0

I want to write into an array using input from a keyboard. I am using a loop to do this but it gives me a 'Segmentation fault (core dumped)' error. I don't really understand how am i supposed to do it. Here is the relevant code:

.data
array: .space 400
array_len: .space 4
inputFormat: .asciz "%d"
.text
.global main
main:

pushl $array_len
pushl $inputFormat
call scanf
popl %ebx
popl %ebx

xorl %ecx, %ecx
lea array, %edi

l_loop:
cmp %ecx, array_len
je l_exit

pushl %eax
pushl $inputFormat
call scanf
popl %eax
popl %eax
molv %eax, (%edi, %ecx, 4)

incl %ecx
jmp l_loop
...

I figured out that the problem comes from the line: movl %eax, (%edi, %ecx, 4) in the (%edi, %ecx, 4) part

I tried changing the (%edi, %ecx, 4) part to something else (like %ebx) and it worked. Also, everything works well when i comment that line. Am i missing something?

zx485
  • 28,498
  • 28
  • 50
  • 59
Iustin
  • 70
  • 5
  • Put a breakpoint at the suspicious instruction and examine whether `edi` still points at `array` and `ecx` is a small integer number 0..3. Didn't `call scanf` clobber `ecx`? – vitsoft Dec 09 '22 at 08:02
  • Ok so I did that and ecx is a big negative number and I dont know if edi points there. it shows a big value and doesnt specify if that is the array or not. What do you mean by 'call scanf' clobber 'ecx'? Does 'scanf' modify 'ecx'? – Iustin Dec 09 '22 at 08:50
  • *a big negative number* is the reason of segfault. Put a breakpoint at `xorl %ecx, %ecx`, step into `l_loop` and watch what is responsible for the change of `ecx`. – vitsoft Dec 09 '22 at 08:54
  • 'ecx' becomes 0, then i stepped till i got into scanf ( `0x.. in scanf() from \lib32\libc.so.6` ), it didnt asked me for an input and when i step it just says `0x.. in ?? () from /lib32/libc.so.6` . I can step how many times i want and it just gives me that. Also, when it starts to give me that '??', eax becomes a negative big number – Iustin Dec 09 '22 at 09:14
  • You should only use functions which are documented enough: what input arguments do they expect, what they return, what is their calling convention, which registers do they clobber (modify). If `ecx` is changed by `scanf`, you should preserve it with `push` and `pop`. – vitsoft Dec 09 '22 at 09:26
  • 1
    I changed `ebx` with `ecx` so i count with `ebx` and it works. I guess it has something to do with the convention that `ebx` will not be modified after a call?? – Iustin Dec 09 '22 at 09:34
  • Typically "Segmentation fault (core dumped)" means that you're writing to memory that isn't part of your program (such as the operating system's memory.) The operating system does this to protect itself from hacking. – puppydrum64 Dec 09 '22 at 12:03
  • `molv` is a typo; this won't even assemble. Always copy/paste an [mcve] you actually tested, to avoid the possibility of errors like that. – Peter Cordes Dec 09 '22 at 13:14
  • But yes, ECX is call-clobbered, EBX isn't, the i386 System V calling convention. – Peter Cordes Dec 09 '22 at 13:15
  • When I have problems like this, I try to manually unroll the loop first (i.e. take the code within the loop, copy and paste it 2 or 3 times, leaving out the actual loop instructions) and just run it to make sure the actual code in the loop isn't the problem. If it doesn't work unrolled there was an error in your code, if it works fine when unrolled the error is in your loop logic. – puppydrum64 Dec 21 '22 at 14:49

0 Answers0