[PATCH] D81699: MemorySanitizer: Add option to insert init checks at call site

Evgenii Stepanov via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Mon Jun 22 16:40:24 PDT 2020 

eugenis added inline comments.


================
Comment at: compiler-rt/test/msan/cxa_atexit.cpp:20
 __attribute__((noinline))
-void f(long x) {
+void f(PartInit<long> x) {
 }
----------------
For tests that do not make sense with the eager checks, you could introduce a lit feature, and guard them with
// REQUIRES: !msan_eager_checks



================
Comment at: llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp:285
+static cl::opt<bool> ClEagerChecks("msan-eager-checks",
+       cl::desc("check arguments at function call boundaries"),
+       cl::Hidden, cl::init(false));
----------------
... and return values ...


================
Comment at: llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp:894
+      for (unsigned op = 0; op < 2; op++)
+        func->addAttribute(AttributeList::FirstArgIndex+op, Attribute::PartialInit);
+    }
----------------
There is only one argument that can be uninit - the value to be stored. No need to set the attribute on all of them.


================
Comment at: llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp:1021
 bool MemorySanitizerLegacyPass::doInitialization(Module &M) {
+  if (ClEagerChecks && !M.getModuleFlag("DisallowPoisonedCallArguments")) {
+    report_fatal_error("cannot use MSan eager checks; compiler does not support argument init analysis");
----------------
The module flag is gone, and in any case this should not be a fatal error - if the frontend can not promise correct attribute value, we always delay the check, that's all.


================
Comment at: llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp:1271
+      for (auto it = strct->element_begin(); it != strct->element_end(); i++, it++) {
+        Value *ShadowItem;
+        {
----------------
vitalybuka wrote:
> declare and intialize variable at the same statement if possible.
> I assume it's to destroy IRB before recursive call
> maybe then extract lines in {} into a separate function?
It's also common to reuse the builder with IRB.SetInsertPoint


================
Comment at: llvm/lib/Transforms/Instrumentation/MemorySanitizer.cpp:1281
+      return;
+    }
+
----------------
This change can be done in a separate patch.

It's more efficient to OR everything together and have a single branch. I'm not sure which would generate better code:
* ShadowCombiner and materializeOneCheck on the result, this might do bad things if there are very large members (like vectors)
* icmp NE 0 each members' shadow and materializeOneCheck of that.



Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D81699/new/

https://reviews.llvm.org/D81699

More information about the llvm-commits mailing list