$ clang-trunk -v clang version 13.0.0 (https://github.com/llvm/llvm-project.git 24d48d45cc302a6abeab139d87ba87f7a2335323) Target: x86_64-unknown-linux-gnu Thread model: posix InstalledDir: /home/cnsun/usr/bin Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/10 Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/8 Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/9 Selected GCC installation: /usr/lib/gcc/x86_64-linux-gnu/10 Candidate multilib: .;@m64 Candidate multilib: 32;@m32 Candidate multilib: x32;@mx32 Selected multilib: .;@m64 $ cat mutant.c extern memcmp(const *, const *, buf1); buf1() { if (memcmp(buf1, "abcde", 6)) abort(); } $ clang-trunk -O1 mutant.c mutant.c:1:22: warning: type specifier missing, defaults to 'int' [-Wimplicit-int] extern memcmp(const *, const *, buf1); ~~~~~ ^ mutant.c:1:31: warning: type specifier missing, defaults to 'int' [-Wimplicit-int] extern memcmp(const *, const *, buf1); ~~~~~ ^ mutant.c:1:33: warning: type specifier missing, defaults to 'int' [-Wimplicit-int] extern memcmp(const *, const *, buf1); ^ mutant.c:1:8: warning: type specifier missing, defaults to 'int' [-Wimplicit-int] extern memcmp(const *, const *, buf1); ~~~~~~ ^ mutant.c:1:8: warning: incompatible redeclaration of library function 'memcmp' [-Wincompatible-library-redeclaration] mutant.c:1:8: note: 'memcmp' is a builtin with type 'int (const void *, const void *, unsigned long)' mutant.c:2:1: warning: type specifier missing, defaults to 'int' [-Wimplicit-int] buf1() { ^ mutant.c:3:14: warning: incompatible pointer types passing 'int ()' to parameter of type 'const int *' [-Wincompatible-pointer-types] if (memcmp(buf1, "abcde", 6)) ^~~~ mutant.c:1:22: note: passing argument to parameter here extern memcmp(const *, const *, buf1); ^ mutant.c:3:20: warning: incompatible pointer types passing 'char [6]' to parameter of type 'const int *' [-Wincompatible-pointer-types] if (memcmp(buf1, "abcde", 6)) ^~~~~~~ mutant.c:1:31: note: passing argument to parameter here extern memcmp(const *, const *, buf1); ^ mutant.c:4:5: warning: implicitly declaring library function 'abort' with type 'void (void) __attribute__((noreturn))' [-Wimplicit-function-declaration] abort(); ^ mutant.c:4:5: note: include the header <stdlib.h> or explicitly provide a declaration for 'abort' mutant.c:5:1: warning: non-void function does not return a value in all control paths [-Wreturn-type] } ^ clang-13: /tmp/tmp.nPuVKAIgXI-clang-builder/llvm-project/llvm/lib/IR/Instructions.cpp:492: void llvm::CallInst::init(llvm::FunctionType*, llvm::Value*, llvm::ArrayRef<llvm::Value*>, llvm::ArrayRef<llvm::OperandBundleDefT<llvm::Value*> >, const llvm::Twine&): Assertion `(i >= FTy->getNumParams() || FTy->getParamType(i) == Args[i]->getType()) && "Calling a function with a bad signature!"' failed. PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace, preprocessed source, and associated run script. Stack dump: 0. Program arguments: /scratch/software/clang-trunk/bin/clang-13 -cc1 -triple x86_64-unknown-linux-gnu -emit-obj --mrelax-relocations -disable-free -main-file-name mutant.c -mrelocation-model static -mframe-pointer=none -fmath-errno -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/scratch/cnsun/workspace/perses-fuzzer/default_c_finding_folder/crash_20210623_053748_00c0/delta/perses_result -resource-dir /scratch/software/clang-trunk/lib/clang/13.0.0 -c-isystem . -c-isystem /usr/local/include/cmsith -internal-isystem /scratch/software/clang-trunk/lib/clang/13.