You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
| 2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
| 2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
| 2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
| 2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
| 2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
| 2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
| 2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
| 2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
| 2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
| 2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
| 2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
| 2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
| 2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
| 2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
| 2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
| 2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
| 2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
| 2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
| 2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
| 2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(19) |
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
1
(1) |
2
|
3
|
4
(1) |
5
|
6
(1) |
7
|
|
8
|
9
|
10
|
11
|
12
(1) |
13
|
14
|
|
15
(1) |
16
(2) |
17
(5) |
18
(1) |
19
|
20
|
21
(2) |
|
22
(2) |
23
|
24
|
25
|
26
|
27
(4) |
28
(2) |
|
29
|
30
(4) |
31
(4) |
|
|
|
|
|
From: Andrei A. <log...@gm...> - 2019-12-16 17:56:50
|
Hi all, We would like to present a reconstructor of control flow graphs using valgrind's infrastructure. The code is based on callgrind and it is available at https://github.com/rimsa/CFGgrind. Our reconstructor profiles the program and adds execution count on every control flow edges on the CFG. The CFG contains phantom nodes to model branches not taken during the execution, and a special halt node to model flows that terminate program execution. We support successive refinements of the control flow graphs by using the outputs produced in a previous run into the next. We were able to run our reconstructor in the complete cBench and SPEC CPU2017 suites and we compared against other valgrind tools. For cBench, we are 9% faster than callgrind and 5.5 times slower than nulgrind. For SPEC CPU2017, we are 13% faster than callgrind and 4 times slower than nulgrind. We hope this tool is of interest of the community. Let us know what you think, and if further details are required. Feedback is mostly appreciated. []z, Andrei |
|
From: Julian S. <se...@so...> - 2019-12-15 19:15:10
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=395c9b914b2ff5a7b6ee7c69f48ce69ce7b6f6bc commit 395c9b914b2ff5a7b6ee7c69f48ce69ce7b6f6bc Author: Julian Seward <js...@ac...> Date: Sun Dec 15 20:14:37 2019 +0100 'grail' fixes for MIPS: This isn't a good result. It merely disables the new functionality on MIPS because enabling it causes segfaults, even with --tool=none, the cause of which are not obvious. It is only chasing through conditional branches that is disabled, though. Chasing through unconditional branches (jumps and calls to known destinations) is still enabled. * guest_generic_bb_to_IR.c bb_to_IR(): Disable, hopefully temporarily, the key &&-recovery transformation on MIPS. * VEX/priv/host_mips_isel.c iselWordExpr_R_wrk(), iselCondCode_wrk(): - add support for Iop_And1, Iop_Or1, and IRConst_U1. This code is my best guess about what is correct, but is #if 0'd for