* [PATCH] Fix combine_blocks (PR tree-optimization/48975)
@ 2011-05-12 15:47 Jakub Jelinek
2011-05-12 16:07 ` Richard Guenther
0 siblings, 1 reply; 2+ messages in thread
From: Jakub Jelinek @ 2011-05-12 15:47 UTC (permalink / raw)
To: gcc-patches
Hi!
combine_blocks at the end removes most of the bbs, keeps around just
loop header, maybe latch and maybe exit_bb. We need to free bb->aux
through free_bb_predicate, but that is done in the caller, using array of
(former) loop bbs, with the new loop->num_nodes count (at most 3).
While that properly frees bb->aux for loop->header, it might very well
access bb->aux of deleted bbs and free that, for most of the deleted
bbs will leak memory and might keep around bb->aux for latch and/or exit_bb
(which is incorrect as following passes expect that bb->aux is NULL upon
entry - shouldn't we with ENABLE_CHECKING verify bb->aux is NULL after
every pass instead of just testing it at the beginning of a couple of
passes?). Fixed by calling free_bb_predicate already before deleting
any bbs, for all bbs in the loop, and making sure the caller doesn't do it
again.
Bootstrapped/regtested on x86_64linux and i686-linux, ok for trunk?
2011-05-12 Jakub Jelinek <jakub@redhat.com>
PR tree-optimization/48975
* tree-if-conv.c (combine_blocks): Call free_bb_predicate
on all bbs here and free and clear ifc_bbs at the end.
* gcc.dg/pr48975.c: New test.
--- gcc/tree-if-conv.c.jj 2011-05-02 18:39:28.000000000 +0200
+++ gcc/tree-if-conv.c 2011-05-12 12:20:33.000000000 +0200
@@ -1637,6 +1637,7 @@ combine_blocks (struct loop *loop)
for (i = 0; i < orig_loop_num_nodes; i++)
{
bb = ifc_bbs[i];
+ free_bb_predicate (bb);
if (bb_with_exit_edge_p (loop, bb))
{
exit_bb = bb;
@@ -1712,6 +1713,9 @@ combine_blocks (struct loop *loop)
&& exit_bb != loop->header
&& can_merge_blocks_p (loop->header, exit_bb))
merge_blocks (loop->header, exit_bb);
+
+ free (ifc_bbs);
+ ifc_bbs = NULL;
}
/* If-convert LOOP when it is legal. For the moment this pass has no
--- gcc/testsuite/gcc.dg/pr48975.c.jj 2011-05-12 12:23:59.000000000 +0200
+++ gcc/testsuite/gcc.dg/pr48975.c 2011-05-12 12:23:51.000000000 +0200
@@ -0,0 +1,18 @@
+/* PR tree-optimization/48975 */
+/* { dg-do compile } */
+/* { dg-options "-O3 -ffast-math -fno-tree-slp-vectorize" } */
+
+static int
+foo (int x)
+{
+ return (x > 0) ? 0 : x + 1;
+}
+
+void
+bar (unsigned int x)
+{
+ int l = 1;
+lab:
+ while (x)
+ x = foo (x);
+}
Jakub
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] Fix combine_blocks (PR tree-optimization/48975)
2011-05-12 15:47 [PATCH] Fix combine_blocks (PR tree-optimization/48975) Jakub Jelinek
@ 2011-05-12 16:07 ` Richard Guenther
0 siblings, 0 replies; 2+ messages in thread
From: Richard Guenther @ 2011-05-12 16:07 UTC (permalink / raw)
To: Jakub Jelinek; +Cc: gcc-patches
On Thu, May 12, 2011 at 4:42 PM, Jakub Jelinek <jakub@redhat.com> wrote:
> Hi!
>
> combine_blocks at the end removes most of the bbs, keeps around just
> loop header, maybe latch and maybe exit_bb. We need to free bb->aux
> through free_bb_predicate, but that is done in the caller, using array of
> (former) loop bbs, with the new loop->num_nodes count (at most 3).
> While that properly frees bb->aux for loop->header, it might very well
> access bb->aux of deleted bbs and free that, for most of the deleted
> bbs will leak memory and might keep around bb->aux for latch and/or exit_bb
> (which is incorrect as following passes expect that bb->aux is NULL upon
> entry - shouldn't we with ENABLE_CHECKING verify bb->aux is NULL after
> every pass instead of just testing it at the beginning of a couple of
> passes?).
I think verify_flow might be a good place to check this.
> Fixed by calling free_bb_predicate already before deleting
> any bbs, for all bbs in the loop, and making sure the caller doesn't do it
> again.
>
> Bootstrapped/regtested on x86_64linux and i686-linux, ok for trunk?
Ok.
Thanks,
Richard.
> 2011-05-12 Jakub Jelinek <jakub@redhat.com>
>
> PR tree-optimization/48975
> * tree-if-conv.c (combine_blocks): Call free_bb_predicate
> on all bbs here and free and clear ifc_bbs at the end.
>
> * gcc.dg/pr48975.c: New test.
>
> --- gcc/tree-if-conv.c.jj 2011-05-02 18:39:28.000000000 +0200
> +++ gcc/tree-if-conv.c 2011-05-12 12:20:33.000000000 +0200
> @@ -1637,6 +1637,7 @@ combine_blocks (struct loop *loop)
> for (i = 0; i < orig_loop_num_nodes; i++)
> {
> bb = ifc_bbs[i];
> + free_bb_predicate (bb);
> if (bb_with_exit_edge_p (loop, bb))
> {
> exit_bb = bb;
> @@ -1712,6 +1713,9 @@ combine_blocks (struct loop *loop)
> && exit_bb != loop->header
> && can_merge_blocks_p (loop->header, exit_bb))
> merge_blocks (loop->header, exit_bb);
> +
> + free (ifc_bbs);
> + ifc_bbs = NULL;
> }
>
> /* If-convert LOOP when it is legal. For the moment this pass has no
> --- gcc/testsuite/gcc.dg/pr48975.c.jj 2011-05-12 12:23:59.000000000 +0200
> +++ gcc/testsuite/gcc.dg/pr48975.c 2011-05-12 12:23:51.000000000 +0200
> @@ -0,0 +1,18 @@
> +/* PR tree-optimization/48975 */
> +/* { dg-do compile } */
> +/* { dg-options "-O3 -ffast-math -fno-tree-slp-vectorize" } */
> +
> +static int
> +foo (int x)
> +{
> + return (x > 0) ? 0 : x + 1;
> +}
> +
> +void
> +bar (unsigned int x)
> +{
> + int l = 1;
> +lab:
> + while (x)
> + x = foo (x);
> +}
>
> Jakub
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-05-12 14:50 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-05-12 15:47 [PATCH] Fix combine_blocks (PR tree-optimization/48975) Jakub Jelinek
2011-05-12 16:07 ` Richard Guenther
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).