|
From: Nicholas N. <nj...@cs...> - 2008-03-23 01:01:17
|
On Sun, 23 Mar 2008, Nuno Lopes wrote:
> ------ IMark(0x80483CE, 7) ------
> t130 = GET:I32(340)
> t25 = GET:I32(20)
> t132 = Left32(t130)
> t24 = Add32(t25,0xFFFFFFF4:I32)
> t134 = CmpNEZ32(t132)
> DIRTY t134 RdFX-gst(16,4) RdFX-gst(60,4) ::: MC_(helperc_value_check4_fail){0x38006920}()
> DIRTY 1:I1 RdFX-gst(16,4) RdFX-gst(60,4) ::: MC_(helperc_STOREV32le)[rp=2]{0x38006d40}(t24,0x0:I32)
> STle(t24) = 0x2:I32
> ------ IMark(0x80483D5, 7) ------
> PUT(60) = 0x80483D5:I32
> t137 = Left32(t130)
> t26 = Add32(t25,0xFFFFFFF8:I32)
> t139 = CmpNEZ32(t137)
> DIRTY t139 RdFX-gst(16,4) RdFX-gst(60,4) ::: MC_(helperc_value_check4_fail){0x38006920}()
> DIRTY 1:I1 RdFX-gst(16,4) RdFX-gst(60,4) ::: MC_(helperc_STOREV32le)[rp=2]{0x38006d40}(t26,0x0:I32)
> STle(t26) = 0x4:I32
> ------ IMark(0x80483DC, 3) ------
> PUT(60) = 0x80483DC:I32
> IR-NoOp
> t144 = DIRTY 1:I1 RdFX-gst(16,4) RdFX-gst(60,4) ::: MC_(helperc_LOADV32le)[rp=1]{0x380070e0}(t26)
> t30 = LDle:I32(t26)
>
>
> At first glance I would say that the first PUT(60) could be removed, right?
> It is basically a dead store (assuming it can only be read/write with
> GET/PUT). I didn't check further why the redudant removal optimization
> doesn't pick this, so I'm checking here first if this is sane.
It's not removed because there's another statement (the STle) between it and
the subsequent PUT(60) that could cause a memory exception. A signal
handler for such an exception might inspect the %eip value, so it has to be
up-to-date. Annoying, because it's so unlikely, but necessary.
> Second question is: can the last memcheck check be removed? i.e. the last
> call to helperc_LOADV32le() is redudant, since it has already done a store to
> that location and thus it knows that the operation is safe. Can this call be
> removed? And what value do I assign to t144 then? VA_BITS32_DEFINED? (I'm
> just considering the simpler case where the #store bits >= #load bits).
I think it is redundant. Since 0x0 (which is VA_BITS32_DEFINED) was the
shadow store value, you'd assign 0x0 to t144. And you're right that you
could do likewise if t144 was smaller than 32 bits.
> Allow me just a last question: is it safe to replace the 't30 =
> LDle:I32(t26)' statement with 't30 = 0x4:I32'? Well in general I would say it
> is safe, but I dunno about memory-mapped I/O nor if/how valgrind handles it.
> Maybe this can be done in only certain architectures?
If we're optimising away the shadow load, maybe it's reasonable to optimise
away the real load, but I'm really not sure about that one. Julian might
have more to add.
Nick
|