[all-commits] [llvm/llvm-project] 6e17ed: [analyzer] Consolidate array bound checkers (#125534)
Donát Nagy via All-commits
all-commits at lists.llvm.org
Thu Feb 6 08:46:08 PST 2025
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 6e17ed9b04e5523cc910bf171c3122dcc64b86db
https://github.com/llvm/llvm-project/commit/6e17ed9b04e5523cc910bf171c3122dcc64b86db
Author: Donát Nagy <donat.nagy at ericsson.com>
Date: 2025-02-06 (Thu, 06 Feb 2025)
Changed paths:
M clang/docs/ReleaseNotes.rst
M clang/docs/analyzer/checkers.rst
M clang/include/clang/StaticAnalyzer/Checkers/Checkers.td
R clang/lib/StaticAnalyzer/Checkers/ArrayBoundChecker.cpp
M clang/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp
M clang/lib/StaticAnalyzer/Checkers/CMakeLists.txt
M clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
M clang/lib/StaticAnalyzer/Core/MemRegion.cpp
R clang/test/Analysis/array-bound-v2-constraint-check.c
M clang/test/Analysis/index-type.c
M clang/test/Analysis/misc-ps-region-store.m
M clang/test/Analysis/no-outofbounds.c
A clang/test/Analysis/out-of-bounds-constraint-check.c
M clang/test/Analysis/out-of-bounds-diagnostics.c
M clang/test/Analysis/out-of-bounds-new.cpp
M clang/test/Analysis/out-of-bounds-notes.c
M clang/test/Analysis/out-of-bounds.c
M clang/test/Analysis/outofbound-notwork.c
M clang/test/Analysis/outofbound.c
R clang/test/Analysis/rdar-6541136-region.c
M clang/test/Analysis/runtime-regression.c
M clang/test/Analysis/taint-diagnostic-visitor.c
M clang/test/Analysis/taint-generic.c
M clang/test/Analysis/taint-generic.cpp
M clang/www/analyzer/open_projects.html
M clang/www/analyzer/potential_checkers.html
M llvm/utils/gn/secondary/clang/lib/StaticAnalyzer/Checkers/BUILD.gn
Log Message:
-----------
[analyzer] Consolidate array bound checkers (#125534)
Before this commit, there were two alpha checkers that used different
algorithms/logic for detecting out of bounds memory access: the old
`alpha.security.ArrayBound` and the experimental, more complex
`alpha.security.ArrayBoundV2`.
After lots of quality improvement commits ArrayBoundV2 is now stable
enough to be moved out of the alpha stage. As indexing (and dereference)
are common operations, it still produces a significant amount of false
positives, but not much more than e.g. `core.NullDereference` or
`core.UndefinedBinaryOperatorResult`, so it should be acceptable as a
non-`core` checker.
At this point `alpha.security.ArrayBound` became obsolete (there is a
better tool for the same task), so I'm removing it from the codebase.
With this I can eliminate the ugly "V2" version mark almost everywhere
and rename `alpha.security.ArrayBoundV2` to `security.ArrayBound`.
(The version mark is preserved in the filename "ArrayBoundCheckerV2", to
ensure a clear git history. I'll rename it to "ArrayBoundChecker.cpp" in
a separate commit.)
This commit adapts the unit tests of `alpha.security.ArrayBound` to
testing the new `security.ArrayBound` (= old ArrayBoundV2). Currently
the names of the test files are very haphazard, I'll probably create a
separate followup commit that consolidates this.
To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications
More information about the All-commits
mailing list