from:"Balázs Kéri via cfe\-commits"

[clang] [clang][ASTImporter] Fix possible crash "given incorrect InsertPos for specialization". (PR #89887)

2024-05-24 Thread Balázs Kéri via cfe-commits

balazske wrote: > Could you please show your commands which reproduced this crash? I tested > locally with the following commands and it runs OK. > > ```c++ > clang++ -cc1 -std=c++17 -emit-pch -o test.cpp.ast test.cpp > clang++ -cc1 -x c++ -ast-merge test.cpp.ast /dev/null -ast-dump > ```

[clang] [clang][analyzer] PutenvStackArrayChecker: No warning from 'main' (PR #93299)

2024-05-24 Thread Balázs Kéri via cfe-commits

https://github.com/balazske created https://github.com/llvm/llvm-project/pull/93299 None From 9baa8cc3a1a738a43deee811b51593db85d5c88c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Fri, 24 May 2024 15:22:22 +0200 Subject: [PATCH] [clang][analyzer]

[clang] [clang][analyzer] Move checker 'cert.pos.34c' (in alpha.security) into 'PutenvStackArray' (PR #92424)

2024-05-23 Thread Balázs Kéri via cfe-commits

https://github.com/balazske closed https://github.com/llvm/llvm-project/pull/92424 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Move checker 'cert.pos.34c' (in alpha.security) into 'PutenvStackArray' (PR #92424)

2024-05-23 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/92424 From 769523d392204eac6c48cb80a2282212f3edbbe4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Fri, 10 May 2024 17:30:23 +0200 Subject: [PATCH 1/4] [clang][analyzer] Move checker

[clang] [clang][analyzer] Move checker 'cert.pos.34c' (in alpha.security) into 'PutenvStackArray' (PR #92424)

2024-05-23 Thread Balázs Kéri via cfe-commits

https://github.com/balazske edited https://github.com/llvm/llvm-project/pull/92424 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][ASTImporter] Fix possible crash "given incorrect InsertPos for specialization". (PR #89887)

2024-05-22 Thread Balázs Kéri via cfe-commits

balazske wrote: The problem is that there is a distance between getting the "InsertPos" and the insetion into the list. Between getting the `InsertPos` (`VarTemplate->findSpecialization`) and the insertion further AST import statements can occur and probably it can cause the list of

[clang] [clang][ASTImporter] Fix possible crash "given incorrect InsertPos for specialization". (PR #89887)

2024-05-22 Thread Balázs Kéri via cfe-commits

balazske wrote: I could reproduce this assertion (with CTU analysis on project "contour"): ``` clang-19: llvm-project/clang/lib/AST/DeclTemplate.cpp:370: void clang::RedeclarableTemplateDecl::addSpecializationImpl(llvm::FoldingSetVector&, EntryType*, void*) [with Derived =

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-22 Thread Balázs Kéri via cfe-commits

https://github.com/balazske closed https://github.com/llvm/llvm-project/pull/91445 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-22 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/91445 From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH 01/10] [clang][analyzer] Add checker

[clang] [clang][analyzer] Move checker alpha.security.cert.pos.34c into security.PutenvWithAuto (PR #92424)

2024-05-21 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/92424 From 769523d392204eac6c48cb80a2282212f3edbbe4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Fri, 10 May 2024 17:30:23 +0200 Subject: [PATCH 1/3] [clang][analyzer] Move checker

[clang] [clang][analyzer] Move checker alpha.security.cert.pos.34c into security.PutenvWithAuto (PR #92424)

2024-05-17 Thread Balázs Kéri via cfe-commits

balazske wrote: I moved the checker to `alpha.security` now and changed the name, and made the documentations more exact. https://github.com/llvm/llvm-project/pull/92424 ___ cfe-commits mailing list cfe-commits@lists.llvm.org

[clang] [clang][analyzer] Move checker alpha.security.cert.pos.34c into security.PutenvWithAuto (PR #92424)

2024-05-17 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/92424 From 769523d392204eac6c48cb80a2282212f3edbbe4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Fri, 10 May 2024 17:30:23 +0200 Subject: [PATCH 1/2] [clang][analyzer] Move checker

[clang] [clang][analyzer] Move checker alpha.security.cert.pos.34c into security.PutenvWithAuto . (PR #92424)

2024-05-16 Thread Balázs Kéri via cfe-commits

https://github.com/balazske created https://github.com/llvm/llvm-project/pull/92424 The "cert" package looks not useful and the checker has not a meaningful name with the old naming scheme. Additionally tests and documentation is updated. The checker looks good enough to be moved into

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-16 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/91445 From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH 1/9] [clang][analyzer] Add checker

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-16 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/91445 From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH 1/8] [clang][analyzer] Add checker

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-15 Thread Balázs Kéri via cfe-commits

balazske wrote: I added the `NoteTag` support now (instead of a next PR). The `checkDeadSymbols` is removed, it does really not matter if the data remains in the GDM and this way it is used to display the note tag only for the last `setuid` call.

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-15 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/91445 From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH 1/7] [clang][analyzer] Add checker

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-14 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/91445 From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH 1/6] [clang][analyzer] Add checker

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-13 Thread Balázs Kéri via cfe-commits

@@ -0,0 +1,196 @@ +//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls ---===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier:

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-13 Thread Balázs Kéri via cfe-commits

@@ -0,0 +1,185 @@ +// RUN: %clang_analyze_cc1 -analyzer-checker=core,security.SetgidSetuidOrder -verify %s + +typedef int uid_t; +typedef int gid_t; + +int setuid(uid_t); +int setgid(gid_t); +int seteuid(uid_t); +int setegid(gid_t); +int setreuid(uid_t, uid_t); +int

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder' (PR #91445)

2024-05-13 Thread Balázs Kéri via cfe-commits

@@ -1179,6 +1179,34 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C) strncpy(buf, "a", 1); // warn } +security.SetgidSetuidOrder (C) +"" balazske wrote: Move the new checker into `unix`, or move the chroot checker

[clang] [analyzer] Refactor recognition of the errno getter functions (PR #91531)

2024-05-13 Thread Balázs Kéri via cfe-commits

@@ -136,53 +100,48 @@ void ErrnoModeling::checkBeginFunction(CheckerContext ) const { ASTContext = C.getASTContext(); ProgramStateRef State = C.getState(); - if (const auto *ErrnoVar = dyn_cast_or_null(ErrnoDecl)) { -// There is an external 'errno' variable. -

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-10 Thread Balázs Kéri via cfe-commits

@@ -0,0 +1,197 @@ +//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls ---===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier:

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-10 Thread Balázs Kéri via cfe-commits

@@ -0,0 +1,170 @@ +// RUN: %clang_analyze_cc1 -analyzer-checker=core,security.SetgidSetuidOrder -verify %s + +#include "Inputs/system-header-simulator-setgid-setuid.h" + +void correct_order() { + if (setgid(getgid()) == -1) +return; + if (setuid(getuid()) == -1) +

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-10 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/91445 From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH 1/5] [clang][analyzer] Add checker

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-10 Thread Balázs Kéri via cfe-commits

balazske wrote: Is it useful to add a note tag to the previous `setuid(getuid())` call? It can be (theoretically) in another function or otherwise in a remote place in the source code. https://github.com/llvm/llvm-project/pull/91445 ___ cfe-commits

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-10 Thread Balázs Kéri via cfe-commits

https://github.com/balazske deleted https://github.com/llvm/llvm-project/pull/91445 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-10 Thread Balázs Kéri via cfe-commits

@@ -0,0 +1,197 @@ +//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls ---===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier:

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-10 Thread Balázs Kéri via cfe-commits

@@ -0,0 +1,197 @@ +//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls ---===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier:

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-10 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/91445 From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH 1/4] [clang][analyzer] Add checker

[clang] [analyzer] Refactor recognition of the errno getter functions (PR #91531)

