#13 ✓resolved
Peter Johnson

Crashed in short jumps and absolute symbol values in BITS 64 mode

Reported by Peter Johnson | June 25th, 2011 @ 07:48 PM | in 0.2.0 (closed)

Originally posted on Trac by meor@softhome.net
Original Trac Ticket

  Description

  @@@

I found a couple errors with short jumps in 64bit mode. I'm using the latest
CVS pull as of 7/18 on a Windows XP Cygwin environment. Short jumps in 64 bit
are only able to be generated if the displacement is immediatly before or after
the jump mnemonic. If the displacement is greater than the immediate following
or preceeding byte, a 16 bit-near jump is silently used, even if the jump is
within short jump distance, and even if the jump is greater that 16 bits away in
which case the displacement is truncated. I also found a way to crash the
compiler in 64bit mode when creating an absolute line label, I have a feeling
that it is a related problem but I have no basis for that reasoning. I added
this problem to this bug report as well.


BITS 64
testline1:
mov dword [testline2], testline2
jc testline3
testline3:

testline2 equ $-testline1

Correct short Jump = 0x72 0x00


BITS 64
testline1:
mov dword [testline2], testline2
jc short testline3
testline3:

testline2 equ $-testline1

Correct short Jump = 0x72 0x00


BITS 64
testline1:
mov dword [testline2], testline2
jc short testline3
db 0x0
testline3:

testline2 equ $-testline1

Compiler error: short jump out of range


BITS 64
testline1:
mov dword [testline2], testline2
jc testline3
db 0x0
testline3:

testline2 equ $-testline1

Incorrect short Jump changed to 16bit near version= 0x0F 0x82 0x01 0x00


BITS 64
testline1:
mov dword [testline2], testline2
jc testline3
times 0x10001 db 0x0
testline3:

testline2 equ $-testline1

Incorrect short Jump changed to 16bit near version, jump does not fit in 16
bits= 0x0F 0x82 0x01 0x00

This is the snippet of code that causes the compiler to crash. It's related to

line 4:testline2 equ 4-testline1

BITS 64
testline1:
inc dword [testline2]

testline2 equ 4-testline1

Compiler crashes: INTERNAL ERROR at modules/arch/x86/x86bc.c, line 922: invalid
Mod/RM in x86 tobytes_insn Aborted (core dumped)


  
h3. Trac Attachments

h3. Trac Comments
comment:1
    
                  
                  Changed 8 years ago by meor@softhome.net
  I actually left out a rather large part of this bug report.  The error only

surfaces when there is a symbol that is defined as the subtraction of two other
symbols one or two of the symbols being located after a mnemonic that uses the
former symbol as the destination pointer operand of a mnemonic that takes an
immediate value as a source operand.


BITS 64
testline1:
testline4:
mov dword [testline2],0x0
jc short testline3
db 0x0
testline3:

testline2 equ testline4-testline1

Does not cause short jump bug.


BITS 64
testline1:
mov dword [testline2],0x0
testline4:
jc short testline3
db 0x0
testline3:

testline2 equ testline4-testline1

Causes short jump bug


BITS 64
mov dword [testline2],0x0
testline1:
testline4:
jc short testline3
db 0x0
testline3:

testline2 equ testline4-testline1

Causes short jump bug


comment:2
    
                  
                  Changed 8 years ago by meor@softhome.net
  One more addition to this, sorry I didn't reduce it as much as I should have.

The bug doesn't have to be a symbol defined as the subtraction of two other
symbols, the following code will also produce the problem.


BITS 64
mov dword [testline4-testline1],0x0
testline4:
testline1:
jc short testline3
db 0x0

testline3:


comment:3
    
                  
                  Changed 8 years ago by peter@tortall.net
  Excellent job narrowing this down!  All of these cases are indeed related.

Fixes and several of these test cases are now in CVS; modules/arch/x86/x86expr.c
r1.57 contains the primary fix. A secondary commit to fix a few possible other
cases of failure (none are in this report) will be committed soon.

Thanks for the report!

  comment:3

              Changed 8 years ago by peter@tortall.net

  Status
    changed from new to resolved

  Resolution
    set to fixed

  Excellent job narrowing this down!  All of these cases are indeed related.

Fixes and several of these test cases are now in CVS; modules/arch/x86/x86expr.c
r1.57 contains the primary fix. A secondary commit to fix a few possible other
cases of failure (none are in this report) will be committed soon.

Thanks for the report!

  Status
    changed from new to resolved

  Resolution
    set to fixed

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

The Yasm Modular Assembler Project

Shared Ticket Bins

People watching this ticket

Tags

Pages