now. - Properly guard some Iex_Binop cases that lacked a leading check that the expression actually was a Binop. Diff: --- VEX/priv/guest_generic_bb_to_IR.c | 5 +++- VEX/priv/host_mips_isel.c | 62 ++++++++++++++++++++++++++++++--------- 2 files changed, 52 insertions(+), 15 deletions(-) diff --git a/VEX/priv/guest_generic_bb_to_IR.c b/VEX/priv/guest_generic_bb_to_IR.c index 0b8f852..507c75e 100644 --- a/VEX/priv/guest_generic_bb_to_IR.c +++ b/VEX/priv/guest_generic_bb_to_IR.c @@ -1451,7 +1451,10 @@ IRSB* bb_to_IR ( Memcheck to crash, for as-yet unknown reasons. It also exposes some unhandled Iex_ITE cases in the s390x instruction selector. For now, disable. */ - && arch_guest != VexArchS390X) + && arch_guest != VexArchS390X + /* sewardj 2019Dec14: It also causes crashing on MIPS, even for + --tool=none. */ + && arch_guest != VexArchMIPS64 && arch_guest != VexArchMIPS32) { if (debug_print) { vex_printf("\n-+-+ (ext# %d) Considering cbranch to" diff --git a/VEX/priv/host_mips_isel.c b/VEX/priv/host_mips_isel.c index c49d152..f14f654 100644 --- a/VEX/priv/host_mips_isel.c +++ b/VEX/priv/host_mips_isel.c @@ -2364,6 +2364,13 @@ static HReg iselWordExpr_R_wrk(ISelEnv * env, IRExpr * e) case Ico_U8: l = (Long) (Int) (Char) con->Ico.U8; break; +#if 0 + // Not needed until chasing cond branches in bb_to_IR is enabled on + // MIPS. See comment on And1/Or1 below. + case Ico_U1: + l = con->Ico.U1 ? 1 : 0; + break; +#endif default: vpanic("iselIntExpr_R.const(mips)"); } @@ -2644,18 +2651,19 @@ static MIPSCondCode iselCondCode_wrk(ISelEnv * env, IRExpr * e) vassert(e); vassert(typeOfIRExpr(env->type_env, e) == Ity_I1); /* Cmp*32*(x,y) ? */ - if (e->Iex.Binop.op == Iop_CmpEQ32 - || e->Iex.Binop.op == Iop_CmpNE32 - || e->Iex.Binop.op == Iop_CmpNE64 - || e->Iex.Binop.op == Iop_CmpLT32S - || e->Iex.Binop.op == Iop_CmpLT32U - || e->Iex.Binop.op == Iop_CmpLT64U - || e->Iex.Binop.op == Iop_CmpLE32S - || e->Iex.Binop.op == Iop_CmpLE64S - || e->Iex.Binop.op == Iop_CmpLT64S - || e->Iex.Binop.op == Iop_CmpEQ64 - || e->Iex.Binop.op == Iop_CasCmpEQ32 - || e->Iex.Binop.op == Iop_CasCmpEQ64) { + if (e->tag == Iex_Binop + && (e->Iex.Binop.op == Iop_CmpEQ32 + || e->Iex.Binop.op == Iop_CmpNE32 + || e->Iex.Binop.op == Iop_CmpNE64 + || e->Iex.Binop.op == Iop_CmpLT32S + || e->Iex.Binop.op == Iop_CmpLT32U + || e->Iex.Binop.op == Iop_CmpLT64U + || e->Iex.Binop.op == Iop_CmpLE32S + || e->Iex.Binop.op == Iop_CmpLE64S + || e->Iex.Binop.op == Iop_CmpLT64S + || e->Iex.Binop.op == Iop_CmpEQ64 + || e->Iex.Binop.op == Iop_CasCmpEQ32 + || e->Iex.Binop.op == Iop_CasCmpEQ64)) { Bool syned = (e->Iex.Binop.op == Iop_CmpLT32S || e->Iex.Binop.op == Iop_CmpLE32S @@ -2726,7 +2734,7 @@ static MIPSCondCode iselCondCode_wrk(ISelEnv * env, IRExpr * e) dst, mode64)); return cc; } - if (e->Iex.Binop.op == Iop_Not1) { + if (e->tag == Iex_Unop && e->Iex.Binop.op == Iop_Not1) { HReg r_dst = newVRegI(env); HReg r_srcL = iselWordExpr_R(env, e->Iex.Unop.arg); MIPSRH *r_srcR = MIPSRH_Reg(r_srcL); @@ -2742,7 +2750,33 @@ static MIPSCondCode iselCondCode_wrk(ISelEnv * env, IRExpr * e) r_dst, mode64)); return MIPScc_NE; } - if (e->tag == Iex_RdTmp || e->tag == Iex_Unop) { +#if 0 + // sewardj 2019Dec14: this is my best attempt at And1/Or1, but I am not + // sure if it is correct. In any case it is not needed until chasing cond + // branches is enabled on MIPS. Currently it is disabled, in function bb_to_IR + // (see comments there). + if (e->tag == Iex_Binop + && (e->Iex.Binop.op == Iop_And1 || e->Iex.Binop.op == Iop_Or1)) { + HReg