https://github.com/NagyDonat approved this pull request.
LGTM, thanks for the updates.
@steakhal Is it OK for you if we merge this?
https://github.com/llvm/llvm-project/pull/98157
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.l
NagyDonat wrote:
(By the way, this change doesn't have significant user-facing parts, so I don't
think that we need to mention it in the release notes.)
https://github.com/llvm/llvm-project/pull/98157
___
cfe-commits mailing list
cfe-commits@lists.llv
@@ -1046,10 +1044,7 @@ bool GenericTaintChecker::generateReportIfTainted(const
Expr *E, StringRef Msg,
return false;
// Generate diagnostic.
NagyDonat wrote:
:thinking: Perhaps add an `assert(BT)` here for the sake of paranoia?
https://github.com/llvm
https://github.com/NagyDonat created
https://github.com/llvm/llvm-project/pull/98621
Previously alpha.security.ArrayBoundV2 displayed the (negative) offset value
when it reported an underflow, but this produced lots of very similar and
redundant reports in certain situations.
After this commi
@@ -609,7 +610,7 @@ void ArrayBoundCheckerV2::performCheck(const Expr *E,
CheckerContext &C) const {
// CHECK UPPER BOUND
DefinedOrUnknownSVal Size = getDynamicExtent(State, Reg, SVB);
if (auto KnownSize = Size.getAs()) {
-// In a situation where both overflow and ov
https://github.com/NagyDonat updated
https://github.com/llvm/llvm-project/pull/98621
From 2765bc97d3242d50fd73aedb9e9d38dfdcef814c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Don=C3=A1t=20Nagy?=
Date: Fri, 12 Jul 2024 13:57:53 +0200
Subject: [PATCH 1/2] [analyzer] Don't display the offset value in
NagyDonat wrote:
> I wonder if we could have something in between. I'm thinking of having the
> concrete offset as a separate note, instead of having it part of the primary
> message. That way after BR selection, we would still deterministically pick
> the shortest parh, and also have the offs
NagyDonat wrote:
_(Technical detail: I'll be on vacation during the next week, so I won't see
updates on this PR until the 22nd of July. If you want to merge this PR, feel
free to do so, but don't forget to adjust the description and the title to
accurately reflect the current state of the PR.
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/98621
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/98621
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -373,14 +373,14 @@ static std::optional
getConcreteValue(std::optional SV) {
}
static Messages getPrecedesMsgs(const SubRegion *Region, NonLoc Offset) {
- std::string RegName = getRegionName(Region);
- SmallString<128> Buf;
- llvm::raw_svector_ostream Out(Buf);
- Out <
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/98621
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat approved this pull request.
LGTM.
My only significant observation is that `BugReporterVisitors.cpp` must be
cleaned up eventually, as it is currently a heap of ad-hoc special cases.
However, it would be unreasonable to wait for that difficult cleanup with this
sim
@@ -0,0 +1,197 @@
+//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls
---===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM
Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Ap
@@ -0,0 +1,170 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,security.SetgidSetuidOrder
-verify %s
+
+#include "Inputs/system-header-simulator-setgid-setuid.h"
+
+void correct_order() {
+ if (setgid(getgid()) == -1)
+return;
+ if (setuid(getuid()) == -1)
+return
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/91445
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -0,0 +1,196 @@
+//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls
---===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM
Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Ap
https://github.com/NagyDonat commented:
Thanks for updating your commit! Now there are only two remaining issues and
they are both very minor (marked by inline comments: renaming `CallExpr *CE`
and explaining the reason why "trying to set the gid again" appears as a
special case in the SEI-CER
https://github.com/NagyDonat closed
https://github.com/llvm/llvm-project/pull/91119
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat updated
https://github.com/llvm/llvm-project/pull/91531
From 07dc4dd5c60c8a04637cce686b379e195deb5b67 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Don=C3=A1t=20Nagy?=
Date: Wed, 8 May 2024 20:01:57 +0200
Subject: [PATCH 1/5] [analyzer] Refactor recognition of the errno
@@ -136,53 +100,48 @@ void ErrnoModeling::checkBeginFunction(CheckerContext &C)
const {
ASTContext &ACtx = C.getASTContext();
ProgramStateRef State = C.getState();
- if (const auto *ErrnoVar = dyn_cast_or_null(ErrnoDecl)) {
-// There is an external 'errno' variable.
