llvm dev - May 2008 - [LLVMdev] optimization assumes malloc return is non-null

On Thu, 1 May 2008, Sandro Magi wrote:
>>  If LLVM is able to eliminate all users of the malloc assuming the
>>  malloc succeeded (as in this case), then it is safe to assume the
malloc
>>  returned success.
>
> I don't see how this could be true in general, without either
> knowledge of the malloc implementation, which would be fine, or
> presuming knowledge of the target, which would not be fine. If
> "malloc(sizeof(int))" were changed to
"malloc(3245677423)", would it
> still be eliminated?
Would it cause your head to explode if you knew that llvm optimizes this:

static char* G;
void foo() {
   G = malloc(sizeof(char));
}
char get() { return *G; }
void set(char x) { *G = x; }

into this (note the lack of malloc):

@G.body = internal global i8 undef		; <i8*> [#uses=2]
define i8 @get() signext nounwind  {
entry:
 	%tmp2 = load i8* @G.body, align 1		; <i8> [#uses=1]
 	ret i8 %tmp2
}
define void @set(i8 signext  %x) nounwind  {
entry:
 	store i8 %x, i8* @G.body, align 1
 	ret void
}
define void @foo() nounwind  {
entry:
 	ret void
}

?

This is safe even without "whole program" information.  I love the
as-if
rule ;-)

-Chris

-- 
http://nondot.org/sabre/
http://llvm.org/

On Thu, May 1, 2008 at 6:54 PM, Chris Lattner <sabre at nondot.org>
wrote:
>
>  > I don't see how this could be true in general, without either
>  > knowledge of the malloc implementation, which would be fine, or
>  > presuming knowledge of the target, which would not be fine. If
>  > "malloc(sizeof(int))" were changed to
"malloc(3245677423)", would it
>  > still be eliminated?
>
>  Would it cause your head to explode if you knew that llvm optimizes this:
>
>  static char* G;
>  void foo() {
>    G = malloc(sizeof(char));
>  }
>  char get() { return *G; }
>  void set(char x) { *G = x; }
>
>  into this (note the lack of malloc):
>
>  @G.body = internal global i8 undef              ; <i8*> [#uses=2]
>  define i8 @get() signext nounwind  {
>  entry:
>         %tmp2 = load i8* @G.body, align 1               ; <i8>
[#uses=1]
>         ret i8 %tmp2
>  }
>  define void @set(i8 signext  %x) nounwind  {
>  entry:
>         store i8 %x, i8* @G.body, align 1
>         ret void
>  }
>  define void @foo() nounwind  {
>  entry:
>         ret void
>  }
>
>  ?
>
>  This is safe even without "whole program" information.  I love
the as-if
>  rule ;-)
No, that seems perfectly reasonable (assuming I understand the
translation), but only because char is so small. This optimization
seems reasonable when the object is of word size or smaller, as this
may simply

Sandro

On Fri, 2 May 2008, Sandro Magi wrote:
>>  This is safe even without "whole program" information.  I
love the as-if
>>  rule ;-)
>
> No, that seems perfectly reasonable (assuming I understand the
> translation), but only because char is so small. This optimization
> seems reasonable when the object is of word size or smaller, as this
> may simply
We currently do this for mallocs that are 2048 bytes and less.

-Chris

-- 
http://nondot.org/sabre/
http://llvm.org/

Sorry, clicked send by accident. It seems there's some background I'm
missing though. Can I read up on this "as-if" rule anywhere?

I was just saying this translation seems safe for word-sized or
smaller objects, since those could end up being allocated to registers
and such. My confusion is over larger object sizes. At what point
would the translation not be done, or would it always be done, even
when an object exceeds the addressable size on the target machine?

On a real machine, calling malloc with a large value will cause a real
program to fail. This translation would seem to make potentially
failing programs succeed. Seems counter-intuitive to me, but as I
said, perhaps I just need to read up on this "as-if" rule.

Sandro

On Fri, May 2, 2008 at 1:55 PM, Sandro Magi <naasking at gmail.com>
wrote:
>
> On Thu, May 1, 2008 at 6:54 PM, Chris Lattner <sabre at nondot.org>
wrote:
>  >
>  >  > I don't see how this could be true in general, without
either
>  >  > knowledge of the malloc implementation, which would be fine, or
>  >  > presuming knowledge of the target, which would not be fine. If
>  >  > "malloc(sizeof(int))" were changed to
"malloc(3245677423)", would it
>  >  > still be eliminated?
>  >
>  >  Would it cause your head to explode if you knew that llvm optimizes
this:
>  >
>  >  static char* G;
>  >  void foo() {
>  >    G = malloc(sizeof(char));
>  >  }
>  >  char get() { return *G; }
>  >  void set(char x) { *G = x; }
>  >
>  >  into this (note the lack of malloc):
>  >
>  >  @G.body = internal global i8 undef              ; <i8*>
[#uses=2]
>  >  define i8 @get() signext nounwind  {
>  >  entry:
>  >         %tmp2 = load i8* @G.body, align 1               ; <i8>
[#uses=1]
>  >         ret i8 %tmp2
>  >  }
>  >  define void @set(i8 signext  %x) nounwind  {
>  >  entry:
>  >         store i8 %x, i8* @G.body, align 1
>  >         ret void
>  >  }
>  >  define void @foo() nounwind  {
>  >  entry:
>  >         ret void
>  >  }
>  >
>  >  ?
>  >
>  >  This is safe even without "whole program" information.  I
love the as-if
>  >  rule ;-)
>
>  No, that seems perfectly reasonable (assuming I understand the
>  translation), but only because char is so small. This optimization
>  seems reasonable when the object is of word size or smaller, as this
>  may simply
>
>  Sandro
>