r_argL = iselWordExpr_R(env, e->Iex.Binop.arg1); + HReg r_argR = iselWordExpr_R(env, e->Iex.Binop.arg2); + HReg r_dst = newVRegI(env); + addInstr(env, MIPSInstr_Alu(e->Iex.Binop.op == Iop_And1 ? Malu_AND : Malu_OR, + r_dst, r_argL, MIPSRH_Reg(r_argR))); + addInstr(env, MIPSInstr_Alu(Malu_AND, r_dst, r_dst, MIPSRH_Imm(False, 1))); + /* Store result to guest_COND */ + /* sewardj 2019Dec13: this seems wrong to me. The host-side instruction + selector shouldn't touch the guest-side state, except in response to + Iex_Get and Ist_Put. */ + MIPSAMode *am_addr = MIPSAMode_IR(0, GuestStatePointer(mode64)); + + addInstr(env, MIPSInstr_Store(4, + MIPSAMode_IR(am_addr->Mam.IR.index + COND_OFFSET(mode64), + am_addr->Mam.IR.base), + r_dst, mode64)); + return MIPScc_EQ; + } +#endif + if (e->tag == Iex_RdTmp) { HReg r_dst = iselWordExpr_R_wrk(env, e); /* Store result to guest_COND */ MIPSAMode *am_addr = MIPSAMode_IR(0, GuestStatePointer(mode64)); |
|
From: Rosen P. <ro...@gm...> - 2019-12-12 01:01:56
|
Fails compilation:
{standard input}: Assembler messages:
{standard input}:1163: Error: invalid operands `srl $0,$0,13'
{standard input}:1164: Error: invalid operands `srl $0,$0,29'
{standard input}:1165: Error: invalid operands `srl $0,$0,3'
{standard input}:1166: Error: invalid operands `srl $0,$0,19'
{standard input}:1167: Error: invalid operands `or $13,$13,$13'
Signed-off-by: Rosen Penev <ro...@gm...>
---
include/valgrind.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/valgrind.h b/include/valgrind.h
index 663d433b5..ebc9b07f6 100644
--- a/include/valgrind.h
+++ b/include/valgrind.h
@@ -157,7 +157,7 @@
# define PLAT_s390x_linux 1
#elif defined(__linux__) && defined(__mips__) && (__mips==64)
# define PLAT_mips64_linux 1
-#elif defined(__linux__) && defined(__mips__) && (__mips!=64)
+#elif defined(__linux__) && defined(__mips__) && (__mips!=64) && !defined(__mips16)
# define PLAT_mips32_linux 1
#elif defined(__sun) && defined(__i386__)
# define PLAT_x86_solaris 1
--
2.23.0
|
|
From: Andreas A. <ar...@so...> - 2019-12-06 14:52:54
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=523d345dca9cbd0bcee8a7bc9bf5370f0e882eb3 commit 523d345dca9cbd0bcee8a7bc9bf5370f0e882eb3 Author: Andreas Arnez <ar...@li...> Date: Thu Dec 5 18:22:43 2019 +0100 s390x: Fix offsets in comments to VexGuestS390XState Each member of the structure declaration for `VexGuestS390XState' is commented with its offset within the structure. But starting with `guest_r0' and for all remaining members, these comments indicate the wrong offsets, and the actual offsets are 8 bytes higher. Adjust the comments accordingly. Diff: --- VEX/pub/libvex_guest_s390x.h | 66 ++++++++++++++++++++++---------------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/VEX/pub/libvex_guest_s390x.h b/VEX/pub/libvex_guest_s390x.h index b4e063f..ec4d71b 100644 --- a/VEX/pub/libvex_guest_s390x.h +++ b/VEX/pub/libvex_guest_s390x.h @@ -107,72 +107,72 @@ typedef struct { /*--- gpr registers ---*/ /*------------------------------------------------------------*/ - /* 568 */ ULong guest_r0; - /* 576 */ ULong guest_r1; - /* 584 */ ULong guest_r2; - /* 592 */ ULong guest_r3; - /* 600 */ ULong guest_r4; - /* 608 */ ULong guest_r5; - /* 616 */ ULong guest_r6; - /* 624 */ ULong guest_r7; - /* 632 */ ULong guest_r8; - /* 640 */ ULong guest_r9; - /* 648 */ ULong guest_r10; - /* 656 */ ULong guest_r11; - /* 664 */ ULong guest_r12; - /* 672 */ ULong guest_r13; - /* 680 */ ULong guest_r14; - /* 688 */ ULong guest_r15; + /* 