* Re: [PATCH v3 2/7] x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755] [not found] ` <CAMe9rOqXMUQj_EUcisf_xr+cN2VVUJEY2p1DibS9tjkDS5vmSA@mail.gmail.com> @ 2022-01-26 22:04 ` H.J. Lu 2022-04-29 22:05 ` Sunil Pandey 0 siblings, 1 reply; 6+ messages in thread From: H.J. Lu @ 2022-01-26 22:04 UTC (permalink / raw) To: Noah Goldstein, GNU C Library; +Cc: Libc-stable Mailing List On Mon, Jan 10, 2022 at 6:15 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > On Mon, Jan 10, 2022 at 1:36 PM Noah Goldstein via Libc-alpha > <libc-alpha@sourceware.org> wrote: > > > > Fixes [BZ# 28755] for wcsncmp by redirecting length >= 2^56 to > > __wcscmp_evex. For x86_64 this covers the entire address range so any > > length larger could not possibly be used to bound `s1` or `s2`. > > > > test-strcmp, test-strncmp, test-wcscmp, and test-wcsncmp all pass. > > > > Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com> > > --- > > sysdeps/x86_64/multiarch/strcmp-evex.S | 10 ++++++++++ > > 1 file changed, 10 insertions(+) > > > > diff --git a/sysdeps/x86_64/multiarch/strcmp-evex.S b/sysdeps/x86_64/multiarch/strcmp-evex.S > > index 1d971f3889..0cd939d5af 100644 > > --- a/sysdeps/x86_64/multiarch/strcmp-evex.S > > +++ b/sysdeps/x86_64/multiarch/strcmp-evex.S > > @@ -104,6 +104,16 @@ ENTRY (STRCMP) > > je L(char0) > > jb L(zero) > > # ifdef USE_AS_WCSCMP > > +# ifndef __ILP32__ > > + movq %rdx, %rcx > > + /* Check if length could overflow when multiplied by > > + sizeof(wchar_t). Checking top 8 bits will cover all potential > > + overflow cases as well as redirect cases where its impossible to > > + length to bound a valid memory region. In these cases just use > > + 'wcscmp'. */ > > + shrq $56, %rcx > > + jnz __wcscmp_evex > > +# endif > > /* Convert units: from wide to byte char. */ > > shl $2, %RDX_LP > > # endif > > -- > > 2.25.1 > > > > LGTM. > > Reviewed-by: H.J. Lu <hjl.tools@gmail.com> > > Thanks. > > -- > H.J. I am backporting this to 2.34 branch. -- H.J. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v3 2/7] x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755] 2022-01-26 22:04 ` [PATCH v3 2/7] x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755] H.J. Lu @ 2022-04-29 22:05 ` Sunil Pandey 0 siblings, 0 replies; 6+ messages in thread From: Sunil Pandey @ 2022-04-29 22:05 UTC (permalink / raw) To: H.J. Lu; +Cc: Noah Goldstein, GNU C Library, Libc-stable Mailing List On Wed, Jan 26, 2022 at 2:06 PM H.J. Lu via Libc-alpha <libc-alpha@sourceware.org> wrote: > > On Mon, Jan 10, 2022 at 6:15 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > On Mon, Jan 10, 2022 at 1:36 PM Noah Goldstein via Libc-alpha > > <libc-alpha@sourceware.org> wrote: > > > > > > Fixes [BZ# 28755] for wcsncmp by redirecting length >= 2^56 to > > > __wcscmp_evex. For x86_64 this covers the entire address range so any > > > length larger could not possibly be used to bound `s1` or `s2`. > > > > > > test-strcmp, test-strncmp, test-wcscmp, and test-wcsncmp all pass. > > > > > > Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com> > > > --- > > > sysdeps/x86_64/multiarch/strcmp-evex.S | 10 ++++++++++ > > > 1 file changed, 10 insertions(+) > > > > > > diff --git a/sysdeps/x86_64/multiarch/strcmp-evex.S b/sysdeps/x86_64/multiarch/strcmp-evex.S > > > index 1d971f3889..0cd939d5af 100644 > > > --- a/sysdeps/x86_64/multiarch/strcmp-evex.S > > > +++ b/sysdeps/x86_64/multiarch/strcmp-evex.S > > > @@ -104,6 +104,16 @@ ENTRY (STRCMP) > > > je L(char0) > > > jb L(zero) > > > # ifdef USE_AS_WCSCMP > > > +# ifndef __ILP32__ > > > + movq %rdx, %rcx > > > + /* Check if length could overflow when multiplied by > > > + sizeof(wchar_t). Checking top 8 bits will cover all potential > > > + overflow cases as well as redirect cases where its impossible to > > > + length to bound a valid memory region. In these cases just use > > > + 'wcscmp'. */ > > > + shrq $56, %rcx > > > + jnz __wcscmp_evex > > > +# endif > > > /* Convert units: from wide to byte char. */ > > > shl $2, %RDX_LP > > > # endif > > > -- > > > 2.25.1 > > > > > > > LGTM. > > > > Reviewed-by: H.J. Lu <hjl.tools@gmail.com> > > > > Thanks. > > > > -- > > H.J. > > I am backporting this to 2.34 branch. > > -- > H.J. I would like to backport this patch to release branches. Any comments or objections? --Sunil ^ permalink raw reply [flat|nested] 6+ messages in thread
[parent not found: <CAMe9rOoSyQpp=u=B2+OXXfxqJvdCOyd0GKj-sx=tv4iQW_dNug@mail.gmail.com>]
* Re: [PATCH v3 1/7] x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755] [not found] ` <CAMe9rOoSyQpp=u=B2+OXXfxqJvdCOyd0GKj-sx=tv4iQW_dNug@mail.gmail.com> @ 2022-01-26 22:05 ` H.J. Lu 2022-01-27 4:29 ` H.J. Lu 0 siblings, 1 reply; 6+ messages in thread From: H.J. Lu @ 2022-01-26 22:05 UTC (permalink / raw) To: Noah Goldstein; +Cc: GNU C Library, Libc-stable Mailing List On Mon, Jan 10, 2022 at 6:15 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > On Mon, Jan 10, 2022 at 1:36 PM Noah Goldstein via Libc-alpha > <libc-alpha@sourceware.org> wrote: > > > > Fixes [BZ# 28755] for wcsncmp by redirecting length >= 2^56 to > > __wcscmp_avx2. For x86_64 this covers the entire address range so any > > length larger could not possibly be used to bound `s1` or `s2`. > > > > test-strcmp, test-strncmp, test-wcscmp, and test-wcsncmp all pass. > > > > Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com> > > --- > > sysdeps/x86_64/multiarch/strcmp-avx2.S | 10 ++++++++++ > > 1 file changed, 10 insertions(+) > > > > diff --git a/sysdeps/x86_64/multiarch/strcmp-avx2.S b/sysdeps/x86_64/multiarch/strcmp-avx2.S > > index a45f9d2749..9c73b5899d 100644 > > --- a/sysdeps/x86_64/multiarch/strcmp-avx2.S > > +++ b/sysdeps/x86_64/multiarch/strcmp-avx2.S > > @@ -87,6 +87,16 @@ ENTRY (STRCMP) > > je L(char0) > > jb L(zero) > > # ifdef USE_AS_WCSCMP > > +# ifndef __ILP32__ > > + movq %rdx, %rcx > > + /* Check if length could overflow when multiplied by > > + sizeof(wchar_t). Checking top 8 bits will cover all potential > > + overflow cases as well as redirect cases where its impossible to > > + length to bound a valid memory region. In these cases just use > > + 'wcscmp'. */ > > + shrq $56, %rcx > > + jnz __wcscmp_avx2 > > +# endif > > /* Convert units: from wide to byte char. */ > > shl $2, %RDX_LP > > # endif > > -- > > 2.25.1 > > > > LGTM. > > Reviewed-by: H.J. Lu <hjl.tools@gmail.com> > > Thanks. > > -- > H.J. I am backporting this to 2.34 branch. -- H.J. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v3 1/7] x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755] 2022-01-26 22:05 ` [PATCH v3 1/7] x86: Fix __wcsncmp_avx2 in strcmp-avx2.S " H.J. Lu @ 2022-01-27 4:29 ` H.J. Lu 2022-01-27 5:10 ` H.J. Lu 0 siblings, 1 reply; 6+ messages in thread From: H.J. Lu @ 2022-01-27 4:29 UTC (permalink / raw) To: Noah Goldstein; +Cc: GNU C Library, Libc-stable Mailing List On Wed, Jan 26, 2022 at 2:05 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > On Mon, Jan 10, 2022 at 6:15 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > On Mon, Jan 10, 2022 at 1:36 PM Noah Goldstein via Libc-alpha > > <libc-alpha@sourceware.org> wrote: > > > > > > Fixes [BZ# 28755] for wcsncmp by redirecting length >= 2^56 to > > > __wcscmp_avx2. For x86_64 this covers the entire address range so any > > > length larger could not possibly be used to bound `s1` or `s2`. > > > > > > test-strcmp, test-strncmp, test-wcscmp, and test-wcsncmp all pass. > > > > > > Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com> > > > --- > > > sysdeps/x86_64/multiarch/strcmp-avx2.S | 10 ++++++++++ > > > 1 