IMPROVING THE PRECISION OF FLOW-SENSITIVE LIFETIME ANALYSIS

Object lifetimes are a common source of bugs in C++ that can cause crashes, unexpected behavior, or even security vulnerabilities. Herb Sutter, the chair of the C++ standard committee proposed a flow-sensitive analysis to catch lifetime errors statically. Sadly, this analysis is prone to false positives unless the author follows some specific guidelines. We developed mitigations to eliminate some classes of false positives to make it easier to write conforming code. The first mitigation fixes a common false positive from a frequently used coding pattern by introducing local path-sensitivity. The second one is a filter based on reaching definitions and dominance algorithms to remove reports that might be the result of analyzing infeasible paths. We tested the effectiveness of the methods on the open source Google Fuchsia project.