Fix i686 memchr for large input sizes

Message ID	1483367199-20720-1-git-send-email-adhemerval.zanella@linaro.org
State	Accepted
Commit	23d27709a423aec32821e9a5198a10267107bae2
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of libc-alpha-return-76517-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) client-ip=209.132.180.131; DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id; q=dns; s= default; b=uzSW5JbKqg4fAY8H6yovJL8H4ajv+Zouy/7Thk+vr9zaQN1T1WGlu v4Za/MZallLjSBysECOaRXa5FviCGRtp5GafQkK0deaN0ZsSKsUN0cc96dSKfpjb bLnrW2sz9NX3684lLfYUjZEzOMAz6RgRmCPTTx4DQfrvJq9rPRxd8o= Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk Sender: libc-alpha-owner@sourceware.org From: Adhemerval Zanella <adhemerval.zanella@linaro.org> To: libc-alpha@sourceware.org Subject: [PATCH] Fix i686 memchr for large input sizes Date: Mon, 2 Jan 2017 12:26:39 -0200 Message-Id: <1483367199-20720-1-git-send-email-adhemerval.zanella@linaro.org>

Message ID

1483367199-20720-1-git-send-email-adhemerval.zanella@linaro.org

State

Accepted

Commit

23d27709a423aec32821e9a5198a10267107bae2

Headers

Received-SPF: pass (google.com: domain of
	libc-alpha-return-76517-patch=linaro.org@sourceware.org
	designates 209.132.180.131 as permitted sender)
	client-ip=209.132.180.131; 
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:subject:date:message-id; q=dns; s=
	default; b=uzSW5JbKqg4fAY8H6yovJL8H4ajv+Zouy/7Thk+vr9zaQN1T1WGlu
	v4Za/MZallLjSBysECOaRXa5FviCGRtp5GafQkK0deaN0ZsSKsUN0cc96dSKfpjb
	bLnrW2sz9NX3684lLfYUjZEzOMAz6RgRmCPTTx4DQfrvJq9rPRxd8o=
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
Sender: libc-alpha-owner@sourceware.org
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Subject: [PATCH] Fix i686 memchr for large input sizes
Date: Mon,  2 Jan 2017 12:26:39 -0200
Message-Id: <1483367199-20720-1-git-send-email-adhemerval.zanella@linaro.org>

Commit Message

Adhemerval Zanella Jan. 2, 2017, 2:26 p.m. UTC

Similar to BZ#19387 and BZ#20971, both i686 memchr optimized assembly
implementations (memchr-sse2-bsf and memchr-sse2) do not handle the
size overflow correctly.

It is shown by the new tests added by commit 3daef2c8ee4df29, where
both implementation fails with size as SIZE_MAX.

This patch uses a similar strategy used on 3daef2c8ee4df2, where
saturared math is used for overflow case.

Checked on i686-linux-gnu.

	[BZ #21014]
	* sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S (MEMCHR): Avoid overflow
	in pointer addition.
	* sysdeps/i386/i686/multiarch/memchr-sse2.S (MEMCHR): Likewise.
---
 ChangeLog                                     |  7 +++++++
 sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S | 10 ++++++++--
 sysdeps/i386/i686/multiarch/memchr-sse2.S     |  8 +++++++-
 3 files changed, 22 insertions(+), 3 deletions(-)

-- 
2.7.4

Comments

Siddhesh Poyarekar Jan. 2, 2017, 7:03 p.m. UTC | #1

On Monday 02 January 2017 07:56 PM, Adhemerval Zanella wrote:
> Similar to BZ#19387 and BZ#20971, both i686 memchr optimized assembly

> implementations (memchr-sse2-bsf and memchr-sse2) do not handle the

> size overflow correctly.

> 

> It is shown by the new tests added by commit 3daef2c8ee4df29, where

> both implementation fails with size as SIZE_MAX.

> 

> This patch uses a similar strategy used on 3daef2c8ee4df2, where

> saturared math is used for overflow case.

> 

> Checked on i686-linux-gnu.

> 

> 	[BZ #21014]

> 	* sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S (MEMCHR): Avoid overflow

> 	in pointer addition.

> 	* sysdeps/i386/i686/multiarch/memchr-sse2.S (MEMCHR): Likewise.


Looks good to me.

Siddhesh

diff --git a/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S b/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S
index c035329..dd31648 100644
--- a/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S
+++ b/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S
@@ -149,9 +149,15 @@  L(crosscache):
 	.p2align 4
 L(unaligned_no_match):
 # ifndef USE_AS_RAWMEMCHR
-	sub	$16, %edx
+        /* Calculate the last acceptable address and check for possible
+           addition overflow by using satured math:
+           edx = ecx + edx
+           edx |= -(edx < ecx)  */
 	add	%ecx, %edx
-	jle	L(return_null)
+	sbb	%eax, %eax
+	or	%eax, %edx
+	sub	$16, %edx
+	jbe	L(return_null)
 	add	$16, %edi
 # else
 	add	$16, %edx
diff --git a/sysdeps/i386/i686/multiarch/memchr-sse2.S b/sysdeps/i386/i686/multiarch/memchr-sse2.S
index f1a11b5..910679c 100644
--- a/sysdeps/i386/i686/multiarch/memchr-sse2.S
+++ b/sysdeps/i386/i686/multiarch/memchr-sse2.S
@@ -118,8 +118,14 @@  L(crosscache):
 # ifndef USE_AS_RAWMEMCHR
 	jnz	L(match_case2_prolog1)
 	lea	-16(%edx), %edx
+        /* Calculate the last acceptable address and check for possible
+           addition overflow by using satured math:
+           edx = ecx + edx
+           edx |= -(edx < ecx)  */
 	add	%ecx, %edx
-	jle	L(return_null)
+	sbb	%eax, %eax
+	or	%eax, %edx
+	jbe	L(return_null)
 	lea	16(%edi), %edi
 # else
 	jnz	L(match_case1_prolog1)

Fix i686 memchr for large input sizes

Commit Message

Comments

Patch