<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - Invalid optimization: two different array indices are considered equal"

   href="https://bugs.llvm.org/show_bug.cgi?id=46055">46055</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>Invalid optimization: two different array indices are considered equal

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>10.0

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>C

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedclangbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>bruno@clisp.org

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>blitzrakete@gmail.com, dgregor@apple.com, erik.pilkington@gmail.com, llvm-bugs@lists.llvm.org, richard-llvm@metafoo.co.uk

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Created <span class=""><a href="attachment.cgi?id=23527" name="attach_23527" title="Test case">attachment 23527</a> <a href="attachment.cgi?id=23527&action=edit" title="Test case">[details]</a></span>

Test case

The attached program, foo.c, ought to exit with code 3 if calloc() fails, and

with code 2 if calloc() succeeds.

Without optimization, it's as expected:

$ clang -Wall foo.c

$ ./a.out; echo $?

3

With optimization, it's wrong:

$ clang -Wall -O2 foo.c

$ ./a.out; echo $?

0

Here's the output of the clang optimizer:

$ clang -Wall -O2 -S foo.c && cat foo.s

        .text

        .file   "foo.c"

        .globl  main                    # -- Begin function main

        .p2align        4, 0x90

        .type   main,@function

main:                                   # @main

        .cfi_startproc

# %bb.0:

        xorl    %eax, %eax

        retq

.Lfunc_end0:

        .size   main, .Lfunc_end0-main

        .cfi_endproc

                                        # -- End function

        .ident  "clang version 10.0.0 "

        .section        ".note.GNU-stack","",@progbits

        .addrsig

As you can see, clang must have evaluated the condition (s[n - 1].c[0]) to

true. But since the memory of s was freshly allocated and zero-filled and the

index n-1 is different from 0, this condition ought to have evaluated to false.

Probably the bug is related to the fact that (n-1) * sizeof (S8) is a multiple

of 2^64.

If clang is assuming a flat address space (of size 2^64), it may indeed

simplify (n-1) * sizeof (S8) to zero, but then it must not assume that calloc()

will return a non-NULL pointer.

If clang is NOT assuming a flat address space, it must not simplify (n-1) *

sizeof (S8) to zero.</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>