Update: I have found an input that is accepted by GCC, accepted by Clang, and that makes TCC use the variable n uninitialized in function post_type.
On 08 Mar 2019, at 20:06, Pascal Cuoq <[email protected]<mailto:[email protected]>> wrote: the simplest way to make this problem visible is to instrument the functions type_decl and post_type: diff --git a/tccgen.c b/tccgen.c index 87ec798..7fa6c72 100644 --- a/tccgen.c +++ b/tccgen.c @@ -4374,7 +4374,7 @@ static int post_type(CType *type, AttributeDef *ad, int storage, int td) Sym **plast, *s, *first; AttributeDef ad1; CType pt; - + n = 0xf00f0011; if (tok == '(') { /* function type, or recursive declarator (return if so) */ next(); @@ -4410,6 +4410,7 @@ static int post_type(CType *type, AttributeDef *ad, int storage, int td) } convert_parameter_type(&pt); arg_size += (type_size(&pt, &align) + PTR_SIZE - 1) / PTR_SIZE; + if (n == 0xf00f0011) printf("using n uninitialized\n"); s = sym_push(n | SYM_FIELD, &pt, 0, 0); *plast = s; plast = &s->next; @@ -4583,7 +4584,7 @@ static CType *type_decl(CType *type, AttributeDef *ad, int *v, int td) parse_attribute(ad); post = type_decl(type, ad, v, td); skip(')'); - } + } else printf("*v left uninitialized\n"); } else if (tok >= TOK_IDENT && (td & TYPE_DIRECT)) { /* type identifier */ *v = tok; The function post_type declares an automatic variable n and does not initialize it. Setting it to 0xf00f0011 allows to see that it has not been assigned when it is used later in this function (ored with SYM_FIELD and passed as argument to the function sym_push). When “using n uninitialized” is printed in the instrumented version of TCC, it means that n would have been used uninitialized in the uninstrumented version of the compiler. I have not found any syntactically correct input that caused “*v left uninitialized” to be printed but not “using n uninitialized”, so a solution *might* be to make TCC error out at the point where I made it print out “*v left uninitialized”, but this is for someone with better understanding of the code than me to decide. A better input for demonstrating the problem (valid C compilation unit) is as follows: $ cat cr.i int f(const char *()); $ clang -Wall -c cr.i $ gcc -Wall -c cr.i $ ./tcc -c cr.i *v left uninitialized using n uninitialized
_______________________________________________ Tinycc-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/tinycc-devel
