Skip to content

v6.22.0
Compare
Choose a tag to compare
@bruntib bruntib released this 14 Apr 13:28
· 538 commits to master since this release
v6.22.0
ecf3776
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

🌟 Highlights

Further enhancements to speed up the store procedure

After another round of optimizations, CodeChecker store is ~2 times faster than in v6.21.0. Combined with the previous release, storing may be as much as 4 times faster than v6.20.0., with larger result directories seeing a greater degree of improvement.

This should allow those that use CodeChecker in CI loops to see fewer timeouts due to long storages, or lower timeout tresholds significantly.

Multiroot analysis

CodeChecker now supports an analysis mode where for each source file, it tries to find the closest compile_commands.json file up in the directory hierarchy starting from the source file.

If your project is structured such that multiple folders act as their own root folder (hence the name multiroot), CodeChecker should be able to support that out of the box. clangd and clang-tidy already works this way: https://clangd.llvm.org/installation.html#compile_commandsjson

This feature also affects the CodeChecker Visual Studio Code plugin, where analysis will be done on multiroot projects as well Ericsson/CodecheckerVSCodePlugin#113.

Previously the input of analysis must have been a compilation database JSON file. This PR supports the following new CodeChecker analyze invocations, as long as a corresponding compilation database file is found:

# Analyze a single file.
CodeChecker analyze analyze.cpp -o reports

# Analyze all source files under a directory.
CodeChecker analyze my_project -o reports

Support report annotations and add dynamic analyzer related annotations

CodeChecker is now able to parse additional fields from plist files especially relevant to dynamic analyses.
https://github.com/Ericsson/codechecker/blob/master/docs/analyzer/user_guide.md#dynamic-analysis-results

<dict>
  <key>diagnostics</key>
  <array>
    <dict>
      <key>category</key>
      <string>unknown</string>
      <key>check_name</key>
      <string>UndefinedBehaviorSanitizer</string>
      <key>report-annotation</key>
      <dict>
        <key>testcase</key>
        <string>yhegalkoei</string>
        <key>timestamp</key>
        <string>1970-04-26T17:27:55</string>
      </dict>
      <key>path</key>
      <array>
        ...
      </array>
    </dict>

image

Unlike for static analyzers, the time of the detection can be a crucial piece of information, as a report may be a result of another preceding report. Users that record the timestamp of the detection and store it in CodeChecker under the new 'Timestamp' field will be able to sort reports by it. CodeChecker now also supports the 'Testsuite' field.

You can read more about this feature in its PR #3849, and the relevant docs PR #3871.

❗ Backward incompatible changes

  • [cmd] Remove some deprecated flags. #3823
    • CodeChecker checkers --only-enabled DEPRECATED. Show only the enabled checkers. use CodeChecker checkers --details to list the checker status (enabled/disabled)
    • CodeChecker checkers --only-disabled. use CodeChecker checkers --details to list the checker status.
    • CodeChecker cmd diff -s, --suppressed DEPRECATED. Lists the suppressed reports.
      Use the  --review-status [REVIEW_STATUS [REVIEW_STATUS ...]] flag to filter the results.
    • CodeChecker cmd diff --filter FILTER       DEPRECATED. Filter diff results.
      Use  the --review-status [REVIEW_STATUS [REVIEW_STATUS ...]] flag
                              to filter the results.
    • CodeChecker cmd sum  --disable-unique  DEPRECATED. Use the '--uniqueing' option to get uniqueing results.
  • [cmd] Remove the CodeChecker analyzer --tidy-config flag #3822
    • CodeChecker analyze [--tidy-config TIDY_CONFIG] DEPRECATED and removed.
      Use the CodeChecker analyzers --analyzer-config clang-tidy to list the analyzer options
      Use e.g. CodeChecker analyze --analyzer-config clang-tidy:WarningsAsErrors=true to set a parameter.
      Alternatively you can use .clang-tidy config files too
  • [analyzer] Promote the missing checker warning to an error #3820
    • If a checker name given to --enable/--disable is not recognized (usually because of a typo) by any of the analyzers, CodeChecker now emits an error. While we strongly advise you against it, you can demote this error to a warning, restoring the behaviour similar to previous releases, with the flag --no-missing-checker-error (#3866).

🐛 Analyzer improvements

  • ignore -fno-keep-inline-dllexport gcc option #3813
  • Fix error using Clang option '-stdlib=libc++' #3808
  • [fix] Fix a condition about checkers being compiler warnings #3838
  • [analyzer] Promote the missing checker warning to an error #3820
  • [fix] Pass arch flag correctly #3854
  • [fix] Treat clang-diagnostic-* checkers as compiler flags #3874
  • Forward --driver-mode compiler flag to the analyzer #3867

🔁 Profile changes

  • bugprone-standalone-empty: default, extreme, sensitive
  • bugprone-unsafe-functions: extreme, security, sensitive
  • cert-msc24-c: alias of bugprone-unsafe-functions
  • cert-msc33-c: alias of bugprone-unsafe-functions
  • cppcoreguidelines-avoid-capture-default-when-capturing-this: extreme, sensitive
  • cppcoreguidelines-avoid-capturing-lambda-coroutines: default, extreme, sensitive
  • cppcoreguidelines-avoid-reference-coroutine-parameters: default, extreme, sensitive
  • cppcoreguidelines-rvalue-reference-param-not-moved: extreme, sensitive
  • llvmlibc-inline-function-decl: style
  • misc-use-anonymous-namespace: default, extreme, sensitive
  • Document the new checker misc-use-anonymous-namespace #3803
  • [cfg] Assign new check profiles for 6.22RC1 #3861

💻 CLI/Server improvements

  • Further enhancements to speed up the store procedure #3796
  • Multiroot analysis #3815
    CodeChecker now supports an analysis mode where for each source file,
    it tries to find the closest compile_commands.json file up in the directory hierarchy starting from the source file.
    clangd and clang-tidy works this way: https://clangd.llvm.org/installation.html
    This feature allows the analaysis of multi-root projects also in the vscode plugin Ericsson/CodecheckerVSCodePlugin#113
    Previously the input of analysis was a compilation database JSON file. The of this PR is to support the following analysis invocations:
# Analyze one source file.
CodeChecker analyze main.c -o reports

# analyze all source files under a directory.
CodeChecker analyze my_project -o reports
  • Support report annotations and add dynamic analyzer related annotations #3849
  • Required format for --checker-config #3817
    "CodeChecker analyze" command has a --checker-config flag. The parameter this flag should be in the following format:
    <analyzer>:<checker>:<option>=<value>. This format is checked and an error message is emitted if the format is not met.
  • [cmd] Gracefully exit instead of crashing when cmd diff is missing a param #3801
  • cppcheck: allow spaces in path #3812
  • [cmd] Fix a crash with CodeChecker cmd diff --unique on #3816
  • [bugfix] Don't convert cppcheck parameters to absolute path #3821
  • [cmd] Deprecate --warnings flag #3802
  • [gui] Fix for filter product in gui test #3469
  • [web] Fix stale permission caching #3840

🌳 Environment

  • [req] Upgrade lxml to 4.9.1 #3799
  • Fix three bugs and a couple of style issues #3804
  • Updates to setup.py/PyPI configuration #3819
  • [test] Upgrade to Python 3.8 in GitHub Actions #3859

📖 Documentation updates

  • README.md: add python3-setuptools dependency #3729
  • [docs] Reword what labels, guidelines, checkers mean, and their enabling #3845

🔨 Other

  • [version] Bump version to 6.22.0 #3787
  • [repo] Add vim sessions file to gitignore #3792
  • [docs] Fix facebook-infer links #3834
  • [tests] Change subprocess.call to subprocess.Popen #3837
  • Change dev/test servers port from default #3833
Assets 2