<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - clang crashes on valid code at -Os and above on x86_64-linux-gnu: Assertion `Index < Length && "Invalid index!"' failed"

   href="https://bugs.llvm.org/show_bug.cgi?id=52090">52090</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>clang crashes on valid code at -Os and above on x86_64-linux-gnu: Assertion `Index < Length && "Invalid index!"' failed

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>new-bugs

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>unspecified

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>All

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>enhancement

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>new bugs

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>zhendong.su@inf.ethz.ch

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>htmldeveloper@gmail.com, llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>[503] % clangtk -v

clang version 14.0.0 (<a href="https://github.com/llvm/llvm-project.git">https://github.com/llvm/llvm-project.git</a>

a84b78198cdd76a2171fdf6b0d80e49f4a4cf572)

Target: x86_64-unknown-linux-gnu

Thread model: posix

InstalledDir: /local/suz-local/opfuzz/bin

Found candidate GCC installation: /usr/lib/gcc/i686-linux-gnu/8

Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6

Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6.5.0

Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7

Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7.5.0

Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/8

Selected GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7.5.0

Candidate multilib: .;@m64

Candidate multilib: 32;@m32

Candidate multilib: x32;@mx32

Selected multilib: .;@m64

[504] % 

[504] % clangtk -O1 small.c; ./a.out

[505] % 

[505] % clangtk -Os small.c

clang-14:

/local/suz-local/software/clangbuild/llvm-project/llvm/include/llvm/ADT/ArrayRef.h:257:

const T& llvm::ArrayRef<T>::operator[](size_t) const [with T = llvm::Value*;

size_t = long unsigned int]: Assertion `Index < Length && "Invalid index!"'

failed.

PLEASE submit a bug report to <a href="https://bugs.llvm.org/">https://bugs.llvm.org/</a> and include the crash

backtrace, preprocessed source, and associated run script.

Stack dump:

0.      Program arguments:

/local/suz-local/software/local/clang-trunk/bin/clang-14 -cc1 -triple

x86_64-unknown-linux-gnu -emit-obj --mrelax-relocations -disable-free

-main-file-name small.c -mrelocation-model static -mframe-pointer=none

-fmath-errno -fno-rounding-math -mconstructor-aliases -funwind-tables=2

-target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb

-fcoverage-compilation-dir=/home/suz -resource-dir

/local/suz-local/software/local/clang-trunk/lib/clang/14.0.0 -I

/usr/local/include/csmith -I /local/suz-local/software/local/include

-internal-isystem

/local/suz-local/software/local/clang-trunk/lib/clang/14.0.0/include

-internal-isystem /usr/local/include -internal-isystem

/usr/lib/gcc/x86_64-linux-gnu/7.5.0/../../../../x86_64-linux-gnu/include

-internal-externc-isystem /usr/include/x86_64-linux-gnu

-internal-externc-isystem /include -internal-externc-isystem /usr/include -Os

-fdebug-compilation-dir=/home/suz -ferror-limit 19 -fgnuc-version=4.2.1

-fcolor-diagnostics -vectorize-loops -vectorize-slp -faddrsig

-D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/small-39809b.o -x c small.c

1.      <eof> parser at end of file

2.      Optimizer

 #0 0x00005648820ddc9f PrintStackTraceSignalHandler(void*) Signals.cpp:0:0

 #1 0x00005648820db44d SignalHandler(int) Signals.cpp:0:0

 #2 0x00007f04f8c85980 __restore_rt

(/lib/x86_64-linux-gnu/libpthread.so.0+0x12980)

 #3 0x00007f04f7936fb7 raise

/build/glibc-S9d2JN/glibc-2.27/signal/../sysdeps/unix/sysv/linux/raise.c:51:0

 #4 0x00007f04f7938921 abort /build/glibc-S9d2JN/glibc-2.27/stdlib/abort.c:81:0

 #5 0x00007f04f792848a __assert_fail_base

/build/glibc-S9d2JN/glibc-2.27/assert/assert.c:89:0

 #6 0x00007f04f7928502 (/lib/x86_64-linux-gnu/libc.so.6+0x30502)

 #7 0x00005648822f813e

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3cc713e)

 #8 0x00005648822fcca8

llvm::slpvectorizer::BoUpSLP::TreeEntry::isSame(llvm::ArrayRef<llvm::Value*>)

const (/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3ccbca8)

 #9 0x000056488230d71a

llvm::slpvectorizer::BoUpSLP::isGatherShuffledEntry(llvm::slpvectorizer::BoUpSLP::TreeEntry

const*, llvm::SmallVectorImpl<int>&,

llvm::SmallVectorImpl<llvm::slpvectorizer::BoUpSLP::TreeEntry const*>&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3cdc71a)

#10 0x0000564882318bd6

llvm::slpvectorizer::BoUpSLP::getEntryCost(llvm::slpvectorizer::BoUpSLP::TreeEntry

const*, llvm::ArrayRef<llvm::Value*>)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3ce7bd6)

#11 0x00005648823343c4

llvm::slpvectorizer::BoUpSLP::getTreeCost(llvm::ArrayRef<llvm::Value*>)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3d033c4)

