<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/57443>57443</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            Inline assembly clobber or output constraint `rbx` is ignored when enabling both LTO and ASAN
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            new issue
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          EAirPeter
      </td>
    </tr>
</table>

<pre>
    Consider the following snippets:
```c
// foo.c
#include <stdio.h>

void* rbx;

void Foo()
{
    char buf[40];
    fgets(buf, 40, stdin);

    asm("movq $0x42, %0\n\t" : "=b"(rbx));
    // Or equivalently:
    // asm("movq $0x42, %%rbx\n\t" ::: "rbx");
}
```

```c
// main.c
void Foo();

#include <stdio.h>

int main()
{
    char buf[40];
    Foo();
    fgets(buf, 40, stdin);
}
```
Build them with `clang -g -O3 -flto -fsanitize=address foo.c main.c`, and then run it.
The program crashes after one or two line(s) of legal input, depending on the platform.
The address sanitizer would complain something like:
```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==2005==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000005a (pc 0x5628d989b12f bp 0x7ffe52d91d50 sp 0x7ffe52d91be0 T0)
==2005==The signal is caused by a READ memory access.
==2005==Hint: address points to the zero page.
    #0 0x5628d989b12f in main /mnt/d/Store/AsanLTO/main.c:11:1
    #1 0x7ff2252c3209  (/lib/x86_64-linux-gnu/libc.so.6+0x29209) (BuildId: a4c98c0c7c7803311fbd918df8fb08db852cef3d)
    #2 0x7ff2252c32bb in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x292bb) (BuildId: a4c98c0c7c7803311fbd918df8fb08db852cef3d)
    #3 0x5628d97dd300 in _start (/mnt/d/Store/AsanLTO/main+0x21300) (BuildId: f3e8832ba1c1f9b0111f110da8a984ab00f841b0)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /mnt/d/Store/AsanLTO/main.c:11:1 in main
==2005==ABORTING
```
It looks like that the crash is caused by a read instruction with a memory operand addressed through `rbx` register, which should have been saved/restored before/after the `asm` construct.

NOTE:
+ The crash can be always reproduced on Windows, Linux and some proprietary platforms, with clang 9.0.1, 12.0.1, 13.0.0 and 14.0.6.
+ The crash can also be reproduced by replacing the `asm` construct with any other inline assemblies with proper constraints and clobbers that writes to `rbx` (or its narrower variants). The actual code in our codebase is `cpuid` but I chose to use `mov` to make it clearer.
+ The problem disappears when you disable either LTO or ASAN, or move `Foo()` to the same translation unit as the caller, i.e. `main.c`.
+ The same snippets run smoothly with GCC.
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzVV11z4jYU_TXmRROPLPNhHnggIaSZSTedJG1nnzKyLYO6RmIlO4T--p4rAwE22XY7fWnGMUaS7z33nvtFbsvt5Moar0vlWLNUrLJ1bTfaLJg3er1WjY_SacRnEZ9GQ95dxe67mOPCGzY-rKTaFHVbKhalV74ptY2XUXq92w33F6vLSEyZy1-j9PJ8h82tjUQWifFuZ7Q7wvBXLKVjeVtFg8s-jwazw_u0WS0Iq8hoX1wxHMCdIBgSdqqJzku_CorEyr58ZZHo89e-oHciMYDwK4P_BtuwZIo1EaWznD5ERsgh8kgqydt5494x9bXVL7JWpqm3B-cdHfmeZlwk_lR9dxGIoFqcGDSanbFzbOgHlK2kNnvOzrx-6qh_Qqg2TRD472j7VvMPkPmB7ZetrkuK5hXb6GbJyP5aIqQvcN2n7KKqG4u7l0Y3-k8FamVZOuV9F8x7_wyDWmmCLMNca5hu4k7HE3Jl7ezCyRUrnPRL5ZmsGmSRNYpZJNPGslobBStgyZjZitVqIWumzbptSHCp1sqUlGrWhNxb17KprFsdqdjj2kN1bGNbGFfYFU5rw7xdqWZJQmr9RX2bq93XaSfmcS8F52bX09nd58fbm0_Tu9076ex_fx0ZIjgfdE_XDw_3D5RB77iBPV7f_EYEtOaLsRtz8Dh_5Ye_gUTyZesCi4OhyMpxNs4TUbF8jZVRVamBKMdJOeDMn6zkirMn_pYVZ7iIYK8XhoLCs0K2XpUs3zLJHkAOW6mVdfhWFMATvy_iJ2QfWbFHvbZY8AzhTQEFEy1by4WKj4tQys_tQBxRyFOBWkGemKNCzx8b6xC98yli7-7pnva6tEinSUK3E5lJZ7cQA1Gkgo9pEWk9rzWq5vw1Gz4P-xfIh_b1YmHabqOIvY2Hkbjkr2KMdyhN8FZI39symNUvxlnBi1ExyniaJkmVw61ZWWVVzrMyz6BNVWl5cPEOjThBk-dk4fMzqXz2jXTN887cH0OY5_8dwvTAwagsU84DwoBtB-vviOhAJXj1W1BVqrIMdsukSKpxzhPAShJeykyOs77MOa-yfpIfRea7VQIhaZixDRW6F0wIFGXYsSFgTWV3UfX4688_Tx8-fzfBfiyy9gH5fsxPL-8fnm4_3bxb6W4bVlv7xYdyiCSQTciEUKLPs8wpWUKVb1xbkFldt5D7xLNr5aj473JLURtwtl2EhkKdeMghYqE9qj7V881SF0vml6FAL-WLYrlC2_B4Iqshg-yGblV19nf9guBBFE0FEFjYHZ74mJlP90_Xb7VdXLKng03EUQ5q6o3ceuABV2VbQA3s-V2b0m48gbujwA69jDoGMbp2WiHetoe2E84FF3TdchzzOKG1RByeUjzxICbp43EYfwRJ1t4SriNA8Dm-1bKgbvWB1TsKDLyPEw7sUA_FyOTVKq81mmw4QPApPsNrMpQ8wlTUNs-V8x3vG6cbFWrhG1_IE_RmjfNGOmc3EPIinZaGxo1xHIyQRdMiwguLiEcg2taF51x6RRFE08S6xRALcXnbsFsMOBZb0IPQom3MdbSJhZVEEOoGwJR0yp15C1bkNYaUUnuJUVsC-IYGja1twxo2mdLBD0gTGiqmj9NPxAMeoSQoexugOpXkWC9BMRxjPKjVobkBhPRdKsi67gJWxyoOePfjzhm-IGb_MyCMP35lwUu97Vi4ubqKe2qSDIdJNkyF6PfKSVqO07HsNbqp1eT2hL3tnh-Cb9sGY9ARg0ckwcnoiiFXgj-UgSsoaHIoD64gsskXvdbVk2XTrMOvlDDcLoCszWMMSFTC65f9xwW8_YcqqAZp71sFvueDUb-f9paToRoNJWr1mFfDLBcq5yjJg0Jw1R-n-OjVMle1n2CCxfht1IYFETSKD2Y9PRFcCJ6lPBHoEv0YATIYjqqkKKXqp6N-1OcKPq5jwhFbt-i5SYCUtwuPzRolxL9twl0wX6mgDvJl2yytm1xPtftFoWL0gvJJAP8XQKAJQw">