As the patch quite significantly slowed down tramp3d, there's analysis
of # of variables which are poisoned by the sanitizer:
== normal variables ==
24 B: 348x (5.80%)
16 B: 273x (4.55%)
8 B: 237x (3.95%)
1 B: 177x (2.95%)
4 B: 119x (1.98%)
40 B: 89x (1.48%)
144 B: 83x (1.38%)
== C++ artifical variables ==
1 B: 1325x (22.08%)
8 B: 983x (16.38%)
24 B: 586x (9.77%)
144 B: 415x (6.92%)
4 B: 310x (5.17%)
12 B: 274x (4.57%)
16 B: 119x (1.98%)
Where sample of C++ artificial can be seen here:
struct iterator D.608813;
struct iterator D.369241;
try
{
ASAN_MARK (2, &D.369241, 8);
_1 = &this->D.110510._M_impl._M_start;
__gnu_cxx::__normal_iterator<Pooma::StatisticsData**,
std::vector<Pooma::StatisticsData*> >::__normal_iterator (&D.369241, _1);
try
{
D.608813 = D.369241;
return D.608813;
}
finally
{
ASAN_MARK (1, &D.369241, 8);
}
}
catch
{
<<<eh_must_not_throw (terminate)>>>
}
Problem is that these artificial variables (>70% of all in tramp3d) are often
passed by reference and many functions in tramp3d either mark the argument
as unused, or just dereference. In situations where a reference is not saved,
these variables should not live in memory. However,
do we have a machinery that can help with that?
My next step would be to adapt sanopt algorithm to catch use-after-scope
{un}poisoning, however this is a different story that has significant impact
on # of poisoned variables.
Thoughts?
Martin
