[llvm-branch-commits] [clang] [LifetimeSafety] Add loan expiry analysis (PR #148712)
Utkarsh Saxena via llvm-branch-commits
llvm-branch-commits at lists.llvm.org
Thu Jul 17 11:55:02 PDT 2025
https://github.com/usx95 updated https://github.com/llvm/llvm-project/pull/148712
>From 70b63ed18602036b71862f794cf7f02024995a3e Mon Sep 17 00:00:00 2001
From: Utkarsh Saxena <usx at google.com>
Date: Mon, 14 Jul 2025 19:37:49 +0000
Subject: [PATCH] [LifetimeSafety] Add loan expiry analysis
---
.../clang/Analysis/Analyses/LifetimeSafety.h | 10 ++
clang/lib/Analysis/LifetimeSafety.cpp | 77 +++++++-
.../unittests/Analysis/LifetimeSafetyTest.cpp | 167 +++++++++++++++++-
3 files changed, 249 insertions(+), 5 deletions(-)
diff --git a/clang/include/clang/Analysis/Analyses/LifetimeSafety.h b/clang/include/clang/Analysis/Analyses/LifetimeSafety.h
index f5ce23848448f..e10a06fd86833 100644
--- a/clang/include/clang/Analysis/Analyses/LifetimeSafety.h
+++ b/clang/include/clang/Analysis/Analyses/LifetimeSafety.h
@@ -33,6 +33,7 @@ namespace internal {
class Fact;
class FactManager;
class LoanPropagationAnalysis;
+class ExpiredLoansAnalysis;
struct LifetimeFactory;
/// A generic, type-safe wrapper for an ID, distinguished by its `Tag` type.
@@ -53,6 +54,11 @@ template <typename Tag> struct ID {
}
};
+template <typename Tag>
+inline llvm::raw_ostream &operator<<(llvm::raw_ostream &OS, ID<Tag> ID) {
+ return OS << ID.Value;
+}
+
using LoanID = ID<struct LoanTag>;
using OriginID = ID<struct OriginTag>;
@@ -81,6 +87,9 @@ class LifetimeSafetyAnalysis {
/// Returns the set of loans an origin holds at a specific program point.
LoanSet getLoansAtPoint(OriginID OID, ProgramPoint PP) const;
+ /// Returns the set of loans that have expired at a specific program point.
+ LoanSet getExpiredLoansAtPoint(ProgramPoint PP) const;
+
/// Finds the OriginID for a given declaration.
/// Returns a null optional if not found.
std::optional<OriginID> getOriginIDForDecl(const ValueDecl *D) const;
@@ -96,6 +105,7 @@ class LifetimeSafetyAnalysis {
std::unique_ptr<LifetimeFactory> Factory;
std::unique_ptr<FactManager> FactMgr;
std::unique_ptr<LoanPropagationAnalysis> LoanPropagation;
+ std::unique_ptr<ExpiredLoansAnalysis> ExpiredLoans;
};
} // namespace internal
} // namespace clang::lifetimes
diff --git a/clang/lib/Analysis/LifetimeSafety.cpp b/clang/lib/Analysis/LifetimeSafety.cpp
index ae6ec9f76cbf6..815a36e13412c 100644
--- a/clang/lib/Analysis/LifetimeSafety.cpp
+++ b/clang/lib/Analysis/LifetimeSafety.cpp
@@ -23,14 +23,15 @@
#include "llvm/Support/Debug.h"
#include "llvm/Support/TimeProfiler.h"
#include <cstdint>
+#include <memory>
namespace clang::lifetimes {
namespace internal {
namespace {
-template <typename Tag>
-inline llvm::raw_ostream &operator<<(llvm::raw_ostream &OS, ID<Tag> ID) {
- return OS << ID.Value;
-}
+// template <typename Tag>
+// inline llvm::raw_ostream &operator<<(llvm::raw_ostream &OS, ID<Tag> ID) {
+// return OS << ID.Value;
+// }
} // namespace
/// Represents the storage location being borrowed, e.g., a specific stack
@@ -832,6 +833,65 @@ class LoanPropagationAnalysis
}
};
+// ========================================================================= //
+// Expired Loans Analysis
+// ========================================================================= //
+
+/// The dataflow lattice for tracking the set of expired loans.
