[llvm-bugs] [Bug 37458] New: llvm.launder.invariant.group results in miscompile of store-to-load forwarding case
via llvm-bugs
llvm-bugs at lists.llvm.org
Mon May 14 12:28:41 PDT 2018
https://bugs.llvm.org/show_bug.cgi?id=37458
Bug ID: 37458
Summary: llvm.launder.invariant.group results in miscompile of
store-to-load forwarding case
Product: libraries
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: Scalar Optimizations
Assignee: piotr.padlewski at gmail.com
Reporter: richard-llvm at metafoo.co.uk
CC: llvm-bugs at lists.llvm.org
Testcase:
struct A { virtual void f(); int n; };
int h() {
A a;
a.n = 42;
return __builtin_launder(&a)->n;
}
To reproduce:
* Apply https://reviews.llvm.org/D40218 to clang sources (you'll need to
replace CreateInvariantGroupBarrier with CreateLaunderInvariantGroup in
CGBuiltin.cpp to get it to compile)
* Build clang and compile the above sources with -O2 -fstrict-vtable-pointers
This should compile to 'ret i32 42'. But it compiles to 'ret i32 undef'. (Also,
a dead call to 'llvm.launder.invariant.group' is left behind.)
IR testcase (miscompiled by opt -gvn):
%struct.A = type <{ i8*, i8 }>
define i8 @_Z1hv() {
entry:
%a = alloca %struct.A, align 8
%0 = bitcast %struct.A* %a to i8*
%n = getelementptr inbounds %struct.A, %struct.A* %a, i64 0, i32 1
store i8 42, i8* %n
%p = call i8* @llvm.launder.invariant.group.p0i8(i8* nonnull %0)
%n1 = getelementptr inbounds i8, i8* %p, i64 8
%np = bitcast i8* %n1 to i8*
%v = load i8, i8* %np
ret i8 %v
}
declare i8* @llvm.launder.invariant.group.p0i8(i8*)
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20180514/fef53133/attachment.html>
More information about the llvm-bugs
mailing list