1
2#include <stdio.h>
3#include <stdlib.h>
4
5// Do a test comparison.  By default memcheck does not use the
6// expensive EQ/NE scheme as it would be too expensive.  The
7// assignment to *hack is a trick to fool memcheck's bogus-literal
8// spotter into thinking this is a bb which needs unusually careful
9// attention, and therefore the expensive EQ/NE scheme is used.
10
11__attribute__((noinline)) // keep your grubby hands off this fn
12void foo ( int* p1, int* p2, unsigned int * hack )
13{
14  *hack = 0x80808080;
15  if (*p1 == *p2)
16    printf("foo\n");
17  else
18    printf("bar\n");
19}
20
21static void bar ( void );
22int main ( void )
23{
24
25  unsigned int hack;
26
27  int* junk1 = malloc(sizeof(int));
28  int* junk2 = malloc(sizeof(int));
29
30  short* ps1 = (short*)junk1;
31  short* ps2 = (short*)junk2;
32
33  int*   pi1 = (int*)junk1;
34  int*   pi2 = (int*)junk2;
35  bar();
36  // both words completely undefined.  This should give an error.
37  foo(pi1,pi2, &hack);
38
39  // set half of the words, but to different values; so this should
40  // not give an error, since inspection of the defined parts
41  // shows the two values are not equal, and so the definedness of
42  // the conclusion is unaffected by the undefined halves.
43  *ps1 = 41;
44  *ps2 = 42;
45  foo(pi1,pi2, &hack);
46
47  // set half of the words, but to the same value, so this forces the
48  // result of the comparison to depend on the undefined halves.
49  // should give an error
50  *ps1 = 42;
51  *ps2 = 42;
52  foo(pi1,pi2, &hack);
53
54  return 0;
55}
56
57// Note: on ppc32/64 the second call to foo() does give an error,
58// since the expensive EQ/NE scheme does not apply to the CmpORD
59// primops used by ppc.
60//
61// On arm, the "normal" (x86-like) comparison primops are used, so
62// the expensive EQ/NE scheme could apply.  However, it doesn't,
63// because the constant 0x80808080 is placed in a constant pool
64// and so never appears as a literal, and so the instrumenter
65// never spots it and so doesn't use the expensive scheme (for foo).
66// Hence also on ARM we get 3 errors, not 2.
67//
68// s390x is even more complicated: Depending on the architecture
69// level we have the 0x80808080 either in the literal pool (3 errors)
70// or with the extended immediate facility in an instruction (2 errors).
71static __attribute__((noinline)) void bar ( void )
72{
73#if defined(__powerpc__) || defined(__powerpc64__) || defined(__arm__)
74  fprintf(stderr, "Currently running on ppc32/64/arm: this test should give 3 errors, not 2.\n");
75#endif
76#if defined(__s390__)
77  fprintf(stderr, "On s390 we might see 2 or 3 errors.\n");
78#endif
79}
80