This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[tree-ssa]: remove_stmt in tree-cfg.c doesn't update bb end properly


With Diego's latest fix, PRE exposes a bug in remove_stmt (which only occurs now that DCE is run before PRE, and DCE uses remove_stmt).

It doesn't have the right conditions to update the bb end properly.

It assumes, wrongly, that if *stmt_p (which is the statement we are removing) is not a COMPOUND_EXPR, we won't have to update the bb end.
This is incorrect.


stmt_p itself can be the end of the bb, which is what occurs in jcf-write.c.

(gdb) p bb->end_tree_p
$45 = (tree *) 0x42635cdc
(gdb) p stmt_p
$46 = (tree *) 0x42635cdc
(gdb) where
#0  remove_stmt (stmt_p=0x42635cdc) at ../../gcc/tree-cfg.c:2065

It proceeds to eliminate the statement, never updates the bb end to be a valid non-empty statement, and thus, reverse iterators stop working (since bsi_prev of the void (0) ends up being null).
PRE notices because it counts the statements in the block (using both forward and backwards iterators) before and after insertion to make sure insertion got done properly. Here, *before* insertion, when it counts the bb in reverse, and compares it to the number it got for counting forward, it aborts, because 33 != 1.


We never noticed DCE screwing up the bb ends before now because it was always run last, and rewrite_out_of_ssa didn't care if reverse iterators worked.
I'm working on a patch now.


--Dan



Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]