|
From: Philippe W. <phi...@sk...> - 2012-06-08 16:36:39
|
On Fri, 2012-06-08 at 15:36 +0100, Tom Hughes wrote:
> Mostly though this will be triggered by code where even the high level
> semantics cause a problem. An example in our code is a function with a
> writev type interface like this:
>
> void fn(const struct iovec *iov, int iovcnt)
> {
> int i;
>
> for (i = 0; i < iovcnt; i++)
> {
> void *buffer = iov[i].iov_base;
> int length = iov[i].iov_len;
>
> ... do stuff with buffer ...
> }
> }
>
> because the body of that loop uses the same instructions to operate on
> different arrays accessed by indexing iov you run into this problem.
(I am not very good at knowing what kind of IR instrumentation one can
reasonably do, so the below looks probably like science-fiction or
like 'here a miracle occurs during IR instrumentation').
Wouldn't it be possible to have the IR instrumented to make/remember
the difference between 'assign an address of a variable to buffer'
and 'increment/decrement the value of buffer' ?
Then the instrumented IR could say that a first access to an array can
only be valid if a value has been assigned.
A first access with a 'incremented/decremented value' would be
considered as invalid.
Philippe
|