Merge branch 'diffblue:develop' into develop

Author: yvizel

.clang-format-ignore

@@ -1,3 +1,4 @@
 jbmc/src/miniz/miniz.cpp
+jbmc/src/miniz/miniz.h
 src/cprover/wcwidth.c
 unit/catch/catch.hpp

.github/workflows/doxygen-check.yaml

@@ -8,7 +8,7 @@ jobs:
   check-doxygen:
     # Note that the versions used for this `check-doxygen` job should be kept in
     # sync with the `publish` job.
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v4
     - name: Fetch dependencies

.github/workflows/publish.yaml

@@ -6,31 +6,28 @@ jobs:
   publish:
     # Note that the versions used for this `publish` job should be kept in sync
     # with the `check-doxygen` job.
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
 
       - name: Install doxygen
         run: |
           sudo apt update
-          sudo apt install doxygen graphviz pandoc npm
-
-      - name: Install python modules
-        run: sudo python3 -m pip install gitpython pandocfilters
+          sudo apt-get install --no-install-recommends -y doxygen graphviz pandoc npm python3-git python3-pandocfilters
 
       - name: Install mermaid diagram filter
         run: |
           git clone https://github.com/raghur/mermaid-filter/
           cd mermaid-filter
-          sed -i '1s/{/{ "overrides": { "puppeteer": "^21" },/' package.json
-          sed -i '1s/^\/\/ //' index.js
           npm install --loglevel verbose
           sudo npm link --loglevel verbose
           cd ..
 
       - name: Build documentation
-        run: cd doc/doxygen-root && make && touch html/.nojekyll
+        run: |
+          echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns
+          cd doc/doxygen-root && make && touch html/.nojekyll
 
       - name: Publish documentation
         if: ${{ github.event_name == 'push' && startsWith('refs/heads/develop', github.ref) }}

CODEOWNERS

@@ -24,7 +24,7 @@
 /src/langapi/ @kroening @tautschnig @peterschrammel
 /src/xmllang/ @kroening @tautschnig @peterschrammel
 /src/solvers/flattening @martin-cs @kroening @tautschnig @peterschrammel
-/src/solvers/floatbv @martin-cs @kroening
+/src/solvers/floatbv @martin-cs @kroening @peterschrammel
 /src/solvers/miniBDD @tautschnig @kroening
 /src/solvers/prop @martin-cs @kroening @tautschnig @peterschrammel
 /src/solvers/sat @martin-cs @kroening @tautschnig @peterschrammel
@@ -43,13 +43,13 @@
 /jbmc/src/java_bytecode/ @peterschrammel @TGWDB
 /src/analyses/ @martin-cs @peterschrammel
 /src/pointer-analysis/ @martin-cs @peterschrammel
-/src/libcprover-cpp @esteffin @TGWDB @peterschrammel
-/src/libcprover-rust @TGWDB @peterschrammel @esteffin
+/src/libcprover-cpp @TGWDB @peterschrammel
+/src/libcprover-rust @TGWDB @peterschrammel
 
 # These files change frequently and changes are medium-risk
 
 /src/goto-analyzer/ @martin-cs @peterschrammel
-/src/goto-bmc/ @esteffin @TGWDB @peterschrammel
+/src/goto-bmc/ @TGWDB @peterschrammel
 /src/goto-harness/ @martin-cs @peterschrammel
 /src/goto-instrument/ @martin-cs @peterschrammel @tautschnig @kroening
 /src/goto-instrument/contracts/ @tautschnig @feliperodri @remi-delmas-3000
@@ -62,8 +62,8 @@
 /jbmc/src/jdiff/ @peterschrammel
 /src/cpp/ @kroening @tautschnig @peterschrammel
 /src/solvers/smt2 @kroening @martin-cs @peterschrammel @TGWDB
-/src/solvers/smt2_incremental @peterschrammel @thomasspriggs @TGWDB @esteffin
-/src/solvers/Makefile @kroening @tautschnig @peterschrammel @TGWDB @esteffin
+/src/solvers/smt2_incremental @peterschrammel @thomasspriggs @TGWDB
+/src/solvers/Makefile @kroening @tautschnig @peterschrammel @TGWDB
 /src/statement-list/ @kroening @tautschnig @peterschrammel
 
