[llvm] LangRef: allocated objects can grow (PR #141338)

[Ralf Jung via llvm-commits]

================
@@ -11870,6 +11879,8 @@ if the ``getelementptr`` has any non-zero indices, the following rules apply:
    :ref:`based <pointeraliasing>` on. This means that it points into that
    allocated object, or to its end. Note that the object does not have to be
    live anymore; being in-bounds of a deallocated object is sufficient.
+   If the allocated object can grow, then the relevant size for being *in
+   bounds* is the maximal size the object will ever have, not its current size.
----------------
RalfJung wrote:

> We would need to disable all rules that use reasoning such as p + offset > p's size to conclude no-alias, because the size may be increased later.

No, we don't -- the PR explicitly discusses this: all allocated objects created by operations that are built-in to LLVM must never change their size.

> Alias analysis works over heap-allocated objects. Anything that LLVM (MemoryBuiltins.h) can infer the size is fair game.

Indeed, and that's fine. All we need is *some* way to allocate memory such that LLVM cannot infer the size (and promises to never infer it) -- e.g. by calling `mmap`, which I assume LLVM does not have a native understanding of.

Longer-term it may also be useful to offer a flag for malloc-like functions so that frontends can communicate to LLVM whether this allocation is allowed to change size or not, but that's left to future work.

https://github.com/llvm/llvm-project/pull/141338