eugenis added a comment. In D81678#2088284 <https://reviews.llvm.org/D81678#2088284>, @efriedma wrote:
> I usually like to start reading this sort of patch with the proposed LangRef > change, but I'm not seeing one. > > There are a couple of related issues here in the existing representation of > IR: > > 1. The way that call argument coercion works is unsound in the presence of > poison. An integer can't be partially poisoned: it's either poison, or not > poison. We probably need to come up with some safer way to pass > structs/unions. > 2. We don't currently have a way for frontends to indicate that a value is > guaranteed not to be poison, so we have to conservatively assume arguments > might be poison. Whatever solution we come up with here should apply whether > or not msan is enabled. An attribute like this will probably be useful for > "freeze" optimizations. > > The partialinit attribute is, in some sense, backwards: the definition is > essentially "an argument *not* marked partialinit must not contain any poison > values". We usually try to avoid negative reasoning like this; I'm afraid > it'll make transforms harder to reason about. Yes, this is a bit awkward. There is a module flag "DisallowPoisonedCallArguments" that basically confirms that the frontend is aware of partialinit and any arguments not marked as such can be assumed strict (no-poison). An alternative is to invert the meaning of the attribute and put it on all arguments that must be not poison. Those are a lot more common though. The idea is that MSan can apply strict checking to arguments that are not "partialinit", and propagate the shadow to the callee for the rest. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D81678/new/ https://reviews.llvm.org/D81678 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
