From: David Malcolm <dmalcolm@redhat.com>
To: Shengyu Huang <kumom.huang@gmail.com>
Cc: GCC Development <gcc@gcc.gnu.org>
Subject: Re: [GSoC][Static Analyzer] First proposal draft and a few more questions/requests
Date: Mon, 20 Mar 2023 18:50:31 -0400 [thread overview]
Message-ID: <ee09b4ada93cecf1d34422f432119fd6c4baf758.camel@redhat.com> (raw)
In-Reply-To: <2344350B-6AD2-46A5-A335-BD3ECBBAA4DF@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 7657 bytes --]
On Mon, 2023-03-20 at 18:28 +0100, Shengyu Huang wrote:
> Hi Dave,
>
> Thanks for always getting back to me so promptly! I am drafting the
> proposal today. Here is the link:
>
> https://docs.google.com/document/d/1MRI1R5DaX8kM6DaqRQsEri5Mx2FvHmWv13qe1W0Bj0g/
>
> (The proposal was first written in markdown and then copied pasted to
> Google Docs, so some formatting may look ugly...)
Thanks.
>
> In the timeline section, I mention your name twice where I expect
> your input can help me speed up the work. For example, the mentioned
> paper (https://users.ece.cmu.edu/~aavgerin/papers/Oakland10.pdf) has
> a section “performance” on page 12 that lists out several solutions
> to mitigate the exponential blow up in straightforward implementation
> of symbolic execution, but the current implementation may have some
> clever tricks already (e.g., purging the states?) that some of the
> solutions may not be applicable to us.
One note on the timeline: I'm planning to take a vacation from July
1st-16th, and will only have intermittent access to a computer during
that time, but hopefully will at least be able to respond to questions.
>
> I can further polish this proposal based on your feedback. I may not
> be as responsive as you are because I have several deadlines from
> coursework every week.
I seem to have spent the whole day looking at bugzilla reports, so I
hope to look at your draft properly later in the week.
>
> > > 1. What should I do with the integration tests?
> >
> > First of all, AFAIK I'm the only person who's tried running the
> > integration tests. They're the test scripts I wrote to help me
> > validate my own patches, so there will be rough edges; please let
> > me
> > know as you run into them, so I can fix/document them.
>
> You append the path “../sarifdump” in results.py, but this path is
> not in the repo.
Sorry about this; it's this repo:
https://github.com/davidmalcolm/sarif-dump
which I'm simply checking out to a sister directory for now.
>
> > > 2. I ran gcc -fanalyzer -fanalyzer-checker=taint ./gcc-
> > > src/gcc/testsuite/gcc.dg/analyzer/pr93032-mztools-signed-char.c ,
> > > but
> > > I got different results from what you documented in PR103533:
> > >
> > > /usr/bin/ld: /lib/x86_64-linux-gnu/crt1.o: in function `_start':
> > > (.text+0x17): undefined reference to `main'
> > > collect2: error: ld returned 1 exit status
> >
> > gcc's default is to try to compile, assemble, and link into an
> > executable. This testcase doesn't have a "main" function, hence
> > the
> > linker complains. If you pass "-S", it will merely compile the .c
> > to a
> > .s assembler file whilst still running the analyzer.
> >
> > In terms of actually running the test suite via DejaGnu, see:
> > https://gcc-newbies-guide.readthedocs.io/en/latest/working-with-the-testsuite.html
> >
> > I typically use:
> >
> > make -k -jN \
> > && time make check-gcc \
> > RUNTESTFLAGS="-v -v --target_board=unix\{-m32,-m64\}
> > analyzer-torture.exp=*.c analyzer.exp=*.c"
> >
> > when testing the analyzer regression test suite, where N is the
> > number
> > of cores on my box
> >
> > When I run an individual testcase, I do something like:
> >
> > ./xgcc -B. -S -fanalyzer ../../src/PATH_TO_TEST_CASE
> >
> > in the "gcc" subdirectory of the build directory.
>
> Yeah sorry for not taking a good look at the testcase before sending
> you this question…the tips were very helpful still, thanks a lot!
>
> Under latest trunk, all the individual testcases documented in
> PR103533 compile with no error (no ICE or state explosion). I double
> checked that I did turn on -fanalyzer-checker=taint (although it is a
> bit annoying there is no error or warning when I mistyped it as -
> fanalyzer-checker=tai8nt).
> bit annoying there is no error or warning when I mistyped it as -
> fanalyzer-checker=tai8nt).
Oops, sorry about that; good catch. I've filed that as:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109220
> I also ran the test suite via DejaGNU, and there are only four
> unexpected failures (no unexpected successes) and some unsupported
> tests:
>
> ```
> FAIL: gcc.dg/analyzer/file-CWE-1341-example.c (test for excess
> errors)
> FAIL: gcc.dg/analyzer/pipe-glibc.c (test for excess errors)
> FAIL: gcc.dg/analyzer/file-CWE-1341-example.c (test for excess
> errors)
> FAIL: gcc.dg/analyzer/pipe-glibc.c (test for excess errors)
> ```
>
> (Why is the same file reported twice in the summary?)
If you're running with -m32,-m64 as above, it's running all the tests
twice: once for 32-bit, and again for 64-bit x86 targets.
>
> These testcases are not relevant for taint analysis, but indeed when
> I turned on the taint mode other checkers are suppressed without any
> warnings (I guess this should be one of the goals if we don’t manage
> to turn on the taint mode by default in the end).
Yeah, -fanalyzer-checker=NAME means "just run state machine NAME".
I've been testing the "run with taint-checking by default" via:
diff --git a/gcc/analyzer/sm.cc b/gcc/analyzer/sm.cc
index 1f329cb11d0..31bcf6e2f8e 100644
--- a/gcc/analyzer/sm.cc
+++ b/gcc/analyzer/sm.cc
@@ -188,10 +188,14 @@ make_checkers (auto_delete_vec <state_machine> &out, logger *logger)
out.safe_push (make_malloc_state_machine (logger));
out.safe_push (make_fileptr_state_machine (logger));
out.safe_push (make_fd_state_machine (logger));
+#if 1
+ out.safe_push (make_taint_state_machine (logger));
+#else
/* The "taint" checker must be explicitly enabled (as it currently
leads to state explosions that stop the other checkers working). */
if (flag_analyzer_checker)
out.safe_push (make_taint_state_machine (logger));
+#endif
out.safe_push (make_sensitive_state_machine (logger));
out.safe_push (make_signal_state_machine (logger));
out.safe_push (make_va_list_state_machine (logger));
i.e. add the taint machine to the bank of state machines already being
tracked, so that there's that many more opportunities for differences
to occur between state nodes, and thus more risk of "blow up" of the
size of the graph being explored.
I'm attaching a work-in-progress patch that I wrote for this, that does
the above, plus some other related things, but be wary that it's from
an old working copy on my hard drive: it's at least a year out of date,
judging by the copyright dates :-/
>
> Does it mean there are no small testcases that will cause state
> explosion at the moment? It is a bit tricky for me to have an
> intuition for where the problem stems when I don’t have a concrete
> example to investigate…During the project, how often do you expect we
> need to run the integration tests? I guess we run it whenever we
> don’t have a small example to work at hand, and iteratively we use
> the integration test results to construct a minimal example to fix
> the next encountered issue?
I think if you try the patch to sm.cc above, then you'll see
various existing DejaGnu tests below gcc.dg/analyzer will fail with
state explosions.
>
> By the way, I have applied for the compile farm account after the
> first email exchanges and I have been working on compile farm for a
> while now.
Excellent.
Dave
>
>
> Best,
> Shengyu
>
> P.S. There is no more `pr93032-mztools.c` in the testsuit, and the
> two files `pr93032-mztools-{simplified, signed-char, unsigned-
> char}.c` do not incur state explosion.
