1 # stop: dependency-injected wrapper around the exit() syscall 2 # 3 # We'd like to be able to write tests for functions that call exit(), and to 4 # make assertions about whether they exit() or not in a given situation. To 5 # achieve this we'll call exit() via a smarter wrapper called 'stop'. 6 # 7 # In the context of a test, calling a function X that calls 'stop' (directly 8 # or through further intervening calls) will unwind the stack until X returns, 9 # so that we can say check any further assertions after the execution of X. To 10 # achieve this end, we'll pass the return address of X as a 'target' argument 11 # into X, plumbing it through to 'stop'. When 'stop' gets a non-null target it 12 # unwinds the stack until the target. If it gets a null target it calls 13 # exit(). 14 # 15 # We'd also like to get the exit status out of 'stop', so we'll combine the 16 # input target with an output status parameter into a type called 'exit-descriptor'. 17 # 18 # So the exit-descriptor looks like this: 19 # target: address # return address for 'stop' to unwind to 20 # value: int # exit status stop was called with 21 # 22 # 'stop' thus takes two parameters: an exit-descriptor and the exit status. 23 # 24 # 'stop' won't bother cleaning up any other processor state besides the stack, 25 # such as registers. Only esp will have a well-defined value after 'stop' 26 # returns. (This is a poor man's setjmp/longjmp, if you know what that is.) 27 # 28 # Before you can call any function that may call 'stop', you need to pass in an 29 # exit-descriptor to it. To create an exit-descriptor use 'tailor-exit-descriptor' 30 # below. It's not the most pleasant abstraction in the world. 31 # 32 # An exit-descriptor's target is its input, computed during 'tailor-exit-descriptor'. 33 # Its value is its output, computed during stop and available to the test. 34 35 == code 36 # instruction effective address register displacement immediate 37 # . op subop mod rm32 base index scale r32 38 # . 1-3 bytes 3 bits 2 bits 3 bits 3 bits 3 bits 2 bits 2 bits 0/1/2/4 bytes 0/1/2/4 bytes 39 40 # Configure an exit-descriptor for a call pushing 'nbytes' bytes of args to 41 # the stack. 42 # Ugly that we need to know the size of args. Don't allocate variables between 43 # tailor-exit-descriptor and the call it's for. 44 tailor-exit-descriptor: # ed: (addr exit-descriptor), nbytes: int 45 # . prologue 46 55/push-ebp 47 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp 48 # . save registers 49 50/push-eax 50 51/push-ecx 51 # eax = nbytes 52 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 0/r32/eax 0xc/disp8 . # copy *(ebp+12) to eax 53 # Let X be the value of esp in the caller, before the call to tailor-exit-descriptor. 54 # The return address for a call in the caller's body will be at: 55 # X-8 if the caller takes 4 bytes of args for the exit-descriptor (add 4 bytes for the return address) 56 # X-12 if the caller takes 8 bytes of args 57 # ..and so on 58 # That's the value we need to return: X-nbytes-4 59 # 60 # However, we also need to account for the perturbance to esp caused by the 61 # call to tailor-exit-descriptor. It pushes 8 bytes of args followed by 4 62 # bytes for the return address and 4 bytes to push ebp above. 63 # So ebp at this point is X-16. 64 # 65 # So the return address for the next call in the caller is: 66 # ebp+8 if the caller takes 4 bytes of args 67 # ebp+4 if the caller takes 8 bytes of args 68 # ebp if the caller takes 12 bytes of args 69 # ebp-4 if the caller takes 16 bytes of args 70 # ..and so on 71 # That's ebp+12-nbytes. 72 # option 1: 6 + 3 bytes 73 #? 2d/subtract 3/mod/direct 0/rm32/eax . . . . . 8/imm32 # subtract from eax 74 #? 8d/copy-address 0/mod/indirect 4/rm32/sib 5/base/ebp 0/index/eax . 0/r32/eax . . # copy ebp+eax to eax 75 # option 2: 2 + 4 bytes 76 f7 3/subop/negate 3/mod/direct 0/rm32/eax . . . . . . # negate eax 77 8d/copy-address 1/mod/*+disp8 4/rm32/sib 5/base/ebp 0/index/eax . 0/r32/eax 0xc/disp8 . # copy ebp+eax+12 to eax 78 # copy eax to ed->target 79 8b/copy 1/mod/*+disp8 5/rm32/ebp . . . 1/r32/ecx 8/disp8 . # copy *(ebp+8) to ecx 80 89/copy 0/mod/indirect 1/rm32/ecx . . . 0/r32/eax . . # copy eax to *ecx 81 # initialize ed->value 82 c7 0/subop/copy 1/mod/*+disp8 1/rm32/ecx . . . . 4/disp8 0/imm32 # copy to *(ecx+4) 83 $tailor-exit-descriptor:end: 84 # . restore registers 85 59/pop-to-ecx 86 58/pop-to-eax 87 # . epilogue 88 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 89 5d/pop-to-ebp 90 c3/return 91 92 stop: # ed: (addr exit-descriptor), value: int 93 # no prologue; one way or another, we're going to clobber registers 94 # eax = ed 95 8b/copy 1/mod/*+disp8 4/rm32/sib 4/base/esp 4/index/none . 