http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48975
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> 2011-05-12 11:09:36 UTC --- Created attachment 24237 --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=24237 gcc46-pr48975.patch The problem was that combine_blocks removes most of the bbs in the loop, keeps around only header, latch and maybe exit_bb, but free_bb_predicate is called in the caller on ifc_bbs entries starting with 0 (loop->header which stays, fine) up to number of remaining bbs in the loop - 1 (that number can be at most 3). But nothing reordered ifc_bbs entries, so it very well can free_bb_predicate of a removed bb (use after free) and can fail to free_bb_predicate for latch or exit_bb. This patch fixes it by free_bb_predicate for all bbs in the loop already before (some of) the bbs are removed and ensures the caller doesn't try to do that again.