>
>
[-- Attachment #2: 0001-FIXME-WIP-on-enabling-taint-state-machine-by-default.patch --]
[-- Type: text/x-patch, Size: 31068 bytes --]
From ab923f680bdfabc5d66d05d078752367cac0a6f8 Mon Sep 17 00:00:00 2001
From: David Malcolm <dmalcolm@redhat.com>
Date: Thu, 2 Dec 2021 14:40:34 -0500
Subject: [PATCH] FIXME: WIP on enabling taint state machine by default (PR
analyzer/103533)
---
gcc/analyzer/sm-taint.cc | 2 +-
gcc/analyzer/sm.cc | 4 ++
gcc/doc/invoke.texi | 63 ++++---------------
.../gcc.dg/analyzer/attr-tainted_args-1.c | 3 -
gcc/testsuite/gcc.dg/analyzer/fread-1.c | 2 -
gcc/testsuite/gcc.dg/analyzer/pr104029.c | 3 -
gcc/testsuite/gcc.dg/analyzer/pr93382.c | 2 -
.../gcc.dg/analyzer/taint-CVE-2011-2210-1.c | 3 -
.../gcc.dg/analyzer/taint-CVE-2020-13143-1.c | 3 -
.../gcc.dg/analyzer/taint-CVE-2020-13143-2.c | 3 -
.../gcc.dg/analyzer/taint-CVE-2020-13143.h | 3 -
gcc/testsuite/gcc.dg/analyzer/taint-alloc-1.c | 2 -
gcc/testsuite/gcc.dg/analyzer/taint-alloc-2.c | 3 -
gcc/testsuite/gcc.dg/analyzer/taint-alloc-3.c | 3 -
gcc/testsuite/gcc.dg/analyzer/taint-alloc-4.c | 3 -
gcc/testsuite/gcc.dg/analyzer/taint-alloc-5.c | 3 -
.../gcc.dg/analyzer/taint-assert-BUG_ON.c | 3 -
.../analyzer/taint-assert-macro-expansion.c | 3 -
| 3 -
gcc/testsuite/gcc.dg/analyzer/taint-assert.c | 3 -
.../gcc.dg/analyzer/taint-divisor-1.c | 3 -
gcc/testsuite/gcc.dg/analyzer/taint-merger.c | 3 -
gcc/testsuite/gcc.dg/analyzer/taint-ops.c | 1 +
.../gcc.dg/analyzer/taint-read-index-1.c | 3 -
.../gcc.dg/analyzer/taint-read-offset-1.c | 3 -
gcc/testsuite/gcc.dg/analyzer/taint-realloc.c | 3 -
gcc/testsuite/gcc.dg/analyzer/taint-size-1.c | 3 -
.../analyzer/taint-size-access-attr-1.c | 3 +-
.../gcc.dg/analyzer/taint-write-index-1.c | 3 -
.../gcc.dg/analyzer/taint-write-offset-1.c | 3 -
.../analyzer/torture/taint-read-index-2.c | 2 -
.../analyzer/torture/taint-read-index-3.c | 2 -
.../plugin/taint-CVE-2011-0521-1-fixed.c | 2 -
.../gcc.dg/plugin/taint-CVE-2011-0521-1.c | 2 -
.../plugin/taint-CVE-2011-0521-2-fixed.c | 5 --
.../gcc.dg/plugin/taint-CVE-2011-0521-2.c | 2 -
.../plugin/taint-CVE-2011-0521-3-fixed.c | 5 --
.../gcc.dg/plugin/taint-CVE-2011-0521-3.c | 2 -
.../gcc.dg/plugin/taint-CVE-2011-0521-4.c | 4 +-
.../plugin/taint-CVE-2011-0521-5-fixed.c | 3 +-
.../gcc.dg/plugin/taint-CVE-2011-0521-5.c | 3 +-
.../gcc.dg/plugin/taint-CVE-2011-0521-6.c | 3 +-
.../gcc.dg/plugin/taint-antipatterns-1.c | 3 +-
43 files changed, 24 insertions(+), 159 deletions(-)
diff --git a/gcc/analyzer/sm-taint.cc b/gcc/analyzer/sm-taint.cc
index a2b442a4ef2..d69b05fa020 100644
--- a/gcc/analyzer/sm-taint.cc
+++ b/gcc/analyzer/sm-taint.cc
@@ -1,4 +1,4 @@
-/* An experimental state machine, for tracking "taint": unsanitized uses
+/* A state machine for tracking "taint": unsanitized uses
of data potentially under an attacker's control.
Copyright (C) 2019-2022 Free Software Foundation, Inc.