#12 0x0000564882338075

llvm::SLPVectorizerPass::tryToVectorizeList(llvm::ArrayRef<llvm::Value*>,

llvm::slpvectorizer::BoUpSLP&, bool) (.constprop.2100) SLPVectorizer.cpp:0:0

#13 0x000056488233c304

llvm::SLPVectorizerPass::vectorizeChainsInBlock(llvm::BasicBlock*,

llvm::slpvectorizer::BoUpSLP&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3d0b304)

#14 0x000056488233f7bc llvm::SLPVectorizerPass::runImpl(llvm::Function&,

llvm::ScalarEvolution*, llvm::TargetTransformInfo*, llvm::TargetLibraryInfo*,

llvm::AAResults*, llvm::LoopInfo*, llvm::DominatorTree*,

llvm::AssumptionCache*, llvm::DemandedBits*, llvm::OptimizationRemarkEmitter*)

(.part.2083) SLPVectorizer.cpp:0:0

#15 0x00005648823407cb llvm::SLPVectorizerPass::run(llvm::Function&,

llvm::AnalysisManager<llvm::Function>&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3d0f7cb)

#16 0x00005648832ec511 llvm::detail::PassModel<llvm::Function,

llvm::SLPVectorizerPass, llvm::PreservedAnalyses,

llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&,

llvm::AnalysisManager<llvm::Function>&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4cbb511)

#17 0x000056488188761c llvm::PassManager<llvm::Function,

llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&,

llvm::AnalysisManager<llvm::Function>&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x325661c)

#18 0x000056487fe0b481 llvm::detail::PassModel<llvm::Function,

llvm::PassManager<llvm::Function, llvm::AnalysisManager<llvm::Function> >,

llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Function>

<span class="quote">>::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&)</span >

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x17da481)

#19 0x0000564881886f04 llvm::ModuleToFunctionPassAdaptor::run(llvm::Module&,

llvm::AnalysisManager<llvm::Module>&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3255f04)

#20 0x000056487fe0bd51 llvm::detail::PassModel<llvm::Module,

llvm::ModuleToFunctionPassAdaptor, llvm::PreservedAnalyses,

llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&,

llvm::AnalysisManager<llvm::Module>&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x17dad51)

#21 0x000056488188564d llvm::PassManager<llvm::Module,

llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&,

llvm::AnalysisManager<llvm::Module>&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x325464d)

#22 0x00005648823e3096 (anonymous

namespace)::EmitAssemblyHelper::EmitAssemblyWithNewPassManager(clang::BackendAction,

std::unique_ptr<llvm::raw_pwrite_stream,

std::default_delete<llvm::raw_pwrite_stream> >) BackendUtil.cpp:0:0

#23 0x00005648823e7a03 clang::EmitBackendOutput(clang::DiagnosticsEngine&,

clang::HeaderSearchOptions const&, clang::CodeGenOptions const&,

clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef,

llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream,

std::default_delete<llvm::raw_pwrite_stream> >)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3db6a03)

#24 0x0000564883115f1a

clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4ae4f1a)

#25 0x0000564883fc1189 clang::ParseAST(clang::Sema&, bool, bool)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x5990189)

#26 0x0000564883114ab8 clang::CodeGenAction::ExecuteAction()

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4ae3ab8)

#27 0x0000564882a4a2a1 clang::FrontendAction::Execute()

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x44192a1)

#28 0x00005648829e6a7a

clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x43b5a7a)

#29 0x0000564882b19203

clang::ExecuteCompilerInvocation(clang::CompilerInstance*)

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x44e8203)

#30 0x000056487fb6883c cc1_main(llvm::ArrayRef<char const*>, char const*,

void*) (/local/suz-local/software/local/clang-trunk/bin/clang-14+0x153783c)

#31 0x000056487fb63c39 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&)

driver.cpp:0:0

#32 0x000056487fa8c731 main

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x145b731)

#33 0x00007f04f7919bf7 __libc_start_main

/build/glibc-S9d2JN/glibc-2.27/csu/../csu/libc-start.c:344:0

#34 0x000056487fb637aa _start

(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x15327aa)

clang-14: error: unable to execute command: Aborted

clang-14: error: clang frontend command failed due to signal (use -v to see

invocation)

clang version 14.0.0 (<a href="https://github.com/llvm/llvm-project.git">https://github.com/llvm/llvm-project.git</a>

a84b78198cdd76a2171fdf6b0d80e49f4a4cf572)

Target: x86_64-unknown-linux-gnu

Thread model: posix

InstalledDir: /local/suz-local/opfuzz/bin

clang-14: note: diagnostic msg: 

********************

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:

Preprocessed source(s) and associated run script(s) are located at:

clang-14: note: diagnostic msg: /tmp/small-e29f5d.c

clang-14: note: diagnostic msg: /tmp/small-e29f5d.sh

clang-14: note: diagnostic msg: 

********************

[506] % 

[506] % cat small.c

int a, b, c, d, e, f;

int main() {

  int h, i = 1, k = 0, g;

  if (c && e)

    goto L3;

L1:

  if (f) {

    while (k)

      ;

    k = i;

    int m = i;

  L2:

    if (m)

      goto L3;

  }

  if (a) {

    if (h)

      goto L2;

    int o = i;

    if (b)

      i = c = d;

    if (a)

    L3:

      if (c)

        goto L4;

    h || (h = 1);

    g = o;

  }

L4:

  if (a)

    goto L1;

  if (b && g)

    __builtin_abort ();

  return 0;

}</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>