vdamewood has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
eddof13 has joined #osdev
eddof13 has quit [Client Quit]
vdamewood has joined #osdev
the_oz_ has joined #osdev
the_oz has quit [Ping timeout: 252 seconds]
simjnd has joined #osdev
simjnd has quit [Ping timeout: 248 seconds]
bradd has quit [Remote host closed the connection]
bradd has joined #osdev
eddof13 has joined #osdev
eddof13 has quit [Client Quit]
simjnd has joined #osdev
eddof13 has joined #osdev
simjnd has quit [Ping timeout: 260 seconds]
eddof13 has quit [Quit: eddof13]
eddof13 has joined #osdev
eddof13 has quit [Client Quit]
joe9 has joined #osdev
simjnd has joined #osdev
simjnd has quit [Ping timeout: 248 seconds]
<kof673>
new and improved ghetto stack overflow detection https://0x0.st/s/Vxn2XQcTNPmudiaopkpycw/8yuZ.c you can do a lot of fun things if you call a function at the start of every function lol
Gooberpatrol66 has joined #osdev
<kof673>
Then we could make all sorts of crazy laws! Amendment: Now you're catching on! </simpsons "schoolhouse rock" parody>
simjnd has joined #osdev
simjnd has quit [Ping timeout: 252 seconds]
simjnd has joined #osdev
simjnd has quit [Ping timeout: 260 seconds]
bauen1 has quit [Ping timeout: 276 seconds]
vdamewood has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
goliath has joined #osdev
simjnd has joined #osdev
simjnd has quit [Ping timeout: 248 seconds]
simjnd has joined #osdev
freakazoid332 has quit [Ping timeout: 268 seconds]
bauen1 has joined #osdev
<Ermine>
TIL ICMP redirect host
Lucretia has joined #osdev
chiselfuse has quit [Remote host closed the connection]
alpha2023 has joined #osdev
chiselfuse has joined #osdev
GeDaMo has joined #osdev
bauen1 has quit [Ping timeout: 265 seconds]
dotexe1337 has joined #osdev
<dotexe1337>
quit
dotexe1337 has quit [Client Quit]
<kof673>
TIL ghetto stack overflow detection probably breaks without -O0
* kof673
zzzzzzzzzzzzzz
<kof673>
old/crappy compilers it might suffice though
<Ermine>
i detect stack overflows with ping stackoverflow.com
<Mutabah>
kof673: How does it break?
karenw has joined #osdev
Jari-- has joined #osdev
Turn_Left has joined #osdev
Left_Turn has joined #osdev
Turn_Left has quit [Ping timeout: 244 seconds]
netbsduser` has joined #osdev
Gooberpatrol66 has quit [Ping timeout: 276 seconds]
bauen1 has joined #osdev
pbase has joined #osdev
Shaddox404 has joined #osdev
Shaddox404 has quit [Client Quit]
pbase has quit [Ping timeout: 276 seconds]
Jari-- has quit [Ping timeout: 260 seconds]
<immibis>
if you get a pong, you detected a stack overflow
Gooberpatrol66 has joined #osdev
pbase has joined #osdev
Jari-- has joined #osdev
<Jari-->
howdy
pbase has quit [Quit: Leaving]
netbsduser`` has joined #osdev
netbsduser` has quit [Ping timeout: 260 seconds]
karenw has quit [Ping timeout: 244 seconds]
bauen1 has quit [Ping timeout: 244 seconds]
bauen1 has joined #osdev
joe9 has quit [Quit: leaving]
simjnd has quit [Ping timeout: 248 seconds]
mectron has joined #osdev
simjnd has joined #osdev
Turn_Left has joined #osdev
Left_Turn has quit [Ping timeout: 265 seconds]
simjnd has quit [Ping timeout: 276 seconds]
mectron has quit [Ping timeout: 252 seconds]
mectron has joined #osdev
simjnd has joined #osdev
mectron has quit [Ping timeout: 272 seconds]
bauen1 has quit [Ping timeout: 244 seconds]
mectron has joined #osdev
xvmt has quit [Read error: Connection reset by peer]
xvmt has joined #osdev
edr has joined #osdev
mectron has quit [Ping timeout: 244 seconds]
<kof673>
well i am just screwing around what you can detect generically from c -- userland or bare metal foo(void) { uchar x; void * vp; vp = bar(); if (vp < &x) { stack grows down } else { if (vp > &x) { stack grows up } } } void * bar(void) { uchar x; return &x; } something like that, then you can just have a define set an upper or lower limit. if you control the ram areas, just make a canary. or, if you have recourse to asm t
<kof673>
here is probably a register/pointer, etc.
