[llvm-dev] Potential issue with noalias @malloc and @realloc
Sanjoy Das via llvm-dev
llvm-dev at lists.llvm.org
Tue Apr 11 16:27:00 PDT 2017
Hi Kevin,
On April 11, 2017 at 4:14:14 PM, Flamedoge (code.kchoi at gmail.com) wrote:
> So only "non-freed" malloc pointers are No-Alias which makes it
> flow-sensitive. There is no reason why malloc couldn't return previously
> freed location.
Yes.
Talking to Nick Lewycky on IRC, I figured out a shorter way of saying
what I wanted to say. We know that programs like this are UB in C:
p0 = malloc();
free(p0);
p1 = malloc();
if (p0 == p1) {
int v = *p0; // Semantically free'ed but bitwise equal to an allocated value
}
and we relied on them having UB when marking malloc's return value as noalias.
However, we can end up in cases like the above by applying
loop-unswitch + GVN to well defined C programs.
-- Sanjoy
More information about the llvm-dev
mailing list