samp-plugin-jit icon indicating copy to clipboard operation
samp-plugin-jit copied to clipboard

Published 20 hours ago verified publisher icon Zeex

JIT Sleep: ExecContHelper tries to jump to null address.

Open AGraber opened this issue 5 years ago • 2 comments

Seems that jump_lookup_label_ returns 0 and it tries to use that

https://github.com/Zeex/samp-plugin-jit/blob/a704bcbc23f26d5a9f72775199f3de18b3379a61/src/amxjit/compiler_impl.cpp#L1775-L1779

imagen

Server crashes after this

AGraber avatar Apr 27 '20 17:04 AGraber

Seems that the 0 comes from the GetJITInstrPtr function. This check fails and makes it return 0:

https://github.com/Zeex/samp-plugin-jit/blob/08ed8e631b49d98b497c2b599cbe66f8550428fb/src/amxjit/compiler_impl.cpp#L123-L127

imagen

By the way, there's a previous ExecContHelper that gets executed seemingly fine, the 2nd one is the one that crashes.

AGraber avatar Apr 27 '20 17:04 AGraber

It looks like some code tried to jump to an invalid AMX code address, i.e. address that does not directly match any native/JIT instruction recorded in the instr_table.

Zeex avatar Jul 05 '20 10:07 Zeex