https://github.com/NagyDonat updated
https://github.com/llvm/llvm-project/pull/91531
From 07dc4dd5c60c8a04637cce686b379e195deb5b67 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Don=C3=A1t=20Nagy?=
Date: Wed, 8 May 2024 20:01:57 +0200
Subject: [PATCH 1/6] [analyzer] Refactor recognition of the errno
@@ -572,196 +570,236 @@ void GenericTaintChecker::initTaintRules(CheckerContext
&C) const {
std::vector>;
using TR = GenericTaintRule;
- const Builtin::Context &BI = C.getASTContext().BuiltinInfo;
-
RulesConstructionTy GlobalCRules{
// Sources
- {{{"fd
https://github.com/NagyDonat updated
https://github.com/llvm/llvm-project/pull/91635
From 57ad704c30866a7d85f43b016583675e70de8531 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Don=C3=A1t=20Nagy?=
Date: Thu, 9 May 2024 18:32:57 +0200
Subject: [PATCH 1/2] [analyzer] Clean up list of taint propagation
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/91635
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat commented:
Some additional remarks.
https://github.com/llvm/llvm-project/pull/87886
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/87886
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -206,23 +221,42 @@ class StdVariantChecker : public Checker {
if (!ThisMemRegion)
return;
+// Get the first type alternative of the std::variant instance.
+assert((ThisSVal.getType(C.getASTContext())->isPointerType() ||
+ThisSVal.getType(C.getA
@@ -37,6 +43,19 @@ static SVal conjureOffsetSymbolOnLocation(
return Symbol;
}
+// Update the SVal bound to the Cast expression with the SVal
+// bound to the casted expression
+static ProgramStateRef updateStateAfterSimpleCast(StmtNodeBuilder& Bldr,
NagyDon
@@ -355,4 +356,38 @@ void nonInlineFunctionCallPtr() {
char c = std::get (v); // no-warning
(void)a;
(void)c;
-}
\ No newline at end of file
+}
+
+////
+// std::swap for std::variant
+//--
@@ -681,6 +681,37 @@ ExprEngine::processRegionChanges(ProgramStateRef state,
LCtx, Call);
}
+ProgramStateRef
+ExprEngine::handleCastingBeforeEvalCall(ExplodedNode *Pred, const Expr *Ex,
+
@@ -602,6 +619,37 @@ void ExprEngine::VisitDeclStmt(const DeclStmt *DS,
ExplodedNode *Pred,
ExplodedNode *UpdatedN = N;
SVal InitVal = state->getSVal(InitEx, LC);
+ // The call expression to which we have bound something is hidden behind
+ // an implicit
@@ -51,27 +47,29 @@ removeInformationStoredForDeadInstances(const CallEvent
&Call,
}
template
-void handleConstructorAndAssignment(const CallEvent &Call, CheckerContext &C,
+bool handleConstructorAndAssignment(const CallEvent &Call, CheckerContext &C,
@@ -37,6 +43,19 @@ static SVal conjureOffsetSymbolOnLocation(
return Symbol;
}
+// Update the SVal bound to the Cast expression with the SVal
+// bound to the casted expression
+static ProgramStateRef updateStateAfterSimpleCast(StmtNodeBuilder& Bldr,
+
https://github.com/NagyDonat closed
https://github.com/llvm/llvm-project/pull/91531
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
NagyDonat wrote:
The main problem with comparison to `True`/`False` is that it's completely
redundant when the variable is _guaranteed to be boolean_. However, if a
variable may contain either a boolean or something else, it's reasonable to
compare it with `True` or `False`.
For the operator
https://github.com/NagyDonat closed
https://github.com/llvm/llvm-project/pull/91635
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat created
https://github.com/llvm/llvm-project/pull/92454
This commit deletes the "simple" constructor of `CallDescription` which did not
require a `CallDescription::Mode` argument and always used the "wildcard" mode
`CDM::Unspecified`.
A few months ago, this vague
https://github.com/NagyDonat closed
https://github.com/llvm/llvm-project/pull/92454
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
NagyDonat wrote:
> I think the error node needs to be non-fatal.
Good point, I completely agree.
> For these applications it's more important to catch cases where malloc size
> and index used for access are coming from "different sources", eg. one is
> tainted and another isn't, doesn't matter
@@ -1032,11 +1037,6 @@ let ParentPackage = ENV in {
let ParentPackage = POSAlpha in {
NagyDonat wrote:
Please delete the packages that will no longer contain any checkers after this
change. (As it's a bad naming scheme, they shouldn't be repopulated later.)
