[PATCH] D155445: [analyzer][docs] Add CSA release notes

Balázs Benics via Phabricator via cfe-commits Mon, 17 Jul 2023 05:12:42 -0700

steakhal created this revision.
steakhal added reviewers: NoQ, xazax.hun, Szelethus, donat.nagy, balazske, 
gamesh411, tripleCC, tomasz-kaminski-sonarsource, OikawaKirie.
Herald added subscribers: manas, ASDenysPetrov, martong, dkrupp, 
mikhail.ramalho, a.sidorin, szepet, baloghadamsoftware.
Herald added a project: All.
steakhal requested review of this revision.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.


We'll soon branch off, and start releasing clang-17.
Here is a patch, adjusting the release notes for what we achieved since
the last release.

I used this command to inspect the interesting commits:

  git log --oneline llvmorg-16.0.0..llvm/main \
    clang/{lib/StaticAnalyzer,include/clang/StaticAnalyzer} | \
    grep -v NFC | grep -v -i revert

This filters in CSA directories and filters out NFC and revert commits.

Given that in the release-notes, we usually don't put links to commits,
I'll remove them from this patch as well. I just put them there to make
it easier to review for you.

I tried to group the changes into meaningful chunks, and dropped some of
the uninteresting commits.
I've also dropped the commits that were backported to clang-16.

Check out how it looks, and propose changes like usual.

---

FYI the `ninja docs-clang-html` produces the html docs, including the 
`ReleaseNotes`.
And the produced artifact will be at 
`build/tools/clang/docs/html/ReleaseNotes.html`.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D155445

Files:
  clang/docs/ReleaseNotes.rst


Index: clang/docs/ReleaseNotes.rst
===================================================================
--- clang/docs/ReleaseNotes.rst
+++ clang/docs/ReleaseNotes.rst
@@ -901,6 +901,68 @@
   non-complete destructors when using the Microsoft ABI.
   (`#60465 <https://github.com/llvm/llvm-project/issues/60465>`_)
 
+- Removed the deprecated
+  ``consider-single-element-arrays-as-flexible-array-members`` analyzer option.
+  Any use of this flag will result in an error.
+  (`7cd1f3ad22e4 <https://github.com/llvm/llvm-project/commit/7cd1f3ad22e4>`_)
+- Fixed a null-pointer dereference crash inside the ``MoveChecker``.
+  (`d172b65ef001 <https://github.com/llvm/llvm-project/commit/d172b65ef001>`_)
+
+- Better modeling of lifetime-extended memory regions. As a result, the
+  ``MoveChecker`` raises more true-positive reports.
+  (`feafbb9fda57 <https://github.com/llvm/llvm-project/commit/feafbb9fda57>`_)
+
+- Fixed some bugs around the handling of constant global arrays and their
+  initializer expressions.
+  (`ffcf214b5d27 <https://github.com/llvm/llvm-project/commit/ffcf214b5d27>`_,
+  `558b46fde2db <https://github.com/llvm/llvm-project/commit/558b46fde2db>`_)
+
+- The ``CStringChecker`` will invalidate less if the copy operation is bounded.
+  (`1bd2d335b649 <https://github.com/llvm/llvm-project/commit/1bd2d335b649>`_)
+  (`#55019 <https://github.com/llvm/llvm-project/issues/55019>`_)
+
+- Implement ``BufferOverlap`` check for ``sprint``/``snprintf``
+  The ``CStringChecker`` checks for buffer overlaps for ``sprintf`` and
+  ``snprintf``.
+  (`ce97312d109b <https://github.com/llvm/llvm-project/commit/ce97312d109b>`_)
+
+- Objective-C support was improved around checking ``_Nonnull`` and
+  ``_Nullable`` including block pointers and literal objects.
+  (`b22a5d46179b <https://github.com/llvm/llvm-project/commit/b22a5d46179b>`_,
+  `77a599ae5828 <https://github.com/llvm/llvm-project/commit/77a599ae5828>`_,
+  `fa6b7dd520fc <https://github.com/llvm/llvm-project/commit/fa6b7dd520fc>`_,
+  `993060e1d31d <https://github.com/llvm/llvm-project/commit/993060e1d31d>`_)
+
+- Let the ``StreamChecker`` detect ``NULL`` streams instead of by
+  ``StdCLibraryFunctions``.
+  ``StreamChecker`` improved on the fseek modeling for the ``SEEK_SET``,
+  ``SEEK_END``, ``SEEK_CUR`` arguments.
+  (`2eefd19613b8 <https://github.com/llvm/llvm-project/commit/2eefd19613b8>`_,
+  `2c60f9c8a4fd <https://github.com/llvm/llvm-project/commit/2c60f9c8a4fd>`_)
+
+- ``StdCLibraryFunctionArgs`` was merged into the ``StdCLibraryFunctions``.
+  The diagnostics of the ``StdCLibraryFunctions`` was improved.
+  (`4f0436dd1532 <https://github.com/llvm/llvm-project/commit/4f0436dd1532>`_,
+  `6012cadc400f <https://github.com/llvm/llvm-project/commit/6012cadc400f>`_,
+  `258c9bebbdfa <https://github.com/llvm/llvm-project/commit/258c9bebbdfa>`_,
+  `ce1fb03db817 <https://github.com/llvm/llvm-project/commit/ce1fb03db817>`_,
+  `ddc5d40dd285 <https://github.com/llvm/llvm-project/commit/ddc5d40dd285>`_)
+
+- ``QTimer::singleShot`` now doesn't raise false-positives for memory leaks by
+  the ``MallocChecker``.
+  (`3b6a368d763e <https://github.com/llvm/llvm-project/commit/3b6a368d763e>`_)
+  (`#39713 <https://github.com/llvm/llvm-project/issues/39713>`_)
+
+- Fixed the infamous unsigned index false-positives in the
+  ``ArrayBoundCheckerV2`` checker.
+  (`8c22cbea87be <https://github.com/llvm/llvm-project/commit/8c22cbea87be>`_,
+  `de2547329b41 <https://github.com/llvm/llvm-project/commit/de2547329b41>`_)
+  (`#44493 <https://github.com/llvm/llvm-project/issues/44493>`_)
+
+- Now, taint propagations are tracked further back until the real taint source.
+  This improves all taint-related diagnostics.
+  (`343bdb10940c <https://github.com/llvm/llvm-project/commit/343bdb10940c>`_)
+
 .. _release-notes-sanitizers:
 
