[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libunwind] bug (and suggested fix): desc_alias() and zero-size regions
From: |
Todd L Miller |
Subject: |
[libunwind] bug (and suggested fix): desc_alias() and zero-size regions |
Date: |
Mon, 7 Mar 2005 17:01:14 -0600 (CST) |
On line 759 of the 0.98.2 release, desc_alias() calculates 'when':
when = MIN(sr->when_target, rlen - 1);
and then uses 'when' to calculate 'new_ip':
new_ip = op->val + ((when / 3) * 16 + (when % 3));
When you pass in a zero-size region, new_ip is one less than
op->val, e.g., 0x4...0cf, instead of 0x4...0d0. This breaks
create_state_record_for()'s calculation of the new region's when_target.
This can cause incorrect stackwalks: in particular, I triggered a case in
which the location of the preserved RP changed between the corrected
when_target and the one calculated by calculate_state_record_for().
My work-around is simply to set new_ip to op->val when 'when' is
-1 in desc_alias(). It works, but I'm not sure that it's the right thing
to do. I'd also guess that the other two uses of MIN( , rlen - 1 ) in the
function need to be fixed, though I haven't seen any problems.
- Todd L Miller
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libunwind] bug (and suggested fix): desc_alias() and zero-size regions,
Todd L Miller <=