[PATCH] D49568: [analyzer][WIP] Scan the program state map in the visitor only once in DanglingInternalBufferChecker
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Jul 19 18:41:32 PDT 2018
NoQ added a comment.
Oh, this FIXME, i almost forgot about that. Not sure if we should focus on this now because it's kinda premature optimization, especially after @george.karpenkov has fixed a large performance problem that caused `VisitNode` to be called like ~30 times more often than necessary (https://reviews.llvm.org/D47856), so now our visitors are very fast. But i totally agree that it is aesthetically unpleasant to leave this code in that shape.
Also, yeah, if i recall correctly i had something different in mind that doesn't loosen our program state cleanup. Trying to reconstruct what i was probably thinking, i can imagine one efficient strategy that unfortunately ties the two checkers (your checker and MallocChecker) to each other even more. The strategy is to perform the lookup that finds the region not against the leaf of the path, but against the point in which the pointer is marked as //released//, because that's one easy-to-identify point in which the container is certainly present and has certainly not been cleaned up. In order to find such point, we can consult `MallocBugVisitor::isReleased()`, which is currently essentially a static function (even if not marked as such) but it should be modified to accept not `RefState`s but a symbol and an actual state (i.e. something that's not a MallocChecker's private thing).
Repository:
rC Clang
https://reviews.llvm.org/D49568
More information about the cfe-commits
mailing list