[all-commits] [llvm/llvm-project] 848658: [analyzer] Limit `isTainted()` by skipping complic...
Balazs Benics via All-commits
all-commits at lists.llvm.org
Wed Aug 21 05:25:19 PDT 2024
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 848658955a9d2d42ea3e319d191e2dcd5d76c837
https://github.com/llvm/llvm-project/commit/848658955a9d2d42ea3e319d191e2dcd5d76c837
Author: Balazs Benics <benicsbalazs at gmail.com>
Date: 2024-08-21 (Wed, 21 Aug 2024)
Changed paths:
M clang/include/clang/StaticAnalyzer/Core/AnalyzerOptions.def
M clang/lib/StaticAnalyzer/Checkers/Taint.cpp
M clang/test/Analysis/analyzer-config.c
M clang/test/Analysis/taint-generic.c
Log Message:
-----------
[analyzer] Limit `isTainted()` by skipping complicated symbols (#105493)
As discussed in
https://discourse.llvm.org/t/rfc-make-istainted-and-complex-symbols-friends/79570/10
Some `isTainted()` queries can blow up the analysis times, and
effectively halt the analysis under specific workloads.
We don't really have the time now to do a caching re-implementation of
`isTainted()`, so we need to workaround the case.
The workaround with the smallest blast radius was to limit what symbols
`isTainted()` does the query (by walking the SymExpr). So far, the
threshold 10 worked for us, but this value can be overridden using the
"max-tainted-symbol-complexity" config value.
This new option is "deprecated" from the getgo, as I expect this issue
to be fixed within the next few months and I don't want users to
override this value anyways. If they do, this message will let them know
that they are on their own, and the next release may break them (as we
no longer recognize this option if we drop it).
Mitigates #89720
CPP-5414
To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications
More information about the All-commits
mailing list