http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55358
--- Comment #7 from Markus Trippelsdorf <markus at trippelsdorf dot de>
2012-11-28 13:20:54 UTC ---
The fix for:
==23637== Invalid write of size 8
==23637== at 0xCF9951: rest_of_handle_dse() (dse.c:2874)
...
seems to be simple. Because of "delete_dead_store_insn (ptr);"
"s_info->redundant_reason" may point into lala land:
(gdb) p *s_info
$3 = {is_set = false, is_large = false, group_id = 0, cse_base =
0xafafafafafafafaf, mem = 0xafafafafafafafaf, mem_addr = 0xafafafafafafafaf,
alias_set = -1347440721, begin = -5787213827046133841, end =
-5787213827046133841, positions_needed = {small_bitmask = 12659530246663417775,
large = {bmap = 0xafafafafafafafaf, count = -1347440721}}, next =
0xafafafafafafafaf, rhs = 0xafafafafafafafaf, const_rhs = 0xafafafafafafafaf,
redundant_reason = 0xafafafafafafafaf}
(gdb) p *ptr
$8 = {cannot_delete = true, wild_read = false, non_frame_wild_read = false,
frame_read = false, stack_pointer_based = false, contains_cselib_groups =
false, insn = 0x0, store_rec = 0x0, read_rec = 0x0, fixed_regs_live =
0x5e34f30, prev_insn = 0x54e9da0, next_local_store = 0x54e9da0}
diff --git a/gcc/dse.c b/gcc/dse.c
index f879adb..8d12e8d 100644
--- a/gcc/dse.c
+++ b/gcc/dse.c
@@ -2869,7 +2869,7 @@ dse_step1 (void)
INSN_UID (s_info->redundant_reason->insn));
delete_dead_store_insn (ptr);
}
- if (s_info)
+ if (ptr->store_rec && s_info)
s_info->redundant_reason = NULL;
free_store_info (ptr);
}
