Fix reference to freed data in df-scan.c
Jeff Law
law@redhat.com
Mon Aug 24 17:25:00 GMT 2015
On 08/24/2015 05:23 AM, Richard Sandiford wrote:
> While experimenting with some allocation changes I noticed that
> df_insn_rescan frees a df_insn_info and implicitly requires
> alloc-pool to give back the same data on reallocation:
>
> bool the_same = df_insn_refs_verify (&collection_rec, bb, insn, false);
> /* If there's no change, return false. */
> if (the_same)
> {
> df_free_collection_rec (&collection_rec);
> if (dump_file)
> fprintf (dump_file, "verify found no changes in insn with uid = %d.\n", uid);
> return false;
> }
> if (dump_file)
> fprintf (dump_file, "rescanning insn with uid = %d.\n", uid);
>
> /* There's change - we need to delete the existing info.
> Since the insn isn't moved, we can salvage its LUID. */
> luid = DF_INSN_LUID (insn);
> df_insn_info_delete (uid);
> df_insn_create_insn_record (insn);
> DF_INSN_LUID (insn) = luid;
>
> We build up in collection_rec the list of references that INSN should
> have, then exit early if the df info already matches. Otherwise we
> tear down the old df_insn_info, allocate a new one, and copy the
> references in collection_rec to it. The problem is that the references
> in collection_rec refer to the old (freed) df_insn_info, so things break
> if alloc pool gives back a different address.
>
> The patch avoids the unnecessary free and reallocation. In principle
> it should also be a slight compile-time optimisation, but (as expected)
> the difference is far too small to be measurable.
>
> Tested on x86_64-linux-gnu. OK to install?
>
> Thanks,
> Richard
>
> gcc/
> * df-scan.c (df_insn_info_init_fields): New function, split out
> from...
> (df_insn_create_insn_record): ...here.
> (df_insn_info_free_fields): New function, split out from...
> (df_insn_info_delete): ...here.
> (df_insn_rescan): Use the new functions instead of freeing and
> reallocating the df_insn_info.
OK.
jeff
>
More information about the Gcc-patches
mailing list