[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: non-exec stack

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: non-exec stack
From: Kamo Hiroyasu <wd_(_at_)_ics_(_dot_)_nara-wu_(_dot_)_ac_(_dot_)_jp>
Date: Thu, 25 Jul 2002 20:44:21 +0900 (JST)
Organization: Nara Women's University

Just for your information.

GCC depends on executable stacks to implement nested functions.  It
generates dynamically a tiny wrapper on the stack if a pointer to a
local function is evaluated.

In other words, you cannot use a pointer to a local function with GCC
and non-executable stacks.

Here is an example.

Source:

int
foo(int n)
{
	int	a = n * 3 + 1;
	int	bar(int x)
	{
		return x - a;
	}
	extern int	baz(int (*)(int));

	return baz(bar);
}


"cc -O2 -S" on OpenBSD/i386:

.text
	.align 2,0x90
	.type	_bar.3 , @function
_bar.3:
	pushl %ebp
	movl %esp,%ebp
	subl $24,%esp
	movl %ecx,-4(%ebp)
	movl -4(%ecx),%eax
	movl 8(%ebp),%edx
	subl %eax,%edx
	movl %edx,%eax
	leave
	ret
	.size	_bar.3 , . - _bar.3
	.align 2,0x90
.globl _foo
	.type	_foo , @function
_foo:
	pushl %ebp
	movl %esp,%ebp
	subl $40,%esp
	movl 8(%ebp),%edx
	leal -20(%ebp),%eax
	movl $_bar.3-10,%ecx
	movb $185,(%eax)
	movl %ebp,1(%eax)
	movb $233,5(%eax)
	subl %eax,%ecx
	movl %ecx,6(%eax)
	leal 1(%edx,%edx,2),%edx
	movl %edx,-4(%ebp)
	addl $-12,%esp
	pushl %eax
	call _baz
	leave
	ret
	.size	_foo , . - _foo


"cc -O2 -S" on OpenBSD/sparc:

.text
	.align 4
	.type	_bar.3 , @function
	.proc	04
_bar.3:
	!#PROLOGUE# 0
	add	%sp, -112, %sp
	!#PROLOGUE# 1
	st	%g2, [%sp+100]
	ld	[%g2-4], %g3
	sub	%o0, %g3, %o0
	retl
	sub	%sp, -112, %sp
	.size	_bar.3 , . - _bar.3
	.align 4
	.global _foo
	.type	_foo , @function
	.proc	04
_foo:
	!#PROLOGUE# 0
	save	%sp, -144, %sp
	!#PROLOGUE# 1
	sethi	%hi(_bar.3), %o1
	or	%o1, %lo(_bar.3), %o1
	add	%fp, -8, %o2
	and	%o1, 1023, %g3
	and	%o2, 1023, %o7
	srl	%o1, 10, %o1
	srl	%o2, 10, %o2
	add	%fp, -33, %o0
	sethi	%hi(50331648), %o3
	sethi	%hi(83886080), %o4
	sethi	%hi(-2118098944), %o5
	sethi	%hi(-2079285248), %g2
	and	%o0, -16, %o0
	or	%o1, %o3, %o1
	or	%o2, %o4, %o2
	or	%g3, %o5, %g3
	or	%o7, %g2, %o7
	st	%o1, [%o0]
	st	%o2, [%o0+4]
	st	%g3, [%o0+8]
	st	%o7, [%o0+12]
	iflush	%o0
	iflush	%o0+8
	sll	%i0, 1, %o1
	add	%o1, %i0, %o1
	add	%o1, 1, %o1
	add	%fp, -33, %o0
	st	%o1, [%fp-12]
	call	_baz, 0
	and	%o0, -16, %o0
	ret
	restore %g0, %o0, %o0
	.size	_foo , . - _foo


		Kamo Hiroyasu
		[Kamo is the family name and Hiroyasu the given name.]

Prev by Date: Re: pf: to scrub or not to scrub?
Next by Date: Re: pf and rate limiting without ALTQ
Previous by thread: Re: non-exec stack
Next by thread: threaded app compiles/runs on x86, dies on other arch's
Index(es):
- Date
- Thread

Visit your host, monkey.org