Aliasing (computing)


In computing, aliasing describes a situation in which a data location in memory can be accessed through different symbolic names in the program. Thus, modifying the data through one name implicitly modifies the values associated with all aliased names, which may not be expected by the programmer. As a result, aliasing makes it particularly difficult to understand, analyze and optimize programs. Aliasing analysers intend to make and compute useful information for understanding aliasing in programs.

Examples

Buffer overflow

For example, most implementations of the C programming language do not perform array bounds checking. One can then exploit the implementation of the programming language by the compiler and the computer architecture's assembly language conventions, to achieve aliasing effects by writing outside of the array. This invokes undefined behaviour according to the C language specification; however many implementations of C will show the aliasing effects described here.
If an array is created on the stack, with a variable laid out in memory directly beside that array, one could index outside the array and directly change the variable by changing the relevant array element. For example, if there is an array of size 2, next to another variable, would be aliased to if they are adjacent in memory.

  1. include
int main

This is possible in some implementations of C because an array is a block of contiguous memory, and array elements are merely referenced by offsets off the address of the beginning of that block multiplied by the size of a single element. Since C has no bounds checking, indexing and addressing outside of the array is possible. Note that the aforementioned aliasing behaviour is undefined behaviour. Some implementations may leave space between arrays and variables on the stack, for instance, to align variables to memory locations that are a multiple of the architecture's native word size. The C standard does not generally specify how data is to be laid out in memory..
It is not erroneous for a compiler to omit aliasing effects for accesses that fall outside the bounds of an array.

Aliased pointers

Another variety of aliasing can occur in any language that can refer to one location in memory with more than one name. See the C example of the XOR swap algorithm that is a function; it assumes the two pointers passed to it are distinct, but if they are in fact equal, the function fails. This is a common problem with functions that accept pointer arguments, and their tolerance for aliasing must be carefully documented, particularly for functions that perform complex manipulations on memory areas passed to them.

Specified aliasing

Controlled aliasing behaviour may be desirable in some cases. It is common practice in Fortran. The Perl programming language specifies, in some constructs, aliasing behaviour, such as in loops. This allows certain data structures to be modified directly with less code. For example,

my @array = ;
foreach my $element
print "@array \n";

will print out "2 3 4" as a result. If one wanted to bypass aliasing effects, one could copy the contents of the index variable into another and change the copy.

Conflicts with optimization

often have to make conservative assumptions about variables when aliasing is possible. For example, knowing the value of a variable normally allows certain optimizations. However, the compiler cannot use this information after an assignment to another variable because it could be that *y is an alias of x. This could be the case after an assignment like y = &x. As an effect of this assignment to *y, the value of x would be changed as well, so propagating the information that x is 5 to the statements following *y = 10 would be potentially wrong. However, if there is information about pointers, the constant propagation process could make a query like: can x be an alias of *y? Then, if the answer is no, x = 5 can be propagated safely.
Another optimization impacted by aliasing is code reordering. If the compiler decides that x is not aliased by *y, then code that uses or changes the value of x can be moved before the assignment *y = 10, if this would improve scheduling or enable more loop optimizations to be carried out.
To enable such optimizations in a predictable manner, the ISO standard for the C programming language specifies that it is illegal to access the same memory location using pointers of different types. A compiler may therefore assume that such pointers do not alias. This rule, known as the strict aliasing rule, sometimes allows for impressive increases in performance, but has been known to break some otherwise valid code. Several software projects intentionally violate this portion of the C99 standard. For example, Python 2.x did so to implement reference counting, and required changes to the basic object structs in Python 3 to enable this optimization. The Linux kernel does this because strict aliasing causes problems with optimization of inlined code. In such cases, when compiled with gcc, the option -fno-strict-aliasing is invoked to prevent unwanted optimizations that could yield unexpected code.

Hardware aliasing

The term aliasing is also used to describe the situation where, due to either a hardware design choice or a hardware failure, one or more of the available address bits is not used in the memory selection process. This may be a design decision if there are more address bits available than are necessary to support the installed memory device. In a failure, one or more address bits may be shorted together, or may be forced to ground or the supply voltage.
;Example
For this example, assuming a memory design with 8 locations, requiring only 3 address lines. Address bits are decoded to select unique memory locations as follows, in standard binary counter fashion:
A2A1A0Memory location
0000
0011
0102
0113
1004
1015
1106
1117

In the table above, each of the 8 unique combinations of address bits selects a different memory location. However, if one address bit were to be shorted to ground, the table would be modified as follows:
A2A1A0Memory location
0000
0011
0102
0113
0000
0011
0102
0113

In this case, with A2 always being zero, the first four memory locations are duplicated and appear again as the second four. Memory locations 4 through 7 have become inaccessible.
If this change occurred to a different address bit, the decoding results would be different, but in general the effect would be the same: the loss of a single address bit cuts the available memory space in half, with resulting duplication of the remaining space.