[LLVMdev] Verifier should not make any assumptions about calls to "malloc"

Victor Hernandez vhernandez at apple.com
Wed Sep 23 17:14:11 PDT 2009


Duncan,

On Sep 22, 2009, at 12:48 PM, Duncan Sands wrote:

> Hi Victor,
>
>> What does the Ada front-end declare malloc as?
>
> I don't really want to tell you because a correct solution should work
> no matter what malloc is defined to be :)  What I mean by "work" is  
> that
> if malloc has the standard prototype then you perform transforms on  
> it,
> and otherwise you should probably just ignore it.
>
> That said, Ada outputs malloc as: i32 @malloc(i32)
> I'm perfectly happy for this not to be optimized - if the Ada
> frontend wants malloc to be optimized I think it is reasonable
> to require it to define malloc in a more conventional way.
>
>>> I think this code should be removed from the verifier.  Instead,
>>> isMalloc should also check the number of parameters and their types,
>>> as well as the return value.
>> The verifier code is needed because when a malloc return value is  
>> used directly, not via a bitcast, the type of the malloc is  
>> determined to be i8*.  But that could be updated to use the  
>> declared return type of malloc.  I need to understand more about  
>> how this is breaking Ada to determine how to resolve this.   
>> Removing this check from the verifier could end up being the  
>> resolution.
>
> I think you should just not even try to do transforms on a function  
> that
> happens to be called "malloc" if it doesn't have the conventional
> prototype.  I reckon isMalloc should just return false for something
> called "malloc" but that doesn't return i8* or has too many parameters
> etc.

I am going to extend isMalloc to check the signature, not just the  
function name.  That should not break any optimizations that currently  
get done in normal malloc mode.

Thanks for the feedback.

Victor



More information about the llvm-dev mailing list