2024-05-10 Thread Balázs Kéri via cfe-commits

@@ -136,53 +100,48 @@ void ErrnoModeling::checkBeginFunction(CheckerContext ) const { ASTContext = C.getASTContext(); ProgramStateRef State = C.getState(); - if (const auto *ErrnoVar = dyn_cast_or_null(ErrnoDecl)) { -// There is an external 'errno' variable. -

[clang] [analyzer] Refactor recognition of the errno getter functions (PR #91531)

2024-05-10 Thread Balázs Kéri via cfe-commits

@@ -74,9 +73,13 @@ REGISTER_TRAIT_WITH_PROGRAMSTATE(ErrnoRegion, const MemRegion *) REGISTER_TRAIT_WITH_PROGRAMSTATE(ErrnoState, errno_modeling::ErrnoCheckState) -/// Search for a variable called "errno" in the AST. -/// Return nullptr if not found. -static const VarDecl

[clang] [analyzer] Refactor recognition of the errno getter functions (PR #91531)

2024-05-09 Thread Balázs Kéri via cfe-commits

@@ -71,12 +71,9 @@ ProgramStateRef setErrnoState(ProgramStateRef State, ErrnoCheckState EState); /// Clear state of errno (make it irrelevant). ProgramStateRef clearErrnoState(ProgramStateRef State); -/// Determine if a `Decl` node related to 'errno'. -/// This is true if

[clang] [analyzer] Refactor recognition of the errno getter functions (PR #91531)

2024-05-09 Thread Balázs Kéri via cfe-commits

@@ -54,16 +59,10 @@ class ErrnoModeling void checkLiveSymbols(ProgramStateRef State, SymbolReaper ) const; bool evalCall(const CallEvent , CheckerContext ) const; - // The declaration of an "errno" variable or "errno location" function. - mutable const Decl *ErrnoDecl =

[clang] [analyzer] Refactor recognition of the errno getter functions (PR #91531)

2024-05-09 Thread Balázs Kéri via cfe-commits

@@ -71,12 +71,9 @@ ProgramStateRef setErrnoState(ProgramStateRef State, ErrnoCheckState EState); /// Clear state of errno (make it irrelevant). ProgramStateRef clearErrnoState(ProgramStateRef State); -/// Determine if a `Decl` node related to 'errno'. -/// This is true if

[clang] [analyzer] Refactor recognition of the errno getter functions (PR #91531)

2024-05-09 Thread Balázs Kéri via cfe-commits

@@ -39,10 +39,15 @@ namespace { // Name of the "errno" variable. // FIXME: Is there a system where it is not called "errno" but is a variable? const char *ErrnoVarName = "errno"; + // Names of functions that return a location of the "errno" value. // FIXME: Are there other

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-08 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/91445 From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH 1/3] [clang][analyzer] Add checker

[clang] [clang][analyzer] Add checker 'security.SetgidSetuidOrder'. (PR #91445)

2024-05-08 Thread Balázs Kéri via cfe-commits

@@ -0,0 +1,197 @@ +//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls ---===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier:

[clang] [clang][analyzer] Add checker 'Security.SetgidSetuidOrder'. (PR #91445)

2024-05-08 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/91445 From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH 1/2] [clang][analyzer] Add checker

[clang] [clang][analyzer] Add checker 'Security.SetgidSetuidOrder'. (PR #91445)

2024-05-08 Thread Balázs Kéri via cfe-commits

https://github.com/balazske created https://github.com/llvm/llvm-project/pull/91445 None From d839faf7a30851a172d812137b30635c741870f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 8 May 2024 10:10:24 +0200 Subject: [PATCH] [clang][analyzer] Add checker

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-30 Thread Balázs Kéri via cfe-commits

https://github.com/balazske closed https://github.com/llvm/llvm-project/pull/89247 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-30 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/89247 From 7138f026e845ebb4f1a3e6a86bdeb534d666ae7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Thu, 18 Apr 2024 16:40:03 +0200 Subject: [PATCH 1/5] [clang][analyzer] Move StreamChecker

