[-Wunsafe-buffer-usage] Generate fix-it for local variable declarations

Use clang fix-its to transform declarations of local variables, which
are used for buffer access , to be of std::span type.

We placed a few limitations to keep the solution simple:
- it only transforms local variable declarations (no parameter declaration);
- it only considers single level pointers, i.e., pointers of type T * regardless of whether T is again a pointer;
- it only transforms to std::span types (no std::array, or std::span::iterator, or ...);
    - it can only transform a VarDecl that belongs to a DeclStmt whose has a single child.

One of the purposes of keeping this patch simple enough is to first
evaluate if fix-it is an appropriate approach to do the
transformation.

This commit was reverted by 622be09
for a compilation warning and now it is fixed.

Reviewed by: NoQ, jkorous

Differential revision: https://reviews.llvm.org/D139737

Author: ziqingluo-90

clang/include/clang/Analysis/Analyses/UnsafeBufferUsage.h

@@ -37,6 +37,15 @@ class UnsafeBufferUsageHandler {
   /// Invoked when a fix is suggested against a variable.
   virtual void handleFixableVariable(const VarDecl *Variable,
                                      FixItList &&List) = 0;
+
+  /// Returns the text indicating that the user needs to provide input there:
+  virtual std::string
+  getUserFillPlaceHolder(StringRef HintTextToUser = "placeholder") {
+    std::string s = std::string("<# ");
+    s += HintTextToUser;
+    s += " #>";
+    return s;
+  }
 };
 
 // This function invokes the analysis and allows the caller to react to it

clang/include/clang/Analysis/Analyses/UnsafeBufferUsageGadgets.def

@@ -30,6 +30,7 @@ WARNING_GADGET(Decrement)
 WARNING_GADGET(ArraySubscript)
 WARNING_GADGET(PointerArithmetic)
 WARNING_GADGET(UnsafeBufferUsageAttr)
+FIXABLE_GADGET(ULCArraySubscript)
 
 #undef FIXABLE_GADGET
 #undef WARNING_GADGET

clang/include/clang/Basic/DiagnosticSemaKinds.td

@@ -11790,6 +11790,8 @@ def warn_unsafe_buffer_operation : Warning<
   InGroup<UnsafeBufferUsage>, DefaultIgnore;
 def note_unsafe_buffer_operation : Note<
   "used%select{| in pointer arithmetic| in buffer access}0 here">;
+def note_unsafe_buffer_variable_fixit : Note<
+  "change type of '%0' to '%select{std::span|std::array|std::span::iterator}1' to preserve bounds information">;
 def err_loongarch_builtin_requires_la32 : Error<
   "this builtin requires target: loongarch32">;
 } // end of sema component.