summaryrefslogtreecommitdiffstats
path: root/clang/www/analyzer
Commit message (Collapse)AuthorAgeFilesLines
* [analyzer] Add a syntactic security check for ObjC NSCoder API.Artem Dergachev2019-12-191-0/+16
| | | | | | | Method '-[NSCoder decodeValueOfObjCType:at:]' is not only deprecated but also a security hazard, hence a loud check. Differential Revision: https://reviews.llvm.org/D71728
* [Analyzer][Docs][NFC] Add CodeChecker to the command line toolsGabor Marton2019-12-123-3/+143
| | | | | | | | We add a new common html file that documents the available command line tools. Also a new html is added for a brief description of CodeChecker, this way complementing scan-build. Differential Revision: https://reviews.llvm.org/D70439
* [www] More HTTPS and outdated link fixes.Stephan T. Lavavej2019-11-081-1/+1
| | | | Resolves D69981.
* [analyzer] Add test cases for the unsupported C++ constructor modeling.Artem Dergachev2019-11-071-3/+40
| | | | | | | | | | | | | Namely, for the following items: - Handle constructors within new[]; - Handle constructors for default arguments. Update the open projects page with a link to the newly added tests and more hints for potential contributors. Patch by Daniel Krupp! Differential Revision: https://reviews.llvm.org/D69308
* [www] Change URLs to HTTPS.Stephan T. Lavavej2019-10-2414-287/+279
| | | | | | | | | | | | | | | | | | | | | | This changes most URLs in llvm's html files to HTTPS. Most changes were search-and-replace with manual verification; some changes were manual. For a few URLs, the websites were performing redirects or had changed their anchors; I fixed those up manually. This consistently uses the official https://wg21.link redirector. This also strips trailing whitespace and fixes a couple of typos. Fixes D69363. There are a very small number of dead links for which I don't know any replacements (they are equally dead as HTTP or HTTPS): https://llvm.org/cmds/llvm2cpp.html https://llvm.org/devmtg/2010-11/videos/Grosser_Polly-desktop.mp4 https://llvm.org/devmtg/2010-11/videos/Grosser_Polly-mobile.mp4 https://llvm.org/devmtg/2011-11/videos/Grosser_PollyOptimizations-desktop.mov https://llvm.org/devmtg/2011-11/videos/Grosser_PollyOptimizations-mobile.mp4 https://llvm.org/perf/db_default/v4/nts/22463 https://polly.llvm.org/documentation/memaccess.html
* [Analyzer] Checker for non-determinism caused by iteration of unordered ↵Mandeep Singh Grang2019-05-241-0/+18
| | | | | | | | | | | | | | | | | | container of pointers Summary: Added a checker for non-determinism caused by iterating unordered containers like std::unordered_set containing pointer elements. Reviewers: NoQ, george.karpenkov, whisperity, Szelethus, baloghadamsoftware Reviewed By: Szelethus Subscribers: mgorny, xazax.hun, baloghadamsoftware, szepet, rnkovacs, a.sidorin, mikhail.ramalho, donat.nagy, dkrupp, jdoerfert, Charusso, cfe-commits Tags: #clang Differential Revision: https://reviews.llvm.org/D59279 llvm-svn: 361664
* [analyzer][www] Moving MoveChecker out of alpha is no longer an open project.Kristof Umann2019-04-221-10/+0
| | | | llvm-svn: 358877
* [analyzer] Move UninitializedObjectChecker out of alphaKristof Umann2019-04-192-114/+113
| | | | | | | | | Moved UninitializedObjectChecker from the 'alpha.cplusplus' to the 'optin.cplusplus' package. Differential Revision: https://reviews.llvm.org/D58573 llvm-svn: 358797
* [Analyzer] Checker for non-determinism caused by sorting of pointer-like ↵Mandeep Singh Grang2019-03-081-0/+23
