Re: [RFC] Sanitize rtx_addr_can_trap_p_1

[Richard Biener <richard.guenther@gmail.com>]

On Thu, Jun 11, 2015 at 4:34 PM, Bernd Edlinger
<bernd.edlinger@hotmail.de> wrote:
> Hi,
>
> On Thu, 11 Jun 2015 12:57:34 +0200, Jakub Jelinek wrote:
>>
>> On Thu, Jun 11, 2015 at 12:38:40PM +0200, Bernd Edlinger wrote:
>>> On Thu, 11 Jun 2015 10:02:03, Jakub Jelinek wrote:
>>>>
>>>> IMHO the
>>>> #if 0
>>>> #endif
>>>> stuff doesn't belong to the patch.
>>>>
>>>
>>> I just wanted to leave a hint, how I debugged this function, and how
>>> to assess the performance of the decision that is taken here.
>>
>> What I usually do in these cases is something like:
>> FILE *f = fopen ("/tmp/mylogfile", "a");
>> fprintf (f, "%s %d ...\n", main_input_filename ? main_input_filename : "-", (int) BITS_PER_WORD, ...);
>> fclose (f);
>> and do full bootstrap/regtest (usually both x86_64-linux and i686-linux)
>> with it, then look at the log file.
>> But I keep those for myself, don't keep them even as comments.
>> In this case, you could post the hack as incremental patch for interested
>> folks to test on their architecture, but I'm not convinced we want to keep
>> it in the source, whether #if 0 or in a comment.
>>
>
> I am not too sure about it either.
>
> But I think, it is quite helpful data, however I am even tempted
> to add the name of the current function, and the pass we are in at the moment,
> but I have no idea how to grab that information...
>
>> So, for a full bootstrap/regtest, how many log messages do you get, and are
>> they always resolved conservatively (i.e. if unsure the offset is ok, return
>> 1)?
>>
>
>
> In stage 2 of the build (with all languages) I get:
>
> 2930 messages of the form
> *** frame can trap: offset=16, size=8, low_bound=-3152, high_bound=0
>
> 74 messages of the form
> *** sp can trap: offset=112, size=4, low_bound=-144, high_bound=112
>
> 202 messages of the from
> *** argp can trap: offset=16, size=8, low_bound=-56, high_bound=16
>
> 10 messages of the form
> *** fp can trap: offset=40, size=4, low_bound=-264, high_bound=24
>
>
> My patch does not change the handling of frame_pointer_rtx,
> except that it avoids a possible integer overflow in "adj_offset + size - 1>= 0"
> so these 2930 suppressed optimizations were already introduced by Eric's patch.
>
> I think that is probably a new effect, that [FP+x] is now used more
> often than before to access values at [ARGP+x].  I have not tried, but
> maybe it would be possible to use the crtl->args.size, here too, to get more
> optimistic upper bounds on the argument sizes.
>
>
> So all in all my patch changed 286 times the return value of rtx_addr_can_trap_p_1
> in the whole pass 2.
>
> But OTOH there are millions of times, where the rtx_addr_can_trap_p_1
> returns 0, which is rtx can not trap.

Sounds like a red-zone is not accounted for?

Richard.

>
> Bernd.
>