Commit graph

7436 commits

Author SHA1 Message Date
George Koehler 85fcbde22f Check LOI expressions to prevent a read after free.
CS eliminates outer expressions before inner ones, as `x * y * z`
before `x * y`.  It does this by reversing the order of expressions in
the code.  This almost always works, but it sometimes doesn't work if
a STI changes the value number of a LOI.  In code like `expr1 LOI
expr2 STI expr2 LOI`, CS might eliminate the inner `expr2` before the
outer `expr2 LOI`.  This caused a read after free because the
occurrence of `expr2 LOI` pointed to the eliminated lines of `expr2`.

This bug went unnoticed until my recent changes caused CS to crash
with a double free.  I did not get the crash in OpenBSD, but I saw the
crash in Travis, then David Given reproduced the crash in Linux.  See
the discussion in https://github.com/davidgiven/ack/pull/73
2018-03-12 20:58:31 -04:00
George Koehler ebba76e08f Don't read INSTR(l) after oldline(l) frees it.
This bug got in my way while I was looking for another read-after-free
bug in the CS phase.
2018-03-11 20:10:13 -04:00
George Koehler 12643f1740 Solve some gcc warnings in ego.
Some of these are from gcc -Wimplicit
2018-03-08 18:51:07 -05:00
George Koehler 860df1b067 Read from new, not old, buffer after realloc.
This got caught by MALLOC_OPTIONS=S in OpenBSD.  The B compiler filled
the buffer while compiling hilo.b.  Then realloc moved the buffer and
unmapped the old buffer.  The compiler tried to read the old buffer
and segfaulted.
2018-03-08 12:04:02 -05:00
George Koehler 0720671f7a Fix wr_ranlib() for big-endian machines.
With this change, I built and ran ack on a big-endian PowerPC Linux
machine.  I used gcc 4.9.4 to build ack, and I only built the linuxppc
back end.

Before this change, wr_ranlib() corrupted a value by changing it from
0x66 to 0x66000066.  This value was too big, so led made a fatal
error, "bad ranlib string offset".
2018-03-08 11:49:40 -05:00
George Koehler b1badf1851 Add instructions like "lwarx". Extend manual.
Add more page numbers from PowerPC version 2.01.  Remove "xnop" not in
2.01, add "mtcr" from 2.01.  Add "lwarx" and the other instructions
from Book II.  I did not try all the newly added instructions, but
these seem to work: dcbt, dcbtst, icibi, isync, lwarx, stwcx., mftb,
mftbu

In man/powerpc_as.6 (not installed), add a summary of the registers
and addressing modes (like in i386_as.6), describe short forms, update
description of hi16/ha16, add CAVEATS about instructions that some
processors can't run.
2018-03-07 13:37:31 -05:00
George Koehler b1b737ed6c Optimize procedures that do both a / b and a % b.
Enable this in CS for PowerPC; disable it for all other machines.
PowerPC has no remainder instruction; the back end uses division to
compute remainder.  If CS finds both a / b and a % b, then CS now
rewrites a % b as a - b * (a / b) and computes a / b only once.  This
removes an extra division in the PowerPC code, so it saves both time
and space.

I have not considered whether to enable this optimization for other
machines.  It might be less useful in machines with a remainder
instruction.  Also, if a % b occurs before a / b, the EM code gets a
DUP.  PowerPC ncg handles this DUP well; other back ends might not.
2018-03-05 13:32:06 -05:00
George Koehler f26259caac Check AAR earlier to prevent LOI/STI unknown size.
In ego, the CS phase may convert a LAR/SAR to AAR LOI/STI so it can
optimize multiple occurrences of AAR of the same array element.  This
conversion should not happen if it would LOI/STI a large or unknown
size.

cs_profit.c okay_lines() checked the size of each occurrence of AAR
except the first.  If the first AAR was the implicit AAR in a LAR/SAR,
then the conversion happened without checking the size.  For unknown
size, this made a bad LOI -1 or STI -1.  Fix by checking the size
earlier: if a LAR/SAR has a bad size, then don't enter it as an AAR.

This Modula-2 code showed the bug.  Given M.def:

    DEFINITION MODULE M;
    TYPE S = SET OF [0..95];
    PROCEDURE F(a: ARRAY OF S; i, j: INTEGER);
    END M.

and M.mod:

    (*$R-*) IMPLEMENTATION MODULE M;
    FROM SYSTEM IMPORT ADDRESS, ADR;
    PROCEDURE G(s: S; p, q: ADDRESS; t: S); BEGIN
      s := s; p := p; q := q; t := t;
    END G;
    PROCEDURE F(a: ARRAY OF S; i, j: INTEGER); BEGIN
      G(a[i + j], ADR(a[i + j]), ADR(a[i + j]), a[i + j])
    END F;
    END M.

then the bug caused an error:

    $ ack -mlinuxppc -O3 -c.e M.mod
    /tmp/Ack_b357d.g, line 57: Argument range error

The bug had put LOI -1 in the code, then em_decode got an error
because -1 is out of range for LOI.

Procedure F has 4 occurrences of `a[i + j]`.  The size of `a[i + j]`
is 96 bits, or 12 bytes, but the EM code hides the size in an array
descriptor, so the size is unknown to CS.  The pragma `(*$R-*)`
disables a range check on `i + j` so CS can work.  EM uses AAR for the
2 `ADR(a[i + j])` and LAR for the other 2 `a[i + j]`.  EM pushes the
arguments to G in reverse order, so the last `a[i + j]` in Modula-2 is
the first LAR in EM.

CS found 4 occurrences of AAR.  The first AAR was an implicit AAR in
LAR.  Because of the bug, CS converted this LAR 4 to AAR 4 LOI -1.
2018-03-02 16:06:21 -05:00
George Koehler a7bb4ec4b1 Fixes for compiling ego with -DTRACE
- In share/debug.c, undo my mistake in commit 9037d13 by changing
   vfprintf back to fprintf in OUTTRACE.

 - In ud/ud.c, move the trace output from stdout to stderr, because
   stdout has ego's output file, which becomes opt2's input file.  If
   trace output goes to stdout, it gets prepended to the output file,
   and opt2 errors with "wrong input file".

I also edit both build.lua files so ego depends on its header files;
this part isn't needed for -DTRACE.

One can now use -DTRACE by adding it to the cflags in both build.lua
files.
2018-03-01 13:19:38 -05:00
George Koehler 0a6d3de7fe Use prototypes in ego/cs, ego/sp. 2018-02-05 16:09:30 -05:00
George Koehler a60738a50d Don't use '-' in option string to getopt().
Using '-' might fail on platforms like FreeBSD.  Commit 50a7031
stopped using '-' in the B compiler and ego.  I now stop using '-' in
mcg, because I can now check that mcg still works.
2018-02-05 14:55:10 -05:00
George Koehler 04ac91889c Only lower "addi sp, sp, X" if X > 0.
If X < 0, then lowering the addi might cause the code to use the stack
space before allocating it.  This is a bug because an asynchronous
signal handler can overwrite the unallocated stack space.
2018-02-01 12:20:31 -05:00
George Koehler 9077b3a5ab Teach mcg to pass our tests.
Tests pass if one edits the top build.lua to uncomment "qemuppc" from
both vars.plats and vars.plats_with_tests, and one leaves mcg in
plat/qemuppc/descr.

Add or correct some EM instructions in treebuilder.c:
 - "lof", "stf": handle negative offsets in load() and store().
 - "cuu": add using IR_FROMUI.
 - "lim", "sim": keep an entire word in ".ignmask", to be compatible
   with mach/powerpc/libem/trp.s and ncg.  We also keep a word in
   ".ignmask" in ncg for both i386 and m68020.
 - "trp": pass trap number in register.  See comment in
   helper_function_with_arg().
 - "sig": push the old value of .trppc on the stack.
 - "and ?", "ior ?", "xor ?", "com ?", "cms ?", "set ?", "inn ?":
   connect to helper functions in libem.
 - "blm", "bls": drop call to memmove() and use new helper ".bls4",
   because tests/plat/structcopy_e.c can't call memmove().
 - "xor s", "cms s": if s is large, fall back on helper function.
 - "rol", "ror": add by decomposing each rotate into 4 IR ops.
 - "rck s", "bls s": make fatal unless s is word size.
 - "loi": push multiple loads in the correct order.
 - "dup s", "exg s": if s is large, fall back on helper.
 - "dus": add using new helper ".dus4".
 - "lxl", "lxa": follow the static chain, not the dynamic chain.
 - "lor 1": materialise the stack before pushing the stack pointer.
 - "lor 2", "str 2": make fatal.
 - "los", "sts": drop calls to memcpy() and use helpers ".los4" and
   and ".sts4", so lang/m2/libm2/LtoUset.e starts working.
 - "gto": correctly read descriptor.

Change mach/powerpc/mcg/table:
 - ANY.L: add for "asp -8".
 - LOAD.L: work around register corruption.
 - COMPAREUL.I: add for "cms 8".
2018-01-31 21:05:40 -05:00
George Koehler b3c0a767a5 Sync qemuppc with linuxppc.
- Don't reverse bitfields; do use ego (41f3bf7).
 - Use MACHOPT_F=-m2 (3dae9e4).
 - Remove old trap.s (26de4c1).

At this commit, one can build qemuppc with mcg by editing the root
build.lua to uncomment "qemuppc" in "vars.plats".  If one also
uncomments "qemuppc" from "vars.plats_with_tests", then mcg fails to
build the tests.  If one uses ncg (by editing plat/qemuppc/descr to
change "mcg" to "ncg"), then the tests pass.
2018-01-27 21:41:13 -05:00
George Koehler b38fcdded3 Add tests for clearing BSS, copying C structs.
The new tests are bss_e.c, structcopy_e.c.  We do clear the BSS before
calling _m_a_i_n, so fix the comments in the other tests.
2018-01-27 20:09:16 -05:00
George Koehler cdde55535e For osxppc, change size 8 to alignment 4.
You may need to delete and recompile some .o files!  This changes the
alignment of 8-byte values in C structs to match what Apple's gcc
does.  See Apple's "32-bit PowerPC Function Calling Conventions" at

    https://developer.apple.com
      /library/content/documentation/DeveloperTools/Conceptual/LowLevelABI
      /100-32-bit_PowerPC_Function_Calling_Conventions/32bitPowerPC.html
2018-01-27 16:35:48 -05:00
George Koehler 3dae9e49cc Use subfic (val - reg) and mulli (reg * val).
In the instruction list, put /* kills xer */ for sraw, srawi, subfic;
and correct the (now unused) "addi." and "lfdu".

Change MACHOPT_F from -m3 to -m2.  This changes the code for 15 * i
from

    slwi r3,r4,4
    subfic r5,r4,0
    add r3,r3,r5

to

    mulli r3,r4,15

If the sequence "slwi subfic addi" takes 3 cycles and 12 bytes, and
mulli takes 3 cycles and 4 bytes, then mulli is better.
2018-01-27 15:53:05 -05:00
George Koehler 7c9c4f82fd Get ack -mosxppc -g to partly work with gdb.
Copy and adapt code from mach/{i386,m68020}/ncg/mach.c to pass the
debugging stabs from EM to assembly.  The next tools (as, led, cv)
already know how to put the stabs in the Mach-o executable.

Modify the function prolog/prologue so gdb uses fp, not sp, for N_LSYM
and N_PSYM stabs.  Simplify prolog() by reducing differences between
stabs and no stabs, and zero and nonzero framesize.  For files without
stabs, the new prolog has the same number of instructions and memory
accesses as the old prolog, and to run at about the same speed on my
PowerPC Mac.

This is enough to see some info for global and local variables in gdb
for Mac OS X.  I still can't get a backtrace; gdb gets confused
because EM and ncg don't link 0(sp) to the previous stack frame.

I don't expect `ack -mlinuxppc -g` to work with gdb for Linux, because
we prepend underscores to the symbol table, which is correct for
Mach-o but wrong for ELF.
2018-01-26 20:19:38 -05:00
George Koehler e83aaca3ec Add some comments before I forget how this stuff works. 2018-01-24 15:17:32 -05:00
George Koehler e3672bd66e Allow sp and fp on the fake stack.
This simplifies parts of the PowerPC table and causes ncg to better
decide whether to push sp or fp to the real stack, or coerce it to
REG3, or coerce it to REG-REG3, or move it to a regvar.  These better
decisions remove extra _mr_ instructions.

The idea comes from mach/powerpc/arm/table, where SP has a property
STACKPOINTER and LB has LOCALBASE.  I don't need two properties, so I
make one property SPFP for both registers.
2018-01-23 18:18:40 -05:00
George Koehler c6ceaac1af Make osx386 and osxppc use _hol0.s like the other platforms.
Because I'm lazy, I didn't make another copy of _hol0.s; I am building
plat/linux/libsys/_hol0.s for OS X.
2018-01-23 13:55:39 -05:00
George Koehler 66f93f08c5 Add fef 4, fif 4. Improve fef 8, fif 8. Other float changes.
When I wrote fef 8, I forgot to test denormalized numbers.  Oops.  Now
fix two of my mistakes:

 - When checking for zero, `extrwi r6, r3, 22, 12` needs to be
   `extrwi r6, r3, 20, 12`.  There are only 20 bits to extract.

 - After the multiplication by 2**64, I forgot to put the fraction in
   [0.5, 1) or (-1, 0.5] by setting IEEE exponent = 1022.

Teach fif 8 about signed zero and NaN.

In ncg/table, change cmf so NaN is not equal to any value, and comment
why ordered comparisons don't work with NaN.  Also add cost for
fctwiz, remove extra `uses REG`.

Edit comment in cfu8.s because the conditional branch might be before
or after fctwiz.
2018-01-22 14:04:15 -05:00
George Koehler f1304e1a3c Use extended mnemonics and ha16/lo16.
Remove wrong comment: that's a right shift, not a left shift.
2018-01-11 20:04:27 -05:00
George Koehler 103d44c27c Rewrite sigaction() to prevent another race.
A signal handler might call sigaction().  We must block all signals,
not only our signal, to prevent a race between us and the next signal
handler.

Use /* comments */ because cpp might expand macros in ! comments
though such expansion is probably harmless.

The bridge is now shorter by 2 instructions.
2018-01-11 17:59:02 -05:00
George Koehler 2b09d3756c These are EM trap numbers.
Remove .sect; absolute symbols don't go in a section.
2018-01-09 00:40:11 -05:00
George Koehler de2c7c3f25 Hide some i386 stuff from linux68k, linuxppc.
Rename plat/linux/libsys/errno.s to plat/linux386/libsys/trapno.s and
stop building it for linux68k and linuxppc.  It defines symbols for
mach/i386/libem.

In syscalls.h, the numbers after 165 are only for i386, so hide them
from 68k, ppc.  These numbers are unused, because the system calls now
in libsys use the lower numbers.

Also teach the build system that libsys depends on the internal
headers in plat/linux/libsys/*.h
2018-01-08 23:46:30 -05:00
George Koehler 64b50b3a45 Shrink .cfu8
With my PowerBook G4, a program that converts values from 1.0 to
4000000.0 runs in about 0.32s with the old .cfu8 and 0.29s with this
shrunken .cfu8

Leave a comment about other ways to implement .cfu8
2018-01-07 16:03:55 -05:00
George Koehler b90c97b00b Teach top to merge or delete "addi sp, sp, X".
This reduces code size, because ncg emits too many "addi sp, sp, X"
instructions when unstacking things.  Now top lowers "addi sp, sp, X"
by lifting other instructions.  This sometimes creates chances to
merge or delete _addi_ instructions.  If no such chance is found, the
_addi_ remains uselessly lowered.

Edit ncg/table to remove something that top now does.

Edit ncg/mach.c to remove some spaces after commas.  This removes a
whitespace difference between *.s and *.so files, because top removes
the space.
2018-01-05 17:55:50 -05:00
George Koehler 720af48d8a Fix lim. Improve lxl, lxa, lor, str, procs with no locals.
_lim_ must use _loe_ (load word external), not _lde_ (load double-word
external).

The new patterns for _lxl_, _lxa_, _lor_, _str_ emit shorter code in
some cases.  The change from GPR_EXPR to REG_EXPR allows moving
LXFRAME to a register variable.

Add more "reusing" clauses.  We have enough registers that ncg almost
never reuses a register, but sometimes it can reuse r3.

In mach.c, emit one fewer instruction in procedures with no locals.
2018-01-04 20:40:35 -05:00
George Koehler d6938108a6 Add tests for C <setjmp.h> and Modula-2 Semaphores.
Fix PowerPC ncg so setjmp() returns the correct value.  I got unlucky
when ncg picked r3 for "uses REG"; this destroyed the return value in
r3 and caused the new test to fail.
2018-01-03 14:51:14 -05:00
George Koehler 26de4c1ab1 Add test for EM _rck_. Fix traps in PowerPC ncg.
The new test rck_e.e segfaults on PowerPC unless I make some changes.
The inline code for _rck_ was wrong because it didn't allow the trap
handler to return.  _sig_ forgot to push the old trap handler.

Move plat/linuxppc/libsys/trap.s to mach/powerpc/libem/trp.s and
rewrite it with simplified/extended mnemonics.  Remove .trap alias for
.trp procedure.  Add a missing `mtspr lr, r0` so we can return from
the trap handler.  Call write() and _exit() so trp.s works with both
linuxppc and osxppc.  Before, Mac OS X was wrongly using the trap.s
for Linux.

In powerpc/libem, simplify .aar4; teach .csa and .csb to raise the
trap if the default target is zero.

C programs don't need these changes.  You may relink your C programs
with the changed .csa and .csb, but C code doesn't raise the trap.
Modula-2 code can raise traps, so you may want to relink your Modula-2
programs with the changed libem, but you might keep your old .o files
from Modula-2.  You may need to recompile your Pascal programs (delete
old .o files from Pascal) because the Pascal compiler might use _rck_.
2017-12-24 22:37:52 -05:00
George Koehler 5f2a7b260f Optimize mr. X, X after some instructions.
For example, when ncg emits
    slw r9,r8,r5
    mr. r9,r9
then top simplifies the code to
    slw. r9,r8,r5
2017-12-22 22:32:16 -05:00
George Koehler c964eeddba Remove INT32 and such. Adjust indentation.
I understand `loi 4` more easily than `loi INT32`, because `loi 4`
appears in .e files.  So remove INT8, INT16, INT32, INT64.

Add a comment to explain r3 during unconditional jumps.
2017-12-22 21:18:58 -05:00
George Koehler f96f918a29 Generate shorter code for ret 4 and ret 8. 2017-12-22 20:37:39 -05:00
George Koehler 5867ca2f2c Remove two obsolete patterns.
These patterns seem to have no effect on the generated code.
2017-12-22 19:57:42 -05:00
George Koehler 2eeee36f78 Add FRAME_V tokens for local variables.
When storing to a local, stop killing the tokens of other locals,
unless they might overlap with the stored local.  This helps some
procedures that juggle locals when the locals aren't in registers.

Also use FRAME_V tokens for locals in statically enclosing procedures.
Rewrite _lxa_ as _lxl_, to skip the `addi ?,?,8` if we can add 8 to
the next constant.  The PowerPC code from _lxl_ is now sometimes
better, sometimes worse than before.

The i386 table provided the idea to use %size to find overlapping
locals.
2017-12-22 17:04:16 -05:00
George Koehler 4bb31c296d Revise the comments in the EM tests.
You can cheat these tests if _cms_ and _cmu_ always push zero.
2017-12-21 18:24:28 -05:00
George Koehler 787fdeaaa9 Add some tests for Modula-2. 2017-12-21 18:24:17 -05:00
George Koehler aa9418c029 Pass 4 bytes to fail(uint32_t)
This would become necessary if something failed on a platform with
16-bit int (EM_WSIZE == 2).

Remove unreachable `ret 0`.  If reached, it wouldn't work to return
from _m_a_i_n.
2017-12-18 21:58:57 -05:00
George Koehler a5e8dc8a06 Simplify code by using cms EM_WSIZE to compare bytes.
This should work because the C compiler does it.
2017-12-18 21:52:13 -05:00
George Koehler a4e6595032 Remove '\0' from output. Fix a compiler warning.
Don't output '\0' in "@@FINISHED\0".

Cast code to unsigned int.  This helps platforms with 16-bit int, by
doing only the low 16 bits of the bitwise-and.  It also removes the
"(warning) conversion of long to pointer loses accuracy".
2017-12-18 21:17:42 -05:00
George Koehler ad47fa5fe3 Add splitting coercions for IND_ALL_D.
Delete my wrong comment (from commits cfbc537, a8f62f4, 5432bd0) which
claimed that such coercions are not possible.
2017-12-18 20:59:04 -05:00
George Koehler 24abaf6a25 Enable conditional expressions in splitting coercions.
ncgg has parsed the optional conditional expression (optexpr) of each
splitting coercion since commit 72b83cc in 1985; but for almost 33
years, ncg has ignored the expression in c2_expr.

Few tables had conditional coercions (I only found them in arm and
m68020), and no tables had conditional splitting coercions, so this
only becomes a problem now as I try to add a conditional splitting
coercion to powerpc.
2017-12-18 20:39:56 -05:00
George Koehler 5e99baabdf Rename two tokens. CONST_HZ was not hertz (Hz). 2017-12-18 12:36:10 -05:00
George Koehler d8fa9d1b2a In coercions, try to reuse a register with the same token.
This reduces code size.
2017-12-17 12:45:27 -05:00
George Koehler b0d75fed37 Rename ANY_BHW to INT_W; add FLOAT_W, FLOAT_D.
INT_W, the integer set, continues to exclude FSREG, because we can't
easily move FSREG to GPR.

ANY4 becomes ISET+FLOAT_W and ANY8 becomes FLOAT_D.
2017-12-17 11:56:02 -05:00
George Koehler 5ba83100d6 Delete rules for sti 8 with REG IND_RC_D, with REG IND_RR_D.
Prefer the rule with REG FREG, by coercing IND_RC_D or IND_RR_D to
FREG.  This rule looks better to ncg.  When ncg chose between coercion
to REG IND_RC_D or coercion to REG FREG, it chose REG FREG.  It only
chose REG IND_RC_D if the stack had exact REG IND_RC_D.
2017-12-12 13:36:43 -05:00
George Koehler 11a54e0a7c These instructions write to the CR. 2017-12-10 14:01:14 -05:00
George Koehler 504d2aa34e Revise stack shuffles and integer conversions in PowerPC ncg.
Allow asp 4, exg 4 to shuffle tokens without coercing them into
registers; but comment why dup 4, dup 8 coerce tokens into registers.

Allow dup, dus, exg with larger sizes; and add tests dup_e.e and
exg_e.e to check that dup 20, dus, exg 20 work as well in powerpc as
in i80 and i86.

Then powerpc failed to compile loc 2 loc 4 cuu in dup_e.e.  Revise the
integer conversions, so powerpc can compile and pass the test.
2017-12-09 18:57:10 -05:00
George Koehler 48788287b8 Add more chances to put results in register variables.
When a rule `uses REG ... yields %a`, the result %a is always a
temporary, never a regvar.  If the EM code uses _stl_ to put the
result in a regvar, then ncg emits _mr_ to move %a to the regvar.

There are two ways to put the result in the regvar without %a:

  1. Yield a token, as in `yields {MUL_RR, %2, %1}`, so that _stl_
     can move the token to the regvar without using %a.

  2. Provide a pattern, like `sli stl`, that just puts the result
     in `{LOCAL, $2}` and not %a.

Allow some tokens, like SUM_RIS and XEQ, onto the stack; and add
tokens like MUL_RR, and patterns like `sli stl`.

Delete patterns for `stl lol` and `sdl ldl` to avoid an extra
temporary %a when the local is a regvar.  Delete `lal sti lal loi`
because it would emit wrong code.
2017-12-08 17:19:26 -05:00