In revision 8834, regression test bug-136564 fails with an invalid instruction on stm8. Register A has a live value and so is pushed when it is also needed for a comparison. However, it is only popped on one of the execution paths which leads to local variable corruption, stack overflow, and eventually the invalid instruction.
; gen/stm8/bug-136564/bug-136564.c: 40: while (c != 'x' && i < 9 )
; genLabel
00120$:
; genAssign
clr a
; genLabel
00104$:
; genCmpEQorNE
push a
ld a, _foo_c_1_7+0
cp a, #0x78
jrne 00151$
pop a
jra 00123$
; peephole j5 changed absolute to relative unconditional jump.
00151$:
; skipping generated iCode
; genCmp
cp a, #0x09
Interestingly, it doesn't fail for me (maybe the path isn't executed) or in the snapshot regression testing. But I can see that the generated code is broken and In eed to fix genCmpEQorNE().
Philipp
I suppose this is one of the reasons that we have the regression tests running on so many different platforms. One of the things I noticed when the hc08 backend was switched over to your register allocator was that the generated code was not the same on all the systems of our DCF. When there are several register assignment alternatives that have equal cost, the one that is actually used depends on the internal implementation of the data structure class.
I have found it useful to occasionally temporarily modify the dry run cost computation to add small random numbers to the actual cost. Of course, this makes the generated code less optimal, but it has helped me find some cases that the code generator had not been handling correctly that were not detected during normal operation because the trickier cases tend to have a somewhat higher cost and so are normally avoided (and thus left untested).
Erik
From: Philipp Klaus Krause [spth@users.sf.net]
Sent: Thursday, September 05, 2013 3:00 AM
To: [sdcc:bugs]
Subject: [sdcc:bugs] #2211 stm8 genCmpEQorNE fails to properly pop A
Interestingly, it doesn't fail for me (maybe the path isn't executed) or in the snapshot regression testing. But I can see that the generated code is broken and In eed to fix genCmpEQorNE().
Philipp
[bugs:#2211]http://sourceforge.net/p/sdcc/bugs/2211/ stm8 genCmpEQorNE fails to properly pop A
Status: open
Created: Wed Sep 04, 2013 10:08 PM UTC by Erik Petrich
Last Updated: Wed Sep 04, 2013 10:08 PM UTC
Owner: Philipp Klaus Krause
In revision 8834, regression test bug-136564 fails with an invalid instruction on stm8. Register A has a live value and so is pushed when it is also needed for a comparison. However, it is only popped on one of the execution paths which leads to local variable corruption, stack overflow, and eventually the invalid instruction.
; gen/stm8/bug-136564/bug-136564.c: 40: while (c != 'x' && i < 9 )
; genLabel
00120$:
; genAssign
clr a
; genLabel
00104$:
; genCmpEQorNE
push a
ld a, _foo_c_1_7+0
cp a, #0x78
jrne 00151$
pop a
jra 00123$
; peephole j5 changed absolute to relative unconditional jump.
00151$:
; skipping generated iCode
; genCmp
cp a, #0x09
Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/sdcc/bugs/2211/
To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/
Related
Bugs:
#2211Fixed in revision #8835.
Philipp
P.S.: I have found that trying different values for --max-allocs-per-node and --opt-code-size/--opt-code-speed also helps with testing corner cases in code generation.