<kof673>
gcc sees you are returning the address of a local variable, and seems to decide that is undefined or whatever
<kof673>
but i let the user can define which way the stack grows, so that might work too. a more practical thing, is if you can track when functions are called, then you can set a recursion limit, up to 100 nested functions or whatever. again, just a silly safety measure, i just would rather have something to detect that
<kof673>
its toying with undefined behavior and implementation details, but some places just checking the address of a local variable may suffice lol
<kof673>
so if i call a function at the start of every function, just had a check there lol
frkzoid has joined #osdev
<kof673>
if you know which way the stack grows, then you just check the local var is above or below the limit. the above is just to detect the direction.
bauen1 has joined #osdev
<kof673>
because i am always calling a function or two as part of that, then i would also have to make the limit a little lower or higher than whatever it actually is, a little safety buffer, likewise to printf() an error message, etc.
<kof673>
with asm you have more control perhaps, with C ...........
Left_Turn has joined #osdev
<kof673>
really, to be "generic", if we don't know the locations, then i guess you can check a local var address inside main(), and then have a "size limit" offset from that in whichever direction, anyways.....
bauen1 has quit [Ping timeout: 245 seconds]
goliath has quit [Quit: SIGSEGV]
Turn_Left has quit [Ping timeout: 265 seconds]
bauen1 has joined #osdev
McDonaldsWiFi is now known as PublicWiFi
particleflux_ is now known as particleflux
bauen1 has quit [Ping timeout: 248 seconds]
bauen1 has joined #osdev
<pog>
would -fno-omit-frame-pointer unbreak it
<pog>
maybe there are other stack frame optimizations that break it tho
jcea has joined #osdev
<kof673>
i dunno, i didn't look too hard, it is untested, just the direction detection code broke without -O0 :/ i need something that grows upwards, not sure which arches, and an emulator or qemu userland linux :D
<kof673>
i wlll make it support "size limit" instead of hardcoded i guess, but not sure it is even practical, just was toying with it lol
<kof673>
*instead of only a hardcoded address, support calculating an address limit from a "size limit"
<kof673>
as far as C goes, a runaway program is undefined, it is just an optional safety measure more than anything else
<pog>
understandable, i like looking at that stuff too
Turn_Left has joined #osdev
Turn_Left has quit [Remote host closed the connection]
Turn_Left has joined #osdev
Left_Turn has quit [Ping timeout: 265 seconds]
<kof673>
you could do silly things like per-function canary local variables, to detect out of bounds there, but really would want a custom compiler or preprocessor etc. for something like that. i can't imagine you could reliably rely on unsigned char x; unsigned char y; being ascending or descending just because you declared them in some order
<pog>
isn't that how SSP works?
<kof673>
^^^^ the proper place for all this is the compiler
<zid`>
paranoid x86 codegen be looking like "Ret should be cacheline aligned and take 64 bytes"
<zid`>
"and there should be 128 in a row"
<heat>
int3 around every instruction
<heat>
so it stops speculating
_whitelogger has joined #osdev
<nikolar>
zid`: kek
<zid`>
you may not like it but align 64; REPEAT 128; times 63 int3; ret is peak x86 codegen
<nikolar>
SAFE! SECURE!
Teukka has quit [Read error: Connection reset by peer]
Teukka has joined #osdev
<mcrod>
i'm bored
<Ermine>
int3 -- that's how i tried to debug onyx boot
mectron has quit [Quit: leaving]
<heat>
i usually prefer hlt
<heat>
int3 will crash the thing, usually
<heat>
hlt allows me to info registers in QEMU
<heat>
ofc if you need to crash or make it say something, int3 is a good option
<zid`>
xchg bx, bx for life
Jari-- has quit [Ping timeout: 265 seconds]
<nikolar>
Why
<heat>
It's a debugging trigger for bochs and some other emulators IIRc
<zid`>
it's a nop but it triggers bochs to hardware breakpoint yea
<zid`>
rather than having to deal with cpu exceptions
eddof13 has quit [Quit: eddof13]
<Ermine>
kek
* kof673
.oO( maybe if i try that gcc will not warn, since foo() is in scope still: void foo(void) { uchar x; schar direction; direction = bar(&x); ... } schar bar(void * vp1) { uchar y; void * vp2; vp2 = &y; if (vp1 > vp2) return -1; if (vp1 < vp2) return 1; return 0; } )
<Ermine>
so basically bochs checks each instruction whether it's xchg bx, bx?
