https://github.com/Meinersbur commented:
There have been past discussions about whether it is legal to explot this in C/C++. See e.g. * https://discourse.llvm.org/t/delinearization-validity-checks-in-dependenceanalysis/52000/10 * https://discourse.llvm.org/t/rfc-adding-range-metadata-to-array-subscripts/57912 * https://reviews.llvm.org/D114988 In short, not everybody agreed that this is allowed in every version of C or C++. At least what I don't see in this PR that it is legal to build a pointer for one-past-the-last element of an array. So for `float A[10]`, `A+10` is valid, but must not be indirected. The assume is only emitted for the subscript operator which technically is syntactic sugar that includes the indirection. Howver, in practice programmers will use `&A[10]` to create apointer to the one-past-the end, e.g.: ```c float A[10]; n = 10; ... for (float *p = &A[0]; p < &A[n]; ++p) { ... } if (n != 10) abort(); ``` We should be very careful to not miscompile this because we added an `assume(n < 10)`. There are also codes around that assume a flattened layout of multi-dimensional arrays. For instance: ```c float A[10][10]; (&A[0][0])[99]; // or more bluntly: `A[0][99]` ``` since technically, `&A[0][0]` is a pointer to the first subobject of the outer array which is an array of 10 elements. I would be carful exploiting this kind of information, possibly protect is with a compiler switch in the tradition of `-fstrict-aliasing`. https://github.com/llvm/llvm-project/pull/159046 _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
