Question about basic-aa's assumptions

ramaa · July 6, 2020, 4:18pm

Hi,

I have a test-case for which I seem to be getting incorrect information from basic-aa alias-analysis. Here it is:
#include <stdio.h>
#define ARR_SIZE 4
char c[ARR_SIZE];
char *pc[ARR_SIZE];
char **ppc = pc;

int main() {

pc[0] = &c[0];
pc[1] = &c[1];
pc[2] = &c[2];
pc[3] = &c[3];

printf(" ppc: %p\n"
" pc : %p\n"
" c : %p\n"
" *pc: %p\n",
ppc, pc, c, *pc);

return 0;
}

The way I compiled it is as follows:
clang -m32 -g pointer.c -emit-llvm -S -c
opt pointer.ll -aa-pipeline=basic-aa -passes=aa-eval -print-all-alias-modref-info -disable-output

The result from the AA-Evaluator prints this:
NoAlias: i8** getelementptr inbounds ([4 x i8*], [4 x i8*]* @pc, i32 0, i32 0), i8*** @ppc

If we run the program, the result is this:
ppc: 0x565ee028
pc : 0x565ee028
c : 0x565ee024
*pc: 0x565ee024

Basically, I would have liked if basic-aa said ppc and pc are may-aliased to start with for this kind of usage. This is how the globals look like. The second one: “ppc” has “pc” on the right hand side.

@pc = common dso_local global [4 x i8*] zeroinitializer, align 4, !dbg !0
@ppc = dso_local global i8** getelementptr inbounds ([4 x i8*], [4 x i8*]* @pc, i32 0, i32 0), align 4, !dbg !6

Best regards,
Ram

ramaa · July 7, 2020, 4:15pm

Any takers on this?

Best,
Ram

jdoerfert · July 7, 2020, 4:49pm

Hi,

I have a test-case for which I seem to be getting incorrect information
from basic-aa alias-analysis. Here it is:
#include <stdio.h>
#define ARR_SIZE 4
char c[ARR_SIZE];
char *pc[ARR_SIZE];
char **ppc = pc;

int main() {

   pc[0] = &c[0];
   pc[1] = &c[1];
   pc[2] = &c[2];
   pc[3] = &c[3];

   printf(" ppc: %p\n"
       " pc : %p\n"
       " c : %p\n"
       " *pc: %p\n",
       ppc, pc, c, *pc);

   return 0;
}

The way I compiled it is as follows:
clang -m32 -g pointer.c -emit-llvm -S -c
opt pointer.ll -aa-pipeline=basic-aa -passes=aa-eval
-print-all-alias-modref-info -disable-output

The result from the AA-Evaluator prints this:
   NoAlias: i8** getelementptr inbounds ([4 x i8*], [4 x i8*]* @pc, i32 0,
i32 0), i8*** @ppc

Isn't this talking about `&pc[0]` and `&ppc`? If so, NoAlias seems reasonable to me.

I mean, you print the value of `ppc` and `pc` while the above talks about the addresses of these.

(I'm a bit tired so take this as a potential answer only.)

~ Johannes

dobbelaj · July 8, 2020, 7:14am

Hi Ramshankar,

giving it a try:

The result from the AA-Evaluator prints this:

NoAlias: i8** getelementptr inbounds ([4 x i8*], [4 x i8*]* @pc, i32 0, i32 0), i8*** @ppc

the first is an ‘i8**’ (the address of pc),
the second ‘i8***’ (aka the address of ppc.)

Those represent two different objects.

Greetings,

Jeroen Dobbelaere

ramaa · July 8, 2020, 1:56pm

Got it, thanks guys.

The aa pass does say that load(load(@ppc,…)) May-aliases with load(pc) and for the NoAlias dump that I shared, two different globals ppc and pc do not alias- There is most likely something else in my copy of llvm that makes my test fail. Thanks very much for your help!