diff --git a/gcc/analyzer/sm.cc b/gcc/analyzer/sm.cc
index 1f329cb11d0..31bcf6e2f8e 100644
--- a/gcc/analyzer/sm.cc
+++ b/gcc/analyzer/sm.cc
@@ -188,10 +188,14 @@ make_checkers (auto_delete_vec <state_machine> &out, logger *logger)
out.safe_push (make_malloc_state_machine (logger));
out.safe_push (make_fileptr_state_machine (logger));
out.safe_push (make_fd_state_machine (logger));
+#if 1
+ out.safe_push (make_taint_state_machine (logger));
+#else
/* The "taint" checker must be explicitly enabled (as it currently
leads to state explosions that stop the other checkers working). */
if (flag_analyzer_checker)
out.safe_push (make_taint_state_machine (logger));
+#endif
out.safe_push (make_sensitive_state_machine (logger));
out.safe_push (make_signal_state_machine (logger));
out.safe_push (make_va_list_state_machine (logger));
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index 80d942917bd..a76e38c1c4f 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -10093,6 +10093,12 @@ Enabling this option effectively enables the following warnings:
-Wanalyzer-shift-count-negative @gol
-Wanalyzer-shift-count-overflow @gol
-Wanalyzer-stale-setjmp-buffer @gol
+-Wanalyzer-tainted-allocation-size @gol
+-Wanalyzer-tainted-array-index @gol
+-Wanalyzer-tainted-assertion @gol
+-Wanalyzer-tainted-divisor @gol
+-Wanalyzer-tainted-offset @gol
+-Wanalyzer-tainted-size @gol
-Wanalyzer-unsafe-call-within-signal-handler @gol
-Wanalyzer-use-after-free @gol
-Wanalyzer-use-of-pointer-in-stale-stack-frame @gol
@@ -10104,13 +10110,6 @@ Enabling this option effectively enables the following warnings:
-Wanalyzer-write-to-const @gol
-Wanalyzer-write-to-string-literal @gol
}
-@ignore
--Wanalyzer-tainted-allocation-size @gol
--Wanalyzer-tainted-array-index @gol
--Wanalyzer-tainted-divisor @gol
--Wanalyzer-tainted-offset @gol
--Wanalyzer-tainted-size @gol
-@end ignore
This option is only available if GCC was configured with analyzer
support enabled.
@@ -10532,8 +10531,7 @@ no longer exists, and likely lead to a crash (or worse).
@item -Wno-analyzer-tainted-allocation-size
@opindex Wanalyzer-tainted-allocation-size
@opindex Wno-analyzer-tainted-allocation-size
-This warning requires both @option{-fanalyzer} and
-@option{-fanalyzer-checker=taint} to enable it;
+This warning requires @option{-fanalyzer} which enables it;
use @option{-Wno-analyzer-tainted-allocation-size} to disable it.
This diagnostic warns for paths through the code in which a value
@@ -10548,8 +10546,7 @@ See @uref{https://cwe.mitre.org/data/definitions/789.html, CWE-789: Memory Alloc
@opindex Wanalyzer-tainted-assertion
@opindex Wno-analyzer-tainted-assertion
-This warning requires both @option{-fanalyzer} and
-@option{-fanalyzer-checker=taint} to enable it;
+This warning requires @option{-fanalyzer} which enables it;
use @option{-Wno-analyzer-tainted-assertion} to disable it.
This diagnostic warns for paths through the code in which a value
@@ -10610,8 +10607,7 @@ despite the above not being an assertion failure, strictly speaking.
@item -Wno-analyzer-tainted-array-index
@opindex Wanalyzer-tainted-array-index
@opindex Wno-analyzer-tainted-array-index
-This warning requires both @option{-fanalyzer} and
-@option{-fanalyzer-checker=taint} to enable it;
+This warning requires @option{-fanalyzer} which enables it;
use @option{-Wno-analyzer-tainted-array-index} to disable it.
This diagnostic warns for paths through the code in which a value
@@ -10624,8 +10620,7 @@ See @uref{https://cwe.mitre.org/data/definitions/129.html, CWE-129: Improper Val
@item -Wno-analyzer-tainted-divisor
@opindex Wanalyzer-tainted-divisor
@opindex Wno-analyzer-tainted-divisor
-This warning requires both @option{-fanalyzer} and
-@option{-fanalyzer-checker=taint} to enable it;
+This warning requires @option{-fanalyzer} which enables it;
use @option{-Wno-analyzer-tainted-divisor} to disable it.
This diagnostic warns for paths through the code in which a value
@@ -10638,8 +10633,7 @@ See @uref{https://cwe.mitre.org/data/definitions/369.html, CWE-369: Divide By Ze
@item -Wno-analyzer-tainted-offset
@opindex Wanalyzer-tainted-offset
@opindex Wno-analyzer-tainted-offset
-This warning requires both @option{-fanalyzer} and
-@option{-fanalyzer-checker=taint} to enable it;
+This warning requires @option{-fanalyzer} which enables it;
use @option{-Wno-analyzer-tainted-offset} to disable it.
This diagnostic warns for paths through the code in which a value
@@ -10652,8 +10646,7 @@ See @uref{https://cwe.mitre.org/data/definitions/823.html, CWE-823: Use of Out-o
@item -Wno-analyzer-tainted-size
@opindex Wanalyzer-tainted-size
@opindex Wno-analyzer-tainted-size
-This warning requires both @option{-fanalyzer} and
-@option{-fanalyzer-checker=taint} to enable it;
+This warning requires @option{-fanalyzer} which enables it;
use @option{-Wno-analyzer-tainted-size} to disable it.
