Add new gimple-ssa-warn-access pass.

gcc/ChangeLog:

	* Makefile.in (OBJS): Add gimple-ssa-warn-access.o and pointer-query.o.
	* attribs.h (fndecl_dealloc_argno): Move fndecl_dealloc_argno to tree.h.
	* builtins.c (compute_objsize_r): Move to pointer-query.cc.
	(access_ref::access_ref): Same.
	(access_ref::phi): Same.
	(access_ref::get_ref): Same.
	(access_ref::size_remaining): Same.
	(access_ref::offset_in_range): Same.
	(access_ref::add_offset): Same.
	(access_ref::inform_access): Same.
	(ssa_name_limit_t::visit_phi): Same.
	(ssa_name_limit_t::leave_phi): Same.
	(ssa_name_limit_t::next): Same.
	(ssa_name_limit_t::next_phi): Same.
	(ssa_name_limit_t::~ssa_name_limit_t): Same.
	(pointer_query::pointer_query): Same.
	(pointer_query::get_ref): Same.
	(pointer_query::put_ref): Same.
	(pointer_query::flush_cache): Same.
	(warn_string_no_nul): Move to gimple-ssa-warn-access.cc.
	(check_nul_terminated_array): Same.
	(unterminated_array): Same.
	(maybe_warn_for_bound): Same.
	(check_read_access): Same.
	(warn_for_access): Same.
	(get_size_range): Same.
	(check_access): Same.
	(gimple_call_alloc_size): Move to tree.c.
	(gimple_parm_array_size): Move to pointer-query.cc.
	(get_offset_range): Same.
	(gimple_call_return_array): Same.
	(handle_min_max_size): Same.
	(handle_array_ref): Same.
	(handle_mem_ref): Same.
	(compute_objsize): Same.
	(gimple_call_alloc_p): Move to gimple-ssa-warn-access.cc.
	(call_dealloc_argno): Same.
	(fndecl_dealloc_argno): Same.
	(new_delete_mismatch_p): Same.
	(matching_alloc_calls_p): Same.
	(warn_dealloc_offset): Same.
	(maybe_emit_free_warning): Same.
	* builtins.h (check_nul_terminated_array): Move to
	gimple-ssa-warn-access.h.
	(check_nul_terminated_array): Same.
	(warn_string_no_nul): Same.
	(unterminated_array): Same.
	(class ssa_name_limit_t): Same.
	(class pointer_query): Same.
	(struct access_ref): Same.
	(class range_query): Same.
	(struct access_data): Same.
	(gimple_call_alloc_size): Same.
	(gimple_parm_array_size): Same.
	(compute_objsize): Same.
	(class access_data): Same.
	(maybe_emit_free_warning): Same.
	* calls.c (initialize_argument_information): Remove call to
	maybe_emit_free_warning.
	* gimple-array-bounds.cc: Include new header..
	* gimple-fold.c: Same.
	* gimple-ssa-sprintf.c: Same.
	* gimple-ssa-warn-restrict.c: Same.
	* passes.def: Add pass_warn_access.
	* tree-pass.h (make_pass_warn_access): Declare.
	* tree-ssa-strlen.c: Include new headers.
	* tree.c (fndecl_dealloc_argno): Move here from builtins.c.
	* tree.h (fndecl_dealloc_argno): Move here from attribs.h.
	* gimple-ssa-warn-access.cc: New file.
	* gimple-ssa-warn-access.h: New file.
	* pointer-query.cc: New file.
	* pointer-query.h: New file.

gcc/cp/ChangeLog:

	* init.c: Include new header.