576 */ ULong guest_r0; + /* 584 */ ULong guest_r1; + /* 592 */ ULong guest_r2; + /* 600 */ ULong guest_r3; + /* 608 */ ULong guest_r4; + /* 616 */ ULong guest_r5; + /* 624 */ ULong guest_r6; + /* 632 */ ULong guest_r7; + /* 640 */ ULong guest_r8; + /* 648 */ ULong guest_r9; + /* 656 */ ULong guest_r10; + /* 664 */ ULong guest_r11; + /* 672 */ ULong guest_r12; + /* 680 */ ULong guest_r13; + /* 688 */ ULong guest_r14; + /* 696 */ ULong guest_r15; /*------------------------------------------------------------*/ /*--- S390 miscellaneous registers ---*/ /*------------------------------------------------------------*/ - /* 696 */ ULong guest_counter; - /* 704 */ UInt guest_fpc; - /* 708 */ UChar unused[4]; /* 4-byte hole to get 8-byte alignment */ - /* 712 */ ULong guest_IA; + /* 704 */ ULong guest_counter; + /* 712 */ UInt guest_fpc; + /* 716 */ UChar unused[4]; /* 4-byte hole to get 8-byte alignment */ + /* 720 */ ULong guest_IA; /*------------------------------------------------------------*/ /*--- S390 pseudo registers ---*/ /*------------------------------------------------------------*/ - /* 720 */ ULong guest_SYSNO; + /* 728 */ ULong guest_SYSNO; /*------------------------------------------------------------*/ /*--- 4-word thunk used to calculate the condition code ---*/ /*------------------------------------------------------------*/ - /* 728 */ ULong guest_CC_OP; - /* 736 */ ULong guest_CC_DEP1; - /* 744 */ ULong guest_CC_DEP2; - /* 752 */ ULong guest_CC_NDEP; + /* 736 */ ULong guest_CC_OP; + /* 744 */ ULong guest_CC_DEP1; + /* 752 */ ULong guest_CC_DEP2; + /* 760 */ ULong guest_CC_NDEP; /*------------------------------------------------------------*/ /*--- Pseudo registers. Required by all architectures ---*/ /*------------------------------------------------------------*/ /* See comments at bottom of libvex.h */ - /* 760 */ ULong guest_NRADDR; - /* 768 */ ULong guest_CMSTART; - /* 776 */ ULong guest_CMLEN; + /* 768 */ ULong guest_NRADDR; + /* 776 */ ULong guest_CMSTART; + /* 784 */ ULong guest_CMLEN; /* Used when backing up to restart a syscall that has been interrupted by a signal. See also comment in libvex_ir.h */ - /* 784 */ ULong guest_IP_AT_SYSCALL; + /* 792 */ ULong guest_IP_AT_SYSCALL; /* Emulation notes; see comments in libvex_emnote.h */ - /* 792 */ UInt guest_EMNOTE; + /* 800 */ UInt guest_EMNOTE; /* For translation chaining */ - /* 796 */ UInt host_EvC_COUNTER; - /* 800 */ ULong host_EvC_FAILADDR; + /* 804 */ UInt host_EvC_COUNTER; + /* 808 */ ULong host_EvC_FAILADDR; /*------------------------------------------------------------*/ /*--- Force alignment to 16 bytes ---*/ /*------------------------------------------------------------*/ - /* 808 */ UChar padding[0]; + /* 816 */ UChar padding[0]; /* 816 */ /* This is the size of the guest state */ } VexGuestS390XState; |
|
From: karnajit w. <kar...@gm...> - 2019-12-04 06:28:22
|
Hi All, I have put this question in freebsd-hackers, but as this mailing list has more valgrind experts, I wanted to try it here too. I know its not appropriate for me to ask valgrind-freebsd question here. But I am not looking for a ready made solution, just a pointer to where I should look in valgrind-freebsd to fix this issue. Location for valgrind-freebsd port: https://bitbucket.org/stass/valgrind-freebsd Pasting the query: ------------------------------------------------------------------------------------------------------------ ---------- Forwarded message --------- From: karnajit wangkhem <kar...@gm...