<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/75593>75593</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            [POC][Clang v17.0.6] Optimization resulting in invalid code
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            clang
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          RipleyTom
      </td>
    </tr>
</table>

<pre>
    When compiled with `clang++ -O3 -march=skylake main.cpp` with clang 17.0.6 the following code results in a crash.

>From what I'm able to gather, it inlines blah which inlines the vec.resize() except it doesn't check if size == 0 which result in a crash because it sets 1 bytes to 0 and then decreases the value:
Faulty assembly:
```x86asm
   0x00005555555554d9 <+121>: movsxd r15,DWORD PTR [r13+0x0]
   0x00005555555554dd <+125>:   test r15,r15
   0x00005555555554e0 <+128>:   js     0x555555555578 <_ZN4bloh8add_blahERKSt6vectorI5stuffSaIS1_EE+280>
   0x00005555555554e6 <+134>:   mov    rdi,r15
   0x00005555555554e9 <+137>:   call 0x555555555080 <_Znwm@plt>
   0x00005555555554ee <+142>:   mov r12,rax
   0x00005555555554f1 <+145>:   mov    BYTE PTR [rax],0x0
 0x00005555555554f4 <+148>:   mov    rdx,r15
   0x00005555555554f7 <+151>: dec    rdx
   0x00005555555554fa <+154>:   je     0x555555555508 <_ZN4bloh8add_blahERKSt6vectorI5stuffSaIS1_EE+168>
   0x00005555555554fc <+156>:   lea    rdi,[r12+0x1]
   0x0000555555555501 <+161>:   xor esi,esi
   0x0000555555555503 <+163>:   call   0x555555555050 <memset@plt>
```

r15 is value->size_data, it calls the new with size 0, then decreases the size by 1 which results in 0xFFFFFFFFFFFFFFFF which it checks against 0 and then calls memset with size 0xFFFFFFFFFFFFFFFF and finally results in invalid memory access and the crash.

POC:
```cpp
#include <vector>
#include <cstdint>
#include <cstring>

struct stuff
{
        int size_data;
        std::uint8_t *data;
};

class blah
{
public:
        blah(const stuff *value)
        {
                vec.resize(value->size_data);
                std::memcpy(vec.data(), value->data, value->size_data);
        }

private:
        std::vector<std::uint8_t> vec;
};

class bloh
{
        std::vector<blah> list_blahs;

public:
        void add_blah(const std::vector<stuff> &list_values)
        {
                for (const auto &dastuff : list_values)
                {
                        list_blahs.push_back(blah(&dastuff));
                }
        }
};

int main()
{
        stuff the_stuff[3] = {{5}, {1}, {0}};
        std::vector<stuff> list_stuff;

        for (int i = 0; i < 3; i++)
        {
                the_stuff[i].data = new std::uint8_t[8];
                list_stuff.push_back(the_stuff[i]);
        }

        bloh da_bloh;
        da_bloh.add_blah(list_stuff);

        return 0;
}
```
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJycV11v4jwW_jXm5qjIsXFILrhogEqjlbajzkij3RvkOIZ46iQodijMr1_Z-QRKZ_WiKg32Oc_5enwO5saoQynlCrEEsc2MNzav6tWbOmp5-VkVs7TKLqtfuSxBVMVRaZnBh7I5oBALzcsDIgkiCTy9UngqeC1yRDfm_aL5u4SCq3IujkcU4lbJa0CwnON5CDaXsK-0rj5UeQBRZRJqaRptDagSOIiam3yO8Abh5_b5UlcFfOTcwjdElgXwVEuwFRy4zWWNyBqUBVVqVUoDqeY5fORK5MOSs3iSYl5Lo_5IRCJEYpBnIY_WaWaVNCUiSwsil-Id1B6cHCC6QXQDuENrnZz4CKkUvDHSYRhpDQSQXqyzVwEGXmbOcAmZFLXkpveD60Yi2kfGG20vwI2RRaovwzoKcft3jkJuinYRAPAZY4xZ_1lkMSC6RiQJSIDoFtFnKKqTOWdQBwyR9ebX69sGvv98A8SSOqCIJPiMEds8RswGRNYhAlhpbIfono90JR50o0H3twHwsoMcW0ZObvfffy9SXeURz7Kdq9r27V8_bHiSwlb1N2Zss9__4N9-BLvtFpGERNhhPrQd9rbpYrBdVCdnu87U3zwf8kiXg7bgWk_9xhFu_S4_CrTAR22_dEj2kAty5VAdEOcNPz9U3QeDKruNJfnPz-1QUH52pSRrV9MW7A5qMUBF92k5_yUt-2WvzXp6ZVL0ug-1-KA1luK3vKMB_ic0CMLoq6zvxWA7HGxryUca-INA_EEIvjgIDA9FCIMB6VzVII2Dcc-HqnRQpddsukoAZp5PhSyMtDeEGhrAtA_WAQNl2hbyhOjWdaldxi3vWqAz0XaZUn60ndc3Muz2P-lFfjO9QHDV4XwbxueXm0_fU7suaYAfuCqNnba61oE2oKn9ezCnslcl1_oyNavKE9cqcxBVfQEuhDSmx_9kMnx_Xd_3TDd52hVCVSl0k_mj2DJqzPDVpjA2U6V9vFur8jDu-qexdSMseIZ268ukF4hVaWEsEB03jM2cz_S5UaWNdhYQeb6WWW4m8u4pNDftZLuxc2xSrcSYAhx7IRKJypXGu-bw26lD4kFs6inC8dV0_Ixf8TSCaRCFLMTx4rSkmLeybrw6xg04PUX_DrzcTMM-1urErZyGN9jtq7m-TSeiWzfs_49sVrfZ_BTfJ5RuQStjfX8yN3D3NThVKoO-nU2Kce-6Yw7dAiKhh_cJMl_UaV_VMADyxlZONeNdnekzPIK5Q0I4HiOaHxuT71Iu3hGJOqdHYF_OWwJMSjV5v8u1OwXu52DHik_y7Ty3udy1plhCEdu4n17gxJYJc5hk7b4F4yt2r1fGPmVGl14faPftyrsxo85P5c1iRBP_ugbqX9tful8UZeq9Qmzjj4HHcm34jp8sidzcuU7n6OJVLW6hvz4v_vhXOWR859k9keyW5hNWTrJyhdpp1NI2denTMRb3utHOshXNYhrzmVwFS0zCBcULPMtXmYizFMdpxAihhAdhugj3jJIwWuKY4MVMrQgmNCABCwhZYDyPI7ZMF1EU0jQkMQvRAsuCKz3X-lTMq_owU8Y0crVkLKYzzVOpjb-7ENJdR4i7xtQrJ_-UNgeDFthFaEYEq6z2Fx43NdgGsWTt7yWn9mLiePd6tKpQf7hVVdnNJXdJmUwmd1-ZNbVe5dYejasseUHk5aBs3qRzURWIvDiL3b-nY139lsIi8uIDMIi8-Bj-FwAA__-AD8O4">