[llvm-bugs] [Bug 176696] Segmentation fault in SPEChpc 2021 sph_exa_t with LTO enabled

Sun, 18 Jan 2026 22:18:51 -0800

Issue 176696
Summary Segmentation fault in SPEChpc 2021 sph_exa_t with LTO enabled
Labels new issue
Assignees
Reporter m-saito-fj 
    I built sph_exa_t using clang++ 21.1.8.
The options applied were:
-O3 -flto -mcpu=native

When executing the build with these options, a segmentation fault (SEGV) occurred.
The SEGV was found to occur within the _Tr::allocate function, which is part of the std::vector implementation.

- /usr/include/c++/11/bits/stl_vector.h
``` C++
 pointer
      _M_allocate(size_t __n)
      {
  typedef __gnu_cxx::__alloc_traits<_Tp_alloc_type> _Tr;
  return __n != 0 ? _Tr::allocate(_M_impl, __n) : pointer();
      }
```

My analysis suggests that this is likely caused by the following IR changes introduced by SimplifyCFG during LTO (Link-Time Optimization). I confirmed this by using -Wl,-mllvm,-print-before=simplifycfg and -Wl,-mllvm,-print-after=simplifycfg.

- IR code before SimplifyCFG application:
(Check with  -Wl,-mllvm,-print-before=simplifycfg)
```
8: ; preds = %0
  %9 = icmp eq i32 %4, 0
  br i1 %9, label %18, label %10

10: ; preds = %8
  %11 = shl nuw nsw i64 %5, 2
  %12 = call noalias noundef nonnull ptr @_Znwm(i64 noundef %11) #7
  %13 = getelementptr inbounds nuw i32, ptr %12, i64 %5
  store i32 0, ptr %12, align 4, !tbaa !8
  %14 = icmp eq i32 %4, 1
  br i1 %14, label %18, label %15
```
- IR code after SimplifyCFG application:  
(Check with -Wl,-mllvm,-print-after=simplifycfg)
```
7: ; preds = %0
  %8 = zext nneg i32 %4 to i64
  %9 = icmp ne i32 %4, 0
  call void @llvm.assume(i1 %9)
  %10 = shl nuw nsw i64 %8, 2
 %11 = call noalias noundef nonnull ptr @_Znwm(i64 noundef %10) #8
  store i32 0, ptr %11, align 4, !tbaa !8
  %12 = icmp eq i32 %4, 1
  br i1 %12, label %16, label %13
```

I have attached a reproducer code snippet that is a significantly reduced and modified version of the actual code.
[src_and_script.zip](https://github.com/user-attachments/files/24706013/src_and_script.zip)

_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs

Reply via email to