[LLVMdev] Expressing ambiguous points-to info in AliasAnalysis::alias(...) results?

Daniel Berlin dberlin at dberlin.org
Mon Jun 15 06:31:32 PDT 2015


On Mon, Jun 15, 2015 at 4:15 AM, Christian Convey
<christian.convey at gmail.com> wrote:
> On Mon, Jun 15, 2015 at 1:43 AM, Daniel Berlin <dberlin at dberlin.org> wrote:
>>
>> > The AA algorithm uses dataflow analysis to monitor the possible
>> > propagation
>> > of those values through the program code, and it represents those flows
>> > by
>> > updates to the may-point-to graph.  If at some code point CP, a
>> > may-point-to
>> > graph vertex "B" has no outbound edges, that's equivalent to saying that
>> > the
>> > AA has concluded the runtime memory modeled by "B" does not contain any
>> > pointer that a correct program has any business trying to dereference.
>>
>> FWIW: When i first did GCC's current points-to analysis, I did the
>> same thing. It eliminated "non-pointer" values along the same lines.
>> This broke roughly "the entire world".
>
>
> Whoa, thanks for the warning.
>
>>
>> I tried to find some subset i felt was worthwhile and where it was
>> okay, but gave up after a while.
>
>
> I'm not quite sure which things you're referring to in that statement.
> Would you mind clarifying?

You can try to ameliorate it by doing things like say "well, we
believe code  patterns that look like this generate valid pointers,
but patterns that look like this can be ignored".  It is very hard to
find a set of patterns you allow that gives you anything meaningfully
better, but doesn't still break the world.

As for your statement on authors putting a lot of thought into
published algorithms - they do, but honestly, published algorithms
should generally be treated like a starting point. They are often
vastly simplified for publication, or otherwise in need of significant
*engineering* work.



More information about the llvm-dev mailing list