On Thu, May 12, 2011 at 4:42 PM, Jakub Jelinek <ja...@redhat.com> wrote:
> Hi!
>
> combine_blocks at the end removes most of the bbs, keeps around just
> loop header, maybe latch and maybe exit_bb. We need to free bb->aux
> through free_bb_predicate, but that is done in the caller, using array of
> (former) loop bbs, with the new loop->num_nodes count (at most 3).
> While that properly frees bb->aux for loop->header, it might very well
> access bb->aux of deleted bbs and free that, for most of the deleted
> bbs will leak memory and might keep around bb->aux for latch and/or exit_bb
> (which is incorrect as following passes expect that bb->aux is NULL upon
> entry - shouldn't we with ENABLE_CHECKING verify bb->aux is NULL after
> every pass instead of just testing it at the beginning of a couple of
> passes?).
I think verify_flow might be a good place to check this.
> Fixed by calling free_bb_predicate already before deleting
> any bbs, for all bbs in the loop, and making sure the caller doesn't do it
> again.
>
> Bootstrapped/regtested on x86_64linux and i686-linux, ok for trunk?
Ok.
Thanks,
Richard.
> 2011-05-12 Jakub Jelinek <ja...@redhat.com>
>
> PR tree-optimization/48975
> * tree-if-conv.c (combine_blocks): Call free_bb_predicate
> on all bbs here and free and clear ifc_bbs at the end.
>
> * gcc.dg/pr48975.c: New test.
>
> --- gcc/tree-if-conv.c.jj 2011-05-02 18:39:28.000000000 +0200
> +++ gcc/tree-if-conv.c 2011-05-12 12:20:33.000000000 +0200
> @@ -1637,6 +1637,7 @@ combine_blocks (struct loop *loop)
> for (i = 0; i < orig_loop_num_nodes; i++)
> {
> bb = ifc_bbs[i];
> + free_bb_predicate (bb);
> if (bb_with_exit_edge_p (loop, bb))
> {
> exit_bb = bb;
> @@ -1712,6 +1713,9 @@ combine_blocks (struct loop *loop)
> && exit_bb != loop->header
> && can_merge_blocks_p (loop->header, exit_bb))
> merge_blocks (loop->header, exit_bb);
> +
> + free (ifc_bbs);
> + ifc_bbs = NULL;
> }
>
> /* If-convert LOOP when it is legal. For the moment this pass has no
> --- gcc/testsuite/gcc.dg/pr48975.c.jj 2011-05-12 12:23:59.000000000 +0200
> +++ gcc/testsuite/gcc.dg/pr48975.c 2011-05-12 12:23:51.000000000 +0200
> @@ -0,0 +1,18 @@
> +/* PR tree-optimization/48975 */
> +/* { dg-do compile } */
> +/* { dg-options "-O3 -ffast-math -fno-tree-slp-vectorize" } */
> +
> +static int
> +foo (int x)
> +{
> + return (x > 0) ? 0 : x + 1;
> +}
> +
> +void
> +bar (unsigned int x)
> +{
> + int l = 1;
> +lab:
> + while (x)
> + x = foo (x);
> +}
>
> Jakub
>