+struct ExpiredLattice {
+ LoanSet Expired;
+
+ ExpiredLattice() : Expired(nullptr) {};
+ explicit ExpiredLattice(LoanSet S) : Expired(S) {}
+
+ bool operator==(const ExpiredLattice &Other) const {
+ return Expired == Other.Expired;
+ }
+ bool operator!=(const ExpiredLattice &Other) const {
+ return !(*this == Other);
+ }
+
+ void dump(llvm::raw_ostream &OS) const {
+ OS << "ExpiredLattice State:\n";
+ if (Expired.isEmpty())
+ OS << " <empty>\n";
+ for (const LoanID &LID : Expired)
+ OS << " Loan " << LID << " is expired\n";
+ }
+};
+
+/// The analysis that tracks which loans have expired.
+class ExpiredLoansAnalysis
+ : public DataflowAnalysis<ExpiredLoansAnalysis, ExpiredLattice,
+ Direction::Forward> {
+
+ LoanSet::Factory &Factory;
+
+public:
+ ExpiredLoansAnalysis(const CFG &C, AnalysisDeclContext &AC, FactManager &F,
+ LifetimeFactory &Factory)
+ : DataflowAnalysis(C, AC, F), Factory(Factory.LoanSetFactory) {}
+
+ using Base::transfer;
+
+ StringRef getAnalysisName() const { return "ExpiredLoans"; }
+
+ Lattice getInitialState() { return Lattice(Factory.getEmptySet()); }
+
+ /// Merges two lattices by taking the union of the expired loan sets.
+ Lattice join(Lattice L1, Lattice L2) const {
+ return Lattice(utils::join(L1.Expired, L2.Expired, Factory));
+ }
+
+ Lattice transfer(Lattice In, const ExpireFact &F) {
+ return Lattice(Factory.add(In.Expired, F.getLoanID()));
+ }
+
+ Lattice transfer(Lattice In, const IssueFact &F) {
+ return Lattice(Factory.remove(In.Expired, F.getLoanID()));
+ }
+};
+
// ========================================================================= //
// TODO:
// - Modify loan expiry analysis to answer `bool isExpired(Loan L, Point P)`
@@ -873,6 +933,10 @@ void LifetimeSafetyAnalysis::run() {
LoanPropagation =
std::make_unique<LoanPropagationAnalysis>(Cfg, AC, *FactMgr, *Factory);
LoanPropagation->run();
+
+ ExpiredLoans =
+ std::make_unique<ExpiredLoansAnalysis>(Cfg, AC, *FactMgr, *Factory);
+ ExpiredLoans->run();
}
LoanSet LifetimeSafetyAnalysis::getLoansAtPoint(OriginID OID,
@@ -881,6 +945,11 @@ LoanSet LifetimeSafetyAnalysis::getLoansAtPoint(OriginID OID,
return LoanPropagation->getLoans(OID, PP);
}
+LoanSet LifetimeSafetyAnalysis::getExpiredLoansAtPoint(ProgramPoint PP) const {
+ assert(ExpiredLoans && "ExpiredLoansAnalysis has not been run.");
+ return ExpiredLoans->getState(PP).Expired;
+}
+
std::optional<OriginID>
LifetimeSafetyAnalysis::getOriginIDForDecl(const ValueDecl *D) const {
assert(FactMgr && "FactManager not initialized");
diff --git a/clang/unittests/Analysis/LifetimeSafetyTest.cpp b/clang/unittests/Analysis/LifetimeSafetyTest.cpp
index af4d63a38211e..0539dc32bfe19 100644
--- a/clang/unittests/Analysis/LifetimeSafetyTest.cpp
+++ b/clang/unittests/Analysis/LifetimeSafetyTest.cpp
@@ -20,6 +20,7 @@ namespace clang::lifetimes::internal {
namespace {
using namespace ast_matchers;
+using ::testing::Not;
using ::testing::UnorderedElementsAreArray;
// A helper class to run the full lifetime analysis on a piece of code
@@ -45,7 +46,10 @@ class LifetimeTestRunner {
return;
}
AnalysisCtx = std::make_unique<AnalysisDeclContext>(nullptr, FD);
- AnalysisCtx->getCFGBuildOptions().setAllAlwaysAdd();
+ CFG::BuildOptions &BuildOptions = AnalysisCtx->getCFGBuildOptions();
+ BuildOptions.setAllAlwaysAdd();
+ BuildOptions.AddImplicitDtors = true;
+ BuildOptions.AddTemporaryDtors = true;
// Run the main analysis.
