[all-commits] [llvm/llvm-project] 22a5bb: [analyzer] Limit Store by region-store-binding-lim...

Balázs Benics via All-commits all-commits at lists.llvm.org
Mon Feb 24 06:48:29 PST 2025 

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: 22a5bb32b787443b70476cc1359709b6c888b591
      https://github.com/llvm/llvm-project/commit/22a5bb32b787443b70476cc1359709b6c888b591
  Author: Balázs Benics <108414871+balazs-benics-sonarsource at users.noreply.github.com>
  Date:   2025-02-24 (Mon, 24 Feb 2025)

  Changed paths:
    M clang/include/clang/StaticAnalyzer/Core/AnalyzerOptions.def
    M clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h
    M clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h
    M clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h
    M clang/lib/StaticAnalyzer/Core/ProgramState.cpp
    M clang/lib/StaticAnalyzer/Core/RegionStore.cpp
    M clang/lib/StaticAnalyzer/Core/Store.cpp
    M clang/test/Analysis/analyzer-config.c
    M clang/test/Analysis/region-store.cpp
    M clang/unittests/StaticAnalyzer/StoreTest.cpp

  Log Message:
  -----------
  [analyzer] Limit Store by region-store-binding-limit (#127602)

In our test pool, the max entry point RT was improved by this change:
1'181 seconds (~19.7 minutes) -> 94 seconds (1.6 minutes)

BTW, the 1.6 minutes is still really bad. But a few orders of magnitude
better than it was before.

This was the most servere RT edge-case as you can see from the numbers.
There are are more known RT bottlenecks, such as:

- Large environment sizes, and `removeDead`. See more about the failed
attempt on improving it at:
https://discourse.llvm.org/t/unsuccessful-attempts-to-fix-a-slow-analysis-case-related-to-removedead-and-environment-size/84650

- Large chunk of time could be spend inside `assume`, to reach a fixed
point. This is something we want to look into a bit later if we have
time.

We have 3'075'607 entry points in our test set.
About 393'352 entry points ran longer than 1 second when measured.

To give a sense of the distribution, if we ignore the slowest 500 entry
points, then the maximum entry point runs for about 14 seconds. These
500 slow entry points are in 332 translation units.

By this patch, out of the slowest 500 entry points, 72 entry points were
improved by at least 10x after this change.

We measured no RT regression on the "usual" entry points.


![slow-entrypoints-before-and-after-bind-limit](https://github.com/user-attachments/assets/44425a76-f1cb-449c-bc3e-f44beb8c5dc7)
(The dashed lines represent the maximum of their RT)

CPP-6092



To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications

More information about the All-commits mailing list