This diagnostic warns for paths through the code in which a value
@@ -10897,38 +10890,6 @@ call site, and that are sufficiently complicated (as per
@opindex fanalyzer-checker
Restrict the analyzer to run just the named checker, and enable it.
-Some checkers are disabled by default (even with @option{-fanalyzer}),
-such as the @code{taint} checker that implements
-@option{-Wanalyzer-tainted-array-index}, and this option is required
-to enable them.
-
-@emph{Note:} currently, @option{-fanalyzer-checker=taint} disables the
-following warnings from @option{-fanalyzer}:
-
-@gccoptlist{ @gol
--Wanalyzer-deref-before-check @gol
--Wanalyzer-double-fclose @gol
--Wanalyzer-double-free @gol
--Wanalyzer-exposure-through-output-file @gol
--Wanalyzer-fd-access-mode-mismatch @gol
--Wanalyzer-fd-double-close @gol
--Wanalyzer-fd-leak @gol
--Wanalyzer-fd-use-after-close @gol
--Wanalyzer-fd-use-without-check @gol
--Wanalyzer-file-leak @gol
--Wanalyzer-free-of-non-heap @gol
--Wanalyzer-malloc-leak @gol
--Wanalyzer-mismatching-deallocation @gol
--Wanalyzer-null-argument @gol
--Wanalyzer-null-dereference @gol
--Wanalyzer-possible-null-argument @gol
--Wanalyzer-possible-null-dereference @gol
--Wanalyzer-unsafe-call-within-signal-handler @gol
--Wanalyzer-use-after-free @gol
--Wanalyzer-va-list-leak @gol
--Wanalyzer-va-list-use-after-va-end @gol
-}
-
@item -fno-analyzer-feasibility
@opindex fanalyzer-feasibility
@opindex fno-analyzer-feasibility
diff --git a/gcc/testsuite/gcc.dg/analyzer/attr-tainted_args-1.c b/gcc/testsuite/gcc.dg/analyzer/attr-tainted_args-1.c
index e1d87c9cece..aaae0276deb 100644
--- a/gcc/testsuite/gcc.dg/analyzer/attr-tainted_args-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/attr-tainted_args-1.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include "analyzer-decls.h"
struct arg_buf
diff --git a/gcc/testsuite/gcc.dg/analyzer/fread-1.c b/gcc/testsuite/gcc.dg/analyzer/fread-1.c
index 593cb7f4aa0..467467ee8a6 100644
--- a/gcc/testsuite/gcc.dg/analyzer/fread-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/fread-1.c
@@ -1,5 +1,3 @@
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
typedef __SIZE_TYPE__ size_t;
extern size_t fread (void *, size_t, size_t, void *);
diff --git a/gcc/testsuite/gcc.dg/analyzer/pr104029.c b/gcc/testsuite/gcc.dg/analyzer/pr104029.c
index adf15ed356f..46f1041939d 100644
--- a/gcc/testsuite/gcc.dg/analyzer/pr104029.c
+++ b/gcc/testsuite/gcc.dg/analyzer/pr104029.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
typedef __SIZE_TYPE__ size_t;
typedef const void *t_comptype;
typedef int (*t_compfunc)(t_comptype, t_comptype);
diff --git a/gcc/testsuite/gcc.dg/analyzer/pr93382.c b/gcc/testsuite/gcc.dg/analyzer/pr93382.c
index 1e6612ddc05..91eab2192ad 100644
--- a/gcc/testsuite/gcc.dg/analyzer/pr93382.c
+++ b/gcc/testsuite/gcc.dg/analyzer/pr93382.c
@@ -1,5 +1,3 @@
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
typedef __SIZE_TYPE__ size_t;
int idx;
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2011-2210-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2011-2210-1.c
index b44be993568..fa89bda6f0f 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2011-2210-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2011-2210-1.c
@@ -7,9 +7,6 @@
Fixed in 3d0475119d8722798db5e88f26493f6547a4bb5b on linux-2.6.39.y
in linux-stable. */
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include "analyzer-decls.h"
#include "test-uaccess.h"
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143-1.c
index 328c5799145..1b81c1bb1f8 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143-1.c
@@ -1,9 +1,6 @@
/* See notes in this header. */
#include "taint-CVE-2020-13143.h"
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
struct configfs_attribute {
/* [...snip...] */
ssize_t (*store)(struct config_item *, const char *, size_t) /* { dg-message "\\(1\\) field 'store' of 'struct configfs_attribute' is marked with '__attribute__\\(\\(tainted_args\\)\\)'" } */
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143-2.c b/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143-2.c
index c74a460b01e..f53e42bd6aa 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143-2.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143-2.c
@@ -1,9 +1,6 @@
/* See notes in this header. */
#include "taint-CVE-2020-13143.h"
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
struct configfs_attribute {
/* [...snip...] */
ssize_t (*store)(struct config_item *, const char *, size_t) /* { dg-message "\\(1\\) field 'store' of 'struct configfs_attribute' is marked with '__attribute__\\(\\(tainted_args\\)\\)'" } */
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143.h b/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143.h
index 0ba023539af..93f90d49013 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143.h
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-CVE-2020-13143.h
@@ -8,9 +8,6 @@
Fixed by 15753588bcd4bbffae1cca33c8ced5722477fe1f on linux-5.7.y
in linux-stable. */
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include <stddef.h>
/* Adapted from include/uapi/asm-generic/posix_types.h */
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-1.c