 /cmake/        @diffblue/diffblue-opensource

doc/API/util/piped_process.md

@@ -1,6 +1,7 @@
-\page piped-process `src/util/piped_process.{cpp, h}`
+\page piped-process The `piped_process` API
 
-To utilise the `piped_process` API for interprocess communication with any binary:
+To utilise the `piped_process` API (`src/util/piped_process.{cpp, h}`) for
+interprocess communication with any binary:
 
 * You need to initialise it by calling the construct `piped_processt("binary with args")`.
   * If IPC fails before child process creation, you will get a `system_exceptiont`.

doc/architectural/front-page.md

@@ -54,7 +54,7 @@ license</a>.
 Overview of Documentation
 =======
 
-### For users:
+## For users:
 
 * The [CPROVER User Manual](http://www.cprover.org/cprover-manual/) details the
   capabilities of CBMC and describes how to install and use these tools. It
@@ -68,7 +68,7 @@ you can access it <a href=
 * \subpage memory-bounds-checking
 * \subpage satabs
 
-### For contributors:
+## For contributors:
 
 The following pages attempt to provide the information that a developer needs to
 work on CBMC, in a sensible order. In many cases they link to the appropriate

doc/architectural/goto-program-transformations.md

@@ -176,7 +176,7 @@ This pass adds failed symbols to the symbol table. See
 `src/pointer-analysis/add_failed_symbols.h` for details. The implementation of
 this pass is called via \ref add_failed_symbols(symbol_table_baset &) . The
 purpose of failed symbols is explained in the documentation of the function \ref
-goto_symext::dereference(exprt &, statet &, bool)
+goto_symext::dereference(exprt &, goto_symex_statet &, bool)
 
 <em>Predecessor pass is \ref update-transform or the optional \ref
 nondet-transform if it is being used.</em>

doc/assets/xml_spec.md

@@ -475,7 +475,7 @@ The path from the input C code to XML trace goes through the following
 steps:\
 `C` → `GOTO` → `SSA` → `GOTO Trace` → `XML Trace`
 
-#### SSA to GOTO Trace
+### SSA to GOTO Trace
 
 SSA steps are sorted by clocks and the following steps are skipped: PHI,
 GUARD assignments; shared-read, shared-write, constraint, spawn,

doc/man/cbmc.1

@@ -334,6 +334,13 @@ set malloc failure mode to return null
 \fB\-\-string\-abstraction\fR
 track C string lengths and zero\-termination
 .TP
+\fB\-\-dfcc\-debug\-lib\fR
+enable debug assertions in the cprover contracts library
+.TP
+\fB\-\-dfcc\-simple\-invalid\-pointer\-model\fR
+use simplified invalid pointer model in the cprover contracts library
+(faster, unsound)
+.TP
 \fB\-\-reachability\-slice\fR
 remove instructions that cannot appear on a trace
 from entry point to a property

doc/man/goto-analyzer.1

@@ -409,6 +409,9 @@ perform taint analysis using rules in given file
 \fB\-\-show\-taint\fR
 print taint analysis results on stdout
 .TP
+\fB\-\-show\-local\-bitvector\fR
+perform procedure\-local bitvector analysis
+.TP
 \fB\-\-show\-local\-may\-alias\fR
 perform procedure\-local may alias analysis
 .SS "C/C++ frontend options:"
@@ -582,6 +585,13 @@ set malloc failure mode to return null
 .TP
 \fB\-\-string\-abstraction\fR
 track C string lengths and zero\-termination
+.TP
+\fB\-\-dfcc\-debug\-lib\fR
+enable debug assertions in the cprover contracts library
+.TP
+\fB\-\-dfcc\-simple\-invalid\-pointer\-model\fR
+use simplified invalid pointer model in the cprover contracts library
+(faster, unsound)
 .SS "Standard Checks"
 From version \fB6.0\fR onwards, \fBcbmc\fR, \fBgoto-analyzer\fR and some other tools
 apply some checks to the program by default (called the "standard checks"), with the