From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=fF2s=EJ=gmail.com=amodra@sourceware.org>
Received: from mail-pl1-x631.google.com (mail-pl1-x631.google.com [IPv6:2607:f8b0:4864:20::631])
	by sourceware.org (Postfix) with ESMTPS id 9FC613858C39
	for <binutils@sourceware.org>; Thu, 24 Aug 2023 09:08:29 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 9FC613858C39
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com
Received: by mail-pl1-x631.google.com with SMTP id d9443c01a7336-1c0bae4da38so5261185ad.0
        for <binutils@sourceware.org>; Thu, 24 Aug 2023 02:08:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1692868108; x=1693472908;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=ykgsD0FwFXNeoqdygmyYUuUjOLI2ssn3OI9U7EFne64=;
        b=QyjRH6klnkPA7rrN814JK4IQETrtcv5e/3mfj18MVDYEs+tKMGEb5jgUvbpoSessRK
         4GsOw2Jlil3NK9kTWNriBY/q3BDFBSQJf+WtyhjQQeyblySxix1tqkozI0WElxFcPmWB
         9vGrm/rJ67axGn64y18UqFmYUJzvA+Ls+pTp5BTaSV8uOBFzyN3z6bta2OslTL7HW1ln
         fNrKOQjJnYzBg+Ay30yDwTGBDWT5bIbzJmbSElo1Z57uCWqffESGRelGwZEyvC0rfr4F
         EvttbpNwAtlR+DCc9ViF0EnB33qmuEwcXjDCRLK9DvA6ZCDJfdkztONvECP1iLl7Z7UY
         PnGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1692868108; x=1693472908;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=ykgsD0FwFXNeoqdygmyYUuUjOLI2ssn3OI9U7EFne64=;
        b=PTQ9MVzpvM82V5N6JTLnjXZkDcQbKYq9hPsFDdSjh1Jx5rOA1wyBGxf3uKsGcPYayv
         qVHUJItVQQ+fscaPihN8jEJAiCPbkDyD4Ps0wyQqDEnp0sY2GvXP83rIQFw6Xbks/B7b
         kXVZvQbMTF0Yyi3iq89jPyM8Z47/vDzngiKVTRm/KEaGtDDipNT2AUjMj272MESirKtC
         IsgAWXZ4YUAiPa27F6l+LItQpJwX1VPzQ2TX5/mJuQF9zi7KJDXcNKP36AXUPv7g9+9/
         ltewwZvoxG+1dW6DyjBR2YFAsqPBiJGN8rOYTKh76ttMtzlgM3E09HWNeejWCdPi3qsM
         Gy4g==
X-Gm-Message-State: AOJu0YymGtBR8TccDVinPEey3AgHJSOFsS023hzEdoHOwlouiLeBvvT0
	WOA8TO/ZtLxIAwg1+1Wyukw=
X-Google-Smtp-Source: AGHT+IEHCX1M9VHBuJa1tcUKK4Q67jeDCS/buZi9zyaNrJFTDOrC6qXbvrbG6jDwDiBoVbjnpEKUSA==
X-Received: by 2002:a17:902:e550:b0:1b9:d38d:f08d with SMTP id n16-20020a170902e55000b001b9d38df08dmr26287447plf.18.1692868108484;
        Thu, 24 Aug 2023 02:08:28 -0700 (PDT)
Received: from squeak.grove.modra.org (158.106.96.58.static.exetel.com.au. [58.96.106.158])
        by smtp.gmail.com with ESMTPSA id b13-20020a170902d50d00b001b87bedcc6fsm12240942plg.93.2023.08.24.02.08.27
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 24 Aug 2023 02:08:28 -0700 (PDT)
Received: by squeak.grove.modra.org (Postfix, from userid 1000)
	id 9269C11404E3; Thu, 24 Aug 2023 18:38:25 +0930 (ACST)
Date: Thu, 24 Aug 2023 18:38:25 +0930
From: Alan Modra <amodra@gmail.com>
To: Paul Iannetta <piannetta@kalrayinc.com>
Cc: binutils@sourceware.org
Subject: Re: [PATCH] kvx: fix kvx_reassemble_bundle index 8 out of bounds
Message-ID: <ZOceCbu2r9L9obFC@squeak.grove.modra.org>
References: <ZOX4FFGJ5QZ5D/U5@squeak.grove.modra.org>
 <20230823143923.10105-1-piannetta@kalrayinc.com>
 <ZObKoYxR9ADFli3o@squeak.grove.modra.org>
 <20230824084906.svfkw5r7xxws2prc@ws2202.lin.mbt.kalray.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20230824084906.svfkw5r7xxws2prc@ws2202.lin.mbt.kalray.eu>
X-Spam-Status: No, score=-3034.2 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <binutils.sourceware.org>

On Thu, Aug 24, 2023 at 10:49:06AM +0200, Paul Iannetta wrote:
> On Thu, Aug 24, 2023 at 12:42:33PM +0930, Alan Modra wrote:
> > On Wed, Aug 23, 2023 at 04:39:19PM +0200, Paul Iannetta via Binutils wrote:
> > > As discussed earlier, I removed kvx_elf64_linux_vec, fix the handling of unique
> > > symbols by using has_gnu_osabi instead of overwriting e_ident, change (unsigned)
> > > long long into {u,}int64 and at some place int by int32_t.
> > 
> > I've committed these for you.  BTW, oss-fuzz is poking at the kvx
> > support and finding holes.  See pr30793.
> 
> The attached patch should fix pr30793.

decode_prologue_epilogue_bundle too?

> 
> Thanks,
> Paul
> 
> 

> >From 03c35cf18fa689bc7d727c506d30c396244cb307 Mon Sep 17 00:00:00 2001
> From: Paul Iannetta <piannetta@kalrayinc.com>
> Date: Thu, 24 Aug 2023 10:39:14 +0200
> Subject: [PATCH] kvx: fix kvx_reassemble_bundle index 8 out of bounds
> 
> opcodes/ChangeLog:
> 
> 2023-08-24  Paul Iannetta  <piannetta@kalrayinc.com>
> 
> 	* kvx-dis.c (print_insn_kvx): Change the loop condition so that
> 	  wordcount is always less than KVXMAXBUNDLEWORDS.
> ---
>  opcodes/kvx-dis.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/opcodes/kvx-dis.c b/opcodes/kvx-dis.c
> index e63430a9e57..a78eb5f84ec 100644
> --- a/opcodes/kvx-dis.c
> +++ b/opcodes/kvx-dis.c
> @@ -1056,7 +1056,7 @@ print_insn_kvx (bfd_vma memaddr, struct disassemble_info *info)
>  	  wordcount++;
>  	}
>        while (kvx_has_parallel_bit (bundle_words[wordcount - 1])
> -	     && wordcount < KVXMAXBUNDLEWORDS);
> +	     && wordcount < KVXMAXBUNDLEWORDS - 1);
>        invalid_bundle = kvx_reassemble_bundle (wordcount, &insncount);
>      }
>  
> -- 
> 2.35.1.500.gb896f729e2
> 


-- 
Alan Modra
Australia Development Lab, IBM