[clang] [LifetimeSafety] Handle pruned-edges (null blocks) in dataflow (PR #150670)

via cfe-commits Fri, 25 Jul 2025 11:15:38 -0700

llvmbot wrote:


<!--LLVM PR SUMMARY COMMENT-->
@llvm/pr-subscribers-clang

@llvm/pr-subscribers-clang-analysis

Author: Utkarsh Saxena (usx95)

<details>
<summary>Changes</summary>

Fix a crash in the lifetime safety dataflow analysis when handling null CFG 
blocks.

Added a null check for adjacent blocks in the dataflow analysis algorithm to 
prevent dereferencing null pointers. This occurs when processing CFG blocks 
with unreachable successors or predecessors.

Original crash: https://compiler-explorer.com/z/qfzfqG5vM

Fixes https://github.com/llvm/llvm-project/issues/150095

---
Full diff: https://github.com/llvm/llvm-project/pull/150670.diff


2 Files Affected:

- (modified) clang/lib/Analysis/LifetimeSafety.cpp (+2) 
- (modified) clang/unittests/Analysis/LifetimeSafetyTest.cpp (+19) 


``````````diff
diff --git a/clang/lib/Analysis/LifetimeSafety.cpp 
b/clang/lib/Analysis/LifetimeSafety.cpp
index 94b8197bbf6f3..f39998cca56fe 100644
--- a/clang/lib/Analysis/LifetimeSafety.cpp
+++ b/clang/lib/Analysis/LifetimeSafety.cpp
@@ -603,6 +603,8 @@ class DataflowAnalysis {
       OutStates[B] = StateOut;
       Visited.set(B->getBlockID());
       for (const CFGBlock *AdjacentB : isForward() ? B->succs() : B->preds()) {
+        if (!AdjacentB)
+          continue;
         Lattice OldInState = getInState(AdjacentB);
         Lattice NewInState = D.join(OldInState, StateOut);
         // Enqueue the adjacent block if its in-state has changed or if we have
diff --git a/clang/unittests/Analysis/LifetimeSafetyTest.cpp 
b/clang/unittests/Analysis/LifetimeSafetyTest.cpp
index a48dc45e4f806..7cd679e184f6c 100644
--- a/clang/unittests/Analysis/LifetimeSafetyTest.cpp
+++ b/clang/unittests/Analysis/LifetimeSafetyTest.cpp
@@ -512,6 +512,25 @@ TEST_F(LifetimeAnalysisTest, 
PointersAndExpirationInACycle) {
   EXPECT_THAT(LoansTo({"temp"}), AreExpiredAt("after_loop"));
 }
 
+TEST_F(LifetimeAnalysisTest, InfiniteLoopPrunesEdges) {
+  SetupTest(R"(
+    void target(MyObj out) {
+      MyObj *p = &out;
+      POINT(before_loop);
+
+      for (;;) {
+        POINT(begin);
+        MyObj in;
+        p = &in;
+        POINT(end);
+      }
+    }
+  )");
+  EXPECT_THAT(Origin("p"), HasLoansTo({"out"}, "before_loop"));
+  EXPECT_THAT(Origin("p"), HasLoansTo({"in", "out"}, "begin"));
+  EXPECT_THAT(Origin("p"), HasLoansTo({"in"}, "end"));
+}
+
 TEST_F(LifetimeAnalysisTest, NestedScopes) {
   SetupTest(R"(
     void target() {

``````````

</details>


https://github.com/llvm/llvm-project/pull/150670
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [LifetimeSafety] Handle pruned-edges (null blocks) in dataflow (PR #150670)

Reply via email to