https://github.com/steakhal updated https://github.com/llvm/llvm-project/pull/76446
>From a4a8704644067a7cf81bee601e4898bbc6b9d289 Mon Sep 17 00:00:00 2001 From: Balazs Benics <benicsbal...@gmail.com> Date: Wed, 27 Dec 2023 14:13:08 +0100 Subject: [PATCH 1/9] [analyzer][docs] Update the release notes for llvm-18 --- clang/docs/ReleaseNotes.rst | 108 +++++++++++++++++++++++++++++++++--- 1 file changed, 101 insertions(+), 7 deletions(-) diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst index ee211c16a48ac8..17b6e285a89ca2 100644 --- a/clang/docs/ReleaseNotes.rst +++ b/clang/docs/ReleaseNotes.rst @@ -1052,18 +1052,92 @@ libclang Static Analyzer --------------- +- Implemented the ``[[clang::suppress]]`` attribute for suppressing diagnostics + of static analysis tools, such as the Clang Static Analyzer. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. + +- Added a new experimental checker ``alpha.core.StdVariant`` to detect variant + accesses via wrong alternatives. + (`#66481 <https://github.com/llvm/llvm-project/pull/66481>`_) + +- Added a new experimental checker ``alpha.cplusplus.ArrayDelete`` to detect + destructions of arrays of polymorphic objects that are destructed as their + base class (`CERT EXP51-CPP <https://wiki.sei.cmu.edu/confluence/display/cplusplus/EXP51-CPP.+Do+not+delete+an+array+through+a+pointer+of+the+incorrect+type>`_). + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#alpha-cplusplus-arraydelete-c>`__. + (`0e246bb67573 <https://github.com/llvm/llvm-project/commit/0e246bb67573799409d0085b89902a330998ddcc>`_) + - Added a new checker ``core.BitwiseShift`` which reports situations where bitwise shift operators produce undefined behavior (because some operand is negative or too large). + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#core-bitwiseshift-c-c>`__. + +- Support "Deducing this" (P0847R7). (Worked out of the box) + (`af4751738db8 <https://github.com/llvm/llvm-project/commit/af4751738db89a142a8880c782d12d4201b222a8>`__) - Move checker ``alpha.unix.Errno`` out of the ``alpha`` package to ``unix.Errno``. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-errno-c>`__. - Move checker ``alpha.unix.StdCLibraryFunctions`` out of the ``alpha`` package to ``unix.StdCLibraryFunctions``. +- Added a new checker configuration option to + ``alpha.security.cert.InvalidPtrChecker``. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. + (`#67663 <https://github.com/llvm/llvm-project/pull/67663>`_) + +- Move checker ``alpha.security.cert.env.InvalidPtr`` out of the ``alpha`` + package to ``security.cert.env.InvalidPtr``. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. + +- Move checker ``alpha.cplusplus.EnumCastOutOfRange`` out of the ``alpha`` + package to ``optin.core.EnumCastOutOfRange``. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#optin-core-enumcastoutofrange-c-c>`__. + +- Improved the diagnostics of the ``optin.core.EnumCastOutOfRange`` checker. + It will display the name and the declaration of the enumeration along with + the concrete value being cast to the enum. + (`#74503 <https://github.com/llvm/llvm-project/pull/74503>`_) + +- Improved the ``ArrayBoundV2`` checker for detecting buffer accesses prior + the buffer; and also reworked the diagnostic messages. + (`3e014038b373 <https://github.com/llvm/llvm-project/commit/3e014038b373e5a4a96d89d46cea17e4d2456a04>`_, + `#70056 <https://github.com/llvm/llvm-project/pull/70056>`_, + `#72107 <https://github.com/llvm/llvm-project/pull/72107>`_) + +- Improved the ``CStringChecker`` checking both ends of the buffers in more cases. + (`c3a87ddad62a <https://github.com/llvm/llvm-project/commit/c3a87ddad62a6cc01acaccc76592bc6730c8ac3c>`_, + `0954dc3fb921 <https://github.com/llvm/llvm-project/commit/0954dc3fb9214b994623f5306473de075f8e3593>`_) + +- Improved the ``StreamChecker`` by modeling more functions like, + ``fflush``, ``fputs``, ``fgetc``, ``fputc``, ``fopen``, ``fopen``, ``fgets``. + (`#74296 <https://github.com/llvm/llvm-project/pull/74296>`_, + `#73335 <https://github.com/llvm/llvm-project/pull/73335>`_, + `#72627 <https://github.com/llvm/llvm-project/pull/72627>`_, + `#71518 <https://github.com/llvm/llvm-project/pull/71518>`_, + `#72016 <https://github.com/llvm/llvm-project/pull/72016>`_, + `#70540 <https://github.com/llvm/llvm-project/pull/70540>`_, + `#73638 <https://github.com/llvm/llvm-project/pull/73638>`_) + +- Improved the ``unix.StdCLibraryFunctions`` checker by modeling more functions like ``send``, ``recv``, ``readlink`` and ``errno`` behavior. + (`52ac71f92d38 <https://github.com/llvm/llvm-project/commit/52ac71f92d38f75df5cb88e9c090ac5fd5a71548>`_, + `#71373 <https://github.com/llvm/llvm-project/pull/71373>`_, + `#71392 <https://github.com/llvm/llvm-project/pull/71392>`_) + +- Fixed a false negative for when accessing a nonnull property (ObjC). + (`1dceba3a3684 <https://github.com/llvm/llvm-project/commit/1dceba3a3684d12394731e09a6cf3efcebf07a3a>`_) + +- ``DeprecatedOrUnsafeBufferHandling`` now considers ``fprintf`` calls unsafe. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-insecureapi-deprecatedorunsafebufferhandling-c>`__. + - Fix false positive in mutation check when using pointer to member function. - (`#66204: <https://github.com/llvm/llvm-project/issues/66204>`_). + (`#66204 <https://github.com/llvm/llvm-project/issues/66204>`_) + +- Fixed a crash caused by ``builtin_bit_cast``. + (`#69922 <https://github.com/llvm/llvm-project/issues/69922>`_) + +- Fix ``StackAddrEscapeChecker`` crash on temporary object fields. + (`#66221 <https://github.com/llvm/llvm-project/issues/66221>`_) - The ``alpha.security.taint.TaintPropagation`` checker no longer propagates taint on ``strlen`` and ``strnlen`` calls, unless these are marked @@ -1072,16 +1146,36 @@ Static Analyzer Read the PR for the details. (`#66086 <https://github.com/llvm/llvm-project/pull/66086>`_) +- Other taint-related improvements. + (`#66358 <https://github.com/llvm/llvm-project/pull/66358>`_, + `#66074 <https://github.com/llvm/llvm-project/pull/66074>`_, + `#66358 <https://github.com/llvm/llvm-project/pull/66358>`_) + - A few crashes have been found and fixed using randomized testing related - to the use of ``_BitInt()`` in tidy checks and in clang analysis. See - `#67212 <https://github.com/llvm/llvm-project/pull/67212>`_, + to the use of ``_BitInt()`` in tidy checks and in clang analysis. + (`#67212 <https://github.com/llvm/llvm-project/pull/67212>`_, `#66782 <https://github.com/llvm/llvm-project/pull/66782>`_, `#65889 <https://github.com/llvm/llvm-project/pull/65889>`_, - `#65888 <https://github.com/llvm/llvm-project/pull/65888>`_, and - `#65887 <https://github.com/llvm/llvm-project/pull/65887>`_ + `#65888 <https://github.com/llvm/llvm-project/pull/65888>`_, + `#65887 <https://github.com/llvm/llvm-project/pull/65887>`_) -- Move checker ``alpha.cplusplus.EnumCastOutOfRange`` out of the ``alpha`` - package to ``optin.core.EnumCastOutOfRange``. +- Fixed note links of the HTML output. + (`#64054 <https://github.com/llvm/llvm-project/issues/64054>`_) + +- Allow widening rage-based for loops. + (`#70190 <https://github.com/llvm/llvm-project/pull/70190>`_) + +- Fixed uninitialized base class with initializer list when ctor is not + declared in the base class. + (`#70464 <https://github.com/llvm/llvm-project/issues/70464>`_, + `#59493 <https://github.com/llvm/llvm-project/issues/59493>`_, + `#54533 <https://github.com/llvm/llvm-project/issues/54533>`_) + +- Added support for the ``cleanup`` attribute. + `Documentation <https://clang.llvm.org/docs/AttributeReference.html#cleanup>`__. + +- Checkers can query constraint bounds to improve diagnostic messages. + (`#74141 <https://github.com/llvm/llvm-project/pull/74141>`_) .. _release-notes-sanitizers: >From 667d047f3c965714299dcb5bc6b0fc8f314feab4 Mon Sep 17 00:00:00 2001 From: Balazs Benics <benicsbal...@gmail.com> Date: Thu, 28 Dec 2023 09:57:27 +0100 Subject: [PATCH 2/9] Fix URL typo --- clang/docs/ReleaseNotes.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst index 17b6e285a89ca2..715ea947b0f940 100644 --- a/clang/docs/ReleaseNotes.rst +++ b/clang/docs/ReleaseNotes.rst @@ -1054,7 +1054,7 @@ Static Analyzer - Implemented the ``[[clang::suppress]]`` attribute for suppressing diagnostics of static analysis tools, such as the Clang Static Analyzer. - `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. + `Documentation <https://clang.llvm.org/docs/AttributeReference.html#suppress>`__. - Added a new experimental checker ``alpha.core.StdVariant`` to detect variant accesses via wrong alternatives. >From 97ca9e4dc424f50944894e6d6f28e5f46b834805 Mon Sep 17 00:00:00 2001 From: Balazs Benics <benicsbal...@gmail.com> Date: Thu, 28 Dec 2023 09:59:28 +0100 Subject: [PATCH 3/9] Add a missing docs URL --- clang/docs/ReleaseNotes.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst index 715ea947b0f940..57a116114e8548 100644 --- a/clang/docs/ReleaseNotes.rst +++ b/clang/docs/ReleaseNotes.rst @@ -1080,6 +1080,7 @@ Static Analyzer - Move checker ``alpha.unix.StdCLibraryFunctions`` out of the ``alpha`` package to ``unix.StdCLibraryFunctions``. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-stdclibraryfunctions-c>`__. - Added a new checker configuration option to ``alpha.security.cert.InvalidPtrChecker``. >From c46abf9e782c3c9edefb0b284dbf9febf75c192a Mon Sep 17 00:00:00 2001 From: Balazs Benics <benicsbal...@gmail.com> Date: Thu, 28 Dec 2023 10:04:28 +0100 Subject: [PATCH 4/9] Ellaborate the new InvalidPtrChecker option --- clang/docs/ReleaseNotes.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst index 57a116114e8548..0fd73508230227 100644 --- a/clang/docs/ReleaseNotes.rst +++ b/clang/docs/ReleaseNotes.rst @@ -1082,8 +1082,9 @@ Static Analyzer to ``unix.StdCLibraryFunctions``. `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-stdclibraryfunctions-c>`__. -- Added a new checker configuration option to - ``alpha.security.cert.InvalidPtrChecker``. +- Added a new checker configuration option ``InvalidatingGetEnv=[true,false]`` to + ``alpha.security.cert.InvalidPtrChecker``. It's not set by default. + If set, ``getenv`` calls won't invalidate previously returned pointers. `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. (`#67663 <https://github.com/llvm/llvm-project/pull/67663>`_) >From 9c7b6e1b18b082a757e7c1e999c0e9e0f2e7e01a Mon Sep 17 00:00:00 2001 From: Balazs Benics <benicsbal...@gmail.com> Date: Thu, 28 Dec 2023 10:23:17 +0100 Subject: [PATCH 5/9] Update the security.insecureAPI.DeprecatedOrUnsafeBufferHandling checker docs --- clang/docs/analyzer/checkers.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst index 81d40395067c9a..64a4752695f11f 100644 --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -1025,7 +1025,7 @@ security.insecureAPI.vfork (C) security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C) """"""""""""""""""""""""""""""""""""""""""""""""""""""""" - Warn on occurrences of unsafe or deprecated buffer handling functions, which now have a secure variant: ``sprintf, vsprintf, scanf, wscanf, fscanf, fwscanf, vscanf, vwscanf, vfscanf, vfwscanf, sscanf, swscanf, vsscanf, vswscanf, swprintf, snprintf, vswprintf, vsnprintf, memcpy, memmove, strncpy, strncat, memset`` + Warn on occurrences of unsafe or deprecated buffer handling functions, which now have a secure variant: ``sprintf, fprintf, vsprintf, scanf, wscanf, fscanf, fwscanf, vscanf, vwscanf, vfscanf, vfwscanf, sscanf, swscanf, vsscanf, vswscanf, swprintf, snprintf, vswprintf, vsnprintf, memcpy, memmove, strncpy, strncat, memset`` .. code-block:: c >From 28fea874df3c8754e6691f1674747dc57a53a22c Mon Sep 17 00:00:00 2001 From: Balazs Benics <benicsbal...@gmail.com> Date: Thu, 28 Dec 2023 12:12:42 +0100 Subject: [PATCH 6/9] Fix typo --- clang/docs/ReleaseNotes.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst index 0fd73508230227..719e5d51bf3da2 100644 --- a/clang/docs/ReleaseNotes.rst +++ b/clang/docs/ReleaseNotes.rst @@ -1083,7 +1083,7 @@ Static Analyzer `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-stdclibraryfunctions-c>`__. - Added a new checker configuration option ``InvalidatingGetEnv=[true,false]`` to - ``alpha.security.cert.InvalidPtrChecker``. It's not set by default. + ``alpha.security.cert.InvalidPtr``. It's not set by default. If set, ``getenv`` calls won't invalidate previously returned pointers. `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. (`#67663 <https://github.com/llvm/llvm-project/pull/67663>`_) >From ad50efe53a4c881e580e78bf5b870b316c455920 Mon Sep 17 00:00:00 2001 From: Balazs Benics <benicsbal...@gmail.com> Date: Thu, 28 Dec 2023 12:14:42 +0100 Subject: [PATCH 7/9] Refer checkers by their new name --- clang/docs/ReleaseNotes.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst index 719e5d51bf3da2..c79f480ec001e5 100644 --- a/clang/docs/ReleaseNotes.rst +++ b/clang/docs/ReleaseNotes.rst @@ -1083,7 +1083,7 @@ Static Analyzer `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-stdclibraryfunctions-c>`__. - Added a new checker configuration option ``InvalidatingGetEnv=[true,false]`` to - ``alpha.security.cert.InvalidPtr``. It's not set by default. + ``security.cert.env.InvalidPtr``. It's not set by default. If set, ``getenv`` calls won't invalidate previously returned pointers. `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. (`#67663 <https://github.com/llvm/llvm-project/pull/67663>`_) >From 5887714c88a0da0e2975d67ffba126c6b4876e96 Mon Sep 17 00:00:00 2001 From: Balazs Benics <benicsbal...@gmail.com> Date: Thu, 28 Dec 2023 12:23:12 +0100 Subject: [PATCH 8/9] Refer to the checkers by their full user-facing name --- clang/docs/ReleaseNotes.rst | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst index c79f480ec001e5..cc6933c0588aa9 100644 --- a/clang/docs/ReleaseNotes.rst +++ b/clang/docs/ReleaseNotes.rst @@ -1101,17 +1101,18 @@ Static Analyzer the concrete value being cast to the enum. (`#74503 <https://github.com/llvm/llvm-project/pull/74503>`_) -- Improved the ``ArrayBoundV2`` checker for detecting buffer accesses prior - the buffer; and also reworked the diagnostic messages. +- Improved the ``alpha.security.ArrayBoundV2`` checker for detecting buffer + accesses prior the buffer; and also reworked the diagnostic messages. (`3e014038b373 <https://github.com/llvm/llvm-project/commit/3e014038b373e5a4a96d89d46cea17e4d2456a04>`_, `#70056 <https://github.com/llvm/llvm-project/pull/70056>`_, `#72107 <https://github.com/llvm/llvm-project/pull/72107>`_) -- Improved the ``CStringChecker`` checking both ends of the buffers in more cases. +- Improved the ``alpha.unix.cstring.OutOfBounds`` checking both ends of the + buffers in more cases. (`c3a87ddad62a <https://github.com/llvm/llvm-project/commit/c3a87ddad62a6cc01acaccc76592bc6730c8ac3c>`_, `0954dc3fb921 <https://github.com/llvm/llvm-project/commit/0954dc3fb9214b994623f5306473de075f8e3593>`_) -- Improved the ``StreamChecker`` by modeling more functions