On Monday, December 30, 2013 4:50:23 PM UTC+4, Alexander Potapenko wrote: > > > I thought that some optimization cases mentioned on this page could be > > handled by segregating the sanitizing code from the accesses themselves. > Can you please elaborate what do you mean by segregation here? > Is it actually treating the sanitizing code as function calls taking > the variables as parameters?
No, the invocations of the "sanitize()" thing is just a notion for the checking code. > If so, the optimizer is quite limited in > his ability to move code across function calls, and we'll anyway need > to treat these sanitize(...) functions specially in the compiler > (which is the point of > https://code.google.com/p/address-sanitizer/wiki/CompileTimeOptimizations). > > > Right, and that of course could be a performance penalty as well. > > Then, cases like this: > > > > int glob; > > int get_glob() { > > return glob; > > } > > > > can be handled trivially as it's known that sanitizing address of a > variable > > referenced by name is a no-op--even for automatic locals, not just > globals. > > Automatic local variables may be accessed out of their bounds or after > the execution has left their scope. > Yes, but not when they are accessed through their names, that is, without taking their addresses--implicitly or explicitly. > Not checking them requires accurate proof of their addresses not escaping. > That's the point: if we know an address to check is an address of a variable, then we know it's accessible and thus there's no need to check it. > > > Furthermore, there may be interesting consequences from switching to an > > approach of this kind. For example, if sanitizing code is segregated > from > > accesses, then the optimizer has a chance to do some common and uncommon > > things about the first. An example for the common case would look like > this: > > > > if (...) > > sanitize(a, ...); > > *a = ...; > > else > > sanitize(a, ...); > > *a = ...; > > > > optimized to: > > > > sanitize(a, ...); > > > > if (...) > > *a = ...; > > else > > *a = ...; > > the condition > Yes, as Dmitry pointed out, that would need some more work about source locations. Thanks. -- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