[clang] [NFC][analyzer] Initialize pointer field in StreamOperationEvaluator (PR #89837)

2024-04-24 Thread Balázs Kéri via cfe-commits

https://github.com/balazske approved this pull request. Probably add [clang] tag to the title. https://github.com/llvm/llvm-project/pull/89837 ___ cfe-commits mailing list cfe-commits@lists.llvm.org

[clang] [clang][ASTImporter] Fix possible crash "given incorrect InsertPos for specialization". (PR #89887)

2024-04-24 Thread Balázs Kéri via cfe-commits

balazske wrote: A test is needed to make the change acceptable but I could not find an easy case to provoke the situation. The problem looks to be related to his code: ```c++ using size_t = int; template class tuple; template struct integral_constant { static constexpr T value = v;

[clang] [clang][ASTImporter] Fix possible crash "given incorrect InsertPos for specialization". (PR #89887)

2024-04-24 Thread Balázs Kéri via cfe-commits

https://github.com/balazske created https://github.com/llvm/llvm-project/pull/89887 In some situations a new `VarTemplateSpecializationDecl` (for the same template) can be added during import of another one. The "insert position" that is used to insert the current object into the list of

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-22 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/89247 From 7138f026e845ebb4f1a3e6a86bdeb534d666ae7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Thu, 18 Apr 2024 16:40:03 +0200 Subject: [PATCH 1/4] [clang][analyzer] Move StreamChecker

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-19 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/89247 From 7138f026e845ebb4f1a3e6a86bdeb534d666ae7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Thu, 18 Apr 2024 16:40:03 +0200 Subject: [PATCH 1/3] [clang][analyzer] Move StreamChecker

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-19 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/89247 From 7138f026e845ebb4f1a3e6a86bdeb534d666ae7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Thu, 18 Apr 2024 16:40:03 +0200 Subject: [PATCH 1/2] [clang][analyzer] Move StreamChecker

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-18 Thread Balázs Kéri via cfe-commits

@@ -48,7 +48,7 @@ Open Projects (Difficulty: Medium) - alpha.unix.StreamChecker + unix.StreamChecker balazske wrote: This section should be removed too. The problem is still not solved in the mentioned way ("delayed split"). I do not

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-18 Thread Balázs Kéri via cfe-commits

@@ -910,8 +910,8 @@ Unix Alpha Checkers - -alpha.unix.Stream + +unix.Stream balazske wrote: Probably the checker must be removed entirely from this file? https://github.com/llvm/llvm-project/pull/89247 ___

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-18 Thread Balázs Kéri via cfe-commits

@@ -563,6 +563,20 @@ def MismatchedDeallocatorChecker : Checker<"MismatchedDeallocator">, Dependencies<[DynamicMemoryModeling]>, Documentation; +def StreamChecker : Checker<"Stream">, + HelpText<"Check stream handling functions">, +

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-18 Thread Balázs Kéri via cfe-commits

balazske wrote: The checker is usable enough to move to non-alpha state. This table contains some links to the results after the "Pedantic" option was added. The "new reports" are the ones that got removed if the option is turned on. At some projects there are still many results, for example

[clang] [clang][analyzer] Move StreamChecker out of the alpha package. (PR #89247)

2024-04-18 Thread Balázs Kéri via cfe-commits

https://github.com/balazske created https://github.com/llvm/llvm-project/pull/89247 None From 7138f026e845ebb4f1a3e6a86bdeb534d666ae7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Thu, 18 Apr 2024 16:40:03 +0200 Subject: [PATCH] [clang][analyzer] Move StreamChecker

[clang] [clang][analyzer] Add "pedantic" mode to StreamChecker. (PR #87322)

2024-04-08 Thread Balázs Kéri via cfe-commits

https://github.com/balazske closed https://github.com/llvm/llvm-project/pull/87322 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Add "pedantic" mode to StreamChecker. (PR #87322)

