<html>

    <head>

      <base href="https://llvm.org/bugs/" />

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW --- - [X86] Clang miscompiles an inline asm output at -O1"

   href="https://llvm.org/bugs/show_bug.cgi?id=26802">26802</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>[X86] Clang miscompiles an inline asm output at -O1

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>3.7

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>Other

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>-New Bugs

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedclangbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>cameron.mcinally@nyu.edu

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvm-bugs@lists.llvm.org

          </td>

        </tr>

        <tr>

          <th>Classification</th>

          <td>Unclassified

          </td>

        </tr></table>

      <p>

        <div>

        <pre>At -O1, Clang seems to miscompile the output of this inline assembly:

#include <stdio.h>

#include <string.h>

#include <stdlib.h>

static inline char *string_cp(char *dest, const char *src) {

  int d0, d1, d2;

  __asm__ __volatile__("1:\tlodsb\n\t"

               "stosb\n\t"

               "testb %%al,%%al\n\t"

               "jne 1b"

               : "=&S" (d0), "=&D" (d1)

               : "0" (src), "1" (dest)

               : "memory");

  return dest;

}

int main(void) {

  const char *inpt = "Hi there.";

  char *out;

  out = (char *)malloc(32*sizeof(char));

  memset(out,'\0',32);

  printf("inpt = %s, out = %s\n",inpt,out);

  out = string_cp(out,inpt);

  printf("inpt = %s, out = %s\n",inpt,out);

  return 0;

}

The expected output is:

inpt = Hi there., out = 

inpt = Hi there., out = Hi there.

Looking at the assembly, we can see that %rax is not restored after the inline

asm loop has clobbered it.

# BB#0:                                 # %entry

        movq    %rdi, %rax

        movl    $.L.str, %esi

        #APP

.Ltmp2:

        lodsb   (%rsi), %al

        stosb   %al, %es:(%rdi)

        testb   %al, %al

        jne     .Ltmp2

        #NO_APP

        # %rax should be restored here. The loop

        # clobbers it.

        retq

Also note that this does compile correctly at -O0, and that inlining avoids the

problem at -O2.</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>