Here's a simple concrete example for folks who don't know Rust: int main(int arg...

anshargal · on Nov 3, 2022

I had to add

  #define _GNU_SOURCE
  #include <sys/mman.h>
  #include <unistd.h>

I've tested in Fabrice Bellard JSLinux with tcc (x86 arch) and on https://replit.com/languages/c (x64). I failed to see any side effect at all. gdb "catch syscall" doesn't show anything interesting too. Looks like TINY_ELF_PROGRAM is not doing anything.

enriquto · on Nov 3, 2022

you can disassemble the code portion, they are single-byte instructions

    push 0x2a
    pop edi
    push 0x3c
    pop eax
    db 0x0f, 0x05 ; invalid?

qguv · on Nov 3, 2022

    ; set the first syscall argument to 42
    push   0x2a
    pop    edi

    ; select syscall 60 (sys_exit)
    push   0x3c
    pop    eax

    ; sys_exit(42)
    syscall

enriquto · on Nov 3, 2022

LOL my asm is rusty, didn't even know about the syscall instruction (I'd have used int 0x80 here)

mFixman · on Nov 3, 2022

What's the point of `push`ing constants to the stack and `pop`ing them to registers instead of `mov`ing them directly?

saagarjha · on Nov 3, 2022

I think they encode smaller?

anshargal · on Nov 3, 2022

That's cool - I wonder why exit code is not set to 42 in practice? binary still returns 0, must be a bug somewhere.

saagarjha · on Nov 3, 2022

A successful run not exiting with EXIT_SUCCESS usually requires a good reason to justify it.

tralarpa · on Nov 3, 2022

It returns the answer to an important question :)

Edit: Wouldn't mov be shorter than push/pop? (I am not very familar with x86)

kubanczyk · on Nov 4, 2022

No, mov is longer. Push stores the constant as just one byte and omits the three zero bytes. https://stackoverflow.com/questions/56618815/why-use-push-po...