index cb2db6c69cf..dfb585bc613 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-1.c
@@ -1,5 +1,3 @@
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
/* { dg-require-effective-target alloca } */
#include "analyzer-decls.h"
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-2.c b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-2.c
index 72dbca5cbf0..68fbce9188c 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-2.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-2.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include "analyzer-decls.h"
#include <stdio.h>
#include <stdlib.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-3.c b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-3.c
index 80d8f0b8247..ce6a3271d2a 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-3.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-3.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include "analyzer-decls.h"
#include <stdio.h>
#include <stdlib.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-4.c b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-4.c
index bd47097b1d5..9df9422491c 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-4.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-4.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include "analyzer-decls.h"
#include <stdio.h>
#include <stdlib.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-5.c b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-5.c
index 9a159800c61..18dbff0298e 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-alloc-5.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-alloc-5.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include "analyzer-decls.h"
struct foo
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-assert-BUG_ON.c b/gcc/testsuite/gcc.dg/analyzer/taint-assert-BUG_ON.c
index 8aef0a44a6d..328940d2983 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-assert-BUG_ON.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-assert-BUG_ON.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
/* We need this, otherwise the warnings are emitted inside the macros, which
makes it hard to write the DejaGnu directives. */
/* { dg-additional-options " -ftrack-macro-expansion=0" } */
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-assert-macro-expansion.c b/gcc/testsuite/gcc.dg/analyzer/taint-assert-macro-expansion.c
index 24b175a0973..78357ae62b8 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-assert-macro-expansion.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-assert-macro-expansion.c
@@ -2,9 +2,6 @@
-Wanalyzer-tainted-assertion with macro-tracking enabled
(the default). */
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
/* { dg-additional-options "-fdiagnostics-show-path-depths" } */
/* { dg-additional-options "-fdiagnostics-path-format=inline-events -fdiagnostics-show-caret" } */
--git a/gcc/testsuite/gcc.dg/analyzer/taint-assert-system-header.c b/gcc/testsuite/gcc.dg/analyzer/taint-assert-system-header.c
index a65853c7886..bd47ab79188 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-assert-system-header.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-assert-system-header.c
@@ -3,9 +3,6 @@
(the default), where the assertion macro is defined in
a system header. */
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
/* { dg-additional-options "-fdiagnostics-show-path-depths" } */
/* { dg-additional-options "-fdiagnostics-path-format=inline-events -fdiagnostics-show-caret" } */
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-assert.c b/gcc/testsuite/gcc.dg/analyzer/taint-assert.c
index b09f8c51a16..855ed5f705f 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-assert.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-assert.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
/* We need this, otherwise the warnings are emitted inside the macros, which
makes it hard to write the DejaGnu directives. */
/* { dg-additional-options " -ftrack-macro-expansion=0" } */
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-divisor-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-divisor-1.c
index b7c1faef1c4..438a2095382 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-divisor-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-divisor-1.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include "analyzer-decls.h"
#include <stdio.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-merger.c b/gcc/testsuite/gcc.dg/analyzer/taint-merger.c
index e4e48f3db03..b7d562b9704 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-merger.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-merger.c
@@ -1,6 +1,3 @@
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-// TODO: remove need for this option
-
#include "analyzer-decls.h"
int v_start;
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-ops.c b/gcc/testsuite/gcc.dg/analyzer/taint-ops.c
index 729dbe53a0c..753500d5693 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-ops.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-ops.c
@@ -2,6 +2,7 @@
// TODO: remove need for this option
/* This test can probably be removed when -fanalyzer enables
the taint checker by default. */
+// FIXME: remove it?
#include "analyzer-decls.h"
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-read-index-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-read-index-1.c
index 71c0816fd1f..1ec78b52629 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-read-index-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-read-index-1.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-read-offset-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-read-offset-1.c
index 6db59bcc615..bb5d0930cdb 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-read-offset-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-read-offset-1.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-realloc.c b/gcc/testsuite/gcc.dg/analyzer/taint-realloc.c
index bd0ed0010fb..27e36afea64 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-realloc.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-realloc.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include "analyzer-decls.h"
#include <stdio.h>
#include <stdlib.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-size-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-size-1.c
index 0b166f7a86a..e0fa3fb0cb3 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-size-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-size-1.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include "analyzer-decls.h"
#include <stdio.h>
#include <stdlib.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-size-access-attr-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-size-access-attr-1.c
index 7d243a9570f..d4da3d77fa1 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-size-access-attr-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-size-access-attr-1.c
@@ -1,8 +1,7 @@
/* Passing tainted sizes to external functions with attribute ((access)) with
a size-index. */
-// TODO: remove need for the explicit taint option:
-/* { dg-additional-options "-fanalyzer-checker=taint -fanalyzer-show-duplicate-count" } */
+/* { dg-additional-options "-fanalyzer-show-duplicate-count" } */
#include "analyzer-decls.h"
#include <stdio.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-write-index-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-write-index-1.c
index cc7ab1ca4f6..62222069578 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-write-index-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-write-index-1.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/taint-write-offset-1.c b/gcc/testsuite/gcc.dg/analyzer/taint-write-offset-1.c
index d0df6220315..21794ce4cf8 100644
--- a/gcc/testsuite/gcc.dg/analyzer/taint-write-offset-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/taint-write-offset-1.c
@@ -1,6 +1,3 @@
-// TODO: remove need for this option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
diff --git a/gcc/testsuite/gcc.dg/analyzer/torture/taint-read-index-2.c b/gcc/testsuite/gcc.dg/analyzer/torture/taint-read-index-2.c
index b3dc177cb14..81421330e8d 100644
--- a/gcc/testsuite/gcc.dg/analyzer/torture/taint-read-index-2.c
+++ b/gcc/testsuite/gcc.dg/analyzer/torture/taint-read-index-2.c
@@ -1,5 +1,3 @@
-// TODO: remove need for the taint option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
/* { dg-skip-if "" { *-*-* } { "-fno-fat-lto-objects" } { "" } } */
#define LOWER_LIMIT 5
diff --git a/gcc/testsuite/gcc.dg/analyzer/torture/taint-read-index-3.c b/gcc/testsuite/gcc.dg/analyzer/torture/taint-read-index-3.c
index 8eb6061a08b..86bdedede7e 100644
--- a/gcc/testsuite/gcc.dg/analyzer/torture/taint-read-index-3.c
+++ b/gcc/testsuite/gcc.dg/analyzer/torture/taint-read-index-3.c
@@ -1,5 +1,3 @@
-// TODO: remove need for the taint option:
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
/* { dg-skip-if "" { *-*-* } { "-fno-fat-lto-objects" } { "" } } */
struct raw_ep {
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1-fixed.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1-fixed.c
index 0ca8137c3ef..7ca0c8ee48b 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1-fixed.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1-fixed.c
@@ -1,6 +1,4 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1.c
index cde12b3b761..6aa62a30e42 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-1.c
@@ -1,6 +1,4 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2-fixed.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2-fixed.c
index 8a211cefe4e..b962e9dfb79 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2-fixed.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2-fixed.c
@@ -1,14 +1,9 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
#include "taint-CVE-2011-0521.h"
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
/* Adapted from drivers/media/dvb/ttpci/av7110_ca.c */
int dvb_ca_ioctl(struct file *file, unsigned int cmd, void *parg)
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2.c
index 30cab38e002..70bb4b35320 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-2.c
@@ -1,6 +1,4 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3-fixed.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3-fixed.c
