ARM compiler bug?

Tutorials Win: Microsoft Windows Forum

Hi All,

The following sample code gives me unexpected results.

void FindBug()
{
static unsigned int x = 0x80000000; // Very negative
static unsigned int y = 1; // Positive
int z = x - y; // z = 0x7FFFFFFF
if (z > 0) {
OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
} else {
OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
}
}

Looking at this code seems that I should get "z (0x7FFFFFFF) > 0", however,
I actually get "z (0x7FFFFFFF) <= 0?".
I have attached the generated assembler file below. I have embedded some
comments in the assembler.

00000 |FindBug| PROC

; 37 : {

00000 |$L14233|
00000 e52de004 str lr, [sp, #-4]!
00004 |$M14231|

; 38 : static unsigned int x = 0x80000000; // Very negative
; 39 : static unsigned int y = 1; // Positive
; 40 : int z = x - y; // z = 0x7FFFFFFF

00004 e59f3024 ldr r3, [pc, #0x24]
00008 e5932004 ldr r2, [r3, #4]
0000c e5933000 ldr r3, [r3]
00010 e0521003 subs r1, r2, r3

; 41 : if (z > 0) {
; 42 : OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));

-> At this point z = 0x7FFFFFFF (positive number).

00014 c59f0010 ldrgt r0, [pc, #0x10]

-> We expect the ldrgt to execute but it does not (ldrle does).
-> The condition for gt are Z = 0, N==V.
-> Z = 0 We pass the first condition.
-> N = 0 (bit 31) and V = 1 (overflow from negative to positive) We fail the
second condition.
-> Therefore, N != V and the ldrgt (>) does not execute, even though that is
what we expect.

-> Looks like a compiler bug.

; 43 : } else {
; 44 : OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));

00018 d59f0008 ldrle r0, [pc, #8]
0001c eb000000 bl NKDbgPrintfW

; 45 : }
; 46 : }

00020 e49de004 ldr lr, [sp], #4
00024 e12fff1e bx lr
00028 |$L14236|
00028 00000000 DCD
|??_C@_1CC@EMHAJMPE@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
?$AA?$DM?$AA?$DN?$AA?5?$AA0?$AA?$DP?$AA?$AN?$AA?6?$AA?$AA@|
0002c 00000000 DCD
|??_C@_1BO@FIKAIAKN@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
?$AA?$DO?$AA?5?$AA0?$AA?$AN?$AA?6?$AA?$AA@|
00030 00000000 DCD |?y@?1??FindBug@@9@9|
00034 |$M14232|

ENDP ; |FindBug|

Danny
Top

RE: ARM compiler bug? by anonymous

anonymous
Thu Jul 28 10:29:15 CDT 2005

"static unsigned int x = 0x80000000; // Very negative"

This is an unsigned number and is +2147483648(dec).

Have you verified that z is actually 0x7FFFFFFF ?

"Danny" wrote:

> Hi All,
>
> The following sample code gives me unexpected results.
>
> void FindBug()
> {
> static unsigned int x = 0x80000000; // Very negative
> static unsigned int y = 1; // Positive
> int z = x - y; // z = 0x7FFFFFFF
> if (z > 0) {
> OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
> } else {
> OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
> }
> }
>
> Looking at this code seems that I should get "z (0x7FFFFFFF) > 0", however,
> I actually get "z (0x7FFFFFFF) <= 0?".
> I have attached the generated assembler file below. I have embedded some
> comments in the assembler.
>
> 00000 |FindBug| PROC
>
> ; 37 : {
>
> 00000 |$L14233|
> 00000 e52de004 str lr, [sp, #-4]!
> 00004 |$M14231|
>
> ; 38 : static unsigned int x = 0x80000000; // Very negative
> ; 39 : static unsigned int y = 1; // Positive
> ; 40 : int z = x - y; // z = 0x7FFFFFFF
>
> 00004 e59f3024 ldr r3, [pc, #0x24]
> 00008 e5932004 ldr r2, [r3, #4]
> 0000c e5933000 ldr r3, [r3]
> 00010 e0521003 subs r1, r2, r3
>
> ; 41 : if (z > 0) {
> ; 42 : OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
>
> -> At this point z = 0x7FFFFFFF (positive number).
>
> 00014 c59f0010 ldrgt r0, [pc, #0x10]
>
> -> We expect the ldrgt to execute but it does not (ldrle does).
> -> The condition for gt are Z = 0, N==V.
> -> Z = 0 We pass the first condition.
> -> N = 0 (bit 31) and V = 1 (overflow from negative to positive) We fail the
> second condition.
> -> Therefore, N != V and the ldrgt (>) does not execute, even though that is
> what we expect.
>
> -> Looks like a compiler bug.
>
> ; 43 : } else {
> ; 44 : OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
>
> 00018 d59f0008 ldrle r0, [pc, #8]
> 0001c eb000000 bl NKDbgPrintfW
>
> ; 45 : }
> ; 46 : }
>
> 00020 e49de004 ldr lr, [sp], #4
> 00024 e12fff1e bx lr
> 00028 |$L14236|
> 00028 00000000 DCD
> |??_C@_1CC@EMHAJMPE@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> ?$AA?$DM?$AA?$DN?$AA?5?$AA0?$AA?$DP?$AA?$AN?$AA?6?$AA?$AA@|
> 0002c 00000000 DCD
> |??_C@_1BO@FIKAIAKN@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> ?$AA?$DO?$AA?5?$AA0?$AA?$AN?$AA?6?$AA?$AA@|
> 00030 00000000 DCD |?y@?1??FindBug@@9@9|
> 00034 |$M14232|
>
> ENDP ; |FindBug|
>
> Danny
>
>
>
Top

Re: ARM compiler bug? by Danny

Danny
Thu Jul 28 10:45:39 CDT 2005

Yes I have verified that.You will notice that I print out the value of z and
it is 0x7FFFFFFF.

Your right that x is unsigned (and is really a very positive number), but
the conditions use by the ldr (ldrgt and ldrle) are signed greater than and
signed less than or equal. It is going to treat the previous conditions
flags as if they where signed values and not unsigned values.


"anonymous" <anonymous@discussions.microsoft.com> wrote in message
news:B26A44B6-C293-4DF6-89F8-D88DDC27F2BF@microsoft.com...
> "static unsigned int x = 0x80000000; // Very negative"
>
> This is an unsigned number and is +2147483648(dec).
>
> Have you verified that z is actually 0x7FFFFFFF ?
>
> "Danny" wrote:
>
> > Hi All,
> >
> > The following sample code gives me unexpected results.
> >
> > void FindBug()
> > {
> > static unsigned int x = 0x80000000; // Very negative
> > static unsigned int y = 1; // Positive
> > int z = x - y; // z = 0x7FFFFFFF
> > if (z > 0) {
> > OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
> > } else {
> > OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
> > }
> > }
> >
> > Looking at this code seems that I should get "z (0x7FFFFFFF) > 0",
however,
> > I actually get "z (0x7FFFFFFF) <= 0?".
> > I have attached the generated assembler file below. I have embedded some
> > comments in the assembler.
> >
> > 00000 |FindBug| PROC
> >
> > ; 37 : {
> >
> > 00000 |$L14233|
> > 00000 e52de004 str lr, [sp, #-4]!
> > 00004 |$M14231|
> >
> > ; 38 : static unsigned int x = 0x80000000; // Very negative
> > ; 39 : static unsigned int y = 1; // Positive
> > ; 40 : int z = x - y; // z = 0x7FFFFFFF
> >
> > 00004 e59f3024 ldr r3, [pc, #0x24]
> > 00008 e5932004 ldr r2, [r3, #4]
> > 0000c e5933000 ldr r3, [r3]
> > 00010 e0521003 subs r1, r2, r3
> >
> > ; 41 : if (z > 0) {
> > ; 42 : OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
> >
> > -> At this point z = 0x7FFFFFFF (positive number).
> >
> > 00014 c59f0010 ldrgt r0, [pc, #0x10]
> >
> > -> We expect the ldrgt to execute but it does not (ldrle does).
> > -> The condition for gt are Z = 0, N==V.
> > -> Z = 0 We pass the first condition.
> > -> N = 0 (bit 31) and V = 1 (overflow from negative to positive) We fail
the
> > second condition.
> > -> Therefore, N != V and the ldrgt (>) does not execute, even though
that is
> > what we expect.
> >
> > -> Looks like a compiler bug.
> >
> > ; 43 : } else {
> > ; 44 : OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
> >
> > 00018 d59f0008 ldrle r0, [pc, #8]
> > 0001c eb000000 bl NKDbgPrintfW
> >
> > ; 45 : }
> > ; 46 : }
> >
> > 00020 e49de004 ldr lr, [sp], #4
> > 00024 e12fff1e bx lr
> > 00028 |$L14236|
> > 00028 00000000 DCD
> >
|??_C@_1CC@EMHAJMPE@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> > ?$AA?$DM?$AA?$DN?$AA?5?$AA0?$AA?$DP?$AA?$AN?$AA?6?$AA?$AA@|
> > 0002c 00000000 DCD
> >
|??_C@_1BO@FIKAIAKN@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> > ?$AA?$DO?$AA?5?$AA0?$AA?$AN?$AA?6?$AA?$AA@|
> > 00030 00000000 DCD |?y@?1??FindBug@@9@9|
> > 00034 |$M14232|
> >
> > ENDP ; |FindBug|
> >
> > Danny
> >
> >
> >


