<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - clang -O2 miscompiles pointer arithmetics"

   href="https://bugs.llvm.org/show_bug.cgi?id=33990">33990</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>clang -O2 miscompiles pointer arithmetics

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>new-bugs

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>4.0

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Windows NT

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>enhancement

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>new bugs

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>rhash.admin@gmail.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Created <span class=""><a href="attachment.cgi?id=18870" name="attach_18870" title="the miscompiled file">attachment 18870</a> <a href="attachment.cgi?id=18870&action=edit" title="the miscompiled file">[details]</a></span>

the miscompiled file

Hi,

I've got clang miscompilation bug on 64-bit Ubuntu 17.04 with its default clang

4.0.

Bug description:

`clang -S -O2` miscompiles the following C code:

--- Begin of ud2_main.c ---

unsigned long long foo();

int main()

{

        char* c = (char*)0 + foo();

        int res = c[0] + c[1];

        return res;

}

--- End of ud2_main.c ---

The call `clang -S -O2 ud2_main.c` compiles the function main() to:

        pushq   %rax

.Lcfi0:

        .cfi_def_cfa_offset 16

        xorl    %eax, %eax

        callq   foo

        ud2

Then ud2 instruction leads to core dump.

To compile and test the program you need the second file with foo():

--- Begin of ud2_foo.c ---

unsigned long long foo()

{

        static char* ptr = "\3\5";

        return (unsigned long long)(ptr - (char*)0);

}

--- End of ud2_foo.c ---

Here is testing results:

$ clang -O2 ud2_main.c ud2_foo.c -o ud2_clang

$ ./ud2_clang

Illegal instruction (core dumped)

# succesfull tests with gcc and 'clang -O0'

$ gcc -O2 ud2_main.c ud2_foo.c -o ud2_gcc && ./ud2_gcc; echo $?

8

$ clang -O0 ud2_main.c ud2_foo.c -o ud2_clangO0 && ./ud2_clangO0; echo $?

8

The bug occurs with -O1 or -O2 optimizations (doesn't with -O0), and only with

the foo() function declared in a separate file.

The system info:

$ uname -a

Linux ubuntu64 4.10.0-28-generic #32-Ubuntu SMP Fri Jun 30 05:32:18 UTC 2017

x86_64 x86_64 x86_64 GNU/Linux

$ clang -v

clang version 4.0.0-1ubuntu1 (tags/RELEASE_400/rc1)

Target: x86_64-pc-linux-gnu

Thread model: posix

InstalledDir: /usr/bin</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>