalyzer -Os segmentation fault due to infinite recursion in ana::constraint_manager::eval_condition

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111099 --- Comment #2 from David Malcolm --- Infinite recursion within ana::constraint_manager::eval_condition; possible duplicate of bug 109027

[Bug analyzer/111099] -fanalyzer -Os segmentation fault

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111099 David Malcolm changed: What|Removed |Added Ever confirmed|0 |1 Status|UNCONFIRMED

[Bug analyzer/107646] RFE: can we reimplement gcc-python-plugin's cpychecker as a -fanalyzer plugin?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107646 --- Comment #9 from David Malcolm --- (In reply to David Malcolm from comment #4) > Some ideas of projects we could analyze: https://github.com/fedora-python/python-ethtool (Although deprecated, it's relatively small and has been ported to Pyth

[Bug analyzer/107646] RFE: can we reimplement gcc-python-plugin's cpychecker as a -fanalyzer plugin?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107646 David Malcolm changed: What|Removed |Added Last reconfirmed||2023-08-17 Status|UNCONFIRM

[Bug analyzer/107646] RFE: can we reimplement gcc-python-plugin's cpychecker as a -fanalyzer plugin?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107646 --- Comment #8 from David Malcolm --- (In reply to David Malcolm from comment #4) > Some ideas of projects we could analyze: * https://pypi.org/project/mercurial/ ; see: https://repo.mercurial-scm.org/hg-stable/file/tip/mercurial/cext

[Bug analyzer/107646] RFE: can we reimplement gcc-python-plugin's cpychecker as a -fanalyzer plugin?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107646 --- Comment #7 from David Malcolm --- (In reply to David Malcolm from comment #6) > (In reply to David Malcolm from comment #5) > Some attribute ideas: > > extern int PyDict_SetItem(PyObject *p, PyObject *key, PyObject *val) > __attribute__((

[Bug analyzer/107646] RFE: can we reimplement gcc-python-plugin's cpychecker as a -fanalyzer plugin?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107646 --- Comment #6 from David Malcolm --- (In reply to David Malcolm from comment #5) > How precisely to track behavior of API entrypoints? We can’t implement > known_functions that precisely model every entrypoint. > > Consider: > https://docs.py

[Bug analyzer/107646] RFE: can we reimplement gcc-python-plugin's cpychecker as a -fanalyzer plugin?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107646 --- Comment #5 from David Malcolm --- How precisely to track behavior of API entrypoints? We can’t implement known_functions that precisely model every entrypoint. Consider: https://docs.python.org/3/c-api/dict.html#c.PyDict_SetItem which has:

[Bug analyzer/107646] RFE: can we reimplement gcc-python-plugin's cpychecker as a -fanalyzer plugin?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107646 --- Comment #4 from David Malcolm --- Some ideas of projects we could analyze: - minimal Cython-generated C file - https://pypi.org/project/psycopg2/ - https://pypi.org/project/numpy

[Bug analyzer/105899] RFE: -fanalyzer could complain about misuses of standard C string APIs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105899 David Malcolm changed: What|Removed |Added Ever confirmed|0 |1 Status|UNCONFIRMED

[Bug analyzer/110426] Missing buffer overflow warning with function pointer that has the alloc_size attribute

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110426 David Malcolm changed: What|Removed |Added Status|ASSIGNED|RESOLVED Resolution|---

[Bug analyzer/110902] New: Missing cast in region_model_manager::maybe_fold_binop on MULT_EXPR by 1

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110902 Bug ID: 110902 Summary: Missing cast in region_model_manager::maybe_fold_binop on MULT_EXPR by 1 Product: gcc Version: 13.0 Status: UNCONFIRMED Severity: norma

[Bug analyzer/110882] [13 Regression] ICE with -fanalyzer on zero-sized array

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110882 David Malcolm changed: What|Removed |Added CC||asolokha at gmx dot com --- Comment #6

[Bug analyzer/108171] [13/14 Regression] ICE in binding_key::make, at analyzer/store.cc:132 since r13-4529-gdfe2ef7f2b6cac70

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108171 David Malcolm changed: What|Removed |Added Resolution|--- |DUPLICATE Status|ASSIGNED

[Bug analyzer/108171] [13/14 Regression] ICE in binding_key::make, at analyzer/store.cc:132 since r13-4529-gdfe2ef7f2b6cac70

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108171 David Malcolm changed: What|Removed |Added Status|NEW |ASSIGNED --- Comment #5 from David Malc

[Bug analyzer/110882] [13 Regression] ICE with -fanalyzer on zero-sized array

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110882 David Malcolm changed: What|Removed |Added Summary|[13/14 Regression] ICE with |[13 Regression] ICE with

[Bug analyzer/110882] ICE with -fanalyzer on zero-sized array

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110882 David Malcolm changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Ever confirmed|0

[Bug analyzer/110882] ICE with -fanalyzer on zero-sized array

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110882 --- Comment #1 from David Malcolm --- It's failing this assertion: #1 0x016e2295 in ana::binding_key::make (mgr=0x7fff91d8, r=0x3275340) at ../../src/gcc/analyzer/store.cc:132 132 gcc_assert (bit_size > 0); (gdb) list

[Bug analyzer/110882] New: ICE with -fanalyzer on zero-sized array

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110882 Bug ID: 110882 Summary: ICE with -fanalyzer on zero-sized array Product: gcc Version: 13.0 Status: UNCONFIRMED Keywords: ice-on-valid-code Severity: normal Pri

[Bug analyzer/110830] -Wanalyzer-use-of-uninitialized-value false negative due to use-after-free::supercedes_p.

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110830 --- Comment #2 from David Malcolm --- The "supercedes_p" logic is called in diagnostic_manager::emit_saved_diagnostics here: best_candidates.handle_interactions (this); I *think* every saved_diagnostic ought to have a non-NULL m_best_epath by

[Bug analyzer/110830] -Wanalyzer-use-of-uninitialized-value false negative due to use-after-free::supercedes_p.

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110830 --- Comment #1 from David Malcolm --- For reference, I implemented use_after_free::supercedes_p in commit g:33255ad3ac14e3953750fe0f2d82b901c2852ff6 as part of the gcc 12 (re)implementation of -Wanalyzer-use-of-uninitialized-value.

[Bug analyzer/109361] RFE: SARIF output could contain timing/profile information

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109361 David Malcolm changed: What|Removed |Added Status|ASSIGNED|RESOLVED Resolution|---

[Bug analyzer/109361] RFE: SARIF output could contain timing/profile information

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109361 --- Comment #4 from David Malcolm --- 1st patch posted for this (adding -fsarif-time-report): https://gcc.gnu.org/pipermail/gcc-patches/2023-April/615109.html 2nd patch: https://gcc.gnu.org/pipermail/gcc-patches/2023-July/625767.html

[Bug analyzer/109365] Double delete yields -Wanalyzer-use-after-free instead of -Wanalyzer-double-free

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109365 David Malcolm changed: What|Removed |Added CC||dmalcolm at gcc dot gnu.org --- Comment

[Bug middle-end/110612] text-art: four clang warnings

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110612 David Malcolm changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|---

[Bug analyzer/110455] [14 Regression] tree check: expected none of vector_type, have vector_type in get_gassign_result, at analyzer/region-model.cc:870 with -fanalyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110455 David Malcolm changed: What|Removed |Added Resolution|--- |FIXED Status|UNCONFIRMED

[Bug other/86656] [meta-bug] Issues found with -fsanitize=address

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86656 Bug 86656 depends on bug 110433, which changed state. Bug 110433 Summary: ASAN reports mismatching new/delete when compiling analyzer testcases https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110433 What|Removed |

[Bug analyzer/110433] ASAN reports mismatching new/delete when compiling analyzer testcases

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110433 David Malcolm changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|---

[Bug analyzer/110387] [14 Regression] ICE: in key_t, at analyzer/region.h:1110 with -fanalyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110387 David Malcolm changed: What|Removed |Added Resolution|--- |FIXED Status|NEW

[Bug analyzer/110700] ICE with -fanalyzer --analyzer-checker=taint on division of tainted floating-point values

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110700 --- Comment #3 from David Malcolm --- Should be fixed on trunk by the above patch. Keeping open to track backporting to branches for gcc 12 and gcc 13.

