http://llvm.org/bugs/show_bug.cgi?id=21084
Bug ID: 21084
Summary: Right-hand side of logical expression gets speculated,
causing jump on uninitialized value
Product: clang
Version: unspecified
Hardware: PC
OS: Windows NT
Status: NEW
Severity: normal
Priority: P
Component: -New Bugs
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Classification: Unclassified
Consider the following:
void f();
bool ReadInt(int*);
void test() {
int local;
if (ReadInt(&local) && local < 8 && local >= 0)
f();
}
Compiled with Clang r218435:
$ bin/clang -O3 -S -o - /tmp/a.cc
.cfi_startproc
# BB#0:
pushq %rax
.Ltmp0:
.cfi_def_cfa_offset 16
leaq 4(%rsp), %rdi
callq _Z7ReadIntPi
cmpl $7, 4(%rsp) <---- Cmp with uninitialized stack value
ja .LBB0_3 <---- Valgrind gets upset
# BB#1:
testb %al, %al <---- Return value of ReadInt checked here
je .LBB0_3
# BB#2:
callq _Z1fv
.LBB0_3:
popq %rax
retq
While the asm looks like it works in practice, Valgrind (and I'd guess other
tools too) get upset about jumping based on an uninitialized value.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs
