[llvm-bugs] [Bug 28748] New: Undefined parameter value passed to tail call byval argument
via llvm-bugs
llvm-bugs at lists.llvm.org
Wed Jul 27 18:59:27 PDT 2016
https://llvm.org/bugs/show_bug.cgi?id=28748
Bug ID: 28748
Summary: Undefined parameter value passed to tail call byval
argument
Product: clang
Version: trunk
Hardware: PC
OS: All
Status: NEW
Severity: normal
Priority: P
Component: C++
Assignee: unassignedclangbugs at nondot.org
Reporter: ghoflehner at apple.com
CC: dgregor at apple.com, llvm-bugs at lists.llvm.org
Classification: Unclassified
In a thunk dead store elimination (DSE) deletes a store to the stack. This
causes an undefined value loaded from that stack address passed a to a byval
parameter to a tail call. At least this is not supported by the current
implementation and likely should be forbidden (and documented + verified
accordingly). The change-set introducing the issue was r244207 - Mark calls in
thunk functions as tail-call optimization candidates to suppress thunks on
debugger call stacks.
Test case:
// RUN: %clang_cc1 %s -I%S -isystem %S/Inputs -emit-llvm -triple
i386-apple-darwin9 -Wno-incompatible-ms-struct -o - -Os | opt - -dse -S -o - |
FileCheck %s
#pragma ms_struct on
#include <stddef.h>
#include <stdint.h>
extern "C" int rand();
struct
IByteStream
{
public:
};
class IEmpty {};
class CRepro
{
protected:
CRepro( IEmpty* p) : mp(p) {};
virtual ~CRepro() {}
IEmpty* mp;
};
class BStream : public CRepro, public IByteStream
{
protected:
BStream( IEmpty *p);
virtual ~BStream(){} ;
protected:
int32_t Ref;
};
class CStream : public BStream
{
public:
static uint32_t Create(uint32_t m, IByteStream **ppS, IEmpty *p);
private:
CStream(bool fD, bool fZero, IEmpty *p) ;
};
typedef union _LARGE {
struct {
uint32_t Low;
int32_t High;
} DUMMYSTRUCTNAME;
struct {
uint32_t Low;
int32_t High;
} u;
int64_t Quad;
} LARGE;
class I
{
public:
virtual uint32_t Seek(LARGE dlibMove, uint32_t Origin, LARGE *plibNP) =
0;
};
class CBase : public CRepro
{
protected:
CBase(IByteStream *ps, IEmpty *p);
virtual ~CBase() {};
protected:
uint64_t Offset;
uint32_t ThreadId;
};
class C : public CBase, public I
{
public:
static uint32_t Create(IByteStream *ps, wchar_t *w, I **ppi, IEmpty
*p);
uint32_t Seek(LARGE dlibMove, uint32_t Origin, LARGE *plibNP);
private:
C(IByteStream *ps, IEmpty *p) ;
~C() {};
};
uint32_t C::Seek(LARGE dlibMove, uint32_t Origin, LARGE *plibNP)
{
uint32_t hr = 1;
if (Origin != 1 || dlibMove.Quad != 0)
{
if (ThreadId != 0 && ThreadId != (uint32_t)rand())
{
hr = 3;
goto LError;
}
if (Origin == 0)
{
Offset = (uint64_t) dlibMove.Quad;
}
}
LError:
if (plibNP != NULL)
(*plibNP).Quad = Offset;
return hr;
}
// CHECK: define i32 @_ZThn20_N1C4SeekE6_LARGEjPS0_
// CHECK: store i64
// CHECK: ret
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20160728/0c21a8e3/attachment.html>
More information about the llvm-bugs
mailing list