[Bug analyzer/110387] [14 Regression] ICE: in key_t, at analyzer/region.h:1110 with -fanalyzer

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110387 David Malcolm changed: What|Removed |Added Last reconfirmed||2023-07-19 Ever confirmed|0

[Bug analyzer/110700] ICE with -fanalyzer --analyzer-checker=taint on division of tainted floating-point values

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110700 David Malcolm changed: What|Removed |Added Summary|gcc -fanalyzer |ICE with -fanalyzer |

[Bug jit/110466] jit.dg FAILs on ppc64le

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110466 --- Comment #9 from David Malcolm --- Should be fixed on trunk for gcc 14 by the above commits. Keeping open to track backporting to gcc 13.

[Bug analyzer/110483] Several gcc.dg/analyzer/out-of-bounds-diagram-*.c tests FAIL

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110483 --- Comment #1 from David Malcolm --- Thanks for filing this; sorry about the failures. What's the endianness of the hosts that this is happening on? Is there a machine in the GCC compile farm that this happens on? The row of indices is is cr

[Bug jit/110466] jit.dg FAILs on ppc64le

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110466 --- Comment #6 from David Malcolm --- (In reply to Andrew Pinski from comment #5) > (In reply to Andrew Pinski from comment #4) > > (In reply to David Malcolm from comment #3) > > > > > > Reading symbols from > > > /home/dmalcolm/build/gcc/te

[Bug jit/110466] jit.dg FAILs on ppc64le

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110466 --- Comment #3 from David Malcolm --- With the above fix, the remaining failures are: FAIL: FAIL FAIL: FAIL FAIL: FAIL which are from testdebuginfo.c; I see: Reading symbols from /home/dmalcolm/build/gcc/testsuite/jit4/jit-debuginfo.o...Dwa

[Bug jit/110466] jit.dg FAILs on ppc64le

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110466 David Malcolm changed: What|Removed |Added Last reconfirmed||2023-06-28 Ever confirmed|0

[Bug analyzer/110426] Missing buffer overflow warning with function pointer that has the alloc_size attribute

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110426 David Malcolm changed: What|Removed |Added Ever confirmed|0 |1 Status|UNCONFIRMED

[Bug analyzer/110433] ASAN reports mismatching new/delete when compiling analyzer testcases

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110433 --- Comment #1 from David Malcolm --- I haven't reproduced this yet, but I notice that I forgot to give class spatial_item a virtual dtor, which looking at the backtrace may be the root cause.

[Bug c++/110164] Improve diagnostic for incomplete standard library types due to missing include

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110164 David Malcolm changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED

[Bug c++/110164] Improve diagnostic for incomplete standard library types due to missing include

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110164 David Malcolm changed: What|Removed |Added URL||https://gcc.gnu.org/piperma

[Bug analyzer/110172] Leak false positives from -fanalyzer with -fexceptions (even on C code)

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110172 --- Comment #1 from David Malcolm --- Quoting: https://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html#index-fexceptions """ -fexceptions Enable exception handling. Generates extra code needed to propagate exceptions. For some targets, th

[Bug analyzer/110285] -Wanalyzer-infinite-recursion false positive involving floating-point values

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110285 David Malcolm changed: What|Removed |Added Summary|-Wanalyzer-infinite-recursi |-Wanalyzer-infinite-recursi

[Bug c/107583] Missing fixit for struct members (e.g. time_t, missing include)

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107583 David Malcolm changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED

[Bug c/107583] Missing fixit for struct members (e.g. time_t, missing include)

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107583 David Malcolm changed: What|Removed |Added Status|NEW |ASSIGNED Assignee|unassigned

[Bug c/107583] Missing fixit for struct members (e.g. time_t, missing include)

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107583 David Malcolm changed: What|Removed |Added CC||dmalcolm at gcc dot gnu.org --- Comment

[Bug c++/110164] Improve diagnostic for incomplete standard library types due to missing include

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110164 David Malcolm changed: What|Removed |Added Status|NEW |ASSIGNED CC|

[Bug c++/90342] Misleading #include system fixit when using an older C++ version

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90342 David Malcolm changed: What|Removed |Added Resolution|--- |FIXED CC|

[Bug c/84890] Overly verbose notes for missing headers

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84890 David Malcolm changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED

[Bug analyzer/110014] -Wanalyzer-allocation-size mishandles realloc (..., .... * sizeof (object))

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110014 --- Comment #2 from David Malcolm --- Thanks for fixing this Tim. Keeping open to track backporting this to the gcc 13 branch.

