SBCL

DISASSEMBLE can display wrong code section (sbcl-2.4.0)

Bug #2051169 reported by Fedorov Alexander
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
SBCL
Fix Released
Undecided
Unassigned

Bug Description

* (labels ((f (val) (when val (g nil)))
           (g (val) (when val (f nil))))
    (defun foo (x)
      (if x #'f #'g)))
FOO
* (disassemble (foo t))
; disassembly for (LABELS F)
; Size: 41 bytes. Origin: #x549CD1C0
; C0: .ENTRY (LABELS F)(VAL)
; D0: 8F4508 POP QWORD PTR [RBP+8]
; D3: 83F902 CMP ECX, 2
; D6: 750F JNE L0
; D8: 488D65E0 LEA RSP, [RBP-32]
; DC: 488BF2 MOV RSI, RDX
; DF: EBBA JMP #x549CD19B
; E1: CC10 INT3 16 ; Invalid argument count trap
; E3: CC10 INT3 16 ; Invalid argument count trap
; E5: CC10 INT3 16 ; Invalid argument count trap
; E7: L0: CC10 INT3 16 ; Invalid argument count trap
NIL

The shown code segment is a stripped version of (XEP (LABELS F)), as can be seen from

* (sb-disassem:disassemble-code-component #'foo)
; Size: 297 bytes. Origin: #x549CD0C0 (segment 1 of 8) ; (XEP (LAMBDA ()))
; 0C0: .ENTRY (LAMBDA NIL)
; 0D0: 8F4508 POP QWORD PTR [RBP+8]
; 0D3: 85C9 TEST ECX, ECX
; 0D5: 0F8506010000 JNE L9
; 0DB: 488D65E0 LEA RSP, [RBP-32]
; Origin #x549CD0DF (segment 2 of 8) ; (LAMBDA ())
; 0DF: 498B4510 MOV RAX, [R13+16] ; thread.binding-stack-pointer
; 0E3: 488945F8 MOV [RBP-8], RAX
; 0E7: 488D3D2D000000 LEA RDI, [RIP+45] ; = L0
; 0EE: 488B15B3FFFFFF MOV RDX, [RIP-77] ; 'FOO
; 0F5: B904000000 MOV ECX, 4
; 0FA: FF7508 PUSH QWORD PTR [RBP+8]
; 0FD: B8C2E12550 MOV EAX, #x5025E1C2 ; #<FDEFN SB-IMPL::%DEFUN>
; 102: FFE0 JMP RAX
; Origin #x549CD104 (segment 3 of 8) ; (XEP FOO)
; 104: .SKIP 12
; 110: L0: .ENTRY FOO(X)
; 120: 8F4508 POP QWORD PTR [RBP+8]
; 123: 83F902 CMP ECX, 2
; 126: 0F85B7000000 JNE L10
; 12C: 488D65E0 LEA RSP, [RBP-32]
; 130: 488BF2 MOV RSI, RDX
; Origin #x549CD133 (segment 4 of 8) ; FOO
; 133: 498B4510 MOV RAX, [R13+16] ; thread.binding-stack-pointer
; 137: 488945F0 MOV [RBP-16], RAX
; 13B: 4881FE17010050 CMP RSI, #x50000117 ; NIL
; 142: 750A JNE L2
; 144: 488D1520000000 LEA RDX, [RIP+32] ; = L3
; 14B: L1: C9 LEAVE
; 14C: F8 CLC
; 14D: C3 RET
; 14E: L2: 488D1576000000 LEA RDX, [RIP+118] ; = L8
; 155: EBF4 JMP L1
; Origin #x549CD157 (segment 5 of 8) ; (XEP (LABELS G))
; 157: .SKIP 9
; 160: L3: .ENTRY (LABELS G)(VAL)
; 170: 8F4508 POP QWORD PTR [RBP+8]
; 173: 83F902 CMP ECX, 2
; 176: 756D JNE L11
; 178: 488D65E0 LEA RSP, [RBP-32]
; 17C: 4C8BC2 MOV R8, RDX
; Origin #x549CD17F (segment 6 of 8) ; (LABELS G)
; 17F: L4: 498B4510 MOV RAX, [R13+16] ; thread.binding-stack-pointer
; 183: 488945E8 MOV [RBP-24], RAX
; 187: 4981F817010050 CMP R8, #x50000117 ; NIL
; 18E: 7506 JNE L5
; 190: 498BD0 MOV RDX, R8
; 193: C9 LEAVE
; 194: F8 CLC
; 195: C3 RET
; 196: L5: BE17010050 MOV ESI, #x50000117 ; NIL
; Origin #x549CD19B (segment 7 of 8) ; (LABELS F)
; 19B: L6: 498B4510 MOV RAX, [R13+16] ; thread.binding-stack-pointer
; 19F: 488945E0 MOV [RBP-32], RAX
; 1A3: 4881FE17010050 CMP RSI, #x50000117 ; NIL
; 1AA: 7506 JNE L7
; 1AC: 488BD6 MOV RDX, RSI
; 1AF: C9 LEAVE
; 1B0: F8 CLC
; 1B1: C3 RET
; 1B2: L7: 41B817010050 MOV R8D, #x50000117 ; NIL
; 1B8: EBC5 JMP L4
; Origin #x549CD1BA (segment 8 of 8) ; (XEP (LABELS F))
; 1BA: .SKIP 6
; 1C0: L8: .ENTRY (LABELS F)(VAL) <------------------------------------------------- HERE
; 1D0: 8F4508 POP QWORD PTR [RBP+8]
; 1D3: 83F902 CMP ECX, 2
; 1D6: 750F JNE L12
; 1D8: 488D65E0 LEA RSP, [RBP-32]
; 1DC: 488BF2 MOV RSI, RDX
; 1DF: EBBA JMP L6
; 1E1: L9: CC10 INT3 16 ; Invalid argument count trap
; 1E3: L10: CC10 INT3 16 ; Invalid argument count trap
; 1E5: L11: CC10 INT3 16 ; Invalid argument count trap
; 1E7: L12: CC10 INT3 16 ; Invalid argument count trap
NIL

