<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - [X86] LLVM 7.0.x optimises out variable init at -O1"

   href="https://bugs.llvm.org/show_bug.cgi?id=40681">40681</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>[X86] LLVM 7.0.x optimises out variable init at -O1

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>libraries

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>7.0

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>All

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>enhancement

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Backend: X86

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>vit9696@avp.su

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>craig.topper@gmail.com, llvm-bugs@lists.llvm.org, llvm-dev@redking.me.uk, spatel+llvm@rotateright.com

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Created <span class=""><a href="attachment.cgi?id=21463" name="attach_21463" title="Test C file">attachment 21463</a> <a href="attachment.cgi?id=21463&action=edit" title="Test C file">[details]</a></span>

Test C file

LLVM 7.0 generates invalid code optimises out variable zeroing for 32-bit X86

at -O1 or higher when sanitizers are enabled. I was able to reproduce the issue

with AddressSanitizer or UndefinedBehaviorSanitizer enabled, yet I believe they

are just the trigger point. The IR looks fine, so most likely the issue lies in

LLVM itself.

The bug is not reproducible on LLVM 8.0 or trunk. If LLVM 7.1 release is

abandoned, it should be closed, otherwise I believe it is to be release

blocker.

Test example is provided in the attachment. Both C file and generated .S file.

clang -S -c -target i386-gnu-linux -march=pentium2 -pipe -nostdinc

-fno-asynchronous-unwind-tables -O1 -fno-builtin -I. -fno-omit-frame-pointer

-m32 -fno-stack-protector -fsanitize=address -c d.c -o d.S

Relevant comments for generated asm:

pushl %esi

...

# implicit-def: $esi ; allocates r temporary in %esi, which is filled with

random data

...

movl %esi, -16(%ebp) 

...

calll func1

testl %eax, %eax

movl -16(%ebp), %ecx ; writes random data to %ecx

cmovsl %eax, %ecx ; if (%eax < 0) %ecx = %eax

movl %ecx, -16(%ebp) ; %ecx is returned back to stack

...

jns .LBB0_11 → if (%eax < 0) goto 11

jmp .LBB0_19

...

.LBB0_19:

...

movl -16(%ebp), %eax ; function returns random data when func1 returns >= 0

...

ret</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>