<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - struct return mis-compilation in C with escaped address"

   href="https://bugs.llvm.org/show_bug.cgi?id=37742">37742</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>struct return mis-compilation in C with escaped address

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>new-bugs

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>3.8

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>new bugs

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>travis.downs@gmail.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Created <span class=""><a href="attachment.cgi?id=20403" name="attach_20403" title="bugpoint stdout">attachment 20403</a> <a href="attachment.cgi?id=20403&action=edit" title="bugpoint stdout">[details]</a></span>

bugpoint stdout

Consider the following small program:

/*

 * main.c

 */

#include <stdio.h>

#include <stdlib.h>

typedef struct { char x[32]; } Foo;

void sink(void *l, void *r)

{

   puts(l == r ? "equal" : "not equal");

}

Foo make(void *p) {

    Foo f2;

    sink(&f2, p);

    return f2;

}

int main() {

    Foo f1 = make(&f1);

}

Since f1 and f2 are distinct objects, they must also have unequal addresses and

we expect the above to return "not equal". However, on clang 3.8 through trunk

(7ish) it returns "equal" for -O1 and above.

Note that "return f2" is returning an uninitialized struct - but this isn't a

necessary component of the issue (and I don't think its UB anyways): if you put

sink in a separate compilation unit, and call exit(0) after the comparison, the

issue still happens even though we never reach the return of the uninitialized

value. I just used the example above since it is a single-file example (no

doubt you can find some way to get it to work single-file w/o the uninitialized

return).

Bugpoint reports that the miscompiling pass is memcpyopt. The full bugpoint

output is attached.</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>