On FreeBSD 12.2, host compiler gcc 9.3.0. Segmentation fault occurs during stage1 when compiling libgcc. git bisect points at r11-4587 being the first bad commit. Backtrace: --- during IPA pass: inline ../../../libgcc/libgcov-merge.c: In function '__gcov_merge_topn': ../../../libgcc/libgcov-merge.c:118:11: internal compiler error: Segmentation fault 118 | gcov_topn_add_value (counters + GCOV_TOPN_MEM_COUNTERS * i, value, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 119 | count, 0, 0); | ~~~~~~~~~~~~ 0xe7c39f crash_signal ../../gcc/toplev.c:330 0xa3244a function_summary<clone_info*>::get(cgraph_node*) ../../gcc/symbol-summary.h:212 0xa3244a clone_info::get(cgraph_node*) ../../gcc/symtab-clones.h:70 0xa3244a cgraph_edge::redirect_call_stmt_to_callee(cgraph_edge*) ../../gcc/cgraph.c:1495 0xeff807 redirect_all_calls(copy_body_data*, basic_block_def*) ../../gcc/tree-inline.c:2963 0xf024da copy_cfg_body ../../gcc/tree-inline.c:3118 0xf024da copy_body ../../gcc/tree-inline.c:3294 0xf04e86 expand_call_inline ../../gcc/tree-inline.c:5084 0xf06489 gimple_expand_calls_inline ../../gcc/tree-inline.c:5274 0xf06489 optimize_inline_calls(tree_node*) ../../gcc/tree-inline.c:5447 0xc5842b inline_transform(cgraph_node*) ../../gcc/ipa-inline-transform.c:763 0xd9a62c execute_one_ipa_transform_pass ../../gcc/passes.c:2240 0xd9a62c execute_all_ipa_transforms(bool) ../../gcc/passes.c:2287 0xa39015 cgraph_node::expand() ../../gcc/cgraphunit.c:1822 0xa3a417 expand_all_functions ../../gcc/cgraphunit.c:1997 0xa3a417 symbol_table::compile() ../../gcc/cgraphunit.c:2361 0xa3d217 symbol_table::compile() ../../gcc/cgraphunit.c:2274 0xa3d217 symbol_table::finalize_compilation_unit() ../../gcc/cgraphunit.c:2542 Please submit a full bug report, with preprocessed source if appropriate. Please include the complete backtrace with any bug report. See <https://gcc.gnu.org/bugs/> for instructions. gmake: *** [Makefile:921: _gcov_merge_topn.o] Error 1
The call statement being looked at by cgraph_edge::redirect_call_stmt_to_callee is: # .MEM = VDEF <.MEM> _47 = __sync_val_compare_and_swap_8 (ptr_45, 0, new_node.0_46); cgraph_node::get returns NULL on the __sync_val_compare_and_swap_8 decl at cgraph.c:1494 This looks like it is expected to happen, given that the assert on the following line used to be `gcc_assert (!node || !node->clone.param_adjustments);`. The change that causes the segfault is: if (flag_checking && decl) { cgraph_node *node = cgraph_node::get (decl); - gcc_assert (!node || !node->clone.param_adjustments); + clone_info *info = clone_info::get (node); + gcc_assert (!node || !info || !info->param_adjustments); }
*** Bug 97662 has been marked as a duplicate of this bug. ***
jh@suse.cz
Suggested fix https://gcc.gnu.org/pipermail/gcc-patches/2020-November/557691.html
The master branch has been updated by Iain Buclaw <ibuclaw@gcc.gnu.org>: https://gcc.gnu.org/g:895fdc1f4c9ff1dfb18b80af838aa353363edb40 commit r11-4592-g895fdc1f4c9ff1dfb18b80af838aa353363edb40 Author: Iain Buclaw <ibuclaw@gdcproject.org> Date: Sun Nov 1 16:39:10 2020 +0100 ipa: Fix segmentation fault in function_summary<clone_info*>::get(cgraph_node*) PR 97660 occurs when cgraph_node::get returns NULL, and this NULL cgraph_node is then passed to clone_info::get. As the original assert prior to the regressing change in r11-4587 allowed for the cgraph_node to be NULL, clone_info::get is now only called when cgraph_node::get returns a nonnull value. gcc/ChangeLog: PR ipa/97660 * cgraph.c (cgraph_edge::redirect_call_stmt_to_callee): Don't call clone_info::get when cgraph_node::get returns NULL.
Fixed.