Re: [coreboot] romcc segfaults; serious help needed

Thu, 11 Mar 2010 03:00:49 -0800 

Am 11.03.2010 04:25, schrieb Keith Hui:
> Hi guys,
> 
> I posted a new 440BX RAM init code a few days ago that was segfaulting
> romcc, and I didn't get any response.
> 
> In the meantime I have narrowed the cause to this code fragment, with
> enough wrapper added so it can be fed to romcc on its own:
Thank you for the test case, I could reproduce the crash.

Attached patch fixes the romcc segfaults when using the |=, +=, ^=
operators on array fields and produces reasonably looking code.

I did some tests to verify that the behaviour didn't change, but your
test case compiles to no code (except some useless jmp instructions) as
it has no side effects, so I can only verify it builds.
Please test it on your real world code.

Signed-off-by: Patrick Georgi <[email protected]>

Index: util/romcc/romcc.c
===================================================================
--- util/romcc/romcc.c  (revision 5200)
+++ util/romcc/romcc.c  (working copy)
@@ -1896,12 +1896,16 @@
                return;
        if (!user)
                return;
-       ptr = &used->use;
-       while(*ptr) {
-               if ((*ptr)->member == user) {
-                       return;
+       if (used->use == (void*)-1)
+               used->use = 0;
+       if (used->use) {
+               ptr = &used->use;
+               while(*ptr) {
+                       if ((*ptr)->member == user) {
+                               return;
+                       }
+                       ptr = &(*ptr)->next;
                }
-               ptr = &(*ptr)->next;
        }
        /* Append new to the head of the list, 
         * copy_func and rename_block_variables
@@ -11599,19 +11603,19 @@
                }
                def = write_expr(state, left,
                        triple(state, op, left->type, 
-                               read_expr(state, left), right));
+                               read_expr(state, copy_triple(state, left)), 
right));
                break;
        case TOK_PLUSEQ:
                lvalue(state, left);
                eat(state, TOK_PLUSEQ);
                def = write_expr(state, left,
-                       mk_add_expr(state, left, assignment_expr(state)));
+                       mk_add_expr(state, copy_triple(state, left), 
assignment_expr(state)));
                break;
        case TOK_MINUSEQ:
                lvalue(state, left);
                eat(state, TOK_MINUSEQ);
                def = write_expr(state, left,
-                       mk_sub_expr(state, left, assignment_expr(state)));
+                       mk_sub_expr(state, copy_triple(state, left), 
assignment_expr(state)));
                break;
        case TOK_SLEQ:
        case TOK_SREQ:
@@ -11635,7 +11639,7 @@
                }
                def = write_expr(state, left,
                        triple(state, op, left->type, 
-                               read_expr(state, left), right));
+                               read_expr(state, copy_triple(state,left)), 
right));
                break;
        }
        return def;

-- 
coreboot mailing list: [email protected]
http://www.coreboot.org/mailman/listinfo/coreboot

Reply via email to