Displaying 3 results from an estimated 3 matches for "access0".
Did you mean:
access
2017 Apr 11
2
[RFC] Design of a TBAA sanitizer
...cessViaP1, AccessViaP2)
> there should (??) be a point in the IR where both P1 and P2 exist together
> and can be compared.
That may not be possible (though I'm second guessing what exactly you
have in mind so maybe I'm missing something here):
ptr0 = malloc();
*(int*)ptr0 = 20; // access0
free(ptr0);
ptr1 = calloc(); // bitwise equal to ptr0 by chance
float f = *(float *)ptr1; // access1
The program above is fine (no TBAA violations), but at location
access1 ptr1 and ptr0 overlap despite being NoAlias.
-- Sanjoy
>
>
> >
> > This means, at least in LLVM IR, yo...
2017 Apr 11
2
[RFC] Design of a TBAA sanitizer
...h P1 and P2 exist
> together
> > > and can be compared.
> >
> > That may not be possible (though I'm second guessing what exactly you
> have in mind so maybe
> > I'm missing something here):
> >
> > ptr0 = malloc();
> > *(int*)ptr0 = 20; // access0
> > free(ptr0);
> > ptr1 = calloc(); // bitwise equal to ptr0 by chance
> > float f = *(float *)ptr1; // access1
> >
> > The program above is fine (no TBAA violations), but at location access1
> ptr1 and ptr0
> > overlap despite being NoAlias.
>
> Actual...
2017 Apr 11
2
[RFC] Design of a TBAA sanitizer
Hi,
On April 11, 2017 at 11:55:12 AM, Kostya Serebryany via llvm-dev
(llvm-dev at lists.llvm.org) wrote:
> Evgeniy and I recently discussed something similar for detecting bad casts
> (code named: TypeSanitizer).
> The approach with the shadow memory looked attractive at the first glance,
> but then we've drowned in details.
>
> Specifically for TBAA, I had another idea, not