From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20216 invoked by alias); 12 May 2011 14:42:39 -0000 Received: (qmail 20207 invoked by uid 22791); 12 May 2011 14:42:38 -0000 X-SWARE-Spam-Status: No, hits=-6.5 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_HI,SPF_HELO_PASS,T_RP_MATCHES_RCVD X-Spam-Check-By: sourceware.org Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Thu, 12 May 2011 14:42:23 +0000 Received: from int-mx12.intmail.prod.int.phx2.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p4CEgN9D013992 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 12 May 2011 10:42:23 -0400 Received: from tyan-ft48-01.lab.bos.redhat.com (tyan-ft48-01.lab.bos.redhat.com [10.16.42.4]) by int-mx12.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p4CEgMqY024930 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 12 May 2011 10:42:22 -0400 Received: from tyan-ft48-01.lab.bos.redhat.com (localhost.localdomain [127.0.0.1]) by tyan-ft48-01.lab.bos.redhat.com (8.14.4/8.14.4) with ESMTP id p4CEgLFm023736 for ; Thu, 12 May 2011 16:42:21 +0200 Received: (from jakub@localhost) by tyan-ft48-01.lab.bos.redhat.com (8.14.4/8.14.4/Submit) id p4CEgLRv023734 for gcc-patches@gcc.gnu.org; Thu, 12 May 2011 16:42:21 +0200 Date: Thu, 12 May 2011 15:47:00 -0000 From: Jakub Jelinek To: gcc-patches@gcc.gnu.org Subject: [PATCH] Fix combine_blocks (PR tree-optimization/48975) Message-ID: <20110512144221.GJ17079@tyan-ft48-01.lab.bos.redhat.com> Reply-To: Jakub Jelinek MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-IsSubscribed: yes Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org X-SW-Source: 2011-05/txt/msg00906.txt.bz2 Hi! combine_blocks at the end removes most of the bbs, keeps around just loop header, maybe latch and maybe exit_bb. We need to free bb->aux through free_bb_predicate, but that is done in the caller, using array of (former) loop bbs, with the new loop->num_nodes count (at most 3). While that properly frees bb->aux for loop->header, it might very well access bb->aux of deleted bbs and free that, for most of the deleted bbs will leak memory and might keep around bb->aux for latch and/or exit_bb (which is incorrect as following passes expect that bb->aux is NULL upon entry - shouldn't we with ENABLE_CHECKING verify bb->aux is NULL after every pass instead of just testing it at the beginning of a couple of passes?). Fixed by calling free_bb_predicate already before deleting any bbs, for all bbs in the loop, and making sure the caller doesn't do it again. Bootstrapped/regtested on x86_64linux and i686-linux, ok for trunk? 2011-05-12 Jakub Jelinek PR tree-optimization/48975 * tree-if-conv.c (combine_blocks): Call free_bb_predicate on all bbs here and free and clear ifc_bbs at the end. * gcc.dg/pr48975.c: New test. --- gcc/tree-if-conv.c.jj 2011-05-02 18:39:28.000000000 +0200 +++ gcc/tree-if-conv.c 2011-05-12 12:20:33.000000000 +0200 @@ -1637,6 +1637,7 @@ combine_blocks (struct loop *loop) for (i = 0; i < orig_loop_num_nodes; i++) { bb = ifc_bbs[i]; + free_bb_predicate (bb); if (bb_with_exit_edge_p (loop, bb)) { exit_bb = bb; @@ -1712,6 +1713,9 @@ combine_blocks (struct loop *loop) && exit_bb != loop->header && can_merge_blocks_p (loop->header, exit_bb)) merge_blocks (loop->header, exit_bb); + + free (ifc_bbs); + ifc_bbs = NULL; } /* If-convert LOOP when it is legal. For the moment this pass has no --- gcc/testsuite/gcc.dg/pr48975.c.jj 2011-05-12 12:23:59.000000000 +0200 +++ gcc/testsuite/gcc.dg/pr48975.c 2011-05-12 12:23:51.000000000 +0200 @@ -0,0 +1,18 @@ +/* PR tree-optimization/48975 */ +/* { dg-do compile } */ +/* { dg-options "-O3 -ffast-math -fno-tree-slp-vectorize" } */ + +static int +foo (int x) +{ + return (x > 0) ? 0 : x + 1; +} + +void +bar (unsigned int x) +{ + int l = 1; +lab: + while (x) + x = foo (x); +} Jakub