index b7852b40dcf..df8ba5b4e27 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3-fixed.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3-fixed.c
@@ -1,14 +1,9 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
#include "taint-CVE-2011-0521.h"
-// TODO: remove need for this option
-/* { dg-additional-options "-fanalyzer-checker=taint" } */
-
/* Adapted from drivers/media/dvb/ttpci/av7110_ca.c */
int dvb_ca_ioctl(struct file *file, unsigned int cmd, void *parg)
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3.c
index 6b9e034eea7..183348faa71 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-3.c
@@ -1,6 +1,4 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-4.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-4.c
index f314c64ce70..3a0e1ff76ca 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-4.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-4.c
@@ -1,8 +1,6 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
// TODO: remove need for --param=analyzer-max-svalue-depth=25 here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint --param=analyzer-max-svalue-depth=25" } */
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint" } */
+/* { dg-options "-fanalyzer --param=analyzer-max-svalue-depth=25" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-5-fixed.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-5-fixed.c
index 8cb067c6542..c22d1481900 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-5-fixed.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-5-fixed.c
@@ -1,7 +1,6 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
// TODO: remove need for --param=analyzer-max-svalue-depth=25 here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint --param=analyzer-max-svalue-depth=25" } */
+/* { dg-options "-fanalyzer --param=analyzer-max-svalue-depth=25" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-5.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-5.c
index 4ce047902d3..66f334a61a1 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-5.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-5.c
@@ -1,7 +1,6 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
// TODO: remove need for --param=analyzer-max-svalue-depth=25 here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint --param=analyzer-max-svalue-depth=25" } */
+/* { dg-options "-fanalyzer --param=analyzer-max-svalue-depth=25" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-6.c b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-6.c
index c54af790a56..5af799158b1 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-6.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-CVE-2011-0521-6.c
@@ -1,7 +1,6 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
// TODO: remove need for --param=analyzer-max-svalue-depth=25 here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint --param=analyzer-max-svalue-depth=25" } */
+/* { dg-options "-fanalyzer --param=analyzer-max-svalue-depth=25" } */
/* { dg-require-effective-target analyzer } */
/* See notes in this header. */
diff --git a/gcc/testsuite/gcc.dg/plugin/taint-antipatterns-1.c b/gcc/testsuite/gcc.dg/plugin/taint-antipatterns-1.c
index 6bb6f1be25c..cdd9a4f1f50 100644
--- a/gcc/testsuite/gcc.dg/plugin/taint-antipatterns-1.c
+++ b/gcc/testsuite/gcc.dg/plugin/taint-antipatterns-1.c
@@ -1,6 +1,5 @@
/* { dg-do compile } */
-// TODO: remove need for -fanalyzer-checker=taint here:
-/* { dg-options "-fanalyzer -fanalyzer-checker=taint" } */
+/* { dg-options "-fanalyzer" } */
/* { dg-require-effective-target analyzer } */
#include "test-uaccess.h"
--
2.26.3
next prev parent reply other threads:[~2023-03-20 22:50 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-21 21:26 [GSoC][Static Analyzer] Some questions and request for a small patch to work on Shengyu Huang
2023-02-21 22:55 ` David Malcolm
2023-02-22 14:03 ` Jonathan Wakely
2023-02-23 11:17 ` James K. Lowden
2023-02-23 16:30 ` Jonathan Wakely
2023-02-22 14:11 ` Shengyu Huang
2023-02-22 14:53 ` Iain Sandoe
2023-02-22 15:13 ` Iain Sandoe
2023-02-27 13:35 ` Shengyu Huang
2023-02-27 13:45 ` Iain Sandoe
2023-02-27 13:51 ` Shengyu Huang
2023-02-27 13:49 ` Iain Sandoe
2023-02-27 14:01 ` Floyd, Paul
2023-02-22 15:43 ` David Malcolm
2023-02-28 9:18 ` Shengyu Huang
2023-02-28 23:59 ` David Malcolm
2023-03-01 11:16 ` Shengyu Huang
2023-03-01 13:48 ` David Malcolm
2023-02-28 14:46 ` [GSoC][Static Analyzer] Ideas for proposal Shengyu Huang
2023-03-01 0:22 ` David Malcolm
2023-03-12 22:20 ` Shengyu Huang
2023-03-13 15:51 ` David Malcolm
2023-03-20 17:28 ` [GSoC][Static Analyzer] First proposal draft and a few more questions/requests Shengyu Huang
2023-03-20 22:50 ` David Malcolm [this message]
2023-03-26 16:03 ` Shengyu Huang
2023-03-26 17:14 ` David Malcolm
2023-03-26 21:46 ` Shengyu Huang
2023-04-01 14:19 ` Shengyu Huang
2023-04-02 22:53 ` David Malcolm
2023-04-03 0:02 ` Shengyu Huang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ee09b4ada93cecf1d34422f432119fd6c4baf758.camel@redhat.com \
--to=dmalcolm@redhat.com \
--cc=gcc@gcc.gnu.org \
--cc=kumom.huang@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).