3392472 – spurious "word data exceeds bounds" if (16-bit) near jump displacement has bit 8000h set

We are migrating the bug tracker to github Issues. This is now the preferred way to report NASM bugs.

Self-registration is disabled due to spam issue (mail gorcunov@gmail.com or hpa@zytor.com to create an account)

Bug 3392472 - spurious "word data exceeds bounds" if (16-bit) near jump displacement has bit 8000h set

Summary: spurious "word data exceeds bounds" if (16-bit) near jump displacement has bi...

Status:	RESOLVED FIXED

Alias:	None

Product:	NASM
Classification:	Unclassified
Component:	Assembler (show other bugs)
Version:	2.14.xx
Hardware:	All All

Importance:	Medium minor
Assignee:	nobody

URL:

Depends on:
Blocks:

Reported:	2018-03-07 08:33 PST by E. C. Masloch
Modified:	2019-08-17 05:26 PDT (History)
CC List:	4 users (show)

Obtained from:	Binary from nasm.us, From OS distribution
Generated by:	---
Bug category:
Observed for:	---
Regression:	---
Regression since:

Attachments
test.asm as shown in the log (153 bytes, application/x-extension-ASM) 2018-03-07 08:33 PST, E. C. Masloch	Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description E. C. Masloch 2018-03-07 08:33:36 PST

Created attachment 411631 [details]
test.asm as shown in the log

$ cat test.asm
org 0
%ifndef SEEK
 %define SEEK 0
%endif
times SEEK - ($ - $$) nop
jmp near init

%ifndef NUM
 %define NUM 9956h
%endif
times NUM - ($ - $$) db 0
init:
$ nasm -v
NASM version 2.13.03 compiled on Feb  7 2018
$ nasm -l test.lst -o test.bin test.asm
test.asm:6: warning: word data exceeds bounds [-w+number-overflow]
$ cat test.lst
     1                                  org 0
     2                                  %ifndef SEEK
     3                                   %define SEEK 0
     4                                  %endif
     5                                  times SEEK - ($ - $$) nop
     6 00000000 E95399                  jmp near init
     6          ******************       warning: word data exceeds bounds [-w+number-overflow]
     7                                  
     8                                  %ifndef NUM
     9                                   %define NUM 9956h
    10                                  %endif
    11 00000003 00<rept>                times NUM - ($ - $$) db 0
    12                                  init:
$ cat test.bin | od -Ax -tx1z
000000 e9 53 99 00 00 00 00 00 00 00 00 00 00 00 00 00  >.S..............<
000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  >................<
*
009950 00 00 00 00 00 00                                >......<
009956
$ nasm -DNUM=8002h -l test.lst -o test.bin test.asm
$ nasm -DNUM=8003h -l test.lst -o test.bin test.asm
test.asm:6: warning: word data exceeds bounds [-w+number-overflow]
$ nasm -DNUM=8003h -DSEEK=1 -l test.lst -o test.bin test.asm
$ nasm -DNUM=8004h -DSEEK=1 -l test.lst -o test.bin test.asm
test.asm:6: warning: word data exceeds bounds [-w+number-overflow]
$ cat test.lst
     1                                  org 0
     2                                  %ifndef SEEK
     3                                   %define SEEK 0
     4                                  %endif
     5 00000000 90                      times SEEK - ($ - $$) nop
     6 00000001 E90080                  jmp near init
     6          ******************       warning: word data exceeds bounds [-w+number-overflow]
     7                                  
     8                                  %ifndef NUM
     9                                   %define NUM 9956h
    10                                  %endif
    11 00000004 00<rept>                times NUM - ($ - $$) db 0
    12                                  init:
$

Comment 1 E. C. Masloch 2019-06-06 06:21:22 PDT

This bug occurs several times when building my debugger with several build options enabled. It seems that all the warnings are invalid (the right call offset is produced and no overflow occurs). This happens when building https://bitbucket.org/ecm/ldebug/commits/d1a8367ef87a183720069e76a31111c14bb28519 as follows:

$ use_build_revision_id=1 ./make -D_DEBUG4 -D_BOOTLDR
[...]
Creating debugx.com
debug.asm:1058: warning: word data exceeds bounds [-w+number-overflow]
debug.asm:1061: warning: word data exceeds bounds [-w+number-overflow]
deb.asm:403: warning: word data exceeds bounds [-w+number-overflow]
deb.asm:447: warning: word data exceeds bounds [-w+number-overflow]
debug.asm:1286: warning: word data exceeds bounds [-w+number-overflow]
debug.asm:1288: warning: word data exceeds bounds [-w+number-overflow]
debug.asm:1289: warning: word data exceeds bounds [-w+number-overflow]
debug.asm:1311: warning: word data exceeds bounds [-w+number-overflow]
debug.asm:1368: warning: word data exceeds bounds [-w+number-overflow]
debug.asm:1373: warning: word data exceeds bounds [-w+number-overflow]
debug.asm:1398: warning: word data exceeds bounds [-w+number-overflow]
lineio.asm:1352: warning: word data exceeds bounds [-w+number-overflow]
serialp.asm:437: warning: word data exceeds bounds [-w+number-overflow]
[...]


Here's a simple test case created from that:

$ nasm -v
NASM version 2.14
$ cat test.asm 
%imacro padto 1.nolist
	times (%1 - $ + $$) nop
%endmacro

	section code vstart=0

	padto 243h
	call hexword
	inc di
	mov ax, word [ebp + 30h]
	call hexword

	padto 828Ah
hexword:
$ nasm test.asm -o test.bin -l test.lst
test.asm:8: warning: word data exceeds bounds [-w+number-overflow]
test.asm:11: warning: word data exceeds bounds [-w+number-overflow]
$ cat test.lst
     1                                  %imacro padto 1.nolist
     2                                  	times (%1 - $ + $$) nop
     3                                  %endmacro
     4                                  
     5                                  	section code vstart=0
     6                                  
     7 00000000 90<rept>                	padto 243h
     8 00000243 E84480                  	call hexword
     8          ******************       warning: word data exceeds bounds [-w+number-overflow]
     9 00000246 47                      	inc di
    10 00000247 678B4530                	mov ax, word [ebp + 30h]
    11 0000024B E83C80                  	call hexword
    11          ******************       warning: word data exceeds bounds [-w+number-overflow]
    12                                  
    13 0000024E 90<rept>                	padto 828Ah
    14                                  hexword:
$

Comment 2 H. Peter Anvin 2019-08-16 01:45:06 PDT

Fix checked in.

Comment 3 E. C. Masloch 2019-08-17 05:26:12 PDT

The fix causes a warning during compilation:

gcc -c  -g -O2 -fwrapv -U__STRICT_ANSI__ -fno-common -Werror=attributes -ffunction-
sections -fdata-sections -fvisibility=hidden -Wall -W -pedantic -Wc90-c99-compat -W
no-long-long -Wno-shift-negative-value -Werror=implicit -Werror=missing-braces -Wer
ror=return-type -Werror=trigraphs -Werror=pointer-arith -Werror=missing-prototypes
-Werror=missing-declarations -Werror=comment -Werror=vla -DHAVE_CONFIG_H -I. -I. -I
./include -I./include -I./x86 -I./x86 -I./asm -I./asm -I./disasm -I./disasm -I./out
put -I./output -o asm/assemble.o asm/assemble.c
asm/assemble.c: In function ‘out’:
asm/assemble.c:379:23: warning: comparison between signed and unsigned integer expr
essions [-Wsign-compare]
             if (asize < (data->bits >> 3))
                       ^