analyzer: fix false leak involving params [PR98969]

This patch updates the svalue liveness code so that the initial value
of parameters at top-level functions to the analysis are treated as
live (since the values are presumably still live within the
outside-of-the-analysis calling code).

This fixes the false leak in PR analyzer/98969 seen on:

void
test (long int i)
{
  struct foo *f = (struct foo *)i;
  f->expr = __builtin_malloc (1024);
}

since the calling code can presumably still access the allocated
buffer via:
  ((struct foo *)i)->expr

The patch also removes the expected leak warnings from
g++.dg/analyzer/pr99064.C and gcc.dg/analyzer/pr96841.c, which now
appear to me to be false positives.

gcc/analyzer/ChangeLog:
	PR analyzer/98969
	* constraint-manager.cc (dead_svalue_purger::should_purge_p):
	Update for change to svalue::live_p.
	* program-state.cc (sm_state_map::on_liveness_change): Likewise.
	(program_state::detect_leaks): Likewise.
	* region-model-reachability.cc (reachable_regions::init_cluster):
	When dealing with a symbolic region, if the underlying pointer is
	implicitly live, add the region to the reachable regions.
	* region-model.cc (region_model::compare_initial_and_pointer):
	Move logic for detecting initial values of params to
	initial_svalue::initial_value_of_param_p.
	* svalue.cc (svalue::live_p): Convert "live_svalues" from a
	reference to a pointer; support it being NULL.
	(svalue::implicitly_live_p): Convert first param from a
	refererence to a pointer.
	(region_svalue::implicitly_live_p): Likewise.
	(constant_svalue::implicitly_live_p): Likewise.
	(initial_svalue::implicitly_live_p): Likewise.  Treat the initial
	values of params for the top level frame as still live.
	(initial_svalue::initial_value_of_param_p): New function, taken
	from a test in region_model::compare_initial_and_pointer.
	(unaryop_svalue::implicitly_live_p): Convert first param from a
	refererence to a pointer.
	(binop_svalue::implicitly_live_p): Likewise.
	(sub_svalue::implicitly_live_p): Likewise.
	(unmergeable_svalue::implicitly_live_p): Likewise.
	* svalue.h (svalue::live_p): Likewise.
	(svalue::implicitly_live_p): Likewise.
	(region_svalue::implicitly_live_p): Likewise.
	(constant_svalue::implicitly_live_p): Likewise.
	(initial_svalue::implicitly_live_p): Likewise.
	(initial_svalue::initial_value_of_param_p): New decl.
	(unaryop_svalue::implicitly_live_p): Convert first param from a
	refererence to a pointer.
	(binop_svalue::implicitly_live_p): Likewise.
	(sub_svalue::implicitly_live_p): Likewise.
	(unmergeable_svalue::implicitly_live_p): Likewise.

gcc/testsuite/ChangeLog:
	PR analyzer/98969
	* g++.dg/analyzer/pr99064.C: Convert dg-bogus to dg-warning.
	* gcc.dg/analyzer/pr96841.c: Add -Wno-analyzer-too-complex to
	options.  Remove false leak directive.
	* gcc.dg/analyzer/pr98969.c (test_1): Remove xfail from leak
	false positive.
	(test_3): New.

1 files changed, 11 insertions, 9 deletions

diff --git a/gcc/analyzer/svalue.h b/gcc/analyzer/svalue.h
index 0703cac..672a89c 100644
--- a/gcc/analyzer/svalue.h
+++ b/gcc/analyzer/svalue.h
@@ -128,9 +128,9 @@ public:
 
   virtual void accept (visitor *v) const  = 0;
 
-  bool live_p (const svalue_set &live_svalues,
+  bool live_p (const svalue_set *live_svalues,
 	       const region_model *model) const;
-  virtual bool implicitly_live_p (const svalue_set &live_svalues,
+  virtual bool implicitly_live_p (const svalue_set *live_svalues,
 				  const region_model *model) const;
 
   static int cmp_ptr (const svalue *, const svalue *);
@@ -194,7 +194,7 @@ public:
 
   void dump_to_pp (pretty_printer *pp, bool simple) const FINAL OVERRIDE;
   void accept (visitor *v) const FINAL OVERRIDE;
-  bool implicitly_live_p (const svalue_set &,
+  bool implicitly_live_p (const svalue_set *,
 			  const region_model *) const FINAL OVERRIDE;
 
   const region * get_pointee () const { return m_reg; }
@@ -243,7 +243,7 @@ public:
 
   void dump_to_pp (pretty_printer *pp, bool simple) const FINAL OVERRIDE;
   void accept (visitor *v) const FINAL OVERRIDE;
-  bool implicitly_live_p (const svalue_set &,
+  bool implicitly_live_p (const svalue_set *,
 			  const region_model *) const FINAL OVERRIDE;
 
   tree get_constant () const { return m_cst_expr; }
@@ -493,9 +493,11 @@ public:
 
   void dump_to_pp (pretty_printer *pp, bool simple) const FINAL OVERRIDE;
   void accept (visitor *v) const FINAL OVERRIDE;
-  bool implicitly_live_p (const svalue_set &,
+  bool implicitly_live_p (const svalue_set *,
 			  const region_model *) const FINAL OVERRIDE;
 
+  bool initial_value_of_param_p () const;
+
   const region *get_region () const { return m_reg; }
 
  private:
@@ -564,7 +566,7 @@ public:
 
   void dump_to_pp (pretty_printer *pp, bool simple) const FINAL OVERRIDE;
   void accept (visitor *v) const FINAL OVERRIDE;
-  bool implicitly_live_p (const svalue_set &,
+  bool implicitly_live_p (const svalue_set *,
 			  const region_model *) const FINAL OVERRIDE;
 
   enum tree_code get_op () const { return m_op; }
@@ -653,7 +655,7 @@ public:
 
   void dump_to_pp (pretty_printer *pp, bool simple) const FINAL OVERRIDE;
   void accept (visitor *v) const FINAL OVERRIDE;
-  bool implicitly_live_p (const svalue_set &,
+  bool implicitly_live_p (const svalue_set *,
 			  const region_model *) const FINAL OVERRIDE;
 
   enum tree_code get_op () const { return m_op; }
@@ -734,7 +736,7 @@ public:
 
   void dump_to_pp (pretty_printer *pp, bool simple) const FINAL OVERRIDE;
   void accept (visitor *v) const FINAL OVERRIDE;
-  bool implicitly_live_p (const svalue_set &,
+  bool implicitly_live_p (const svalue_set *,
 			  const region_model *) const FINAL OVERRIDE;
 
   const svalue *get_parent () const { return m_parent_svalue; }
@@ -788,7 +790,7 @@ public:
 
   void dump_to_pp (pretty_printer *pp, bool simple) const FINAL OVERRIDE;
   void accept (visitor *v) const FINAL OVERRIDE;
-  bool implicitly_live_p (const svalue_set &,
+  bool implicitly_live_p (const svalue_set *,
 			  const region_model *) const FINAL OVERRIDE;
 
   const svalue *get_arg () const { return m_arg; }