[pull] master from curl:master#597
Open
pull[bot] wants to merge 10000 commits intoRachelmorrell:masterfrom
Open
[pull] master from curl:master#597pull[bot] wants to merge 10000 commits intoRachelmorrell:masterfrom
pull[bot] wants to merge 10000 commits intoRachelmorrell:masterfrom
Conversation
Previous tag v6 changed upstream and points to a different commit. This made zizmor unhappy. Previous commit is now tagged v6.0 in case we need it. Closes #20591
In non-SSL, non-SSH, non-H3, non-AppleSecTrust builds. Also: - drop unused internal macro `SSL_SYSTEM_VERIFIER`. Closes #20587
… (revert) The change was valid, but caused an annoying warning with perfectly working non-binutils ld linkers: ``` ld: warning: ignoring duplicate libraries: 'my/path/usr/local/lib/libcrypto.a' ``` (seen with Apple clang, when using static `libcrypto.a`) It means that for the binutil ld hack to work at consumption-time, curl must be built with the same picky binutils (gcc) toolchain. Reverts 795433b #20434 Closes #20594
Similar to test 3001 marked flaky earlier. Example: https://github.com/curl/curl/actions/runs/22035738719/job/63668228484?pr=20597#step:14:4099 Follow-up to 3ae234b #20462 Closes #20602
Also: - drop AmigaOS workaround. Closes #20584
To fix potential `-Wdisabled-macro-expansion` warnings when using these
macros within other macros. Fixing for example:
```
lib/doh.c:328:3: error: disabled expansion of recursive macro [clang-diagnostic-disabled-macro-expansion,-warnings-as-errors]
328 | ERROR_CHECK_SETOPT(CURLOPT_URL, url);
| ^
lib/doh.c:271:14: note: expanded from macro 'ERROR_CHECK_SETOPT'
271 | result = curl_easy_setopt((CURL *)doh, x, y); \
| ^
include/curl/curl.h:3332:44: note: expanded from macro 'curl_easy_setopt'
3332 | #define curl_easy_setopt(handle,opt,param) curl_easy_setopt(handle,opt,param)
| ^
[...]
```
Also update comments on why curl continues to disable
`-Wdisabled-macro-expansion` and `-Wused-but-marked-unused` warnings.
Follow-up to 92f215f #18477
Closes #20597
Filtered from `clang-tidy` `misc-include-cleaner` hits. Also: - pingping: scope includes. - doh: say the reason for an include. Closes #20607
- fix internal macro `AN_APPLE_OS` reused between sources without resetting it. It may potentially have left the system sha256 function unused. - fix to define `WOLFSSL_OPTIONS_IGNORE_SYS` so that it always applies to wolfSSL headers, also during feature detection. - md4, md5, sha256: simplify fallback logic. - delete 20+ unused macros. - scope or move macros to avoid `-Wunused-macros` warnings. - examples: delete unused code. The warning detects macros defined but not used within the same C source. It does not warn for macros defined in headers. It also works with unity builds, but to a lesser extent. Closes #20593
Fix bigger and smaller kinks in how clang-tidy is configured and used.
Sync behavior more between autotools and cmake, lib/src and tests. Bump
clang-tidy minimum version and prepare logic to allow using clang-tidy
to a fuller extent.
- move clang-tidy settings from builds to a new `.clang-tidy.yml`.
To make it easy to see and edit checks at one place. Also to allow
using the `--checks=` option internally to silence tests-specific
checks. (clang-tidy does not support multiple `--check=` options via
the command-line.)
Use explicit `--config-file=` option to point to the configuration.
- .clang-tidy.yml: link to documentation.
- suppress `clang-diagnostic-nullability-extension` due to a false
positive in libtests with `CURL_WERROR=ON` and `PICKY_COMPILER=OFF`.
- .clang-tidy.yml: enable `portability-*`, `misc-const-correctness`.
- drop `--quiet` clang-tidy option by default to make its working a bit
more transparent. The extra output is minimial.
- consistently use double-dashes in clang-tidy command-line options.
Supported by clang-tidy 9.0.0+ (2019-09-19). Before this patch single
and double were used arbitrarily.
- src/tool_parsecfg: silence false positive `clang-analyzer-unix.Stream`.
Seen with clang 18 + clang-tidy 19 and 20 (only with autotools.)
- INTERNALS: require clang-tidy 14.0.0+. For the `--config-file` option.
- INTERNALS: recommend clang-tidy 19.1.0+, to avoid bogus
`clang-analyzer-valist.Uninitialized` warnings. (bug details below)
autotools:
- allow configuring the clang-tidy tool via `CLANG_TIDY` env.
Also to use in GHA to point to a suffixed clang-tody tool.
- fix to pass CFLAGS to lib, src sources.
