[llvm-bugs] [Bug 41219] New: Wrong code generation

via llvm-bugs llvm-bugs at lists.llvm.org
Mon Mar 25 03:21:16 PDT 2019


https://bugs.llvm.org/show_bug.cgi?id=41219

            Bug ID: 41219
           Summary: Wrong code generation
           Product: new-bugs
           Version: 5.0
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: new bugs
          Assignee: unassignedbugs at nondot.org
          Reporter: jacob at jacob.remcomp.fr
                CC: htmldeveloper at gmail.com, llvm-bugs at lists.llvm.org

CLANG VERSION
--------------------------------------------------------------
jacob at rock64:~/lcc/lccarm64/test$ clang -v
clang version 5.0.0 (http://root.cern.ch/git/clang.git
dd71e0397cfc8667d4c75ef5b4a1b35802608e59) (http://root.cern.ch/git/llvm.git
e0b472e46eb5861570497c2b9efabf96f2d4a485)
Target: aarch64-unknown-linux-gnu
Thread model: posix
InstalledDir: /usr/local/bin
Found candidate GCC installation: /usr/lib/gcc/aarch64-linux-gnu/6
Found candidate GCC installation: /usr/lib/gcc/aarch64-linux-gnu/6.3.0
Selected GCC installation: /usr/lib/gcc/aarch64-linux-gnu/6.3.0
Candidate multilib: .;@m64
Selected multilib: .;@m64

