Buffer pointer subtraction is buggy

asoffer / Icarus

An experimental general-purpose programming language

Apache License 2.0

9 stars 2 forks source link

Buffer pointer subtraction is buggy #113

Closed perimosocordiae closed 2 years ago

perimosocordiae commented 2 years ago

This is breaking code in the stdlib/string/match.ic module, like the Match functions.

Repro:

io ::= import "io.ic"

line := "foo"

ptr := line.data
ptr += 1

n := ptr - line.data
io.Print(n, "\n")

Output from running the above program 6 times in a row, with no changes to the source:

-6148914691263723263
-6148914691281663743
-6148914691282482943
-6148914691279333119
-6148914691268650751
-6148914691277620991

perimosocordiae commented 2 years ago

At the point where the pointer difference happens, ptr == 0xaaaaaaaaaaaaaa11 and line.data == 0x2b6d110 (or some other random-ish value). Looks like the corruption happens when the pointer is incremented.

perimosocordiae commented 2 years ago

Nope, prior to the += 1 we have ptr == 0xaaaaaaaaaaaaaa10.

asoffer commented 2 years ago

debug builds write 0xaa to uninitialized memory in base::untyped_buffers. I'm guessing there's a misinterpretation of the values going on, where an integer is being interpreted as an i64.