You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
| 2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
| 2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
| 2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
| 2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
| 2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
| 2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
| 2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
| 2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
| 2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
| 2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
| 2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
| 2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
| 2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
| 2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
| 2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
| 2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
| 2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
| 2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
| 2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
| 2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(19) |
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
|
|
|
1
(4) |
2
(3) |
3
|
4
(1) |
|
5
|
6
|
7
|
8
(1) |
9
|
10
|
11
|
|
12
|
13
(2) |
14
|
15
|
16
|
17
(3) |
18
|
|
19
|
20
(4) |
21
(4) |
22
|
23
(4) |
24
|
25
|
|
26
|
27
(1) |
28
|
29
(6) |
30
(1) |
|
|
|
From: Josef W. <Jos...@gm...> - 2016-06-23 17:10:00
|
Am 23.06.2016 um 14:30 schrieb Christian Borntraeger: > On 06/23/2016 02:21 PM, Josef Weidendorfer wrote: >>> >>> br %r14 >>> ------ IMark(0x800000DC, 2, 0) ------ >>> PUT(336) = GET:I64(304) >>> PUT(336) = GET:I64(336); exit-Return >> >> How can the translation to VEX see that this is a Return? >> Is %r14 expected to save the return address according to the ABI? > > Its tricky. There are no explicit return opcodes, but abi requires to have the > return address as r14 on function entry. > Of course gcc is free to shuffle things around in that function, so you can > see all kind of registers for return,e.g. a br %r4 at the end of the function. when > gcc spilled the r14 content on the stack and loaded the return into r4 before jumping > back. He. And cachegrind's branch simulator relies on the information: for returns, no simulation is done, as it is assumed that branch prediction for returns always is correct. On the other hand, a return address stack predictor in hardware probably also would need to rely an that information. This may be enough motivation for a compiler to mostly use "br %r14" as return instruction (?) This actually is similar to x86: compilers could produce "push/ret" pairs as jumps, or "call next; next: pop" to find out the PC address, but this is bad as it confuses the return address stack prediction and slows down code... Josef |
|
From: Christian B. <bor...@de...> - 2016-06-23 12:31:08
|
On 06/23/2016 02:21 PM, Josef Weidendorfer wrote: > Am 23.06.2016 um 13:11 schrieb Christian Borntraeger: >> On 06/20/2016 11:39 PM, Josef Weidendorfer wrote: >>> Am 20.06.2016 um 22:26 schrieb Christian Borntraeger: >>>> Simple testcase with 2 branches, both are detected: >>>> >>>> # cat test.s >>>> .globl _start >>>> _start: >>>> brasl 14,test # save next address into r14, call test >>>> svc 1 # exit system call >>>> >>>> test: >>>> br 14 # jump to r14 >>> >>> What is the VEX IR both with/without chase value set to 0 >>> for this nice small example? >> >> Interestingly enough for this example no different can be seen >> in the counts, but the IR differs. >> >> >>> >>> I would be interested to see the IR before and after >>> instrumentation, ie. "--trace-flags=01100000". >> >> with --vex-guest-chase-thresh=0 >> ... >> default: >> ... > > Hmm. Looks as expected. > > It would be interesting to see the instrumentation added by cachegrind > when branch simulation is switched on. Sure, will do in a week as I am on my way into vacation ;-) > > Perhaps off-topic: > >> br %r14 >> ------ IMark(0x800000DC, 2, 0) ------ >> PUT(336) = GET:I64(304) >> PUT(336) = GET:I64(336); exit-Return > > How can the translation to VEX see that this is a Return? > Is %r14 expected to save the return address according to the ABI? Its tricky. There are no explicit return opcodes, but abi requires to have the return address as r14 on function entry. Of course gcc is free to shuffle things around in that function, so you can see all kind of registers for return,e.g. a br %r4 at the end of the function. when gcc spilled the r14 content on the stack and loaded the return into r4 before jumping back. |
|
From: Josef W. <Jos...@gm...> - 2016-06-23 12:21:57
|
Am 23.06.2016 um 13:11 schrieb Christian Borntraeger: > On 06/20/2016 11:39 PM, Josef Weidendorfer wrote: >> Am 20.06.2016 um 22:26 schrieb Christian Borntraeger: >>> Simple testcase with 2 branches, both are detected: >>> >>> # cat test.s >>> .globl _start >>> _start: >>> brasl 14,test # save next address into r14, call test >>> svc 1 # exit system call >>> >>> test: >>> br 14 # jump to r14 >> >> What is the VEX IR both with/without chase value set to 0 >> for this nice small example? > > Interestingly enough for this example no different can be seen > in the counts, but the IR differs. > > >> >> I would be interested to see the IR before and after >> instrumentation, ie. "--trace-flags=01100000". > > with --vex-guest-chase-thresh=0 > ... > default: > ... Hmm. Looks as expected. It would be interesting to see the instrumentation added by cachegrind when branch simulation is switched on. Perhaps off-topic: > br %r14 > ------ IMark(0x800000DC, 2, 0) ------ > PUT(336) = GET:I64(304) > PUT(336) = GET:I64(336); exit-Return How can the translation to VEX see that this is a Return? Is %r14 expected to save the return address according to the ABI? Josef |
|
From: Christian B. <bor...@de...> - 2016-06-23 11:11:30
|
On 06/20/2016 11:39 PM, Josef Weidendorfer wrote:
> Am 20.06.2016 um 22:26 schrieb Christian Borntraeger:
>> Simple testcase with 2 branches, both are detected:
>>
>> # cat test.s
>> .globl _start
>> _start:
>> brasl 14,test # save next address into r14, call test
>> svc 1 # exit system call
>>
>> test:
>> br 14 # jump to r14
>
> What is the VEX IR both with/without chase value set to 0
> for this nice small example?