2024-04-08 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/87322 From 79bbe640c0d60744f484db9965865455b0b15246 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Tue, 2 Apr 2024 09:59:48 +0200 Subject: [PATCH 1/3] [clang][analyzer] Add "pedantic" mode

[clang] [clang][analyzer] Add "pedantic" mode to StreamChecker. (PR #87322)

2024-04-02 Thread Balázs Kéri via cfe-commits

balazske wrote: > Unless you plan to add more heuristics, I'd prefer a more concrete option > name, like AssumeSuccessfulWrites=true. This would better describe it imo. I do not like totally the name "Pedantic", it could be "AssumeOftenUncheckedOperationsMayFail". I am not sure if this

[clang] [clang][analyzer] Add "pedantic" mode to StreamChecker. (PR #87322)

2024-04-02 Thread Balázs Kéri via cfe-commits

https://github.com/balazske created https://github.com/llvm/llvm-project/pull/87322 The checker may create failure branches for all stream write operations only if the new option "pedantic" is set to true. Result of the write operations is often not checked in typical code. If failure

[clang] [clang][analyzer] Change modeling of `fseek` in StreamChecker. (PR #86919)

2024-04-02 Thread Balázs Kéri via cfe-commits

https://github.com/balazske closed https://github.com/llvm/llvm-project/pull/86919 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Improve documentation of StreamChecker (NFC). (PR #83858)

2024-03-28 Thread Balázs Kéri via cfe-commits

https://github.com/balazske closed https://github.com/llvm/llvm-project/pull/83858 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

2024-03-28 Thread Balázs Kéri via cfe-commits

@@ -2515,6 +2517,53 @@ void CStringChecker::evalSprintfCommon(CheckerContext , const CallEvent , C.addTransition(State); } +void CStringChecker::evalGetentropy(CheckerContext , const CallEvent ) const { + DestinationArgExpr Buffer = {{Call.getArgExpr(0), 0}}; +

[clang] [clang][analyzer] Change modeling of `fseek` in StreamChecker. (PR #86919)

2024-03-28 Thread Balázs Kéri via cfe-commits

https://github.com/balazske created https://github.com/llvm/llvm-project/pull/86919 Until now function `fseek` returned nonzero on error, this is changed to -1 only. And it does not produce EOF error any more. This complies better with the POSIX standard. From

[clang] [clang][analyzer] Improve BlockInCriticalSectionsChecker (PR #80029)

2024-03-22 Thread Balázs Kéri via cfe-commits

balazske wrote: It looks like that this change causes crashes on many projects (curl, vim, postgres, others) in `RAIIMutexDescriptor::initIdentifierInfo`. https://github.com/llvm/llvm-project/pull/80029 ___ cfe-commits mailing list

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-22 Thread Balázs Kéri via cfe-commits

@@ -376,3 +377,75 @@ void fflush_on_open_failed_stream(void) { } fclose(F); } + +void getline_null_file() { + char *buffer = NULL; + size_t n = 0; + getline(, , NULL); // expected-warning {{Stream pointer might be NULL}} +} + +void getdelim_null_file() { + char

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-22 Thread Balázs Kéri via cfe-commits

https://github.com/balazske approved this pull request. I did not find more issues (at least in `StreamChecker` and its tests). But did not check in detail the `UnixAPIChecker` part and tests. https://github.com/llvm/llvm-project/pull/83027 ___

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-21 Thread Balázs Kéri via cfe-commits

@@ -376,3 +377,122 @@ void fflush_on_open_failed_stream(void) { } fclose(F); } + +void getline_null_file() { + char *buffer = NULL; + size_t n = 0; + getline(, , NULL); // expected-warning {{Stream pointer might be NULL}} +} + +void getdelim_null_file() { + char

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-21 Thread Balázs Kéri via cfe-commits

@@ -376,3 +377,122 @@ void fflush_on_open_failed_stream(void) { } fclose(F); } + +void getline_null_file() { + char *buffer = NULL; + size_t n = 0; + getline(, , NULL); // expected-warning {{Stream pointer might be NULL}} +} + +void getdelim_null_file() { + char

