Re: Buggy variable-length array code...or compiler?

[Steven J. Magnani]

On Fri, 2010-02-26 at 01:46 +0100, J.A. MagallÃn wrote:

> Can you try this in userspace ? I compiled in CentOS gcc 4.1.2 (just the
> same), and the addresses are always the same:
> 
> #include <stdio.h>
> 
> int main()
> {
>     int c = 2;
>     while (1)
>     {
>         int a[c];
>         int b[c];
>         a[0] = b[0];
>         printf("%p %p\n",a,b);
>     }
> }

On the Microblaze:

0x2d711f1c 0x2d711f10
0x2d711f04 0x2d711ef8
0x2d711eec 0x2d711ee0
0x2d711ed4 0x2d711ec8

This happens no matter what optimization setting I compile with.

> 
> Could you post the full contents of the while loop ? 

It's the stock drivers/dma/dmatest.c in 2.6.33.

> Which is the size of dma_addr_t ? 
Microblaze is a 32-bit arch; dma_addr_t is 32 bits.

> Does it match the difference of 16 bytes on each iteration ? 
No. It appears that the data going on the stack each iteration are:

  dma_srcs[0]: iteration n
  total_tests: [n-2]
  X
  dst_off:     [iteration n-1]
  dma_srcs[0]: iteration n-1
  total_tests [n-3]
  X

> cnt's are always 1, isn't it ?
For the memcpy test, yes/

> Can you switch the size to a fixed '1' to see if this hangs again ?
It does not.

Regards,
------------------------------------------------------------------------
 Steven J. Magnani               "I claim this network for MARS!
 www.digidescorp.com              Earthling, return my space modulator!"

 #include <standard.disclaimer>



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/