From 1430c5e4360df89a9a32dcf84ba0d9f52fc4082c Mon Sep 17 00:00:00 2001 From: Benjamin Bouvier Date: Wed, 8 Jul 2020 15:37:03 +0200 Subject: [PATCH] machinst x64: fix index handling of jump table; The index should be truncated to 32 bits before being used for the jump table entry computation. --- cranelift/codegen/src/isa/x64/inst/emit.rs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cranelift/codegen/src/isa/x64/inst/emit.rs b/cranelift/codegen/src/isa/x64/inst/emit.rs index 4a28a306e7..3fd314d382 100644 --- a/cranelift/codegen/src/isa/x64/inst/emit.rs +++ b/cranelift/codegen/src/isa/x64/inst/emit.rs @@ -1336,7 +1336,7 @@ pub(crate) fn emit( // We generate the following sequence: // ;; generated by lowering: cmp #jmp_table_size, %idx // jnb $default_target - // mov %idx, %tmp2 + // movl %idx, %tmp2 // lea start_of_jump_table_offset(%rip), %tmp1 // movzlq [%tmp1, %tmp2], %tmp2 // addq %tmp2, %tmp1 @@ -1349,7 +1349,8 @@ pub(crate) fn emit( }; one_way_jmp(sink, CC::NB, *default_label); // idx unsigned >= jmp table size - let inst = Inst::gen_move(*tmp2, *idx, I64); + // Copy the index (and make sure to clear the high 32-bits lane of tmp2). + let inst = Inst::movzx_rm_r(ExtMode::LQ, RegMem::reg(*idx), *tmp2); inst.emit(sink, flags, state); // Load base address of jump table.