From b702d851c83c1be7c0b6923a5a8ba97a37f7bd47 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Henrik=20Grubbstr=C3=B6m=20=28Grubba=29?=
 <grubba@grubba.org>
Date: Mon, 28 Apr 2014 23:17:23 +0200
Subject: [PATCH] Optimizer: Fixed reference underflow in treeopt.

The reference count for reused nodes needs to be bumped once
for every occurence...

This bug was triggered at least by the empty loop ==> assignment rules,
with the effect that the free list in block alloc got corrupted.

Example code that triggered the bug:

  int i;
  array a;
  for(; i < sizeof(a); i++)
    ;
---
 bin/mktreeopt.pike | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/mktreeopt.pike b/bin/mktreeopt.pike
index 3fab79763a..a81b941826 100644
--- a/bin/mktreeopt.pike
+++ b/bin/mktreeopt.pike
@@ -819,7 +819,7 @@ void parse_data()
     } else if (data[pos] != ';') {
       object(node) n2 = read_node2();
       // werror(sprintf("\t%s;\n\n", n2));
-      array(string) t = [array(string)]Array.uniq(n2->used_nodes());
+      array(string) t = [array(string)]n2->used_nodes();
 
       string expr = n2->generate_code();
 
-- 
GitLab