Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Recursion without recursive call?

Tags:

Found this on /prog/. I actually GDB'd it, and yes, it was truly a recursion. But how did it happen?

// This works on 32-bit x86 Linux with gcc as long as you don't enable optimization.

#include <stdio.h>
#include <stdlib.h>

static void factorial(int in, int *out)
{
  *(&in-1)-=5-5*(1/in);
  *out*=in--;
}

int main(int argc, char **argv) 
{
  int result=1;
  int number=0;

  if (argc!=2) 
    exit(1);

  number=atoi(argv[1]);
  if (number<1)
    exit(2);

  factorial(number, &result);
  printf("%d! = %d\n", number, result);
  return 0;
}


$ ./factorial 3
3! = 6

$ ./factorial 5
5! = 120
like image 207
user769143 Avatar asked Jun 16 '11 10:06

user769143

People also ask

Does recursion have to call itself?

Recursion is when a function calls itself until someone stops it. If no one stops it then it'll recurse (call itself) forever. Recursive functions let you perform a unit of work multiple times.

How do I stop recursive calls?

To avoid recursive triggers you can create a class with a static Boolean variable with default value true. In the trigger, before executing your code keep a check that the variable is true or not. Once you check make the variable false.

What is recursive call in recursion?

A recursive call is one where procedure A calls itself or calls procedure B which then calls procedure A again. Each recursive call causes a new invocation of the procedure to be placed on the call stack.

What can be used to replace recursion?

Many professional developers probably already know how to replace recursive functions to avoid stack-overflow problems in advance by replacing with iterative function or using stack (heap stack) and while-loop (recursive simulation function).

2 Answers

Sweet. ;)

This is extremely non-portable code that works only on x86. What it's doing is changing the return address on the stack so that if in>1, the function returns not to the instruction following the call instruction, but to the call instruction itself. A call instruction on x86 is five bytes (one opcode plus the 4-byte address of the call destination), so five needs to be subtracted from the return address.

This

*(&in-1)-=5-5*(1/in);

is just an obfuscated way of saying

if(in>1)
    *(&in-1)-=5;

And &in-1 is where the return address lives on the stack.

like image 63
Martin B Avatar answered Oct 04 '22 19:10

Martin B

It's corrupting return addresses on the stack to cause the recursion to happen.

*(&in-1)-=5-5*(1/in);

&in-1 is probably the pushed return address. the rest is just unpleasant magic.

like image 20
Roddy Avatar answered Oct 04 '22 20:10

Roddy
Sign in to Comment

Related questions

How do I create the TBody tag in a Table with pure JavaScript?
NetworkStream.Write vs. Socket.Send
Is there a culture-safe way to get ToShortDateString() and ToShortTimeString() with leading zeros?
Pointer conversion issue with Ternary operator
protobuf-net Serialize To String and Store in Database Then De Serialize
Separating Unicode ligature characters
Detect whether an UIImage is PNG or JPEG?
Missing Table When Running Django Unittest with Sqlite3
How to modify javascript code at run time?
Is '\0' guaranteed to be 0?
How to create a program to list all the USB devices in a Mac?
C# Excel Interop: How to format cells to store values as text

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!