From patchwork Thu Apr  4 16:42:07 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: David Malcolm <dmalcolm@redhat.com>
X-Patchwork-Id: 88049
Return-Path: <gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id B4B8D384640C
	for <patchwork@sourceware.org>; Thu,  4 Apr 2024 16:45:22 +0000 (GMT)
X-Original-To: gcc-patches@gcc.gnu.org
Delivered-To: gcc-patches@gcc.gnu.org
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
 by sourceware.org (Postfix) with ESMTPS id 54F463858402
 for <gcc-patches@gcc.gnu.org>; Thu,  4 Apr 2024 16:42:13 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 54F463858402
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 54F463858402
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=170.10.133.124
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712248936; cv=none;
 b=wPGTZm/eRWXI1MOefs6sHosi/A0xBfFGyad4t1mcGqxfmq5gp38Ab4Ajwi4mkb7VMIvWizSNS8xdoIN3kb/yIvuQT5z4/wM5HGty3VxCwvJCz1OczOvVXGo9pxiW3vDMvbK1R2LhGdp7maGYFVRaGMPboQaGMrwhB4UhZq7jAHs=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1712248936; c=relaxed/simple;
 bh=XQVFlsgScQkhhkyxxBhLTioNnbZupPZhHkh/S+V8Z+E=;
 h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version;
 b=a2EcG5FNnDVFcB5QNESjBjAwzjgda8art11Iaf8z7YwCrm/eZ44cK/x+jglLhlDT327UavcRgCF4bpQiJcLEE7mPgONzqmnucTyoQtSDoJnmF50isowDGfAb07YlzDaAWjNN9ygQZ4OOSL1ouofDhnNt52QplqWa0R7gRSih0Yg=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1712248933;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=sbI8K/Z2twiH6ACkuQ1zl0PPLYvu+wwvgN2OuEnqeQg=;
 b=H8qRMkZRK4ZqwE+4eewKYTkIcVLiwZhIZ3MmXVCta8onMOjjmSX+idVwU4yCfEbppOT838
 rgBMgX6RUGaT9DrRtsjlixNGczHJZtl1gwRm8bF+dP7Y1FKe93TdqaUQnoQmGVolO1jga0
 ytfXL7fLDuZFvkDrBZYYmkgys5XmxII=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-504-4YqTZxu8NuKHY336r1btdw-1; Thu, 04 Apr 2024 12:42:11 -0400
X-MC-Unique: 4YqTZxu8NuKHY336r1btdw-1
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com
 [10.11.54.7])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1ED53185A787
 for <gcc-patches@gcc.gnu.org>; Thu,  4 Apr 2024 16:42:11 +0000 (UTC)
Received: from t14s.localdomain.com (unknown [10.22.32.209])
 by smtp.corp.redhat.com (Postfix) with ESMTP id ED88A1C060CE;
 Thu,  4 Apr 2024 16:42:10 +0000 (UTC)
From: David Malcolm <dmalcolm@redhat.com>
To: gcc-patches@gcc.gnu.org
Cc: David Malcolm <dmalcolm@redhat.com>
Subject: [PATCH 8/9] wwwdocs: gcc-14: analyzer improvements
Date: Thu,  4 Apr 2024 12:42:07 -0400
Message-Id: <20240404164208.2437213-9-dmalcolm@redhat.com>
In-Reply-To: <20240404164208.2437213-1-dmalcolm@redhat.com>
References: <20240404164208.2437213-1-dmalcolm@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.7
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
X-Spam-Status: No, score=-9.9 required=5.0 tests=BAYES_00, BODY_8BITS,
 DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF,
 GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,
 RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE,
 TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: gcc-patches@gcc.gnu.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe>
Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org

Signed-off-by: David Malcolm <dmalcolm@redhat.com>
---
 htdocs/gcc-14/changes.html | 162 +++++++++++++++++++++++++++++++++++++
 1 file changed, 162 insertions(+)

diff --git a/htdocs/gcc-14/changes.html b/htdocs/gcc-14/changes.html
index 8b72bc20..d782c334 100644
--- a/htdocs/gcc-14/changes.html
+++ b/htdocs/gcc-14/changes.html
@@ -760,6 +760,168 @@ __asm (".global __flmap_lock"  "\n\t"
   </li>
 </ul>
 
+<!-- .................................................................. -->
+<h2 id="analyzer">Improvements to Static Analyzer</h2>
+<ul>
+  <li>
+    New warnings:
+    <ul>
+      <li>
+	<!-- commit r14-5566-g841008d3966c0f [PR106147] -->
+	<a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-infinite-loop"><code>-Wanalyzer-infinite-loop</code></a>
+	warns about paths through the code which appear to lead to an infinite loop.
