https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98599
--- Comment #2 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
As far as I can tell, there are two invocations of lto1: wpa, then ltrans.
The analyzer is run in the first invocation.
The analyzer updates the gimple stmt uids; if I disable this updating the crash
doesn't happen.
The crash happens in the 2nd invocation of lto1 at:
1200 for (cedge = node->indirect_calls; cedge; cedge =
cedge->next_callee)
1201 {
1202 if (STMT_UID_NOT_IN_RANGE (cedge->lto_stmt_uid))
1203 fatal_error (input_location,
1204 "Cgraph edge statement index out of
range");
I haven't managed to fully debug this yet, but it looks like the stmt uids are
stored into the callgraph edge's lto_stmt_uid, and somewhere between the cgraph
and LTO infrastructure it doesn't expect an IPA pass (the analyzer) to change
the uids in the stmts from under it, even though gimple.h has this for the stmt
field:
/* UID of this statement. This is used by passes that want to
assign IDs to statements. It must be assigned and used by each
pass. By default it should be assumed to contain garbage. */
unsigned uid;
and gimple_set_uid has:
Please note that this UID property is supposed to be undefined at
pass boundaries. This means that a given pass should not assume it
contains any useful value when the pass starts and thus can set it
to any value it sees fit.
