[PATCH] D81678: Introduce partialinit attribute at call sites for stricter poison analysis

Gui Andrade via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Thu Jun 18 11:27:08 PDT 2020


guiand added a comment.

In an email conversation with @rsmith and @eugenis, they raised the issue that it's not necessarily wrong to pass aggregate types by value, even when some fields are uninit.

A relevant excerpt from Richard:

> In addition to the union case, there's another strange case for passing class types: in C++17 onwards, this example:
> 
> void f(S s);
>  void g() { f(S()); }
> 
> ... results in the parameter to f being constructed in place, rather than by calling the copy constructor. (The same happens for a call to "f({})" in C++11 onwards; it's just a lot more common in C++17.) So it is not the case in general that f cannot be called with a partially-uninitialized S object. :-(

>From this, it's probably best for now not to mark aggregate types `frozen`. There's potentially some means to have the compiler prove aggregates must be frozen, but it's best to land frozen scalars first. And for the purposes of msan at least, scalars can account for the majority of the optimizations coming out of frozen.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D81678/new/

https://reviews.llvm.org/D81678





More information about the cfe-commits mailing list