llvm dev - Nov 2002 - [LLVMdev] lli unreliable?

lli executed the bytecode corresponding to test_3.0_ml.ll without a
failure, even though Function() is accessing an invalid memory
address. The original code is in test_3.0.c, and the malloc() in
Create() has been replaced by alloca() in test_3.0_ml.ll.

I expected lli to segfault or similar when testing my code. Are my
assumptions erroneous?
-------------- next part --------------
/****************************************************************************/
/* test 3.0 Cs426 MP2, Project 6.                                           */
/*                                                                          */
/* Heap2Stack : No                                                          */
/*                                                                          */
/* Case 3.0, there is a single malloc that is done in a subfunction and     */
/* returned.                                                                */
/****************************************************************************/

#include <stdlib.h>
#include <stdio.h>

void *Create() {
  void *p = malloc(sizeof(int));
  return p;
}

int Function() {
  int *ip;

  /* malloc() */
  ip = (int *) Create();

  /* use */
  *ip = 37337;
  printf("The value in the heap is \"%d\"\n", *ip);

  /* free() */
  free(ip);

  return 0;
}

int main() {

  return Function();

}
-------------- next part --------------
	%FILE = type { [16 x long] }
	%__FILE = type { [16 x long] }
	%struct.__FILE = type { [16 x long] }
%.LC0 = internal global [31 x sbyte] c"The value in the heap is
\22%d\22\0A\00"		; <[31 x sbyte]*> [#uses=1]

implementation   ; Functions:

internal void %__main() {
bb0:		; No predecessors!
	ret void
}

declare int %printf(sbyte*, ...)

internal sbyte* %Create() {
bb0:		; No predecessors!
	%reg2131 = alloca sbyte, uint 4		; <sbyte*> [#uses=1]
	ret sbyte* %reg2131
}

internal int %Function() {
bb0:		; No predecessors!
	%reg214 = call sbyte* %Create( )		; <sbyte*> [#uses=1]
	%cast214 = cast sbyte* %reg214 to uint*		; <uint*> [#uses=2]
	store uint 37337, uint* %cast214
	%reg110 = load uint* %cast214		; <uint> [#uses=1]
	%reg217 = call int (sbyte*, ...)* %printf( sbyte* getelementptr ([31 x sbyte]*
%.LC0, long 0, long 0), uint %reg110 )		; <int> [#uses=0]
	ret int 0
}

int %main() {
bb0:		; No predecessors!
	call void %__main( )
	%reg210 = call int %Function( )		; <int> [#uses=1]
	ret int %reg210
}

declare int %putchar(int)

declare int %fprintf(%FILE*, sbyte*, ...)

declare void %abort()

declare int %fflush(%FILE*)

> I expected lli to segfault or similar when testing my code. Are my
> assumptions erroneous?
Uhh... you are invoking undefined behavior.  What LLI does, therefore, is
undefined.  :)

-Chris

-- 
http://llvm.cs.uiuc.edu/
http://www.nondot.org/~sabre/Projects/