Patchwork Fix accesses to freed up memory in var-tracking (PR debug/53706)

login
register
mail settings
Submitter Alexandre Oliva
Date June 27, 2012, 9:52 a.m.
Message ID <or8vf99j48.fsf@livre.localdomain>
Download mbox | patch
Permalink /patch/167582/
State New
Headers show

Comments

Alexandre Oliva - June 27, 2012, 9:52 a.m.
On Jun 21, 2012, Uros Bizjak <ubizjak@gmail.com> wrote:

> Hello!
>> > During htab_delete (dropped_values), loc_exp_dep_pool
>> > allocated objects might be accessed, so it is better to free the
>> > pool afterwards.
>> >
>> > Bootstrapped/regtested on i686-linux, ok for trunk?
>> 
>> Looks obvious.

> The patch doesn't fix all writes to freed up memory, please see
> comment #8 in the PR audit trail.

So, I've tested your patch in comment #10 on ia64-linux-gnu, and it
worked, but it failed on i686- and x86_64-linux-gnu, just because in
some cases we decided not to go through vt_emit_notes(), so
loc_exp_dep_pool remained uninitialized, and free_alloc_pool doesn't
like to release NULL pools ;-)

The resulting patch was regstrapped on i686- and x86_64-linux-gnu.  I'm
going to check it in as obvious after getting some sleep.

Patch

for  gcc/ChangeLog
from  Alexandre Oliva  <aoliva@redhat.com>,
	Uros Bizjak  <ubizjak@gmail.com>, Jakub Jelinek  <jakub@redhat.com>

	PR debug/53706
	PR debug/47624
	* var-tracking.c (vt_emit_notes): Release loc_exp_dep_pool...
	(vt_finalize): ... here instead, if needed.

Index: gcc/var-tracking.c
===================================================================
--- gcc/var-tracking.c.orig	2012-06-27 02:25:13.903896343 -0300
+++ gcc/var-tracking.c	2012-06-27 03:22:25.000000000 -0300
@@ -9260,11 +9260,7 @@  vt_emit_notes (void)
   dataflow_set_destroy (&cur);
 
   if (MAY_HAVE_DEBUG_INSNS)
-    {
-      free_alloc_pool (loc_exp_dep_pool);
-      loc_exp_dep_pool = NULL;
-      htab_delete (dropped_values);
-    }
+    htab_delete (dropped_values);
 
   emit_notes = false;
 }
@@ -9974,6 +9970,9 @@  vt_finalize (void)
 
   if (MAY_HAVE_DEBUG_INSNS)
     {
+      if (loc_exp_dep_pool)
+	free_alloc_pool (loc_exp_dep_pool);
+      loc_exp_dep_pool = NULL;
       free_alloc_pool (valvar_pool);
       VEC_free (rtx, heap, preserved_values);
       cselib_finish ();