Java: Add a change note, and a minor ql comment.

aschackmull · aschackmull · commit b308c5438fb7 · 2025-09-15T10:14:26.000+02:00
diff --git a/java/ql/src/change-notes/2025-09-15-nullness-reimp.md b/java/ql/src/change-notes/2025-09-15-nullness-reimp.md
@@ -0,0 +1,4 @@
+---
+category: majorAnalysis
+---
+* The implementation of `java/dereferenced-value-may-be-null` has been completely replaced with a new general control-flow reachability library. This improves precision by reducing false positives. However, since the entire calculation has been reworked, there can be small corner cases where precision regressions might occur and new false positives may occur, but these cases should be rare.
diff --git a/shared/controlflow/codeql/controlflow/Guards.qll b/shared/controlflow/codeql/controlflow/Guards.qll
@@ -210,6 +210,7 @@ module Make<
     TValue(TAbstractSingleValue val, Boolean isVal) or
     TIntRange(int bound, Boolean upper) {
       exists(ConstantExpr c | c.asIntegerValue() + [-1, 0, 1] = bound) and
+      // exclude edge cases to avoid overflow issues when computing duals
       bound != 2147483647 and
       bound != -2147483648
     } or

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: majorAnalysis
 +---
 +* The implementation of `java/dereferenced-value-may-be-null` has been completely replaced with a new general control-flow reachability library. This improves precision by reducing false positives. However, since the entire calculation has been reworked, there can be small corner cases where precision regressions might occur and new false positives may occur, but these cases should be rare.