Interestingly enough for this example no different can be seen
in the counts, but the IR differs.
>
> I would be interested to see the IR before and after
> instrumentation, ie. "--trace-flags=01100000".
with --vex-guest-chase-thresh=0
==== SB 0 (evchecks 0) [tid 1] 0x800000d4 UNKNOWN_FUNCTION UNKNOWN_OBJECT+0x0
------------------------ Front end ------------------------
brasl %r14,.+8
------ IMark(0x800000D4, 6, 0) ------
PUT(304) = 0x800000DA:I64
PUT(336) = 0x800000DC:I64
PUT(336) = GET:I64(336); exit-Call
GuestBytes 800000D4 6 C0 E5 00 00 00 04 00001654
------------------------ After pre-instr IR optimisation ------------------------
IRSB {
t0:I64
------ IMark(0x800000D4, 6, 0) ------
PUT(304) = 0x800000DA:I64
PUT(336) = 0x800000DC:I64; exit-Call
}
VexExpansionRatio 6 96 160 :10
==== SB 1 (evchecks 1) [tid 1] 0x800000dc UNKNOWN_FUNCTION UNKNOWN_OBJECT+0x0
------------------------ Front end ------------------------
br %r14
------ IMark(0x800000DC, 2, 0) ------
PUT(336) = GET:I64(304)
PUT(336) = GET:I64(336); exit-Return
GuestBytes 800000DC 2 07 FE 000000F0
------------------------ After pre-instr IR optimisation ------------------------
IRSB {
t0:I32 t1:I64 t2:I64
------ IMark(0x800000DC, 2, 0) ------
t1 = GET:I64(304)
PUT(336) = t1; exit-Return
}
VexExpansionRatio 2 82 410 :10
==== SB 2 (evchecks 2) [tid 1] 0x800000da UNKNOWN_FUNCTION UNKNOWN_OBJECT+0x0
------------------------ Front end ------------------------
svc 1
------ IMark(0x800000DA, 2, 0) ------
t0 = 0x1:I64
PUT(344) = t0
PUT(408) = 0x800000DA:I64
PUT(336) = 0x800000DC:I64
PUT(336) = GET:I64(336); exit-Sys_syscall
GuestBytes 800000DA 2 0A 01 00000015
------------------------ After pre-instr IR optimisation ------------------------
IRSB {
t0:I64 t1:I64
------ IMark(0x800000DA, 2, 0) ------
PUT(344) = 0x1:I64
PUT(408) = 0x800000DA:I64
PUT(336) = 0x800000DC:I64; exit-Sys_syscall
}
default:
==== SB 0 (evchecks 0) [tid 1] 0x800000d4 UNKNOWN_FUNCTION UNKNOWN_OBJECT+0x0
------------------------ Front end ------------------------
brasl %r14,.+8
------ IMark(0x800000D4, 6, 0) ------
PUT(304) = 0x800000DA:I64
PUT(336) = 0x800000DC:I64
br %r14
------ IMark(0x800000DC, 2, 0) ------
PUT(336) = GET:I64(304)
PUT(336) = GET:I64(336); exit-Return
can't show code due to extents > 1
------------------------ After pre-instr IR optimisation ------------------------
IRSB {
t0:I32 t1:I64 t2:I64
------ IMark(0x800000D4, 6, 0) ------
PUT(304) = 0x800000DA:I64
------ IMark(0x800000DC, 2, 0) ------
PUT(336) = 0x800000DA:I64; exit-Return
}
VexExpansionRatio 8 110 137 :10
==== SB 1 (evchecks 1) [tid 1] 0x800000da UNKNOWN_FUNCTION UNKNOWN_OBJECT+0x0
------------------------ Front end ------------------------
svc 1
------ IMark(0x800000DA, 2, 0) ------
t0 = 0x1:I64
PUT(344) = t0
PUT(408) = 0x800000DA:I64
PUT(336) = 0x800000DC:I64
PUT(336) = GET:I64(336); exit-Sys_syscall
GuestBytes 800000DA 2 0A 01 00000015
------------------------ After pre-instr IR optimisation ------------------------
IRSB {
t0:I64 t1:I64
------ IMark(0x800000DA, 2, 0) ------
PUT(344) = 0x1:I64
PUT(408) = 0x800000DA:I64
PUT(336) = 0x800000DC:I64; exit-Sys_syscall
}
|