From efd499b211dfc9696beea90a73fd72aaf95d6c5e Mon Sep 17 00:00:00 2001
From: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 2 Mar 2021 11:25:18 +0000
Subject: merge revision(s) 0ba27259: [Backport #16940]

	Fix crashes in the peephole optimizer on OpenBSD/sparc64

	These crashes are due to alignment issues, casting ADJUST to INSN
	and then accessing after the end of the ADJUST.  These patches
	come from Stefan Sperling <stsp@apache.org>, who reported the
	issue.
	---
	 compile.c | 5 +++--
	 1 file changed, 3 insertions(+), 2 deletions(-)

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67908 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 compile.c | 5 +++--
 version.h | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/compile.c b/compile.c
index bc4d475923..fea789e4d5 100644
--- a/compile.c
+++ b/compile.c
@@ -2724,7 +2724,8 @@ iseq_peephole_optimize(rb_iseq_t *iseq, LINK_ELEMENT *list, const int do_tailcal
 	    ELEM_REMOVE(&iobj->link);
 	    return COMPILE_OK;
 	}
-	else if (iobj != diobj && IS_INSN_ID(diobj, jump) &&
+        else if (iobj != diobj && IS_INSN(&diobj->link) &&
+                 IS_INSN_ID(diobj, jump) &&
 		 OPERAND_AT(iobj, 0) != OPERAND_AT(diobj, 0)) {
 	    /*
 	     *  useless jump elimination:
@@ -2902,7 +2903,7 @@ iseq_peephole_optimize(rb_iseq_t *iseq, LINK_ELEMENT *list, const int do_tailcal
             }
 
             for (;;) {
-                if (IS_INSN_ID(nobj, jump)) {
+                if (IS_INSN(&nobj->link) && IS_INSN_ID(nobj, jump)) {
                     replace_destination(iobj, nobj);
                 }
                 else if (prev_dup && IS_INSN_ID(nobj, dup) &&
diff --git a/version.h b/version.h
index dc472d558b..41acf52017 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
 #define RUBY_VERSION "2.6.7"
 #define RUBY_RELEASE_DATE "2021-03-02"
-#define RUBY_PATCHLEVEL 167
+#define RUBY_PATCHLEVEL 168
 
 #define RUBY_RELEASE_YEAR 2021
 #define RUBY_RELEASE_MONTH 3
-- 
cgit v1.2.1