<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">OK, so it works but only if I reduce the stack buffer size a little more. Sorry for the noise.<div><br><div><br><div><div>Le 8 janv. 2010 à 16:01, Jean-Daniel Dupas a écrit :</div><br class="Apple-interchange-newline"><blockquote type="cite"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">My bad. I just read a little more how the stack guard works, and saw that the position of the call is good. <div>My problem is elsewhere as the behavior is not the same with GCC and clang. I will dig a little deeper to see what the difference is.</div><div><br><div><div>Le 8 janv. 2010 à 15:54, Jean-Daniel Dupas a écrit :</div><br class="Apple-interchange-newline"><blockquote type="cite"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hello,<div><br></div><div>While I was playing with stack protector option, I found a problem.</div><div><br></div><div>In my test program (x86_64), the call to stack_chk_fail is generated after the 'ret' instruction and so is never reached (I'm not an x86 assembly expert, so correct me if I'm wrong on this point)</div><div><br></div><div>-------------------</div><div><div>0000000100000ea4<span class="Apple-tab-span" style="white-space:pre"> </span>movq<span class="Apple-tab-span" style="white-space:pre"> </span>0xd8(%rbp),%rax</div><div>0000000100000ea8<span class="Apple-tab-span" style="white-space:pre"> </span>movq<span class="Apple-tab-span" style="white-space:pre"> </span>(%rax),%rax</div><div>0000000100000eab<span class="Apple-tab-span" style="white-space:pre"> </span>movq<span class="Apple-tab-span" style="white-space:pre"> </span>0xf8(%rbp),%rcx</div><div>0000000100000eaf<span class="Apple-tab-span" style="white-space:pre"> </span>cmpq<span class="Apple-tab-span" style="white-space:pre"> </span>%rcx,%rax</div><div>0000000100000eb2<span class="Apple-tab-span" style="white-space:pre"> </span>jne<span class="Apple-tab-span" style="white-space:pre"> </span>0x00000eba</div><div>0000000100000eb4<span class="Apple-tab-span" style="white-space:pre"> </span>addq<span class="Apple-tab-span" style="white-space:pre"> </span>$0x40,%rsp</div><div>0000000100000eb8<span class="Apple-tab-span" style="white-space:pre"> </span>popq<span class="Apple-tab-span" style="white-space:pre"> </span>%rbp</div><div>0000000100000eb9<span class="Apple-tab-span" style="white-space:pre"> </span>ret</div><div>0000000100000eba<span class="Apple-tab-span" style="white-space:pre"> </span>callq<span class="Apple-tab-span" style="white-space:pre"> </span>0x00000ec0</div><div><br></div><div>The same problem occurs on x86 too. I didn't try other arch.</div></div><div><br></div><div>Is this a known issue ? </div><div><br></div><div>This is my test file compiled using </div><div><br></div><div>clang -fstack-protector-all -o stack stack.c</div><div><br></div><div>------------- stack.c --------------</div><div><br></div><div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; color: rgb(127, 71, 38); ">#include <span style="color: #e20300"><libc.h></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; min-height: 14px; "><br></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; color: rgb(204, 0, 162); ">static</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; "><span style="color: #cc00a2">void</span> test(<span style="color: #cc00a2">const</span> <span style="color: #cc00a2">char</span> *msg) {</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; "> <span style="color: #cc00a2">char</span> buffer[<span style="color: #3d00db">8</span>];</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; "> bcopy(msg, buffer, strlen(msg) + <span style="color: #3d00db">1</span>);</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; "> fprintf(stderr, <span style="color: #e20300">"%s\n"</span>, buffer);</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; ">}</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; min-height: 14px; "><br></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; "><span style="color: #cc00a2">int</span> main(<span style="color: #cc00a2">int</span> argc, <span style="color: #cc00a2">const</span> <span style="color: #cc00a2">char</span> **argv) {</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; color: rgb(226, 3, 0); "><span style="color: #000000"> test(</span>"Hello World !"<span style="color: #000000">);</span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; color: rgb(204, 0, 162); "><span style="color: #000000"> </span>return<span style="color: #000000"> </span><span style="color: #3d00db">0</span><span style="color: #000000">;</span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; ">}</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 10px/normal Monaco; "><br></div><div><font class="Apple-style-span" face="Monaco" size="2"><span class="Apple-style-span" style="font-size: 10px;">------------------------</span></font></div></div><div><br></div><div>When compiled with gcc, the execution is properly aborted at the end of the test function, but not when compiled with clang.</div><div><br></div><div><div>
<div>-- Jean-Daniel</div><div><br></div><div><br></div><br class="Apple-interchange-newline">
</div>
<br></div></div>_______________________________________________<br>cfe-dev mailing list<br><a href="mailto:cfe-dev@cs.uiuc.edu">cfe-dev@cs.uiuc.edu</a><br><a href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev</a><br></blockquote></div><br><div>
<span class="Apple-style-span" style="border-collapse: separate; font-family: Helvetica; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div>-- Jean-Daniel</div><div><br></div><div><br></div></span><br class="Apple-interchange-newline">
</div>
<br></div></div>_______________________________________________<br>cfe-dev mailing list<br><a href="mailto:cfe-dev@cs.uiuc.edu">cfe-dev@cs.uiuc.edu</a><br>http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev<br></blockquote></div><br><div>
<span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div>-- Jean-Daniel</div><div><br></div><div><br></div></span><br class="Apple-interchange-newline">
</div>
<br></div></div></body></html>