[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libunwind] bug (and suggested fix): desc_alias() and zero-size regions

From: Todd L Miller
Subject: [libunwind] bug (and suggested fix): desc_alias() and zero-size regions
Date: Mon, 7 Mar 2005 17:01:14 -0600 (CST)

        On line 759 of the 0.98.2 release, desc_alias() calculates 'when':

when = MIN(sr->when_target, rlen - 1);

        and then uses 'when' to calculate 'new_ip':

new_ip = op->val + ((when / 3) * 16 + (when % 3));

        When you pass in a zero-size region, new_ip is one less than
op->val, e.g., 0x4...0cf, instead of 0x4...0d0.  This breaks
create_state_record_for()'s calculation of the new region's when_target.
This can cause incorrect stackwalks: in particular, I triggered a case in
which the location of the preserved RP changed between the corrected
when_target and the one calculated by calculate_state_record_for().

        My work-around is simply to set new_ip to op->val when 'when' is
-1 in desc_alias().  It works, but I'm not sure that it's the right thing
to do.  I'd also guess that the other two uses of MIN( , rlen - 1 ) in the
function need to be fixed, though I haven't seen any problems.

- Todd L Miller

reply via email to

[Prev in Thread] Current Thread [Next in Thread]