[LLVMdev] Question about node collapse
Shaobo
shaobo at cs.utah.edu
Fri Dec 12 17:14:51 PST 2014
Hi guys,
I'm working on a project using DSA to mark the type-unsafe store
operations. The example code is below,
> int main() {
> int *a = (int*)malloc(sizeof(int));
>
> *a = 256;
> *((char *)a) = 1;
> assert(*a == 257);
>
> free(a);
>
> return 0;
> }
Based on my understanding of DSA, *((char *)a) = 1 will cause the node
to which "a" points to collapsed because I think there is
type-inconsistency here in the sense that a is declared as int* and used
as int* when *a = 256 happens while is used as char* afterwards.
However, it seems that no node is collapsed when the analysis is
finished. I was wondering if my understanding of DSA is correct or not.
Suggestions from your guys are really appreciated.
Best,
Shaobo
More information about the llvm-dev
mailing list