maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Add batch version of 'StoreManager::InvalidateRegion()' for invalidating multiple regions as once. After adopting this in the CFRefCount::EvalCall(), we see a reduction in analysis time of 1.5% when analyzing all of SQLite3. 

llvm-svn: 90405
This commit is contained in:
Ted Kremenek 2009-12-03 03:27:11 +00:00
parent e692f7c309
commit e5716cbae7
4 changed files with 70 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
clang/include/clang/Analysis/PathSensitive/Store.h
View File

@ -147,6 +147,12 @@ public:
const MemRegion *R,
const Expr *E, unsigned Count,
InvalidatedSymbols *IS) = 0;
virtual const GRState *InvalidateRegions(const GRState *state,
const MemRegion * const *Begin,
const MemRegion * const *End,
const Expr *E, unsigned Count,
InvalidatedSymbols *IS);
// FIXME: Make out-of-line.
virtual const GRState *setExtent(const GRState *state,

49
clang/lib/Analysis/CFRefCount.cpp
View File

@ -2786,6 +2786,8 @@ void CFRefCount::EvalSummary(ExplodedNodeSet& Dst,
Expr* ErrorExpr = NULL;
SymbolRef ErrorSym = 0;
llvm::SmallVector<const MemRegion*, 10> RegionsToInvalidate;
for (ExprIterator I = arg_beg; I != arg_end; ++I, ++idx) {
SVal V = state->getSValAsScalarOrLoc(*I);
SymbolRef Sym = V.getAsLocSymbol();
@ -2808,16 +2810,8 @@ void CFRefCount::EvalSummary(ExplodedNodeSet& Dst,
continue;
// Invalidate the value of the variable passed by reference.
// FIXME: We can have collisions on the conjured symbol if the
// expression *I also creates conjured symbols. We probably want
// to identify conjured symbols by an expression pair: the enclosing
// expression (the context) and the expression itself. This should
// disambiguate conjured symbols.
unsigned Count = Builder.getCurrentBlockCount();
StoreManager& StoreMgr = Eng.getStateManager().getStoreManager();
const MemRegion *R = MR->getRegion();
// Are we dealing with an ElementRegion? If the element type is
// a basic integer type (e.g., char, int) and the underying region
// is a variable region then strip off the ElementRegion.
@ -2841,14 +2835,11 @@ void CFRefCount::EvalSummary(ExplodedNodeSet& Dst,
}
// FIXME: What about layers of ElementRegions?
}
StoreManager::InvalidatedSymbols IS;
state = StoreMgr.InvalidateRegion(state, R, *I, Count, &IS);
for (StoreManager::InvalidatedSymbols::iterator I = IS.begin(),
E = IS.end(); I!=E; ++I) {
// Remove any existing reference-count binding.
state = state->remove<RefBindings>(*I);
}
// Mark this region for invalidation. We batch invalidate regions
// below for efficiency.
RegionsToInvalidate.push_back(R);
continue;
}
else {
// Nuke all other arguments passed by reference.
@ -2864,6 +2855,30 @@ void CFRefCount::EvalSummary(ExplodedNodeSet& Dst,
goto tryAgain;
}
}
// Invalidate regions we designed for invalidation use the batch invalidation
// API.
if (!RegionsToInvalidate.empty()) {
// FIXME: We can have collisions on the conjured symbol if the
// expression *I also creates conjured symbols. We probably want
// to identify conjured symbols by an expression pair: the enclosing
// expression (the context) and the expression itself. This should
// disambiguate conjured symbols.
unsigned Count = Builder.getCurrentBlockCount();
StoreManager& StoreMgr = Eng.getStateManager().getStoreManager();
StoreManager::InvalidatedSymbols IS;
state = StoreMgr.InvalidateRegions(state, RegionsToInvalidate.data(),
RegionsToInvalidate.data() +
RegionsToInvalidate.size(),
Ex, Count, &IS);
for (StoreManager::InvalidatedSymbols::iterator I = IS.begin(),
E = IS.end(); I!=E; ++I) {
// Remove any existing reference-count binding.
state = state->remove<RefBindings>(*I);
}
}
// Evaluate the effect on the message receiver.
if (!ErrorExpr && Receiver) {

32
clang/lib/Analysis/RegionStore.cpp
View File

@ -269,7 +269,15 @@ public:
const GRState *InvalidateRegion(const GRState *state, const MemRegion *R,
const Expr *E, unsigned Count,
InvalidatedSymbols *IS);
InvalidatedSymbols *IS) {
return RegionStoreManager::InvalidateRegions(state, &R, &R+1, E, Count, IS);
}
const GRState *InvalidateRegions(const GRState *state,
const MemRegion * const *Begin,
const MemRegion * const *End,
const Expr *E, unsigned Count,
InvalidatedSymbols *IS);
private:
void RemoveSubRegionBindings(RegionBindings &B, const MemRegion *R,
@ -460,16 +468,14 @@ void RegionStoreManager::RemoveSubRegionBindings(RegionBindings &B,
B = RBFactory.Remove(B, R);
}
const GRState *RegionStoreManager::InvalidateRegion(const GRState *state,
const MemRegion *R,
const Expr *Ex,
unsigned Count,
InvalidatedSymbols *IS) {
const GRState *RegionStoreManager::InvalidateRegions(const GRState *state,
const MemRegion * const *I,
const MemRegion * const *E,
const Expr *Ex,
unsigned Count,
InvalidatedSymbols *IS) {
ASTContext& Ctx = StateMgr.getContext();
// Strip away casts.
R = R->StripCasts();
// Get the mapping of regions -> subregions.
llvm::OwningPtr<RegionStoreSubRegionMap>
SubRegions(getRegionStoreSubRegionMap(state->getStore()));
@ -478,10 +484,14 @@ const GRState *RegionStoreManager::InvalidateRegion(const GRState *state,
llvm::DenseMap<const MemRegion *, unsigned> Visited;
llvm::SmallVector<const MemRegion *, 10> WorkList;
WorkList.push_back(R);
for ( ; I != E; ++I) {
// Strip away casts.
WorkList.push_back((*I)->StripCasts());
}
while (!WorkList.empty()) {
R = WorkList.back();
const MemRegion *R = WorkList.back();
WorkList.pop_back();
// Have we visited this region before?

11
clang/lib/Analysis/Store.cpp
View File

@ -205,3 +205,14 @@ SVal StoreManager::CastRetrievedVal(SVal V, const TypedRegion *R,
return V;
}
const GRState *StoreManager::InvalidateRegions(const GRState *state,
const MemRegion * const *I,
const MemRegion * const *End,
const Expr *E,
unsigned Count,
InvalidatedSymbols *IS) {
for ( ; I != End ; ++I)
state = InvalidateRegion(state, *I, E, Count, IS);
return state;
}