libgccjit: Fix UB in gcc_jit_context_new_array_constructor

Author: antoyo

gcc/jit/jit-recording.cc

@@ -1293,7 +1293,7 @@ recording::context::new_ctor (recording::location *loc,
       result->m_values.reserve (num_values, false);
       result->m_fields.reserve (num_values, false);
 
-      compound_type *ct = reinterpret_cast<compound_type *>(type);
+      compound_type *ct = type->dyn_cast_compound_type ();
       recording::fields *fields = ct->get_fields ();
 
       /* The entry point checks that num_values is not greater than

gcc/jit/jit-recording.h

@@ -646,6 +646,7 @@ class type : public memento
   virtual struct_ *dyn_cast_struct () { return NULL; }
   virtual vector_type *dyn_cast_vector_type () { return NULL; }
   virtual array_type *dyn_cast_array_type () { return NULL; }
+  virtual compound_type *dyn_cast_compound_type () { return NULL; }
   virtual memento_of_get_aligned *dyn_cast_aligned_type () { return NULL; }
 
   /* Is it typesafe to copy to this type from rtype?  */
@@ -846,6 +847,7 @@ class decorated_type : public type
   type *is_pointer () final override { return m_other_type->is_pointer (); }
   type *is_array () final override { return m_other_type->is_array (); }
   struct_ *is_struct () final override { return m_other_type->is_struct (); }
+  bool is_union () const final override { return m_other_type->is_union (); }
   bool is_signed () const final override { return m_other_type->is_signed (); }
 
 protected:
@@ -994,6 +996,10 @@ class memento_of_get_aligned : public decorated_type
     return m_other_type->dyn_cast_array_type ();
   }
 
+  compound_type *dyn_cast_compound_type () final override {
+      return m_other_type->dyn_cast_compound_type ();
+  }
+
   vector_type *dyn_cast_vector_type () final override {
     return m_other_type->dyn_cast_vector_type ();
   }
@@ -1264,6 +1270,8 @@ class compound_type : public type
   type *is_array () final override { return NULL; }
   bool is_signed () const final override { return false; }
 
+  compound_type *dyn_cast_compound_type () final override { return this; }
+
   bool has_known_size () const final override { return m_fields != NULL; }
   void set_loc (location * loc) { m_loc = loc; }
 

gcc/jit/libgccjit.cc

@@ -1494,7 +1494,7 @@ gcc_jit_context_new_struct_constructor (gcc_jit_context *ctxt,
 			       "constructor type is not a struct: %s",
 			       type->get_debug_string ());
 
-  compound_type *ct = reinterpret_cast<compound_type *>(type);
+  compound_type *ct = type->dyn_cast_compound_type ();
   gcc::jit::recording::fields *fields_struct = ct->get_fields ();
   size_t n_fields = fields_struct->length ();
 
@@ -1645,7 +1645,7 @@ gcc_jit_context_new_union_constructor (gcc_jit_context *ctxt,
 			       "constructor type is not an union: %s",
 			       type->get_debug_string ());
 
-  compound_type *ct = reinterpret_cast<compound_type *>(type);
+  compound_type *ct = type->dyn_cast_compound_type ();
   gcc::jit::recording::fields *fields_union = ct->get_fields ();
   size_t n_fields = fields_union->length ();
 
@@ -1742,7 +1742,7 @@ gcc_jit_context_new_array_constructor (gcc_jit_context *ctxt,
 	"'values' NULL with non-zero 'num_values'");
 
       gcc::jit::recording::array_type *arr_type =
-	reinterpret_cast<gcc::jit::recording::array_type*>(type);
+	type->dyn_cast_array_type ();
       size_t n_el = arr_type->num_elements ();
 
       RETURN_NULL_IF_FAIL_PRINTF2 (