|
From: Patrick J. L. <lop...@gm...> - 2012-02-20 20:24:34
|
I have filed the following bug:
https://bugs.kde.org/show_bug.cgi?id=294523
The executive summary is that the current behavior of
"--partial-loads-ok=yes" needlessly creates false negatives; i.e., it
causes actual errors to be missed. I believe a simple change to its
behavior can eliminate all false negatives, while still suppressing
almost all of the false positives that inspired the addition of this
option in the first place.
The issue is this. When loading bytes from unaddressable memory,
Memcheck emits an error but marks the bytes read as _valid_. The
rationale for this is to avoid a cascade of errors; after all, once
the invalid memory access is flagged, the user has all the information
they need.
But lots of optimized code relies on the following property: An
aligned load cannot fault unless all of its bytes fault. So it is
common (especially in vectorized code, but put that aside for now) to
load a chunk of data from an aligned address that only partially
overlaps an allocated region. This is perfectly fine unless your
optimized code relies on the (unknown) bytes that were read from
outside the allocated region.
So Memcheck has an option "--partial-loads-ok=yes" designed to
suppress the error when (a) the load is aligned and (b) one or more of
the bytes are addressable. The problem is that it still marks all
bytes read as "defined". This means that even if your optimized code
erroneously depends on the data loaded from the unallocated region, no
error will be issued.
The solution is simple: When --partial-loads-ok=yes and the error is
being suppressed, mark the bytes read from unaccessable memory as
_undefined_. This will result in zero false negatives, since any use
of the data from the unaccessable memory will still emit an error, and
any use of data read from addressable memory is not an error. But
this will still massively reduce false positives, depending on how
conservatively the validity bits are propagated.
I attached a test case to my bug demonstrating the kind of optimized
code that I believe is extremely common and the kind of false negative
that --partial-loads-ok creates. I also attached a patch implementing
my proposed fix.
I would appreciate any feedback. Thanks!
- Pat
|