From patchwork Mon Jan 2 14:26:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 89510 Delivered-To: patch@linaro.org Received: by 10.140.20.101 with SMTP id 92csp7612036qgi; Mon, 2 Jan 2017 06:27:08 -0800 (PST) X-Received: by 10.84.204.8 with SMTP id a8mr128376439ple.172.1483367228164; Mon, 02 Jan 2017 06:27:08 -0800 (PST) Return-Path: Received: from sourceware.org (server1.sourceware.org. [209.132.180.131]) by mx.google.com with ESMTPS id j3si65867776pld.177.2017.01.02.06.27.07 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 02 Jan 2017 06:27:08 -0800 (PST) Received-SPF: pass (google.com: domain of libc-alpha-return-76517-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) client-ip=209.132.180.131; Authentication-Results: mx.google.com; dkim=pass header.i=@sourceware.org; spf=pass (google.com: domain of libc-alpha-return-76517-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) smtp.mailfrom=libc-alpha-return-76517-patch=linaro.org@sourceware.org; dmarc=fail (p=NONE dis=NONE) header.from=linaro.org DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id; q=dns; s= default; b=uzSW5JbKqg4fAY8H6yovJL8H4ajv+Zouy/7Thk+vr9zaQN1T1WGlu v4Za/MZallLjSBysECOaRXa5FviCGRtp5GafQkK0deaN0ZsSKsUN0cc96dSKfpjb bLnrW2sz9NX3684lLfYUjZEzOMAz6RgRmCPTTx4DQfrvJq9rPRxd8o= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id; s=default; bh=a2MDHHgFWRNVGYgDYC+9gyjkF3w=; b=AuKudYRhISTllkyuxxLsovUyKb+4 ozacc+mWQgSW8NKd+2MtGQVb+UdrMSS0zHWBjko7cRM10oP4w2ikKrgyrLmNo1mm 57Nu/o25ZCK+dFYt7oLZdGKo3QD6q6htzGdSW+hFP7RBvvakQiZcIdEEtHmUoArl ON3jhxxiKgC4kzY= Received: (qmail 33785 invoked by alias); 2 Jan 2017 14:26:58 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 33278 invoked by uid 89); 2 Jan 2017 14:26:58 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, RCVD_IN_SORBS_SPAM, SPF_PASS autolearn=no version=3.3.2 spammy=sk:match_c, 2.7.4, 118, 8, 1188 X-HELO: mail-yw0-f171.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id; bh=b+gUq3nA+cakjx2pauOzTBV+Y5EJfhWSM1QMPaBFE2g=; b=koUuAi83WmFrTEhrC8g/DhsGuj+2whEZLKdf0uRP9iuDh0zWR43z8hU4wYwJbKLJKK ujqA/zmZTDXuB7RQaG4VoTvP3iEWBu39HUudzCJJ2MnwrCfIbWiMwoOA8lqpvb6mVmUL dnjW46vr54HDIKmjlJzzT7+s5KDYhZj23RUUIOD5vVTz/wg+Po2FjGXKzvwrhIu5m33I NJToTByRnphZfJdJbTQgSFW2TBG6TknPl/dqJp9/8C+ij0Ub8c0MrpiER182DoOFkRdy 3S3E6DGGGeUWSi7PAGMHMTZ8kg0JGhncQBuM8rTx3p8yIZ84qlOs67vbUTsulA3KrIQ5 Zqig== X-Gm-Message-State: AIkVDXLiNSh5OOJ2mLWx+kjgCVl2EteeUz10Ae6q+qCJi+W9izaJsd3mClx3ZDdQF3YWin9S X-Received: by 10.129.157.203 with SMTP id u194mr59735057ywg.322.1483367206233; Mon, 02 Jan 2017 06:26:46 -0800 (PST) From: Adhemerval Zanella To: libc-alpha@sourceware.org Subject: [PATCH] Fix i686 memchr for large input sizes Date: Mon, 2 Jan 2017 12:26:39 -0200 Message-Id: <1483367199-20720-1-git-send-email-adhemerval.zanella@linaro.org> Similar to BZ#19387 and BZ#20971, both i686 memchr optimized assembly implementations (memchr-sse2-bsf and memchr-sse2) do not handle the size overflow correctly. It is shown by the new tests added by commit 3daef2c8ee4df29, where both implementation fails with size as SIZE_MAX. This patch uses a similar strategy used on 3daef2c8ee4df2, where saturared math is used for overflow case. Checked on i686-linux-gnu. [BZ #21014] * sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S (MEMCHR): Avoid overflow in pointer addition. * sysdeps/i386/i686/multiarch/memchr-sse2.S (MEMCHR): Likewise. --- ChangeLog | 7 +++++++ sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S | 10 ++++++++-- sysdeps/i386/i686/multiarch/memchr-sse2.S | 8 +++++++- 3 files changed, 22 insertions(+), 3 deletions(-) -- 2.7.4 diff --git a/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S b/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S index c035329..dd31648 100644 --- a/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S +++ b/sysdeps/i386/i686/multiarch/memchr-sse2-bsf.S @@ -149,9 +149,15 @@ L(crosscache): .p2align 4 L(unaligned_no_match): # ifndef USE_AS_RAWMEMCHR - sub $16, %edx + /* Calculate the last acceptable address and check for possible + addition overflow by using satured math: + edx = ecx + edx + edx |= -(edx < ecx) */ add %ecx, %edx - jle L(return_null) + sbb %eax, %eax + or %eax, %edx + sub $16, %edx + jbe L(return_null) add $16, %edi # else add $16, %edx diff --git a/sysdeps/i386/i686/multiarch/memchr-sse2.S b/sysdeps/i386/i686/multiarch/memchr-sse2.S index f1a11b5..910679c 100644 --- a/sysdeps/i386/i686/multiarch/memchr-sse2.S +++ b/sysdeps/i386/i686/multiarch/memchr-sse2.S @@ -118,8 +118,14 @@ L(crosscache): # ifndef USE_AS_RAWMEMCHR jnz L(match_case2_prolog1) lea -16(%edx), %edx + /* Calculate the last acceptable address and check for possible + addition overflow by using satured math: + edx = ecx + edx + edx |= -(edx < ecx) */ add %ecx, %edx - jle L(return_null) + sbb %eax, %eax + or %eax, %edx + jbe L(return_null) lea 16(%edi), %edi # else jnz L(match_case1_prolog1)