> Date: Tue, Dec 3, 2019 at 1:06 PM Subject: State of register edx on valgrind-freebsd after syscall To: <fre...@fr...> Hi All, Below is the valgrind-freebsd I used https://www.freshports.org/devel/valgrind https://bitbucket.org/stass/valgrind-freebsd/get/ce1acb28953f.tar.gz?dummy=/ $ ./valgrind --version valgrind-3.10.1 Please consider the following assembly ============================================================ .section .data .long 0 /* Valgrind segfaults without this dummy */ .section .text .global _start STR0: .ascii "Hello World\n" kernel: int $0x80 ret _start: mov $2, %ebx /* Store value 2, 3, 4 in reg ebx, ecx, edx */ mov $3, %ecx mov $4, %edx push $12 /* Push arguments on stack as per x86 freebsd convention */ push $STR0 push $1 mov $4, %eax /* write syscall no == 4 */ call kernel add %ebx, %eax /* Now lets add all the GP registers */ add %ecx, %eax add %edx, %eax push %eax /* We expect 4(edx) + 3(ecx) + 2(ebx) + 12(eax) == 21 */ mov $1, %eax /* Perform exit syscall */ call kernel ============================================================ compile: $ clang --target=i386-unknown-freebsd10.3 -nostdlib -nostdinc reg_minimal.s $ ./a.out Hello World $ echo $? 21 $ ./valgrind ./a.out ==69326== Memcheck, a memory error detector ==69326== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==69326== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info ==69326== Command: ./a.out ==69326== Hello World ==69326== ==69326== HEAP SUMMARY: ==69326== in use at exit: 0 bytes in 0 blocks ==69326== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==69326== ==69326== All heap blocks were freed -- no leaks are possible ==69326== ==69326== For counts of detected and suppressed errors, rerun with: -v ==69326== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) $ echo $? 177 <<<<<<<<<< This is wrong Now, if we modify the code slightly to return %edx instead, the return value will looks like this $ echo $? 160 So, the reason why eax + ebx + ecx + edx returned 177 instead of 21 was because register edx has been clobbered by valgrind instrumentation of syscall. In case of linux, the syscall calling convention is bit different and we need to pass the arguments in registers ebx, ecx, edx, but even after the syscall, these register value holds the same argument values (valgrind-linux valgrind-3.7.0). Could someone give a pointer to which part of the freebsd-valgrind code could be responsible for this bug? Or if possible where I can fix this? Regards, Karan ------------------------------------------------------------------------------------------------------------ Regards, Karan |
|
From: Julian S. <se...@so...> - 2019-12-01 06:02:20
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=af4fae12f3456ab5a591298a7c9ee5e3e12ec282 commit af4fae12f3456ab5a591298a7c9ee5e3e12ec282 Author: Julian Seward <js...@ac...> Date: Sun Dec 1 07:01:20 2019 +0100 'grail' fixes for s390x: This isn't a good result. It merely disables the new functionality on s390x, for the reason stated below. * guest_generic_bb_to_IR.c bb_to_IR(): Disable, hopefully temporarily, the key &&-recovery transformation on s390x, since it causes Memcheck to crash for reasons I couldn't figure out. It also exposes some missing Iex_ITE cases in the s390x insn selector, although those shouldn't be a big deal to fix. Maybe it's some strangeness to do with the s390x "ex" instruction. I don't exactly understand how that trickery works, but from some study of it, I didn't see anything obviously wrong. It is