PR 32721, internal error in tc-i386.c:parse_register

[Jan Beulich]

On 20.02.2025 22:42, Alan Modra wrote:
> On Thu, Feb 20, 2025 at 08:58:22AM +0100, Jan Beulich wrote:
>> On 20.02.2025 02:33, Alan Modra wrote:
>>> pr30117 showed one of the assertions added by 4d1bb7955a8b was too
>>> strict.  oss-fuzz also found the second assertion to be too strict,
>>> with this testcase distilled from 7k of garbage source:
>>>
>>>  A=%eax%%!
>>>  Y=A
>>>  Z=A
>>>  or $6,Z
>>>
>>> 	PR 32721
>>> 	* config/tc-i386.c (parse_register): Move "know" into
>>> 	condition.  Simplify.
>>
>> Hmm, I will want to look into this in more detail. We better wouldn't ...
>>
>>> --- a/gas/config/tc-i386.c
>>> +++ b/gas/config/tc-i386.c
>>> @@ -16838,10 +16838,9 @@ parse_register (const char *reg_string, char **end_op)
>>>  	{
>>>  	  const expressionS *e = symbol_get_value_expression (symbolP);
>>>  
>>> -	  if (e->X_op == O_register)
>>> +	  if (e->X_op == O_register
>>> +	      && (valueT) e->X_add_number < i386_regtab_size)
>>>  	    {
>>> -	      know (e->X_add_number >= 0
>>> -		    && (valueT) e->X_add_number < i386_regtab_size);
>>
>> ... manufacture O_register expressions not representing any valid register.
>> IOW I think the assertion is legitimate and a fix is going to be needed
>> elsewhere.
> 
> Yes, there is something going on in expression evaluation that should
> be investigated.  For example, it is very odd that the line "Y=A" is
> necessary to trigger the bug.

Indeed, and I think I figured both that and another issue here. Just that
then Z80 taught me of there being yet another pre-existing issue that I
introduced a while back and then mirrored into the changed code I need
here. So right now I have a full re-test running, before I can (hopefully)
post the patch.

> This testcase also triggers the assertion:
> 
>  A=%eax-999
>  Y=A
>  Z=A
>  or $6,Z

Right, I also slightly altered the case from the bug report when deriving
a new testcase. They all boil down to the same anomaly, aiui.

Jan