<div dir="ltr"><div dir="ltr">Ralf pointed out that psub cannot be used for propagating pointer equality if pointer-cast integer is involved;<div><br></div><div>a = p</div><div>b = inttoptr(ptrtoint p)</div><div>if ((psub inbounds a b) == 0) {</div><div>use(b) // replacing b with a may be problematic, as it is essentially folding inttoptr(ptrtoint p) -> p, which is discussed at <a href="https://bugs.llvm.org/show_bug.cgi?id=34548">https://bugs.llvm.org/show_bug.cgi?id=34548</a></div><div>}</div><div><br></div><div>I'm sorry for the confusion. To propagate pointer equality, we certainly need a better solution. :\</div><div><br></div><div>Juneyoung Lee</div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Jan 18, 2019 at 4:57 PM Juneyoung Lee <<a href="mailto:juneyoung.lee@sf.snu.ac.kr">juneyoung.lee@sf.snu.ac.kr</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hello Sanjoy,<div><br></div><div>Yep, combining it with propagateEquality of pointers may raise problem. :\</div><div><br></div><div>However I believe propagateEquality should be fixed properly, and adding psub also suggests a solution for that. :)</div><div><br></div><div>It is sound to replace a pointer with another if subtraction of them is 0:</div><div><br></div><div>a = malloc()<br>free(a)<br>b = malloc() // Assume b == a numerically<br>if ((psub inbounds a b) == 0) { // a and b are pointing to different objects, so the comparison becomes poison</div><div> use(a)<br>} <br></div><div><br></div><div>=></div><div><br></div><div><div>a = malloc()<br>free(a)<br>b = malloc() // Assume b == a numerically<br>if ((psub inbounds a b) == 0) {</div><div> use(b)<br>} </div></div><div><br></div><div>Juneyoung Lee</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail-m_-4688333241281182223gmail_attr">On Fri, Jan 18, 2019 at 7:50 AM Sanjoy Das <<a href="mailto:sanjoy@playingwithpointers.com" target="_blank">sanjoy@playingwithpointers.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">On Mon, Jan 14, 2019 at 3:23 AM Juneyoung Lee via llvm-dev<br>
<<a href="mailto:llvm-dev@lists.llvm.org" target="_blank">llvm-dev@lists.llvm.org</a>> wrote:<br>
> Patch <a href="https://reviews.llvm.org/D56598" rel="noreferrer" target="_blank">https://reviews.llvm.org/D56598</a> adds llvm.psub(p1,p2) intrinsic function, which subtracts two pointers and returns the difference. Its semantic is as follows.<br>
><br>
> If p1 and p2 point to different objects, and neither of them is based on a pointer casted from an integer, `llvm.psub(p1, p2)` returns poison. For example,<br>
<br>
Are you proposing landing this in conjunction with some of the other<br>
stuff discussed in the twin allocation paper? Otherwise isn't this<br>
problematic with propagateEquality of pointers?<br>
<br>
a = malloc()<br>
free(a)<br>
b = malloc() // Assume b == a numerically<br>
if (a == b) {<br>
print(psub(b, b)) // prints 0<br>
}<br>
<br>
=><br>
<br>
a = malloc()<br>
free(a)<br>
b = malloc() // Assume b == a numerically<br>
if (a == b) {<br>
print(psub(a, b)) // prints poison<br>
}<br>
<br>
Though I admit propagateEquality of pointers has many other problems like this.<br>
<br>
<br>
-- Sanjoy<br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail-m_-4688333241281182223gmail_signature"><div dir="ltr"><div><br></div><font size="1">Juneyoung Lee</font><div><font size="1">Software Foundation Lab, Seoul National University</font></div></div></div>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><br></div><font size="1">Juneyoung Lee</font><div><font size="1">Software Foundation Lab, Seoul National University</font></div></div></div>