commit 7f4ab8d801edd1db8518ecd110c53483f847a8e9
parent 6d9ee1389572ae985f6a39bb99dbd10cdf42c123
Author: Quentin Carbonneaux <quentin@c9x.me>
Date: Wed, 28 Jul 2021 00:29:50 +0200
fix amd64 addressing selection bug (afl)
Reported by Alessandro Mantovani.
Unlikely to be hit in practice
because we don't add addresses to
addresses.
type :biggie = { l, l, l }
function $repro(:biggie %p) {
@start
%x =l add %p, $a
storew 42, %x
ret
}
Diffstat:
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/amd64/emit.c b/amd64/emit.c
@@ -184,6 +184,7 @@ regtoa(int reg, int sz)
{
static char buf[6];
+ assert(reg <= XMM15);
if (reg >= XMM0) {
sprintf(buf, "xmm%d", reg-XMM0);
return buf;
diff --git a/amd64/isel.c b/amd64/isel.c
@@ -147,7 +147,7 @@ seladdr(Ref *r, ANum *an, Fn *fn)
* rewrite it or bail out if
* impossible
*/
- if (!req(a.index, R))
+ if (!req(a.index, R) || rtype(a.base) != RTmp)
return;
else {
a.index = a.base;