@@ -1179,6 +1179,54 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
strncpy(buf, "a", 1); // warn
}
+.. _security-putenv-with-auto:
+
+security.PutenvWithAuto
+"""
+Finds calls to the ``putenv`` function which pass a pointer to an automatic
https://github.com/NagyDonat commented:
Thanks for bringing this checker out of alpha! I like the new name and I agree
that the old `Limitations` section was incorrect; and I have some minor
suggestions in inline comments.
I'd also ask for running this checker on some open source projects; but
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/92424
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -1179,6 +1179,54 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
strncpy(buf, "a", 1); // warn
}
+.. _security-putenv-with-auto:
+
+security.PutenvWithAuto
+"""
+Finds calls to the ``putenv`` function which pass a pointer to an automatic
@@ -0,0 +1,66 @@
+// RUN: %clang_analyze_cc1 \
+// RUN: -analyzer-checker=security.PutenvWithAuto \
+// RUN: -verify %s
+
+#include "Inputs/system-header-simulator.h"
+void free(void *);
+void *malloc(size_t);
+int putenv(char *);
+int snprintf(char *, size_t, const char *, ...)
https://github.com/NagyDonat approved this pull request.
LGTM, feel free to merge this. As @steakhal said, ensure that the PR
title/description and the commit message all reflect the actual changes that
you're commiting.
https://github.com/llvm/llvm-project/pull/92424
_
https://github.com/NagyDonat created
https://github.com/llvm/llvm-project/pull/93024
This commit eliminates a redundant matcher subexpression from the
implementation of the "sizeof-pointer-to-aggregate" part of the clang-tidy
check `bugprone-sizeof-expression`.
I'm fairly certain that anythin
https://github.com/NagyDonat updated
https://github.com/llvm/llvm-project/pull/93024
From b7fb1707601c73bd53b6ac810cd39a94f5b3cd53 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Don=C3=A1t=20Nagy?=
Date: Wed, 22 May 2024 13:45:13 +0200
Subject: [PATCH 1/3] [clang-tidy][NFCI] Simplify bugprone-sizeof-
https://github.com/NagyDonat closed
https://github.com/llvm/llvm-project/pull/93024
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat approved this pull request.
This seems to be a reasonable and straightforward improvement which rules out a
hard-to test corner case. I think it's acceptable to merge this as it is now,
because crafting a testcase would require a disproportionate amount of work.
ht
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/92420
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -599,7 +599,47 @@ Warns when a nullable pointer is returned from a function
that has _Nonnull retu
optin
^
-Checkers for portability, performance or coding style specific rules.
+Checkers for portability, performance, optional security and coding style
specific rules.
https://github.com/NagyDonat commented:
Oops, I noticed that I had some minor review commits that were left in a
"Pending" state for at least a week. Anyway, I'm publishing them now.
https://github.com/llvm/llvm-project/pull/92420
___
cfe-commits mail
@@ -36,6 +36,8 @@ def CoreAlpha : Package<"core">, ParentPackage;
// Note: OptIn is *not* intended for checkers that are too noisy to be on by
// default. Such checkers belong in the alpha package.
def OptIn : Package<"optin">;
+def TaintOptIn : Package<"taint">, ParentPackage;
@@ -452,6 +454,7 @@ def EnumCastOutOfRangeChecker :
Checker<"EnumCastOutOfRange">,
} // end "optin.core"
+
NagyDonat wrote:
Remove this irrelevant empty line.
https://github.com/llvm/llvm-project/pull/92420
___
c
@@ -625,6 +628,16 @@ def BlockInCriticalSectionChecker :
Checker<"BlockInCriticalSection">,
} // end "alpha.unix"
+let ParentPackage = TaintOptIn in {
NagyDonat wrote:
Is this the right place for this? I'd guess that this should be placed next to
other `op
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/92420
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/93408
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat commented:
Thanks for publishing this commit, it's a nice refinement of the modelling
capabilities, and mostly LGTM.
In the inline comments I added some very minor remarks and one question about
the handling of a `fread` that reads into the beginning of an array re
@@ -717,18 +717,71 @@ const ExplodedNode
*StreamChecker::getAcquisitionSite(const ExplodedNode *N,
return nullptr;
}
+/// Invalidate only the requested elements instead of the whole buffer.
+/// This is basically a refinement of the more generic 'escapeArgs' or
+/// the pla
@@ -0,0 +1,328 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#define EOF (-1)
+
+extern "C" {
+typedef __typeof(sizeof(int)) size_t;
+typedef struct _FILE FILE;
@@ -937,8 +990,21 @@ void StreamChecker::evalFreadFwrite(const FnDescription
*Desc,
// At read, invalidate the buffer in any case of error or success,
// except if EOF was already present.
- if (IsFread && !E.isStreamEof())
-State = escapeArgs(State, C, Call, {0});
+
@@ -717,18 +717,71 @@ const ExplodedNode
*StreamChecker::getAcquisitionSite(const ExplodedNode *N,
return nullptr;
}
+/// Invalidate only the requested elements instead of the whole buffer.
+/// This is basically a refinement of the more generic 'escapeArgs' or
+/// the pla
@@ -0,0 +1,328 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#define EOF (-1)
+
+extern "C" {
+typedef __typeof(sizeof(int)) size_t;
+typedef struct _FILE FILE;
@@ -0,0 +1,328 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#define EOF (-1)
+
+extern "C" {
+typedef __typeof(sizeof(int)) size_t;
+typedef struct _FILE FILE;
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/93408
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -717,18 +717,71 @@ const ExplodedNode
*StreamChecker::getAcquisitionSite(const ExplodedNode *N,
return nullptr;
}
+/// Invalidate only the requested elements instead of the whole buffer.
+/// This is basically a refinement of the more generic 'escapeArgs' or
+/// the pla
@@ -1730,6 +1721,21 @@ def UnixAPIPortabilityChecker : Checker<"UnixAPI">,
} // end optin.portability
+
+//===--===//
+// Taint checkers.
+//===
NagyDonat wrote:
> Have you considered applying the same heuristic to C++ array new allocations?
Actually, I'm almost certain that this patch already affects the C++ array new
allocations, because `MallocMemAux` is called from the callback which handles
the array new operator.
@dkrupp Please
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/92420
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat approved this pull request.
I'd say that the commit is acceptable as it is now, but I added several inline
comments for minor prettification issues.
https://github.com/llvm/llvm-project/pull/92420
___
cfe-commits mailing l
@@ -938,6 +938,53 @@ optin.portability.UnixAPI
"
Finds implementation-defined behavior in UNIX/Posix functions.
+.. _optin-taint-TaintAlloc:
+
+optin.taint.TaintAlloc (C, C++)
+"""
+
+This checker warns for cases when the ``s
@@ -938,6 +938,53 @@ optin.portability.UnixAPI
"
Finds implementation-defined behavior in UNIX/Posix functions.
+.. _optin-taint-TaintAlloc:
+
+optin.taint.TaintAlloc (C, C++)
+"""
+
+This checker warns for cases when the ``s
@@ -938,6 +938,53 @@ optin.portability.UnixAPI
"
Finds implementation-defined behavior in UNIX/Posix functions.
+.. _optin-taint-TaintAlloc:
+
+optin.taint.TaintAlloc (C, C++)
+"""
+
+This checker warns for cases when the ``s
@@ -1779,18 +1797,76 @@ ProgramStateRef
MallocChecker::MallocMemAux(CheckerContext &C,
const CallEvent &Call,
const Expr *SizeEx, SVal Init,
Prog
@@ -1779,18 +1797,76 @@ ProgramStateRef
MallocChecker::MallocMemAux(CheckerContext &C,
const CallEvent &Call,
const Expr *SizeEx, SVal Init,
Prog
@@ -1779,18 +1797,76 @@ ProgramStateRef
MallocChecker::MallocMemAux(CheckerContext &C,
const CallEvent &Call,
const Expr *SizeEx, SVal Init,
Prog
https://github.com/NagyDonat approved this pull request.
LGTM, thanks for the update!
https://github.com/llvm/llvm-project/pull/92420
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/93676
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -44,24 +44,30 @@ void PointerSubChecker::checkPreStmt(const BinaryOperator
*B,
const MemRegion *LR = LV.getAsRegion();
const MemRegion *RR = RV.getAsRegion();
-
- if (!(LR && RR))
-return;
-
- const MemRegion *BaseLR = LR->getBaseRegion();
- const MemRegion *Bas
https://github.com/NagyDonat commented:
It's nice to see that you're working on this checker; but unfortunately the
language standard is very complicated in this area, so you'll need more complex
code to cover it properly.
https://github.com/llvm/llvm-project/pull/93676
___
@@ -0,0 +1,74 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=alpha.core.PointerSub -verify %s
+
+void f1(void) {
+ int x, y, z[10];
+ int d = &y - &x; // expected-warning{{Subtraction of two pointers that do
not point into the same array is undefined behavior}}
+ d = z - &y;
https://github.com/NagyDonat approved this pull request.
