<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/59376>59376</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            Miscompile with -fglobal-isel, -ftrivial-auto-var-init=pattern, and thinlto
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            new issue
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          nico
      </td>
    </tr>
</table>

<pre>
    Repro:

1. Download and gunzip attachment at https://bugs.chromium.org/p/chromium/issues/detail?id=1383873#c53
2. `bin/clang++ -fno-delete-null-pointer-checks -fno-ident -fno-strict-aliasing -fstack-protector -fcolor-diagnostics -fmerge-all-constants -ffp-contract=off -flto=thin -fsplit-lto-unit -fwhole-program-vtables -fcomplete-member-pointers -arch arm64 -ffile-compilation-dir=. -no-canonical-prefixes -ftrivial-auto-var-init=pattern -fno-omit-frame-pointer -mmacos-version-min=10.13 -O2 -std=c++20 -fno-exceptions -fno-rtti repro.ii -shared -o librepro.dylib -fuse-ld=lld -Wl,-undefined,dynamic_lookup -w -isysroot $(xcrun -show-sdk-path) -fno-global-isel`
3. `bin/clang++ -fno-delete-null-pointer-checks -fno-ident -fno-strict-aliasing -fstack-protector -fcolor-diagnostics -fmerge-all-constants -ffp-contract=off -flto=thin -fsplit-lto-unit -fwhole-program-vtables -fcomplete-member-pointers -arch arm64 -ffile-compilation-dir=. -no-canonical-prefixes -ftrivial-auto-var-init=pattern -fno-omit-frame-pointer -mmacos-version-min=10.13 -O2 -std=c++20 -fno-exceptions -fno-rtti repro.ii -shared -o librepro.dylib -fuse-ld=lld -Wl,-undefined,dynamic_lookup -w -isysroot $(xcrun -show-sdk-path) -fglobal-isel`
4. Compare disassembly for function `__ZN5blink22NGFragmentItemsBuilder17ConvertToPhysicalERKNS_12PhysicalSizeE`

(The only difference between commands 2 and 3 is `-fno-global-isel` vs `-fglobal-isel`.)

The good dylib has this sequence:

```
% otool -tV librepro.good.dylib | rg -A 233 __ZN5blink22NGFragmentItemsBuilder17ConvertToPhysicalERKNS_12PhysicalSizeE: | rg -A 3 csinc
0000000000002f80        csinc   w8, w8, wzr, ne
0000000000002f84        strh    w8, [sp, #0x38]
0000000000002f88        str     wzr, [sp, #0x40]
0000000000002f8c        ldr     x0, [x24]
```

The bad dylib has this sequence:

```
% otool -tV librepro.bad.dylib | rg -A 233 __ZN5blink22NGFragmentItemsBuilder17ConvertToPhysicalERKNS_12PhysicalSizeE: | rg -A 3 csinc
0000000000003110        csinc   w8, w8, wzr, ne
0000000000003114        strh    w8, [sp, #0x30]
0000000000003118        mov     w9, #-0x55555556
000000000000311c        str     x9, [sp, #0x30]
```

In the bad dylib, we store something to `sp+0x30`, and then clobber it with `0xaaaaaaaa` (the `-ftrivial-auto-var-init=pattern` pattern) immediately.

This is reduced from https://crbug.com/1383873
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzsVk2P27wR_jX0ZUBDIv2lgw_ZdVwERdMiCVqglwVFjqTpUqRKUv7Iry8oeTe7wfYNEOTwHiIYskTymWc4z2g4KkZqHeKere_Y-rBQY-p82DvSflF7c91_wiF4Jt-x4sCK271cwsGfnfXKgHIG2tF9pQFUSkp3PboEKkGX0hAzUByZONZjG5e6C76nsV_60DJxHJg4Pg0xcaQYR4xMHA0mRZbJIxkmD6Xcyd1WMiH1Ws78YglsU9TksgGrXMvEHRN3wBvnuUGLCbkbreWDJ5cwcN2hfozzPJns4PQYUyCduLKkIrkWeBOT0o98CD6hTj4Ab7S3PnBDqnU-JtLZSo-hRa6s5dq7mJRLebQZ8msKSicmD75pgDc2eSYPqSOXjQ-WErfJ89FRduHceYuZrQ2q56ekaotx4uyHaRM99jWGp21E4CroDlToN6tMSBZ5XktWJfKOGwpMHpbAnedaOe9IK8uHgA1dJsMp0ImU5WpMnp9U4OQoOzuolDC4OSq-p8SboHp8Igbe90r7yE8YYibqyWVlimUpgf9dAI8pS6VnHUQxG8KLxiE7dot8SIkg5HxaEgGPnQpogHuwVM_D5mqpBt6MEbnNFq01wP9lmbjnozPYkEPDxL25OtWTfrDeP44D8DNwitcYvE_AxIqJ3UWH0WUOf-bRPPJBpY6Janaktb5WllNEyzbFnFPyd079zqmfzam3Emq1hHvfDyogGIoqRuxre4XGB2hGp_MecsY9PPz747q25B6F-PiXY1BtLqAfEvbxbiRrMJTbe-9OGNIX_4_uGnP833_668fPD6V4ev9MX_H9M_PtLnZfOgTv7BUMNQ0GdBqhxnRGdKB93ytnIoiphEugmN154_uA023m9fCSieolXyZrvTcwB7xTEVJHESL-d8zM350h2dv5d_N2DT55b4Gnf34TLxu8Kci29xBa4O9ASAm_MGzy3QvbEnQkp2eniheXaHYFK6rbbHXeMXEPt_vXkP8cvolasaKKKXTPILa-i8P0IGRxkTu2PrwJ3M3AjJsJXgNXxf8DZv-sycBLccNdxOp59feRf1avVr9WvFr9SbSTZfkT2smy_JF2b0sgyzJr1_tTxlW35by4rOdr8yZEP8t9qf6Q6k39PjhILyWc9oYQkw8I0feYz4sWks-fcrZ7N9ncTAmSC0DqclGwvq4xACU4U-ry2uKiblcuBUzsMs1UDn5Q-PPyp0dRAfU9GlIJ7XX5OvEo5toT0IwaDTTB99_1jjrUY7vUPjeJt25wYfbSVLJSC9yXm22xknK7qxbdXhXFqtZqU1drhVrojSnMSmFTFXq33ki1oL0ohChFsS23Qha75U4X27WsVbktK4nViq0K7BXZpbWnqVNdTI3pfl3J7WZhVY02Tt2yEA7PME0yIXLzHPYZw3Ovy1aFpZjiNyuJksX93yjOpyvOEX5dVcX9jw_Ub4KRs8kvxmD3r-PVUurG-hawzH_7y13Bf1Cnl732tKv_BQAA__98edFu">