1.noreturn
A few standard library functions, such as abort and exit, cannot return. GCC knows this automatically. Some programs define their own functions that never return. You can declare them noreturn to tell the compiler this fact. For example,
void fatal () __attribute__ ((noreturn)); void fatal (/* ... */) { /* ... */ /* Print error message. */ /* ... */ exit (1); }
The noreturn keyword tells the compiler to assume that fatal cannot return. It can then optimize without regard to what would happen if fatal ever did return. This makes slightly better code. More importantly, it helps avoid spurious warnings of uninitialized variables.
The noreturn keyword does not affect the exceptional path when that applies: a noreturn-marked function may still return to the caller by throwing an exception or calling longjmp.
Do not assume that registers saved by the calling function are restored before calling the noreturn function.
It does not make sense for a noreturn function to have a return type other than void.
The attribute noreturn is not implemented in GCC versions earlier than 2.5. An alternative way to declare that a function does not return, which works in the current version and in some older versions, is as follows:
typedef void voidfn ();
volatile voidfn fatal;
This approach does not work in GNU C++.
#include <stdlib.h> extern void exitnow() __attribute__((noreturn)); //extern void exitnow(); int foo(int n) { if ( n > 0 ) { exitnow(); exit(1); } else return 0; } gcc -c -Wall testnoreturn2.c objdump -d testnoreturn2.o 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 83 ec 08 sub $0x8,%esp 6: 83 7d 08 00 cmpl $0x0,0x8(%ebp) a: 7e 05 jle 11 <foo+0x11> c: e8 fc ff ff ff call d <foo+0xd> <---优化掉后面的exit调用 11: b8 00 00 00 00 mov $0x0,%eax 16: c9 leave 17: c3 ret 不加__attribute__((noreturn)) 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 83 ec 18 sub $0x18,%esp 6: 83 7d 08 00 cmpl $0x0,0x8(%ebp) a: 7e 11 jle 1d <foo+0x1d> c: e8 fc ff ff ff call d <foo+0xd> 11: c7 04 24 01 00 00 00 movl $0x1,(%esp) 18: e8 fc ff ff ff call 19 <foo+0x19> <--没优化掉 1d: b8 00 00 00 00 mov $0x0,%eax 22: c9 leave 23: c3 ret
后面的代码优化掉了
2.linux中die_if_kernel漏洞就是这个回事
漏洞相见:
http://www.linuxforum.net/forum/printthread.php?Cat=&Board=security&main=600232&type=post
参考链接:
http://bbs.chinaunix.net/thread-3596608-1-1.html
http://gcc.gnu.org/onlinedocs/gcc-4.3.2//gcc/Function-Attributes.html
http://hi.baidu.com/%CB%AE%C8%DD%CC%EC/blog/item/b796ae56171e06163b293571.html
http://blog.csdn.net/kesalin/article/details/3390004