Bug in edge redirection code
Thu Jul 26 09:34:00 GMT 2001
Okay, i found why my malloc debugger hates the following code
(crashing on first->count -= e->count)
3136 else if (redirect_edge_and_branch (e, target))
3138 /* We successfully forwarded the edge. Now update profile
3139 data: for each edge we traversed in the chain, remove
3140 the original edge's execution count. */
3143 first->count -= e->count;
3144 first->succ->count -= e->count;
3145 first->frequency -= ((e->probability * b->frequency
What happens is that redirect_edge_and_branch calls
redirect_edge_succ_nodup which sees the edge is already
present, so it remove_edge's it.
However, what it just remove_edge'd was "e", so when we get back to
the above code, having succeeded in forwarding, and try to access e->count,
Once you'd redirected e to target, you can't count on e still being
the edge you redirected, or even valid, because we'll remove it if it was a
This bug also exists in the slightly older version of
try_forward_edges on the new-regalloc-branch.
I'm not quite sure how you want to fix this.
"They say we're 98% water. We're that close to drowning...
(Picks up his glass of water from the stool...) I like to live
on the edge...
More information about the Gcc-bugs