Large stack displacements can sometimes take the stack out of bounds

Compiling [this function](https://github.com/pq-code-package/mlkem-c-embedded/blob/2968023295ed4294a25990811a4d0af1bd05fd84/mlkem/indcpa.c#L27), the stack allocation for `buf` is done as:

```
800087b2: 6505          lui a0, 0x1 
800087b4: 22a1055b      ct.cincoffset   a0, sp, a0
800087b8: 8585155b      ct.cincoffset   a0, a0, -0x7a8
```

The first `ct.cincoffset` (which, unrelated, should be called `cincaddr`) takes `sp` out of bounds.  The second brings it in, but by then the tag is cleared.  

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Large stack displacements can sometimes take the stack out of bounds #279

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Large stack displacements can sometimes take the stack out of bounds #279

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions