[Bug lto/92599] ICE in speculative_call_info, at cgraph.c:1142

luoxhu at cn dot ibm.com gcc-bugzilla@gcc.gnu.org
Wed Dec 4 07:04:00 GMT 2019 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92599

--- Comment #3 from Xiong Hu XS Luo <luoxhu at cn dot ibm.com> ---
(In reply to Martin Liška from comment #2)
> So we ICE at the end of cgraph_edge::speculative_call_info:
> (gdb) p ref
> $4 = <ipa_ref* 0x0>
> 
> (gdb) p e
> $5 = <cgraph_edge* 0x7ffff769b5b0 (<cgraph_node * 0x7ffff74ac160
> "ConvertASEToModelSurfaces.constprop"/113> -> <cgraph_node * 0x7ffff74ac420
> "NumSurfaces"/115>)>
> (gdb) p e2
> $6 = <cgraph_edge* 0x7ffff769b750 (<cgraph_node * 0x7ffff74ac160
> "ConvertASEToModelSurfaces.constprop"/113> -> <cgraph_node * 0x0>)>
> 
> As seen the edge is within idRenderModelStatic class.
> I bet the problem is the ODR warning message, the class is polymorphic in
> one TU, and normal class in another one.

Seems side effect in indirect->set_call_stmt.
The "ref" is changed in recursive call line "indirect->set_call_stmt (new_stmt,
false)", it will call resolve_speculation to redirect one of it's polymorphic
call 
ConvertASEToModelSurfaces/2 => FindMaterial/45, ref->remove_reference will the
related reference, then ref will be pointed to another reference, then the
followed "ref->stmt = new_stmt" will update wrong stmt to the original
reference.

p *ref
$378 = {referring = 0x3fffb55f10e0, referred = 0x3fffb55f09d8, stmt =
0x3fffb7f71440, lto_stmt_uid = 10, referred_index = 1, use = IPA_REF_ADDR,
speculative = 1

After returning from indirect->set_call_stmt (new_stmt, false):

p *ref
$380 = {referring = 0x3fffb55f10e0, referred = 0x3fffb55f0ca8, stmt =
0x3fffb7f713b0, lto_stmt_uid = 6, referred_index = 1, use = IPA_REF_ADDR,
speculative = 1}

(gdb) pedge direct
$381 = 0x3fffb5560498 "ConvertASEToModelSurfaces.constprop/113"
$382 = 0x3fffb53d78a0 "FindMaterial/116"
(gdb) ps new_stmt
FindMaterial (_6);
 ps ref->stmt
# .MEM = VDEF <.MEM>
OBJ_TYPE_REF(_5;(struct idRenderModelStatic)this_3(D)->1) (this_3(D));


How about patch candidate as below? Or check the ref->speculative is true after
return from indirect->set_call_stmt? 

diff --git a/gcc/cgraph.c b/gcc/cgraph.c
index b75430f3f3a..65b6f93c3fe 100644
--- a/gcc/cgraph.c
+++ b/gcc/cgraph.c
@@ -793,7 +793,8 @@ cgraph_edge::set_call_stmt (gcall *new_stmt, bool
update_speculative)
       speculative_call_info (direct, indirect, ref);
       direct->set_call_stmt (new_stmt, false);
       indirect->set_call_stmt (new_stmt, false);
-      ref->stmt = new_stmt;
+      if (ref->lto_stmt_uid == direct->lto_stmt_uid)
+       ref->stmt = new_stmt;
       return;
     }

More information about the Gcc-bugs mailing list