[Valgrind-developers] missed memcheck complaint

[Florian K. <br...@ac...>]

Hello,

I was doing an experiment with some hand-written assembler program for
which I was expecting a memcheck complaint:

_start:   lghi %r0,0     # r0 = 0
          cgr  %r2,%r0   # r2 == r0 ?
          jz   EXIT      # if ....
EXIT:     svc  1         # terminate process

No complaint was issued. The reason is that the dirty helper that is
instrumented in right before the conditional jump was not invoked. Which
means that the condition under which it is invoked was 0.
The condition was:  vex_shadow1[r2] != 0

This is because in VG_(ii_finalise_image) we do this:

   /* Zero out the shadow area. */
   VG_(memset)(&arch->vex_shadow1, 0, sizeof(VexGuestS390XState));
   VG_(memset)(&arch->vex_shadow2, 0, sizeof(VexGuestS390XState));

And that does not look right. At least on s390 all registers with
exception of stack pointer and such are assumed to have undefined
contents. I suspect this is similar on other architectures.

Two questions:

(1) Is the zero-out done on purpose? Perhaps according to the rationale:
    by the time execution reaches those parts of the application
    program a user cares about, glibc will have populated the registers
    with some defined values anyhow? So why bother here?

(2) If I wanted to initialize those shadow areas to mark the registers
    as uninitialized, what bit pattern should be stored?  All bits 1?

Thanks,
  Florian