From 7f4ab8d801edd1db8518ecd110c53483f847a8e9 Mon Sep 17 00:00:00 2001 From: Quentin Carbonneaux Date: Wed, 28 Jul 2021 00:29:50 +0200 Subject: fix amd64 addressing selection bug (afl) Reported by Alessandro Mantovani. Unlikely to be hit in practice because we don't add addresses to addresses. type :biggie = { l, l, l } function $repro(:biggie %p) { @start %x =l add %p, $a storew 42, %x ret } --- amd64/emit.c | 1 + amd64/isel.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/amd64/emit.c b/amd64/emit.c index d8b29bd..29b6bbb 100644 --- a/amd64/emit.c +++ b/amd64/emit.c @@ -184,6 +184,7 @@ regtoa(int reg, int sz) { static char buf[6]; + assert(reg <= XMM15); if (reg >= XMM0) { sprintf(buf, "xmm%d", reg-XMM0); return buf; diff --git a/amd64/isel.c b/amd64/isel.c index 5f84561..31199da 100644 --- a/amd64/isel.c +++ b/amd64/isel.c @@ -147,7 +147,7 @@ seladdr(Ref *r, ANum *an, Fn *fn) * rewrite it or bail out if * impossible */ - if (!req(a.index, R)) + if (!req(a.index, R) || rtype(a.base) != RTmp) return; else { a.index = a.base; -- cgit 1.4.1