[PATCH] D71960: [Attributor] AAUndefinedBehavior: Use AAValueSimplify in memory accessing instructions.
Stefanos Baziotis via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Feb 14 14:30:09 PST 2020
baziotis added a comment.
In D71960#1877001 <https://reviews.llvm.org/D71960#1877001>, @xbolva00 wrote:
> I have a similar case how to exploit UB to simplify code:
>
> int process(char *p) __attribute__((nonnull));
>
>
> void doit(bool b, char *d) {
> char *p = 0;
> if (b)
> p = d;
> process(p);
> }
>
>
> https://godbolt.org/z/eYcApm
>
> In this case, it is invalid to call process with null pointer since args are nonnull, so we can remove branch and call process(d) directly.
Thanks for the proposal! At first glance, deleting the branch is not straightforward and may not make a lot of sense. Reaching the `call`, you have a `phi` node basically saying:
- If you got into the branch, the value is `d`.
- If not, the value is `p` (which with constant propagation, let's say `null`).
Deleting the branch first of all seems to require somehow going "backwards", tracking where this (or these) value came from. Second, I can't find a reasoning on how to generalize this (except since we have UB, do whatever)
because the previous code is not invalid, only the `call`.
That said, personally I think it's a very good idea to check if null arguments are passed to `nonnull` parameters and consider that UB. Then, we can make the `call` unreachable.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D71960/new/
https://reviews.llvm.org/D71960
More information about the llvm-commits
mailing list