For instance, this check: cplusplus.Move doesn’t appear to exist anymore.
In short, it’s a complete mess, as you have probably seen
That checker was probably never documented at all.
The official list of supported SA checkers is the Available Checkers list. And that should have an entry for all Checkers that has the
Documentation<HasDocumentation> record in the
Checkers.td file. If it’s not the case, like in the
cplusplus.Move, that’s a problem.
Unfortunately, the checkers.rst is not only proven to be incomplete, but also checkers under the " Default Checkers" section are not always enabled by default, only a subset of that xD
security.insecureAPI.gets is enabled by default, but the
security.insecureAPI.rand is not, even though it’s in the same sub-package, and still listed as enabled by default. [code] In addition to this, we conditionally enable/disable checkers on different platforms, without noting any behavior like that anywhere.
There might be checkers without documentation. But one thing is sure, even if we have docs for a checker, it’s severely lacking in terms of examples, how the fixed code should look like, what the checker is exactly is looking for, what are the limitations of the checkers, what other checkers might interfere or complement this checker. What analyzer options might change the behavior of this checker and in what way. I also miss cross references to all of these, but we currently don’t even document any of the analyzer config options. Users officially can’t even pass such configs, since the flag consuming it is only available by the
All that said, CSA docs are in a miserable condition. I’ve proposed to have a glorified tablegen description schema for our needs described here, which would make us able to generate all sorts of stuff from it. Code for enabling default checkers, documentation for the checkers with crossrefs. We could even generate something for clang-tidy docs to consume.
I’m working on this infrastructure for quite some time to create a prototype, but it’s proven to be really challenging to do incrementally and cover all the edge cases.
That being said, I’m still investigating our options.
However, if you want some metainformation about the available checkers right now, have a look at the
The XMacro header file
Checkers.inc is generated from this by a
clang-tblgen backend. That should be the single source of truth ATM.
It seems like there is already a script parsing this
Sorry about the digression in the middle, but I wanted to provide some background about the status of docs, and expectations for the future and also the design concepts for the tablegen approach.
Gaaaah, another hidden python script! Thanks, I’ll take a look at that and see if it needs some maintenance.