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-21 Thread Balázs Kéri via cfe-commits

@@ -376,3 +377,122 @@ void fflush_on_open_failed_stream(void) { } fclose(F); } + +void getline_null_file() { + char *buffer = NULL; + size_t n = 0; + getline(, , NULL); // expected-warning {{Stream pointer might be NULL}} +} + +void getdelim_null_file() { + char

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-21 Thread Balázs Kéri via cfe-commits

@@ -376,3 +377,122 @@ void fflush_on_open_failed_stream(void) { } fclose(F); } + +void getline_null_file() { + char *buffer = NULL; + size_t n = 0; + getline(, , NULL); // expected-warning {{Stream pointer might be NULL}} +} + +void getdelim_null_file() { + char

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-21 Thread Balázs Kéri via cfe-commits

@@ -376,3 +377,122 @@ void fflush_on_open_failed_stream(void) { } fclose(F); } + +void getline_null_file() { + char *buffer = NULL; + size_t n = 0; + getline(, , NULL); // expected-warning {{Stream pointer might be NULL}} +} + +void getdelim_null_file() { + char

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-20 Thread Balázs Kéri via cfe-commits

@@ -1204,6 +1204,20 @@ void StreamChecker::evalGetdelim(const FnDescription *Desc, State->BindExpr(E.CE, C.getLocationContext(), RetVal); StateNotFailed = E.assumeBinOpNN(StateNotFailed, BO_GE, RetVal, E.getZeroVal(Call)); +// The buffer size `*n` must

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-20 Thread Balázs Kéri via cfe-commits

@@ -1217,6 +1231,11 @@ void StreamChecker::evalGetdelim(const FnDescription *Desc, E.isStreamEof() ? ErrorFEof : ErrorFEof | ErrorFError; StateFailed = E.setStreamState( StateFailed, StreamState::getOpened(Desc, NewES, !NewES.isFEof())); + // On failure, the

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-20 Thread Balázs Kéri via cfe-commits

@@ -1204,6 +1204,20 @@ void StreamChecker::evalGetdelim(const FnDescription *Desc, State->BindExpr(E.CE, C.getLocationContext(), RetVal); StateNotFailed = E.assumeBinOpNN(StateNotFailed, BO_GE, RetVal, E.getZeroVal(Call)); +// The buffer size `*n` must

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-20 Thread Balázs Kéri via cfe-commits

@@ -1179,6 +1195,113 @@ void StreamChecker::evalUngetc(const FnDescription *Desc, const CallEvent , C.addTransition(StateFailed); } +ProgramStateRef StreamChecker::ensureGetdelimBufferAndSizeCorrect( +SVal LinePtrPtrSVal, SVal SizePtrSVal, const Expr *LinePtrPtrExpr, +

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-20 Thread Balázs Kéri via cfe-commits

@@ -1204,6 +1204,20 @@ void StreamChecker::evalGetdelim(const FnDescription *Desc, State->BindExpr(E.CE, C.getLocationContext(), RetVal); StateNotFailed = E.assumeBinOpNN(StateNotFailed, BO_GE, RetVal, E.getZeroVal(Call)); +// The buffer size `*n` must

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-19 Thread Balázs Kéri via cfe-commits

balazske wrote: > @balazske Are you interested in refactoring the logic of > `StdLibraryFunctionsChecker` into an API that can be used by separate > checkers? I could try it. It would solve at least the (dependency) difficulties related to this checker. Probably the checker can remain and

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-19 Thread Balázs Kéri via cfe-commits

balazske wrote: > So, it seems removing them from `StdLibraryFunctionsChecker` is not out of > the question. We can leave them together with other stream functions, or we > could move them to `UnixAPIChecker`, which we have enabled downstream. > > I think the latter is a reasonable compromise

[clang] [analyzer] Fix false double free when including 3rd-party headers with overloaded delete operator as system headers (PR #85224)

2024-03-19 Thread Balázs Kéri via cfe-commits

@@ -1090,7 +1090,8 @@ static bool isStandardNewDelete(const FunctionDecl *FD) { // If the header for operator delete is not included, it's still defined // in an invalid source location. Check to make sure we don't crash. return !L.isValid() || -

[clang] [analyzer] Mention possibility of underflow in array overflow errors (PR #84201)

2024-03-08 Thread Balázs Kéri via cfe-commits

@@ -83,6 +83,8 @@ class StateUpdateReporter { AssumedUpperBound = UpperBoundVal; } + bool assumedNonNegative() { return AssumedNonNegative; } balazske wrote: This should be called `getAssumedNonNegative` or `hasAssumedNonNegative` (but the naming

[clang] [analyzer] Mention possibility of underflow in array overflow errors (PR #84201)

2024-03-08 Thread Balázs Kéri via cfe-commits

https://github.com/balazske edited https://github.com/llvm/llvm-project/pull/84201 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [analyzer] Mention possibility of underflow in array overflow errors (PR #84201)

2024-03-08 Thread Balázs Kéri via cfe-commits

https://github.com/balazske approved this pull request. I am not totally sure but this looks correct with the new variable names and there are some tests for the new case. https://github.com/llvm/llvm-project/pull/84201 ___ cfe-commits mailing list

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

balazske wrote: I want to avoid that some functions have null pointer checks in `StreamChecker`, some not. If this change is merged then it would be good to add null pointer checks to other functions like `fread` and `fwrite`. (Until now only the NULL stream pointer was checked.)

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

@@ -1158,6 +1173,118 @@ void StreamChecker::evalUngetc(const FnDescription *Desc, const CallEvent , C.addTransition(StateFailed); } +ProgramStateRef +StreamChecker::ensurePtrNotNull(SVal PtrVal, const Expr *PtrExpr, +CheckerContext ,

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

@@ -510,6 +517,14 @@ class StreamChecker : public Checkerhttps://github.com/llvm/llvm-project/pull/83027 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

@@ -1158,6 +1173,118 @@ void StreamChecker::evalUngetc(const FnDescription *Desc, const CallEvent , C.addTransition(StateFailed); } +ProgramStateRef +StreamChecker::ensurePtrNotNull(SVal PtrVal, const Expr *PtrExpr, +CheckerContext ,

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

@@ -1158,6 +1173,118 @@ void StreamChecker::evalUngetc(const FnDescription *Desc, const CallEvent , C.addTransition(StateFailed); } +ProgramStateRef +StreamChecker::ensurePtrNotNull(SVal PtrVal, const Expr *PtrExpr, +CheckerContext ,

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

@@ -1158,6 +1173,118 @@ void StreamChecker::evalUngetc(const FnDescription *Desc, const CallEvent , C.addTransition(StateFailed); } +ProgramStateRef +StreamChecker::ensurePtrNotNull(SVal PtrVal, const Expr *PtrExpr, +CheckerContext ,

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

@@ -234,6 +235,9 @@ class StreamChecker : public Checkerhttps://github.com/llvm/llvm-project/pull/83027 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

https://github.com/balazske commented: This functionality could be added to this checker, but to `StdLibraryFunctionsChecker` too, and probably will be added at a time (summary of `getdelim` is not accurate now in that checker). The same bug condition is checked by two different checkers in

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

https://github.com/balazske edited https://github.com/llvm/llvm-project/pull/83027 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-08 Thread Balázs Kéri via cfe-commits

balazske wrote: Additionally, the checked preconditions look not exact. For example the POSIX documentation for `getdelim` says: "If *n is non-zero, the application shall ensure that *lineptr either points to an object of size at least *n bytes, or is a null pointer." This means `*lineptr`

[clang] [clang][analyzer] Fix StreamChecker `ftell` and `fgetpos` at indeterminate file position. (PR #84191)

2024-03-07 Thread Balázs Kéri via cfe-commits

https://github.com/balazske closed https://github.com/llvm/llvm-project/pull/84191 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][analyzer] Model more getline/getdelim pre and postconditions (PR #83027)

