3.28 Another heisenbug.
.L18:
imul esi, ecx
mov edx, esi
add eax, edx
lea ebx, [rax+rcx]
cmp eax, ebx
jge .L14
mov DWORD PTR [rbp-20], eax
.L17:
mov eax, DWORD PTR [rbp-20]
mov edi, eax
call check_nonce
add DWORD PTR [rbp-20], 1
cmp DWORD PTR [rbp-20], ebx
jl .L17
jmp .L14
.L15:
mov eax, 0
add ecx, 1
jmp .L18
.L14:
add rsp, 40
pop rbx
pop rbp
ret
Here we see the division clearly: by callingomp_get_num_threads()andomp_get_thread_num()
we get the number of threads running, and also the current thread’s number, and then determine the
loop’s interval. Then we runcheck_nonce().
GCC also inserted theLOCK ADD
instruction right in the code, unlike MSVC, which generated a call to a separate DLL function:
Listing 3.127: GCC 4.8.1
lock add DWORD PTR checked[rip], 1
call GOMP_critical_start
mov ecx, DWORD PTR checked[rip]
mov edx, 351843721
mov eax, ecx
imul edx
sar edx, 13
mov eax, ecx
sar eax, 31
sub edx, eax
mov eax, edx
imul eax, eax, 100000
sub ecx, eax
mov eax, ecx
test eax, eax
jne .L7
mov eax, DWORD PTR checked[rip]
mov esi, eax
mov edi, OFFSET FLAT:.LC2 ; "checked=%d\n"
mov eax, 0
call printf
.L7:
call GOMP_critical_end
The functions prefixed with GOMP are from GNU OpenMP library. Unlike vcomp*.dll, its source code is
freely available:GitHub.
3.28 Another heisenbug
Sometimes, array (or buffer) can overflow due tofencepost error: