[PATCH] D155445: [analyzer][docs] Add CSA release notes
Balázs Benics via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Jul 18 00:33:57 PDT 2023
steakhal updated this revision to Diff 541356.
steakhal marked 2 inline comments as done.
steakhal added a comment.
In D155445#4508728 <https://reviews.llvm.org/D155445#4508728>, @OikawaKirie wrote:
> LGTM for my part. Thx.
>
> Since I am not very familiar with other changes, I have no detailed suggestions for the order.
Thanks for the feedback. Applied!
F28297746: image.png <https://reviews.llvm.org/F28297746>
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D155445/new/
https://reviews.llvm.org/D155445
Files:
clang/docs/ReleaseNotes.rst
Index: clang/docs/ReleaseNotes.rst
===================================================================
--- clang/docs/ReleaseNotes.rst
+++ clang/docs/ReleaseNotes.rst
@@ -903,6 +903,89 @@
non-complete destructors when using the Microsoft ABI.
(`#60465 <https://github.com/llvm/llvm-project/issues/60465>`_)
+- Removed the deprecated
+ ``consider-single-element-arrays-as-flexible-array-members`` analyzer option.
+ Any use of this flag will result in an error.
+ Use `-fstrict-flex-arrays=<n> <https://clang.llvm.org/docs/ClangCommandLineReference.html#cmdoption-clang-fstrict-flex-arrays>`_
+ (`7cd1f3ad22e4 <https://github.com/llvm/llvm-project/commit/7cd1f3ad22e4>`_)
+
+- Better modeling of lifetime-extended memory regions. As a result, the
+ ``MoveChecker`` raises more true-positive reports.
+ (`feafbb9fda57 <https://github.com/llvm/llvm-project/commit/feafbb9fda57>`_)
+
+- Fixed some bugs (including crashes) around the handling of constant global
+ arrays and their initializer expressions.
+ (`ffcf214b5d27 <https://github.com/llvm/llvm-project/commit/ffcf214b5d27>`_,
+ `558b46fde2db <https://github.com/llvm/llvm-project/commit/558b46fde2db>`_)
+
+- The ``CStringChecker`` will invalidate less if the copy operation is
+ inferable to be bounded. For example, if the arguments of ``strcpy`` are
+ known to be of certain lengths and that are in-bounds.
+
+ .. code-block:: c++
+
+ struct {
+ void *ptr;
+ char arr[4];
+ } x;
+ x.ptr = malloc(1);
+ // extent of 'arr' is 4, and writing "hi\n" (4 characters),
+ // thus no buffer overflow can happen
+ strcpy(x.arr, "hi\n");
+ free(x.ptr); // no longer reports memory leak here
+
+ Similarly, functions like ``strsep`` now won't invalidate the object
+ containing the destination buffer, because it can never overflow.
+ Note that, ``std::copy`` is still not modeled, and as such, it will still
+ invalidate the enclosing object on call.
+ (`1bd2d335b649 <https://github.com/llvm/llvm-project/commit/1bd2d335b649>`_)
+ (`#55019 <https://github.com/llvm/llvm-project/issues/55019>`_)
+
+- Implement ``BufferOverlap`` check for ``sprint``/``snprintf``
+ The ``CStringChecker`` checks for buffer overlaps for ``sprintf`` and
+ ``snprintf``.
+ (`ce97312d109b <https://github.com/llvm/llvm-project/commit/ce97312d109b>`_)
+
+- Objective-C support was improved around checking ``_Nonnull`` and
+ ``_Nullable`` including block pointers and literal objects.
+ (`b22a5d46179b <https://github.com/llvm/llvm-project/commit/b22a5d46179b>`_,
+ `77a599ae5828 <https://github.com/llvm/llvm-project/commit/77a599ae5828>`_,
+ `fa6b7dd520fc <https://github.com/llvm/llvm-project/commit/fa6b7dd520fc>`_,
+ `993060e1d31d <https://github.com/llvm/llvm-project/commit/993060e1d31d>`_)
+
+- Let the ``StreamChecker`` detect ``NULL`` streams instead of by
+ ``StdCLibraryFunctions``.
+ ``StreamChecker`` improved on the ``fseek`` modeling for the ``SEEK_SET``,
+ ``SEEK_END``, ``SEEK_CUR`` arguments.
+ (`2eefd19613b8 <https://github.com/llvm/llvm-project/commit/2eefd19613b8>`_,
+ `2c60f9c8a4fd <https://github.com/llvm/llvm-project/commit/2c60f9c8a4fd>`_)
+
+- ``StdCLibraryFunctionArgs`` was merged into the ``StdCLibraryFunctions``.
+ The diagnostics of the ``StdCLibraryFunctions`` was improved.
+ (`4f0436dd1532 <https://github.com/llvm/llvm-project/commit/4f0436dd1532>`_,
+ `6012cadc400f <https://github.com/llvm/llvm-project/commit/6012cadc400f>`_,
+ `258c9bebbdfa <https://github.com/llvm/llvm-project/commit/258c9bebbdfa>`_,
+ `ce1fb03db817 <https://github.com/llvm/llvm-project/commit/ce1fb03db817>`_,
+ `ddc5d40dd285 <https://github.com/llvm/llvm-project/commit/ddc5d40dd285>`_)
+
+- ``QTimer::singleShot`` now doesn't raise false-positives for memory leaks by
+ the ``MallocChecker``.
+ (`3b6a368d763e <https://github.com/llvm/llvm-project/commit/3b6a368d763e>`_)
+ (`#39713 <https://github.com/llvm/llvm-project/issues/39713>`_)
+
+- Fixed the infamous unsigned index false-positives in the
+ ``ArrayBoundCheckerV2`` checker.
+ (`8c22cbea87be <https://github.com/llvm/llvm-project/commit/8c22cbea87be>`_,
+ `de2547329b41 <https://github.com/llvm/llvm-project/commit/de2547329b41>`_)
+ (`#44493 <https://github.com/llvm/llvm-project/issues/44493>`_)
+
+- Now, taint propagations are tracked further back until the real taint source.
+ This improves all taint-related diagnostics.
+ (`343bdb10940c <https://github.com/llvm/llvm-project/commit/343bdb10940c>`_)
+
+- Fixed a null-pointer dereference crash inside the ``MoveChecker``.
+ (`d172b65ef001 <https://github.com/llvm/llvm-project/commit/d172b65ef001>`_)
+
.. _release-notes-sanitizers:
Sanitizers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D155445.541356.patch
Type: text/x-patch
Size: 4694 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20230718/af88b76d/attachment.bin>
More information about the cfe-commits
mailing list