[LLVMbugs] [Bug 19012] New: [MS ABI] Bad interaction between inalloca call and expanded memcpy

Fri Feb 28 17:50:57 PST 2014

http://llvm.org/bugs/show_bug.cgi?id=19012

            Bug ID: 19012
           Summary: [MS ABI] Bad interaction between inalloca call and
                    expanded memcpy
           Product: clang
           Version: unspecified
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: normal
          Priority: P
         Component: -New Bugs
          Assignee: unassignedclangbugs at nondot.org
          Reporter: hans at chromium.org
                CC: llvmbugs at cs.uiuc.edu, rnk at google.com
            Blocks: 12477, 18887
    Classification: Unclassified

The following program crashes when built with clang-cl:

(If the #if 1 is changed to #if 0, it doesn't crash. For some reason that
causes us not to expand the memcpy.)

struct Ptr {
  ~Ptr() {}
  int *ptr;
};

#if 1
struct Arr {
  struct {
    struct {
      char name[54];
    } mailbox;
    int texture_target;
    int sync_point;
  } mailbox_holder;
  void *shared_memory;
  struct shared_memory_size {
    int width;
    int height;
  } memory_size;
};
#else
struct Arr {
  char x[76];
};
#endif

void f(Ptr) {}

void g(Arr *a, Arr *b, Ptr *p) {
  *a = *b; // memcpy, possibly expanded to rep movs, clobbering esi
  f(*p);   // inalloca call, causing chkstk, not expecting clobbered esi
};

int main() {
  Ptr p = {};
  Arr a = {}, b = {};
  g(&a, &b, &p);
  return 0;
}

(Reduced from Chromium's cc::CopyOutputResult::TakeTexture.)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20140301/a00c0abc/attachment.html>