[all-commits] [llvm/llvm-project] 307679: [LifetimeSafety] Introduce intra-procedural analys...

Utkarsh Saxena via All-commits all-commits at lists.llvm.org
Thu Jul 10 14:42:42 PDT 2025 

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: 3076794e924f30ae21d1a12f27b1e6349dfa5fc4
      https://github.com/llvm/llvm-project/commit/3076794e924f30ae21d1a12f27b1e6349dfa5fc4
  Author: Utkarsh Saxena <usx at google.com>
  Date:   2025-07-10 (Thu, 10 Jul 2025)

  Changed paths:
    A clang/include/clang/Analysis/Analyses/LifetimeSafety.h
    M clang/include/clang/Basic/DiagnosticGroups.td
    M clang/include/clang/Basic/DiagnosticSemaKinds.td
    M clang/lib/Analysis/CMakeLists.txt
    A clang/lib/Analysis/LifetimeSafety.cpp
    M clang/lib/Sema/AnalysisBasedWarnings.cpp
    A clang/test/Sema/warn-lifetime-safety-dataflow.cpp

  Log Message:
  -----------
  [LifetimeSafety] Introduce intra-procedural analysis in Clang (#142313)

This patch introduces the initial implementation of the
intra-procedural, flow-sensitive lifetime analysis for Clang, as
proposed in the recent RFC:
https://discourse.llvm.org/t/rfc-intra-procedural-lifetime-analysis-in-clang/86291

The primary goal of this initial submission is to establish the core
dataflow framework and gather feedback on the overall design, fact
representation, and testing strategy. The focus is on the dataflow
mechanism itself rather than exhaustively covering all C++ AST edge
cases, which will be addressed in subsequent patches.

#### Key Components

* **Conceptual Model:** Introduces the fundamental concepts of `Loan`,
`Origin`, and `Path` to model memory borrows and the lifetime of
pointers.
* **Fact Generation:** A frontend pass traverses the Clang CFG to
generate a representation of lifetime-relevant events, such as pointer
assignments, taking an address, and variables going out of scope.
* **Testing:** `llvm-lit` tests validate the analysis by checking the
generated facts.


### Next Steps
*(Not covered in this PR but planned for subsequent patches)*

The following functionality is planned for the upcoming patches to build
upon this foundation and make the analysis usable in practice:

* **Dataflow Lattice:** A dataflow lattice used to map each pointer's
symbolic `Origin` to the set of `Loans` it may contain at any given
program point.
* **Fixed-Point Analysis:** A worklist-based, flow-sensitive analysis
that propagates the lattice state across the CFG to a fixed point.
* **Placeholder Loans:** Introduce placeholder loans to represent the
lifetimes of function parameters, forming the basis for analysis
involving function calls.
* **Annotation and Opaque Call Handling:** Use placeholder loans to
correctly model **function calls**, both by respecting
`[[clang::lifetimebound]]` annotations and by conservatively handling
opaque/un-annotated functions.
* **Error Reporting:** Implement the final analysis phase that consumes
the dataflow results to generate user-facing diagnostics. This will
likely require liveness analysis to identify live origins holding
expired loans.
* **Strict vs. Permissive Modes:** Add the logic to support both
high-confidence (permissive) and more comprehensive (strict) warning
levels.
* **Expanded C++ Coverage:** Broaden support for common patterns,
including the lifetimes of temporary objects and pointers within
aggregate types (structs/containers).
* Performance benchmarking
* Capping number of iterations or number of times a CFGBlock is
processed.

---------

Co-authored-by: Baranov Victor <bar.victor.2002 at gmail.com>



To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications

More information about the All-commits mailing list