[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Tinycc-devel] VLAs broken on mob branch
|
From: |
Pip Cet |
|
Subject: |
Re: [Tinycc-devel] VLAs broken on mob branch |
|
Date: |
Mon, 27 Apr 2015 13:07:09 +0000 |
Thanks again for testing. I have a test case now that blows up for me
on both i386 and x86_64, with changes 1,2,3 applied:
void f(int argc)
{
char test[argc];
if(0)
label:
printf("boom!\n");
goto label;
}
(full file attached). Similar versions with the label in the else
clause or a switch statement also cause segfaults (the short example
above strikes me as unusual syntax, but it's perfectly ordinary to use
the equivalent in a switch statement). The generated code looks like
this (i386):
6 if(0)
0x08048261 <+31>: e9 14 00 00 00 jmp 0x804827a <f+56>
7 label:
0x08048266 <+36>: 89 65 f0 mov %esp,-0x10(%ebp)
0x08048269 <+39>: 8b 65 f0 mov -0x10(%ebp),%esp
8 printf("boom!\n");
0x0804826c <+42>: b8 64 94 04 08 mov $0x8049464,%eax
=> 0x08048271 <+47>: 50 push %eax
0x08048272 <+48>: e8 a9 01 00 00 call 0x8048420 <printf>
0x08048277 <+53>: 83 c4 04 add $0x4,%esp
9 goto label;
0x0804827a <+56>: 8b 65 f4 mov -0xc(%ebp),%esp
0x0804827d <+59>: eb ea jmp 0x8048269 <f+39>
The assumption the VLA code appears to make is that we always reach a
label in the program's control flow if we reach it in the code
generator, which is obviously wrong. So either we need to apply change
4, or we need to go after every gjmp(), gtst(), and gvtst() to ensure
they call vla_sp_save() if there's any chance the block of code they
skip contains a label...and since a statement expression can pop up in
any expression, I think that's nearly always the case.
Let's go for correctness over performance for now and apply change 4?
On Mon, Apr 27, 2015 at 6:13 AM, Sergey Korshunoff <address@hidden> wrote:
>> Just tested: on x86 a problem is fixed by changes for case 1..3, i.e.
>> w/o additional vla_sp_save().
>
>>Can you verify this with the exact same tree that's giving me
>>trouble? The bug doesn't always occur, but it does occur for me on the
>>"broken" branch at "git clone address@hidden:pipcet/tinycc.git -b
>> broken"
>
> No problem with this branch on x86
>
> _______________________________________________
> Tinycc-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/tinycc-devel
vlatest4.c
Description: Text Data
- Re: [Tinycc-devel] VLAs broken on mob branch, (continued)
- Re: [Tinycc-devel] VLAs broken on mob branch, Pip Cet, 2015/04/25
- Re: [Tinycc-devel] VLAs broken on mob branch, Sergey Korshunoff, 2015/04/25
- Re: [Tinycc-devel] VLAs broken on mob branch, Sergey Korshunoff, 2015/04/26
- Re: [Tinycc-devel] VLAs broken on mob branch, Pip Cet, 2015/04/27
- Re: [Tinycc-devel] VLAs broken on mob branch, Sergey Korshunoff, 2015/04/27
- Re: [Tinycc-devel] VLAs broken on mob branch,
Pip Cet <=
- Re: [Tinycc-devel] VLAs broken on mob branch, Sergey Korshunoff, 2015/04/27
- Re: [Tinycc-devel] VLAs broken on mob branch, Pip Cet, 2015/04/27
- Re: [Tinycc-devel] VLAs broken on mob branch, Sergey Korshunoff, 2015/04/28
- Re: [Tinycc-devel] VLAs broken on mob branch, Pip Cet, 2015/04/28
- Re: [Tinycc-devel] VLAs broken on mob branch, Sergey Korshunoff, 2015/04/28
- Re: [Tinycc-devel] VLAs broken on mob branch, Pip Cet, 2015/04/28
- Re: [Tinycc-devel] VLAs broken on mob branch, Sergey Korshunoff, 2015/04/28
- Re: [Tinycc-devel] VLAs broken on mob branch, Sergey Korshunoff, 2015/04/28
- Re: [Tinycc-devel] VLAs broken on mob branch, Pip Cet, 2015/04/28
- Re: [Tinycc-devel] VLAs broken on mob branch, Sergey Korshunoff, 2015/04/28