Top

Re: ARM compiler bug? by hel

hel
Sat Jul 30 00:10:00 CDT 2005

D- [Thu, 28 Jul 2005 10:05:04 -0400]:
>The following sample code gives me unexpected results.
>void FindBug()>{
> static unsigned int x = 0x80000000; // Very negative
> static unsigned int y = 1; // Positive
> int z = x - y; // z = 0x7FFFFFFF

How about,

int z = (INT32) ((UINT32)( (UINT32)x - (UINT32)y ));

I think something like this was posted around here
a while back, though with C-type manifest constants.
There, the debug and release builds gave different
results (should not have -- the release was correct;
no room for interpretation). Anyway, I think the
idea here is that x and y are made (int) (converted),
then subtracted. Check your local listings for time
and channel, and to see if it's spelled out. As has
been pointed out, walking the edge like this is ...
walking the edge. Me, I like just about everything
unsigned (i.e., I won't have int z in the first place),
and to explicity cast in the compare if I think I'm
going down (below zero, etc.).

--
40th Floor - Software @ http://40th.com/
iPlay : the ultimate audio player for mobiles
parametric eq, xfeed, reverb; all on a mobile
Top

Re: ARM compiler bug? by Danny

Danny
Wed Aug 03 09:37:52 CDT 2005

I tried the cast and it does not make a difference. This problem is not seen
in debug builds or in retail builds with the optimizations turned off. It
seems like an incorrect optimization. Although the code I gave seems silly
and trivial it was only a sample to show the problem. I actually encounted
this problem in the MS provided PQOAL. I found it in the OALTimerUpdate
function when compiled for ARMV4I platforms.

Danny.


<hel@40th.com> wrote in message
news:eR2jwTMlFHA.2152@TK2MSFTNGP14.phx.gbl...
> D- [Thu, 28 Jul 2005 10:05:04 -0400]:
> >The following sample code gives me unexpected results.
> >void FindBug()>{
> > static unsigned int x = 0x80000000; // Very negative
> > static unsigned int y = 1; // Positive
> > int z = x - y; // z = 0x7FFFFFFF
>
> How about,
>
> int z = (INT32) ((UINT32)( (UINT32)x - (UINT32)y ));
>
> I think something like this was posted around here
> a while back, though with C-type manifest constants.
> There, the debug and release builds gave different
> results (should not have -- the release was correct;
> no room for interpretation). Anyway, I think the
> idea here is that x and y are made (int) (converted),
> then subtracted. Check your local listings for time
> and channel, and to see if it's spelled out. As has
> been pointed out, walking the edge like this is ...
> walking the edge. Me, I like just about everything
> unsigned (i.e., I won't have int z in the first place),
> and to explicity cast in the compare if I think I'm
> going down (below zero, etc.).
>
> --
> 40th Floor - Software @ http://40th.com/
> iPlay : the ultimate audio player for mobiles
> parametric eq, xfeed, reverb; all on a mobile


Top

Re: ARM compiler bug? by russellk

russellk
Wed Aug 03 10:19:09 CDT 2005

Yes, this is a compiler bug. It's being overzealous when folding the CMP
into the SUB since it's not legal for the GT condition code. This is fixed
in newer compilers such as Visual Studio 2005 Beta 2. One workaround, as
you found, is to disable optimizations. It might also be possible in some
instances to refactor the code such that the compiler can't perform the bad
transformation.

--
Russ Keldorph
russellk@online.microsoft.com (Remove the 'online.' from my address to
reach me.)

