[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Segmentation Fault on (%dx) [x86]
|
From: |
Cortex Auth |
|
Subject: |
Segmentation Fault on (%dx) [x86] |
|
Date: |
Fri, 4 Nov 2022 19:18:18 +0530 |
GNU assembler (GNU Binutils) 2.39.50.20221104
Configured for target x86_64-pc-linux-gnu
Compiled through GCC (12.1.0)
The bug causes a segmentation fault whenever (at least for the instructions I tried it with) assembler attempts to assemble the instruction with indirect reference to memory through %dx, that is, one of the operands is (%dx). The dereference is invalid and thus should be reported as such, but it instead segfaults
The reason for segmentation fault lies in a null pointer dereference, that is caused by possibly an incorrect parse of the instruction by `parse_insn`
For example, attempting to assemble
```
_start :
movw (%dx), %dx
```
causes a segfault at `config/tc-i386.c`, where attempt is made to dereference `i.op[0]`'s `regs` field, which happens to be NULL
Whenever an instruction is incorrectly encoded, it generates an error when parsing the instructions (`parse_insn`) which does not happen here, and wrongly parses information about operands (such as `i.mem_operands` being 0)
Since I spent a significant amount of time looking into it, I would like to fix this bug. I would appreciate any suggestions, pointers to documentations, etc that may be helpful to me
It may have to do with some special case associated with (%dx) but I will have to look further into it before I can reach any conclusion and make a fix
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Segmentation Fault on (%dx) [x86],
Cortex Auth <=