[LLVMdev] Confusion about Alias Analysis Results -print-no-aliases&&-print-alias-sets
Duncan Sands
baldrick at free.fr
Tue Jan 22 07:48:15 PST 2013
Hi 奋翮求飞,
On 22/01/13 16:32, 奋翮求飞 wrote:
> Need help about Alias Analysis.
> I try to detect use-after-free debug in source code. And my analysis is based on
> LLVM IR.
> I use the following code as a small example. I want to get the result p&&q are
> alias.
> //uaf.cpp
> #include<iostream>
> using namespace std;
> class A
> {
> public:
> void virtual foo(){};
> };
> class B:public A
> {
> public:
> void virtual foo(){};
> };
> int main()
> {
> B *p=new B();
> B *q=p;
> p->foo();
> delete (p);
> q->foo();
> return 0;
> }
> --------------------------------------------
> $clang++ -emit-llvm -S uaf.cpp -o uaf.ll
> $opt -globalsmodref-aa -basicaa -scev-aa -print-alias-sets uaf.ll
you need to run some optimizations if you want alias analysis to be effective
(instead of producing correct but useless results). Try adding -O2 to the
clang command line.
Best wishes, Duncan.
> Alias Set Tracker: 4 alias sets for 7 pointer values.
> AliasSet[0x93a80b8, 1] must alias, Mod Pointers: (i32* %retval, 4)
> AliasSet[0x93a80e0, 4] may alias, Mod/Ref Pointers: (void (%class.B*)***
> %4, 4), (void (%class.B*)** %vfn, 4), (void (%class.B*)*** %9, 4), (void
> (%class.B*)** %vfn2, 4)
> 6 Unknown instructions: i8* %call, void <badref>, void <badref>, void
> <badref>, void <badref>, void <badref>
> * AliasSet[0x93a9ea8, 1] must alias, Mod/Ref Pointers: (%class.B** %p, 4)*
> * AliasSet[0x93a9ef0, 1] must alias, Mod/Ref Pointers: (%class.B** %q, 4)*
> $opt -globalsmodref-aa -basicaa -scev-aa -aa-eval -print-no-aliases uaf.ll
> NoAlias:%class.B** %p, i32* %retval
> NoAlias:%class.B** %q, i32* %retval
> * NoAlias:%class.B** %p, %class.B** %q*
> NoAlias:i32* %retval, i8* %call
> NoAlias:%class.B** %p, i8* %call
> NoAlias:%class.B** %q, i8* %call
>
> How to understand the results?
> Are
> * AliasSet[0x93a9ea8, 1] must alias, Mod/Ref Pointers: (%class.B** %p, 4)*
> * AliasSet[0x93a9ef0, 1] must alias, Mod/Ref Pointers: (%class.B** %q, 4)*
> conflict with
> * NoAlias:%class.B** %p, %class.B** %q?*
>
>
>
>
>
>
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
>
More information about the llvm-dev
mailing list