COMPILATION OPTION
------------------
-O2

TEST CODE:
------------------------------------------------------------
  1 #include <stdio.h>
  2 #include <string.h>
  3 #include <stdlib.h>
  4 int stricmp(char *,char *);
  5 typedef struct tagFileList {
  6     struct tagFileList *Next;
  7     char *fName;
  8 }          FILELIST;
  9 static FILELIST *OnceFiles;
 10 #define PATH_SEPARATOR '/'
 11 extern char *WorkingDir;
 12 char *EliminateRelativePaths(char *);
 13 void AddToOnceFiles(char *fname)
 14 {
 15     FILELIST *rvp;
 16     if (OnceFiles == NULL) {
 17         OnceFiles = malloc(sizeof(FILELIST));
 18         rvp = OnceFiles;
 19     }
 20     else {
 21         rvp = OnceFiles;
 22         while (rvp->Next) {
 23             rvp = rvp->Next;
 24         }
 25         rvp->Next = malloc(sizeof(FILELIST));
 26         if (rvp->Next == NULL) {
 27             exit(-1);
 28         }
 29         rvp = rvp->Next;
 30     }
 31     rvp->Next = NULL;
 32     rvp->fName = EliminateRelativePaths(fname);
 33 }
 34 int IsOnceFile(char *fname)
 35 {
 36     FILELIST *rvp;
 37     char tmpbuf[512];
 38 
 39     if (fname[0] == '.' && fname[1] == PATH_SEPARATOR)
 40         sprintf(tmpbuf,"%s%c%s",WorkingDir,PATH_SEPARATOR,fname+2);
 41     else strcpy(tmpbuf,fname);
 42     rvp = OnceFiles;
 43     while (rvp) {
 44         if (!stricmp(tmpbuf, rvp->fName))
 45             return (1);
 46         rvp = rvp->Next;
 47     }
 48     return (0);
 49 }
GENERATED CODE
  1     .text
  2     .file   "clangbug.c"
  3     .globl  AddToOnceFiles          // -- Begin function AddToOnceFiles
  4     .p2align    2
  5     .type   AddToOnceFiles, at function
  6 AddToOnceFiles:                         // @AddToOnceFiles
  7 // BB#0:                                // %entry
  8     str x21, [sp, #-48]!        // 8-byte Folded Spill
  9     adrp    x8, OnceFiles.init
 10     ldrb    w9, [x8, :lo12:OnceFiles.init]
 11     stp x20, x19, [sp, #16]     // 8-byte Folded Spill
 12     mov  x19, x0
 13     stp x29, x30, [sp, #32]     // 8-byte Folded Spill
 14     cmp     w9, #1          // =1
 15     add x29, sp, #32            // =32
 16     b.ne    .LBB0_5
 17 // BB#1:                                // %while.cond.preheader
 18     adrp    x8, OnceFiles.body
 19     add x8, x8, :lo12:OnceFiles.body
 20 .LBB0_2:                                // %while.cond
 21                                         // =>This Inner Loop Header:
Depth=1
 22     mov  x21, x8
 23     ldr     x8, [x21]
 24     cbnz    x8, .LBB0_2
 25 // BB#3:                                // %while.end
 26     orr w0, wzr, #0x10
 27     bl  malloc
 28     mov  x20, x0
 29     str     x20, [x21]
 30     cbnz    x20, .LBB0_6
 31 // BB#4:                                // %if.then6
 32     mov w0, #-1
 33     bl  exit
 34 .LBB0_5:                                // %if.then
 35     orr w9, wzr, #0x1
 36     adrp    x20, OnceFiles.body
 37     strb    w9, [x8, :lo12:OnceFiles.init]
 38     add x20, x20, :lo12:OnceFiles.body
 39 .LBB0_6:                                // %if.end8
 40     mov  x0, x19
 41     str     xzr, [x20]
 42     bl  EliminateRelativePaths
 43     str x0, [x20, #8]
 44     ldp x29, x30, [sp, #32]     // 8-byte Folded Reload
 45     ldp x20, x19, [sp, #16]     // 8-byte Folded Reload
 46     ldr x21, [sp], #48          // 8-byte Folded Reload
 47     ret
 48 .Lfunc_end0:
 49     .size   AddToOnceFiles, .Lfunc_end0-AddToOnceFiles
 50                                         // -- End function
 51     .globl  IsOnceFile              // -- Begin function IsOnceFile
 52     .p2align    2
 53     .type   IsOnceFile, at function
 54 IsOnceFile:                             // @IsOnceFile
 55 // BB#0:                                // %entry
 56     stp x28, x19, [sp, #-32]!   // 8-byte Folded Spill
 57     stp x29, x30, [sp, #16]     // 8-byte Folded Spill
 58     add x29, sp, #16            // =16
 59     sub sp, sp, #512            // =512
 60     mov  x8, x0
 61     ldrb        w9, [x8]
 62     cmp     w9, #46         // =46
 63     b.ne    .LBB1_3
 64 // BB#1:                                // %land.lhs.true
 65     ldrb    w9, [x8, #1]
 66     cmp     w9, #47         // =47
 67     b.ne    .LBB1_3
 68 // BB#2:                                // %if.then
 69     adrp    x9, WorkingDir
 70     ldr x2, [x9, :lo12:WorkingDir]
 71     adrp    x1, .L.str
 72     add x4, x8, #2              // =2
 73     add x1, x1, :lo12:.L.str
 74     mov  x0, sp
 75     mov w3, #47
 76     bl  sprintf
 77     b   .LBB1_4
 78 .LBB1_3:                                // %if.else
 79     mov  x0, sp
 80     mov  x1, x8
 81     bl  strcpy
 82 .LBB1_4:                                // %while.body.preheader
 83 adrp    x19, OnceFiles.body
 84 add x19, x19, :lo12:OnceFiles.body
 85 .LBB1_5:                                // %while.body
 86 // =>This Inner Loop Header: Depth=1
 87 ldr x1, [x19, #8]
 88 mov  x0, sp
 89 bl  stricmp
 90 cbz w0, .LBB1_8
 91 // BB#6:                                // %if.end12
 92 //   in Loop: Header=BB1_5 Depth=1
 93 ldr     x19, [x19]
 94 cbnz    x19, .LBB1_5
 95 // BB#7:
 96 mov  w0, wzr
 97 b   .LBB1_9
 98 .LBB1_8:
 99 orr w0, wzr, #0x1
100 .LBB1_9:                                // %cleanup
101 add sp, sp, #512            // =512
102 ldp x29, x30, [sp, #16]     // 8-byte Folded Reload
103 ldp x28, x19, [sp], #32     // 8-byte Folded Reload
104 ret
105 .Lfunc_end1:
106 .size   IsOnceFile, .Lfunc_end1-IsOnceFile
107 // -- End function
108 .type   OnceFiles.init, at object  // @OnceFiles.init
109 .local  OnceFiles.init
110 .comm   OnceFiles.init,1,1
111 .type   .L.str, at object          // @.str
112 .section    .rodata.str1.1,"aMS", at progbits,1
113 .L.str:
114 .asciz  "%s%c%s"
115 .size   .L.str, 7
116 
117 .type   OnceFiles.body, at object  // @OnceFiles.body
118 .data
119 .p2align    3
120 OnceFiles.body:
121 .zero   16
122 .size   OnceFiles.body, 16
123 
124 
125 .ident  "clang version 5.0.0 (http://root.cern.ch/git/clang.git
dd71e0397cfc8667d4c75ef5b4a1b35802608e59) (http:    //root.cern.ch/git/llvm.git
e0b472e46eb5861570497c2b9efabf96f2d4a485)"
126 .section    ".note.GNU-stack","", at progbits

DESCRIPTION AND ANALYSIS
----------------------------------------------------------------
The incorrect code generation occurs in line 43 of the C source code. As you
can see, the test "while (rvp) " is eliminated. CLANG believes wrongly that
"rvp" is an object, when in fact it is declared as a POINTER. Since it believes
it is an object, the test is eliminated and the program crashes the first time
that it passes through that code since the generated static object conteins
only NULLS and the call to stricmp will crash: rvp->fname is NULL.
Look at lines 83-86 of the generated assembly code.

I haven't been able to test this bug in more recent versions of CLANG since
compilation of CLANG from source takes approx 20 hours in the small ARM64
machine I have. I am compiling the latest version, but I wanted to report you
this problem first. The vesrion of CLANG I obtained came with CLING, that
crashes immediately at any serious program. This is maybe due to this bug or to
other bugs, I haven't investigated that yet.


I remain available for any further questions you may have.

Thanks in advance

jacob navia

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190325/64256995/attachment-0001.html>


More information about the llvm-bugs mailing list