<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/69852>69852</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
clang crashes at -O{s,2,3} on x86_64-linux-gnu: Segmentation fault
</td>
</tr>
<tr>
<th>Labels</th>
<td>
clang
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
zhendongsu
</td>
</tr>
</table>
<pre>
It is a regression from 14.0.*, affecting 15.0.0 and later.
Compiler Explorer: https://godbolt.org/z/KeoM63sK1
```
[520] % clangtk -v
clang version 18.0.0 (https://github.com/llvm/llvm-project.git 4aae5387a874a55ee491f5dc23ce0506c5cdc678)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /local/suz-local/opfuzz/bin
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/10
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/11
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/9
Selected GCC installation: /usr/lib/gcc/x86_64-linux-gnu/11
Candidate multilib: .;@m64
Selected multilib: .;@m64
[521] %
[521] % clangtk -O3 small.c
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: /local/suz-local/software/local/clang-trunk/bin/clang-18 -cc1 -triple x86_64-unknown-linux-gnu -emit-obj -dumpdir a- -disable-free -clear-ast-before-backend -main-file-name small.c -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/local/suz-local/software/emitesting/bugs/20231021-clangtk-m64-O3-build-173404/delta -fcoverage-compilation-dir=/local/suz-local/software/emitesting/bugs/20231021-clangtk-m64-O3-build-173404/delta -resource-dir /local/suz-local/software/local/clang-trunk/lib/clang/18 -I /usr/local/include -I /local/suz-local/software/local/include -internal-isystem /local/suz-local/software/local/clang-trunk/lib/clang/18/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O3 -ferror-limit 19 -fgnuc-version=4.2.1 -fcolor-diagnostics -vectorize-loops -vectorize-slp -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/small-19bc53.o -x c small.c
1. <eof> parser at end of file
2. Optimizer
#0 0x000055a8a61dd9cf llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x3d0e9cf)
#1 0x000055a8a61daf34 SignalHandler(int) Signals.cpp:0:0
#2 0x00007feff9376420 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x14420)
#3 0x000055a8a5351180 computeKnownBits(llvm::Value const*, llvm::APInt const&, llvm::KnownBits&, unsigned int, llvm::SimplifyQuery const&) ValueTracking.cpp:0:0
#4 0x000055a8a535518d computeKnownBits(llvm::Value const*, llvm::KnownBits&, unsigned int, llvm::SimplifyQuery const&) ValueTracking.cpp:0:0
#5 0x000055a8a5355319 llvm::computeKnownBits(llvm::Value const*, unsigned int, llvm::SimplifyQuery const&) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2e86319)
#6 0x000055a8a5358548 llvm::computeKnownBits(llvm::Value const*, llvm::DataLayout const&, unsigned int, llvm::AssumptionCache*, llvm::Instruction const*, llvm::DominatorTree const*, bool) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2e89548)
#7 0x000055a8a52a1c86 llvm::ScalarEvolution::getConstantMultipleImpl(llvm::SCEV const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2dd2c86)
#8 0x000055a8a52a1309 llvm::ScalarEvolution::getConstantMultiple(llvm::SCEV const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2dd2309)
#9 0x000055a8a52a1d75 llvm::ScalarEvolution::getConstantMultipleImpl(llvm::SCEV const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2dd2d75)
#10 0x000055a8a52a1309 llvm::ScalarEvolution::getConstantMultiple(llvm::SCEV const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2dd2309)
#11 0x000055a8a52a14fb llvm::ScalarEvolution::getMinTrailingZeros(llvm::SCEV const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2dd24fb)
#12 0x000055a8a52a1ec0 llvm::ScalarEvolution::getConstantMultipleImpl(llvm::SCEV const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2dd2ec0)
#13 0x000055a8a52a1309 llvm::ScalarEvolution::getConstantMultiple(llvm::SCEV const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2dd2309)
#14 0x000055a8a52a14fb llvm::ScalarEvolution::getMinTrailingZeros(llvm::SCEV const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2dd24fb)
#15 0x000055a8a52c50e3 llvm::ScalarEvolution::getRangeRef(llvm::SCEV const*, llvm::ScalarEvolution::RangeSignHint, unsigned int) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2df60e3)
#16 0x000055a8a52c81e6 llvm::ScalarEvolution::isKnownNonNegative(llvm::SCEV const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2df91e6)
#17 0x000055a8a52d431b llvm::ScalarEvolution::getGEPExpr(llvm::GEPOperator*, llvm::SmallVectorImpl<llvm::SCEV const*> const&) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2e0531b)
#18 0x000055a8a52d4541 llvm::ScalarEvolution::createNodeForGEP(llvm::GEPOperator*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2e05541)
#19 0x000055a8a52b298c llvm::ScalarEvolution::createSCEV(llvm::Value*) (.part.0) ScalarEvolution.cpp:0:0
#20 0x000055a8a52b35d0 llvm::ScalarEvolution::createSCEVIter(llvm::Value*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2de45d0)
#21 0x000055a8a52d8d94 llvm::ScalarEvolution::computeSCEVAtScope(llvm::SCEV const*, llvm::Loop const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2e09d94)
#22 0x000055a8a52d928a llvm::ScalarEvolution::getSCEVAtScope(llvm::SCEV const*, llvm::Loop const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2e0a28a)
#23 0x000055a8a52d8da7 llvm::ScalarEvolution::computeSCEVAtScope(llvm::SCEV const*, llvm::Loop const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2e09da7)
#24 0x000055a8a52d928a llvm::ScalarEvolution::getSCEVAtScope(llvm::SCEV const*, llvm::Loop const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2e0a28a)
#25 0x000055a8a52d8849 llvm::ScalarEvolution::computeSCEVAtScope(llvm::SCEV const*, llvm::Loop const*) (/local/suz-local/software/local/clang-trunk/bin/clang-18+0x2e09849)
...
clangtk: error: unable to execute command: Segmentation fault
clangtk: error: clang frontend command failed due to signal (use -v to see invocation)
clang version 18.0.0 (https://github.com/llvm/llvm-project.git 4aae5387a874a55ee491f5dc23ce0506c5cdc678)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /local/suz-local/opfuzz/bin
clangtk: note: diagnostic msg:
********************
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clangtk: note: diagnostic msg: /tmp/small-c48d02.c
clangtk: note: diagnostic msg: /tmp/small-c48d02.sh
clangtk: note: diagnostic msg:
********************
[522] %
[522] % cat small.c
int a[1], b, c, d, e;
int main() {
short g = d = 1;
for (; d; d--)
g++;
while (!g)
for (d = 0; d < 5; d++)
for (c = 0; c < 10; c++)
for (e = 0; e < 5; e++) {
b = a[b];
b = a[b & 5];
b = a[b];
b = a[b];
b = a[b];
b = a[b & 5];
b = a[b];
b = a[b];
b = a[b];
b = a[b & 5];
b = a[b];
b = a[b];
b = a[b];
b = a[b & 5];
b = a[b];
b = a[b];
b = a[b];
b = a[b & 5];
b = a[b];
b = a[b];
b = a[b];
b = a[b & 5];
b = a[b];
b = a[b];
b = a[b];
b = a[b & 5];
}
return 0;
}
```
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzsWllz2zgS_jX0SxdUJHiIfPCDrCNxTRJ7Y2-mal9cINCkMSEBFgA6Tn79FkhZl68k42RnMptSaAlH4_u6G40GAWatrBXicZCeBOniiPXuWpvjL9eohFa17Y9KLT4fnzqQFhgYrA1aK7WCyugWomQSTgI6C-gcWFUhd1LVEKWTcBICUwIa5tBMIAgXQTgbn3PddrJBA8vbrtEGTRDP4Nq5zgbxLKCrgK5qLUrduIk2dUBXXwK6-g312yy2v0W7koIsXH_Gn-lJSsMgXUBAU-ANU7X7CORmrB1-ww2aAX2UDxADmh-MLN11X064bgO6apqbuz-kM_oP5G5SSwcJY5jG-ZTl04SlKWJSRFUqOI05hmmY8ZQLnk3zgBbj2JfM1Og8z9s8u8oS0quPSn9SpJGqvyW16tftrg0yAa0W2PjWnbbydqw6VdaxpkGxkIPCPC7NWRPQle2_kLvvuqv6L15hpVRjx5XulQDOlJCCOYRX8znIURhzUqu1sN4aL1KWXgmcB3S1hrqFSFdR-ANkRi8vc632C2yQOxQvgm--Qdb2jZO-VzyDSRCfBEnYZsnBkE81Ghw1unPUh8o2znsWg21Z00z42Oz8zXJ2sQTbl610wKDsazDYaePA6cNZ9IwvB3Qlre3RBnQ1TFapeNMLBHeNwA2z11Ay_tEZxtFP8M5gZzRHa1GA1b0Zi31PZq3mknnipldguZGdm6xV4hj_CKJvO49sKAonQVicG10b1gIzdd-icvYJt7a6cp-YwZ3qQUXEmV59XLv7XVmUA-E8AuKM7Bp8dM4BwVY6oss_gHh4QhpgBIiQlpUNksogAuENMkOYdaTEShskXieoBJCWSUUq2SBRrMU7OwFpDXqQ3tHIMJWhkxxIJzlp8AYboOMPaUknEUhbGdYi6bRUzkfDhdIKgVQtc9cEjVEaSFV1hGvlbeGCeKEVkEppYvykkaomvi2Qlmtlnem504awRjKLFkjVq09SCeI8KxvECwrEDRGJ8K736iFZAsT1CoeCGhUaj