CFG-based lifetime analysis using existing annotations

Author: usx95

clang/include/clang/Analysis/Analyses/DanglingReference.h

@@ -0,0 +1,27 @@
+#ifndef LLVM_CLANG_ANALYSIS_ANALYSES_DANGLING_REFERENCE_H
+#define LLVM_CLANG_ANALYSIS_ANALYSES_DANGLING_REFERENCE_H
+#include "clang/AST/Decl.h"
+#include "clang/AST/DeclBase.h"
+#include "clang/Analysis/AnalysisDeclContext.h"
+#include "clang/Analysis/CFG.h"
+namespace clang {
+class DanglingReferenceReporter {
+public:
+  DanglingReferenceReporter() = default;
+  virtual ~DanglingReferenceReporter() = default;
+
+  virtual void ReportReturnLocalVar(const Expr *RetExpr,
+                                    const Decl *LocalDecl) {}
+  virtual void ReportReturnTemporaryExpr(const Expr *TemporaryExpr) {}
+  virtual void ReportDanglingReference(const VarDecl *VD) {}
+  virtual void SuggestLifetimebound(const ParmVarDecl *PVD,
+                                    const Expr *RetExpr) {}
+};
+
+void runDanglingReferenceAnalysis(const DeclContext &dc, const CFG &cfg,
+                                  AnalysisDeclContext &ac,
+                                  DanglingReferenceReporter *reporter);
+
+} // namespace clang
+
+#endif // LLVM_CLANG_ANALYSIS_ANALYSES_DANGLING_REFERENCE_H

clang/include/clang/Basic/DiagnosticGroups.td

@@ -472,6 +472,13 @@ def Dangling : DiagGroup<"dangling", [DanglingAssignment,
                                       DanglingInitializerList,
                                       DanglingGsl,
                                       ReturnStackAddress]>;
+def ReturnStackAddressCFG : DiagGroup<"return-stack-address-cfg">;
+def SuggestLifetimeboundCFG : DiagGroup<"suggest-lifetimebound-cfg">;
+def DanglingReferenceCFG : DiagGroup<"dangling-reference-cfg">;
+def DanglingCFG
+    : DiagGroup<"dangling-cfg", [ReturnStackAddressCFG, DanglingReferenceCFG,
+                                 SuggestLifetimeboundCFG]>;
+
 def DistributedObjectModifiers : DiagGroup<"distributed-object-modifiers">;
 def DllexportExplicitInstantiationDecl : DiagGroup<"dllexport-explicit-instantiation-decl">;
 def ExcessInitializers : DiagGroup<"excess-initializers">;

clang/include/clang/Basic/DiagnosticSemaKinds.td

@@ -10169,6 +10169,25 @@ def err_lifetimebound_implicit_object_parameter_void_return_type : Error<
   "parameter of a function that returns void; "
   "did you mean 'lifetime_capture_by(X)'">;
 
+// CFG based lifetime analysis.
+def warn_ret_stack_variable_ref_cfg
+    : Warning<"returning reference to a stack variable">,
+      InGroup<ReturnStackAddressCFG>,
+      DefaultIgnore;
+def note_local_variable_declared_here
+    : Note<"reference to this stack variable is returned">;
+def warn_ret_stack_temporary_ref_cfg
+    : Warning<"returning reference to a temporary object">,
+      InGroup<ReturnStackAddressCFG>,
+      DefaultIgnore;
+def warn_dangling_reference_cfg : Warning<"reference to local object dangles">,
+                                  InGroup<DanglingReferenceCFG>,
+                                  DefaultIgnore; // TODO: add note on loc of
+def warn_suggest_lifetimebound_cfg
+    : Warning<"param should be marked lifetimebound">,
+      InGroup<SuggestLifetimeboundCFG>,
+      DefaultIgnore;
+
 // CHECK: returning address/reference of stack memory
 def warn_ret_stack_addr_ref : Warning<
   "%select{address of|reference to}0 stack memory associated with "

clang/lib/Analysis/CMakeLists.txt

@@ -16,6 +16,7 @@ add_clang_library(clangAnalysis
   ConstructionContext.cpp
   Consumed.cpp
   CodeInjector.cpp
+  DanglingReference.cpp
   Dominators.cpp
   ExprMutationAnalyzer.cpp
   IntervalPartition.cpp