NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: toolchain/45837: perl is miscompiled on sparc64-current
The following reply was made to PR toolchain/45837; it has been noted by GNATS.
From: christos%zoulas.com@localhost (Christos Zoulas)
To: gnats-bugs%NetBSD.org@localhost, toolchain-manager%netbsd.org@localhost,
gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
Cc:
Subject: Re: toolchain/45837: perl is miscompiled on sparc64-current
Date: Sun, 15 Jan 2012 11:20:45 -0500
On Jan 15, 8:05am, martin%NetBSD.org@localhost (martin%NetBSD.org@localhost)
wrote:
-- Subject: toolchain/45837: perl is miscompiled on sparc64-current
| >Number: 45837
| >Category: toolchain
| >Synopsis: perl is miscompiled on sparc64-current
| >Confidential: no
| >Severity: serious
| >Priority: medium
| >Responsible: toolchain-manager
| >State: open
| >Class: sw-bug
| >Submitter-Id: net
| >Arrival-Date: Sun Jan 15 08:05:00 +0000 2012
| >Originator: Martin Husemann
| >Release: NetBSD 5.99.59
| >Organization:
| The NetBSD Foundation, Inc.
| >Environment:
| System: NetBSD nelly.aprisoft.de 5.99.59 NetBSD 5.99.59 (NELLY.MP) #186: Fri
Jan 13 12:43:00 CET 2012
martin%emmas.aprisoft.de@localhost:/nelly/usr/src/sys/arch/sparc64/compile/NELLY.MP
sparc64
| Architecture: sparc64
| Machine: sparc64
| >Description:
|
| When perl compiles a perl regexp and midway finds a UTF8 encoded part inside
| the pattern it dies with a core dump due to a NULL pointer dereference.
|
| The problem hits in perl regcomp.s line 4563:
|
| 4560 /****************** LONG JUMP TARGET HERE***********************/
| 4561 /* Longjmp back to here if have to switch in midstream to utf8 */
| 4562 if (! RExC_orig_utf8) {
| 4563 JMPENV_PUSH(jump_ret);
| 4564 used_setjump = TRUE;
| 4565 }
|
| The macro JMPENV_PUSH is used in excepiton handling/unwinding and does
| this:
|
| #define JMPENV_PUSH(v) \
| STMT_START { \
| DEBUG_l({ \
| int i = 0; JMPENV *p = PL_top_env; \
| while (p) { i++; p = p->je_prev; } \
| Perl_deb(aTHX_ "JUMPENV_PUSH level=%d at %s:%d\n", \
| i, __FILE__, __LINE__);}) \
| cur_env.je_prev = PL_top_env; \
| OP_REG_TO_MEM; \
| cur_env.je_ret = PerlProc_setjmp(cur_env.je_buf,
SCOPE_SAVES_SIGNAL_M$
| OP_MEM_TO_REG; \
| PL_top_env = &cur_env; \
| cur_env.je_mustcatch = FALSE; \
| (v) = cur_env.je_ret; \
| } STMT_END
|
|
| Finally PerlProc_setjmp is a sigsetjmp(). Now the compiler generates this
| code for the above invocation:
|
| 0x4058f89c <Perl_re_compile+988>: ldx [ %i0 + 0x270 ], %g1
| 0x4058f8a0 <Perl_re_compile+992>: add %fp, 0x69f, %o0
| 0x4058f8a4 <Perl_re_compile+996>: clr %o1
| 0x4058f8a8 <Perl_re_compile+1000>: call 0x40780520 <__sigsetjmp14@plt>
| 0x4058f8ac <Perl_re_compile+1004>: stx %g1, [ %fp + 0x697 ]
| 0x4058f8b0 <Perl_re_compile+1008>: add %fp, 0x697, %g1
| 0x4058f8b4 <Perl_re_compile+1012>: st %o0, [ %fp + 0x717 ]
| 0x4058f8b8 <Perl_re_compile+1016>: andcc %o0, 0xff, %o1
| => 0x4058f8bc <Perl_re_compile+1020>: stx %g1, [ %i0 + 0x270 ]
|
| All fine, but after calling sigsetjmp, %i0 should be considered clobbered
| as it is caller-saved. Still it just uses it in the marked instructions
| and dies - because it is NULL now.
|
| Am I missing something?
Try sprinking volatile...
christos
Home |
Main Index |
Thread Index |
Old Index