2024-03-07 Thread Balázs Kéri via cfe-commits

balazske wrote: `StreamChecker` still does not check for all possible NULL pointer errors. At `fread` and `fwrite` for example there is no check for NULL buffer pointer. The reason is that these are checked in `StdLibraryFunctionsChecker`. Probably it would be better to add the checks for

[clang] [analyzer] Mention possibility of underflow in array overflow errors (PR #84201)

2024-03-07 Thread Balázs Kéri via cfe-commits

balazske wrote: The change looks correct, but it would be more accurate if 3 different index error cases would be possible, index is too small (negative), too large, or can be both too small and too large. https://github.com/llvm/llvm-project/pull/84201

[clang] [analyzer] Mention possibility of underflow in array overflow errors (PR #84201)

2024-03-07 Thread Balázs Kéri via cfe-commits

@@ -603,6 +611,8 @@ void ArrayBoundCheckerV2::performCheck(const Expr *E, CheckerContext ) const { auto [WithinUpperBound, ExceedsUpperBound] = compareValueToThreshold(State, ByteOffset, *KnownSize, SVB); +bool AssumedNonNegative = SUR.assumedNonNegative();

[clang] [analyzer] Mention possibility of underflow in array overflow errors (PR #84201)

2024-03-07 Thread Balázs Kéri via cfe-commits

@@ -603,6 +611,8 @@ void ArrayBoundCheckerV2::performCheck(const Expr *E, CheckerContext ) const { auto [WithinUpperBound, ExceedsUpperBound] = compareValueToThreshold(State, ByteOffset, *KnownSize, SVB); +bool AssumedNonNegative = SUR.assumedNonNegative();

[clang] [clang][analyzer] Fix StreamChecker `ftell` and `fgetpos` at indeterminate file position. (PR #84191)

2024-03-07 Thread Balázs Kéri via cfe-commits

@@ -880,6 +883,24 @@ void StreamChecker::preReadWrite(const FnDescription *Desc, } } +void StreamChecker::preWrite(const FnDescription *Desc, const CallEvent , balazske wrote: The `CallDescriptionMap` was uncomfortable to handle because too many

[clang] [clang][analyzer] Fix StreamChecker `ftell` and `fgetpos` at indeterminate file position. (PR #84191)

2024-03-07 Thread Balázs Kéri via cfe-commits

https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/84191 From dbaf3348510582c013254ed48b69663b42816be0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= Date: Wed, 6 Mar 2024 16:01:01 +0100 Subject: [PATCH] [clang][analyzer] Fix StreamChecker `ftell`

[clang] [clang][analyzer] Fix StreamChecker `ftell` and `fgetpos` at indeterminate file position. (PR #84191)

2024-03-06 Thread Balázs Kéri via cfe-commits

https://github.com/balazske created https://github.com/llvm/llvm-project/pull/84191 These functions should not be allowed if the file position is indeterminate (they return the file position). This condition is now checked, and tests are improved to check it. From

[clang] [clang][StaticAnalyzer] Adding getentropy to CStringChecker. (PR #83675)

2024-03-05 Thread Balázs Kéri via cfe-commits

balazske wrote: Currently it looks OK to add `getentropy` to this checker because it is a string related function in a way. Otherwise it looks like that many of the checks (for buffer access, and buffer invalidations) that are implemented in `CStringChecker` could be moved to

[clang] [clang][analyzer] Improve documentation of StreamChecker (NFC). (PR #83858)

2024-03-05 Thread Balázs Kéri via cfe-commits

@@ -3020,44 +3020,82 @@ Check for misuses of stream APIs. Check for misuses of stream APIs: ``fopen, fcl alpha.unix.Stream (C) " -Check stream handling functions: ``fopen, tmpfile, fclose, fread, fwrite, fseek, ftell, rewind, fgetpos,`` -``fsetpos,

1 2 3 4 5 6 >

1 - 100 of 580 matches

Mail list logo