only chasing through conditional branches that is disabled for s390x. Chasing through unconditional branches (jumps and calls to known destinations) is still enabled. * host_s390_isel.c s390_isel_cc(): No functional change. Code has been added here to handle the new Iop_And1 and Iop_Or1, and it is somewhat tested, but is not needed until conditional branch chasing is enabled on s390x. Diff: --- VEX/priv/guest_generic_bb_to_IR.c | 8 +++++++- VEX/priv/host_s390_isel.c | 40 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/VEX/priv/guest_generic_bb_to_IR.c b/VEX/priv/guest_generic_bb_to_IR.c index 6a1d4dc..0b8f852 100644 --- a/VEX/priv/guest_generic_bb_to_IR.c +++ b/VEX/priv/guest_generic_bb_to_IR.c @@ -1446,7 +1446,13 @@ IRSB* bb_to_IR ( // Try for an extend based on a conditional branch, specifically in the // hope of identifying and recovering, an "A && B" condition spread across // two basic blocks. - if (irsb_be.tag == Be_Cond) { + if (irsb_be.tag == Be_Cond + /* sewardj 2019Nov30: Alas, chasing cond branches on s390 causes + Memcheck to crash, for as-yet unknown reasons. It also exposes + some unhandled Iex_ITE cases in the s390x instruction selector. + For now, disable. */ + && arch_guest != VexArchS390X) + { if (debug_print) { vex_printf("\n-+-+ (ext# %d) Considering cbranch to" " SX=0x%llx FT=0x%llx -+-+\n\n", diff --git a/VEX/priv/host_s390_isel.c b/VEX/priv/host_s390_isel.c index 30e5c76..97614c8 100644 --- a/VEX/priv/host_s390_isel.c +++ b/VEX/priv/host_s390_isel.c @@ -3535,6 +3535,46 @@ s390_isel_cc(ISelEnv *env, IRExpr *cond) IRExpr *arg2 = cond->Iex.Binop.arg2; HReg reg1, reg2; + /* sewardj 2019Nov30: This will be needed when chasing through conditional + branches in guest_generic_bb_to_IR.c is enabled on s390x. + Unfortunately that is currently disabled on s390x as it causes + mysterious segfaults and also exposes some unhandled Iex_ITE cases in + this instruction selector. The following Iop_And1/Iop_Or1 cases are + also needed when enabled. The code below is *believed* to be correct, + and has been lightly tested, but it is #if 0'd until such time as we + need it. */ +# if 0 + /* FIXME: We could (and probably should) do a lot better here, by using + the iselCondCode_C/_R scheme used in the amd64 insn selector. */ + if (cond->Iex.Binop.op == Iop_And1 || cond->Iex.Binop.op == Iop_Or1) { + /* In short: force both operands into registers, AND or OR them, mask + off all but the lowest bit, then convert the result back into a + condition code. */ + const s390_opnd_RMI one = s390_opnd_imm(1); + + HReg x_as_64 = newVRegI(env); + s390_cc_t cc_x = s390_isel_cc(env, arg1); + addInstr(env, s390_insn_cc2bool(x_as_64, cc_x)); + addInstr(env, s390_insn_alu(8, S390_ALU_AND, x_as_64, one)); + + HReg y_as_64 = newVRegI(env); + s390_cc_t cc_y = s390_isel_cc(env, arg2); + addInstr(env, s390_insn_cc2bool(y_as_64, cc_y)); + addInstr(env, s390_insn_alu(8, S390_ALU_AND, y_as_64, one)); + + s390_alu_t opkind + = cond->Iex.Binop.op == Iop_And1 ? S390_ALU_AND : S390_ALU_OR; + addInstr(env, s390_insn_alu(/*size=*/8, + opkind, x_as_64, s390_opnd_reg(y_as_64))); + + addInstr(env, s390_insn_alu(/*size=*/8, S390_ALU_AND, x_as_64, one)); + addInstr(env, s390_insn_test(/*size=*/8, s390_opnd_reg(x_as_64))); + return S390_CC_NE; + } +# endif /* 0 */ + + // |sizeofIRType| asserts on Ity_I1, so we can't do it until after we're + // sure that Iop_And1 and Iop_Or1 can't make it this far. size = sizeofIRType(typeOfIRExpr(env->type_env, arg1)); switch (cond->Iex.Binop.op) { |