Shulou(Shulou.com)06/02 Report--

This article mainly talks about "the shortest crash program analysis of C language". Interested friends may wish to take a look at it. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn "the shortest crash program analysis in C language".

Usually students either try to backquote an illegal address or divide by 0. 5%. Dividing by 0 throws a SIGFPE signal (floating-point exception). Here is a small example program that uses division by zero to crash it:

Int main () {return 1amp 0;}

We can also delete the return keyword, but when I do, gcc does not generate executable code for these statements, even if the optimization option is dropped by disable. We can also change some of the characteristics of the above code by changing the above statement to an assignment statement:

I; int main () {item1amp 0;}

Notice that I declare an I that has no type. Such code is valid in the C89 standard because all declarations have an invisible default type int. This is a mistake in C99 and other C standards. Assuming we are writing C89 code, we can even use invisible int to declare the main function:

I; main () {iTun1AGOO;}

That's pretty short code-if we don't count the spaces used for indentation, it's only 16 characters. However, we can do better!

When a C program is compiled, the compiler produces one or more object files with symbolic indexes of the libraries and full-range objects (functions and variables) used. These object files are then linked, and the symbolic index is replaced by the address, resulting in an executable file.

The compiler provides an entry point for calling main functions in an object file. Calling the main function means that we are trying to execute the instructions stored in the address corresponding to the location of the main function link.

Interestingly, the linker has no idea about the types of different objects, it only knows their addresses. So, if we replace the main function with a regular full-range variable, the compiler will happily build the object file because it doesn't care about the type of object main; the linker will happily link it because it only cares about the address corresponding to the main function.

So, consider this C program:

Int main=0

This program will be compiled into an executable file, it will try to call the address 0, and 0 is not the address we can access, so we will get the SIGSEGV signal (segmentation error).

Correction: my previous analysis of the cause of this program crash was wrong. The program will try to execute main as a function, which won't work because the compiler puts it in an unexecutable segment. So it doesn't matter why the variable main is initialized. (thanks to Zack for his correction.)

Now we are very close to the smallest crashed C program. We can use this technique, in conjunction with the invisible int type, to shorten it further.

Main=0

Also, the global variables in C are implicitly initialized to 0, so the above code is equivalent to:

Main

All right, now we have the shortest C program that crashes!

Add:

Hacker News user femto pointed out that it is also possible to compile and link an empty file. I didn't release this because gcc refuses to compile and link programs like this, which requires separate compilation and linking processes.

At this point, I believe you have a deeper understanding of "the shortest crash program analysis in C language". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.