[LLVMdev] incorrect DSCallGraph for simple indirect call with vtable nearby
Will Dietz
willdtz at gmail.com
Wed Aug 10 21:21:05 PDT 2011
On Wed, Aug 10, 2011 at 1:39 PM, Ben Liblit <liblit at cs.wisc.edu> wrote:
> The first of those two calls is a vtable dispatch; the ideal answer would be
> Base::virt() const and Derived::virt() const, without red() and blue().
> Still, vtable lookups are complex, so I could imagine an over-approximation
> here.
>
> The second of those two calls is just a non-deterministic choice between two
> functions. I'd really hoped that DSA would give the ideal answer here:
> red() or blue(), but not Base::virt() const or Derived::virt() const.
>
Hi Ben!
This is actually the expected behavior for EQTD :).
In short, EQTD (and CBU) are useful for program-transforming passes
like pool allocation, but are _not_ good for alias analysis queries.
If you switch to TD you'll get better alias-analysis information, and
in this example the correct result. I changed both instances of
EQTDDataStructures to TDDataStructures in your example code, and got
the desired result (and confirmed that I get the results you report
when using EQTD).
Give that change a shot and let us know if you have any further
questions/issues.
FWIW at the moment DSA doesn't give good results for vtable-heavy
code, marking all such callsites as incomplete and cannot resolve
them. Offhand, I don't remember if DSCallGraph will correctly report
a pessimistic callee set or if we expect you to look at the Incomplete
flag yourself. Anyway, this is a fundamental limitation of DSA that
probably won't be fixed anytime soon, just a heads-up.
Hope this helps! :)
~Will
More information about the llvm-dev
mailing list