file changed, 10 insertions(+) > > > > > > diff --git a/sysdeps/x86_64/multiarch/strcmp-avx2.S b/sysdeps/x86_64/multiarch/strcmp-avx2.S > > > index a45f9d2749..9c73b5899d 100644 > > > --- a/sysdeps/x86_64/multiarch/strcmp-avx2.S > > > +++ b/sysdeps/x86_64/multiarch/strcmp-avx2.S > > > @@ -87,6 +87,16 @@ ENTRY (STRCMP) > > > je L(char0) > > > jb L(zero) > > > # ifdef USE_AS_WCSCMP > > > +# ifndef __ILP32__ > > > + movq %rdx, %rcx > > > + /* Check if length could overflow when multiplied by > > > + sizeof(wchar_t). Checking top 8 bits will cover all potential > > > + overflow cases as well as redirect cases where its impossible to > > > + length to bound a valid memory region. In these cases just use > > > + 'wcscmp'. */ > > > + shrq $56, %rcx > > > + jnz __wcscmp_avx2 > > > +# endif > > > /* Convert units: from wide to byte char. */ > > > shl $2, %RDX_LP > > > # endif > > > -- > > > 2.25.1 > > > > > > > LGTM. > > > > Reviewed-by: H.J. Lu <hjl.tools@gmail.com> > > > > Thanks. > > > > -- > > H.J. > > I am backporting this to 2.34 branch. > I am backporting this to 2.33 branch. -- H.J. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v3 1/7] x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755] 2022-01-27 4:29 ` H.J. Lu @ 2022-01-27 5:10 ` H.J. Lu 2022-01-27 5:52 ` Noah Goldstein 0 siblings, 1 reply; 6+ messages in thread From: H.J. Lu @ 2022-01-27 5:10 UTC (permalink / raw) To: Noah Goldstein; +Cc: GNU C Library, Libc-stable Mailing List On Wed, Jan 26, 2022 at 8:29 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > On Wed, Jan 26, 2022 at 2:05 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > On Mon, Jan 10, 2022 at 6:15 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > On Mon, Jan 10, 2022 at 1:36 PM Noah Goldstein via Libc-alpha > > > <libc-alpha@sourceware.org> wrote: > > > > > > > > Fixes [BZ# 28755] for wcsncmp by redirecting length >= 2^56 to > > > > __wcscmp_avx2. For x86_64 this covers the entire address range so any > > > > length larger could not possibly be used to bound `s1` or `s2`. > > > > > > > > test-strcmp, test-strncmp, test-wcscmp, and test-wcsncmp all pass. > > > > > > > > Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com> > > > > --- > > > > sysdeps/x86_64/multiarch/strcmp-avx2.S | 10 ++++++++++ > > > > 1 file changed, 10 insertions(+) > > > > > > > > diff --git a/sysdeps/x86_64/multiarch/strcmp-avx2.S b/sysdeps/x86_64/multiarch/strcmp-avx2.S > > > > index a45f9d2749..9c73b5899d 100644 > > > > --- a/sysdeps/x86_64/multiarch/strcmp-avx2.S > > > > +++ b/sysdeps/x86_64/multiarch/strcmp-avx2.S > > > > @@ -87,6 +87,16 @@ ENTRY (STRCMP) > > > > je L(char0) > > > > jb L(zero) > > > > # ifdef USE_AS_WCSCMP > > > > +# ifndef __ILP32__ > > > > + movq %rdx, %rcx > > > > + /* Check if length could overflow when multiplied by > > > > + sizeof(wchar_t). Checking top 8 bits will cover all potential > > > > + overflow cases as well as redirect cases where its impossible to > > > > + length to bound a valid memory region. In these cases just use > > > > + 'wcscmp'. */ > > > > + shrq $56, %rcx > > > > + jnz __wcscmp_avx2 > > > > +# endif > > > > /* Convert units: from wide to byte char. */ > > > > shl $2, %RDX_LP > > > > # endif > > > > -- > > > > 2.25.1 > > > > > > > > > > LGTM. > > > > > > Reviewed-by: H.J. Lu <hjl.tools@gmail.com> > > > > > > Thanks. > > > > > > -- > > > H.J. > > > > I am backporting this to 2.34 branch. > > > > I am backporting this to 2.33 branch. > I am backporting this to all affected release branches. -- H.J. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v3 1/7] x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755] 2022-01-27 5:10 ` H.J. Lu @ 2022-01-27 5:52 ` Noah Goldstein 0 siblings, 0 replies; 6+ messages in thread From: Noah Goldstein @ 2022-01-27 5:52 UTC (permalink / raw) To: H.J. Lu; +Cc: GNU C Library, Libc-stable Mailing List On Wed, Jan 26, 2022 at 11:11 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > On Wed, Jan 26, 2022 at 8:29 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > On Wed, Jan 26, 2022 at 2:05 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > On Mon, Jan 10, 2022 at 6:15 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > On Mon, Jan 10, 2022 at 1:36 PM Noah Goldstein via Libc-alpha > > > > <libc-alpha@sourceware.org> wrote: > > > > > > > > > > Fixes [BZ# 28755] for wcsncmp by redirecting length >= 2^56 to > > > > > __wcscmp_avx2. For x86_64 this covers the entire address range so any > > > > > length larger could not possibly be used to bound `s1` or `s2`. > > > > > > > > > > test-strcmp, test-strncmp, test-wcscmp, and test-wcsncmp all pass. > > > > > > > > > > Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com> > > > > > --- > > > > > sysdeps/x86_64/multiarch/strcmp-avx2.S | 10 ++++++++++ > > > > > 1 file changed, 10 insertions(+) > > > > > > > > > > diff --git a/sysdeps/x86_64/multiarch/strcmp-avx2.S b/sysdeps/x86_64/multiarch/strcmp-avx2.S > > > > > index a45f9d2749..9c73b5899d 100644 > > > > > --- a/sysdeps/x86_64/multiarch/strcmp-avx2.S > > > > > +++ b/sysdeps/x86_64/multiarch/strcmp-avx2.S > > > > > @@ -87,6 +87,16 @@ ENTRY (STRCMP) > > > > > je L(char0) > > > > > jb L(zero) > > > > > # ifdef USE_AS_WCSCMP > > > > > +# ifndef __ILP32__ > > > > > + movq %rdx, %rcx > > > > > + /* Check if length could overflow when multiplied by > > > > > + sizeof(wchar_t). Checking top 8 bits will cover all potential > > > > > + overflow cases as well as redirect cases where its impossible to > > > > > + length to bound a valid memory region. In these cases just use > > > > > + 'wcscmp'. */ > > > > > + shrq $56, %rcx > > > > > + jnz __wcscmp_avx2 > > > > > +# endif > > > > > /* Convert units: from wide to byte char. */ > > > > > shl $2, %RDX_LP > > > > > # endif > > > > > -- > > > > > 2.25.1 > > > > > > > > > > > > > LGTM. > > > > > > > > Reviewed-by: H.J. Lu <hjl.tools@gmail.com> > > > > > > > > Thanks. > > > > > > > > -- > > > > H.J. > > > > > > I am backporting this to 2.34 branch. > > > > > > > I am backporting this to 2.33 branch. > > > > I am backporting this to all affected release branches. Should we also backport the stuff for [BZ #27974]? It was essentially the same bug. The two commits that fixed the issues where: commit a775a7a3eb1e85b54af0b4ee5ff4dcf66772a1fb Author: Noah Goldstein <goldstein.w.n@gmail.com> Date: Wed Jun 23 01:56:29 2021 -0400 x86: Fix overflow bug in wcsnlen-sse4_1 and wcsnlen-avx2 [BZ #27974] and commit 645a158978f9520e74074e8c14047503be4db0f0 Author: Noah Goldstein <goldstein.w.n@gmail.com> Date: Wed Jun 9 16:25:32 2021 -0400 x86: Fix overflow bug with wmemchr-sse2 and wmemchr-avx2 [BZ #27974] The only thing is the avx2 fixes are based onsome other changes to the file. > > -- > H.J. ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-04-29 22:06 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <20220109122946.2754917-1-goldstein.w.n@gmail.com> [not found] ` <20220110213540.1258344-1-goldstein.w.n@gmail.com> [not found] ` <20220110213540.1258344-2-goldstein.w.n@gmail.com> [not found] ` <CAMe9rOqXMUQj_EUcisf_xr+cN2VVUJEY2p1DibS9tjkDS5vmSA@mail.gmail.com> 2022-01-26 22:04 ` [PATCH v3 2/7] x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755] H.J. Lu 2022-04-29 22:05 ` Sunil Pandey [not found] ` <CAMe9rOoSyQpp=u=B2+OXXfxqJvdCOyd0GKj-sx=tv4iQW_dNug@mail.gmail.com> 2022-01-26 22:05 ` [PATCH v3 1/7] x86: Fix __wcsncmp_avx2 in strcmp-avx2.S " H.J. Lu 2022-01-27 4:29 ` H.J. Lu 2022-01-27 5:10 ` H.J. Lu 2022-01-27 5:52 ` Noah Goldstein
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).