[llvm] [Arm] Fix UAF in ARMConstantIslandPass (PR #146232)

[Qinkun Bao via llvm-commits]

https://github.com/qinkunbao updated https://github.com/llvm/llvm-project/pull/146232

>From eb22cea7e72ce067a29566d7769703cb469e9311 Mon Sep 17 00:00:00 2001
From: Qinkun Bao <qinkun at google.com>
Date: Sat, 28 Jun 2025 18:36:57 +0000
Subject: [PATCH 1/2] =?UTF-8?q?[=F0=9D=98=80=F0=9D=97=BD=F0=9D=97=BF]=20in?=
 =?UTF-8?q?itial=20version?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Created using spr 1.3.6
---
 llvm/lib/Target/ARM/ARMConstantIslandPass.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/llvm/lib/Target/ARM/ARMConstantIslandPass.cpp b/llvm/lib/Target/ARM/ARMConstantIslandPass.cpp
index e72aa8ef051cd..ca3dc15ff3ad6 100644
--- a/llvm/lib/Target/ARM/ARMConstantIslandPass.cpp
+++ b/llvm/lib/Target/ARM/ARMConstantIslandPass.cpp
@@ -476,8 +476,8 @@ bool ARMConstantIslands::runOnMachineFunction(MachineFunction &mf) {
 
     LLVM_DEBUG(dbgs() << "Beginning BR iteration #" << NoBRIters << '\n');
     bool BRChange = false;
-    for (ImmBranch &Br : ImmBranches)
-      BRChange |= fixupImmediateBr(Br);
+    for (unsigned i = 0, e = ImmBranches.size(); i != e; ++i)
+      BRChange |= fixupImmediateBr(ImmBranches[i]);
     if (BRChange && ++NoBRIters > 30)
       report_fatal_error("Branch Fix Up pass failed to converge!");
     LLVM_DEBUG(dumpBBs());

>From 5bf5e172d2ceadf4006e08fbe766fb5319572238 Mon Sep 17 00:00:00 2001
From: Qinkun Bao <qinkun at google.com>
Date: Sun, 29 Jun 2025 02:40:46 +0000
Subject: [PATCH 2/2] use make_early_inc_range

Created using spr 1.3.6
---
 llvm/lib/Target/ARM/ARMConstantIslandPass.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/llvm/lib/Target/ARM/ARMConstantIslandPass.cpp b/llvm/lib/Target/ARM/ARMConstantIslandPass.cpp
index ca3dc15ff3ad6..d96b47ffd0c6c 100644
--- a/llvm/lib/Target/ARM/ARMConstantIslandPass.cpp
+++ b/llvm/lib/Target/ARM/ARMConstantIslandPass.cpp
@@ -476,8 +476,8 @@ bool ARMConstantIslands::runOnMachineFunction(MachineFunction &mf) {
 
     LLVM_DEBUG(dbgs() << "Beginning BR iteration #" << NoBRIters << '\n');
     bool BRChange = false;
-    for (unsigned i = 0, e = ImmBranches.size(); i != e; ++i)
-      BRChange |= fixupImmediateBr(ImmBranches[i]);
+    for (ImmBranch &Br : llvm::make_early_inc_range(ImmBranches))
+      BRChange |= fixupImmediateBr(Br);
     if (BRChange && ++NoBRIters > 30)
       report_fatal_error("Branch Fix Up pass failed to converge!");
     LLVM_DEBUG(dumpBBs());