vykt has joined #osdev
<zid`>
it's an interp so that's what it does for every instruction :p
<zid`>
switch(op) case 0x90: /* NOP */
<geist>
and it's single byte (i think) so you can stick it anywhere
<geist>
much like int3 which is a separate instruction from int # precisely because it's single byte
<heat>
i wonder, does xchg bx, bx work in ring3 too?
<pog>
catte
<GeDaMo>
xchg bx, bx is two bytes
<heat>
so sad
<heat>
the ideal x86 opcode is either one byte for an incredibly specific form of a single instruction
<GeDaMo>
xchg ax with another register is one byte
<pog>
pog ax, dx
<heat>
or 10 bytes with a 32-bit imm and a modrm byte and 2 levels of address calculation
<heat>
with 2+ prefixes
<geist>
oh huh well okay
* kof673
.oO( po g: prior thought bubble seems ok with -Os on gcc x86-32, but i was also seeing similar on gcc for riscv64 and arm64, maybe x86-64. possibly gcc is just trigger happy if it thinks you are doing something undefined... )
<geist>
i wouda thought they'd pick a one byte for that reason
<geist>
but then maybe there just wasn't one avail
<geist>
guess there's just not a lot of useless one byte instructions
<heat>
xchg ax, ax would be
<heat>
but that's nop :p
<GeDaMo>
Some of the one byte instructions were repurposed for 64 bit prefixes
<heat>
yeah but xchg bx, bx doesn't work for 64-bit either
<nikolar>
Why not
Gooberpatrol_66 has joined #osdev
Gooberpatrol66 has quit [Ping timeout: 244 seconds]
<heat>
it clears the top half of the RBX register
<heat>
it's not a nop
<nikolar>
Really
<zid`>
what's rbx
<nikolar>
It's a register, duh
<GeDaMo>
xchg bx, bx doesn't clear the top of rbx
<heat>
it definitely does?
<GeDaMo>
No, xchg ebx, ebx would
<nikolar>
If I had to guess, I'd say it didn't
<heat>
and the 16-bit variant doesn't?
<GeDaMo>
Correct
<zid`>
correct
<heat>
really?
<zid`>
yes
<heat>
fuck me that is stupid
<zid`>
why
<heat>
it partly beats the purpose of doing that in the first place
<zid`>
no?
<zid`>
mov does it because mov32 just turned into movzx64
<zid`>
intel just refuses to name anything anything other than 'mov'
<heat>
clearing the top half is supposed to help performance and avoid false dependencies
<zid`>
in 32 bit code running on 64bit regs, yes
<nikolar>
heat: instructions that operate on 16 and 8 bit subregisters generally leave the rest of the register unmodified
<heat>
and 64-bit code running on 64-bit
<nikolar>
For compat
<zid`>
you're *intentionally* doing fucky things if you're messing with ah
<heat>
i don't understand why they wouldn't do that on an operation that is semantically similar
<heat>
even if they keep the ah/al behavior similar
<zid`>
because it isn't semantically similar
<heat>
the top 32-bits should be cleared
<nikolar>
Only ops on 32 bit subregisters clear the upper half (they learned the lesson)
<GeDaMo>
Why not the top 48 bits? :P
<zid`>
it fixes the case that you'd have to xor rax, rax; mov eax, [int] everrywhere for 99.99% of all C programs, that deal in int
<zid`>
which is the case they wanted to fix
<zid`>
it then *does not* go onto *break* every logical op you might want to do on char
<nikolar>
(and they didn't fix it for 16/8 bit subregisters for compatibility)
<nikolar>
So you can run old code unmodified
<zid`>
and you don't want it to do it anyway!
