fix bug with investigating types in the main pass, and in rare cases defining types with incorrect data because of that

3 files changed, 47 insertions, 7 deletions

diff --git a/src/analyzer.js b/src/analyzer.js
index 1e03a1d6..974dd67d 100644
--- a/src/analyzer.js
+++ b/src/analyzer.js
@@ -22,7 +22,9 @@ var SIDE_EFFECT_CAUSERS = set('call', 'invoke');
 
 // Analyzer
 
-function analyzer(data) {
+function analyzer(data, sidePass) {
+  var mainPass = !sidePass;
+
   // Substrate
   var substrate = new Substrate('Analyzer');
 
@@ -46,6 +48,7 @@ function analyzer(data) {
       var temp = splitter(item.items, function(item) { return item.intertype == 'type' });
       item.items = temp.leftIn;
       temp.splitOut.forEach(function(type) {
+        //dprint('types', 'adding defined type: ' + type.name_);
         Types.types[type.name_] = type;
         if (QUANTUM_SIZE === 1) {
           Types.fatTypes[type.name_] = copy(type);
@@ -175,10 +178,14 @@ function analyzer(data) {
   // Typevestigator
   substrate.addActor('Typevestigator', {
     processItem: function(data) {
-      for (var type in Types.needAnalysis) {
-        if (type) addType(type, data);
+      if (sidePass) { // Do not investigate in the main pass - it is only valid to start to do so in the first side pass,
+                      // which handles type definitions, and later. Doing so before the first side pass will result in
+                      // making bad guesses about types which are actually defined
+        for (var type in Types.needAnalysis) {
+          if (type) addType(type, data);
+        }
+        Types.needAnalysis = {};
       }
-      Types.needAnalysis = {};
       this.forwardItem(data, 'Typeanalyzer');
     }
   });
diff --git a/src/jsifier.js b/src/jsifier.js
index 0cdafb5a..a750f805 100644
--- a/src/jsifier.js
+++ b/src/jsifier.js
@@ -55,7 +55,7 @@ function JSify(data, functionsOnly, givenFunctions) {
 
   if (mainPass) {
     // Handle unparsed types TODO: Batch them
-    analyzer(intertyper(data.unparsedTypess[0].lines, true));
+    analyzer(intertyper(data.unparsedTypess[0].lines, true), true);
     data.unparsedTypess = null;
 
     // Add additional necessary items for the main pass. We can now do this since types are parsed (types can be used through
@@ -120,7 +120,7 @@ function JSify(data, functionsOnly, givenFunctions) {
     dprint('unparsedFunctions','====================\n// Processing function batch of ' + currBaseLineNums.length +
                                ' functions, ' + currFuncLines.length + ' lines, functions left: ' + data.unparsedFunctions.length);
     if (DEBUG_MEMORY) MemoryDebugger.tick('pre-func');
-    JSify(analyzer(intertyper(currFuncLines, true, currBaseLineNums)), true, Functions);
+    JSify(analyzer(intertyper(currFuncLines, true, currBaseLineNums), true), true, Functions);
     if (DEBUG_MEMORY) MemoryDebugger.tick('post-func');
   }
   currFuncLines = currBaseLineNums = null; // Do not hold on to anything from inside that loop (JS function scoping..)
@@ -1150,7 +1150,7 @@ function JSify(data, functionsOnly, givenFunctions) {
     print(postParts[0]);
 
     // Print out global variables and postsets TODO: batching
-    JSify(analyzer(intertyper(data.unparsedGlobalss[0].lines, true)), true, Functions);
+    JSify(analyzer(intertyper(data.unparsedGlobalss[0].lines, true), true), true, Functions);
     data.unparsedGlobalss = null;
 
     print(Functions.generateIndexing()); // done last, as it may rely on aliases set in postsets
diff --git a/tests/cases/trace.ll b/tests/cases/trace.ll
new file mode 100644
index 00000000..1bada3e9
--- /dev/null
+++ b/tests/cases/trace.ll
@@ -0,0 +1,33 @@
+; ModuleID = 'tests/hello_world.bc'
+
+; A [block] type is used in a function def here. If we investigate types in the very first pass, we will
+; make a bad guess as to the size - we assume undef'd types are [int32]. For this code to compile, we must
+; only investigate in the first side pass, which is correct since there the type defs are handled.
+
+target datalayout = "e-p:32:32:32-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:32:64-f32:32:32-f64:32:64-v64:64:64-v128:128:128-a0:0:64-f80:32:32-n8:16:32-S128"
+target triple = "i386-pc-linux-gnu"
+
+%struct.TraceKindPair = type { i8*, i32 }
+
+@_ZL14traceKindNames = internal constant [4 x %struct.TraceKindPair] [%struct.TraceKindPair { i8* getelementptr inbounds ([15 x i8]* @.str, i32 0, i32 0), i32 -1 }, %struct.TraceKindPair { i8* getelementptr inbounds ([15 x i8]* @.str, i32 0, i32 0), i32 0 }, %struct.TraceKindPair { i8* getelementptr inbounds ([15 x i8]* @.str, i32 0, i32 0), i32 1 }, %struct.TraceKindPair { i8* getelementptr inbounds ([15 x i8]* @.str, i32 0, i32 0), i32 3 }], align 4 ; [#uses=3 type=[4 x %struct.TraceKindPair]*]
+
+@.str = private unnamed_addr constant [15 x i8] c"hello, world!\0A\00", align 1 ; [#uses=1 type=[15 x i8]*]
+
+define linkonce_odr hidden i32 @_ZN7mozilla11ArrayLengthIK13TraceKindPairLj4EEEjRAT0__T_([4 x %struct.TraceKindPair]* %arr) nounwind {
+entry:
+  ret i32 1
+}
+
+; [#uses=0]
+define i32 @main() {
+entry:
+  %retval = alloca i32, align 4                   ; [#uses=1 type=i32*]
+  store i32 0, i32* %retval
+  %call = call i32 (i8*, ...)* @printf(i8* getelementptr inbounds ([15 x i8]* @.str, i32 0, i32 0)) ; [#uses=0 type=i32]
+  %0 = getelementptr inbounds [4 x %struct.TraceKindPair]* @_ZL14traceKindNames, i32 0, i32 1; [#uses=1 type=%struct.TraceKindPair*] [debug line = 1473:17]
+  %1 = getelementptr inbounds %struct.TraceKindPair* %0, i32 0, i32 0 ; [#uses=1 type=i8**] [debug line = 1473:17]
+  ret i32 1
+}
+
+; [#uses=1]
+declare i32 @printf(i8*, ...)