<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/57554>57554</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
clang crashes on valid code at -O1 and above: Assertion `DAG.isGuaranteedNotToBeUndefOrPoison(R, false) && "Can't create node that may be undef/poison!"' failed
</td>
</tr>
<tr>
<th>Labels</th>
<td>
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
zhendongsu
</td>
</tr>
</table>
<pre>
Related to the fixed and closed https://github.com/llvm/llvm-project/issues/57402 (cc @RKSimon)
Compiler Explorer: https://godbolt.org/z/vv8n7Enrr
```
[535] % clangtk -v
clang version 16.0.0 (https://github.com/llvm/llvm-project.git 8534f514747d57cd42602403eb98c8230f5c7ff9)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /local/suz-local/opfuzz/bin
Found candidate GCC installation: /usr/lib/gcc/i686-linux-gnu/8
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/10
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/11
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6.5.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7.5.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/8
Selected GCC installation: /usr/lib/gcc/x86_64-linux-gnu/11
Candidate multilib: .;@m64
Selected multilib: .;@m64
[536] %
[536] % clangtk -O1 small.c
clang-16: /local/suz-local/software/clangbuild/llvm-project/llvm/lib/CodeGen/SelectionDAG/DAGCombiner.cpp:13982: llvm::SDValue {anonymous}::DAGCombiner::visitFREEZE(llvm::SDNode*): Assertion `DAG.isGuaranteedNotToBeUndefOrPoison(R, false) && "Can't create node that may be undef/poison!"' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: /local/suz-local/software/local/clang-trunk/bin/clang-16 -cc1 -triple x86_64-unknown-linux-gnu -emit-obj --mrelax-relocations -disable-free -clear-ast-before-backend -main-file-name small.c -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -mllvm -treat-scalable-fixed-error-as-warning -debugger-tuning=gdb -fcoverage-compilation-dir=/local/suz-local/software/emitesting/bugs/20220904-clangtk-m64-O3-Weverything-pipe-fPIC-build-211236/delta -resource-dir /local/suz-local/software/local/clang-trunk/lib/clang/16.0.0 -I /usr/local/include/csmith -I /local/suz-local/software/local/include -internal-isystem /local/suz-local/software/local/clang-trunk/lib/clang/16.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O1 -fdebug-compilation-dir=/local/suz-local/software/emitesting/bugs/20220904-clangtk-m64-O3-Weverything-pipe-fPIC-build-211236/delta -ferror-limit 19 -fgnuc-version=4.2.1 -fcolor-diagnostics -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/small-a25f29.o -x c small.c
1. <eof> parser at end of file
2. Code generation
3. Running pass 'Function Pass Manager' on module 'small.c'.
4. Running pass 'X86 DAG->DAG Instruction Selection' on function '@main'
#0 0x00005646376825b1 PrintStackTraceSignalHandler(void*) Signals.cpp:0:0
#1 0x000056463767fca4 SignalHandler(int) Signals.cpp:0:0
#2 0x00007fd45e2f9980 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x12980)
#3 0x00007fd45cf26e87 raise /build/glibc-CVJwZb/glibc-2.27/signal/../sysdeps/unix/sysv/linux/raise.c:51:0
#4 0x00007fd45cf287f1 abort /build/glibc-CVJwZb/glibc-2.27/stdlib/abort.c:81:0
#5 0x00007fd45cf183fa __assert_fail_base /build/glibc-CVJwZb/glibc-2.27/assert/assert.c:89:0
#6 0x00007fd45cf18472 (/lib/x86_64-linux-gnu/libc.so.6+0x30472)
#7 0x0000564638629877 (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x4e10877)
#8 0x00005646386cb3ed (anonymous namespace)::DAGCombiner::combine(llvm::SDNode*) DAGCombiner.cpp:0:0
#9 0x00005646386ccc89 llvm::SelectionDAG::Combine(llvm::CombineLevel, llvm::AAResults*, llvm::CodeGenOpt::Level) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x4eb3c89)
#10 0x00005646387ea897 llvm::SelectionDAGISel::CodeGenAndEmitDAG() (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x4fd1897)
#11 0x00005646387eea08 llvm::SelectionDAGISel::SelectAllBasicBlocks(llvm::Function const&) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x4fd5a08)
#12 0x00005646387f09e2 llvm::SelectionDAGISel::runOnMachineFunction(llvm::MachineFunction&) (.part.0) SelectionDAGISel.cpp:0:0
#13 0x000056463607674c (anonymous namespace)::X86DAGToDAGISel::runOnMachineFunction(llvm::MachineFunction&) X86ISelDAGToDAG.cpp:0:0
#14 0x0000564636840391 llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (.part.0) MachineFunctionPass.cpp:0:0
#15 0x0000564636d9d1f3 llvm::FPPassManager::runOnFunction(llvm::Function&) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x35841f3)
#16 0x0000564636d9d421 llvm::FPPassManager::runOnModule(llvm::Module&) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x3584421)
#17 0x0000564636d9dd15 llvm::legacy::PassManagerImpl::run(llvm::Module&) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x3584d15)
#18 0x0000564637a3a0ca clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream>>) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x42210ca)
#19 0x0000564638946e22 clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x512de22)
#20 0x00005646399cedd9 clang::ParseAST(clang::Sema&, bool, bool) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x61b5dd9)
#21 0x00005646381f4871 clang::FrontendAction::Execute() (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x49db871)
#22 0x000056463817b48e clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x496248e)