1 files changed, 234 insertions, 0 deletions

diff --git a/gcc/pointer-query.h b/gcc/pointer-query.h
new file mode 100644
index 0000000..6168c80
--- /dev/null
+++ b/gcc/pointer-query.h
@@ -0,0 +1,234 @@
+/* Definitions of the pointer_query and related classes.
+
+   Copyright (C) 2020-2021 Free Software Foundation, Inc.
+
+   This file is part of GCC.
+
+   GCC is free software; you can redistribute it and/or modify it under
+   the terms of the GNU General Public License as published by the Free
+   Software Foundation; either version 3, or (at your option) any later
+   version.
+
+   GCC is distributed in the hope that it will be useful, but WITHOUT ANY
+   WARRANTY; without even the implied warranty of MERCHANTABILITY or
+   FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+   for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with GCC; see the file COPYING3.  If not see
+   <http://www.gnu.org/licenses/>.  */
+
+#ifndef GCC_POINTER_QUERY_H
+#define GCC_POINTER_QUERY_H
+
+/* Describes recursion limits used by functions that follow use-def
+   chains of SSA_NAMEs.  */
+
+class ssa_name_limit_t
+{
+  bitmap visited;         /* Bitmap of visited SSA_NAMEs.  */
+  unsigned ssa_def_max;   /* Longest chain of SSA_NAMEs to follow.  */
+
+  /* Not copyable or assignable.  */
+  DISABLE_COPY_AND_ASSIGN (ssa_name_limit_t);
+
+public:
+
+  ssa_name_limit_t ()
+    : visited (),
+      ssa_def_max (param_ssa_name_def_chain_limit) { }
+
+  /* Set a bit for the PHI in VISITED and return true if it wasn't
+     already set.  */
+  bool visit_phi (tree);
+  /* Clear a bit for the PHI in VISITED.  */
+  void leave_phi (tree);
+  /* Return false if the SSA_NAME chain length counter has reached
+     the limit, otherwise increment the counter and return true.  */
+  bool next ();
+
+  /* If the SSA_NAME has already been "seen" return a positive value.
+     Otherwise add it to VISITED.  If the SSA_NAME limit has been
+     reached, return a negative value.  Otherwise return zero.  */
+  int next_phi (tree);
+
+  ~ssa_name_limit_t ();
+};
+
+class pointer_query;
+
+/* Describes a reference to an object used in an access.  */
+struct access_ref
+{
+  /* Set the bounds of the reference to at most as many bytes
+     as the first argument or unknown when null, and at least
+     one when the second argument is true unless the first one
+     is a constant zero.  */
+  access_ref (tree = NULL_TREE, bool = false);
+
+  /* Return the PHI node REF refers to or null if it doesn't.  */
+  gphi *phi () const;
+
+  /* Return the object to which REF refers.  */
+  tree get_ref (vec<access_ref> *, access_ref * = NULL, int = 1,
+		ssa_name_limit_t * = NULL, pointer_query * = NULL) const;
+
+  /* Return true if OFFRNG is the constant zero.  */
+  bool offset_zero () const
+  {
+    return offrng[0] == 0 && offrng[1] == 0;
+  }
+
+  /* Return true if OFFRNG is bounded to a subrange of offset values
+     valid for the largest possible object.  */
+  bool offset_bounded () const;
+
+  /* Return the maximum amount of space remaining and if non-null, set
+     argument to the minimum.  */
+  offset_int size_remaining (offset_int * = NULL) const;
+
+/* Return true if the offset and object size are in range for SIZE.  */
+  bool offset_in_range (const offset_int &) const;
+
+  /* Return true if *THIS is an access to a declared object.  */
+  bool ref_declared () const
+  {
+    return DECL_P (ref) && base0 && deref < 1;
+  }
+
+  /* Set the size range to the maximum.  */
+  void set_max_size_range ()
+  {
+    sizrng[0] = 0;
+    sizrng[1] = wi::to_offset (max_object_size ());
+  }
+
+  /* Add OFF to the offset range.  */
+  void add_offset (const offset_int &off)
+  {
+    add_offset (off, off);
+  }
+
+  /* Add the range [MIN, MAX] to the offset range.  */
+  void add_offset (const offset_int &, const offset_int &);
+
+  /* Add the maximum representable offset to the offset range.  */
+  void add_max_offset ()
+  {
+    offset_int maxoff = wi::to_offset (TYPE_MAX_VALUE (ptrdiff_type_node));
+    add_offset (-maxoff - 1, maxoff);
+  }
+
+  /* Issue an informational message describing the target of an access
+     with the given mode.  */
+  void inform_access (access_mode) const;
+
+  /* Reference to the accessed object(s).  */
+  tree ref;
+
+  /* Range of byte offsets into and sizes of the object(s).  */
+  offset_int offrng[2];
+  offset_int sizrng[2];
+  /* The minimum and maximum offset computed.  */
+  offset_int offmax[2];
+  /* Range of the bound of the access: denotes that the access
+     is at least BNDRNG[0] bytes but no more than BNDRNG[1].
+     For string functions the size of the actual access is
+     further constrained by the length of the string.  */
+  offset_int bndrng[2];
+
+  /* Used to fold integer expressions when called from front ends.  */
+  tree (*eval)(tree);
+  /* Positive when REF is dereferenced, negative when its address is
+     taken.  */
+  int deref;
+  /* Set if trailing one-element arrays should be treated as flexible
+     array members.  */
+  bool trail1special;
+  /* Set if valid offsets must start at zero (for declared and allocated
+     objects but not for others referenced by pointers).  */
+  bool base0;
+  /* Set if REF refers to a function array parameter not declared
+     static.  */
+  bool parmarray;
+};
+
+class range_query;
+
+/* Queries and caches compute_objsize results.  */
+class pointer_query
+{
+  DISABLE_COPY_AND_ASSIGN (pointer_query);
+
+public:
+  /* Type of the two-level cache object defined by clients of the class
+     to have pointer SSA_NAMEs cached for speedy access.  */
+  struct cache_type
+  {
+    /* 1-based indices into cache.  */
+    vec<unsigned> indices;
+    /* The cache itself.  */
+    vec<access_ref> access_refs;
+  };
+
+  /* Construct an object with the given Ranger instance and cache.  */
+  explicit pointer_query (range_query * = NULL, cache_type * = NULL);
+
+  /* Retrieve the access_ref for a variable from cache if it's there.  */
+  const access_ref* get_ref (tree, int = 1) const;
+
+  /* Retrieve the access_ref for a variable from cache or compute it.  */
+  bool get_ref (tree, access_ref*, int = 1);
+
+  /* Add an access_ref for the SSA_NAME to the cache.  */
+  void put_ref (tree, const access_ref&, int = 1);
+
+  /* Flush the cache.  */
+  void flush_cache ();
+
+  /* A Ranger instance.  May be null to use global ranges.  */
+  range_query *rvals;
+  /* Cache of SSA_NAMEs.  May be null to disable caching.  */
+  cache_type *var_cache;
+
+  /* Cache performance counters.  */
+  mutable unsigned hits;
+  mutable unsigned misses;
+  mutable unsigned failures;
+  mutable unsigned depth;
+  mutable unsigned max_depth;
+};
+
+/* Describes a pair of references used in an access by built-in
+   functions like memcpy.  */
+struct access_data
+{
+  /* Set the access to at most MAXWRITE and MAXREAD bytes, and
+     at least 1 when MINWRITE or MINREAD, respectively, is set.  */
+  access_data (tree expr, access_mode mode,
+	       tree maxwrite = NULL_TREE, bool minwrite = false,
+	       tree maxread = NULL_TREE, bool minread = false)
+    : call (expr),
+      dst (maxwrite, minwrite), src (maxread, minread), mode (mode) { }
+
+  /* Built-in function call.  */
+  tree call;
+  /* Destination and source of the access.  */
+  access_ref dst, src;
+  /* Read-only for functions like memcmp or strlen, write-only
+     for memset, read-write for memcpy or strcat.  */
+  access_mode mode;
+};
+
+class range_query;
+extern tree gimple_call_alloc_size (gimple *, wide_int[2] = NULL,
+				    range_query * = NULL);
+extern tree gimple_parm_array_size (tree, wide_int[2], bool * = NULL);
+
+extern tree compute_objsize (tree, int, access_ref *, range_query * = NULL);
+/* Legacy/transitional API.  Should not be used in new code.  */
+extern tree compute_objsize (tree, int, access_ref *, pointer_query *);
+extern tree compute_objsize (tree, int, tree * = NULL, tree * = NULL,
+			     range_query * = NULL);
+
+#endif   // GCC_POINTER_QUERY_H