|
From: Julian S. <js...@ac...> - 2004-07-16 14:57:01
|
Hi Monty
> When running the MySQL test suite we get a wrong warning from valgrind:
> (I assume it's wrong warning after spending 3 hours checking this out)
Sorry you spent 3 hours on this.
Valgrind (memcheck) is pretty good at tracking definedness
correctly through integer code, but occasionally gcc -O{1,2,3}
generates a bit of code which fools it, and that is the case
here, I'd say:
> sbbl %eax, %eax
Sigh. After this insn, %eax depends only on the value of the
carry flag before the insn, but V will think it also depends on
the prior value of %eax. If that contained data marked as undefined,
it will be confused.
> If I recompile sql_yacc.yy and sql_parse.cc with -O0 (instead of -O3) then
> I don't get any warnings from valgrind.
In general we recommend that for the most accurate memchecking, you
compile all code at -O0 if possible. That's in the docs :-) So
if you can run your entire testsuite with -O0 that would be good.
Basically if V doesn't complain at -O0 then I'd say you are OK.
> I spent a couple of hours trying to do a standalone test program of this
> problem but didn't succeed in repeating it :(
Thanks, but ... I think its the sbbl %reg,%reg idiom. I'll add it to
my list of nasties (I've never seen this particular nasty before).
It might be possible to make the x86 insn decoder aware of this idiom
and treat it like "movl $0, %reg; sbbl %reg,%reg", which would fix
this. It already specially understands "xor %reg,%reg".
J
|
> I think it's the sbbl %reg,%reg idiom. I'll add it to > my list of nasties (I've never seen this particular nasty before). > > It might be possible to make the x86 insn decoder aware of this idiom > and treat it like "movl $0, %reg; sbbl %reg,%reg", which would fix > this. It already specially understands "xor %reg,%reg". There are several other analogous cases. They occur often in low-level graphics programming, or anything which makes intensive use of Carry bit, which is intimately connected with "unsigned less than". sub %reg,%reg # faster [!] than xor on 8086 [hence, a habit] or $-1,%reg # smallest way to load 0xffffffff shr %reg1 # Carry = bottom_bit adc %reg2,%reg2 # bottom_bit = Carry and %reg,%reg # equivalent to "test %reg,%reg" or %reg,%reg # equivalent to "test %reg,%reg" testl %reg,%reg; js ... # depends on the (1<<31) bit only addl %reg,%reg; jc ... # depends on the (1<<31) bit only addl %reg,%reg; js ... # depends on the (1<<30) bit only alu ...,%reg; jpe ... # depends only on low 8 bits and $0,mem # forces datacache load on PentiumPlain # "mov $0,mem" bypasses cache if a miss on PentiumPlain or $~0,mem # forces datacache load on PentiumPlain # "mov $~0,mem" bypasses cache if a miss on PentiumPlain and mem,%reg # the 0 bits in mem initialize # the corresponding bits in %reg or mem,%reg # the 1 bits in mem initialize # the coresponding bits in %reg [decimal arithmetic instructins are also peculiar] -- John Reiser, jreiser@BitWagon.com |