23 improve default tool configuration and expose all supported parameters in the config file

CMakeLists.txt

@@ -107,3 +107,24 @@ add_custom_target(format-check
   COMMAND "${CMAKE_CURRENT_SOURCE_DIR}/scripts/format-check.sh"
   WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
   COMMENT "Verify clang-format compliance")
+
+# ============
+#    TESTS
+# ============
+enable_testing()
+
+add_executable(ctrace_config_tests
+    tests/config_parser_tests.cpp
+    src/App/ToolConfig.cpp
+    src/App/Config.cpp
+    src/ArgumentParser/BaseArgumentParser.cpp
+    src/ArgumentParser/ArgumentManager.cpp
+    src/ArgumentParser/ArgumentParserFactory.cpp
+    src/ArgumentParser/CLI11/CLI11ArgumentParser.cpp
+    src/ArgumentParser/GetOpt/GetoptArgumentParser.cpp
+    src/ctrace_tools/strings.cpp
+)
+
+target_link_libraries(ctrace_config_tests PRIVATE nlohmann_json::nlohmann_json coretrace::logger)
+
+add_test(NAME ctrace_config_tests COMMAND ctrace_config_tests)

README.md

@@ -53,17 +53,34 @@ Usage:
 Options:
   --help                   Displays this help message.
   --verbose                Enables detailed (verbose) output.
+  --quiet                  Suppresses non-essential output.
   --sarif-format           Generates a report in SARIF format.
   --report-file <path>     Specifies the path to the report file (default: ctrace-report.txt).
   --output-file <path>     Specifies the output file for the analysed binary (default: ctrace.out).
   --entry-points <names>   Sets the entry points for analysis (default: main). Accepts a comma-separated list.
+  --config <path>          Loads settings from a JSON config file.
+  --compile-commands <path> Path to compile_commands.json for tools that support it.
+  --include-compdb-deps    Includes dependency entries (e.g. _deps) when auto-loading files from compile_commands.json.
+  --analysis-profile <p>   Stack analyzer profile: fast|full.
+  --smt <on|off>           Enables/disables SMT refinement in stack analyzer.
+  --smt-backend <name>     Primary SMT backend (e.g. z3, interval).
+  --smt-secondary-backend <name> Secondary backend for multi-solver modes.
+  --smt-mode <mode>        SMT mode: single|portfolio|cross-check|dual-consensus.
+  --smt-timeout-ms <n>     SMT timeout in milliseconds.
+  --smt-budget-nodes <n>   SMT node budget per query.
+  --smt-rules <list>       Comma-separated SMT-enabled rules.
+  --resource-model <path>  Path to the resource lifetime model for stack analyzer.
+  --escape-model <path>    Path to the stack escape model for stack analyzer.
+  --buffer-model <path>    Path to the buffer overflow model for stack analyzer.
+  --timing                 Enables stack analyzer timing output.
+  --demangle               Displays demangled function names in supported tools.
   --static                 Enables static analysis.
   --dyn                    Enables dynamic analysis.
   --invoke <tools>         Invokes specific tools (comma-separated).
-                           Available tools: flawfinder, ikos, cppcheck, tscancode.
+                           Available tools: flawfinder, ikos, cppcheck, tscancode, ctrace_stack_analyzer.
   --input <files>          Specifies the source files to analyse (comma-separated).
-  --ipc <method>           IPC method: standardIO, socket, or serve.
-  --ipc-path <path>        IPC path (default: /tmp/coretrace_ipc).
+  --ipc <method>           Specifies the IPC method to use (e.g., fifo, socket).
+  --ipc-path <path>        Specifies the IPC path (default: /tmp/coretrace_ipc).
   --serve-host <host>      HTTP server host when --ipc=serve.
   --serve-port <port>      HTTP server port when --ipc=serve.
   --shutdown-token <tok>   Token required for POST /shutdown (server mode).
@@ -80,6 +97,12 @@ Description:
   and memory misuse.
 ```
 
+### CONFIGURATION
+
+- Canonical default config: `config/tool-config.json`
+- Full schema and semantics: `docs/configuration.md`
+- Precedence: built-in defaults < config file < CLI
+
 ```bash
 ./ctrace --input ../tests/EmptyForStatement.cc --entry-points=main --verbose --static --dyn
 ```

TODO.md

@@ -0,0 +1,21 @@
+# TODO
+
+## Stack Analyzer Summary Debt
+
+- [ ] Expose a structured diagnostics summary in `ctrace::stack::app::RunResult` from `coretrace-stack-analyzer`.
+  - Add `info`, `warning`, and `error` counters in the tool result contract.
+  - Compute the summary once from final filtered diagnostics inside the analyzer core.
+  - Keep output strategies (`human`, `json`, `sarif`) focused on serialization only.
+  - Make `coretrace` consume `RunResult.summary` as the primary source.
+  - Remove text/JSON/SARIF parsing fallback in `StackAnalyzerToolImplementation.cpp` after migration.
+  - Add compatibility notes and tests for mixed versions during transition.
+
+## Interprocedural Ownership Path Analysis Debt
+
+- [ ] Implement interprocedural ownership tracking that follows each abstract object/pointer through control-flow paths up to release/destructor points.
+  - Build an interprocedural CFG (call/return edges) and run a forward dataflow typestate analysis.
+  - Track per-object states (`Owned`, `Transferred`, `Released`, `Escaped`, `Unknown`) keyed by allocation/wrapper origins.
+  - Introduce transfer semantics (`transfer_arg` / adopt ownership) to model delayed-release patterns (GC/wrapper handoff).
+  - Use function summaries to scale cross-TU propagation while preserving precision on ownership effects.
+  - Report `MissingRelease`, `DoubleRelease`, `UseAfterRelease`, and `ReleasedHandleEscapes` from path-feasible states.
+  - Add regression tests for wrapper allocators, GC registration APIs, destructor-backed cleanup, and mixed modeled/unmodeled calls.

cmake/stackUsageAnalyzer.cmake

@@ -3,7 +3,15 @@ include(FetchContent)
 FetchContent_Declare(
   stack_analyzer
   GIT_REPOSITORY https://github.com/CoreTrace/coretrace-stack-analyzer.git
-  GIT_TAG main
+  GIT_TAG v0.17.0
 )
 
 FetchContent_MakeAvailable(stack_analyzer)
+
+# Copy upstream default models into config/models/ so that tool-config.json
+# can reference them with paths relative to the config directory, without
+# ever pointing into _deps/.
+# Custom model files already present in config/models/ are not affected
+# (they live at the root of the directory, upstream models are in subdirs).
+file(COPY "${stack_analyzer_SOURCE_DIR}/models/"
+     DESTINATION "${CMAKE_SOURCE_DIR}/config/models")

config/models/.gitignore

@@ -0,0 +1,6 @@
+# Upstream default models — generated at CMake configure time from _deps/.
+# Do not commit: they are copied from coretrace-stack-analyzer via FetchContent.
+# Custom model files at this level (e.g. resource-lifetime-gc-temp.txt) are NOT ignored.
+resource-lifetime/
+buffer-overflow/
+stack-escape/

config/tool-config.json

@@ -1,24 +1,90 @@
 {
-  "invoke": [
-    "ctrace_stack_analyzer"
-  ],
+  "schema_version": 1,
+  "analysis": {
+    "static": false,
+    "dynamic": false,
+    "invoke": [
+      "ctrace_stack_analyzer"
+    ]
+  },
+  "files": {
+    "input": [],
+    "entry_points": [
+    ],
+    "compile_commands": "",
+    "include_compdb_deps": false
+  },
+  "output": {
+    "sarif_format": false,
+    "report_file": "coretrace-results.json",
+    "output_file": "ctrace.out",
+    "verbose": false,
+    "quiet": false,
+    "demangle": true
+  },
+  "runtime": {
+    "async": false,
+    "ipc": "standardIO",
+    "ipc_path": "/tmp/coretrace_ipc"
+  },
+  "server": {
+    "host": "127.0.0.1",
+    "port": 8080,
+    "shutdown_token": "",
+    "shutdown_timeout_ms": 0
+  },
   "stack_analyzer": {
+    "mode": "ir",
+    "output_format": "json",
+    "config": "",
+    "print_effective_config": false,
     "compile_commands": "",
     "include_compdb_deps": false,
-    "analysis-profile": "full",
-    "timing": true,
+    "compdb_fast": false,
+    "jobs": "",
+    "include_dirs": [],
+    "defines": [],
+    "compile_args": [],
+    "entry_points": [
+    ],
+    "only_functions": [],
+    "only_files": [],
+    "only_dirs": [],
+    "exclude_dirs": [],
+    "analysis_profile": "full",
     "smt": "on",
-    "smt-backend": "z3",
-    "smt-secondary-backend": "single",
-    "smt-mode": "single",
-    "smt-timeout-ms": 80,
-    "smt-rules": ["recursion","integer-overflow","size-minus-k","stack-buffer","oob-read","type-confusion"],
-    "entry_points": [],
-    "demangle": true,
-    "quiet": false,
+    "smt_backend": "z3",
+    "smt_secondary_backend": "",
+    "smt_mode": "single",
+    "smt_timeout_ms": 80,
+    "smt_budget_nodes": 20000,
+    "smt_rules": [
+      "recursion",
+      "integer-overflow",
+      "size-minus-k",
+      "stack-buffer",
+      "oob-read",
+      "type-confusion"
+    ],
+    "resource_model": "models/resource-lifetime/generic.txt",
+    "escape_model": "models/stack-escape/generic.txt",
+    "buffer_model": "models/buffer-overflow/generic.txt",
+    "resource_cross_tu": true,
+    "uninitialized_cross_tu": true,
+    "resource_summary_cache_dir": ".cache/resource-lifetime",
+    "resource_summary_cache_memory_only": false,
+    "compile_ir_cache_dir": "",
+    "compile_ir_format": "bc",
+    "include_stl": false,
     "stack_limit": 8388608,
-    "resource_model": "../../coretrace-stack-analyzer/models/resource-lifetime/generic.txt",
-    "escape_model": "../../coretrace-stack-analyzer/models/stack-escape/generic.txt",
-    "buffer_model": "../../coretrace-stack-analyzer/models/buffer-overflow/generic.txt"
+    "base_dir": "",
+    "dump_filter": false,
+    "dump_ir": "",
+    "verbose": false,
+    "demangle": true,
+    "quiet": true,
+    "timing": false,
+    "warnings_only": false,
+    "extra_args": []
   }
 }