[LLVMdev] How do I find all memory allocations in an llvm ir code file?

John Criswell criswell at illinois.edu
Fri Oct 15 07:12:31 PDT 2010 

  As others have mentioned, C++ mangles names (i.e., it changes the name 
of a symbol into a string that contains both the name, scope, and type 
of the variable or function), so if you know what the mangled name is of 
your allocator, you can recognize it.

Additionally, I believe that functions with return values marked with 
the noalias attribute are, essentially, memory allocators because the 
return value is guaranteed to not alias with anything not based off of 
the return value.  See http://llvm.org/docs/LangRef.html#pointeraliasing 
for more details.

As an aside, I've been thinking for awhile that we should have a "memory 
allocator" analysis group that identifies different allocators for 
different source-level languages (i.e., one analysis would recognize 
malloc, free, realloc, calloc while another would recognize new, new[], 
delete, and delete[]).  There are even analyses you can do to determine 
if a function is a memory allocator.  I have not yet had enough time to 
implement such an analysis group, but if others think it's a good idea, 
feel free to write it.
:)

-- John T.

On 10/15/10 6:37 AM, Theresia Hansson wrote:
> I tried to compile this snippet of C++ code:
>
> void FuncTest() {
>      int* a = new int;
>      int* b = new int[2];
> }
>
> using:
>
> clang test.cpp -S -emit-llvm -o ->  test.llvm
>
> and obtained this:
>
> define void @_Z8FuncTestv() {
> entry:
>    %a = alloca i32*, align 4
>    %b = alloca i32*, align 4
>    %call = call noalias i8* @_Znwj(i32 4)
>    %0 = bitcast i8* %call to i32*
>    store i32* %0, i32** %a, align 4
>    %call1 = call noalias i8* @_Znaj(i32 8)
>    %1 = bitcast i8* %call1 to i32*
>    store i32* %1, i32** %b, align 4
>    ret void
> }
>
> declare noalias i8* @_Znwj(i32)
> declare noalias i8* @_Znaj(i32)
>
> What I am wondering now is: where do the _Znwj and _Znaj symbols come
> from? Are they just randomly assigned or is there a system to it? I
> would like to be able to tell that the lines
>
> %call = call noalias i8* @_Znwj(i32 4)
>
> and
>
> %call1 = call noalias i8* @_Znaj(i32 8)
>
> perform memory allocations. But it does not look that promising...
> Some llvm expert here who has an idea?
>
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev

More information about the llvm-dev mailing list