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O1 -fdebug-compilation-dir=/scratch/cnsun/workspace/perses-fuzzer/default_c_finding_folder/crash_20210623_053748_00c0/delta/perses_result -ferror-limit 19 -fgnuc-version=4.2.1 -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/mutant-b16a95.o -x c mutant.c 1. <eof> parser at end of file 2. Optimizer #0 0x00005567f70ac274 PrintStackTraceSignalHandler(void*) Signals.cpp:0:0 #1 0x00005567f70a9a2e SignalHandler(int) Signals.cpp:0:0 #2 0x00007fe42e4843c0 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x153c0) #3 0x00007fe42df2318b raise /build/glibc-ZN95T4/glibc-2.31/signal/../sysdeps/unix/sysv/linux/raise.c:51:1 #4 0x00007fe42df02859 abort /build/glibc-ZN95T4/glibc-2.31/stdlib/abort.c:81:7 #5 0x00007fe42df02729 get_sysdep_segment_value /build/glibc-ZN95T4/glibc-2.31/intl/loadmsgcat.c:509:8 #6 0x00007fe42df02729 _nl_load_domain /build/glibc-ZN95T4/glibc-2.31/intl/loadmsgcat.c:970:34 #7 0x00007fe42df13f36 (/lib/x86_64-linux-gnu/libc.so.6+0x36f36) #8 0x00005567f67621fa llvm::CallInst::init(llvm::FunctionType*, llvm::Value*, llvm::ArrayRef<llvm::Value*>, llvm::ArrayRef<llvm::OperandBundleDefT<llvm::Value*> >, llvm::Twine const&) (/scratch/software/clang-trunk/bin/clang-13+0x30061fa) #9 0x00005567f70dc36b llvm::IRBuilderBase::CreateCall(llvm::FunctionType*, llvm::Value*, llvm::ArrayRef<llvm::Value*>, llvm::Twine const&, llvm::MDNode*) (.constprop.0) BuildLibCalls.cpp:0:0 #10 0x00005567f70e0ba5 emitLibCall(llvm::LibFunc, llvm::Type*, llvm::ArrayRef<llvm::Type*>, llvm::ArrayRef<llvm::Value*>, llvm::IRBuilderBase&, llvm::TargetLibraryInfo const*, bool) BuildLibCalls.cpp:0:0 #11 0x00005567f70e23c7 llvm::emitBCmp(llvm::Value*, llvm::Value*, llvm::Value*, llvm::IRBuilderBase&, llvm::DataLayout const&, llvm::TargetLibraryInfo const*) (/scratch/software/clang-trunk/bin/clang-13+0x39863c7) #12 0x00005567f7269965 llvm::LibCallSimplifier::optimizeStringMemoryLibCall(llvm::CallInst*, llvm::IRBuilderBase&) (/scratch/software/clang-trunk/bin/clang-13+0x3b0d965) #13 0x00005567f726a16a llvm::LibCallSimplifier::optimizeCall(llvm::CallInst*, llvm::IRBuilderBase&) (/scratch/software/clang-trunk/bin/clang-13+0x3b0e16a) #14 0x00005567f6a5b622 llvm::InstCombinerImpl::tryOptimizeCall(llvm::CallInst*) (/scratch/software/clang-trunk/bin/clang-13+0x32ff622) #15 0x00005567f6a6054d llvm::InstCombinerImpl::visitCallBase(llvm::CallBase&) (/scratch/software/clang-trunk/bin/clang-13+0x330454d) #16 0x00005567f6a6240c llvm::InstCombinerImpl::visitCallInst(llvm::CallInst&) (/scratch/software/clang-trunk/bin/clang-13+0x330640c) #17 0x00005567f6a1fbf8 llvm::InstCombinerImpl::run() (/scratch/software/clang-trunk/bin/clang-13+0x32c3bf8) #18 0x00005567f6a22333 combineInstructionsOverFunction(llvm::Function&, llvm::InstCombineWorklist&, llvm::AAResults*, llvm::AssumptionCache&, llvm::TargetLibraryInfo&, llvm::TargetTransformInfo&, llvm::DominatorTree&, llvm::OptimizationRemarkEmitter&, llvm::BlockFrequencyInfo*, llvm::ProfileSummaryInfo*, unsigned int, llvm::LoopInfo*) InstructionCombining.cpp:0:0 #19 0x00005567f6a24391 llvm::InstCombinePass::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/scratch/software/clang-trunk/bin/clang-13+0x32c8391) #20 0x00005567f82847d6 llvm::detail::PassModel<llvm::Function, llvm::InstCombinePass, llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/scratch/software/clang-trunk/bin/clang-13+0x4b287d6) #21 0x00005567f67e75c6 llvm::PassManager<llvm::Function, llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/scratch/software/clang-trunk/bin/clang-13+0x308b5c6) #22 0x00005567f4c832a6 llvm::detail::PassModel<llvm::Function, llvm::PassManager<llvm::Function, llvm::AnalysisManager<llvm::Function> >, llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&) (/scratch/software/clang-trunk/bin/clang-13+0x15272a6) #23 0x00005567f67e60e9 llvm::ModuleToFunctionPassAdaptor::run(llvm::Module&, llvm::AnalysisManager<llvm::Module>&) (/scratch/software/clang-trunk/bin/clang-13+0x308a0e9) #24 0x00005567f4c83b16 llvm::detail::PassModel<llvm::Module, llvm::ModuleToFunctionPassAdaptor, llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&, llvm::AnalysisManager<llvm::Module>&) (/scratch/software/clang-trunk/bin/clang-13+0x1527b16) #25 0x00005567f67e39cf llvm::PassManager<llvm::Module, llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&, llvm::AnalysisManager<llvm::Module>&) (/scratch/software/clang-trunk/bin/clang-13+0x30879cf) #26 0x00005567f73dcbfd (anonymous namespace)::EmitAssemblyHelper::EmitAssemblyWithNewPassManager(clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) BackendUtil.cpp:0:0 #27 0x00005567f73dfe7d clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) (/scratch/software/clang-trunk/bin/clang-13+0x3c83e7d) #28 0x00005567f820a44f clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) (/scratch/software/clang-trunk/bin/clang-13+0x4aae44f) #29 0x00005567f92c1e49 clang::ParseAST(clang::Sema&, bool, bool) (/scratch/software/clang-trunk/bin/clang-13+0x5b65e49) #30 0x00005567f8208f98 clang::CodeGenAction::ExecuteAction() (/scratch/software/clang-trunk/bin/clang-13+0x4aacf98) #31 0x00005567f7ab7e79 clang::FrontendAction::Execute() (/scratch/software/clang-trunk/bin/clang-13+0x435be79) #32 0x00005567f7a4b0c6 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/scratch/software/clang-trunk/bin/clang-13+0x42ef0c6) #33 0x00005567f7b95d00 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/scratch/software/clang-trunk/bin/clang-13+0x4439d00) #34 0x00005567f49bcb06 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/scratch/software/clang-trunk/bin/clang-13+0x1260b06) #35 0x00005567f49b8e48 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&) driver.cpp:0:0 #36 0x00005567f48e60c6 main (/scratch/software/clang-trunk/bin/clang-13+0x118a0c6) #37 0x00007fe42df040b3 __libc_start_main /build/glibc-ZN95T4/glibc-2.31/csu/../csu/libc-start.c:342:3 #38 0x00005567f49b89be _start (/scratch/software/clang-trunk/bin/clang-13+0x125c9be) clang-13: error: unable to execute command: Aborted (core dumped) clang-13: error: clang frontend command failed due to signal (use -v to see invocation) clang version 13.0.0 (https://github.com/llvm/llvm-project.git 24d48d45cc302a6abeab139d87ba87f7a2335323) Target: x86_64-unknown-linux-gnu Thread model: posix InstalledDir: /home/cnsun/usr/bin clang-13: note: diagnostic msg: ******************** PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT: Preprocessed source(s) and associated run script(s) are located at: clang-13: note: diagnostic msg: /tmp/mutant-23596d.c clang-13: note: diagnostic msg: /tmp/mutant-23596d.sh clang-13: note: diagnostic msg: ********************
This is another case of lax libcall function signature matching. It requires a target (eg, Linux not macOS) that has "bcmp" to trigger. Should be fixed with: https://reviews.llvm.org/rGca637014f148 This required changing a big pile of x86 regression tests: https://reviews.llvm.org/rG8721490d3859 ...and the bug has probably been around for a long time without anyone noticing, so I'm marking as fixed instead of requesting backporting to the 13.0 release branch.