merge revision(s) 273dca3aed7989120d57f80c789733d4bc870ffe: [Backport #19248]

Fix undefined behavior in shape.c Under strict aliasing, writing to the memory location of a different type is not allowed and will result in undefined behavior. This was happening in shape.c due to `rb_id_table_lookup` writing to the memory location of `VALUE *` that was casted from a `rb_shape_t **`. This was causing test failures when compiled with LTO. Fixes [Bug #19248] Co-Authored-By: Alan Wu <alanwu@ruby-lang.org> --- shape.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-)
author: NARUSE, Yui <naruse@airemix.jp> 2023-01-19 09:31:47 +0900
committer: NARUSE, Yui <naruse@airemix.jp> 2023-01-19 09:31:47 +0900
commit: 08ae7f64dc52c2b61e451d6e79ebdae73d482677 (patch)
tree: 2fc12e225a3f03e41459f6ff56f941e918690856
parent: d7fb4629b4058eb86be03760e6b9f1f272e44147 (diff)
2 files changed, 12 insertions, 3 deletions
diff --git a/shape.c b/shape.c
index 7580003412..f3150127ff 100644
--- a/shape.c
+++ b/shape.c
@@ -150,7 +150,11 @@ get_next_shape_internal(rb_shape_t * shape, ID id, enum shape_type shape_type, b
 
             // Lookup the shape in edges - if there's already an edge and a corresponding shape for it,
             // we can return that. Otherwise, we'll need to get a new shape
-            if (!rb_id_table_lookup(shape->edges, id, (VALUE *)&res)) {
+            VALUE lookup_result;
+            if (rb_id_table_lookup(shape->edges, id, &lookup_result)) {
+                res = (rb_shape_t *)lookup_result;
+            }
+            else {
                 *variation_created = had_edges;
 
                 rb_shape_t * new_shape = rb_shape_alloc(id, shape);
@@ -462,7 +466,12 @@ rb_shape_traverse_from_new_root(rb_shape_t *initial_shape, rb_shape_t *dest_shap
         if (!next_shape->edges) {
             return NULL;
         }
-        if (!rb_id_table_lookup(next_shape->edges, dest_shape->edge_name, (VALUE *)&next_shape)) {
+
+        VALUE lookup_result;
+        if (rb_id_table_lookup(next_shape->edges, dest_shape->edge_name, &lookup_result)) {
+            next_shape = (rb_shape_t *)lookup_result;
+        }
+        else {
             return NULL;
         }
         break;
diff --git a/version.h b/version.h
index b57b928bf1..e207d9b5b2 100644
--- a/version.h
+++ b/version.h
@@ -11,7 +11,7 @@
 # define RUBY_VERSION_MINOR RUBY_API_VERSION_MINOR
 #define RUBY_VERSION_TEENY 0
 #define RUBY_RELEASE_DATE RUBY_RELEASE_YEAR_STR"-"RUBY_RELEASE_MONTH_STR"-"RUBY_RELEASE_DAY_STR
-#define RUBY_PATCHLEVEL 11
+#define RUBY_PATCHLEVEL 12
 
 #include "ruby/version.h"
 #include "ruby/internal/abi.h"
author	NARUSE, Yui <naruse@airemix.jp>	2023-01-19 09:31:47 +0900
committer	NARUSE, Yui <naruse@airemix.jp>	2023-01-19 09:31:47 +0900
commit	08ae7f64dc52c2b61e451d6e79ebdae73d482677 (patch)
tree	2fc12e225a3f03e41459f6ff56f941e918690856
parent	d7fb4629b4058eb86be03760e6b9f1f272e44147 (diff)