You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
| 2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
| 2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
| 2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
| 2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
| 2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
| 2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
| 2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
| 2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
| 2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
| 2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
| 2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
| 2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
| 2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
| 2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
| 2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
| 2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
| 2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
| 2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
| 2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
| 2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(19) |
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
|
|
|
|
1
|
2
|
3
|
|
4
(1) |
5
(1) |
6
(5) |
7
|
8
|
9
|
10
|
|
11
|
12
|
13
|
14
(3) |
15
(2) |
16
(3) |
17
|
|
18
|
19
(2) |
20
(7) |
21
(2) |
22
(7) |
23
|
24
|
|
25
(2) |
26
|
27
|
28
(1) |
29
|
30
(2) |
|
|
From: Julian S. <se...@so...> - 2018-11-28 13:19:33
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=f2c03ce3babe51eecbf03735f726c4028a162857 commit f2c03ce3babe51eecbf03735f726c4028a162857 Author: Julian Seward <js...@ac...> Date: Wed Nov 28 14:15:06 2018 +0100 Bug 401112 - LLVM 5.0 generates comparison against partially initialized data. This generalises the existing spec rules for W of 32 bits: W <u 0---(N-1)---0 1 0---0 or (that is, B/NB after SUBL, where dep2 has the above form), to also cover W <=u 0---(N-1)---0 0 1---1 (that is, BE/NBE after SUBL, where dept2 has the specified form). Patch from Nicolas B. Pierron (nic...@nb...). Diff: --- NEWS | 1 + VEX/priv/guest_amd64_helpers.c | 90 ++++++++++++++++++++++++++++++------------ 2 files changed, 66 insertions(+), 25 deletions(-) diff --git a/NEWS b/NEWS index c311665..bfa7162 100644 --- a/NEWS +++ b/NEWS @@ -57,6 +57,7 @@ where XXXXXX is the bug number as listed below. 400491 s390x: Operand of LOCH treated as unsigned integer 397187 z13 vector register support for vgdb gdbserver 401277 More bugs in z13 support +401112 LLVM 5.0 generates comparison against partially initialized data Release 3.14.0 (9 October 2018) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/VEX/priv/guest_amd64_helpers.c b/VEX/priv/guest_amd64_helpers.c index a2b0789..30e82db 100644 --- a/VEX/priv/guest_amd64_helpers.c +++ b/VEX/priv/guest_amd64_helpers.c @@ -1013,13 +1013,10 @@ static inline Bool isU64 ( IRExpr* e, ULong n ) && e->Iex.Const.con->Ico.U64 == n; } -/* Returns N if E is an immediate of the form 1 << N for N in 1 to 31, +/* Returns N if W64 is a value of the form 1 << N for N in 1 to 31, and zero in any other case. */ -static Int isU64_1_shl_N ( IRExpr* e ) +static Int isU64_1_shl_N_literal ( ULong w64 ) { - if (e->tag != Iex_Const || e->Iex.Const.con->tag != Ico_U64) - return 0; - ULong w64 = e->Iex.Const.con->Ico.U64; if (w64 < (1ULL << 1) || w64 > (1ULL << 31)) return 0; if ((w64 & (w64 - 1)) != 0) @@ -1036,6 +1033,30 @@ static Int isU64_1_shl_N ( IRExpr* e ) return 0; } +/* Returns N if E is an immediate of the form 1 << N for N in 1 to 31, + and zero in any other case. */ +static Int isU64_1_shl_N ( IRExpr* e ) +{ + if (e->tag != Iex_Const || e->Iex.Const.con->tag != Ico_U64) + return 0; + ULong w64 = e->Iex.Const.con->Ico.U64; + return isU64_1_shl_N_literal(w64); +} + +/* Returns N if E is an immediate of the form (1 << N) - 1 for N in 1 to 31, + and zero in any other case. */ +static Int isU64_1_shl_N_minus_1 ( IRExpr* e ) +{ + if (e->tag != Iex_Const || e->Iex.Const.con->tag != Ico_U64) + return 0; + ULong w64 = e->Iex.Const.con->Ico.U64; + // This isn't actually necessary since isU64_1_shl_N_literal will return + // zero given a zero argument, but still .. + if (w64 == 0xFFFFFFFFFFFFFFFFULL) + return 0; + return isU64_1_shl_N_literal(w64 + 1); +} + IRExpr* guest_amd64_spechelper ( const HChar* function_name, IRExpr** args, IRStmt** precedingStmts, @@ -1258,32 +1279,51 @@ IRExpr* guest_amd64_spechelper ( const HChar* function_name, /* It appears that LLVM 5.0 and later have a new way to find out whether the top N bits of a word W are all zero, by computing - W <u 0---(N-1)---0 1 0---0 + W <u 0---(N-1)---0 1 0---0 or + W <=u 0---(N-1)---0 0 1---1 In particular, the result will be defined if the top N bits of W are defined, even if the trailing bits -- those corresponding to - the 0---0 section -- are undefined. Rather than make Memcheck - more complex, we detect this case where we can and shift out the - irrelevant and potentially undefined bits. */ + the rightmost 0---0 / 1---1 section -- are undefined. Rather than + make Memcheck more complex, we detect this case where we can and + shift out the irrelevant and potentially undefined bits. */ Int n = 0; - if (isU64(cc_op, AMD64G_CC_OP_SUBL) - && (isU64(cond, AMD64CondB) || isU64(cond, AMD64CondNB)) - && (n = isU64_1_shl_N(cc_dep2)) > 0) { - /* long sub/cmp, then B (unsigned less than), - where dep2 is a power of 2: - -> CmpLT32(dep1, 1 << N) - -> CmpEQ32(dep1 >>u N, 0) - and - long sub/cmp, then NB (unsigned greater than or equal), - where dep2 is a power of 2: - -> CmpGE32(dep1, 1 << N) - -> CmpNE32(dep1 >>u N, 0) - This avoids CmpLT32U/CmpGE32U being applied to potentially - uninitialised bits in the area being shifted out. */ + Bool is_NB_or_NBE = False; + if (isU64(cc_op, AMD64G_CC_OP_SUBL)) { + if (isU64(cond, AMD64CondB) || isU64(cond, AMD64CondNB)) { + /* long sub/cmp, then B (unsigned less than), + where dep2 is a power of 2: + -> CmpLT32U(dep1, 1 << N) + -> CmpEQ32(dep1 >>u N, 0) + and + long sub/cmp, then NB (unsigned greater than or equal), + where dep2 is a power of 2: + -> CmpGE32U(dep1, 1 << N) + -> CmpNE32(dep1 >>u N, 0) + This avoids CmpLT32U/CmpGE32U being applied to potentially + uninitialised bits in the area being shifted out. */ + n = isU64_1_shl_N(cc_dep2); + is_NB_or_NBE = isU64(cond, AMD64CondNB); + } else if (isU64(cond, AMD64CondBE) || isU64(cond, AMD64CondNBE)) { + /* long sub/cmp, then BE (unsigned less than or equal), + where dep2 is a power of 2 minus 1: + -> CmpLE32U(dep1, (1 << N) - 1) + -> CmpEQ32(dep1 >>u N, 0) + and + long sub/cmp, then NBE (unsigned greater than), + where dep2 is a power of 2 minus 1: + -> CmpGT32U(dep1, (1 << N) - 1) + -> CmpNE32(dep1 >>u N, 0) + This avoids CmpLE32U/CmpGT32U being applied to potentially + uninitialised bits in the area being shifted out. */ + n = isU64_1_shl_N_minus_1(cc_dep2); + is_NB_or_NBE = isU64(cond, AMD64CondNBE); + } + } + if (n > 0) { vassert(n >= 1 && n <= 31); - Bool isNB = isU64(cond, AMD64CondNB); return unop(Iop_1Uto64, - binop(isNB ? Iop_CmpNE32 : Iop_CmpEQ32, + binop(is_NB_or_NBE ? Iop_CmpNE32 : Iop_CmpEQ32, binop(Iop_Shr32, unop(Iop_64to32, cc_dep1), mkU8(n)), mkU32(0))); |