[Bug analyzer/109577] -Wanalyzer-allocation-size mishandles __builtin_mul_overflow

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109577 --- Comment #4 from David Malcolm --- Thanks for fixing this Tim. Keeping open to track backporting this to the gcc 13 branch.

[Bug analyzer/110112] [11/12/13 Regression] gcc -fanalyzer takes an excessive amount of time

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110112 --- Comment #5 from David Malcolm --- Should be fixed on trunk for gcc 14 by the above patch. Keeping this open to track backporting it.

[Bug analyzer/110112] [11/12/13 Regression] gcc -fanalyzer takes an excessive amount of time

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110112 David Malcolm changed: What|Removed |Added Last reconfirmed||2023-06-08 Status|UNCONFIRM

[Bug analyzer/110172] New: Leak false positives from -fanalyzer with -fexceptions (even on C code)

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110172 Bug ID: 110172 Summary: Leak false positives from -fanalyzer with -fexceptions (even on C code) Product: gcc Version: 13.0 Status: UNCONFIRMED Severity: normal

[Bug analyzer/109015] Analyzer doesn't know about atomic builtins

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109015 David Malcolm changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|---

[Bug analyzer/109580] #pragma GCC diagnostic ignored "-Wanalyzer-fd-leak" is ineffective

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109580 David Malcolm changed: What|Removed |Added CC||rguenth at gcc dot gnu.org --- Comment

[Bug analyzer/109580] #pragma GCC diagnostic ignored "-Wanalyzer-fd-leak" is ineffective

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109580 --- Comment #3 from David Malcolm --- The optimized stmt with UNKNOWN_LOCATION is created from: (gdb) call inform(stmt->location, "stmt in gimple_simplify") ../../src/pr109580.c:10:9: note: stmt in gimple_simplify 10 | err |= dup2(nfd, 0

[Bug analyzer/109580] #pragma GCC diagnostic ignored "-Wanalyzer-fd-leak" is ineffective

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109580 --- Comment #2 from David Malcolm --- The warning is emitted on this statement: _23 = _3 | _5; within this basic block in the optimized code: [local count: 217325344]: nfd_26 = emacs_open_noquit ("/dev/null", 2, 0); _3 = nfd_26 < 0;

[Bug analyzer/109580] #pragma GCC diagnostic ignored "-Wanalyzer-fd-leak" is ineffective

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109580 David Malcolm changed: What|Removed |Added Last reconfirmed||2023-04-21 Ever confirmed|0

[Bug analyzer/109570] detect fclose on unopened or NULL files

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109570 --- Comment #2 from David Malcolm --- Thanks for filing this bug. I think -fanalyzer should warn about fclose(NULL), but not for free(NULL).

[Bug analyzer/106000] RFE: -fanalyzer should complain about memory accesses that are definitely out-of-bounds

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106000 David Malcolm changed: What|Removed |Added Blocks||109432 --- Comment #8 from David Malcol

[Bug analyzer/106626] Improvements to wording of -Wanalyzer-out-of-bounds

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106626 David Malcolm changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Ever confirmed|0

[Bug analyzer/109361] RFE: SARIF output could contain timing/profile information

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109361 --- Comment #3 from David Malcolm --- Created attachment 54804 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=54804&action=edit v1 of patch for this This patch works, but it also enables the output on stderr, and I see significant differe

[Bug analyzer/109361] RFE: SARIF output could contain timing/profile information

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109361 David Malcolm changed: What|Removed |Added Last reconfirmed||2023-03-31 Ever confirmed|0

<    1   2   3   4   5   6   7   8   9   10   >