[coreboot] Ouch: romcc "x[0] |= something" patch causes another crash

Stefan Reinauer stepan at coresystems.de
Mon Mar 15 11:19:22 CET 2010 

On 3/15/10 10:59 AM, Patrick Georgi wrote:
> Am 15.03.2010 03:32, schrieb Keith Hui:
>   
>> > Hi all,
>> > 
>> > I regret to report that the romcc patch circulated earlier to fix the
>> > segfault I reported, is now causing another segfault. This also seems to
>> > be triggered by something in the 440BX code, as it didn't segfault when
>> > I compile for any mainboards that isn't 440BX. As of now I don't know
>> > what this new segfault is. I'll report back with more findings.
>>     
> It seems the problem was that copy_triple() isn't supposed to be used on
> flattened (and simple) nodes.
> I built a simple test case that failed:
> void main(void) {
>         int c = 0;
>         c |= 4;
> }
>
> With the attached patch, this testcase, your testcase, and a full abuild
> run work.
>
> Signed-off-by: Patrick Georgi <patrick.georgi at coresystems.de>
>   
I can't really verify if this is the correct thing to do, but since it
fixes abuild...

Acked-by: Stefan Reinauer <stepan at coresystems.de>


> 20100315-2-romcc
>
>
> Index: util/romcc/romcc.c
> ===================================================================
> --- util/romcc/romcc.c	(Revision 5210)
> +++ util/romcc/romcc.c	(Arbeitskopie)
> @@ -11557,7 +11557,7 @@
>  
>  static struct triple *assignment_expr(struct compile_state *state)
>  {
> -	struct triple *def, *left, *right;
> +	struct triple *def, *left, *left2, *right;
>  	int tok, op, sign;
>  	/* The C grammer in K&R shows assignment expressions
>  	 * only taking unary expressions as input on their
> @@ -11578,6 +11578,9 @@
>  	 */
>  	def = conditional_expr(state);
>  	left = def;
> +	left2 = left;
> +	if (!(left2->id & TRIPLE_FLAG_FLATTENED))
> +		left2 = copy_triple(state, left2);
>  	switch((tok = peek(state))) {
>  	case TOK_EQ:
>  		lvalue(state, left);
> @@ -11603,19 +11606,19 @@
>  		}
>  		def = write_expr(state, left,
>  			triple(state, op, left->type, 
> -				read_expr(state, copy_triple(state, left)), right));
> +				read_expr(state, left2), right));
>  		break;
>  	case TOK_PLUSEQ:
>  		lvalue(state, left);
>  		eat(state, TOK_PLUSEQ);
>  		def = write_expr(state, left,
> -			mk_add_expr(state, copy_triple(state, left), assignment_expr(state)));
> +			mk_add_expr(state, left2, assignment_expr(state)));
>  		break;
>  	case TOK_MINUSEQ:
>  		lvalue(state, left);
>  		eat(state, TOK_MINUSEQ);
>  		def = write_expr(state, left,
> -			mk_sub_expr(state, copy_triple(state, left), assignment_expr(state)));
> +			mk_sub_expr(state, left2, assignment_expr(state)));
>  		break;
>  	case TOK_SLEQ:
>  	case TOK_SREQ:
> @@ -11639,7 +11642,7 @@
>  		}
>  		def = write_expr(state, left,
>  			triple(state, op, left->type, 
> -				read_expr(state, copy_triple(state,left)), right));
> +				read_expr(state, left2), right));
>  		break;
>  	}
>  	return def;
>   
>
>
> -- coreboot mailing list: coreboot at coreboot.org
> http://www.coreboot.org/mailman/listinfo/coreboot


-- 
coresystems GmbH . Brahmsstr. 16 . D-79104 Freiburg i. Br.
      Tel.: +49 761 7668825 . Fax: +49 761 7664613
Email: info at coresystems.de  . http://www.coresystems.de/
Registergericht: Amtsgericht Freiburg . HRB 7656
Geschäftsführer: Stefan Reinauer . Ust-IdNr.: DE245674866

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20100315/eb4c46c8/attachment.html>

More information about the coreboot mailing list