boot2

Playing with the boostrap
git clone https://git.ryansepassi.com/git/boot2.git
Log | Files | Refs | README
commit 576d20cfb943575f9614b9c022c7032172e2887a
parent 077025f552fbed9b0cc283b260e136b56f001347
Author: Ryan Sepassi <rsepassi@gmail.com>
Date:   Wed, 29 Apr 2026 23:23:01 -0700

docs: tcc-boot2 now builds and runs; update TCC-TODO status

Record that the aarch64 runtime segfault is resolved. The three root
causes were: truncated stack-frame immediate in P1-aarch64.M1pp, lost
argc/argv across __libc_init in entry-libc.P1pp, and for-loop continue
skipping the step expression in cc.scm. Update the status header and
rewrite the blocker section to describe the fixes and their regressions.

Diffstat:

Mdocs/TCC-TODO.md | 52++++++++++++++++++++++++++++++++++------------------


1 file changed, 34 insertions(+), 18 deletions(-)

diff --git a/docs/TCC-TODO.md b/docs/TCC-TODO.md
@@ -37,7 +37,7 @@ head -c 50000 build/tcc/X86_64/tcc.flat.c \
 # then re-run the podman invocation against tcc.head.c
 ```
 
-## Status — tcc-boot2 builds; runtime segfault remains
+## Status — tcc-boot2 builds and runs
 
 The full 608 KB TU now parses to EOF (line 18800) and cg-finish emits
 ~6.5 MB of P1pp. No semantic-coverage gap remains in this TU. Last
@@ -54,11 +54,21 @@ aarch64 cc-debug run:
 ```
 
 The emitted P1pp now assembles through m1pp → M0 → hex2 and links with
-the mes-libc subset via the `tcc-boot2` make target. The active blocker
-is runtime correctness: `build/aarch64/tcc-boot2/tcc-boot2 -version`
-still exits 139 with no stdout.
+the mes-libc subset via the `tcc-boot2` make target. Runtime smoke
+tests now pass under the aarch64 container:
 
-Current traced aarch64 crash tail with `CC_TRACE_EMIT=1`:
+```
+build/aarch64/tcc-boot2/tcc-boot2 -v
+# tcc version 0.9.26 (x86_64 Linux)
+
+build/aarch64/tcc-boot2/tcc-boot2 -E smoke.c
+# preprocesses successfully
+
+build/aarch64/tcc-boot2/tcc-boot2 -c smoke.c -o smoke.o
+# writes an x86-64 relocatable object
+```
+
+The old traced aarch64 crash tail with `CC_TRACE_EMIT=1` was:
 
 ```
 [trace @663108 cc__next_nomacro]
@@ -80,8 +90,24 @@ Address lookup for the tail:
 0x6078e8  _memcpy+0x30
 ```
 
-Source review puts the final `memcpy` after `tal_realloc_impl` returns
-in `tok_alloc_new`:
+That trace was misleading: temporary probes showed `tok_alloc_new`
+completed and returned. Disassembly showed the real fault was a
+truncated AArch64 stack-frame immediate. `cc__next_nomacro1` requested
+a frame larger than 4095 bytes, but `aa64_sub_imm` masked the value to
+12 bits, so later stack slots addressed memory outside the allocated
+frame. `P1/P1-aarch64.M1pp` now emits one or two ADD/SUB-immediate
+instructions for large immediates, including `%enter(size)` frames.
+Regression: `tests/p1/large-addi.P1pp`.
+
+One follow-on runtime issue was also fixed: `P1/entry-libc.P1pp` now
+saves `argc`/`argv` across `__libc_init`, so TCC actually receives its
+command-line arguments. That exposed a compiler bug where `continue`
+inside `for (...; ...; step)` jumped to the condition and skipped the
+step expression. `cc/cc.scm` now lowers `for` loops so `continue`
+lands on the step block. Regression: `tests/cc/133-for-continue.c`.
+
+Historical source review put the final `memcpy` after
+`tal_realloc_impl` returns in `tok_alloc_new`:
 
 ```
 ts = tal_realloc_impl(&toksym_alloc, 0, sizeof(TokenSym) + len);
@@ -89,17 +115,7 @@ ts = tal_realloc_impl(&toksym_alloc, 0, sizeof(TokenSym) + len);
 memcpy(ts->str, str, len);
 ```
 
-So the next investigation should focus on the returned `TokenSym`
-pointer, the computed `TokenSym::str` offset, and the `len` / `str`
-arguments at that call site. The reduced
-`tests/cc-libc/18-tinyalloc-token.c` fixture currently passes, including
-with traced libc, so the failing condition likely depends on the full
-tcc struct layout or parser token stream rather than TinyAlloc alone.
-
-Milestone 4 in [CC.md §Validation milestones](CC.md) remains the end
-goal: compile tcc and verify `tcc-boot2 -version` runs.
-
-Harness target: `make tcc-boot2 ARCH=amd64` (see Makefile +
+Harness target: `make tcc-boot2 ARCH=aarch64` (see Makefile +
 `scripts/boot-build-cc.sh`) drives stage1-flatten on the host, runs
 cc.scm on the flattened TU inside the container, and feeds the P1pp
 into the standard `boot-build-p1pp.sh` pipeline. `TCC_TARGET` selects