| | | | | | | | | | | | | | | | | | | | elements Summary: Added a new category of checkers for non-determinism. Added a checker for non-determinism caused due to sorting containers with pointer-like elements. Reviewers: NoQ, george.karpenkov, whisperity, Szelethus Reviewed By: NoQ, Szelethus Subscribers: Charusso, baloghadamsoftware, jdoerfert, donat.nagy, dkrupp, martong, dblaikie, MTC, Szelethus, mgorny, xazax.hun, szepet, rnkovacs, a.sidorin, mikhail.ramalho, cfe-commits Tags: #clang Differential Revision: https://reviews.llvm.org/D50488 llvm-svn: 355720
* [analyzer] Document RetainCountChecker behavior and annotationsGeorge Karpenkov2019-02-051-1/+187
| | | | | | Differential Revision: https://reviews.llvm.org/D57721 llvm-svn: 353229
* Adjust documentation for git migration.James Y Knight2019-01-291-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes most references to the paths: llvm.org/svn/ llvm.org/git/ llvm.org/viewvc/ github.com/llvm-mirror/ github.com/llvm-project/ reviews.llvm.org/diffusion/ to instead point to https://github.com/llvm/llvm-project. This is *not* a trivial substitution, because additionally, all the checkout instructions had to be migrated to instruct users on how to use the monorepo layout, setting LLVM_ENABLE_PROJECTS instead of checking out various projects into various subdirectories. I've attempted to not change any scripts here, only documentation. The scripts will have to be addressed separately. Additionally, I've deleted one document which appeared to be outdated and unneeded: lldb/docs/building-with-debug-llvm.txt Differential Revision: https://reviews.llvm.org/D57330 llvm-svn: 352514
* [analyzer] Added a checklist to help checker authors and reviewersGabor Horvath2019-01-291-0/+105
| | | | | | Differential Revision: https://reviews.llvm.org/D52984 llvm-svn: 352470
* Allow direct navigation to static analysis checker documentation through ↵Aaron Ballman2018-12-202-259/+259
| | | | | | | | SARIF exports. This adds anchors to all of the documented checks so that you can directly link to a check by a stable name. This is useful because the SARIF file format has a field for specifying a URI to documentation for a rule and some viewers, like CodeSonar, make use of this information. These links are then exposed through the SARIF exporter. llvm-svn: 349812
* [analyzer] INT50-CPP. Do not cast to an out-of-range enumeration checkerKristof Umann2018-11-241-0/+18
| | | | | | | | | | | | | | | This checker implements a solution to the "INT50-CPP. Do not cast to an out-of-range enumeration value" rule [1]. It lands in alpha for now, and a number of followup patches are planned in order to enable it by default. [1] https://www.securecoding.cert.org/confluence/display/cplusplus/INT50-CPP.+Do+not+cast+to+an+out-of-range+enumeration+value Patch by: Endre Fülöp and Alexander Zaitsev! Differential Revision: https://reviews.llvm.org/D33672 llvm-svn: 347513
* [analyzer] Put llvm.Conventions back in alphaKristof Umann2018-11-021-0/+26
| | | | | | | | | | | | Interestingly, this many year old (when I last looked I remember 2010ish) checker was committed without any tests, so I thought I'd implement them, but I was shocked to see how I barely managed to get it working. The code is severely outdated, I'm not even sure it has ever been used, so I'd propose to move it back into alpha, and possibly even remove it. Differential Revision: https://reviews.llvm.org/D53856 llvm-svn: 345990
* [analyzer] [www] Drop references to GC mode, which was deprecated years agoGeorge Karpenkov2018-10-232-46/+10
| | | | | | Differential Revision: https://reviews.llvm.org/D53302 llvm-svn: 344991
* [analyzer][www] Update alpha_checks.htmlKristof Umann2018-10-212-112/+220
| | | | | | | | I added some missing doc. I have not developed any of these checkers, it might worth really inspecting whether I wrote something terribly incorrect. Differential Revision: https://reviews.llvm.org/D52969 llvm-svn: 344878
* [analyzer] [www] Minor improvements to the text in open_projectsGeorge Karpenkov2018-10-171-21/+18