#23 0x00005646382bc228 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x4aa3228)
#24 0x0000564634ba11ed cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x13881ed)
#25 0x0000564634b9ad73 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&) driver.cpp:0:0
#26 0x0000564634b9d836 clang_main(int, char**) (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x1384836)
#27 0x00007fd45cf09c87 __libc_start_main /build/glibc-CVJwZb/glibc-2.27/csu/../csu/libc-start.c:344:0
#28 0x0000564634b99f4a _start (/local/suz-local/software/local/clang-trunk/bin/clang-16+0x1380f4a)
clang-16: error: unable to execute command: Aborted
clang-16: error: clang frontend command failed due to signal (use -v to see invocation)
clang version 16.0.0 (https://github.com/llvm/llvm-project.git 8534f514747d57cd42602403eb98c8230f5c7ff9)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /local/suz-local/opfuzz/bin
clang-16: note: diagnostic msg:
********************
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-16: note: diagnostic msg: /tmp/small-5787b5.c
clang-16: note: diagnostic msg: /tmp/small-5787b5.sh
clang-16: note: diagnostic msg:
********************
[537] %
[537] % cat small.c
char a;
int b, c;
int main() {
unsigned d = 2000000000;
b = -1 + ~a | 500000000 + d;
c = b % ~d;
a = (~(a | b) + (a - 1)) % (d | -1);
return 0;
}
```
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzlWtty2zgS_Rr5BUUV75cHP8i6JN5Nxi7bk9maFxVIghI3FMklSMfO1-9pkJRIWY6dib01VeuSJeLWfbrR6G4ADIv48fxGZLwWMasLVm8FS9IHFHgesygrJB63dV3KiTWbmCt8Nmm9bcJpVOxQyLL7_kcrq-LfIqpRTKVshMSD49m6ySamH0VsYus3_7xNd0U-MYOJvpjos3mxK9NMVGz5UGZFJSowOeZWxGGR1dOi2qD0Hf_3937uLfOqYi2R7tvVu09bdC4cy5k4CzB3IAfPN_VXpt23rarM7kUl0yJnhjvVpzqh_DlBp-jAfMeyE8ewPduLHS-KbdPVTVu3RBj4kW9aeuJEXpIEe5nveLURNQn64Ltr19aa_GtefMu1LM2bB22TN12_bSV4zHZFLDLqXRYyfWibLnNZ8ywT8SJVGiNcRcQz_Mrmu9Y_F2XSfCeNhWneDlwVDc0qpjaNMePsw3zO0pYYr6GKjlgjKyKZhqSEKKIJdX13ANBc-b9IsJN9SNLQ34Gm8fY03XcgOXWm7yC99w4k3wdpZ063IsO6gsd5izmf75HtmqxOaRSoTCfWBTzRzrWPWP6ok_Imbu9NTtXtPcyVweQOsKfRwNVohvuDdSqLpP7GK4FH1Tts0ix-6lR7D6Skn8MtfBDwpKtWAOhoMfuAIr7hVbHiRTWNyhJsDSvwTWKvCMC5WbPbxReeNYJNvAueF_njrmjkxFu0jQMKbcV9KtN6dbNc_rmEjxxS-Q0oJuaMfBvoz6QUFSFhcMOgMk3lh4ZXPK-FiH8r6rviQvyexyK5qq6LVFIc8G8m5pwlPJOgE0BBLj74MTF5E9OrWQQniBnMwQixiddsxx9ZKFhDdCBu2REyMAYDQArxJJ62ur_-tJzdLplswh08NWdhs2GVKIuqplD316Oaio1pHmWNQiWAksstC3n0ta54JEimEoyqIhKSAqgsmqqtppFcyiJKVcStmpzJqErLuoN8W4MIi5sdzVxbpaMpuK6KTcV3DMGj2Ym8lq-zp76qtcIa7L528aCvM1ymRZHB0JiWmXg2KDFNQIlaEf6badquQsbwoOEb9GnGJdPiVPIwE1pSCQGSmeCVxmWthSJBZNdIOQLCazue5lqCWdJyvhP9YmGKZkdNU0GPlSmq8aVl4h5Fsy2kEj_gsEugD6HBAGBfsNQFDBnVyY7XW01UVV6gkJRaVOQ0KYi4C1imluSFVpHnSiE89QUldJHQTVQXgJylXArIkzT5tzSPtZqkgroX4F-r2K1FZUN60lwbVU0uVMVGYMEQ4h2ZDekTlqtJ6L9VCyVVhIt4SA3zkwMB1CZglRtRESFUgM8mDsE9KpCe8A1oqxyp1UtM8X7x8rTTVAlZEz3MdrMhozV109QD3dY6V6XBu2lXlvYHlFs91lvSR5mWQHp9OdeUD9JMwzDh48wVpqPmDBPeWjIB-cvW1zowVUfeuk2-tMuBf--GdSuMOksItO06vZJpvz41ZR85z2A5j7IWuzcF_hKjkxL9sOuLwc1cTadPv070fcpNPNBD9JTrQdXHdH48-udZqAipJcrs_1a2nbRrM0spVhgBKiB9pHWbBECzp-bUUCsTWxXA5Zu8AI6IfAWPY3TDcl6s18hd1h9nX5brxR-zm5W5nq8u17Pbz6CA0QUppIZ3h0zk-TRuOokZTOGsHlg0Th0McvwTay6KZGItWckrxFeGGEh-tEgYOdG2p0k9KSVovVCbMqkWi1pumlw5mxKRB_y9VZOrjIFdU8VnnsPPVBQ9UQXX2yAMoNRjMb0uNtmnaP3LdxlivQaE-GGXnScl6vvMpCOd9GxRpuyKUxjqclTUWTrTH3T8Oa7tWp7rm05osOsKpqWi4h2F1tt0Ayv7iDCaEWT_vkjjNgNhbZPssh5d_e9pG2PaXhJxmx0TA6cXCZkdIS-JbUeYSRD4Oluv4RkRPcQaqQUI7dfxiVWJhrJWe7upLMiBXOgPhgkq-x0isbGGbKLEdIXvsYqnkqZm1WeIGxCLtPmXf3z7M9wXzSmUCvNSUvTuAasxFiWtFYSZh7biXqEBMvwq0phsa-YYY4HtIyS-lxiMh4WS9HVI6rjVhhqlmPhHTJwxE8O3Eg6tcpVRrimpW4f89bK34_YPLctgzNI9Zml75ivmLqJZc9WsWTqGjGbNG1qZ72JWPa-n-euJmmJqC0MH1RFbf8w2Ci2klmC7z-0ZpVqyVKlp8EyWH7WlZzN89nRncbQ0giMYUeQHw03HcKOiauYnWHZ1nyjlo4T50DKb3QiJTZpUeIYt3Wboqqzbcjc4eHPVhxZE2que3MrIZ_me4H7gPSPz5a06yDngneXxEsFG7dv8d4CbxAbQjOAaR3AF1_0X4ba1syy74DKNLgDgqxzN2T6eqERabeLeQRgHWEfCmGNhEj0Q5ovCgMVV_plHyAlEj3skzJO2XpopAnBNDjtgx6SfrgfCZw3xuTqijh29tCwRTkHzrngLzKBFNHp6p0HaI5C-rVuBwZ6lTAnDANNJMD_U3Al6p3E5I1xxEBuJNcC1uqahfery04je0DItx7eBbWSZ7jF42zReAf6zyr3GM9tVvRNwmw5OBsC9Y-AxJuKAJhMbHj22zwMRLnflwVL_l_CBbgR_FAg9bnE94u3RXAuH3O1FexBx1dRlU9PNxKF5ccjpl_lGRSaXIs2gy0fkbaK6FbyKtog36ujj4PVGXQ9R6Ue92uuAFzp9wtOpLgNnVyNP3tzQmdiwutf_7Ihgp4RZtyzmDDla24L08D-NWJc1DHN-IFTxb-vyW4Wt11rSycZuNCgWCUdkXmMrJWrxwkBrSZ-3jxCmaWC6R_YwzkgC2xWmeUINc6i02fVLsd0PYLeRy3Zr-nueHhnK7PYOY2rsdd_FtB3DjIVpDkUxR4lGEEQijoOhKNe0OwSuMdBbseOdrYRFkR1-3xqya4QOEI0gj5MNI7F9zxhCXlWkw70Vtiv0QURNLd4nIQriEBBGGMc5hOGFti_Gi7i9oVRXbjkC9RBlv3z854V6l1wocE3AHMkxyjV8M4xM0x95vhbxQZz77qx1jP6JuG3q_8b4OYfiR7mcOUpD7JAbBrYwUWSs21OCQUiZVRV_JEdnzaMtr3p_OFNOBU5uVIeKwQnB24phWL4PlCMxnLEYAY89i_W6nxt3au0NN1h0xvJF0MlzG0RPyKQsKK7S-1P7LmLqHjGNfWxuFdRee-pgo9WNUsX7aMP26TxtoA1vvMXWg8j3sKunXTSCAXJChe-1m_pINv1pRvuoGhUdtcG3bHusF_9IL0Fic9YyfnvhdRDfCz-89FPHivTQ5HQRQDdPojUITPNuh2BDjTM6GoExPT-8fWch6dxLP7a78GJxoyi3hz4kXSMF0-5VnRAsHaz3Icb_w3cghsrNC8pWZuxwmMt2cqPIdVb0C5_ByyndReTs7m42_8juPi7Z6urTp6s_Ln_7wFaXn5a37O5KVV_8_oHdLK-vbu4m_fXf9amLRF_SCn72MnHfoRJMXarR-zz1nuQrVTA-qHY83wudU9faP0tCbv_CTLzVfNCtvXfiJn9fB20d3eCTR-b0RoAqwpeyUHnTUVXnaZVj9bp6hjVPK5LWJ5tYC2bq_d9-LGOhatIMcL_A2CXH15w5fU9VHQ_6R6p_2ArgLYdNXDURDI-u6ltKYevsL9TRA9OYSoBUlUNVseqkqdoDpUrUTZWzA056PWD8otWZODdcl2K3b5ln8bkVB1bAz-q0zsR5613UvbiQdPh_z7OUvFYs6AaDLoGU9YbFvZr3v8-7A-ysqbLzX3nlzXHss-25Ees2191Q6L7rcwN7bd3nnh7HkY4eoX2W8VBk8hzWB9M7S8_7SyxTdyzHmDohjNI2AsdPkpgjtbZ1JPNpNiXG9DrcWXWuMKg7MFvPUlnLQyP8Alme6Onzpt4W1fn3LYJHkW9kc6YQnyu4_wWNfz_8">