[PATCH] fix radix sort on 32bit platforms [PR109670]

[Thomas Neumann <thomas.neumann@in.tum.de>]

The radix sort uses two buffers, a1 for input and a2 for output.
After every digit the role of the two buffers is swapped.
When terminating the sort early the code made sure the output
was in a2.  However, when we run out of bits, as can happen on
32bit platforms, the sorted result was in a1, was we had just
swapped a1 and a2.
This patch fixes the problem by unconditionally having a1 as
output after every loop iteration.

This bug manifested itself only on 32bit platforms and even then
only in some circumstances, as it needs frames where a swap
is required due to differences in the top-most byte, which is
affected by ASLR. The new logic was validated by exhaustive
search over 32bit input values.

libgcc/ChangeLog:
         * unwind-dw2-fde.c: Fix radix sort buffer management.
---
  libgcc/unwind-dw2-fde.c | 8 +++-----
  1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/libgcc/unwind-dw2-fde.c b/libgcc/unwind-dw2-fde.c
index 7b74c391ced..31a3834156b 100644
--- a/libgcc/unwind-dw2-fde.c
+++ b/libgcc/unwind-dw2-fde.c
@@ -624,8 +624,6 @@ fde_radixsort (struct object *ob, fde_extractor_t 
fde_extractor,
        // Stop if we are already sorted.
        if (!violations)
  	{
-	  // The sorted data is in a1 now.
-	  a2 = a1;
  	  break;
  	}

@@ -660,9 +658,9 @@ fde_radixsort (struct object *ob, fde_extractor_t 
fde_extractor,
  #undef FANOUT
  #undef FANOUTBITS

-  // The data is in a2 now, move in place if needed.
-  if (a2 != v1->array)
-    memcpy (v1->array, a2, sizeof (const fde *) * n);
+  // The data is in a1 now, move in place if needed.
+  if (a1 != v1->array)
+    memcpy (v1->array, a1, sizeof (const fde *) * n);
  }

  static inline void
-- 
2.39.2