Fix crashes in the peephole optimizer on OpenBSD/sparc64

These crashes are due to alignment issues, casting ADJUST to INSN and then accessing after the end of the ADJUST. These patches come from Stefan Sperling <[email protected]>, who reported the issue.
author: Jeremy Evans <[email protected]> 2020-03-12 15:34:45 -0700
committer: Jeremy Evans <[email protected]> 2020-06-08 11:11:27 -0700
commit: 0ba27259d390e902139c0e2e94b9d18ef227748e (patch)
tree: 931039de9f938aa165e43207985d0cbab9b327da /compile.c
parent: 711031de688ef464d5570560aabad989467c4328 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/compile.c b/compile.c
index 24d2561cf5..5a7a088f61 100644
--- a/compile.c
+++ b/compile.c
@@ -2776,7 +2776,8 @@ iseq_peephole_optimize(rb_iseq_t *iseq, LINK_ELEMENT *list, const int do_tailcal
 	    ELEM_REMOVE(&iobj->link);
 	    return COMPILE_OK;
 	}
-	else if (iobj != diobj && IS_INSN_ID(diobj, jump) &&
+        else if (iobj != diobj && IS_INSN(&diobj->link) &&
+                 IS_INSN_ID(diobj, jump) &&
 		 OPERAND_AT(iobj, 0) != OPERAND_AT(diobj, 0)) {
 	    /*
 	     *  useless jump elimination:
@@ -2954,7 +2955,7 @@ iseq_peephole_optimize(rb_iseq_t *iseq, LINK_ELEMENT *list, const int do_tailcal
             }
 
             for (;;) {
-                if (IS_INSN_ID(nobj, jump)) {
+                if (IS_INSN(&nobj->link) && IS_INSN_ID(nobj, jump)) {
                     replace_destination(iobj, nobj);
                 }
                 else if (prev_dup && IS_INSN_ID(nobj, dup) &&
author	Jeremy Evans <[email protected]>	2020-03-12 15:34:45 -0700
committer	Jeremy Evans <[email protected]>	2020-06-08 11:11:27 -0700
commit	0ba27259d390e902139c0e2e94b9d18ef227748e (patch)
tree	931039de9f938aa165e43207985d0cbab9b327da /compile.c
parent	711031de688ef464d5570560aabad989467c4328 (diff)