Merge CHERI clang static analyzers from rems-project/llvm-project #194
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Collaborator
resistor
commented
Jul 20, 2025
resistor
commented
- [CHERI-CSA] Allow ASTContext::getIntWidth() for reference type
- [CHERI-CSA] Use type IntWidth instead of TypeSize for NULL ptr SVal
- [CHERI-CSA] Improve LocAsInt arithmetic support
- [CHERI-CSA] Add provenance bit to LocAsInteger
- [analyzer] scan-build: Retain -nostdinc++ option
- [CHERI-CSA] Add alpha.cheri.ProvenanceSourceChecker
- [CHERI-CSA] ProvenanceSourceChecker: add subtraction
- [CHERI-CSA] Add CapabilityCopyChecker
- [CHERI_CSA] CapabilityCopyChecker: suppress for short loops
- [CHERI_CSA] CapabilityCopyChecker: suppress for unaligned ptr
- [CHERI_CSA] CapabilityCopyChecker: silence for hybrid mode
- [CHERI-CSA] CapabilityCopyChecker: char as universal pointer*
- [CHERI-CSA] CapabilityCopyChecker: suppress FP for short copies
- [CHERI-CSA] CapabilityCopyChecker: improve bug trace
- [CHERI_CSA] ProvenanceSourceChecker: silence for hybrid mode
- [CHERI_CSA] CHERIUtils
- [CHERI_CSA] Add Capability Alignment Checker
- [CHERI_CSA] CapabilityAlignmentChecker: assume align on parameters and globals
- [CHERI_CSA] CapabilityAlignmentChecker: support align check
- [CHERI_CSA] CapabilityAlignmentChecker: array element alignment
- [CHERI_CSA] CapabilityAlignmentChecker: attribute aligned
- [CHERI_CSA] CapabilityAlignmentChecker: BugReporterVisitor
- [CHERI_CSA] CapabilityAlignmentChecker: fix FP for comparison with void*
- [CHERI_CSA] CapabilityAlignmentChecker: refactoring of MemRegion alignment
- [CHERI_CSA] CapabilityAlignmentChecker: add allocation source location to warning
- [CHERI_CSA] CapabilityAlignmentChecker: improve warning message
- [CHERI_CSA] CapabilityAlignmentChecker: removing dead symbols
- [CHERI_CSA] move 3 checkers from CHERIAlpha to CHERI section
- [CHERI_CSA] ProvenanceSourceChecker: propagate InvalidCap through UnaryOperator
- [CHERI_CSA] Enable cheri. checkers by default on purecap*
- [CHERI_CSA] ProvenanceSourceChecker: add FixIts
- [CHERI_CSA] Move cheri.CapabilityAlignmentChecker -> optin.portability.PointerAlignment
- [CHERI_CSA] CapabilityCopyChecker: add ReportForCharPtr option
- [CHERI_CSA] Enable alpha.core.PointerSub by default for CHERI
- [CHERI_CSA] Support non-constant offsets to ElementRegion
- [CHERI_CSA] PointerAlignmentChecker: improve alignment tracking
- [CHERI_CSA] PointerAlignmentChecker: use declaration as uniquing location
- [CHERI_CSA] CapabilityCopyChecker: fix infinite recursion
- [CHERI_CSA] PointerSizeAssumptionsChecker: new checker
- [CHERI_CSA] ProvenanceSourceChecker: divide bugs into subtypes
- [CHERI_CSA] ProvenanceSource: suppress with -Wno-cheri-provenance
- [CHERI_CSA] Fix note links in reports HTML
- [CHERI_CSA] Fix crash with FieldDecl as UniqLoc
- [CHERI_CSA] PointerAlignmentChecker: report implicit assignment amd memcpy
- [CHERI_CSA] PointerAlignmentChecker: fix FP for adjacent objects
- [CHERI_CSA] PointerAlignmentChecker: fix FP for void assignment*
- [CHERI_CSA] PointerAlignmentChecker: improve warning notes
- [CHERI_CSA] PointerAlignmentChecker: suppress duplicate reports
- [CHERI_CSA] PointerAlignmentChecker: improve messages & traces
- [CHERI_CSA] PointerAlignmentChecker: rework handling symbolic addresses
- [CHERI_CSA] PointerAlignmentChecker: false warnings suppression
- [CHERI_CSA] CapabilityCopyChecker: ReportForCharPtr=false by default
- [CHERI_CSA] PointerAlignmentChecker: refine warning types
- [CHERI_CSA] ProvenanceSourceChecker: refine warning types
- [CHERI_CSA] PointerAlignmentChecker: support bcopy
- [CHERI_CSA] ProvenanceSourceChecker: delete ptrdiff as capability warning
- [CHERI_CSA] ProvenanceSourceChecker: Fix for CompoundAssignmentOp
- [CHERI_CSA] CapabilityCopyChecker: fix for BugType
- [CHERI_CSA] ProvenanceSourceChecker: refine warning types
- [CHERI_CSA] New alpha.cheri.SubObjectRepresentability checker
- [CHERI_CSA] SubObjectRepresentability: detailed message
- [CHERI_CSA] SubObjectRepresentability: disable notes for now
- [CHERI_CSA] SubObjectRepresentability: enable notes with updated cheri-compressed-cap
- [CHERI_CSA] SubObjectRepresentability: move alpha.cheri -> cheri
- [CHERI_CSA] New cheri.Allocation checker
- [CHERI_CSA] AllocationChecker: move static and heap allocation to new BugType
- [CHERI_CSA] AllocationChecker: suppress for ptr to first field
- [CHERI_CSA] CHERIUtils: Print aka type in messages
- [CHERI_CSA] AllocationChecker: suppress for flexible array
- [CHERI_CSA] AllocationChecker: rework
- [CHERI_CSA] AllocationChecker: suppress for free
- [CHERI_CSA] CHERI API Modelling
- [CHERI_CSA] AllocationChecker: suppress for bounded suballocations
- [CHERI_CSA] AllocationChecker: add ReportForUnknownAllocations option
- [CHERI_CSA] AllocationChecker: disable for non-purecap
- [CHERI_CSA] Refactoring state cleanup for dead symbols & regions
- [CHERI_CSA] SubObjectRepresentability: support other CHERI targets
resistor
force-pushed
the
rems-rebase
branch
2 times, most recently
from
e59b90d to
a7a9fcb
Compare
Detects tag-stripping loads and stores that may be used to copy or swap capabilities
Rely on ElementRegion type alignment solely when shift value is unknown Except for char shifts
ProvenanceSourceChecker, CapabilityCopyChecker, CapabilityAlignmentChecker
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.