This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/18773] New: [Regression] x86-64 strlen reads beyond the end of string
- From: "hjl.tools at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Wed, 05 Aug 2015 12:56:30 +0000
- Subject: [Bug libc/18773] New: [Regression] x86-64 strlen reads beyond the end of string
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=18773
Bug ID: 18773
Summary: [Regression] x86-64 strlen reads beyond the end of
string
Product: glibc
Version: 2.21
Status: NEW
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: hjl.tools at gmail dot com
CC: drepper.fsp at gmail dot com, neleai at seznam dot cz
Target Milestone: ---
commit 37bb363f03d75e5e6f2ca45f2c686a3a0167797e
Author: Ondrej Bilka <neleai@seznam.cz>
Date: Mon Mar 18 07:39:12 2013 +0100
Faster strlen on x64.
introduced strlen which reads beyond the end of string:
(gdb) disass
Dump of assembler code for function strlen:
0x00007ffff6bdcaf0 <+0>: pxor %xmm0,%xmm0
0x00007ffff6bdcaf4 <+4>: pxor %xmm1,%xmm1
0x00007ffff6bdcaf8 <+8>: pxor %xmm2,%xmm2
0x00007ffff6bdcafc <+12>: pxor %xmm3,%xmm3
0x00007ffff6bdcb00 <+16>: mov %rdi,%rax
0x00007ffff6bdcb03 <+19>: mov %rdi,%rcx
0x00007ffff6bdcb06 <+22>: and $0xfff,%rcx
0x00007ffff6bdcb0d <+29>: cmp $0xfcf,%rcx
0x00007ffff6bdcb14 <+36>: ja 0x7ffff6bdcb80 <strlen+144>
=> 0x00007ffff6bdcb16 <+38>: movdqu (%rax),%xmm4
...
(gdb) p/x $rax
$2 = 0x1555555eceff
We can use movdqu here only if $rax - 16 within a page. I will come up
with a run-time testcase later.
--
You are receiving this mail because:
You are on the CC list for the bug.