hyeron bosh wrote: > I have a (probably naive) question about > messing up the stack pointer. > > Here is the code produced by gcc > for some function "X" (original source code is C/Obj-C) > > #---- function "X" entry point -------------------- > 0x82699 <>: push %ebp > 0x8269a <+1>: mov %esp,%ebp > 0x8269c <+3>: push %edi > 0x8269d <+4>: push %esi > 0x8269e <+5>: push %ebx > 0x8269f <+6>: call 0x826a4 <+11> > 0x826a4 <+11>: pop %ebx > 0x826a5 <+12>: sub $0x2e,%esp ;; <---------(1) > ... > ... stuff here > ... call another function "Y" > ... stuff here > ... > 0x829fe <+869>: add $0x2e,%esp ;; <---------(2) > 0x82a01 <+872>: pop %ebx > 0x82a02 <+873>: pop %esi > 0x82a03 <+874>: pop %edi > 0x82a04 <+875>: leave > 0x82a05 <+876>: ret > #---------------- end of function ----------------- > > As I understand, instructions (1) and (2) are used > to make room for the local variables declared in "X". > Hence I would assume that simply replacing in both instructions the > immediate value 0x2e with a HIGHER value, say 0x40 > cannot affect the execution of the process. > > Surprisingly (for me) I patched the executable > replacing just those 2 bytes and I got: > EXC_BAD_INSTRUCTION in a function "Z" called by "Y". > > I thought that no matter how the source is written > [ I do not have the source code :) ], > the patch I made must always be harmless, but > obviously this is not the case. > > Thanks for any explaination.
Two possibilities: You messed up the alignment of the stack pointer; some multimedia instructions require an aligned stack. The compiler knows the relationship between BP and SP. There might be code that broke because you changed that. Andrew.