Analysis = std::make_unique<LifetimeSafetyAnalysis>(*AnalysisCtx);
@@ -115,6 +119,13 @@ class LifetimeTestHelper {
return Analysis.getLoansAtPoint(OID, PP);
}
+ std::optional<LoanSet> getExpiredLoansAtPoint(llvm::StringRef Annotation) {
+ ProgramPoint PP = Runner.getProgramPoint(Annotation);
+ if (!PP)
+ return std::nullopt;
+ return Analysis.getExpiredLoansAtPoint(PP);
+ }
+
private:
template <typename DeclT> DeclT *findDecl(llvm::StringRef Name) {
auto &Ctx = Runner.getASTContext();
@@ -134,6 +145,15 @@ class LifetimeTestHelper {
// GTest Matchers & Fixture
// ========================================================================= //
+// A helper class to represent the subject of a check, e.g., "the loan to 'x'".
+class LoanInfo {
+public:
+ LoanInfo(llvm::StringRef LoanVar, LifetimeTestHelper &Helper)
+ : LoanVar(LoanVar), Helper(Helper) {}
+ llvm::StringRef LoanVar;
+ LifetimeTestHelper &Helper;
+};
+
// It holds the name of the origin variable and a reference to the helper.
class OriginInfo {
public:
@@ -185,6 +205,33 @@ MATCHER_P2(HasLoansToImpl, LoanVars, Annotation, "") {
ActualLoans, result_listener);
}
+/// Matcher to verify if a loan to a specific variable has expired at a given
+// program point.
+MATCHER_P(IsExpiredAt, Annotation, "") {
+ const LoanInfo &Info = arg;
+ std::optional<LoanID> TargetLoanIDOpt =
+ Info.Helper.getLoanForVar(Info.LoanVar);
+ if (!TargetLoanIDOpt) {
+ *result_listener << "could not find a loan for variable '"
+ << Info.LoanVar.str() << "'";
+ return false;
+ }
+
+ std::optional<LoanSet> ExpiredLoansSetOpt =
+ Info.Helper.getExpiredLoansAtPoint(Annotation);
+ if (!ExpiredLoansSetOpt) {
+ *result_listener << "could not get a valid expired loan set at point '"
+ << Annotation << "'";
+ return false;
+ }
+
+ if (ExpiredLoansSetOpt->contains(*TargetLoanIDOpt))
+ return true;
+
+ *result_listener << "was expected to be expired, but was not";
+ return false;
+}
+
// Base test fixture to manage the runner and helper.
class LifetimeAnalysisTest : public ::testing::Test {
protected:
@@ -197,6 +244,10 @@ class LifetimeAnalysisTest : public ::testing::Test {
return OriginInfo(OriginVar, *Helper);
}
+ LoanInfo LoanTo(llvm::StringRef LoanVar) {
+ return LoanInfo(LoanVar, *Helper);
+ }
+
// Factory function that hides the std::vector creation.