This is a regression, this behavior started in sbcl-2.2.1 (starting with this commit: https://github.com/sbcl/sbcl/commit/be5c6d037ba032717638f21d515444cf255e4cbd)

Tested on sbcl-2.4.0 (and on HEAD: sbcl-2.4.0.239-28ab0f952)

uname -a
Linux grolter-T16 6.2.0-39-generic #40-Ubuntu SMP PREEMPT_DYNAMIC Tue Nov 14 14:18:00 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

* *features*
(:ARENA-ALLOCATOR :X86-64 :GENCGC :64-BIT :ANSI-CL :COMMON-LISP :ELF
 :IEEE-FLOATING-POINT :LINUX :LITTLE-ENDIAN :PACKAGE-LOCAL-NICKNAMES
 :SB-CORE-COMPRESSION :SB-LDB :SB-PACKAGE-LOCKS :SB-THREAD :SB-UNICODE :SBCL
 :UNIX)

Revision history for this message
Stas Boukarev (stassats) wrote :

It's because they are unusually laid out in memory, xep follows the function, so probably it's better to just change the layout.

And it's not really a regression from be5c6d037ba032717638f21d515444cf255e4cbd, because before that (disassemble (foo t)) shows just one function, but (disassemble (foo nil)) shows two functions, so it was just as non-consistent before.

Stas Boukarev (stassats)
Changed in sbcl:
assignee: nobody → Stas Boukarev (stassats)
Stas Boukarev (stassats)
Changed in sbcl:
status: New → Fix Committed
assignee: Stas Boukarev (stassats) → nobody
Christophe Rhodes (csr21-cantab)
Changed in sbcl:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.