[LLVMbugs] [Bug 20415] New: crash due to incorrect ARM code generated for std::vector initialization

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Wed Jul 23 11:09:56 PDT 2014 

http://llvm.org/bugs/show_bug.cgi?id=20415

            Bug ID: 20415
           Summary: crash due to incorrect ARM code generated for
                    std::vector initialization
           Product: clang
           Version: 3.4
          Hardware: Macintosh
                OS: MacOS X
            Status: NEW
          Severity: normal
          Priority: P
         Component: C++
          Assignee: unassignedclangbugs at nondot.org
          Reporter: itsme at xs4all.nl
                CC: dgregor at apple.com, llvmbugs at cs.uiuc.edu
    Classification: Unclassified

compile and link the code pasted below to an ios binary, make sure you call the
'tstv' function.

the program will crash when compiled with -O3


commandline used to generate the assembly listing:

clang++ -S -arch armv7s -O3  -isysroot
/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS7.1.sdk
-o armv7s.s tstv.cpp

my compiler version:

Apple LLVM version 5.1 (clang-503.0.40) (based on LLVM 3.4svn)

the xcode6 beta compiler ( Apple LLVM version 6.0 (clang-600.0.41.2) (based on
LLVM 3.5svn)  )
shows the same problem


======= tstv.cpp
#include <vector>

extern void logmsg(const char*);

template<typename T>
struct buf : std::vector<T>
{
    buf(int n) : std::vector<T>(n) { logmsg("+"); }
    ~buf() { logmsg("-"); }
};

void tstv()
{
    buf<int>  b(256);
    buf<char> a(256); // <<< here will be the crash
}

======== logmsg.cpp
// this needs to be in a seperate compilation unit
void logmsg(const char*)
{
}

===========================
the generated assembly code showing the problem

Ltmp1:
@ BB#3:                                 @ %_ZN3bufIiEC1Ei.exit
    ldr    r0, [sp, #8]    @ <<<<<<<<<<< problem: reading uninitialized ptr
value before 'new' is stored
    str    r0, [sp]                @ 4-byte Spill
    movs    r0, #2
    str    r0, [sp, #16]
Ltmp3:
    mov.w    r0, #256
    blx    __Znwm
Ltmp4:
@ BB#4:                                 @
%_ZN3bufIiEC1Ei.exit..preheader_crit_edge
    ldr    r2, [sp]                @ 4-byte Reload
    movs    r1, #0
    str    r0, [sp, #8]
    mvn    r0, #255
LBB0_5:                                 @ %.preheader
                                        @ =>This Inner Loop Header: Depth=1
    cmp    r2, #0
    ite    ne
    strbne    r1, [r2]        @ <<<<<<<<<<< using wrong value loaded at Ltmp1
    moveq    r2, #0
    adds    r0, #1
    add.w    r2, r2, #1
    bne    LBB0_5

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20140723/16750712/attachment.html>

More information about the llvm-bugs mailing list