llvm.org GIT mirror llvm / ad8d479
Add some release note text for the Clang Static Analyzer. git-svn-id: https://llvm.org/svn/llvm-project/llvm/branches/release_32@170251 91177308-0d34-0410-b5e6-96231b3b80d8 Ted Kremenek 7 years ago
1 changed file(s) with 40 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
244244
  • OpenMP code generation fixes.
  • 245245
    246246
    247
    248
    249
    250

    251 Clang Static Analyzer
    252
    253
    254
    255
    256

    The Clang Static Analyzer

    257 is an advanced source code analysis tool integrated into Clang that performs
    258 a deep analysis of code to find potential bugs.

    259
    260

    In the LLVM 3.2 release, the static analyzer has made significant improvements

    261 in many areas, with notable highlights such as:

    262
    263
    264
  • Improved interprocedural analysis within a translation unit (see details below), which greatly amplified the analyzer's ability to find bugs.
  • 265
  • New infrastructure to model "well-known" APIs, allowing the analyzer to do a much better job when modeling calls to such functions.
  • 266
  • Significant improvements to the APIs to write static analyzer checkers, with a more unified way of representing function/method calls in the checker API. Details can be found in the Building a Checker in 24 hours talk.
  • 267
    268
    269

    The release specifically includes notable improvements for Objective-C analysis, including:

    270
    271
    272
  • Interprocedural analysis for Objective-C methods.
  • 273
  • Interprocedural analysis of calls to "blocks".
  • 274
  • Precise modeling of GCD APIs such as dispatch_once and friends.
  • 275
  • Improved support for recently added Objective-C constructs such as array and dictionary literals.
  • 276
    277
    278

    The release specifically includes notable improvements for C++ analysis, including:

    279
    280
    281
  • Interprocedural analysis for C++ methods (within a translation unit).
  • 282
  • More precise modeling of C++ initializers and destructors.
  • 283
    284
    285

    Finally, this release includes many small improvements to scan-build, which can be used to drive the analyzer from the command line or a continuous integration system. This includes a directory-traversal issue, which could cause potential security problems in some cases. We would like to acknowledge Tim Brown of Portcullis Computer Security Ltd for reporting this issue.

    286
    247287
    248288
    249289