like, +- Improved the ``alpha.unix.Stream`` checker by modeling more functions like, ``fflush``, ``fputs``, ``fgetc``, ``fputc``, ``fopen``, ``fopen``, ``fgets``. (`#74296 <https://github.com/llvm/llvm-project/pull/74296>`_, `#73335 <https://github.com/llvm/llvm-project/pull/73335>`_, @@ -1121,7 +1122,8 @@ Static Analyzer `#70540 <https://github.com/llvm/llvm-project/pull/70540>`_, `#73638 <https://github.com/llvm/llvm-project/pull/73638>`_) -- Improved the ``unix.StdCLibraryFunctions`` checker by modeling more functions like ``send``, ``recv``, ``readlink`` and ``errno`` behavior. +- Improved the ``unix.StdCLibraryFunctions`` checker by modeling more + functions like ``send``, ``recv``, ``readlink`` and ``errno`` behavior. (`52ac71f92d38 <https://github.com/llvm/llvm-project/commit/52ac71f92d38f75df5cb88e9c090ac5fd5a71548>`_, `#71373 <https://github.com/llvm/llvm-project/pull/71373>`_, `#71392 <https://github.com/llvm/llvm-project/pull/71392>`_) @@ -1129,7 +1131,8 @@ Static Analyzer - Fixed a false negative for when accessing a nonnull property (ObjC). (`1dceba3a3684 <https://github.com/llvm/llvm-project/commit/1dceba3a3684d12394731e09a6cf3efcebf07a3a>`_) -- ``DeprecatedOrUnsafeBufferHandling`` now considers ``fprintf`` calls unsafe. +- ``security.insecureAPI.DeprecatedOrUnsafeBufferHandling`` now considers + ``fprintf`` calls unsafe. `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-insecureapi-deprecatedorunsafebufferhandling-c>`__. - Fix false positive in mutation check when using pointer to member function. >From bdc50e70d9ff87ab3f92105e0146e506cf6555be Mon Sep 17 00:00:00 2001 From: Balazs Benics <benicsbal...@gmail.com> Date: Thu, 28 Dec 2023 12:38:04 +0100 Subject: [PATCH 9/9] NFC Introduce sections, and order by relevance --- clang/docs/ReleaseNotes.rst | 140 +++++++++++++++++++----------------- 1 file changed, 76 insertions(+), 64 deletions(-) diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst index cc6933c0588aa9..d3f352c6aabe79 100644 --- a/clang/docs/ReleaseNotes.rst +++ b/clang/docs/ReleaseNotes.rst @@ -1052,10 +1052,24 @@ libclang Static Analyzer --------------- +New features +^^^^^^^^^^^^ + - Implemented the ``[[clang::suppress]]`` attribute for suppressing diagnostics of static analysis tools, such as the Clang Static Analyzer. `Documentation <https://clang.llvm.org/docs/AttributeReference.html#suppress>`__. +- Added support for the ``cleanup`` attribute. + `Documentation <https://clang.llvm.org/docs/AttributeReference.html#cleanup>`__. + +- Support "Deducing this" (P0847R7). (Worked out of the box) + (`af4751738db8 <https://github.com/llvm/llvm-project/commit/af4751738db89a142a8880c782d12d4201b222a8>`__) + +- Added a new checker ``core.BitwiseShift`` which reports situations where + bitwise shift operators produce undefined behavior (because some operand is + negative or too large). + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#core-bitwiseshift-c-c>`__. + - Added a new experimental checker ``alpha.core.StdVariant`` to detect variant accesses via wrong alternatives. (`#66481 <https://github.com/llvm/llvm-project/pull/66481>`_) @@ -1066,35 +1080,59 @@ Static Analyzer `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#alpha-cplusplus-arraydelete-c>`__. (`0e246bb67573 <https://github.com/llvm/llvm-project/commit/0e246bb67573799409d0085b89902a330998ddcc>`_) -- Added a new checker ``core.BitwiseShift`` which reports situations where - bitwise shift operators produce undefined behavior (because some operand is - negative or too large). - `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#core-bitwiseshift-c-c>`__. - -- Support "Deducing this" (P0847R7). (Worked out of the box) - (`af4751738db8 <https://github.com/llvm/llvm-project/commit/af4751738db89a142a8880c782d12d4201b222a8>`__) - -- Move checker ``alpha.unix.Errno`` out of the ``alpha`` package - to ``unix.Errno``. - `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-errno-c>`__. - -- Move checker ``alpha.unix.StdCLibraryFunctions`` out of the ``alpha`` package - to ``unix.StdCLibraryFunctions``. - `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-stdclibraryfunctions-c>`__. - - Added a new checker configuration option ``InvalidatingGetEnv=[true,false]`` to ``security.cert.env.InvalidPtr``. It's not set by default. If set, ``getenv`` calls won't invalidate previously returned pointers. `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. (`#67663 <https://github.com/llvm/llvm-project/pull/67663>`_) -- Move checker ``alpha.security.cert.env.InvalidPtr`` out of the ``alpha`` - package to ``security.cert.env.InvalidPtr``. - `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. +Crash and bug fixes +^^^^^^^^^^^^^^^^^^^ -- Move checker ``alpha.cplusplus.EnumCastOutOfRange`` out of the ``alpha`` - package to ``optin.core.EnumCastOutOfRange``. - `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#optin-core-enumcastoutofrange-c-c>`__. +- Fixed a crash caused by ``builtin_bit_cast``. + (`#69922 <https://github.com/llvm/llvm-project/issues/69922>`_) + +- Fixed a ``core.StackAddressEscape`` crash on temporary object fields. + (`#66221 <https://github.com/llvm/llvm-project/issues/66221>`_) + +- A few crashes have been found and fixed using randomized testing related + to the use of ``_BitInt()`` in tidy checks and in clang analysis. + (`#67212 <https://github.com/llvm/llvm-project/pull/67212>`_, + `#66782 <https://github.com/llvm/llvm-project/pull/66782>`_, + `#65889 <https://github.com/llvm/llvm-project/pull/65889>`_, + `#65888 <https://github.com/llvm/llvm-project/pull/65888>`_, + `#65887 <https://github.com/llvm/llvm-project/pull/65887>`_) + +- Fixed note links of the HTML output. + (`#64054 <https://github.com/llvm/llvm-project/issues/64054>`_) + +- Allow widening rage-based for loops. + (`#70190 <https://github.com/llvm/llvm-project/pull/70190>`_) + +- Fixed uninitialized base class with initializer list when ctor is not + declared in the base class. + (`#70464 <https://github.com/llvm/llvm-project/issues/70464>`_, + `#59493 <https://github.com/llvm/llvm-project/issues/59493>`_, + `#54533 <https://github.com/llvm/llvm-project/issues/54533>`_) + +- Fix false positive in mutation check when using pointer to member function. + (`#66204 <https://github.com/llvm/llvm-project/issues/66204>`_) + +Improvements +^^^^^^^^^^^^ + +- Improved the ``unix.StdCLibraryFunctions`` checker by modeling more + functions like ``send``, ``recv``, ``readlink`` and ``errno`` behavior. + (`52ac71f92d38 <https://github.com/llvm/llvm-project/commit/52ac71f92d38f75df5cb88e9c090ac5fd5a71548>`_, + `#71373 <https://github.com/llvm/llvm-project/pull/71373>`_, + `#71392 <https://github.com/llvm/llvm-project/pull/71392>`_) + +- Fixed a false negative for when accessing a nonnull property (ObjC). + (`1dceba3a3684 <https://github.com/llvm/llvm-project/commit/1dceba3a3684d12394731e09a6cf3efcebf07a3a>`_) + +- ``security.insecureAPI.DeprecatedOrUnsafeBufferHandling`` now considers + ``fprintf`` calls unsafe. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-insecureapi-deprecatedorunsafebufferhandling-c>`__. - Improved the diagnostics of the ``optin.core.EnumCastOutOfRange`` checker. It will display the name and the declaration of the enumeration along with @@ -1122,28 +1160,6 @@ Static Analyzer `#70540 <https://github.com/llvm/llvm-project/pull/70540>`_, `#73638 <https://github.com/llvm/llvm-project/pull/73638>`_) -- Improved the ``unix.StdCLibraryFunctions`` checker by modeling more - functions like ``send``, ``recv``, ``readlink`` and ``errno`` behavior. - (`52ac71f92d38 <https://github.com/llvm/llvm-project/commit/52ac71f92d38f75df5cb88e9c090ac5fd5a71548>`_, - `#71373 <https://github.com/llvm/llvm-project/pull/71373>`_, - `#71392 <https://github.com/llvm/llvm-project/pull/71392>`_) - -- Fixed a false negative for when accessing a nonnull property (ObjC). - (`1dceba3a3684 <https://github.com/llvm/llvm-project/commit/1dceba3a3684d12394731e09a6cf3efcebf07a3a>`_) - -- ``security.insecureAPI.DeprecatedOrUnsafeBufferHandling`` now considers - ``fprintf`` calls unsafe. - `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-insecureapi-deprecatedorunsafebufferhandling-c>`__. - -- Fix false positive in mutation check when using pointer to member function. - (`#66204 <https://github.com/llvm/llvm-project/issues/66204>`_) - -- Fixed a crash caused by ``builtin_bit_cast``. - (`#69922 <https://github.com/llvm/llvm-project/issues/69922>`_) - -- Fix ``StackAddrEscapeChecker`` crash on temporary object fields. - (`#66221 <https://github.com/llvm/llvm-project/issues/66221>`_) - - The ``alpha.security.taint.TaintPropagation`` checker no longer propagates taint on ``strlen`` and ``strnlen`` calls, unless these are marked explicitly propagators in the user-provided taint configuration file. @@ -1156,31 +1172,27 @@ Static Analyzer `#66074 <https://github.com/llvm/llvm-project/pull/66074>`_, `#66358 <https://github.com/llvm/llvm-project/pull/66358>`_) -- A few crashes have been found and fixed using randomized testing related - to the use of ``_BitInt()`` in tidy checks and in clang analysis. - (`#67212 <https://github.com/llvm/llvm-project/pull/67212>`_, - `#66782 <https://github.com/llvm/llvm-project/pull/66782>`_, - `#65889 <https://github.com/llvm/llvm-project/pull/65889>`_, - `#65888 <https://github.com/llvm/llvm-project/pull/65888>`_, - `#65887 <https://github.com/llvm/llvm-project/pull/65887>`_) +- Checkers can query constraint bounds to improve diagnostic messages. + (`#74141 <https://github.com/llvm/llvm-project/pull/74141>`_) -- Fixed note links of the HTML output. - (`#64054 <https://github.com/llvm/llvm-project/issues/64054>`_) +Moved checkers +^^^^^^^^^^^^^^ -- Allow widening rage-based for loops. - (`#70190 <https://github.com/llvm/llvm-project/pull/70190>`_) +- Move checker ``alpha.unix.Errno`` out of the ``alpha`` package + to ``unix.Errno``. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-errno-c>`__. -- Fixed uninitialized base class with initializer list when ctor is not - declared in the base class. - (`#70464 <https://github.com/llvm/llvm-project/issues/70464>`_, - `#59493 <https://github.com/llvm/llvm-project/issues/59493>`_, - `#54533 <https://github.com/llvm/llvm-project/issues/54533>`_) +- Move checker ``alpha.unix.StdCLibraryFunctions`` out of the ``alpha`` package + to ``unix.StdCLibraryFunctions``. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-stdclibraryfunctions-c>`__. -- Added support for the ``cleanup`` attribute. - `Documentation <https://clang.llvm.org/docs/AttributeReference.html#cleanup>`__. +- Move checker ``alpha.security.cert.env.InvalidPtr`` out of the ``alpha`` + package to ``security.cert.env.InvalidPtr``. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__. -- Checkers can query constraint bounds to improve diagnostic messages. - (`#74141 <https://github.com/llvm/llvm-project/pull/74141>`_) +- Move checker ``alpha.cplusplus.EnumCastOutOfRange`` out of the ``alpha`` + package to ``optin.core.EnumCastOutOfRange``. + `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#optin-core-enumcastoutofrange-c-c>`__. .. _release-notes-sanitizers: _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits