[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/30793] kvx_reassemble_bundle index 8 out of bounds
|
From: |
cvs-commit at gcc dot gnu.org |
|
Subject: |
[Bug binutils/30793] kvx_reassemble_bundle index 8 out of bounds |
|
Date: |
Thu, 07 Sep 2023 22:22:28 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=30793
--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot
gnu.org> ---
The master branch has been updated by Alan Modra <amodra@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dd39dcae8880f0ed298daa1e35d21a84f0a7bdec
commit dd39dcae8880f0ed298daa1e35d21a84f0a7bdec
Author: Alan Modra <amodra@gmail.com>
Date: Thu Sep 7 20:08:57 2023 +0930
PR30793, kvx_reassemble_bundle index 8 out of bounds
While the patch already committed for pr30793 prevents the asan error,
there is a problem: Now the last element of bundle_words never gets
written. That's very likely wrong, or KVXMAXBUNDLEWORDS is too big.
So this patch rearranges things a little to support writing of all of
bundle_words and does the parallel bit checking only when filling
bundle_words. In the normal case, kvx_reassemble_bundle will see
bundle_words[word_count-1] with the parallel bit clear and all other
words having it set. In the error case where all words in
bundle_words have the parallel bit set, kvx_reassemble_bundle will be
passed a wordcount of KVXMAXBUNDLEWORDS + 1. I've also made
kvx_reassemble_bundle return true for success rather than zero, and
removed the unnecessary check for zero wordcount.
PR 30793
* kvx-dis.c (kvx_reassemble_bundle): Return bool, true on success.
Fail if wordcount is too large. Don't check for wordcount zero.
Don't check kvx_has_parallel_bit.
(print_insn_kvx): Rewrite code reading bundle_words as a for loop.
Don't stop reading at KVXMAXBUNDLEWORDS - 1.
(decode_prologue_epilogue_bundle): Similarly.
--
You are receiving this mail because:
You are on the CC list for the bug.