https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107851
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Ever confirmed|0
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107948
David Malcolm changed:
What|Removed |Added
Resolution|--- |FIXED
Status|UNCONFIRMED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107941
--- Comment #2 from David Malcolm ---
Does the SARIF output format contain the information you need?
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107928
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107928
David Malcolm changed:
What|Removed |Added
Status|NEW |ASSIGNED
--- Comment #2 from David Malc
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103546
--- Comment #7 from David Malcolm ---
As it notes, the above patch reduces the number of false positives on
flex-generated scanners, but doesn't fix them all. Keeping this bug open to
track fixing them.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105784
David Malcolm changed:
What|Removed |Added
Ever confirmed|0 |1
Status|UNCONFIRMED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107807
David Malcolm changed:
What|Removed |Added
Status|WAITING |RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106473
David Malcolm changed:
What|Removed |Added
Resolution|--- |FIXED
Status|ASSIGNED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107851
Bug ID: 107851
Summary: Issues with -Wanalyzer-allocation-size messages
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100705
--- Comment #3 from David Malcolm ---
See also: PR 80066
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107788
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107783
David Malcolm changed:
What|Removed |Added
Resolution|--- |FIXED
Status|WAITING
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107807
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|WAITING
--- Comment #5 from David Malco
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106473
David Malcolm changed:
What|Removed |Added
Ever confirmed|0 |1
Summary|-Wanalyzer-malloc-
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107807
David Malcolm changed:
What|Removed |Added
Ever confirmed|0 |1
Status|UNCONFIRMED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107807
--- Comment #1 from David Malcolm ---
Thanks for filing this bug; sorry about the test failures.
I've tested errno-1.c with glibc's errno.h, and with a simple "extern int
errno;".
What does look like on your machine? In particular, how is "e
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107788
David Malcolm changed:
What|Removed |Added
Status|NEW |ASSIGNED
--- Comment #4 from David Malc
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107783
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|WAITING
--- Comment #4 from David Malco
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=10
David Malcolm changed:
What|Removed |Added
Resolution|--- |FIXED
Status|ASSIGNED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107582
--- Comment #9 from David Malcolm ---
s/earlier/earliest/
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107582
--- Comment #8 from David Malcolm ---
(In reply to David Malcolm from comment #7)
> I hope to backport this to GCC 12; keeping this open to track that.
I believe the buggy implementation of dynamic_call_info_t::update_model was
introduced in r1
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107582
--- Comment #7 from David Malcolm ---
Fixed on trunk for GCC 13 by the above commit.
I hope to backport this to GCC 12; keeping this open to track that.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107582
--- Comment #5 from David Malcolm ---
It's a bug in feasibility-checking when jumping through a function pointer:
dynamic_call_info_t::update_model blindly copies over the state from the
exploded_node's state, overwriting the precise knowledge o
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107582
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Ever confirmed|0
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107750
David Malcolm changed:
What|Removed |Added
Ever confirmed|0 |1
Status|UNCONFIRMED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107733
--- Comment #2 from David Malcolm ---
...and also, as you note:
* deleting the unrelated code ` int *d = 0;` should not affect the result
(but does)
> the path note `(3) 'e' is NULL` is wrong, this may suggest some problems.
Note (3) seems
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107733
--- Comment #1 from David Malcolm ---
Thanks for filing this bug.
It's analyzing "a" twice: as called by main, and as a standalone function.
The warning comes from the analysis of "a" as a standalone function; if I
delete "main" from the repro
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107711
David Malcolm changed:
What|Removed |Added
Status|WAITING |RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107711
David Malcolm changed:
What|Removed |Added
Keywords||patch
Status|ASSIGNED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107711
--- Comment #9 from David Malcolm ---
It's a use-after-free of the ident_hash hash_table. Testing a fix...
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107725
--- Comment #4 from David Malcolm ---
Aha thanks: presumably "Ep 350 - The Right Way to Write C++ Code in 2022"?
I'm watching it now.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107711
David Malcolm changed:
What|Removed |Added
Summary|internal compiler error:|ICE with -fanalyzer with
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107725
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |NEW
Last reconfirmed|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107725
David Malcolm changed:
What|Removed |Added
Blocks||97110
--- Comment #2 from David Malcolm
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107711
--- Comment #4 from David Malcolm ---
(In reply to urs from comment #2)
> On Wed, Nov 16, 2022 at 02:41:40PM +, dmalcolm at gcc dot gnu.org wrote:
> > Unfortunately I can't reproduce the ICE with the attachment.
>
> Yes, attachment was crea
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107711
--- Comment #3 from David Malcolm ---
Created attachment 53911
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=53911&action=edit
Work-in-progress patch to add logging to ana::on_finish_translation_unit
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107711
--- Comment #1 from David Malcolm ---
Thanks for filing this bug report.
Unfortunately I can't reproduce the ICE with the attachment.
I have a suspicion that this relates to commits r13-4073-gd8aba860b34203 and/or
r13-4074-g86a90006864840 and
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 106140, which changed state.
Bug 106140 Summary: RFE: analyzer could complain about misuses of socket APIs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106140
What|Removed |Added
-
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106140
David Malcolm changed:
What|Removed |Added
Resolution|--- |FIXED
Status|WAITING
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107472
Bug 107472 depends on bug 106302, which changed state.
Bug 106302 Summary: RFE: provide a way for -fanalyzer to use target flags
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106302
What|Removed |Added
-
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106301
Bug 106301 depends on bug 106302, which changed state.
Bug 106302 Summary: RFE: provide a way for -fanalyzer to use target flags
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106302
What|Removed |Added
-
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 106302, which changed state.
Bug 106302 Summary: RFE: provide a way for -fanalyzer to use target flags
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106302
What|Removed |Added
-
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106140
Bug 106140 depends on bug 106302, which changed state.
Bug 106302 Summary: RFE: provide a way for -fanalyzer to use target flags
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106302
What|Removed |Added
-
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106302
David Malcolm changed:
What|Removed |Added
Status|WAITING |RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106235
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106235
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107655
Bug ID: 107655
Summary: [meta-bug] tracker bug for issues encountered in the
texinfo-to-sphinx migration
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Keyword
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106147
--- Comment #6 from David Malcolm ---
The above patch implements -Wanalyzer-infinite-recursion for GCC 13.
I also have the beginnings of an implementation of -Wanalyzer-infinite-loop,
but it won't be ready for the close of GCC 13 stage 1.
Keep
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107648
Bug ID: 107648
Summary: RFE: add an attribute for indicating
security-sensitive data
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107646
--- Comment #1 from David Malcolm ---
In particular, reference-count checking would probably be the most interesting
aspect of the project.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107646
Bug ID: 107646
Summary: RFE: can we reimplement gcc-python-plugin's cpychecker
as a -fanalyzer plugin?
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107634
Bug ID: 107634
Summary: Very long filenames and URLs for sphinx-based docs
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Keywords: documentation
Severity: normal
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107625
Bug ID: 107625
Summary: RFE: analyzer support for dlopen etc
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106147
David Malcolm changed:
What|Removed |Added
See Also||https://gcc.gnu.org/bugzill
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77432
--- Comment #7 from David Malcolm ---
(In reply to David Malcolm from comment #5)
> I hadn't seen this, and I filed PR analyzer/99671 last year to track adding
> a -fanalyzer warning for this. I now have a mostly-working implementation
> of the
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99671
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99671
--- Comment #2 from David Malcolm ---
Created attachment 53863
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=53863&action=edit
Implementation of this (not yet ported to Sphinx)
This patch implements the new warning; still uses texinfo rat
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77432
David Malcolm changed:
What|Removed |Added
CC||dmalcolm at gcc dot gnu.org
--- Comment
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99671
David Malcolm changed:
What|Removed |Added
Ever confirmed|0 |1
Status|UNCONFIRMED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107573
Bug ID: 107573
Summary: RFE: analyzer handling of strtok
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107566
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107565
--- Comment #2 from David Malcolm ---
(In reply to Andrew Pinski from comment #1)
> Confirmed.
> else if (!fndecl_has_gimple_body_p (callee_fndecl)
>&& (!(callee_fndecl_flags & (ECF_CONST | ECF_PURE)))
>&& !
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106140
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|WAITING
--- Comment #3 from David Malco
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94355
--- Comment #13 from David Malcolm ---
(In reply to Jonathan Wakely from comment #10)
[...snip...]
> As already noted above, new can't return null here, and there is no
> dereference anyway. And the pointer isn't leaked, but it seems maybe the
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107486
David Malcolm changed:
What|Removed |Added
Resolution|--- |FIXED
Status|ASSIGNED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 107486, which changed state.
Bug 107486 Summary: [13 Regression] ICE when pipe's argument is not a pointer
type
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107486
What|Removed |Added
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107486
David Malcolm changed:
What|Removed |Added
Summary|[13 Regression] ICE in |[13 Regression] ICE when
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106302
David Malcolm changed:
What|Removed |Added
Ever confirmed|0 |1
Last reconfirmed|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107472
--- Comment #1 from David Malcolm ---
(In reply to David Malcolm from comment #0)
> In particular, note the GPF flags
GFP, even
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106140
David Malcolm changed:
What|Removed |Added
Ever confirmed|0 |1
Depends on|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107472
Bug ID: 107472
Summary: Support for the Linux kernel's memory-management APIs
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Compo
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106703
--- Comment #2 from David Malcolm ---
Looks like a dup of 107366; possibly fixed by
r13-3469-g2e8a0553918adc919f98ac5c0224fc6ce1fef68d.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107349
David Malcolm changed:
What|Removed |Added
Resolution|--- |FIXED
Status|ASSIGNED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107366
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107345
--- Comment #3 from David Malcolm ---
Fixed on trunk for GCC 13 by the above patch.
Keeping open for backporting to GCC 12.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106300
David Malcolm changed:
What|Removed |Added
Resolution|--- |FIXED
Status|UNCONFIRMED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106003
Bug 106003 depends on bug 106300, which changed state.
Bug 106300 Summary: RFE: analyzer support for more ways of obtaining an open
file descriptor
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106300
What|Removed
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107349
David Malcolm changed:
What|Removed |Added
Ever confirmed|0 |1
Last reconfirmed|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107366
David Malcolm changed:
What|Removed |Added
Status|NEW |ASSIGNED
--- Comment #4 from David Malc
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107345
David Malcolm changed:
What|Removed |Added
Ever confirmed|0 |1
Status|UNCONFIRMED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105765
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105765
David Malcolm changed:
What|Removed |Added
Status|NEW |ASSIGNED
Summary|[13 Regress
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107289
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107289
--- Comment #1 from David Malcolm ---
Thanks for filing this bug; I get the same results with trunk:
https://godbolt.org/z/3ThE6E5q6
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107210
David Malcolm changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107225
--- Comment #2 from David Malcolm ---
Thanks for filing this bug.
As far as I can tell, the aliasing implementation gets confused at:
1313 | x_hdrs[num_x_hdrs++] = strdup(line);
| ~^~
f
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105783
David Malcolm changed:
What|Removed |Added
Status|ASSIGNED|RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105783
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Ever confirmed|0
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106000
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105887
Bug 105887 depends on bug 106000, which changed state.
Bug 106000 Summary: RFE: -fanalyzer should complain about memory accesses that
are definitely out-of-bounds
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106000
What|Removed
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106625
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107158
--- Comment #8 from David Malcolm ---
I believe the above patch fixes the remaining ICEs on the attachment. Please
let me know if you find other ways to crash it.
Keeping this open to track the memory leak false +ves.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107158
--- Comment #6 from David Malcolm ---
Thanks; I can reproduce the ICE using the attachment. Looks like I reduced
the reproducer too much; sorry.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107060
--- Comment #8 from David Malcolm ---
The patch for PR analyzer/107072 and the above patch mean that we get more
reasonable summaries when using -fanalyzer-call-summaries. Unfortunately:
- it actually slows down the analysis for PR 107060 on my
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107158
David Malcolm changed:
What|Removed |Added
Summary|internal compiler error: in |False postives from
|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107158
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Ever confirmed|0
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107072
David Malcolm changed:
What|Removed |Added
Last reconfirmed||2022-10-05
Status|UNCONFIRM
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107106
David Malcolm changed:
What|Removed |Added
Status|UNCONFIRMED |NEW
Ever confirmed|0
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107072
Bug ID: 107072
Summary: Analyzer call summarization not taking into account
side-effects of calls
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: norm
601 - 700 of 1409 matches
Mail list logo
