This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Messing up the stack pointer
hyeron bosh wrote:
> I have a (probably naive) question about
> messing up the stack pointer.
>
> Here is the code produced by gcc
> for some function "X" (original source code is C/Obj-C)
>
> #---- function "X" entry point --------------------
> 0x82699 <>: push %ebp
> 0x8269a <+1>: mov %esp,%ebp
> 0x8269c <+3>: push %edi
> 0x8269d <+4>: push %esi
> 0x8269e <+5>: push %ebx
> 0x8269f <+6>: call 0x826a4 <+11>
> 0x826a4 <+11>: pop %ebx
> 0x826a5 <+12>: sub $0x2e,%esp ;; <---------(1)
> ...
> ... stuff here
> ... call another function "Y"
> ... stuff here
> ...
> 0x829fe <+869>: add $0x2e,%esp ;; <---------(2)
> 0x82a01 <+872>: pop %ebx
> 0x82a02 <+873>: pop %esi
> 0x82a03 <+874>: pop %edi
> 0x82a04 <+875>: leave
> 0x82a05 <+876>: ret
> #---------------- end of function -----------------
>
> As I understand, instructions (1) and (2) are used
> to make room for the local variables declared in "X".
> Hence I would assume that simply replacing in both instructions the
> immediate value 0x2e with a HIGHER value, say 0x40
> cannot affect the execution of the process.
>
> Surprisingly (for me) I patched the executable
> replacing just those 2 bytes and I got:
> EXC_BAD_INSTRUCTION in a function "Z" called by "Y".
>
> I thought that no matter how the source is written
> [ I do not have the source code :) ],
> the patch I made must always be harmless, but
> obviously this is not the case.
>
> Thanks for any explaination.
Two possibilities:
You messed up the alignment of the stack pointer; some multimedia
instructions require an aligned stack.
The compiler knows the relationship between BP and SP. There might be code
that broke because you changed that.
Andrew.