analyzer: track dynamic extents of regions

This patch extends region_model to add tracking of the sizes of
dynamically-allocated regions, both on the heap (via malloc etc) and
stack (via alloca).  It adds enough purging of this state to avoid
blowing up any existing analyzer test cases.

The state can be queried via a new "__analyzer_dump_capacity" for use
in DejaGnu tests but other than that doesn't do anything - I have
various followup experiments that make use of this.

gcc/analyzer/ChangeLog:
	* engine.cc (exploded_node::on_stmt): Handle __analyzer_dump_capacity.
	(exploded_node::on_stmt): Drop m_sm_changes from on_stmt_flags.
	(state_change_requires_new_enode_p): New function...
	(exploded_graph::process_node): Call it, rather than querying
	flags.m_sm_changes, so that dynamic-extent differences can also
	trigger the splitting of nodes.
	* exploded-graph.h (struct on_stmt_flags): Drop field m_sm_changes.
	* program-state.cc (program_state::detect_leaks): Purge dead
	heap-allocated regions from dynamic extents.
	(selftest::test_program_state_1): Fix type of "size_in_bytes".
	(selftest::test_program_state_merging): Likewise.
	* region-model-impl-calls.cc
	(region_model::impl_call_analyzer_dump_capacity): New.
	(region_model::impl_call_free): Remove dynamic extents from the
	freed region.
	* region-model-reachability.h
	(reachable_regions::begin_mutable_base_regs): New.
	(reachable_regions::end_mutable_base_regs): New.
	* region-model.cc: Include "tree-object-size.h".
	(region_model::region_model): Support new field m_dynamic_extents.
	(region_model::operator=): Likewise.
	(region_model::operator==): Likewise.
	(region_model::dump_to_pp): Dump sizes of dynamic regions.
	(region_model::handle_unrecognized_call): Purge dynamic extents
	from any regions that have escaped mutably:.
	(region_model::get_capacity): New function.
	(region_model::add_constraint): Unset dynamic extents when a
	heap-allocated region's address is NULL.
	(region_model::unbind_region_and_descendents): Purge dynamic
	extents of unbound regions.
	(region_model::can_merge_with_p): Call
	m_dynamic_extents.can_merge_with_p.
	(region_model::create_region_for_heap_alloc): Assert that
	size_in_bytes's type is compatible with size_type_node.  Update
	for renaming of record_dynamic_extents to set_dynamic_extents.
	(region_model::create_region_for_alloca): Likewise.
	(region_model::record_dynamic_extents): Rename to...
	(region_model::set_dynamic_extents): ...this.  Assert that
	size_in_bytes's type is compatible with size_type_node.  Add it
	to the m_dynamic_extents map.
	(region_model::get_dynamic_extents): New.
	(region_model::unset_dynamic_extents): New.
	(selftest::test_state_merging): Fix type of "size".
	(selftest::test_malloc_constraints): Likewise.
	(selftest::test_malloc): Verify dynamic extents.
	(selftest::test_alloca): Likewise.
	* region-model.h (region_to_value_map::is_empty): New.
	(region_model::dynamic_extents_t): New typedef.
	(region_model::impl_call_analyzer_dump_capacity): New decl.
	(region_model::get_dynamic_extents): New function.
	(region_model::get_dynamic_extents): New decl.
	(region_model::set_dynamic_extents): New decl.
	(region_model::unset_dynamic_extents): New decl.
	(region_model::get_capacity): New decl.
	(region_model::record_dynamic_extents): Rename to set_dynamic_extents.
	(region_model::m_dynamic_extents): New field.

gcc/ChangeLog:
	* doc/analyzer.texi
	(Special Functions for Debugging the Analyzer): Add
	__analyzer_dump_capacity.

gcc/testsuite/ChangeLog:
	* gcc.dg/analyzer/analyzer-decls.h (__analyzer_dump_capacity): New decl.
	* gcc.dg/analyzer/capacity-1.c: New test.
	* gcc.dg/analyzer/capacity-2.c: New test.
	* gcc.dg/analyzer/capacity-3.c: New test.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>