From owner-freebsd-hackers@FreeBSD.ORG  Sat Mar  6 12:18:24 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 82CE116A4CE
	for <freebsd-hackers@freebsd.org>;
	Sat,  6 Mar 2004 12:18:24 -0800 (PST)
Received: from gunjin.wccnet.org (gunjin.wccnet.org [198.111.176.99])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 191C243D39
	for <freebsd-hackers@freebsd.org>;
	Sat,  6 Mar 2004 12:18:24 -0800 (PST)
	(envelope-from anthony@gunjin.wccnet.org)
Received: from gunjin.wccnet.org (localhost.rexroof.com [127.0.0.1])
	by gunjin.wccnet.org (8.12.3/8.12.2) with ESMTP id i26KPIjT008463;
	Sat, 6 Mar 2004 15:25:19 -0500 (EST)
Received: (from anthony@localhost)
	by gunjin.wccnet.org (8.12.3/8.12.3/Submit) id i26KPICM008461;
	Sat, 6 Mar 2004 15:25:18 -0500 (EST)
Date: Sat, 6 Mar 2004 15:25:17 -0500
From: Anthony Schneider <anthony@x-anthony.com>
To: chungwei Hsiung <chsiung2@buffalo.edu>
Message-ID: <20040306202517.GA8384@x-anthony.com>
References: <4048CA38.6040203@yahoo.com>
	<20040305233209.GO67801@wantadilla.lemis.com>
	<20040306142651.314430be@bear.bflony.adelphia.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="fUYQa+Pmc3FrFX/N"
Content-Disposition: inline
In-Reply-To: <20040306142651.314430be@bear.bflony.adelphia.net>
User-Agent: Mutt/1.4.2.1i
cc: freebsd-hackers@freebsd.org
Subject: 
	Re: Strange instructions in compiler output (was: A simple question)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Mar 2004 20:18:24 -0000


--fUYQa+Pmc3FrFX/N
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

try compiling with the -static flag the gcc.  then 'disassemble execve'.

-Anthony.

On Sat, Mar 06, 2004 at 02:26:51PM +0000, chungwei Hsiung wrote:
> Hello everyone
>   Thanks for fellows' previous helps. I actually have a further question.=
 I read an article that it says if I compile the following program
>=20
> #include <stdio.h>
> int main(){
>   char *name[2];
>   name[0] =3D "/bin/sh";
>   name[1] =3D NULL;
>=20
>   execve(name[0],name,NULL);
>   return 0;
> }
>=20
> by=20
> gcc -o shellcode -ggdb -static shellcode.c
>=20
> when i "disassemble execve" inside gdb, I should be able to see the assem=
bly code for execve, but I can't see those codes for execve().
> Does anyone know how I can get the assembly code and see how the execve()=
 works??
>=20
> btw, I am using gcc3.2.2
> any help is really appreciated
>=20
> best regards
> Chungwei
>=20
>=20
> On Sat, 6 Mar 2004 10:02:09 +1030
> Greg 'groggy' Lehey <grog@FreeBSD.org> wrote:
>=20
> > On Friday,  5 March 2004 at 13:43:04 -0500, Chungwei Hsiung wrote:
> > > Hello..
> > > I am super new to this list, and I have a simple question that I don't
> > > know why it does that. I have a simple test program. I compile it, and
> > > gdb to disassemble main. I got the following..
> > >
> > > 0x80481f8 <main>:       push   %ebp
> > > 0x80481f9 <main+1>:     mov    %esp,%ebp
> > > 0x80481fb <main+3>:     sub    $0x8,%esp
> > > 0x80481fe <main+6>:     and    $0xfffffff0,%esp
> > > 0x8048201 <main+9>:     mov    $0x0,%eax
> > > 0x8048206 <main+14>:    sub    %eax,%esp
> > > 0x8048208 <main+16>:    movl   $0x804a6ce,0xfffffff8(%ebp)
> > > 0x804820f <main+23>:    movl   $0x0,0xfffffffc(%ebp)
> > > 0x8048216 <main+30>:    sub    $0x4,%esp
> > > 0x8048219 <main+33>:    push   $0x0
> > > 0x804821b <main+35>:    lea    0xfffffff8(%ebp),%eax
> > > 0x804821e <main+38>:    push   %eax
> > > 0x804821f <main+39>:    pushl  0xfffffff8(%ebp)
> > > 0x8048222 <main+42>:    call   0x804823c <execve>
> > > 0x8048227 <main+47>:    add    $0x10,%esp
> > > 0x804822a <main+50>:    mov    $0x0,%eax
> > > 0x804822f <main+55>:    leave
> > > 0x8048230 <main+56>:    ret
> > >
> > > I don't know if at line 5, we move zero to %eax. why do we need to sub
> > > %eax, %esp? why do we need to substract 0 from the stack pointer??
> > > Any help is really appreciated.
> >=20
> > This is probably because you didn't optimize the output.  You'd be
> > surprised how many redundant instructions the compiler puts in under
> > these circumstances.  Try optimizing and see what the code looks like.
> >=20
> > If this *was* done with optimization, let's see the source code.
> >=20
> > Greg
> > --
> > Note: I discard all HTML mail unseen.
> > Finger grog@FreeBSD.org for PGP public key.
> > See complete headers for address and phone numbers.
> >=20
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"

--fUYQa+Pmc3FrFX/N
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQFASjOsKUeW47UGY2kRAtFMAJ4h4KW/TrWyLvlC2HkAlU79+yJqzQCfaSLV
VIr/CcqbdtEvw1K6QyNvZ2E=
=A8Mw
-----END PGP SIGNATURE-----

--fUYQa+Pmc3FrFX/N--