https://github.com/steakhal created
https://github.com/llvm/llvm-project/pull/154600
The commits were gathered using:
```sh
git log --reverse --oneline llvmorg-20-init..llvm/main \
clang/{lib/StaticAnalyzer,include/clang/StaticAnalyzer} | grep -v NFC | \
grep -v OpenACC | grep -v -i revert | grep -v -i "webkit"
```
FYI, I also ignored Webkit changes because I assue it's fairly specific for
them, and they likely already know what they ship xD.
I used the `LLVM_ENABLE_SPHINX=ON` and `LLVM_ENABLE_DOXYGEN=ON` cmake options
to enable the `docs-clang-html` build target, which generates the html into
`build/tools/clang/docs/html/ReleaseNotes.html` of which I attach the
screenshots to let you judge if it looks all good or not.
>From 282a84dbcc57738398da024f021bcc057099edb3 Mon Sep 17 00:00:00 2001
From: Balazs Benics <[email protected]>
Date: Wed, 20 Aug 2025 21:40:26 +0200
Subject: [PATCH] [analyzer][docs] CSA release notes for clang-21
The commits were gathered using:
```sh
git log --reverse --oneline llvmorg-20-init..llvm/main \
clang/{lib/StaticAnalyzer,include/clang/StaticAnalyzer} | grep -v NFC | \
grep -v OpenACC | grep -v -i revert | grep -v -i "webkit"
```
FYI, I also ignored Webkit changes because I assue it's fairly specific
for them, and they likely already know what they ship xD.
I used the `LLVM_ENABLE_SPHINX=ON` and `LLVM_ENABLE_DOXYGEN=ON` cmake
options to enable the `docs-clang-html` build target, which generates
the html into `build/tools/clang/docs/html/ReleaseNotes.html` of which I
attach the screenshots to let you judge if it looks all good or not.
---
clang/docs/ReleaseNotes.rst | 90 ++++++++++++++++++++++++++++++++++---
1 file changed, 85 insertions(+), 5 deletions(-)
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index f4f7dd8342d92..a8fd4b174cf7c 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -1198,8 +1198,6 @@ Code Completion
Static Analyzer
---------------
-- Fixed a crash when C++20 parenthesized initializer lists are used. This issue
- was causing a crash in clang-tidy. (#GH136041)
New features
^^^^^^^^^^^^
@@ -1223,20 +1221,99 @@ New features
- Implemented `P2719R5 Type-aware allocation and deallocation functions
<https://wg21.link/P2719>`_
as an extension in all C++ language modes.
+- Added support for the ``[[clang::assume(cond)]]`` attribute, treating it as
+ ``__builtin_assume(cond)`` for better static analysis. (#GH129234)
+
+- Introduced per-entry-point statistics to provide more detailed analysis
metrics.
+ Documentation: :doc:`analyzer/developer-docs/Statistics` (#GH131175)
+
+- Added time-trace scopes for high-level analyzer steps to improve performance
+ debugging. Documentation:
:doc:`analyzer/developer-docs/PerformanceInvestigation`
+ (#GH125508, #GH125884)
+
+- Enhanced the ``check::BlockEntrance`` checker callback to provide more
granular
+ control over block-level analysis.
+ `Documentation (check::BlockEntrance)
+ <https://clang.llvm.org/doxygen/CheckerDocumentation_8cpp_source.html>`_
+ (#GH140924)
+
+- Added a new experimental checker ``alpha.core.FixedAddressDereference`` to
detect
+ dereferences of fixed addresses, which can be useful for finding hard-coded
memory
+ accesses. (#GH127191)
Crash and bug fixes
^^^^^^^^^^^^^^^^^^^
+- Fixed a crash when C++20 parenthesized initializer lists are used.
+ This affected a crash of the well-known lambda overloaded pattern.
+ (#GH136041, #GH135665)
+
+- Dropped an unjustified assertion, that was triggered in
``BugReporterVisitors.cpp``
+ for variable initialization detection. (#GH125044)
+
- Fixed a crash in ``UnixAPIMisuseChecker`` and ``MallocChecker`` when
analyzing
code with non-standard ``getline`` or ``getdelim`` function signatures.
(#GH144884)
+- Fixed crashes involving ``__builtin_bit_cast``. (#GH139188)
+
+- ``__datasizeof`` (C++) and ``_Countof`` (C) no longer cause a failed
assertion
+ when given an operand of VLA type. (#GH151711)
+
+- Fixed a crash in ``CastSizeChecker``. (#GH134387)
+
+- Some ``cplusplus.PlacementNew`` false positives were fixed. (#GH150161)
+
Improvements
^^^^^^^^^^^^
+- Added option to assume at least one iteration in loops to reduce false
positives.
+ (#GH125494)
+
- The checker option ``optin.cplusplus.VirtualCall:PureOnly`` was removed,
- because it had been deprecated since 2019 and it is completely useless (it
- was kept only for compatibility with pre-2019 versions, setting it to true is
- equivalent to completely disabling the checker).
+ because it had been deprecated since 2019. (#GH131823)
+
+- Enhanced the ``StackAddrEscapeChecker`` to detect more cases of stack address
+ escapes, including return values for child stack frames. (#GH126620,
#GH126986)
+
+- Improved the ``BlockInCriticalSectionChecker`` to recognize ``O_NONBLOCK``
+ streams and suppress reports in those cases. (#GH127049)
+
+- Better support for lambda-converted function pointers in analysis.
(#GH144906)
+
+- Improved modeling of ``getcwd`` function in ``StdCLibraryFunctions`` checker.
+ (#GH141076)
+
+- Enhanced the ``EnumCastOutOfRange`` checker to ignore
``[[clang::flag_enum]]``
+ enums. (#GH141232)
+
+- Improved handling of structured bindings captured by lambdas. (#GH132579,
#GH91835)
+
+- Fixed unnamed bitfield handling in ``UninitializedObjectChecker``.
(#GH132427, #GH132001)
+
+- Enhanced iterator checker modeling for ``insert`` operations. (#GH132596)
+
+- Improved ``format`` attribute handling in ``GenericTaintChecker``.
(#GH132765)
+
+- Added support for ``consteval`` in ``ConditionBRVisitor::VisitTerminator``.
+ (#GH146859, #GH139130)
+
+- Enhanced handling of C standard streams in internal memory space. (#GH147766)
+
+- Enhanced store management with region-store-binding-limit to improve
performance.
+ See `region-store-max-binding-fanout
+
<https://clang.llvm.org/docs/analyzer/user-docs/Options.html#region-store-max-binding-fanout>`_
+ config option. Overriding these options are discouraged, unless you know
what you do.
+ (#GH127602)
+
+- Updated undefined assignment checker (``core.uninitialized.Assign``)
diagnostics
+ to avoid using the term ``garbage``. (#GH126596)
+
+- Fixed false memory leak reports involving placement new. (#GH144341)
+
+- Avoided unnecessary super region invalidation in ``CStringChecker``.
+ (#GH146212, #GH143807)
+
+- Enhanced handling of tainted division-by-zero error paths. (#GH144491)
Moved checkers
^^^^^^^^^^^^^^
@@ -1246,6 +1323,9 @@ Moved checkers
checker ``alpha.security.ArrayBound`` (which was searching for the same kind
of bugs with an different, simpler and less accurate algorithm) is removed.
+- Moved checker ``alpha.core.FixedAddressDereference`` out of the ``alpha``
package
+ to ``core.FixedAddressDereference ``. (#GH132404)
+
.. _release-notes-sanitizers:
Sanitizers
_______________________________________________
llvm-branch-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-branch-commits
