[clang] [analyzer][docs] Update the release notes for llvm-18 (PR #76446)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Thu Dec 28 01:24:56 PST 2023
https://github.com/steakhal updated https://github.com/llvm/llvm-project/pull/76446
>From a4a8704644067a7cf81bee601e4898bbc6b9d289 Mon Sep 17 00:00:00 2001
From: Balazs Benics <benicsbalazs at gmail.com>
Date: Wed, 27 Dec 2023 14:13:08 +0100
Subject: [PATCH 1/5] [analyzer][docs] Update the release notes for llvm-18
---
clang/docs/ReleaseNotes.rst | 108 +++++++++++++++++++++++++++++++++---
1 file changed, 101 insertions(+), 7 deletions(-)
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index ee211c16a48ac8..17b6e285a89ca2 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -1052,18 +1052,92 @@ libclang
Static Analyzer
---------------
+- Implemented the ``[[clang::suppress]]`` attribute for suppressing diagnostics
+ of static analysis tools, such as the Clang Static Analyzer.
+ `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__.
+
+- Added a new experimental checker ``alpha.core.StdVariant`` to detect variant
+ accesses via wrong alternatives.
+ (`#66481 <https://github.com/llvm/llvm-project/pull/66481>`_)
+
+- Added a new experimental checker ``alpha.cplusplus.ArrayDelete`` to detect
+ destructions of arrays of polymorphic objects that are destructed as their
+ base class (`CERT EXP51-CPP <https://wiki.sei.cmu.edu/confluence/display/cplusplus/EXP51-CPP.+Do+not+delete+an+array+through+a+pointer+of+the+incorrect+type>`_).
+ `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#alpha-cplusplus-arraydelete-c>`__.
+ (`0e246bb67573 <https://github.com/llvm/llvm-project/commit/0e246bb67573799409d0085b89902a330998ddcc>`_)
+
- Added a new checker ``core.BitwiseShift`` which reports situations where
bitwise shift operators produce undefined behavior (because some operand is
negative or too large).
+ `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#core-bitwiseshift-c-c>`__.
+
+- Support "Deducing this" (P0847R7). (Worked out of the box)
+ (`af4751738db8 <https://github.com/llvm/llvm-project/commit/af4751738db89a142a8880c782d12d4201b222a8>`__)
- Move checker ``alpha.unix.Errno`` out of the ``alpha`` package
to ``unix.Errno``.
+ `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-errno-c>`__.
- Move checker ``alpha.unix.StdCLibraryFunctions`` out of the ``alpha`` package
to ``unix.StdCLibraryFunctions``.
+- Added a new checker configuration option to
+ ``alpha.security.cert.InvalidPtrChecker``.
+ `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__.
+ (`#67663 <https://github.com/llvm/llvm-project/pull/67663>`_)
+
+- Move checker ``alpha.security.cert.env.InvalidPtr`` out of the ``alpha``
+ package to ``security.cert.env.InvalidPtr``.
+ `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__.
+
+- Move checker ``alpha.cplusplus.EnumCastOutOfRange`` out of the ``alpha``
+ package to ``optin.core.EnumCastOutOfRange``.
+ `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#optin-core-enumcastoutofrange-c-c>`__.
+
+- Improved the diagnostics of the ``optin.core.EnumCastOutOfRange`` checker.
+ It will display the name and the declaration of the enumeration along with
+ the concrete value being cast to the enum.
+ (`#74503 <https://github.com/llvm/llvm-project/pull/74503>`_)
+
+- Improved the ``ArrayBoundV2`` checker for detecting buffer accesses prior
+ the buffer; and also reworked the diagnostic messages.
+ (`3e014038b373 <https://github.com/llvm/llvm-project/commit/3e014038b373e5a4a96d89d46cea17e4d2456a04>`_,
+ `#70056 <https://github.com/llvm/llvm-project/pull/70056>`_,
+ `#72107 <https://github.com/llvm/llvm-project/pull/72107>`_)
+
+- Improved the ``CStringChecker`` checking both ends of the buffers in more cases.
+ (`c3a87ddad62a <https://github.com/llvm/llvm-project/commit/c3a87ddad62a6cc01acaccc76592bc6730c8ac3c>`_,
+ `0954dc3fb921 <https://github.com/llvm/llvm-project/commit/0954dc3fb9214b994623f5306473de075f8e3593>`_)
+
+- Improved the ``StreamChecker`` by modeling more functions like,
+ ``fflush``, ``fputs``, ``fgetc``, ``fputc``, ``fopen``, ``fopen``, ``fgets``.
+ (`#74296 <https://github.com/llvm/llvm-project/pull/74296>`_,
+ `#73335 <https://github.com/llvm/llvm-project/pull/73335>`_,
+ `#72627 <https://github.com/llvm/llvm-project/pull/72627>`_,
+ `#71518 <https://github.com/llvm/llvm-project/pull/71518>`_,
+ `#72016 <https://github.com/llvm/llvm-project/pull/72016>`_,
+ `#70540 <https://github.com/llvm/llvm-project/pull/70540>`_,
+ `#73638 <https://github.com/llvm/llvm-project/pull/73638>`_)
+
+- Improved the ``unix.StdCLibraryFunctions`` checker by modeling more functions like ``send``, ``recv``, ``readlink`` and ``errno`` behavior.
+ (`52ac71f92d38 <https://github.com/llvm/llvm-project/commit/52ac71f92d38f75df5cb88e9c090ac5fd5a71548>`_,
+ `#71373 <https://github.com/llvm/llvm-project/pull/71373>`_,
+ `#71392 <https://github.com/llvm/llvm-project/pull/71392>`_)
+
+- Fixed a false negative for when accessing a nonnull property (ObjC).
+ (`1dceba3a3684 <https://github.com/llvm/llvm-project/commit/1dceba3a3684d12394731e09a6cf3efcebf07a3a>`_)
+
+- ``DeprecatedOrUnsafeBufferHandling`` now considers ``fprintf`` calls unsafe.
+ `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-insecureapi-deprecatedorunsafebufferhandling-c>`__.
+
- Fix false positive in mutation check when using pointer to member function.
- (`#66204: <https://github.com/llvm/llvm-project/issues/66204>`_).
+ (`#66204 <https://github.com/llvm/llvm-project/issues/66204>`_)
+
+- Fixed a crash caused by ``builtin_bit_cast``.
+ (`#69922 <https://github.com/llvm/llvm-project/issues/69922>`_)
+
+- Fix ``StackAddrEscapeChecker`` crash on temporary object fields.
+ (`#66221 <https://github.com/llvm/llvm-project/issues/66221>`_)
- The ``alpha.security.taint.TaintPropagation`` checker no longer propagates
taint on ``strlen`` and ``strnlen`` calls, unless these are marked
@@ -1072,16 +1146,36 @@ Static Analyzer
Read the PR for the details.
(`#66086 <https://github.com/llvm/llvm-project/pull/66086>`_)
+- Other taint-related improvements.
+ (`#66358 <https://github.com/llvm/llvm-project/pull/66358>`_,
+ `#66074 <https://github.com/llvm/llvm-project/pull/66074>`_,
+ `#66358 <https://github.com/llvm/llvm-project/pull/66358>`_)
+
- A few crashes have been found and fixed using randomized testing related
- to the use of ``_BitInt()`` in tidy checks and in clang analysis. See
- `#67212 <https://github.com/llvm/llvm-project/pull/67212>`_,
+ to the use of ``_BitInt()`` in tidy checks and in clang analysis.
+ (`#67212 <https://github.com/llvm/llvm-project/pull/67212>`_,
`#66782 <https://github.com/llvm/llvm-project/pull/66782>`_,
`#65889 <https://github.com/llvm/llvm-project/pull/65889>`_,
- `#65888 <https://github.com/llvm/llvm-project/pull/65888>`_, and
- `#65887 <https://github.com/llvm/llvm-project/pull/65887>`_
+ `#65888 <https://github.com/llvm/llvm-project/pull/65888>`_,
+ `#65887 <https://github.com/llvm/llvm-project/pull/65887>`_)
-- Move checker ``alpha.cplusplus.EnumCastOutOfRange`` out of the ``alpha``
- package to ``optin.core.EnumCastOutOfRange``.
+- Fixed note links of the HTML output.
+ (`#64054 <https://github.com/llvm/llvm-project/issues/64054>`_)
+
+- Allow widening rage-based for loops.
+ (`#70190 <https://github.com/llvm/llvm-project/pull/70190>`_)
+
+- Fixed uninitialized base class with initializer list when ctor is not
+ declared in the base class.
+ (`#70464 <https://github.com/llvm/llvm-project/issues/70464>`_,
+ `#59493 <https://github.com/llvm/llvm-project/issues/59493>`_,
+ `#54533 <https://github.com/llvm/llvm-project/issues/54533>`_)
+
+- Added support for the ``cleanup`` attribute.
+ `Documentation <https://clang.llvm.org/docs/AttributeReference.html#cleanup>`__.
+
+- Checkers can query constraint bounds to improve diagnostic messages.
+ (`#74141 <https://github.com/llvm/llvm-project/pull/74141>`_)
.. _release-notes-sanitizers:
>From 667d047f3c965714299dcb5bc6b0fc8f314feab4 Mon Sep 17 00:00:00 2001
From: Balazs Benics <benicsbalazs at gmail.com>
Date: Thu, 28 Dec 2023 09:57:27 +0100
Subject: [PATCH 2/5] Fix URL typo
---
clang/docs/ReleaseNotes.rst | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index 17b6e285a89ca2..715ea947b0f940 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -1054,7 +1054,7 @@ Static Analyzer
- Implemented the ``[[clang::suppress]]`` attribute for suppressing diagnostics
of static analysis tools, such as the Clang Static Analyzer.
- `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__.
+ `Documentation <https://clang.llvm.org/docs/AttributeReference.html#suppress>`__.
- Added a new experimental checker ``alpha.core.StdVariant`` to detect variant
accesses via wrong alternatives.
>From 97ca9e4dc424f50944894e6d6f28e5f46b834805 Mon Sep 17 00:00:00 2001
From: Balazs Benics <benicsbalazs at gmail.com>
Date: Thu, 28 Dec 2023 09:59:28 +0100
Subject: [PATCH 3/5] Add a missing docs URL
---
clang/docs/ReleaseNotes.rst | 1 +
1 file changed, 1 insertion(+)
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index 715ea947b0f940..57a116114e8548 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -1080,6 +1080,7 @@ Static Analyzer
- Move checker ``alpha.unix.StdCLibraryFunctions`` out of the ``alpha`` package
to ``unix.StdCLibraryFunctions``.
+ `Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-stdclibraryfunctions-c>`__.
- Added a new checker configuration option to
``alpha.security.cert.InvalidPtrChecker``.
>From c46abf9e782c3c9edefb0b284dbf9febf75c192a Mon Sep 17 00:00:00 2001
From: Balazs Benics <benicsbalazs at gmail.com>
Date: Thu, 28 Dec 2023 10:04:28 +0100
Subject: [PATCH 4/5] Ellaborate the new InvalidPtrChecker option
---
clang/docs/ReleaseNotes.rst | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index 57a116114e8548..0fd73508230227 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -1082,8 +1082,9 @@ Static Analyzer
to ``unix.StdCLibraryFunctions``.
`Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#unix-stdclibraryfunctions-c>`__.
-- Added a new checker configuration option to
- ``alpha.security.cert.InvalidPtrChecker``.
+- Added a new checker configuration option ``InvalidatingGetEnv=[true,false]`` to
+ ``alpha.security.cert.InvalidPtrChecker``. It's not set by default.
+ If set, ``getenv`` calls won't invalidate previously returned pointers.
`Documentation <https://clang.llvm.org/docs/analyzer/checkers.html#security-cert-env-invalidptr>`__.
(`#67663 <https://github.com/llvm/llvm-project/pull/67663>`_)
>From 9c7b6e1b18b082a757e7c1e999c0e9e0f2e7e01a Mon Sep 17 00:00:00 2001
From: Balazs Benics <benicsbalazs at gmail.com>
Date: Thu, 28 Dec 2023 10:23:17 +0100
Subject: [PATCH 5/5] Update the
security.insecureAPI.DeprecatedOrUnsafeBufferHandling checker docs
---
clang/docs/analyzer/checkers.rst | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst
index 81d40395067c9a..64a4752695f11f 100644
--- a/clang/docs/analyzer/checkers.rst
+++ b/clang/docs/analyzer/checkers.rst
@@ -1025,7 +1025,7 @@ security.insecureAPI.vfork (C)
security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""
- Warn on occurrences of unsafe or deprecated buffer handling functions, which now have a secure variant: ``sprintf, vsprintf, scanf, wscanf, fscanf, fwscanf, vscanf, vwscanf, vfscanf, vfwscanf, sscanf, swscanf, vsscanf, vswscanf, swprintf, snprintf, vswprintf, vsnprintf, memcpy, memmove, strncpy, strncat, memset``
+ Warn on occurrences of unsafe or deprecated buffer handling functions, which now have a secure variant: ``sprintf, fprintf, vsprintf, scanf, wscanf, fscanf, fwscanf, vscanf, vwscanf, vfscanf, vfwscanf, sscanf, swscanf, vsscanf, vswscanf, swprintf, snprintf, vswprintf, vsnprintf, memcpy, memmove, strncpy, strncat, memset``
.. code-block:: c
More information about the cfe-commits
mailing list