auto HasLoansTo(std::initializer_list<std::string> LoanVars,
const char *Annotation) {
@@ -435,5 +486,119 @@ TEST_F(LifetimeAnalysisTest, NestedScopes) {
EXPECT_THAT(Origin("p"), HasLoansTo({"inner"}, "after_inner_scope"));
}
+// ========================================================================= //
+// Loan Expiration Tests
+// ========================================================================= //
+
+TEST_F(LifetimeAnalysisTest, SimpleExpiry) {
+ SetupTest(R"(
+ void target() {
+ MyObj* p = nullptr;
+ {
+ MyObj s;
+ p = &s;
+ POINT(before_expiry);
+ } // s goes out of scope here
+ POINT(after_expiry);
+ }
+ )");
+ EXPECT_THAT(LoanTo("s"), Not(IsExpiredAt("before_expiry")));
+ EXPECT_THAT(LoanTo("s"), IsExpiredAt("after_expiry"));
+}
+
+TEST_F(LifetimeAnalysisTest, NestedExpiry) {
+ SetupTest(R"(
+ void target() {
+ MyObj s1;
+ MyObj* p = &s1;
+ POINT(before_inner);
+ {
+ MyObj s2;
+ p = &s2;
+ POINT(in_inner);
+ } // s2 expires
+ POINT(after_inner);
+ }
+ )");
+ EXPECT_THAT(LoanTo("s1"), Not(IsExpiredAt("before_inner")));
+ EXPECT_THAT(LoanTo("s2"), Not(IsExpiredAt("in_inner")));
+ EXPECT_THAT(LoanTo("s1"), Not(IsExpiredAt("after_inner")));
+ EXPECT_THAT(LoanTo("s2"), IsExpiredAt("after_inner"));
+}
+
+TEST_F(LifetimeAnalysisTest, ConditionalExpiry) {
+ SetupTest(R"(
+ void target(bool cond) {
+ MyObj s1;
+ MyObj* p = &s1;
+ POINT(before_if);
+ if (cond) {
+ MyObj s2;
+ p = &s2;
+ POINT(then_block);
+ } // s2 expires here
+ POINT(after_if);
+ }
+ )");
+ EXPECT_THAT(LoanTo("s1"), Not(IsExpiredAt("before_if")));
+ EXPECT_THAT(LoanTo("s2"), Not(IsExpiredAt("then_block")));
+ // After the if-statement, the loan to s2 (created in the 'then' branch)
+ // will have expired.
+ EXPECT_THAT(LoanTo("s2"), IsExpiredAt("after_if"));
+ EXPECT_THAT(LoanTo("s1"), Not(IsExpiredAt("after_if")));
+}
+
+TEST_F(LifetimeAnalysisTest, LoopExpiry) {
+ SetupTest(R"(
+ void target() {
+ MyObj *p = nullptr;
+ for (int i = 0; i < 2; ++i) {
+ MyObj s;
+ p = &s;
+ POINT(in_loop);
+ } // s expires here on each iteration
+ POINT(after_loop);
+ }
+ )");
+ // Inside the loop, before the scope of 's' ends, its loan is not expired.
+ EXPECT_THAT(LoanTo("s"), Not(IsExpiredAt("in_loop")));
+ // After the loop finishes, the loan to 's' from the last iteration has
+ // expired.
+ EXPECT_THAT(LoanTo("s"), IsExpiredAt("after_loop"));
+}
+
+TEST_F(LifetimeAnalysisTest, MultipleExpiredLoans) {
+ SetupTest(R"(
+ void target() {
+ MyObj *p1, *p2, *p3;
+ {
+ MyObj s1;
+ p1 = &s1;
+ POINT(p1);
+ } // s1 expires
+ POINT(p2);
+ {
+ MyObj s2;
+ p2 = &s2;
+ MyObj s3;
+ p3 = &s3;
+ POINT(p3);
+ } // s2, s3 expire
+ POINT(p4);
+ }
+ )");
+ EXPECT_THAT(LoanTo("s1"), Not(IsExpiredAt("p1")));
+
+ EXPECT_THAT(LoanTo("s1"), IsExpiredAt("p2"));
+
+ EXPECT_THAT(LoanTo("s1"), IsExpiredAt("p3"));
+ EXPECT_THAT(LoanTo("s2"), Not(IsExpiredAt("p3")));
+ EXPECT_THAT(LoanTo("s3"), Not(IsExpiredAt("p3")));
+
+ EXPECT_THAT(LoanTo("s1"), IsExpiredAt("p4"));
+ EXPECT_THAT(LoanTo("s2"), IsExpiredAt("p4"));
+ EXPECT_THAT(LoanTo("s3"), IsExpiredAt("p4"));
+}
+
} // anonymous namespace
} // namespace clang::lifetimes::internal
More information about the llvm-branch-commits
mailing list