Your x86-64 assembly program looks correct, links with GCC, calls printf, and then crashes with a segfault. This video shows exactly why it happens and how to fix it.
We build a hybrid program using Yasm and GCC on Linux, print a message from C++, call an assembly function, and hit the crash. Then we fix it with a push and pop of RAX, move the fix into the function prologue and epilogue, and run experiments to prove it works.
No long lectures, just code, a real crash, and a real solution that stops the problem for good.
Introduction 00:00:00
Hybrid Programs 00:00:09
Stack Alignment Problem 00:00:33
GCC Stack Expectations 00:01:14
Makefile Overview 00:02:22
Driver Code 00:03:16
Assembly Module Setup 00:04:12
Calling printf 00:05:20
Program Crash Demo 00:07:17
Diagnosing Segfault 00:07:56
Fix with Push-Pop 00:09:08
Prologue Epilogue Fix 00:11:18
Experiments Confirm 00:12:54
Conclusion 00:13:32
Outro Thanks 00:13:52
Thanks for watching!
Find us on other social media here:
- https://www.NeuralLantern.com/social
Please help support us!
- Subscribing + Sharing on Social Media
- Leaving a comment or suggestion
- Subscribing to our Blog
- Watching the main “pinned” video of this channel for offers and extras
Hello there. Let’s talk about stack alignment.
When you’re linking and running a program for x86-64 using a Yasm assembler,
and also you have a hybrid program, so you’re using the GCC libraries in order to get some
extra functions or extra functionality, or just so you can have different types of source code
is not about how to make a hybrid program look for my other video for that topic this video is
only about solving a common problem which costs people tons of time called stack alignment imagine
this you’re writing a program a hybrid program and every once in a while you call on a function
within the gcc libraries or perhaps you call another function that you don’t control or or
something that might in turn call on a gcc library and you can’t figure out why but your program
figure out why but your program keeps crashing for no reason seemingly you’ve spent hours and hours
debugging your program it appears to be correct but it still crashes if that happens to you there’s
a chance that you’re suffering from stack alignment issues so what do i mean by by this i mean uh
basically the gcc libraries they expect that your stack which is the data structure you use
uh you know when you’re calling a function or returning from a function or you’re making local
or you’re making local variables uh where you’re like pushing you know when you’re pushing and
popping stuff onto the stack uh gcc expects that the stack is aligned to eight bytes
um so that means basically every time you do a push or a pop the stack kind of goes out of
alignment and goes into alignment so like i do a push the stack goes out of alignment i do another
I pop later it gets out of alignment I pop again it goes into alignment every
time you do a function call every time you modify the stack by you know a
certain number of bytes it could potentially be going out of alignment I
think it stays into the same alignment if you push twice as far as I recall or
if you jump quickly twice but the point is this is kind of a precarious thing
and maybe sometimes you’re not sure am I suffering from stack alignment well
and make sure that it’s not happening.
So first off, I just want to show you my make file real fast.
This is not a make file video, so I’m going to just really,
I’m going to very quickly go through it.
This is a hybrid program, so I just have some variables at the top
for C++ compilation and some variables over here for assembly in Yasm.
And then I’m going to link using G++.
Anytime you’re linking with G++, that means the G++ libraries are there.
You should already think to yourself, maybe it’s at least possible
maybe it’s at least possible stack alignment could be some of my crashes,
especially if you’re actually calling GCC libraries or a library that you don’t
control or a library that you don’t know what the source is inside of it.
So I’m just, you know,
I have a little menu here and then there’s like a run target.
And then all I’m doing is I’m just compiling a driver and an assembly module
called whoops,
which will do the stack alignment issues for us or which will show us the
issues. The driver is pretty simple.
simple it’s the entry point for the program it’s got a main function it just prints a message and
then it calls our whoops function just to prove to you we’re in a hybrid program we’ve got an
extern c block to disable name mangling on the whoops program so that the c plus plus module
can call on the assembly module that’s not what this video is about check my other videos if you’re
interested in more of that or if you’re still trying to figure out what to do but basically in
You know define some stuff so that I can print string messages. This is all covered in other videos that I’ve made
but we’re just gonna say there’s gonna be a welcome message and
Then I’m gonna actually call on a GCC library a regular like C standard library print F
To just kind of print something for us
Then we’re gonna do a goodbye message and then
We sort of enter up here. So the first thing you
probably are wondering is wait a minute can you call printf from assembly yeah you can if you’re
linking with the gcc libraries there are a lot of functions out there that provide extra
functionality just be very careful that you don’t uh accidentally like if you’re doing homework at
home be careful you don’t actually you don’t accidentally get in trouble for using a function
that was pre-written in order to accomplish something in your homework that you were
supposed to do so be careful about that you could you know depending on your professor you could
professor you could lose a lot of points or all the points or whatever so anyway you can call
printf and other c and c++ library functions all you have to do is number one make a hybrid program
that links against the gcc libraries and number two name the functions with extern so i want to
call printf in this program so i’m just going to say extern printf to indicate to the linker that
symbol which you know it should should link to it because it’s like in another module somewhere it’ll
be inside the gcc library then the entry point for this particular module it’s just a function that
i expose as global so that other places in the program can call on it and i’m just calling it
whoops i am let’s see writing this as a function not a regular assembly label that has to be sys
function where I have to actually return when I’m finished. This is not a functions video,
but again, if I was using any Kali preserved registers per the ABI, then I would do like a
push pop pair on the top and the bottom, but I’m not. So first thing that happens is we just print
a welcome message. No problem. This is not a printing tutorial video. So check out my other
videos. And then we’ll actually just call on printf. We’ll ask printf, could you print this
We’ll ask printf, could you print this string for us?
And then we’ll say goodbye with just another print.
So this is the problem here, the call to printf.
It seems good.
I mean, all we’re doing is we are respecting the ABI by saying,
all right, printf wants a pointer to the C string that we wish to print.
And so I’m just going to load up the first integer argument,
which also could be a pointer argument, RDI,
with a pointer to my string, just printf message.
printf message and then I’m going to call printf. Should work. Let me show you what is actually in
the string just for your information. The string is just a message in quotes that says you know
this is a string printed by printf and then I add a carriage return line feed to the end of it so
printf will do the new lining all for me without me having to call another function and then I give
it a null terminator. I’m not going to explain null terminators too much in this video but just
this kind of thing is required for printf because printf will scan printf doesn’t actually need the
length of the message so i don’t even know why i put this in here so line 24 totally useless
anyway so this feels like it should work but it’s not going to work let’s see what happens
if i do well i’ll do clear and make run then you can see that the program gets compiled and then
We get the welcome message from the driver.
It says, my name is Miles Pepperdraut.
That’s not my real name.
I just love those names.
And then it says, I will now call the whoops module.
That’s the driver talking.
And then now we’re inside of the whoops module and it says,
hello, this is the whoops module.
And then we get a segfault.
Program crashes.
Your program doesn’t work for your customers
or you don’t get your points on your homework or whatever it is
because we have a segmentation fault.
fault this is not good and this happens to lots of people they’re coding and
they’re debugging for hours and hours and hours not understanding where the
seg fault is coming from it might be coming from stack alignment in this case
I know for sure it’s coming from stack alignment just because I wrote the
program on purpose the crash so let’s let’s look at a way to I mean first to
debug this your first clue is I am sure that it’s working it’s still crashing
and I’m calling something that is GCC or I’m calling something that I don’t know what the
code is inside it could be calling GCC like if you have a library from somewhere else maybe it’s
calling GCC you don’t really know so that’s my first clue I’ll go into the source code and I’ll
just kind of try something so at the beginning of my function we know that every time you jump into
a function or do a function call then the stack changes a little bit because the stack has to
store the return address of where you’re going to return to later. So that means there’s a potential
here for stack alignment issues. And I’m going to go ahead and try something to see if I can
prove to myself that this is a stack alignment issue. What I’m going to do is I’m just going to
move the stack by eight bytes. So how do we do that? You could either move the stack pointer
forward and back if you wanted to, like we have add or subtract. I think subtract would be what
I think subtract would be what we want to do just to the let’s see where is it rsp the stack register
I’m not going to do that here
I’m just going to prove a point and make things a little bit easier
We’ll push the number or sorry we won’t push a number we’ll push rax and then after that we’ll pop rax
And what’s happening is i’m changing the alignment of the stack and then i’m calling on printf
And then i’m changing the alignment of the stack again
I’m sort of like
you can imagine I’m just like pushing a dummy value onto the stack.
Like we don’t really care what’s inside of RAX.
We’re not trying to preserve RAX.
We’re not going to use the stack or anything like that.
So I’m just saying, well, let’s just put something on there.
I don’t even care what it is.
And then when we’re done, we’ll just pop it right back off.
That way, when we’re finished, the stack is really unchanged.
But inside of that push pop pair, the stack is differently aligned by about eight bytes
Well, this right here is an 8-byte register, a 64-bit register.
So we’re moving the stack, then we’re doing the call, and then we’re moving the stack back.
With only that one change, you don’t want to make the mistake of making a bunch of changes
because then it’s hard to figure out which change actually worked.
With just that one change, I’m going to run the program again.
Notice how the program finishes correctly.
So, of course, nothing in life is 100%, but at this point, I would be pretty sure that my issue was stack alignment.
was stack alignment. I don’t know where the stack alignment came from. Maybe it came from the
function call. Maybe it came from some push pops I had at the top or the bottom. I don’t really know.
You can probably bet that if you call on another function that respects the ABI, that when your
function comes, when your call comes back, the stack’s not going to be in a different alignment,
which means let’s say I had like many, many calls to print F here. I wouldn’t necessarily want to
every single time I called on a function,
I probably would want to put this push pop pair
like at the very top in the prologue.
Maybe let’s say prologue.
I’ll do like just push R-A-X
and then leave myself a comment
because it’s easy to forget assembly in assembly
like what you’re doing.
So I’m just going to leave myself a note
and I’m just going to say stack alignment
just to remind myself not to accidentally remove it later.
And then I’m going to do a pop R-A-X at the end.
So I’m going to do like an epilogue.
epilog I thought I spelled that right epilog I am sure that I’m spelling it
right okay so then I’m gonna pop RAX and and hilariously since you don’t really
care about the value of RAX you could pop a different register as long as it
wasn’t call he saved but just so this is a little bit easier to understand and
more stable I’m gonna do it this way so then I’m gonna say stack alignments
stack alignment and maybe I want to like line up these comments so I’ll just kind
of like line up the comments so now the whole entire function because if you
look inside of them the you know the body of my function I’m not really
changing the stack alignment I’m not modifying the stack register I’m not
doing any more push pop pairs I’m not doing anything so probably the stack is
out of alignment during the entire function which means I can make my
now by removing these push pop pairs that are surrounding that surround the
printf calls so you know I have like half the number of push pop pairs at
this point so let’s see if that works notice how the program still runs no
problem and just as another experiment I’m gonna comment out the push and the
pop pair you got to comment out the pair not just one push and not the pop
push and not the pop or vice versa. Otherwise the whole program is not going to work.
So if I commented it out, now it should crash for sure. Notice how it crashes.
All right. So if I put it back one more experiment just to be, you know,
just to be like really obsessed with the specificity and make sure that the program works
just to be really robust and it works. Okay. So this is a stack alignment in x86-64
GCC library dependent hybrid programs in Yasm. I’m sure this applies to a lot of other areas, but
Yasm x86-64 on Linux is what I’m doing. So I hope this was helpful to you. I hope you learned a
little bit and had a little bit of fun. I’ll see you in the next video.
Hey everybody. Thanks for watching this video again from the bottom of my heart. I really
appreciate it. I do hope you did learn something and have some fun. If you could do me a please
If you could do me a please a small little favor, could you please subscribe and follow this channel or these videos or whatever it is you do on the current social media website that you’re looking at right now?
It would really mean the world to me and it’ll help make more videos and grow this community.
So we’ll be able to do more videos, longer videos, better videos, or just I’ll be able to keep making videos in general.
So please do me a kindness and subscribe.
I’m sleeping in the middle of the night and I just wake up because I know somebody subscribed or followed.
It just wakes me up and I get filled with joy.
That’s exactly what happens every single time.
So you could do it as a nice favor to me or you could troll me if you want to just wake me up in the middle of the night.
Just subscribe and then I’ll just wake up.
I promise that’s what will happen.
Also, if you look at the middle of the screen right now, you should see a QR code which you can scan in order to go to the website,
which I think is also named somewhere at the bottom of this video.
it’ll take you to my main website where you can just kind of like see all the videos i published
and the services and tutorials and things that i offer and all that good stuff and uh
if you have a suggestion for uh uh clarifications or errata or just future videos that you want to
see please leave a comment or if you just want to say hey what’s up what’s going on you know just
send me a comment whatever i also wake up for those in the middle of the night i get i wake
it would really mean the world to me.
I would really appreciate it.
So again, thank you so much for watching this video
and enjoy the cool music
as I fade into the darkness,
which is coming for us all.
Thank you.
