I think the problem here is that the function literal main.(*R).CA.func1 itself is not actually an inlined function (its containing function main.WEA is). So it should not have an inlining tree at all.

Agree-- we don't want an inl tree for main.(*R).CA.func1. Now working on trying to understand how it is we get the inltree.

Change https://golang.org/cl/320913 mentions this issue: cmd/compile: don't emit inltree for closure within body of inlined func

When we clone a function literal because of inlining, do we have a way for users/debuggers to distinguish stepping through a cloned function literal vs the original? It seems like we should somehow maintain that information, along with position details about where it was cloned into.

(Of course, for release purposes, I think it's more critical to have traceback working reliably than to have perfect debugging info.)

When we clone a function literal because of inlining, do we have a way for users/debuggers to distinguish stepping through a cloned function literal vs the original? It seems like we should somehow maintain that information, along with position details about where it was cloned into.

This is an interesting question. I guess my question would be "does the user care"? If the line table info and variable locations are correct (in the sense that they show the expected line numbers, and the debugger can print the right values), then I wonder whether it matters that you're in a clone or not.

That's fair. I think most users shouldn't need to worry about this. But I'm wondering about power users (particularly us) trying to diagnose suspected miscompilation that affects inlined function literals that were optimized differently than the original.

What about the position information for newfn and newfn.Nname? Could we update their positions at least to maintain inlining stack info? Can we use inlined positions for PEXTERN/PFUNC declarations, or are they limited to PAUTO?

I think if we could at least do that, it would address my theoretical power user concern.

Change https://golang.org/cl/366494 mentions this issue: cmd/compile/internal/inline: revise closure inl position fix

At tip with GOEXPERIMENT=unified, the test case passes, but I notice in the -d=pctab=pctoinline output it reports:

funcpctab main.(*R).CA.func1 [valfunc=pctoinline]
     0     -1 00000 (/tmp/bug.go:37)    TEXT    main.(*R).CA.func1(SB), NOSPLIT|ABIInternal, $0-8
     0        00000 (/tmp/bug.go:37)    TEXT    main.(*R).CA.func1(SB), NOSPLIT|ABIInternal, $0-8
     0        00000 (/tmp/bug.go:37)    FUNCDATA        $0, gclocals·wgcWObbY2HYnK2SU/U22lA==(SB)
     0        00000 (/tmp/bug.go:37)    FUNCDATA        $1, gclocals·J5F+7Qw7O7ve2QcWC7DpeQ==(SB)
     0        00000 (/tmp/bug.go:37)    FUNCDATA        $5, main.(*R).CA.func1.arginfo1(SB)
     0        00000 (/tmp/bug.go:37)    FUNCDATA        $6, main.(*R).CA.func1.argliveinfo(SB)
     0        00000 (/tmp/bug.go:37)    PCDATA  $3, $1
     0     -1 00000 (/tmp/bug.go:17)    MOVB    $1, (AX)
     3        00003 (/tmp/bug.go:17)    RET
     4 done
wrote 3 bytes to 0xc00060f3c8
 00 04 00
-- inlining tree for main.(*R).CA.func1:
0 | -1 | main.WEA (/tmp/bug.go:37:39) pc=0
--

Is this an issue, or could it be one? The original bug report mentions this "inlining tree" output being wrong, and it's not present with GOEXPERIMENT=nounified. Though I'm guessing maybe it's harmless here since it's not actually referenced by the instructions.

For #54593, it's been mentioned that pprof sampling seems to correlate with the kubernetes apiserver hanging and getting restarted. I'm wondering if it's hitting a similar issue with infinite stack traces somewhere.

Agree that if it's not being referenced by the instructions, it seems hard to imagine that it would be triggering the original bug. But it does seem a bit odd.

Yeah, the presence of the inline tree looks suspicious. What do you mean by "it's not being referenced by the instructions"? Thanks.

