On 09/07/2017 Kacper Kowalski wrote:
Thank you very much, John Reiser, for such extensive help.
You're welcome.
If I understood correctly, memcheck uses hardcoded SP and it's r13? It should
use the register passed with ldmdb instruction as SP (within this example it
will be r11)?
No, the details are different. The hardware itself has hardcoded r13 as the
stack pointer sp. It looks to me like the compiler is trying to tail-merge
the exit-from-subroutine so that all of the branches of a final if-then-else
come together and return from exactly one point. When the subroutine
uses any of r4 through r11 then those registers must be saved at entry
and restored just before return.
The ldmdb does that, and also performs the return by writing r15(==pc).
(The compiler also cleverly uses the ldmdb to restore sp(==r13) from r12.)
Always exiting from exactly one point does have value, but in this case
where something shorter would work ("bx lr", or "mov pc,lr", or "blx lr";
or even the pair "push lr; pop pc" [==> str lr,[sp, #-4]!; ldr pc,[sp],#4!] )
even if some other paths still must use the ldmdb, then the
move-stmdb-sub wastes time and space.
... "--ignore-range-below-sp=44-13" ... I can't find out exactly why such
numbers
should be used. It is clear that 44 stand for 11 registers pushed on the stack
> but why memcheck complains only when 8 registers are
fetched ((44 - 13 + 1)/4 = 8)?
Is it caused by updating of r13(==sp) after the second fetch when ldmdb is used?
Yes. memcheck's emulation of ldmdb is serial, using the newly-written value
of r13(==sp) to check the fetches for lower-numbered registers. All known
instances of ARM hardware effectively do everything in parallel (and cannot
be interrupted), which protects all the fetches. [I cannot find where this
is documented in the ARM manual.]
Using --ignore-range-below-sp does reduce the noise, but has the danger of
ignoring actual errors for references in that range. For ldmdb, then
memcheck should use an extra temporary variable to hold the new value of sp,
and perform the actual assignment to sp only after writing all the other
registers. (And the compiler-generated code should be improved, too.)
--
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Valgrind-users mailing list
Valgrind-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/valgrind-users