0/r32/eax 4/disp8 . # copy *(esp+4) to eax 96 # if (ed == 0) really exit 97 3d/compare-eax-and 0/imm32 98 74/jump-if-= $stop:real/disp8 99 # if (ed->target == 0) really exit 100 81 7/subop/compare 0/mod/indirect 0/rm32/eax . . . . . 0/imm32 # compare *eax 101 74/jump-if-= $stop:real/disp8 102 $stop:fake: 103 # ed->value = value+1 104 8b/copy 1/mod/*+disp8 4/rm32/sib 4/base/esp 4/index/none . 1/r32/ecx 8/disp8 . # copy *(esp+8) to ecx 105 41/increment-ecx 106 89/copy 1/mod/*+disp8 0/rm32/eax . . . 1/r32/ecx 4/disp8 . # copy ecx to *(eax+4) 107 # perform a non-local jump to ed->target 108 8b/copy 0/mod/indirect 0/rm32/eax . . . 4/r32/esp . . # copy *eax to esp 109 $stop:end1: 110 # never gets here 111 c3/return # doesn't return to caller 112 $stop:real: 113 # . syscall_exit(value) 114 8b/copy 1/mod/*+disp8 4/rm32/sib 4/base/esp 4/index/none . 3/r32/ebx 8/disp8 . # copy *(esp+8) to ebx 115 e8/call syscall_exit/disp32 116 $stop:end2: 117 # never gets here 118 c3/return # doesn't return to caller 119 120 test-stop-skips-returns-on-exit: 121 # This looks like the standard prologue, but is here for different reasons. 122 # A function calling 'stop' can't rely on ebp persisting past the call. 123 # 124 # Use ebp here as a stable base to refer to locals and arguments from in the 125 # presence of push/pop/call instructions. 126 # *Don't* use ebp as a way to restore esp. 127 55/push-ebp 128 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp 129 # Make room for an exit descriptor on the stack. That's almost always the 130 # right place for it, available only as long as it's legal to use. Once this 131 # containing function returns we'll need a new exit descriptor. 132 # var ed/eax: exit-descriptor 133 68/push 0/imm32 134 68/push 0/imm32 135 89/copy 3/mod/direct 0/rm32/eax . . . 4/r32/esp . . # copy esp to eax 136 # Size the exit-descriptor precisely for the next call below, to _test-stop-1. 137 # tailor-exit-descriptor(ed, 4) 138 # . . push args 139 68/push 4/imm32/nbytes-of-args-for-_test-stop-1 140 50/push-eax 141 # . . call 142 e8/call tailor-exit-descriptor/disp32 143 # . . discard args 144 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp 145 # . _test-stop-1(ed) 146 # . . push args 147 50/push-eax 148 # . . call 149 e8/call _test-stop-1/disp32 150 # registers except esp may be clobbered at this point 151 # restore args 152 58/pop-to-eax 153 # check that _test-stop-1 tried to call exit(1) 154 # . check-ints-equal(ed->value, 2, msg) # i.e. stop was called with value 1 155 # . . push args 156 68/push "F - test-stop-skips-returns-on-exit"/imm32 157 68/push 2/imm32 158 # . . push ed->value 159 ff 6/subop/push 1/mod/*+disp8 0/rm32/eax . . . . 4/disp8 . # push *(eax+4) 160 # . . call 161 e8/call check-ints-equal/disp32 162 # . . discard args 163 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp 164 # . epilogue 165 # don't restore esp from ebp; manually reclaim locals 166 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 8/imm32 # add to esp 167 5d/pop-to-ebp 168 c3/return 169 170 _test-stop-1: # ed: (addr exit-descriptor) 171 # . prologue 172 55/push-ebp 173 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp 174 # _test-stop-2(ed) 175 # . . push args 176 ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 8/disp8 . # push *(ebp+8) 177 # . . call 178 e8/call _test-stop-2/disp32 179 # should never get past this point 180 $_test-stop-1:dead-end: 181 # . . discard args 182 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 4/imm32 # add to esp 183 # signal test failed: check-ints-equal(1, 0, msg) 184 # . . push args 185 68/push "F - test-stop-skips-returns-on-exit"/imm32 186 68/push 0/imm32 187 68/push 1/imm32 188 # . . call 189 e8/call check-ints-equal/disp32 190 # . . discard args 191 81 0/subop/add 3/mod/direct 4/rm32/esp . . . . . 0xc/imm32 # add to esp 192 # . epilogue 193 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 194 5d/pop-to-ebp 195 c3/return 196 197 _test-stop-2: # ed: (addr exit-descriptor) 198 # . prologue 199 55/push-ebp 200 89/copy 3/mod/direct 5/rm32/ebp . . . 4/r32/esp . . # copy esp to ebp 201 # . stop(ed, 1) 202 # . . push args 203 68/push 1/imm32 204 ff 6/subop/push 1/mod/*+disp8 5/rm32/ebp . . . . 8/disp8 . # push *(ebp+8) 205 # . . call 206 e8/call stop/disp32 207 # should never get past this point 208 $_test-stop-2:dead-end: 209 # . epilogue 210 89/copy 3/mod/direct 4/rm32/esp . . . 5/r32/ebp . . # copy ebp to esp 211 5d/pop-to-ebp 212 c3/return 213 214 # . . vim:nowrap:textwidth=0