tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Bug in NetBSD compiler or "bus.h" header file crashes my ISDN4BSD
On Sunday 16 March 2008, Andrew Doran wrote:
> the
> bus_space methods are implememented as assembly stubs on x86 and so don't
> have this problem.
>
Hi Andrew,
That is exactly the problem. The assembly stubs produce corrupt code! I don't
think that you realise the seriousness of this issue. Let me give you three
code examples which I compiled on NetBSD 4.0 (i386 branch). The two first
examples produce corrupt code, and it is not obvious to anyone why.
void
do_io_000(bus_space_tag_t t, bus_space_handle_t h, void *ptr, uint16_t offset,
uint8_t len)
{
bus_space_write_multi_1(t, h, offset, ptr, len);
}
void
do_io_001(bus_space_tag_t t, bus_space_handle_t h, void *ptr, uint16_t offset,
uint16_t len)
{
bus_space_write_multi_2(t, h, offset, ptr, len);
}
void
do_io_002(bus_space_tag_t t, bus_space_handle_t h, void *ptr, uint16_t offset,
uint32_t len)
{
bus_space_write_multi_4(t, h, offset, ptr, len);
}
Here is the generated Assembly code on NetBSD. See my comments in the code.
00000000 <do_io_000>:
0: 55 push %ebp
1: 89 e5 mov %esp,%ebp
3: 56 push %esi
4: 53 push %ebx
5: 8b 5d 0c mov 0xc(%ebp),%ebx
8: 8b 75 10 mov 0x10(%ebp),%esi
b: 8b 45 14 mov 0x14(%ebp),%eax
e: 8a 4d 18 mov 0x18(%ebp),%cl //len parameter
11: 8b 55 08 mov 0x8(%ebp),%edx
14: 85 d2 test %edx,%edx
// the following test checks for memory mapped I/O
16: 75 10 jne 28 <do_io_000+0x28>
18: 0f b7 d0 movzwl %ax,%edx
1b: 8d 14 13 lea (%ebx,%edx,1),%edx
// this instruction is very important
1e: 0f b6 c9 movzbl %cl,%ecx
21: fc cld
22: f3 6e repz outsb %ds:(%esi),(%dx)
24: 5b pop %ebx
25: 5e pop %esi
26: c9 leave
27: c3 ret
28: 0f b7 c0 movzwl %ax,%eax
2b: 01 d8 add %ebx,%eax
2d: 89 c2 mov %eax,%edx
2f: fc cld
30: ac lods %ds:(%esi),%al
31: 88 02 mov %al,(%edx)
// OOOPS! We are looping on %ecx, but only %cl was initialised - why ?
// Either the "bus_space_" macros on NetBSD 3+4 are wrong or the
// compiler is wrong!
33: e2 fb loop 30 <do_io_000+0x30>
35: 5b pop %ebx
36: 5e pop %esi
37: c9 leave
38: c3 ret
39: 8d 76 00 lea 0x0(%esi),%esi
0000003c <do_io_001>:
3c: 55 push %ebp
3d: 89 e5 mov %esp,%ebp
3f: 56 push %esi
40: 53 push %ebx
41: 8b 5d 0c mov 0xc(%ebp),%ebx
44: 8b 75 10 mov 0x10(%ebp),%esi
47: 8b 45 14 mov 0x14(%ebp),%eax
4a: 8b 4d 18 mov 0x18(%ebp),%ecx
4d: 8b 55 08 mov 0x8(%ebp),%edx
50: 85 d2 test %edx,%edx
52: 75 14 jne 68 <do_io_001+0x2c>
54: 0f b7 d0 movzwl %ax,%edx
57: 8d 14 13 lea (%ebx,%edx,1),%edx
5a: 0f b7 c9 movzwl %cx,%ecx
5d: fc cld
5e: f3 66 6f repz outsw %ds:(%esi),(%dx)
61: 5b pop %ebx
62: 5e pop %esi
63: c9 leave
64: c3 ret
65: 8d 76 00 lea 0x0(%esi),%esi
68: 0f b7 c0 movzwl %ax,%eax
6b: 01 d8 add %ebx,%eax
6d: 89 c2 mov %eax,%edx
6f: fc cld
70: 66 ad lods %ds:(%esi),%ax
72: 66 89 02 mov %ax,(%edx)
75: e2 f9 loop 70 <do_io_001+0x34>
77: 5b pop %ebx
78: 5e pop %esi
79: c9 leave
7a: c3 ret
7b: 90 nop
0000007c <do_io_002>:
7c: 55 push %ebp
7d: 89 e5 mov %esp,%ebp
7f: 56 push %esi
80: 53 push %ebx
81: 8b 5d 0c mov 0xc(%ebp),%ebx
84: 8b 75 10 mov 0x10(%ebp),%esi
87: 8b 4d 18 mov 0x18(%ebp),%ecx
8a: 8b 45 14 mov 0x14(%ebp),%eax
8d: 8b 55 08 mov 0x8(%ebp),%edx
90: 85 d2 test %edx,%edx
92: 75 10 jne a4 <do_io_002+0x28>
94: 0f b7 d0 movzwl %ax,%edx
97: 8d 14 13 lea (%ebx,%edx,1),%edx
9a: fc cld
9b: f3 6f repz outsl %ds:(%esi),(%dx)
9d: 5b pop %ebx
9e: 5e pop %esi
9f: c9 leave
a0: c3 ret
a1: 8d 76 00 lea 0x0(%esi),%esi
a4: 0f b7 c0 movzwl %ax,%eax
a7: 01 d8 add %ebx,%eax
a9: 89 c2 mov %eax,%edx
ab: fc cld
ac: ad lods %ds:(%esi),%eax
ad: 89 02 mov %eax,(%edx)
af: e2 fb loop ac <do_io_002+0x30>
b1: 5b pop %ebx
b2: 5e pop %esi
b3: c9 leave
b4: c3 ret
What do you think?
--HPS
Home |
Main Index |
Thread Index |
Old Index