From 3a528f1cbfb053e09101a7b2e1ae767993929206 Mon Sep 17 00:00:00 2001
From: Lev Rumyantsev <levarum@google.com>
Date: Fri, 29 Jul 2016 17:55:42 -0700
Subject: [PATCH] Fix x86 __memset_chk.

When __memset_chk_fail moved to C++, we didn't take into account
that the stack wasn't set up correctly for the jump from assembler.
Presumably no one had run the 32-bit x86 tests until now!

Bug: http://b/30513094
Change-Id: Iab9fbc731b6bfecd7ca4d3f3844d0568a5d30d86
---
 libc/arch-x86/atom/string/sse2-memset-atom.S      | 6 ++++--
 libc/arch-x86/silvermont/string/sse2-memset-slm.S | 6 ++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/libc/arch-x86/atom/string/sse2-memset-atom.S b/libc/arch-x86/atom/string/sse2-memset-atom.S
index e03cd1a1c..04de18f74 100644
--- a/libc/arch-x86/atom/string/sse2-memset-atom.S
+++ b/libc/arch-x86/atom/string/sse2-memset-atom.S
@@ -117,8 +117,10 @@ ENTRY(__memset_chk)
 
   movl LEN(%esp), %ecx
   cmpl CHK_DST_LEN(%esp), %ecx
-  ja __memset_chk_fail
-  jmp L(memset_length_loaded)
+  jna L(memset_length_loaded)
+
+  POP (%ebx) // Undo ENTRANCE without returning.
+  jmp __memset_chk_fail
 END(__memset_chk)
 
 	.section .text.sse2,"ax",@progbits
diff --git a/libc/arch-x86/silvermont/string/sse2-memset-slm.S b/libc/arch-x86/silvermont/string/sse2-memset-slm.S
index f5182baaf..f28e1b878 100644
--- a/libc/arch-x86/silvermont/string/sse2-memset-slm.S
+++ b/libc/arch-x86/silvermont/string/sse2-memset-slm.S
@@ -117,8 +117,10 @@ ENTRY(__memset_chk)
 
   movl LEN(%esp), %ecx
   cmpl CHK_DST_LEN(%esp), %ecx
-  ja __memset_chk_fail
-  jmp L(memset_length_loaded)
+  jna L(memset_length_loaded)
+
+  POP (%ebx) // Undo ENTRANCE without returning.
+  jmp __memset_chk_fail
 END(__memset_chk)
 
 	.section .text.sse2,"ax",@progbits