<zid`>
imagine if mov rax, [rsi]; xor ah, ah cleared all of rax? lol
eddof13 has joined #osdev
<zid`>
why would I write xor ah,ah for any *other* reason than to unset byte 1
<zid`>
specifically byte 1, and leave all other bytes untouched
<zid`>
or al, 2
<zid`>
oops, lost all my high bits
<nikolar>
zid`: the reason why that's "bad" is because it introduces dependencies
<zid`>
and there's no or rax, 0x0000000000000007
<zid`>
so what do you do?
goliath has quit [Quit: SIGSEGV]
eddof13 has quit [Client Quit]
<zid`>
only ever do 64bit reg to reg alu operations forever would be your only solution, using movabs or something before every op, sounds great
<heat>
there is, though
<heat>
or rax, 7 just works
<heat>
it covers all of the lower 32-bits, which is what you want anyway
<zid`>
two override bytes, nice
<GeDaMo>
1 0000 4883C807 or rax,7
<zid`>
you know what we could do, instead of using all those override bytes, we move all the useful ops outside of that override space
<zid`>
and put them on say, C8
<zid`>
bam, made your encoding 2 bytes shorter for every op
<zid`>
you're welcome
<zid`>
the 'zero upper bits' thing is literally just so that 'int' in C doesn't generate shit code or buggy code all over the place, just consider mov to 32bit reg to now be movzx to a 64bit.
<zid`>
like how you can movzx to a 32bit, and the manual actually supports calling it that
<zid`>
it's just intel refusing to rename mov
<zid`>
or I guess amd
<nikolar>
zid`: I'm pretty sure it's the exact same instruction encoding, barring the prefix
<nikolar>
They just realized that ooe doesn't play nicely with partial register updates
<nikolar>
So amd "fixed" it for x86-64
<zid`>
x86 hasn't cared about partial reg updates in forever, in terms of perf, btw
<nikolar>
(well, as much as they could, due to compatibility)
<nikolar>
zid`: they did at the start
<zid`>
they just failed to rename 'mov' is all
<nikolar>
When this change happened
<zid`>
it's now movzx and targets a 64bit reg
<zid`>
if you target a 32bit one
<zid`>
mov eax should be movzx rax
<zid`>
It'd be interesting to give all the encodings to an alien
<zid`>
and see what names they come up with for x86 encodings
<zid`>
I guarentee the splits will be in completely different places at the very least
<zid`>
(like, 88 89 8a 8b 8c 8e a0 a1 a2 a3 b0 b8 c6 b7.. etc are all 'mov' in the intel manual)
<zid`>
what are we, arm
<zid`>
mips is like "no no, you mean lauiaie"
<zid`>
it's a load accumulator upper immediate and include extension
eddof13 has joined #osdev
eddof13 has quit [Client Quit]
GeDaMo has quit [Quit: 0wt 0f v0w3ls.]
karenw has quit [Remote host closed the connection]
karenw has joined #osdev
mavhq has quit [Ping timeout: 272 seconds]
Gooberpatrol66 has joined #osdev
Gooberpatrol_66 has quit [Ping timeout: 244 seconds]
mavhq has joined #osdev
<the_oz_>
I must be retarded
<the_oz_>
32^2 equals 1024? what the fuck happened to 4 billion?
<the_oz_>
I was trying to get a nice unbalanced ternary like 27^3
<the_oz_>
but then I was like wait what the fuck happened
<xenos1984>
32^2 != 2^32
<the_oz_>
ohhhhhhhhhhhhhhhhhhhhhh
<the_oz_>
yep retarded
<heat>
indeed
<zid`>
32^2 is my dbz power level
tigerbrother has quit [Quit: Ping timeout (120 seconds)]
tigerbrother has joined #osdev
Gooberpatrol66 has quit [Quit: Konversation terminated!]
eddof13 has joined #osdev
simjnd has quit [Ping timeout: 272 seconds]
netbsduser`` has quit [Ping timeout: 252 seconds]
Yoofie646446382 has joined #osdev
simjnd has joined #osdev
Yoofie646446386 has joined #osdev
Yoofie64644638 has quit [Ping timeout: 260 seconds]
Yoofie646446386 is now known as Yoofie64644638
Yoofie646446382 has quit [Ping timeout: 252 seconds]