This posting is provided "AS IS" with no warranties, and confers no rights.
OR if you wish to include a script sample in your post please add "Use of
included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm"
--------------------
> From: "Danny" <danny@nospam.com>
> References: <eANjb13kFHA.2904@tk2msftngp13.phx.gbl>
<B26A44B6-C293-4DF6-89F8-D88DDC27F2BF@microsoft.com>
> Subject: Re: ARM compiler bug?
> Date: Thu, 28 Jul 2005 11:45:39 -0400
> Lines: 108
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Newsreader: Microsoft Outlook Express 6.00.2800.1506
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506
> Message-ID: <uSrjot4kFHA.2156@TK2MSFTNGP14.phx.gbl>
> Newsgroups: microsoft.public.windowsce.platbuilder
> NNTP-Posting-Host: 190.36.220-216.q9.net 216.220.36.190
> Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP14.phx.gbl
> Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsce.platbuilder:22471
> X-Tomcat-NG: microsoft.public.windowsce.platbuilder
>
> Yes I have verified that.You will notice that I print out the value of z
and
> it is 0x7FFFFFFF.
>
> Your right that x is unsigned (and is really a very positive number), but
> the conditions use by the ldr (ldrgt and ldrle) are signed greater than
and
> signed less than or equal. It is going to treat the previous conditions
> flags as if they where signed values and not unsigned values.
>
>
> "anonymous" <anonymous@discussions.microsoft.com> wrote in message
> news:B26A44B6-C293-4DF6-89F8-D88DDC27F2BF@microsoft.com...
> > "static unsigned int x = 0x80000000; // Very negative"
> >
> > This is an unsigned number and is +2147483648(dec).
> >
> > Have you verified that z is actually 0x7FFFFFFF ?
> >
> > "Danny" wrote:
> >
> > > Hi All,
> > >
> > > The following sample code gives me unexpected results.
> > >
> > > void FindBug()
> > > {
> > > static unsigned int x = 0x80000000; // Very negative
> > > static unsigned int y = 1; // Positive
> > > int z = x - y; // z = 0x7FFFFFFF
> > > if (z > 0) {
> > > OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
> > > } else {
> > > OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
> > > }
> > > }
> > >
> > > Looking at this code seems that I should get "z (0x7FFFFFFF) > 0",
> however,
> > > I actually get "z (0x7FFFFFFF) <= 0?".
> > > I have attached the generated assembler file below. I have embedded
some
> > > comments in the assembler.
> > >
> > > 00000 |FindBug| PROC
> > >
> > > ; 37 : {
> > >
> > > 00000 |$L14233|
> > > 00000 e52de004 str lr, [sp, #-4]!
> > > 00004 |$M14231|
> > >
> > > ; 38 : static unsigned int x = 0x80000000; // Very negative
> > > ; 39 : static unsigned int y = 1; // Positive
> > > ; 40 : int z = x - y; // z = 0x7FFFFFFF
> > >
> > > 00004 e59f3024 ldr r3, [pc, #0x24]
> > > 00008 e5932004 ldr r2, [r3, #4]
> > > 0000c e5933000 ldr r3, [r3]
> > > 00010 e0521003 subs r1, r2, r3
> > >
> > > ; 41 : if (z > 0) {
> > > ; 42 : OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
> > >
> > > -> At this point z = 0x7FFFFFFF (positive number).
> > >
> > > 00014 c59f0010 ldrgt r0, [pc, #0x10]
> > >
> > > -> We expect the ldrgt to execute but it does not (ldrle does).
> > > -> The condition for gt are Z = 0, N==V.
> > > -> Z = 0 We pass the first condition.
> > > -> N = 0 (bit 31) and V = 1 (overflow from negative to positive) We
fail
> the
> > > second condition.
> > > -> Therefore, N != V and the ldrgt (>) does not execute, even though
> that is
> > > what we expect.
> > >
> > > -> Looks like a compiler bug.
> > >
> > > ; 43 : } else {
> > > ; 44 : OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
> > >
> > > 00018 d59f0008 ldrle r0, [pc, #8]
> > > 0001c eb000000 bl NKDbgPrintfW
> > >
> > > ; 45 : }
> > > ; 46 : }
> > >
> > > 00020 e49de004 ldr lr, [sp], #4
> > > 00024 e12fff1e bx lr
> > > 00028 |$L14236|
> > > 00028 00000000 DCD
> > >
>
|??_C@_1CC@EMHAJMPE@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> > > ?$AA?$DM?$AA?$DN?$AA?5?$AA0?$AA?$DP?$AA?$AN?$AA?6?$AA?$AA@|
> > > 0002c 00000000 DCD
> > >
>
|??_C@_1BO@FIKAIAKN@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> > > ?$AA?$DO?$AA?5?$AA0?$AA?$AN?$AA?6?$AA?$AA@|
> > > 00030 00000000 DCD |?y@?1??FindBug@@9@9|
> > > 00034 |$M14232|
> > >
> > > ENDP ; |FindBug|
> > >
> > > Danny
> > >
> > >
> > >
>
>
>

Top

Re: ARM compiler bug? by anonymous

anonymous
Wed Aug 03 18:49:02 CDT 2005

So, is this a problem for the compiler shipped with PB 5.0 ? Will there be a
QFE ?

Platform Builder users aren't necessary going to be compiling with a beta
from Visual Studion 2005, but we'll certainly want the fix !

""Russ Keldorph [MS]"" wrote:

> Yes, this is a compiler bug. It's being overzealous when folding the CMP
> into the SUB since it's not legal for the GT condition code. This is fixed
> in newer compilers such as Visual Studio 2005 Beta 2. One workaround, as
> you found, is to disable optimizations. It might also be possible in some
> instances to refactor the code such that the compiler can't perform the bad
> transformation.
>
> --
> Russ Keldorph
> russellk@online.microsoft.com (Remove the 'online.' from my address to
> reach me.)
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
> OR if you wish to include a script sample in your post please add "Use of
> included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm"
> --------------------
> > From: "Danny" <danny@nospam.com>
> > References: <eANjb13kFHA.2904@tk2msftngp13.phx.gbl>
> <B26A44B6-C293-4DF6-89F8-D88DDC27F2BF@microsoft.com>
> > Subject: Re: ARM compiler bug?
> > Date: Thu, 28 Jul 2005 11:45:39 -0400
> > Lines: 108
> > X-Priority: 3
> > X-MSMail-Priority: Normal
> > X-Newsreader: Microsoft Outlook Express 6.00.2800.1506
> > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506
> > Message-ID: <uSrjot4kFHA.2156@TK2MSFTNGP14.phx.gbl>
> > Newsgroups: microsoft.public.windowsce.platbuilder
> > NNTP-Posting-Host: 190.36.220-216.q9.net 216.220.36.190
> > Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP14.phx.gbl
> > Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsce.platbuilder:22471
> > X-Tomcat-NG: microsoft.public.windowsce.platbuilder
> >
> > Yes I have verified that.You will notice that I print out the value of z
> and
> > it is 0x7FFFFFFF.
> >
> > Your right that x is unsigned (and is really a very positive number), but
> > the conditions use by the ldr (ldrgt and ldrle) are signed greater than
> and
> > signed less than or equal. It is going to treat the previous conditions
> > flags as if they where signed values and not unsigned values.
> >
> >
> > "anonymous" <anonymous@discussions.microsoft.com> wrote in message
> > news:B26A44B6-C293-4DF6-89F8-D88DDC27F2BF@microsoft.com...
> > > "static unsigned int x = 0x80000000; // Very negative"
> > >
> > > This is an unsigned number and is +2147483648(dec).
> > >
> > > Have you verified that z is actually 0x7FFFFFFF ?
> > >
> > > "Danny" wrote:
> > >
> > > > Hi All,
> > > >
> > > > The following sample code gives me unexpected results.
> > > >
> > > > void FindBug()
> > > > {
> > > > static unsigned int x = 0x80000000; // Very negative
> > > > static unsigned int y = 1; // Positive
> > > > int z = x - y; // z = 0x7FFFFFFF
> > > > if (z > 0) {
> > > > OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
> > > > } else {
> > > > OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
> > > > }
> > > > }
> > > >
> > > > Looking at this code seems that I should get "z (0x7FFFFFFF) > 0",
> > however,
> > > > I actually get "z (0x7FFFFFFF) <= 0?".
> > > > I have attached the generated assembler file below. I have embedded
> some
> > > > comments in the assembler.
> > > >
> > > > 00000 |FindBug| PROC
> > > >
> > > > ; 37 : {
> > > >
> > > > 00000 |$L14233|
> > > > 00000 e52de004 str lr, [sp, #-4]!
> > > > 00004 |$M14231|
> > > >
> > > > ; 38 : static unsigned int x = 0x80000000; // Very negative
> > > > ; 39 : static unsigned int y = 1; // Positive
> > > > ; 40 : int z = x - y; // z = 0x7FFFFFFF
> > > >
> > > > 00004 e59f3024 ldr r3, [pc, #0x24]
> > > > 00008 e5932004 ldr r2, [r3, #4]
> > > > 0000c e5933000 ldr r3, [r3]
> > > > 00010 e0521003 subs r1, r2, r3
> > > >
> > > > ; 41 : if (z > 0) {
> > > > ; 42 : OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
> > > >
> > > > -> At this point z = 0x7FFFFFFF (positive number).
> > > >
> > > > 00014 c59f0010 ldrgt r0, [pc, #0x10]
> > > >
> > > > -> We expect the ldrgt to execute but it does not (ldrle does).
> > > > -> The condition for gt are Z = 0, N==V.
> > > > -> Z = 0 We pass the first condition.
> > > > -> N = 0 (bit 31) and V = 1 (overflow from negative to positive) We
> fail
> > the
> > > > second condition.
> > > > -> Therefore, N != V and the ldrgt (>) does not execute, even though
> > that is
> > > > what we expect.
> > > >
> > > > -> Looks like a compiler bug.
> > > >
> > > > ; 43 : } else {
> > > > ; 44 : OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
> > > >
> > > > 00018 d59f0008 ldrle r0, [pc, #8]
> > > > 0001c eb000000 bl NKDbgPrintfW
> > > >
> > > > ; 45 : }
> > > > ; 46 : }
> > > >
> > > > 00020 e49de004 ldr lr, [sp], #4
> > > > 00024 e12fff1e bx lr
> > > > 00028 |$L14236|
> > > > 00028 00000000 DCD
> > > >
> >
> |??_C@_1CC@EMHAJMPE@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> > > > ?$AA?$DM?$AA?$DN?$AA?5?$AA0?$AA?$DP?$AA?$AN?$AA?6?$AA?$AA@|
> > > > 0002c 00000000 DCD
> > > >
> >
> |??_C@_1BO@FIKAIAKN@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> > > > ?$AA?$DO?$AA?5?$AA0?$AA?$AN?$AA?6?$AA?$AA@|
> > > > 00030 00000000 DCD |?y@?1??FindBug@@9@9|
> > > > 00034 |$M14232|
> > > >
> > > > ENDP ; |FindBug|
> > > >
> > > > Danny
> > > >
> > > >
> > > >
> >
> >
> >
>
>
Top

Re: ARM compiler bug? by hel

hel
Thu Aug 04 06:05:17 CDT 2005

Can throw a static on your int z?

; 180 : static int z = x - y; // z = 0x7FFFFFFF

A lot more generated code, but sometimes, the
trade-off (more code vs. wrong code) is worth
it. It did not help to use 'unsigned int z', and
cast in the compare (not surprising, w/20/20).

D- [Wed, 3 Aug 2005 10:37:52 -0400]:
>I tried the cast and it does not make a difference. This problem is
>not seen

; 177 : static unsigned int x = 0x80000000; // Very negative
; 178 : static unsigned int y = 1; // Positive
; 179 : //int z = x - y; // z = 0x7FFFFFFF
; 180 : static int z = x - y; // z = 0x7FFFFFFF

00004 e59f4060 ldr r4, [pc, #0x60]
00008 e59fe058 ldr lr, [pc, #0x58]
0000c e5941000 ldr r1, [r4]
00010 e3110001 tst r1, #1
00014 1a000008 bne |$L33154|
00018 e59f3044 ldr r3, [pc, #0x44]
0001c e59f203c ldr r2, [pc, #0x3C]
00020 e3811001 orr r1, r1, #1
00024 e5930000 ldr r0, [r3]
00028 e5923000 ldr r3, [r2]
0002c e5841000 str r1, [r4]
00030 e0403003 sub r3, r0, r3
00034 e58e3000 str r3, [lr]
00038 ea000000 b |$L32057|
0003c |$L33154|
0003c e59e3000 ldr r3, [lr]
00040 |$L32057|

; 181 : if (z > 0) {

..............^ (z > 0 messagebox popped) when using static var

00040 e3530000 cmp r3, #0

; 182 : //MessageBox(NULL, L"z > 0", L"hiho", MB_OK | MB_SE...
; 183 : g = 1;

00044 e59f3010 ldr r3, [pc, #0x10]
00048 c3a02001 movgt r2, #1

; 184 : } else {
; 185 : //MessageBox(NULL, L"z <= 0", L"loho", MB_OK | MB_SE...
; 186 : g = 2;

0004c c5832000 strgt r2, [r3]
00050 d3a02002 movle r2, #2
00054 d5832000 strle r2, [r3]

--
40th Floor - Software @ http://40th.com/
iPlay : the ultimate audio player for mobiles
parametric eq, xfeed, reverb; all on a mobile
Top

Re: ARM compiler bug? by hel

hel
Thu Aug 04 06:10:06 CDT 2005

FWIW, the PB5 compiler 13.10.4091 of July 1 2004
does not have this right. Not new enough!

RK- [Wed, 03 Aug 2005 15:19:09 GMT]:
> This is fixed
>in newer compilers such as Visual Studio 2005 Beta 2.

--
40th Floor - Software @ http://40th.com/
iPlay : the ultimate audio player for mobiles
parametric eq, xfeed, reverb; all on a mobile
Top

Re: ARM compiler bug? by hel

hel
Thu Aug 04 06:39:31 CDT 2005

Or better yet, volatile. Same result, but back on the stack.
Volatile will always screw with that var's optimization. In
this case, great!

; 177 : static unsigned int x = 0x80000000; // Very negative
; 178 : static unsigned int y = 1; // Positive
; 179 : //int z = x - y; // z = 0x7FFFFFFF
; 180 : volatile int z = x - y; // z = 0x7FFFFFFF

00004 e59f3038 ldr r3, [pc, #0x38]
00008 e59f2030 ldr r2, [pc, #0x30]
0000c e5931000 ldr r1, [r3]
00010 e5923000 ldr r3, [r2]
00014 e0413003 sub r3, r1, r3
00018 e58d3000 str r3, [sp]

; 181 : if (z > 0) {

0001c e59d3000 ldr r3, [sp]
00020 e3530000 cmp r3, #0

; 182 : //MessageBox(NULL, L"z > 0", L"hiho", MB_OK | MB_SE...
; 183 : g = 1;

00024 e59f3010 ldr r3, [pc, #0x10]
00028 c3a02001 movgt r2, #1

; 184 : } else {
; 185 : //MessageBox(NULL, L"z <= 0", L"loho", MB_OK | MB_SE...
; 186 : g = 2;

