<div dir="ltr"><div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Apr 4, 2020 at 9:33 AM Akash Banerjee via llvm-dev <<a href="mailto:llvm-dev@lists.llvm.org">llvm-dev@lists.llvm.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div dir="ltr">Please consider the following C code:<div><font face="monospace"><b> #define SZ 2048<br> int main(void) {<br> int A[SZ];<br> int B[SZ];<br> int i, tmp;<br> for (i = 0; i < SZ; i++) {<br> tmp = A[i];<br> B[i] = tmp;<br> }<br> assert(A[SZ/2] == B[SZ/2]);<br> }</b></font><br></div><div><br></div><div>On running -O1 followed by -reg2mem I get the following IR:</div><div><font face="monospace"><b>define dso_local i32 @main() local_unnamed_addr #0 {<br>entry:<br> %A = alloca [2048 x i32], align 16<br> %B = alloca [2048 x i32], align 16<br> %"reg2mem alloca point" = bitcast i32 0 to i32<br> %arrayidx3 = getelementptr inbounds [2048 x i32], [2048 x i32]* %A, i64 0, i64 1024<br> %0 = load i32, i32* %arrayidx3, align 16<br> %arrayidx4 = getelementptr inbounds [2048 x i32], [2048 x i32]* %B, i64 0, i64 1024<br> %1 = load i32, i32* %arrayidx4, align 16<br> %cmp5 = icmp eq i32 %0, %1<br> %conv = zext i1 %cmp5 to i32<br> %call = call i32 (i32, ...) bitcast (i32 (...)* @assert to i32 (i32, ...)*)(i32 %conv) #2<br> ret i32 0<br>}</b></font><br></div><div><font face="monospace"><b><br></b></font></div><div>It is my understanding that in the original C code the assert would never fail, however in the optimized IR the assert might fail.</div></div></blockquote><div><br></div><div>Reading uninitialized memory is undefined behavior in C I believe, so even without talking about LLVM IR semantics your original program is incorrect as soon a you read from A.</div><div><br></div><p style="margin:0px;font-stretch:normal;font-size:13px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span style="font-variant-ligatures:no-common-ligatures">clang ub.c -fsanitize=memory && ./a.out</span></p>
<p style="margin:0px;font-stretch:normal;font-size:13px;line-height:normal;font-family:Menlo;color:rgb(202,51,35)"><span style="font-variant-ligatures:no-common-ligatures"><b>==10365==WARNING: MemorySanitizer: use-of-uninitialized-value</b></span></p>
<p style="margin:0px;font-stretch:normal;font-size:13px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span style="font-variant-ligatures:no-common-ligatures"> #0 0x496ce7 in main (/tmp/a.out+0x496ce7)</span></p>
<p style="margin:0px;font-stretch:normal;font-size:13px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span style="font-variant-ligatures:no-common-ligatures"> #1 0x7f2e71f27bba in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x26bba)</span></p>
<p style="margin:0px;font-stretch:normal;font-size:13px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span style="font-variant-ligatures:no-common-ligatures"> #2 0x41e299 in _start (/tmp/a.out+0x41e299)</span></p>
<p style="margin:0px;font-stretch:normal;font-size:13px;line-height:normal;font-family:Menlo;color:rgb(0,0,0);min-height:15px"><span style="font-variant-ligatures:no-common-ligatures"></span><br></p>
<p style="margin:0px;font-stretch:normal;font-size:13px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span style="font-variant-ligatures:no-common-ligatures">SUMMARY: MemorySanitizer: use-of-uninitialized-value (/tmp/a.out+0x496ce7) in main</span></p>
<p style="margin:0px;font-stretch:normal;font-size:13px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span style="font-variant-ligatures:no-common-ligatures">Exiting</span></p><div> </div><div><br></div><div>-- </div><div>Mehdi</div><div><br></div></div></div></div>