Re: [Tinycc-devel] test failures on win32 x86-64

[avih]

On Friday, October 14, 2022, 05:27:47 PM GMT+3, grischka <grishka@gmx.de> wrote:

>> and indeed, when tcc64 is compiled using tcc64 then on win10
>> s->sh_addr is ~22 bits, and all tests do pass _before_ d76e0323.
>
> Well, maybe behavior of malloc on Win10 has to do with the image-base
> of the process. (see objdump -x file.exe/dll | grep ImageBase)

To me this seems to suggest that the behavior depends on the specific
binary, but the printouts on win7/10 were with the _same_ binaries.
You can grab it from here https://0x0.st/ov4N.zip and examine for
instance addr.gcc-12-2.exe which prints a ~22 bits address on win7
but ~44 bits address on my win10.

> These can be set using -Wl,-image-base=0x..., for example
> $ gcc tcctest.c -g -I.. -O0 -w -o tcctest.exe -Wl,-image-base=0x400000

Again, it's an identical tcctest.gcc (at least as far as md5sum goes)
which fails at strncat1 on win10 but succeeds on win7.

> Ok, so it seems that it is tcctest.c compiled by gcc that crashes.
> Which means this problem specifically hasn't to do anything with tcc.

Yup, seems like it.

> $ gdb tcctest.exe
> > run
> > bt
> > disass
> > info reg

The printout below starts at the end of the "run" output.

- avih


[...]
---- asm_test ----

Thread 1 received signal SIGSEGV, Segmentation fault.
0x00007ff72b42b272 in strncat1 ()
(gdb) disass
Dump of assembler code for function strncat1:
0x00007ff72b42b234 <+0>: push %rbp
0x00007ff72b42b235 <+1>: push %rdi
0x00007ff72b42b236 <+2>: push %rsi
0x00007ff72b42b237 <+3>: sub $0x10,%rsp
0x00007ff72b42b23b <+7>: lea 0x10(%rsp),%rbp
0x00007ff72b42b240 <+12>: mov %rcx,0x20(%rbp)
0x00007ff72b42b244 <+16>: mov %rdx,0x28(%rbp)
0x00007ff72b42b248 <+20>: mov %r8,0x30(%rbp)
0x00007ff72b42b24c <+24>: mov 0x28(%rbp),%r8
0x00007ff72b42b250 <+28>: mov 0x20(%rbp),%r9
0x00007ff72b42b254 <+32>: mov $0x0,%eax
0x00007ff72b42b259 <+37>: mov $0xffffffff,%edx
0x00007ff72b42b25e <+42>: mov %r8,%rsi
0x00007ff72b42b261 <+45>: mov %r9,%rdi
0x00007ff72b42b264 <+48>: mov %edx,%ecx
0x00007ff72b42b266 <+50>: repnz scas %es:(%rdi),%al
0x00007ff72b42b268 <+52>: dec %edi
0x00007ff72b42b26a <+54>: mov 0x30(%rbp),%ecx
0x00007ff72b42b26d <+57>: dec %ecx
0x00007ff72b42b26f <+59>: js 0x7ff72b42b277 <strncat1+67>
0x00007ff72b42b271 <+61>: lods %ds:(%rsi),%al
=> 0x00007ff72b42b272 <+62>: stos %al,%es:(%rdi)
0x00007ff72b42b273 <+63>: test %al,%al
0x00007ff72b42b275 <+65>: jne 0x7ff72b42b26d <strncat1+57>
0x00007ff72b42b277 <+67>: xor %eax,%eax
0x00007ff72b42b279 <+69>: stos %al,%es:(%rdi)
0x00007ff72b42b27a <+70>: mov %ecx,%edx
0x00007ff72b42b27c <+72>: mov %edi,%r8d
0x00007ff72b42b27f <+75>: mov %esi,%r9d
0x00007ff72b42b282 <+78>: mov %r9d,-0x4(%rbp)
0x00007ff72b42b286 <+82>: mov %r8d,-0x8(%rbp)
0x00007ff72b42b28a <+86>: mov %eax,-0xc(%rbp)
0x00007ff72b42b28d <+89>: mov %edx,-0x10(%rbp)
0x00007ff72b42b290 <+92>: mov 0x20(%rbp),%rax
0x00007ff72b42b294 <+96>: add $0x10,%rsp
0x00007ff72b42b298 <+100>: pop %rsi
0x00007ff72b42b299 <+101>: pop %rdi
0x00007ff72b42b29a <+102>: pop %rbp
0x00007ff72b42b29b <+103>: ret
End of assembler dump.
(gdb) info reg
rax 0x20 32
rbx 0x1 1
rcx 0x2 2
rdx 0xffffffff 4294967295
rsi 0x7ff72b431fdd 140699559469021
rdi 0xcb9ff955 3416258901
rbp 0x4ecb9ff8f0 0x4ecb9ff8f0
rsp 0x4ecb9ff8e0 0x4ecb9ff8e0
r8 0x7ff72b431fdc 140699559469020
r9 0x4ecb9ff950 338423707984
r10 0x0 0
r11 0x246 582
r12 0x1 1
r13 0x169230214a0 1551070532768
r14 0x16923021440 1551070532672
r15 0x0 0
rip 0x7ff72b42b272 0x7ff72b42b272 <strncat1+62>
eflags 0x10202 [ IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x2b 43
es 0x2b 43
fs 0x53 83
gs 0x2b 43
(gdb)