0002c d3a02002 movle r2, #2
00030 e5832000 str r2, [r3]


hel@40th.com (hel@40th.com)[Thu, 04 Aug 2005 04:05:17 -0700]:
>Can throw a static on your int z?
>
> ; 180 : static int z = x - y; // z = 0x7FFFFFFF
>
>A lot more generated code, but sometimes, the
>trade-off (more code vs. wrong code) is worth
>it. It did not help to use 'unsigned int z', and
>cast in the compare (not surprising, w/20/20).
>
>D- [Wed, 3 Aug 2005 10:37:52 -0400]:
> >I tried the cast and it does not make a difference. This problem is
> >not seen
>
> ; 177 : static unsigned int x = 0x80000000; // Very negative
> ; 178 : static unsigned int y = 1; // Positive
> ; 179 : //int z = x - y; // z = 0x7FFFFFFF
> ; 180 : static int z = x - y; // z = 0x7FFFFFFF
>
> 00004 e59f4060 ldr r4, [pc, #0x60]
> 00008 e59fe058 ldr lr, [pc, #0x58]
> 0000c e5941000 ldr r1, [r4]
> 00010 e3110001 tst r1, #1
> 00014 1a000008 bne |$L33154|
> 00018 e59f3044 ldr r3, [pc, #0x44]
> 0001c e59f203c ldr r2, [pc, #0x3C]
> 00020 e3811001 orr r1, r1, #1
> 00024 e5930000 ldr r0, [r3]
> 00028 e5923000 ldr r3, [r2]
> 0002c e5841000 str r1, [r4]
> 00030 e0403003 sub r3, r0, r3
> 00034 e58e3000 str r3, [lr]
> 00038 ea000000 b |$L32057|
> 0003c |$L33154|
> 0003c e59e3000 ldr r3, [lr]
> 00040 |$L32057|
>
>; 181 : if (z > 0) {
>
> ..............^ (z > 0 messagebox popped) when using static var
>
> 00040 e3530000 cmp r3, #0
>
>; 182 : //MessageBox(NULL, L"z > 0", L"hiho", MB_OK | MB_SE...
>; 183 : g = 1;
>
> 00044 e59f3010 ldr r3, [pc, #0x10]
> 00048 c3a02001 movgt r2, #1
>
>; 184 : } else {
>; 185 : //MessageBox(NULL, L"z <= 0", L"loho", MB_OK | MB_SE...
>; 186 : g = 2;
>
> 0004c c5832000 strgt r2, [r3]
> 00050 d3a02002 movle r2, #2
> 00054 d5832000 strle r2, [r3]
>
>--
> 40th Floor - Software @ http://40th.com/
> iPlay : the ultimate audio player for mobiles
> parametric eq, xfeed, reverb; all on a mobile


--
40th Floor - Software @ http://40th.com/
iPlay : the ultimate audio player for mobiles
parametric eq, xfeed, reverb; all on a mobile
Top

Re: ARM compiler bug? by Danny

Danny
Mon Aug 08 08:19:00 CDT 2005

What versions of the compiler have this bug? All of them before VS2005? This
seems like a major problem because this type of operation is used all the
time when checking for wrap with unsigned ints. Just have a look through the
PQOAL timer library functions. Is MS being proactive and cheched shipped PB
code to see where else this bug may have caused issues, or will they only do
something as customers find the bugs for them?

