Am 28.02.2012 23:06, schrieb Marc Jones:
I found this bug building tint with libpayload. libpayload is built with defconfig and using the same coreboot crosstools gcc. The bug happens in the first call to alloc() when the first header of the first region is installed. The header memory location is checked, found to be 0, and then loaded with the header. The bug is that the original value of the location is used after the memory was updated. It should have been reloaded. It is pretty easy to see in the disassembly below.
workaround: mark setup() __attribute__((noinline))
The proper fix is to clean up the various casts so the aliasing based optimizations in gcc do the right thing.
Patrick