It's good to document this, the commit LGTM. Are you planning to fix this soon?
https://github.com/llvm/llvm-project/pull/93799
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lis
@@ -44,24 +44,30 @@ void PointerSubChecker::checkPreStmt(const BinaryOperator
*B,
const MemRegion *LR = LV.getAsRegion();
const MemRegion *RR = RV.getAsRegion();
-
- if (!(LR && RR))
-return;
-
- const MemRegion *BaseLR = LR->getBaseRegion();
- const MemRegion *Bas
@@ -0,0 +1,74 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=alpha.core.PointerSub -verify %s
+
+void f1(void) {
+ int x, y, z[10];
+ int d = &y - &x; // expected-warning{{Subtraction of two pointers that do
not point into the same array is undefined behavior}}
+ d = z - &y;
https://github.com/NagyDonat approved this pull request.
What's the relationship between this PR and
https://github.com/llvm/llvm-project/pull/93799 ?
Otherwise, the change LGTM, but you might want to either unify these two NFC
changes into a single commit or ensure that they're independent.
https://github.com/NagyDonat created
https://github.com/llvm/llvm-project/pull/90974
This commit explicitly specifies the matching mode (C library function, any
non-method function, or C++ method) for the `CallDescription`s constructed in
various checkers.
Some code was simplified to use `Cal
https://github.com/NagyDonat created
https://github.com/llvm/llvm-project/pull/91231
This commit heavily refactors and simplifies the small and trivial checker
`apiModeling.llvm.ReturnValue`, which is responsible for modeling the peculiar
coding convention that in the LLVM/Clang codebase certa
https://github.com/NagyDonat closed
https://github.com/llvm/llvm-project/pull/91231
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat updated
https://github.com/llvm/llvm-project/pull/90974
From 9ed06c41127c88b3e2e8596ddd83b42ab2856f61 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Don=C3=A1t=20Nagy?=
Date: Fri, 3 May 2024 16:13:19 +0200
Subject: [PATCH 1/2] [analyzer] Use explicit call description mode
@@ -149,26 +149,34 @@ class BlockInCriticalSectionChecker : public
Checker {
private:
const std::array MutexDescriptors{
MemberMutexDescriptor(
- CallDescription(/*QualifiedName=*/{"std", "mutex", "lock"},
+ CallDescription(/*MatchAs=*/CDM::CXXMethod,
https://github.com/NagyDonat updated
https://github.com/llvm/llvm-project/pull/90974
From 9ed06c41127c88b3e2e8596ddd83b42ab2856f61 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Don=C3=A1t=20Nagy?=
Date: Fri, 3 May 2024 16:13:19 +0200
Subject: [PATCH 1/3] [analyzer] Use explicit call description mode
https://github.com/NagyDonat closed
https://github.com/llvm/llvm-project/pull/90974
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat created
https://github.com/llvm/llvm-project/pull/91331
This commit explicitly specifies the matching mode (C library function, any
non-method function, or C++ method) for the `CallDescription`s constructed in
the checker `osx.MIG`.
The code was simplified to use
@@ -87,7 +90,7 @@ class MIGChecker : public Checker,
#undef CALL
};
- CallDescription OsRefRetain{{"os_ref_retain"}, 1};
+ CallDescription OsRefRetain{CDM::SimpleFunc, {"os_ref_retain"}, 1};
NagyDonat wrote:
`CDM::SimpleFunc` is used instead of `CDM::CLib
@@ -46,13 +46,13 @@ class MIGChecker : public Checker,
// additionally an argument of a MIG routine, the checker keeps track of that
// information and issues a warning when an error is returned from the
// respective routine.
- std::vector> Deallocators = {
+ CallDescr
https://github.com/NagyDonat edited
https://github.com/llvm/llvm-project/pull/91331
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/NagyDonat commented:
It's good to see that this checker is finished. I added several inline
comments, but they are not serious issues -- most are connected to
`CallDescription`s where I'm now very familiar with the available options (and
I refactored the code, so others are
@@ -0,0 +1,197 @@
+//===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls
---===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM
Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Ap
101 - 200 of 502 matches
Mail list logo