(keep omitting them when using a non-clang compiler.)
- fix to pass `--warnings-as-errors=*` in quotes to avoid globbing.
cmake:
- fix to not pass an empty `-I` to clang-tidy.
- fix to pass CFLAGS (picky warnings) to clang-tidy for test sources.
(keep omitting them when using a non-clang compiler.)
- fix to disable `clang-diagnostic-unused-function` for test sources.
(tests have static entry points, which trigger this check when
checking them as individidual sources.)
- fix forwarding `CURL_CLANG_TIDYFLAGS` to clang-tidy.
- force disable picky warnings when running clang-tidy with a non-clang
compiler. To not pass these flags when checking lib and src.
CI:
- GHA/linux: avoid clang-tidy bug by upgrading to v19, and drop the
workaround.
- GHA/linux: switch to clang from gcc in the clang-tidy job. Using gcc
doesn't allow passing CFLAGS to clang-tidy, making it less effective.
(My guess this was one factor contributing to this job often missing
to find certain issues compared to GHA/macos.)
I recomment using clang-tidy with a clang compiler, preferably the same
version or one that's compatible. Other cases are best effort, and may
fail if a C flag is passed to clang-tidy that it does not understand.
Picky warnings are mostly omitted when using a non-clang compiler,
reducing its usefulness.
Details and reproducer for the v18 (and earlier) clang-tidy bug,
previously affecting the GHA/linux job:
clang-tidy <=18 emits false warnings way when passing multiple C sources
at once (as done with autotools):
```sh
cat > src1.c <<EOF
#include <string.h>
static void dummy(void *p) { memcmp(p, p, 0); }
EOF
cat > src2.c <<EOF
#include <stdarg.h>
void vafunc(int option, ...)
{
va_list param;
va_start(param, option);
if(option)
(void)va_arg(param, int);
va_end(param);
}
EOF
/opt/homebrew/opt/llvm@18/bin/clang-tidy --checks=clang-analyzer-valist.Uninitialized src1.c src2.c
# src2.c:7:11: warning: va_arg() is called on an uninitialized va_list [clang-analyzer-valist.Uninitialized]
```
Follow-up to e865420 #17047
Closes #20605
….lib` 4.0.0 Seen with mbedTLS 4.0.0. mbedTLS 4.0.0 renamed `mbedcrypto` lib to `tfpsacrypto`, while also keeping a copy under the old name to aid transition. However, this compatibility logic is broken for MSVC static builds, and the old name missing. Work around by looking for the new name in the raw detection codepath. Note that using `pkg-config`-based detection also works as a workaround. Reported-by: tawmoto on github Fixes #20616 Ref: https://github.com/Mbed-TLS/mbedtls/blob/v4.0.0/library/CMakeLists.txt#L275-L282 Ref: Mbed-TLS/mbedtls#10605 Closes #20617
Also enable `bugprone-suspicious-realloc-usage` clang-tidy option
to verify.
Fixing:
```
tests/server/rtspd.c:328:37: error: 'req->rtp_buffer' may be set to null if 'realloc' fails,
which may result in a leak of the original buffer
[bugprone-suspicious-realloc-usage,-warnings-as-errors]
328 | req->rtp_buffer = realloc(req->rtp_buffer,
| ~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~~
```
Ref: https://clang.llvm.org/extra/clang-tidy/checks/bugprone/suspicious-realloc-usage.html
Closes #20621
Discovered with clang-tidy checker `readability-inconsistent-declaration-parameter-name`. Also: - do not enforce the above because of inconsistencies still present between public API prototypes and definitions. (Also betwen man page protos, and man page examples, and other parts of the code, e.g. `easy` vs `curl` vs `d` vs `handle`) Perhaps subject for a future effort: https://github.com/curl/curl/actions/runs/22166472728/job/64094691653 - enable and fix `readability-named-parameter` where missing. Refs: https://clang.llvm.org/extra/clang-tidy/checks/readability/inconsistent-declaration-parameter-name.html https://clang.llvm.org/extra/clang-tidy/checks/readability/named-parameter.html Closes #20624
Also: - cipher_suite: merge `USE_MBEDTLS` `#if` blocks. Ref: https://clang.llvm.org/extra/clang-tidy/checks/readability/redundant-preprocessor.html Closes #20628
Found via `readability-redundant-casting`. Prone to false positives, not enabled. Ref: https://clang.llvm.org/extra/clang-tidy/checks/readability/redundant-casting.html Closes #20630
Bump required clang-tidy version to v17.0.0 for this. Ref: https://releases.llvm.org/17.0.1/tools/clang/tools/extra/docs/clang-tidy/index.html Follow-up to 4497dbd #20605 Closes #20632
On Solaris this was causing intermittent issues when the private structure member __sin6_src_id had unexpectedly some value. connect(2) would then fail with EADDRNOTAVAIL. Closes #20885
