Christian Convey
2015-Jun-01 14:01 UTC
[LLVMdev] semantics for control-flow-sensitive AA queries?
I've been chatting with a few folks about how the AliasAnalysis class could
be extended to allow control-flow-sensitive AA queries. The simplistic
notion is that one could ask things like, "In procedure Foo, at the code
point immediately following Instruction I1: do the Locations allocated by
instructions I2 and I3 alias each other?"
My problem is figuring out what the supported queries' semantics should be
when the CFG has a non-trivial shape. For example, suppose we have code
like this (in C):
for (...) {
char* p = malloc(42);
p[0] = 'x';
}
Do we consider p[0]='x' to be a strong update, because "p"
clearly modifies
the memory allocated by "malloc" call that happened in the *same loop
iteration*? Or do we consider this a weak update, because "*p"
potentially
names more than one chunk of "malloc"-allocated memory, since it's
in a
loop?
I suspect that the question of desirable semantics get even more complex in
cases where the CFG is more complicated (nested loops, irreducible, etc.),
or when the relevant code points for a given query aren't all in the same
basic block.
So my question is this: Is this a well-understood topic, where there's
some agreed-upon list of all reasonable / useful variations on this kind of
context-sensitive query? Or is it more chaotic, where various AA consumers
have various preferred versions of these query semantics?
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.llvm.org/pipermail/llvm-dev/attachments/20150601/4782e9f9/attachment.html>