| | | | llvm-svn: 344664
* [analyzer] [www] Updated a list of open projectsGeorge Karpenkov2018-10-171-128/+185
| | | | | | Differential Revision: https://reviews.llvm.org/D53024 llvm-svn: 344663
* [analyzer][www] Add more useful linksKristof Umann2018-10-091-14/+23
| | | | | | Differential Revision: https://reviews.llvm.org/D52993 llvm-svn: 344031
* [analyzer][UninitializedObjectChecker] New flag to ignore records based on ↵Kristof Umann2018-09-141-0/+7
| | | | | | | | | | | | | | | | | it's fields Based on a suggestion from @george.karpenkov. In some cases, structs are used as unions with a help of a tag/kind field. This patch adds a new string flag (a pattern), that is matched against the fields of a record, and should a match be found, the entire record is ignored. For more info refer to http://lists.llvm.org/pipermail/cfe-dev/2018-August/058906.html and to the responses to that, especially http://lists.llvm.org/pipermail/cfe-dev/2018-August/059215.html. Differential Revision: https://reviews.llvm.org/D51680 llvm-svn: 342220
* [analyzer][UninitializedObjectChecker] Added documentation to the checker listKristof Umann2018-08-211-0/+112
| | | | | | Differential Revision: https://reviews.llvm.org/D50904 llvm-svn: 340266
* [analyzer] Add security checks for bcmp(), bcopy(), bzero().Artem Dergachev2018-05-261-0/+34
| | | | | | | | | | | These functions are obsolete. The analyzer would advice to replace them with memcmp(), memcpy() or memmove(), or memset(). Patch by Tom Rix! Differential Revision: https://reviews.llvm.org/D41881 llvm-svn: 333326
* Fix typos in clangAlexander Kornienko2018-04-062-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Found via codespell -q 3 -I ../clang-whitelist.txt Where whitelist consists of: archtype cas classs checkk compres definit frome iff inteval ith lod methode nd optin ot pres statics te thru Patch by luzpaz! (This is a subset of D44188 that applies cleanly with a few files that have dubious fixes reverted.) Differential revision: https://reviews.llvm.org/D44188 llvm-svn: 329399
* [www] Update link to analyzer's "Building a Checker in 24 hours" videoDevin Coughlin2018-02-263-4/+4
| | | | | | The video is now uploaded to YouTube. llvm-svn: 326062
* Fix typo. NFCJonathan Roelofs2018-01-311-1/+1
| | | | llvm-svn: 323864
* [scan-build] Add an option to skip overriding CC and CXX make varsJonathan Roelofs2018-01-291-1/+1
| | | | | | | | | | | | | | Autoconf and some other systems tend to add essential compilation options to CC (e.g. -std=gnu99). When running such an auto-generated makefile, scan-build does not need to change CC and CXX as they are already set to use ccc-analyzer by a configure script. Implement a new option --keep-cc as was proposed in this discussion: http://lists.llvm.org/pipermail/cfe-dev/2013-September/031832.html Patch by Paul Fertser! llvm-svn: 323665
* [Analyzer] Document a gotcha: for C++ -analyze-function requires parameters ↵George Karpenkov2017-09-301-2/+12
| | | | | | | | in function name Differential Revision: https://reviews.llvm.org/D37596 llvm-svn: 314573
* [Analyzer] Add support for displaying cross-file diagnostic paths in HTML outputDevin Coughlin2017-08-031-7/+0
| | | | | | | | | | | This change adds support for cross-file diagnostic paths in html output. If the diagnostic path is not cross-file, there is no change in the output. Patch by Vlad Tsyrklevich! Differential Revision: https://reviews.llvm.org/D30406 llvm-svn: 309968
* [analyzer] Add missing documentation for static analyzer checkersDevin Coughlin2017-07-183-151/+456
| | | | | | | | | | | Some checks did not have documentation in the www/analyzer/ folder and also some alpha checks became non-alpha. Patch by Dominik Szabó! Differential Revision: https://reviews.llvm.org/D33645 llvm-svn: 308242
* [analyzer] Fix a path in the developer manualGabor Horvath2017-07-081-2/+2
| | | | | | Patch by: Reka Nikolett Kovacs llvm-svn: 307468
* fix trivial typos in comments; NFCHiroshi Inoue2017-07-031-1/+1
| | | | llvm-svn: 307007
* [analyzer] Extend block in critical section check with C11 and Pthread APIs.Gabor Horvath2017-03-101-0/+24
| | | | | | | | Patch by Zoltan Daniel Torok! Differential Revision: https://reviews.llvm.org/D29567 llvm-svn: 297461
* [www] Fix spelling error in checker release notes.Devin Coughlin2016-11-161-1/+1
| | | | llvm-svn: 287105
* [www] Update analyzer website for release of checker-279Devin Coughlin2016-11-163-2/+21
| | | | llvm-svn: 287063
* [www] Fix a typo on the analyzer websiteAlex Lorenz2016-11-011-1/+1
| | | | llvm-svn: 285686
* [analyzer] Update alpha and potential checker documentation, esp. alpha.valistDominic Chen2016-10-182-65/+78
| | | | | | | | | | | | | | | Summary: Move alpha.valist from potential to alpha since it was implemented in D15227 Cleanup some HTML comments, add a missing link Reviewers: jordan_rose, zaks.anna Subscribers: cfe-commits, xazax.hun Differential Revision: https://reviews.llvm.org/D25663 llvm-svn: 284445
* [www] Add nullability questions to analyzer FAQ.Devin Coughlin2016-08-191-0/+54
| | | | llvm-svn: 279330
* [www] Add analyzer FAQ about not releasing ivars in -dealloc.Devin Coughlin2016-08-191-0/+10
| | | | llvm-svn: 279183
* [analyzer] Update the web manual for checker developers.Artem Dergachev2016-07-281-70/+154
| | | | | | | | | | | | | | | | Fix the explanation of how to run tests after migration from autotools to cmake. Significantly expand the "debugging" section with more interesting stuff. Update the table of contents accordingly. Fix paragraphs in the overview section. Differential Revision: https://reviews.llvm.org/D22874 llvm-svn: 277029
* [www][analyzer] Update recommended suppression mechanism for localization.Devin Coughlin2016-05-061-2/+2
| | | | | | | Based on feedback from Jordan Rose, make the recommended suppression function be 'static inline'. llvm-svn: 268768
* [www][analyzer] Add FAQ about suppression of missing localization diagnostic.Devin Coughlin2016-05-061-0/+27
| | | | llvm-svn: 268764
* [analyzer] Add --force-analyze-debug-code option to scan-buildYury Gribov2016-02-181-0/+3
| | | | | | | | | | | | | | to force debug build and hopefully enable more precise warnings. Static Analyzer is much more efficient when built in debug mode (-UNDEBUG) so we advice users to enable it manually. This may be inconvenient in case of large complex projects (think about Linux distros e.g. Android or Tizen). This patch adds a flag to scan-build which inserts -UNDEBUG automatically. Differential Revision: http://reviews.llvm.org/D16200 llvm-svn: 261204
* [www] Update analyzer release notes to correct the checker-278 build date.Devin Coughlin2016-02-061-1/+1
| | | | | | This is not the future. llvm-svn: 259969
* [www] Update analyzer website for checker-278.Devin Coughlin2016-02-062-1/+16
| | | | llvm-svn: 259967
* Create install targets for scan-build and scan-viewJonathan Roelofs2015-11-091-5/+2
| | | | | | http://reviews.llvm.org/D14403 llvm-svn: 252474
* [analyzer] Update analyzer website for release of checker-277.Devin Coughlin2015-10-294-3/+33
| | | | llvm-svn: 251591
* [analyzer] Enhance FAQ with instructions on handing unused variables.Anna Zaks2015-10-271-0/+14
| | | | llvm-svn: 251448
* [analyzer] Update links to developer.apple.com.Jordan Rose2015-09-182-7/+7
| | | | | | | The content at the new links is /also/ a little dated, but that's our (Apple's) problem. llvm-svn: 247999
* Update mailing list references to lists.llvm.orgTanya Lattner2015-08-054-7/+7
| | | | llvm-svn: 244000
OpenPOWER on IntegriCloud