[llvm-dev] Highlight taken LLVM IR branches in a real execution environment

[Johannes Doerfert via llvm-dev]

Could you elaborate what you mean with "mark" here?

You want to create a flow sensitive static analysis or profile which
branch has been taken at runtime, or both?

FWIW, if you tell LLVM x > 0, e.g., `__builtin_assume(x > 0)` in your 
source,
the branches should be folded away.

~ Johannes


On 2/26/21 9:15 AM, Joseph via llvm-dev wrote:
> Hey. I realize this question is a bit out-of-place, but I feel someone in
> the LLVM community might've ran into a similar topic before.
>
> I'd like to find a way to run LLVM IR and mark all branches taken, given a
> specific input.
>
> Take this example:
>
> ```
> int get_sign(int x) {
> if (x == -1234) return -1234;
> if (x < 0) return -1;
> else return 1;
> }
> ```
>
> It's clear that the `x == -1234` branch is useless if x > 0. Does the LLVM
> project have a way of marking the taken branches, so that one can reason
> about them later, possibly in an LLVM pass?
>
> I do realize KLEE exists, but SMT solvers require quite a bit of "plugging"
> of functions to limit the scope. Not to mention the path explosion that a
> real binary would entail. What I was looking for was possibly an lldb/lli
> mechanism to allow "marking" the taken branches, in a real execution
> environment.
>
> Has someone encountered such an issue before?
>
> Many thanks
>
> -- J
>
>
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev