Re: required memchr behavior

[Eric Blake]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

According to Matthew Woehlke on 5/29/2009 6:19 PM:
>> the replacement will be C code that scans an aligned word at a
>> time, similar to how it is already done in memchr2.c.  Not quite as
>> efficient as hand-tuned assembly, but hands down faster than a byte at
>> a time.
> 
> ...but the original question was, is scanning a word at a time
> guaranteed to be safe? I assume "yes" on the reasoning that you can't
> have some bytes valid in an aligned word and others not? (And further,
> you interpret this as not-forbidden by the new reading?)

For every architecture we know out there, memory protection is provided
with page granularity.  Therefore, if an allocated byte is safe to read,
then you can also read every byte in that page; and as long as your
program doesn't make decisions based on the contents of bytes that fall
beyond array bounds, the as-if rule has not been violated.  And since
pages are aligned on a multiple of a word boundary, it is safe in practice
to read words at a time, where the last word can exceed the array bounds,
as long as those reads are aligned, because those reads will not cross a
page boundary.  However, it may require a .valgrind file to inform
analysis tools that we know what we are doing when such reads end up
visiting uninitialized memory.

If someone ever builds an architecture where memory protection has a finer
granularity than page boundaries, then we'll have to worry.  But that
seems unlikely to happen.

- --
Don't work too hard, make some time for fun as well!

Eric Blake             address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Public key at home.comcast.net/~ericblake/eblake.gpg
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkogqjoACgkQ84KuGfSFAYA4DACaArLYQrI/NgJRluS2FESdxBOI
sfcAoNlfyi6q8LgL2p+pVVS+xcxltPRl
=WIhX
-----END PGP SIGNATURE-----