[mps-discussion] Microsoft C compiler hides references causing heap corruption

P T Withington ptw at pobox.com
Thu Jul 10 15:12:26 BST 2014


On 2014-07-10, at 06:24, Richard Brooksby <rb at ravenbrook.com> wrote:

> What we found was that when I changed obj_t (the type of the Dylan objects) from mps_word_t (an integer type) to a pointer type, the bug went away. This suggests a hypothesis: maybe Microsoft C only applies the optimization we are worried about (storing the difference between two values) if the values belong to an integer type. If that’s right, then things aren’t as bad as we fear.

Fascinating.

ISTM the compiler is simply hoisting a loop invariant and strength reducing.  aref/aset both boil down to:

  *(base + index * element-size)

it noticed that you are doing that multiplication twice in the for loop, 

for ( i from 0 by 1 ) {
  *(tree + i * n) = *(oldtree + i * n)
}

and that it could reduce that multiplication to an addition by hoisting:

for ( j from 0 by n ) {
  *(tree + j) = *(oldtree + j)
}

and now it sees a loop invariant that it can take advantage of to save an addition:

for ( k from (oldtree - tree) by n ) {
  *tree = *(tree + k)
}

These all seem like perfectly legal optimizations.  It's actually quite clever that the compiler disallows the last optimization when tree and oldtree are references.  Almost like they understood that the difference between references might not be a loop invariant in the face of a moving collector...




More information about the MPS-discussion mailing list