Danny

""Russ Keldorph [MS]"" <russellk@online.microsoft.com> wrote in message
news:UmF216DmFHA.940@TK2MSFTNGXA01.phx.gbl...
> Yes, this is a compiler bug. It's being overzealous when folding the CMP
> into the SUB since it's not legal for the GT condition code. This is
fixed
> in newer compilers such as Visual Studio 2005 Beta 2. One workaround, as
> you found, is to disable optimizations. It might also be possible in some
> instances to refactor the code such that the compiler can't perform the
bad
> transformation.
>
> --
> Russ Keldorph
> russellk@online.microsoft.com (Remove the 'online.' from my address to
> reach me.)
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> OR if you wish to include a script sample in your post please add "Use of
> included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm"
> --------------------
> > From: "Danny" <danny@nospam.com>
> > References: <eANjb13kFHA.2904@tk2msftngp13.phx.gbl>
> <B26A44B6-C293-4DF6-89F8-D88DDC27F2BF@microsoft.com>
> > Subject: Re: ARM compiler bug?
> > Date: Thu, 28 Jul 2005 11:45:39 -0400
> > Lines: 108
> > X-Priority: 3
> > X-MSMail-Priority: Normal
> > X-Newsreader: Microsoft Outlook Express 6.00.2800.1506
> > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506
> > Message-ID: <uSrjot4kFHA.2156@TK2MSFTNGP14.phx.gbl>
> > Newsgroups: microsoft.public.windowsce.platbuilder
> > NNTP-Posting-Host: 190.36.220-216.q9.net 216.220.36.190
> > Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP14.phx.gbl
> > Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsce.platbuilder:22471
> > X-Tomcat-NG: microsoft.public.windowsce.platbuilder
> >
> > Yes I have verified that.You will notice that I print out the value of z
> and
> > it is 0x7FFFFFFF.
> >
> > Your right that x is unsigned (and is really a very positive number),
but
> > the conditions use by the ldr (ldrgt and ldrle) are signed greater than
> and
> > signed less than or equal. It is going to treat the previous conditions
> > flags as if they where signed values and not unsigned values.
> >
> >
> > "anonymous" <anonymous@discussions.microsoft.com> wrote in message
> > news:B26A44B6-C293-4DF6-89F8-D88DDC27F2BF@microsoft.com...
> > > "static unsigned int x = 0x80000000; // Very negative"
> > >
> > > This is an unsigned number and is +2147483648(dec).
> > >
> > > Have you verified that z is actually 0x7FFFFFFF ?
> > >
> > > "Danny" wrote:
> > >
> > > > Hi All,
> > > >
> > > > The following sample code gives me unexpected results.
> > > >
> > > > void FindBug()
> > > > {
> > > > static unsigned int x = 0x80000000; // Very negative
> > > > static unsigned int y = 1; // Positive
> > > > int z = x - y; // z = 0x7FFFFFFF
> > > > if (z > 0) {
> > > > OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
> > > > } else {
> > > > OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
> > > > }
> > > > }
> > > >
> > > > Looking at this code seems that I should get "z (0x7FFFFFFF) > 0",
> > however,
> > > > I actually get "z (0x7FFFFFFF) <= 0?".
> > > > I have attached the generated assembler file below. I have embedded
> some
> > > > comments in the assembler.
> > > >
> > > > 00000 |FindBug| PROC
> > > >
> > > > ; 37 : {
> > > >
> > > > 00000 |$L14233|
> > > > 00000 e52de004 str lr, [sp, #-4]!
> > > > 00004 |$M14231|
> > > >
> > > > ; 38 : static unsigned int x = 0x80000000; // Very negative
> > > > ; 39 : static unsigned int y = 1; // Positive
> > > > ; 40 : int z = x - y; // z = 0x7FFFFFFF
> > > >
> > > > 00004 e59f3024 ldr r3, [pc, #0x24]
> > > > 00008 e5932004 ldr r2, [r3, #4]
> > > > 0000c e5933000 ldr r3, [r3]
> > > > 00010 e0521003 subs r1, r2, r3
> > > >
> > > > ; 41 : if (z > 0) {
> > > > ; 42 : OALMSG(TRUE, (L"z (0x%X) > 0\r\n", z));
> > > >
> > > > -> At this point z = 0x7FFFFFFF (positive number).
> > > >
> > > > 00014 c59f0010 ldrgt r0, [pc, #0x10]
> > > >
> > > > -> We expect the ldrgt to execute but it does not (ldrle does).
> > > > -> The condition for gt are Z = 0, N==V.
> > > > -> Z = 0 We pass the first condition.
> > > > -> N = 0 (bit 31) and V = 1 (overflow from negative to positive) We
> fail
> > the
> > > > second condition.
> > > > -> Therefore, N != V and the ldrgt (>) does not execute, even though
> > that is
> > > > what we expect.
> > > >
> > > > -> Looks like a compiler bug.
> > > >
> > > > ; 43 : } else {
> > > > ; 44 : OALMSG(TRUE, (L"z (0x%X) <= 0?\r\n", z));
> > > >
> > > > 00018 d59f0008 ldrle r0, [pc, #8]
> > > > 0001c eb000000 bl NKDbgPrintfW
> > > >
> > > > ; 45 : }
> > > > ; 46 : }
> > > >
> > > > 00020 e49de004 ldr lr, [sp], #4
> > > > 00024 e12fff1e bx lr
> > > > 00028 |$L14236|
> > > > 00028 00000000 DCD
> > > >
> >
>
|??_C@_1CC@EMHAJMPE@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> > > > ?$AA?$DM?$AA?$DN?$AA?5?$AA0?$AA?$DP?$AA?$AN?$AA?6?$AA?$AA@|
> > > > 0002c 00000000 DCD
> > > >
> >
>
|??_C@_1BO@FIKAIAKN@?$AAz?$AA?5?$AA?$CI?$AA0?$AAx?$AA?$CF?$AAX?$AA?$CJ?$AA?5
> > > > ?$AA?$DO?$AA?5?$AA0?$AA?$AN?$AA?6?$AA?$AA@|
> > > > 00030 00000000 DCD |?y@?1??FindBug@@9@9|
> > > > 00034 |$M14232|
> > > >
> > > > ENDP ; |FindBug|
> > > >
> > > > Danny
> > > >
> > > >
> > > >
> >
> >
> >
>


Top