[PATCH v2] fix pr62009 use after free in redirect_edge_var_map_dup

[tsaunders@mozilla.com]

From: Trevor Saunders <tsaunders@mozilla.com>

hi,

The change to get the entry for the old edge before inserting the new
one was incorrect because if inserting the new one resized the table
then the pointer to the entry for the old one would become invalid.

gcc/

	* tree-ssa.c (redirect_edge_var_map_dup): insert newe before
	getting olde.

bootstrapping on and regtest on x86_64-unknown-linux-gnu and bootstrap on
i686-linux-gnu ongoing, ok?

Trev

---
 gcc/tree-ssa.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/gcc/tree-ssa.c b/gcc/tree-ssa.c
index 920cbea..b6b3718 100644
--- a/gcc/tree-ssa.c
+++ b/gcc/tree-ssa.c
@@ -105,11 +105,12 @@ redirect_edge_var_map_dup (edge newe, edge olde)
   if (!edge_var_maps)
     return;
 
-  auto_vec<edge_var_map> *head = edge_var_maps->get (olde);
-  if (!head)
+  auto_vec<edge_var_map> *new_head = &edge_var_maps->get_or_insert (newe);
+  auto_vec<edge_var_map> *old_head = edge_var_maps->get (olde);
+  if (!old_head)
     return;
 
-  edge_var_maps->get_or_insert (newe).safe_splice (*head);
+  new_head->safe_splice (*old_head);
 }
 
 
-- 
2.0.1