It shows up in the dump. For example in this code:

func (r *R) CA(ctx context.Context, cN string, nn *nAO) (*int, error) {
	cA, err := r.cM.NewA(ctx, cN, nn, WEA(), WEA())
	if err == nil {

the calls to WEA() get inlined. In the dump you can see this in the second column:

    39        00057 (<unknown line number>)	NOP
    39        00057 (/usr/local/google/home/thanm/gobugs/46234/repro.go:37)	XORL	AX, AX
    3b      0 00059 (/usr/local/google/home/thanm/gobugs/46234/repro.go:37)	JMP	96
    3d        00061 (/usr/local/google/home/thanm/gobugs/46234/repro.go:37)	MOVQ	AX, main..autotmp_36+8(SP)
    42        00066 (/usr/local/google/home/thanm/gobugs/46234/repro.go:37)	MOVQ	main..autotmp_24+24(SP)(AX*8), DX

Note the "0" for the instruction at 00059.

At least that's how I'm reading it; hopefully I am not off base.

What do you mean by "it's not being referenced by the instructions"?

In the instruction stream, the second column is always "-1" or blank. (Contrast @thanm's example of a different function where the entry is 0 at one point.)

However, I have been able to construct alternative cases where the instructions for an inlined function literal do reference where the enclosing function was inlined to (i.e., the original bug here). I haven't successfully gotten any of them to crash with pprof yet though.

Okay, thanks. You're right that that one is not referenced. It is odd that the unreferenced inline tree appears. Maybe something along the line of the CL above would be necessary for unified IR.

I have this program: https://go.dev/play/p/OikFLBmKguY?v=gotip

Which produces this -d=pctab=pctoinline output:

funcpctab main.stress.func1 [valfunc=pctoinline]
     0     -1 00000 (/tmp/repro.go:12)  TEXT    main.stress.func1(SB), NOSPLIT|NEEDCTXT|ABIInternal, $0-0
     0        00000 (/tmp/repro.go:12)  TEXT    main.stress.func1(SB), NOSPLIT|NEEDCTXT|ABIInternal, $0-0
     0        00000 (/tmp/repro.go:12)  FUNCDATA        $0, gclocals·g2BeySu+wFnoycgXfElmcg==(SB)
     0        00000 (/tmp/repro.go:12)  FUNCDATA        $1, gclocals·g2BeySu+wFnoycgXfElmcg==(SB)
     0      0 00000 (/tmp/repro.go:12)  MOVQ    16(DX), AX
     4        00004 (/tmp/repro.go:12)  MOVQ    24(DX), CX
     8        00008 (/tmp/repro.go:12)  MOVQ    32(DX), BX
     c        00012 (/tmp/repro.go:12)  MOVQ    8(DX), DX
    10     -1 00016 (/tmp/repro.go:22)  MOVQ    DX, main.x0(SB)
    17        00023 (/tmp/repro.go:23)  MOVQ    AX, main.x1(SB)
    1e        00030 (/tmp/repro.go:24)  MOVQ    CX, main.x2(SB)
    25        00037 (/tmp/repro.go:25)  MOVQ    BX, main.x3(SB)
    2c        00044 (/tmp/repro.go:26)  RET
    2d done
wrote 5 bytes to 0xc000817078
 02 10 01 1d 00
-- inlining tree for main.stress.func1:
0 | -1 | main.foo (/tmp/repro.go:12:9) pc=0
--

And that output looks like it should be "wrong". Specifically, the inlining tree entry is actually used for loading the closure variable values. And the pc=0 value seems like it would point back into those same instructions within the function, leading to an infinite loop during stack walking.

But pprof doesn't seem to be getting stuck there.

Okay, manually instrumenting the runtime at

Actually, I'm going to file a new issue instead of reopening this one. I don't want to cause any weird issues for milestones.

Yeah, that indeed looks like a cycle. Profiling collects at most 32 frames, so I guess the program doesn't fall into infinite loop, but the profile would looks like a bunch of recursive calls.

@cherrymui I was able to confirm that the loop does go infinite. We only check the n < max condition at the top-level, whereas the inner loop for handling PCDATA_InlTreeIndex goes until it finds a negative value (which never happens with a cycle).

Oops... Good point. Thanks.

Change https://go.dev/cl/425395 mentions this issue: cmd/compile/internal/noder: fix inlined function literal positions