 Sanitizers

Index: clang/docs/ReleaseNotes.rst
===================================================================
--- clang/docs/ReleaseNotes.rst
+++ clang/docs/ReleaseNotes.rst
@@ -901,6 +901,68 @@
   non-complete destructors when using the Microsoft ABI.
   (`#60465 <https://github.com/llvm/llvm-project/issues/60465>`_)
 
+- Removed the deprecated
+  ``consider-single-element-arrays-as-flexible-array-members`` analyzer option.
+  Any use of this flag will result in an error.
+  (`7cd1f3ad22e4 <https://github.com/llvm/llvm-project/commit/7cd1f3ad22e4>`_)
+- Fixed a null-pointer dereference crash inside the ``MoveChecker``.
+  (`d172b65ef001 <https://github.com/llvm/llvm-project/commit/d172b65ef001>`_)
+
+- Better modeling of lifetime-extended memory regions. As a result, the
+  ``MoveChecker`` raises more true-positive reports.
+  (`feafbb9fda57 <https://github.com/llvm/llvm-project/commit/feafbb9fda57>`_)
+
+- Fixed some bugs around the handling of constant global arrays and their
+  initializer expressions.
+  (`ffcf214b5d27 <https://github.com/llvm/llvm-project/commit/ffcf214b5d27>`_,
+  `558b46fde2db <https://github.com/llvm/llvm-project/commit/558b46fde2db>`_)
+
+- The ``CStringChecker`` will invalidate less if the copy operation is bounded.
+  (`1bd2d335b649 <https://github.com/llvm/llvm-project/commit/1bd2d335b649>`_)
+  (`#55019 <https://github.com/llvm/llvm-project/issues/55019>`_)
+
+- Implement ``BufferOverlap`` check for ``sprint``/``snprintf``
+  The ``CStringChecker`` checks for buffer overlaps for ``sprintf`` and
+  ``snprintf``.
+  (`ce97312d109b <https://github.com/llvm/llvm-project/commit/ce97312d109b>`_)
+
+- Objective-C support was improved around checking ``_Nonnull`` and
+  ``_Nullable`` including block pointers and literal objects.
+  (`b22a5d46179b <https://github.com/llvm/llvm-project/commit/b22a5d46179b>`_,
+  `77a599ae5828 <https://github.com/llvm/llvm-project/commit/77a599ae5828>`_,
+  `fa6b7dd520fc <https://github.com/llvm/llvm-project/commit/fa6b7dd520fc>`_,
+  `993060e1d31d <https://github.com/llvm/llvm-project/commit/993060e1d31d>`_)
+
+- Let the ``StreamChecker`` detect ``NULL`` streams instead of by
+  ``StdCLibraryFunctions``.
+  ``StreamChecker`` improved on the fseek modeling for the ``SEEK_SET``,
+  ``SEEK_END``, ``SEEK_CUR`` arguments.
+  (`2eefd19613b8 <https://github.com/llvm/llvm-project/commit/2eefd19613b8>`_,
+  `2c60f9c8a4fd <https://github.com/llvm/llvm-project/commit/2c60f9c8a4fd>`_)
+
+- ``StdCLibraryFunctionArgs`` was merged into the ``StdCLibraryFunctions``.
+  The diagnostics of the ``StdCLibraryFunctions`` was improved.
+  (`4f0436dd1532 <https://github.com/llvm/llvm-project/commit/4f0436dd1532>`_,
+  `6012cadc400f <https://github.com/llvm/llvm-project/commit/6012cadc400f>`_,
+  `258c9bebbdfa <https://github.com/llvm/llvm-project/commit/258c9bebbdfa>`_,
+  `ce1fb03db817 <https://github.com/llvm/llvm-project/commit/ce1fb03db817>`_,
+  `ddc5d40dd285 <https://github.com/llvm/llvm-project/commit/ddc5d40dd285>`_)
+
+- ``QTimer::singleShot`` now doesn't raise false-positives for memory leaks by
+  the ``MallocChecker``.
+  (`3b6a368d763e <https://github.com/llvm/llvm-project/commit/3b6a368d763e>`_)
+  (`#39713 <https://github.com/llvm/llvm-project/issues/39713>`_)
+
+- Fixed the infamous unsigned index false-positives in the
+  ``ArrayBoundCheckerV2`` checker.
+  (`8c22cbea87be <https://github.com/llvm/llvm-project/commit/8c22cbea87be>`_,
+  `de2547329b41 <https://github.com/llvm/llvm-project/commit/de2547329b41>`_)
+  (`#44493 <https://github.com/llvm/llvm-project/issues/44493>`_)
+
+- Now, taint propagations are tracked further back until the real taint source.
+  This improves all taint-related diagnostics.
+  (`343bdb10940c <https://github.com/llvm/llvm-project/commit/343bdb10940c>`_)
+
 .. _release-notes-sanitizers:
 
 Sanitizers

_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D155445: [analyzer][docs] Add CSA release notes

Reply via email to