+      </li>
+      <li>
+	<!-- commit r14-3556-g034d99e81484fb [PR99860] -->
+	<a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-overlapping-buffers"><code>-Wanalyzer-overlapping-buffers</code></a> warns for paths through the code in which overlapping buffers are passed to an API for which the behavior on such buffers is undefined.
+      </li>
+      <li>
+	<!-- commit r14-5591-gf65f63c4d86a48 [PR107573] -->
+	<a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-undefined-behavior-strtok"><code>-Wanalyzer-undefined-behavior-strtok</code></a>
+	warns for paths through the code in which a call is made to
+	<code>strtok</code> with undefined behavior.
+      </li>
+    </ul>
+  </li>
+  <li>
+    <!-- commit r14-5464-gcfaaa8b11b8429 [PR103533] -->
+    Previously, the analyzer's "taint" tracking to be explicitly enabled via
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-fanalyzer-checker"><code>-fanalyzer-checker=taint</code></a>
+    (along with
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-fanalyzer"><code>-fanalyzer</code></a>).
+    This is now enabled by default when
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-fanalyzer"><code>-fanalyzer</code></a>
+    is selected, thus also enabling the 6 taint-based warnings:
+    <ul>
+      <li>
+	<a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-tainted-allocation-size"><code>-Wanalyzer-tainted-allocation-size</code></a>
+      </li>
+      <li>
+	<a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-tainted-array-index"><code>-Wanalyzer-tainted-array-index</code></a>
+      </li>
+      <li>
+	<a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-tainted-assertion"><code>-Wanalyzer-tainted-assertion</code></a>
+      </li>
+      <li>
+	<a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-tainted-divisor"><code>-Wanalyzer-tainted-divisor</code></a>
+      </li>
+      <li>
+	<a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-tainted-offset"><code>-Wanalyzer-tainted-offset</code></a>
+      </li>
+      <li>
+	<a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-tainted-size"><code>-Wanalyzer-tainted-size</code></a>
+      </li>
+    </ul>
+  </li>
+  <li>
+    <!-- commit r14-3374-gfe97f09a0caeff [PR105899] -->
+    The analyzer will now simulate API calls that expect null-terminated
+    string arguments, and will warn about code paths in which such a call
+    is made with a buffer that isn't properly terminated, either due to
+    a read of an uninitialized byte or an out-of-range accesses seen
+    before any zero byte is seen.
+    This applies to functions that use the new
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-null_005fterminated_005fstring_005farg-function-attribute"> <code>null_terminated_string_arg(<i>PARAM_IDX</i>)</code></a>
+    attribute, <!-- commit r14-4958-gcd7dadcd2759d1 -->
+    functions that use the
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-format-function-attribute"><code>format</code></a>
+    attribute, <!-- commit r14-3376-g3b691e0190c6e7 -->
+    and to the library functions
+    <code>error</code> (parameter 3),
+    <code>error_at_line</code> (parameter 5),
+    <code>putenv</code>,
+    <code>strchr</code> (parameter 1), and
+    <code>strcpy</code> (parameter 2).
+  </li>
+  <li>
+    <!-- commit r14-3001-g021077b94741c9 [PR110426] -->
+    The analyzer now makes use of the function attribute
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-alloc_005fsize-function-attribute">alloc_size</code></a>
+    allowing
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-fanalyzer"><code>-fanalyzer</code></a>
+    to emit
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-allocation-size"><code>-Wanalyzer-allocation-size</code></a>,
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-out-of-bounds"><code>-Wanalyzer-out-of-bounds</code></a>,
+    and
+    <a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-tainted-allocation-size"><code>-Wanalyzer-tainted-allocation-size</code></a>
+    on execution paths involving allocations using such functions.
+  </li>
+  <li>
+    The analyzer's knowledge about the behavior of the standard library has been extended to cover
+    <code>fopen</code>, <!-- commit r14-3375-g4325c82736d9e8 -->
+    <code>strcat</code>, <!-- commit r14-3469-gbbdc0e0d0042ae -->
+    <code>strncpy</code>, and <!-- commit r14-3740-gb51cde34d4e750 -->
+    <code>strstr</code>. <!-- commit r14-3741-gf2d7a4001a3388 -->
+    The analyzer will also more precisely model the behavior of
+    <code>memcpy</code>, <!-- commit r14-3465-g8556d0014acfa3 -->
+    <code>memmove</code>, <!-- commit r14-3465-g8556d0014acfa3 -->
+    <code>strcpy</code>, <!-- commit r14-3463-g0ae07a7203dd24 -->
+    <code>strdup</code>, <!-- commit r14-3549-gf687fc1ff6d4a4 -->
+    <code>strlen</code>, <!-- commit r14-3468-g2bad0eeb5573e5 and commit r14-3391-g3242fb533d48ab -->
+    and of various <code>atomic</code> built-in functions. <!-- commit r14-1497-gef768035ae8090 -->
+  </li>
+  <li>
+    <!-- commit r14-2029-g0e466e978c7286 [PR106626] -->
+    <p>The warning
+      <a href="https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html#index-Wanalyzer-out-of-bounds"><code>-Wanalyzer-out-of-bounds</code></a>
+      has been extended so that, where possible, it will emit a text-based
+      diagram visualizing the spatial relationship between
+      <ol>
+	<li>the memory region that the analyzer predicts would be
+	  accessed, versus</li>
+	<li>the range of memory that is valid to access</li>
+      </ol>
+      whether they overlap, are touching, are close or far apart;
+      which one is before or after in memory, the relative sizes involved,
+      the direction of the access (read vs write), and, in some cases,
+      the values of data involved.</p>
+    <p>Such "text art" diagrams can be controlled (or suppressed) via a new
+      <a href="https://gcc.gnu.org/onlinedocs/gcc/Diagnostic-Message-Formatting-Options.html#index-fdiagnostics-text-art-charset">-fdiagnostics-text-art-charset=</code></a> option.
+    <p>For example, given the out-of-bounds write in <code>strcat</code> in:
+      <!-- commit r14-4477-gb365e9d57ad445 -->
+<pre>
+void test (void)
+{
+   char buf[10];
+   strcpy (buf, "hello");
+   strcat (buf, " world!");
+}
+</pre>
+it emits:
+<pre>
+                                 ┌────┬────┬────┬────┬────┐┌─────┬─────┬─────┐
+                                 │[0] │[1] │[2] │[3] │[4] ││ [5] │ [6] │ [7] │
+                                 ├────┼────┼────┼────┼────┤├─────┼─────┼─────┤
+                                 │' ' │'w' │'o' │'r' │'l' ││ 'd' │ '!' │ NUL │
+                                 ├────┴────┴────┴────┴────┴┴─────┴─────┴─────┤
+                                 │     string literal (type: 'char[8]')      │
+                                 └───────────────────────────────────────────┘
+                                   │    │    │    │    │      │     │     │
+                                   │    │    │    │    │      │     │     │
+                                   v    v    v    v    v      v     v     v
+      ┌─────┬────────────────────┬────┬──────────────┬────┐┌─────────────────┐
+      │ [0] │        ...         │[5] │     ...      │[9] ││                 │
+      ├─────┼────┬────┬────┬────┬┼────┼──────────────┴────┘│                 │
+      │ 'h' │'e' │'l' │'l' │'o' ││NUL │                    │after valid range│
+      ├─────┴────┴────┴────┴────┴┴────┴───────────────────┐│                 │
+      │             'buf' (type: 'char[10]')              ││                 │
+      └───────────────────────────────────────────────────┘└─────────────────┘
+      ├─────────────────────────┬─────────────────────────┤├────────┬────────┤
+                                │                                   │
+                      ╭─────────┴────────╮                ╭─────────┴─────────╮
+                      │capacity: 10 bytes│                │overflow of 3 bytes│
+                      ╰──────────────────╯                ╰───────────────────╯
+</pre>
+    showing that the overflow occurs partway through the second string
+    fragment.
+  </li>
+  <li>
+    <!-- commit r14-3796-g1b761fede44afa [PR 110529] -->
+    The analyzer will now attempt to track execution paths involving
+    computed gotos, whereas previously it gave up on such paths.
+  </li>
+</ul>
+
 <!-- .................................................................. -->
 <h2 id="plugins">Improvements for plugin authors</h2>
 <ul>