https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79338
--- Comment #2 from Tom de Vries <vries at gcc dot gnu.org> ---
AFAIU, free_stmt_vec_info_vec intends to free the allocated memory:
...
void
free_stmt_vec_info_vec (void)
{
unsigned int i;
stmt_vec_info info;
FOR_EACH_VEC_ELT (stmt_vec_info_vec, i, info)
if (info != NULL)
free_stmt_vec_info (STMT_VINFO_STMT (info));
gcc_assert (stmt_vec_info_vec.exists ());
stmt_vec_info_vec.release ();
}
...
But free_stmt_vec_info starts with:
...
void
free_stmt_vec_info (gimple *stmt)
{
stmt_vec_info stmt_info = vinfo_for_stmt (stmt);
...
So:
- in free_stmt_vec_info_vec we start out with stmt_vec_info_vec element info,
- then we find the corresponding gimple stmt (STMT_VINFO_STMT (info)),
- and then in free_stmt_vec_info we find the stmt_vect_info for the gimple
(vinfo_for_stmt (stmt)).
This only guarantees the freeing of info, if
vinfo_for_stmt(STMT_VINFO_STMT (info)) == info.
The 'vinfo_for_stmt(STMT_VINFO_STMT (info)) == info' invariant is broken by
doing twice:
...
gimple *stmt = gsi_stmt (si);
gimple_set_uid (stmt, 0);
set_vinfo_for_stmt (stmt, new_stmt_vec_info (stmt, res));
...
Once for vect_analyze_loop_form (loop), and once for vect_analyze_loop_form
(loop->inner).