1hg2dc1Gl8lVR3Ei1qUQKqhnPAhjo80hQ9Ki-eN5xWO1i8S3mZ97V2PhjSOQhqRtdOTNkvIWUzKXjaCRNM4CZOArgQ2jgGpuL5Bw2r8H41vcPR8P-R3e-sYcoYyH2FyIKc78Wjd5W42jnVfOc6m0-BLijVE2s_WYftiWJ8b5BESTzR9Nv7S1WRy__FA2_uj4a3_wu-Pum76gJyne3_7EEMQJxUaow1ppI_bUQGkqlXPyTofCeJFMqGTaPDvRhsiJKuVtk5yC-QG_YSWX5A0Wnd7BbbpgFRMCGNlDWRxdfVqPr96PfuwvFr8Pnu_olfz1enV7OJtEC8iINqjc23nDe_DFYmKkqfxRAO5Bb6_1EQ-SAfxHHUVxEvomLFogDnwwU9X4CPf2JL6lmedk638gmYsAwhoHEJ4G4ZhmKYsZ1kkRMErGFaieBbEM_vZjl_OjVRuWCcux8Um3zYy7NOVts4gawOa-QVHKhfQwuduL7NaBPQkvI1FiAWvNinbgD86wM-qOIELWSvWvGZKNGgCmq_hjMV2wju_zoXD_60kupY0rbCqiniaJTSEqyuD1mmDV8bd0RkmwwOu3ciyc0N6OLF6Eg6YoySh4T7ieBdxGqdRlIfgI2Xv8De__J1IZ_f0-4E1PcKwcKwT-W3d7PxUubu6bL9uR9pQ06thJyFG8-y2vJBt18jq8796NJ93pBUwjO1N_lGq-hHNJQeM0igX38_oZ6FOD1HHUbEj_Bvxfw_Kl50eFPMsjop9Z8sOSOZpkn8_yW3dgjn2hn3W_b7vPa6FmbV92_lMYM74Nd4TeLrOivzO75EhdSsVc9pc-qRvt02pdfND9FmkSb6vz-mePimLeJ7t2pqzhpnljW769SYmiGc1urlHy5R767ccXYOnbdfs6fpivvyww-nFuQhBeZ7tc8kPucRh8R1cfjaPODzw8eKQh5imfxObiGm65eJXs_AXsInnER3ySKryK3i8lerSMNlIVf8HjbY_m0dSlfs86CEP5OHfxLeQh_tc4l_Et5JfxLf2ExDK0xDjr-Dxnqka32P1FP75c3IGIT4ffr1eqfdX7pfnX2Uhxvv8swP-eYTPrqXSDrnKO63eYc2cvPnJ7lgVEWb7NA5SApHE0de446vl-fK2M3vwXy3Pzzo0Psm5b0a_8fsw7CqHaBLPH6MdL39olhmmcXTgyfmhCtIkek4F3CBz-E4LXGnzann-pCJ-BIs0ifZZHOQRJS1y_nUsvP7vp85b5JOOGed3hAUcSHlgb-K3ogdpQBmn4tllZwvl1KF5Cs6LzghMUrG_0NCDxV_kokieRT_uRDz8mbvguntyYu9OjDdadz9yzmNYiCLZZ3iQFoiC5uwr5vxfkh2jOdtnF9-zH5v-ve3HpvsMk1_afumh_fLk2UTvL22_PNmmgJPJZOe02H0M4hkML279l16xskFwGvAWee8QuG5bpoSvvMC6ReWG4wioWN-4xwWNR9GV0cqhEndSoGKyQQGiH8aww_tEz7e3CORmKEMEqW7Wh0sb1P_Uo-0d3Srt0P_dvjeH1taDtPF4lf6Jz86Vg_X56-zycjZ_DZevl7A6e_Pm7PfTd69gdfpmeQGXZ0Pxyb9fwfvl-dn7y82p5_lD56e59V796BnqpoFBGA4VUQBzG5Ffp4H9V_48yUVI797y_wkJ9vrbzfBSxkhPUkofOEHflHHm9o8zpHLAgvQkCtLF8F7PP7h_CP_AID7ZNmyZjxX5EHCmJ3evg-y1Ng5qCOIFiOEZbXoBVNoM0Sk-ATE8CNlGzjqgJ_6zbf7pWjY4hrOo3nnntBE0jhAOoiCI55COokdBux02Xfi2Cx-6ROP3B_tseuG2F24Hwk2nXRXc_SuHPl6fpdfnhtZOOQQ0g3Sv9tnu3yL_2Y4_BMB3NfinI_m_V3wbkmC6WBcYdL1Rw-RcR7m7qs3ltyNxHIsiLtgRHkdZMS3CLArTo-tjHmdpxkVSinhaiqQoomkVJkkWp2GVhNH0SB7f3X2IfGE6KUUW0xB5gWGeinQaJCG2TDYTnydMtKmPhgtDx1mRp_SoYSU2drg5SOn6goCPv0fmeMgrhvsVSdhI6-xWgpOuweMxZRkuGaEF5oCcBdMTG9A5Deg8DqYL0ArunYM-mGgd9aY5_v6rTwOZ_wYAAP__cLFBmQ">