The protocol handler method `connection_check` allowed to variable operations to trigger with variable result bits. Only the `CONNCHECK_ISDEAD` and `CONNRESULT_DEAD` were in use. Transform the function into `connection_is_dead` without extra parameter and a bool result. - Remove defines for `CONNCHECK_*` and `CONNRESULT_*` - Rename protocol function in handler comments - Change RTSP implementation (only protocol that uses this) Closes #20890
- Move `RESP_TIMEOUT` from urldata.h to pingpong.h as `PINGPONG_TIMEOUT_MS`. - Rename `Curl_pp_state_timeout()` to `Curl_pp_state_timeleft_ms()` as the function returns the time left, not the timout.. - Update implementation comments and variable names Closes #20888
- Move ECH related defines to vtls.h - Prefix all defines with `CURLECH_` - Move base64.h include from vtls.h to implementations Closes #20887
A logic error made the function not check the last character, which thus could make it accept invalid schemes. Added test 1965 to verify Reported-by: Otis Cui Lei Closes #20893
Also: - support per-directory and per-upper-directory whitelist entries. - convert badlist input grep tweak into the above format. (except for 'And' which had just a few hits.) - fix many code exceptions, but do not enforce. (there also remain about 350 'will' uses in lib) - fix badwords in example code, drop exceptions. - badwords-all: convert to Perl. To make it usable from CMake. - FAQ: reword to not use 'will'. Drop exception. Closes #20886
Also: - autotools: make `badwords` target honor `@PERL@`. Suggested-by: Stefan Eissing Closes #20884
Syncing tests with lib and src behavior. Also: - fix OS400 checksrc to find the per-directory `.checksrc` file. Closes #20898
Follow-up to 04289c6. Regression shipped in 8.13.0. - a logic error made it not loop and thus only match if the searched string was first - it no longer matches a substring Adjusted test 1 to use multiple values in the Connection: response header. Adjusted test 1542 to have a "Connection: close-not" which should not match. Reported-by: Henrique Pereira Closes #20894
In a -j192 build, this output used a three-digit number for the output, thus wrapping differently and causing it to error. Reported-by: Carlos Henrique Lima Melara Closes #20910
- tool_getparam: revert an unnecessary/no-op C89 warning silencer. Follow-up to 09c9afd #20363 - tool_writeout: add comment saying silencing is a no-op for llvm/clang. For `strftime()` it is a GCC-specific, as of llvm/clang v22.1.0. Follow-up to f07a98a #20366 - unit1652: drop always-false `!defined(__clang__)` guard. Pointed-out-by: Orgad Shaneh Ref: #20902 Follow-up to 7e814c8 #16062 - unit1652: document that `-Wformat` is necessary for GCC v5 to v8. Follow-up to 71cf0d1 #14772 Closes #20908
- when scanning source code, this now only checks source code comments and double-quote strings. No more finding bad words as part of code - this allows the full scan to be done in a single invocation - detects source code or markdown by file name extension - moved the whitelist words config into the single `badwords.txt` file, no more having them separately (see top of file for syntax) - all whitelisted words are checked case insensitively now - removed support for whitelisting words on a specific line number. We did not use it and it is too fragile Removing the actual code from getting scanned made the script take an additional 0.5 seconds on my machine. Scanning 1525 files now takes a little under 1.7 seconds for me. Closes #20909
The file is almost entirely made up by first-lines of previous git commits, and we usually push it without a PR cycle, making it annoying to trigger on typos later as they then show in independent PRs by other people. Closes #20917
Eliminate `conn->bits.ipv6_ip` The bit was only correct for the first transfer using a connection. Use `data->state.up.hostname` instead in places that need the URL hostname in its original form. Fix parseurlandfillconn() to not modify `data->state.up.hostname` before copying the connection's hostname, but modify the copy instead, leaving the URL hostname intact. Closes #20919
Convert more `int port` to `uint16_t` port types. Reshuffle ports in connectdata to save some bytes. Change `conn->destination` format to - make it more readable and thus usable in tracing - add the IPv6 scope_id only when not default (global) and make it resemble more the textual format for IPv6 (e.g. suffix '%<scope_id>') Closes #20918
Improve the name, type and handling of `data->req.keepon`: - Rename `keepon` to `io_flags` - make `io_flags` and `uint8_t` and reposition in struct - Rename `KEEP_*` defines to `REQ_IO_*`, move to request.h - Replace all direct bit tests to `CURL_REQ_WANT_*` use - Replace all direct bit manipulations with new macros Closes #20905
Reported-by: James Fuller Closes #20929
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )