[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Tinycc-devel] Miscompilation returning small struct

From: Nicholas Fraser
Subject: [Tinycc-devel] Miscompilation returning small struct
Date: Tue, 26 Jan 2021 13:32:29 -0500

I've encountered what I believe is a miscompilation bug in TinyCC. I'm using
tcc 0.9.27 on latest Arch Linux on x86_64. I can't reproduce the same issue on
the mob branch so this may already be fixed, but I can't find a bug report
about anything similar so it may just be a coincidence; the bug might still be
around, just reproducible in a different way. I tried reducing the code as much
as possible:

    #include <stdint.h>
    #include <stdio.h>

    typedef struct coords_t {
        uint8_t x, y;
    } coords_t;

    typedef struct list_t {
        void* context;
        coords_t head;
        coords_t tail;
    } list_t;

    static coords_t list_head(list_t* list) {
        return list->head;

    int main(void) {
        list_t list;
        list.tail.x = 17;
        list.tail.y = 23;

        coords_t bob = {3, 4};
        coords_t alice = {2, 1};
        coords_t eve = {1, 0};

        printf("%u:%u\n", eve.x, eve.y);
        list_head(&list); // ignored return value, should be no-op
        printf("%u:%u\n", eve.x, eve.y);

The code prints the contents of a struct before and after a no-op function
call. The output should be the same. Under GCC, Clang and chibicc it prints


Under TinyCC it prints this:


It appears to overwrite "eve" with "tail" when trying to store the return value
of list_head() to the stack. coords_t is only two bytes but this moves four:

    40040f: e8 61 ff ff ff        callq  400375 <list_head>
    400414: 89 45 e8              mov    %eax,-0x18(%rbp)

Sorry if this is already fixed. I lost a couple hours tracking this down today
so if it is already fixed, maybe it's time for a release?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]