Feature - dump region around uninitialized memory as a fallback to origin tracing

[GoogleCodeExporter]

Typically, origin tracing gives enough information to diagnose an issue, but 
for cases where it fails or is confused, it may be helpful to also dump the 
contents of memory around the uninitialized value, particularly if the test is 
highly intermittent. 

Original issue reported on code.google.com by tsepez@chromium.org on 5 Sep 2014 at 6:10

[GoogleCodeExporter]

This is not a very easy task.
First of all, realistically, if the uninitialized value was copied multiple 
times, we can only dump the last memory location.
Even then, imagine a case when an uninit value is loaded, then passed to 
function, and then used in the callee. Information about load address/size 
needs to be passed across function boundary.

It could be done by augmenting origin for IR temps and (optionally?) function 
arguments with last load address and size. Origin shadow does not change (i.e 
load address is not tracked for values stored in memory).

The way origin tracking is implemented right now, it would be quite costly. 
There are plans to try lazy origin propagation - if it works well, this would 
be almost free.

In fact, this is orthogonal to origin propagation, but requires very similar 
instrumentation.

Original comment by euge...@google.com on 8 Sep 2014 at 10:40

• Changed state: Accepted

[GoogleCodeExporter]

Adding Project:MemorySanitizer as part of GitHub migration.

Original comment by gli...@google.com on 30 Jul 2015 at 9:22

• Added labels: ProjectMemorySanitizer