gcc 4.1.3 (netbsd-5-1) ARM compiler bug

To: port-arm%netbsd.org@localhost, tech-toolchain%netbsd.org@localhost
Subject: gcc 4.1.3 (netbsd-5-1) ARM compiler bug
From: Ignatios Souvatzis <is%netbsd.org@localhost>
Date: Sat, 5 Nov 2011 22:23:40 +0100

Hi,

I'm hunting down why wip/hplip3 gets a SIGBUS for me. Semms like
an odd address is the base address of some structure with pointers
in it that are read in read_buf_close(). Putting some assert() into
a type-casting macro used to initialize that address didn't change
anything, so it seems the casted structure itself is aligned, but
looking closer than yesterday at the BUSsing function and its caller
I found:

gdb) print g
$5 = (PJDEC_INST) 0x203ab000
(gdb) down
#0  0x202bce14 in read_buf_close (g=0x203ac269) at ip/xjpg_dec.c:355
355     }
(gdb) print g
$6 = (PJDEC_INST) 0x203ac269
(gdb) up
#1  0x202befbc in jpgDecode_getActualTraits (hXform=<value optimized out>, 
    dwInputAvail=<value optimized out>, pbInputBuf=0x203ac000 "ÿØÿà", 
    pdwInputUsed=0xefffdd54, pdwInputNextPos=0xefffdd4c, pInTraits=0x203a0094, 
    pOutTraits=0x203a00b4) at ip/xjpg_dec.c:2475
2475        *pdwInputNextPos = g->dwInNextPos = *pdwInputUsed = read_buf_close 
(g);
(gdb) print g
$8 = (PJDEC_INST) 0x203ab000

somehow interesting is:

(gdb) print *g
...
  rd_bit_buf = 0, rd_bits_avail = 0, rd_inbuf_beg = 0x203ac000 "ÿØÿà", 
  rd_inbuf_next = 0x203ac269 
"ôý9BiÖª\017H\220\016}\205^\037SùÕ+\021\213+qé\032ÿ"
...

and that the called function does nothing but

354         return g->rd_inbuf_next - g->rd_inbuf_beg;

...

So... it puts g->rd_inbuf_next into where it expects to read g for
the next indirection? Let's look at the object code. There it is:

...
xjpg_dec.o:     file format elf32-littlearm

Disassembly of section .text:
...
0000000c <read_buf_close>:
       c:       e59008f8        ldr     r0, [r0, #2296]
      10:       e59038f4        ldr     r3, [r0, #2292]
      14:       e0430000        sub     r0, r3, r0
      18:       e1a0f00e        mov     pc, lr

(The correct code would be:
       c:       e59038f4        ldr     r3, [r0, #2292]
      10:       e59008f8        ldr     r0, [r0, #2296]
      14:       e0430000        sub     r0, r3, r0
      18:       e1a0f00e        mov     pc, lr
)

Compiler flags where -g -O2, bus error also appeared without -g in the
same function.

Do we still care about 4.1.3 compiler errors? Should I send-pr?

        -is

Follow-Ups:
- Re: gcc 4.1.3 (netbsd-5-1) ARM compiler bug
  - From: Ignatios Souvatzis

Prev by Date: Re: GCC 4.5.3 breaks sandpoint's altboot
Next by Date: Re: gcc 4.1.3 (netbsd-5-1) ARM compiler bug
Previous by Thread: GCC 4.5.3 breaks sandpoint's altboot
Next by Thread: Re: gcc 4.1.3 (netbsd-5-1) ARM compiler bug
Indexes:

Home | Main Index | Thread Index | Old Index