<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/68553>68553</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
[clang][frontend] clang crash at -O2/3
</td>
</tr>
<tr>
<th>Labels</th>
<td>
clang
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
jun-wei-zeng
</td>
</tr>
</table>
<pre>
Clang at `-O2/3` crashes.
When I compiled this code with different optimization levels on different versions of clang, I found that `-O2` caused ICE starting from `clang-13.0.0`, while `-O3` caused ICE starting from `clang-15.0.0`.
Compiler explorer: https://godbolt.org/z/xoPnzoWs3
```c
$ cat test.c
int c[];
int d, e;
char f, i;
short a, b;
char *j() {
for (;;) {
a = 0;
for (; a <= 5; a++)
if (a == 1)
return &a;
break;
}
for (; b;) {
e = 0;
for (; e < 6; e++) {
i = 0;
for (; i <= 5; i++)
for (int g = 0; g < 8; g++)
for (int h = 0; h < 9; h++) {
d = c[d] & 5 ^ c[d ^ f];
d = d & 5 ^ c[d ^ f];
d = d & 5 ^ c[d ^ f];
d = d & 5 ^ c[d ^ f];
d = d & 5 ^ c[d ^ f];
}
}
}
}
$
$ clang-16 --version
clang version 16.0.0
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /home/jwzeng/compilers/llvm/llvm-16.0.0/bin
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/10
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/9
Selected GCC installation: /usr/lib/gcc/x86_64-linux-gnu/10
Candidate multilib: .;@m64
Selected multilib: .;@m64
$
$ clang-16 -O2 -w test.c
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: /home/jwzeng/compilers/llvm/llvm-16.0.0/bin/clang-16 -cc1 -triple x86_64-unknown-linux-gnu -emit-obj -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name test1.c -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -mllvm -treat-scalable-fixed-error-as-warning -debugger-tuning=gdb -fcoverage-compilation-dir=/home/jwzeng/workplace/compiler_testing/scripts/testing-20231008-100t7csmith-v3-ubuntu/result/clang/compfail/S_3403600649/test -resource-dir /home/jwzeng/compilers/llvm/llvm-16.0.0/lib/clang/16 -internal-isystem /home/jwzeng/compilers/llvm/llvm-16.0.0/lib/clang/16/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -w -fdebug-compilation-dir=/home/jwzeng/workplace/compiler_testing/scripts/testing-20231008-100t7csmith-v3-ubuntu/result/clang/compfail/S_3403600649/test -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/test1-fd704c.o -x c test1.c
1. <eof> parser at end of file
2. Optimizer
#0 0x00005624a5903b68 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/home/jwzeng/compilers/llvm/llvm-16.0.0/bin/clang-16+0x3103b68)
#1 0x00005646a7d01aae llvm::sys::RunSignalHandlers() (/home/jwzeng/compilers/llvm/llvm-16.0.0/bin/clang-16+0x3101aae)
#2 0x00005646a7d041ed SignalHandler(int) Signals.cpp:0:0
#3 0x00007f775cc35520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
#4 0x00005646a71efb99 computeKnownBitsFromAssume(llvm::Value const*, llvm::KnownBits&, unsigned int, (anonymous namespace)::Query const&) ValueTracking.cpp:0:0
#5 0x00005646a71ebebb computeKnownBitsFromOperator(llvm::Operator const*, llvm::APInt const&, llvm::KnownBits&, unsigned int, (anonymous namespace)::Query const&) ValueTracking.cpp:0:0
#6 0x00005646a71d9de5 computeKnownBits(llvm::Value const*, llvm::APInt const&, llvm::KnownBits&, unsigned int, (anonymous namespace)::Query const&) ValueTracking.cpp:0:0
#7 0x00005646a71ec2d6 computeKnownBitsFromOperator(llvm::Operator const*, llvm::APInt const&, llvm::KnownBits&, unsigned int, (anonymous namespace)::Query const&) ValueTracking.cpp:0:0
#8 0x00005646a71d9de5 computeKnownBits(llvm::Value const*, llvm::APInt const&, llvm::KnownBits&, unsigned int, (anonymous namespace)::Query const&) ValueTracking.cpp:0:0
#9 0x00005646a71ec372 computeKnownBitsFromOperator(llvm::Operator const*, llvm::APInt const&, llvm::KnownBits&, unsigned int, (anonymous namespace)::Query const&) ValueTracking.cpp:0:0
...
...
...
#255 0x00005624a4d91a47 llvm::ScalarEvolution::computeSCEVAtScope(llvm::SCEV const*, llvm::Loop const*) (/home/jwzeng/compilers/llvm/llvm-16.0.0/bin/clang-16+0x2591a47)
clang-16: error: unable to execute command: Segmentation fault (core dumped)
clang-16: error: clang frontend command failed due to signal (use -v to see invocation)
clang version 16.0.0
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /home/jwzeng/compilers/llvm/llvm-16.0.0/bin
clang-16: note: diagnostic msg:
********************
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-16: note: diagnostic msg: /tmp/test1-493d8d.c
clang-16: note: diagnostic msg: /tmp/test1-493d8d.sh
clang-16: note: diagnostic msg:
********************
```
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzcWVtT4zry_zTipUspR74keeAhJGSG-s9_YQf2zCMlS21Hgy25JBmY-fRbkk0uDMyyZ6jdPUOFRG715Sd1q1uSuXOq1oinJD8j-fqE935r7OnXXtMHVPQ76vqkNPLb6arhugbugRQJvWSEbVJSJCAsd1t0E5KsSbIcvr9sUcMFCNN2qkEJfqscCCMRHpTfglRVhRa1B9N51arv3CujocF7bBwYfcBwj9Ypox2YCkQAQNgKLqAyvQ5q92gCEt47lHCxOgfnufVK11BZ0waWKEun6SSZJKRIgpaHrWpwEE_fKJ6P4keDXQ2jtICPXWMsWpIuYet950i6JGxD2KY2sjSNnxhbE7b5Ttjm0Vzp7-aLSw81BWDxI8ZnloHgHjw6PxlpSnsQg6tIeranyTAk3JHElluoAk3taG5rrAceiOUxI2HLr4TNCVsAmY0dAJUJPfPAmp496wPgQNI1JDtFgbaXiN2rwJHHJ8LO4mexZwZQVeCOigLndN9t0fdWA2EFPzJQWuR3BxQyW_-Idhjdc7z4c7yhewVFbO7AHmsAUC_oONKijkatXhz1TiC4rd5pjM0VRDX1K4JHotu96DaKLmLzJfAysoawkSRfh2mFHEh-PpBiqzoMKDj4G2TlG4TezvmfUn8QHkcPu-a-wbKDNTes9gIoHfPPuFZiBhxJMC1iNog9N9zW6MPCf5wXt0VGe32nzYOmjdL9I611P_JtLXIJrZHYBO7OOPU4dF1o53nToFyrmEEI22xNi4Rtvj6EJEzYZsyn1hG2aZr7dvyhIxK2KdWIdBPzo-BaKsk9wofVCtRgIOba0UDvbNChypCjhAh5aYC_h8020-T9dY5xfY0NCo_yXfCtdsjavvEqSKVLmISwyJK2yJ6Z_BnTK9FwyYA-HGXjq0_ny-tzcH3ZKg8cyr4Gi13Is948LwLKb_tyIkz7zH2dNV9ReMI2yrkeg3eBawlKi6aXCH6LQ5WFkos7b7nAkMM7i501Al2oWs70diAHSe6cEYqHYdpegxNWdX4sWteeizuQfdsFZJEU6tniypra8ha4rfsWtXe_EoRss581IaZAvVVdg6-uDqDYKk9N-RWoVI6XDdLKIgIVDXJLufO0xMpYpGEOUMs9X7R-j1ZVCm0kC24lvedNj1TzFh3QlitNK9UMhOjC6UQAbS02RsSQo3FRQqcE0E4JGncjwIYH5WinEGhbWd4i7YzSPhT6tTYagVYt91uK1moDtKo6KowOfvIkXRsNtNKG2rB8lK5p4AXaCqOdt73wxlLeKO4CzqrXD0pL6sPIHEnXDKiPuYWKrg_TR4sMqO81RkKNGm1A3IZZCNOM3FMneDNMoXpEGXAFG44-cKvDroZKLPu6RhsUKV2TdF3LEmglzD1aXiMdnDzMiwz5aP1CJDwYe9c1MRp3UXEbplbF7iHqQpiMNMoSlk6TZE6nSeJnwrXKb-l9Svuy1z4sZYuub_xT9IxqK64awjbXt2mWpEWSFNli1AnU4hD4AeSfCtYhtzyZC-EaPat5Q5X75jy276I2rO1xNb9oYEx0RvDmjaz_MieyzWTy49cLvD9aw8fQED9aHVlf0PNz6X_fxFOypVWM1b9MQFbDYmtUqAfTBdCq1r3YbSPSdTZhkynQewwLX31H2hjTuUOCazqgFZfSOlUDXd_eflitbj8u_zi_XX9Zft6w29Xm4nZ5_f8kXU-BmjB3vu1GCFNayVmSiYkB-gjiKdUNiX4aEj1JV2gqkp5Dx61DG450IaGaCkKGHDhZ4LwcTmdod_smliaQPCZJkuQFy3i-SNKymENcA-mSpEv3zQ2NK6u0j7XmZihY8z2T5Q-3xoVc1RJWxEOK9nHHGs4gv1pxCDtLHtNpRHawgyYsne6wZwWfyWTKOb6E_XOvr1WtefORazkYnr87vGD8GB57Bi-booQjIMPOP0AZyG4iulDGk_i_15SOmmbVbJYLkeY5S0b0Q-J4IQ00qhQTZyYDwIzlLDmGlx3Bm2JVLhbxiN97_L9Qzs-Udxtr2qVzfXvs8T9CMYZY8ghbBo_v-3ayYyz0Ol5IyCEoVvGIqI3-1preQaznXQyoxSD-9x7ttyfVRZibaCxE3Z3S9SszlD8bTIll-eJgLju03Bt7NJwn4isjWl5dhFP6DtJ_fbTF8WjlQmL-w2jf7LD_ueHNnjlTMFn8vs6c_97OXDx3Zjpjv6kzJ5PJz5uhKOT5YcXN5GLKs9kB7Ouw2bfn96bpx5MzSZfjfF2vzv9Y-mthuuN0HOivzNAnY7qDrvcseiyP2HdVZdeZLiFum0Kj1-HkEk7P-Iii9yFu25ZrGTqvsQ5H0-G6uOJ94wM8YSzGAy3Kn-se7m8qa7QPG55RMYT9HEqQfTTrYmUNenuHQO8jDRGUvh9PisdG_hL3QYfToY3H8CsVr7VxXgloXR1NjHcev_A5uM0e70aWNzfL1Ue4-XgOm8tPny6_XPztA2wuPp1fw81lJJ_94wN8Pr-6_Hyzu5G4euluY-5CPL56v7FjsAjxUI8SuN-pfOMUHO-ls0Uq5_Jp-_wrKtz2T3jivfzx9F7hRJ6mcpEu-AmeTotFMU-TLE9PtqfFAnnKZMXmcoHTsiiyaVGIYjZjIq2mbHGiTsez0iLJs1maTljGKiGFqCrJkqySJEuw5aqZhAicGFufxMus02Ke5-lJw0tsXHzFxNh4lmIkX5_Y0xixZV87kiWNct7tNXjlm_heapDI1yQ_e1q9JF-P63m4GuMexpdSJ71tTv_81VsE_M8AAAD__0wNJjc">