https://gcc.gnu.org/bugzilla/show_bug.cgi?id=122956
--- Comment #12 from Hongtao Liu <liuhongt at gcc dot gnu.org> ---
(In reply to Jan Hubicka from comment #11)
> LLVM indeed has some lifetime DSE violations in it for years. It seems to
> got better recently since they got more strict about optimizing them, too.
> This seems however independent bug in multitarget speculative
> devirtualization. Speculative call sequences should always contain one
> indirect edge and one or more direct edges (callees we speculate to).
> Verifier complains about indirect edge being lost, so it seems that
> inlinining messed up somehow. Perhaps by turning it do a direct call...
Quote from GPT5-Codex:
The regression comes from the multi-target work that landed in commit 9ee937b2
(see ipa-devirt.cc around 3770). That patch now runs this loop:
bool first = true;
unsigned speculative_id = 0;
for (cgraph_node *likely_target : likely_targets)
…
e->make_speculative (likely_target,
e->count.apply_scale (8, 10 * likely_targets.length ()),
speculative_id++);
which manufactures several speculative direct edges for a single indirect call.
The trouble shows up later when inlining (or any other transformation that
resolves just one of those direct edges) calls cgraph_edge::make_direct /
resolve_speculation in cgraph.cc (see lines ~1630–1660). That helper still
assumes the pre-patch world where a speculative sequence contains exactly one
direct edge plus the indirect fallback. As soon as one of the new direct
targets is resolved, resolve_speculation(found, callee->decl) tears down the
shared indirect edge unconditionally. The remaining speculative direct edges
are left orphaned—still marked speculative, but with no matching indirect
edge—so the verifier later trips on “missing indirect call in speculative call
sequence.”
In short, the new loop in ipa-devirt.cc creates multiple speculative targets,
but the resolver in cgraph.cc still removes the lone indirect edge as soon as
any one target is materialised, leaving the others dangling and triggering the
verification failure.
